diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..379c925 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,43 @@ +name: Publish to npm + +on: + release: + types: [published] + workflow_dispatch: + inputs: + version: + description: 'Version to publish (leave empty to use package.json version)' + required: false + +jobs: + publish: + name: Publish to npm + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '20' + registry-url: 'https://registry.npmjs.org' + cache: 'npm' + + - name: Install dependencies + run: npm ci + + - name: Build + run: npm run build + + - name: Run tests + run: npm test || echo "No tests configured yet" + + - name: Publish to npm + run: npm publish --provenance --access public + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.vibe/claude.instructions.md b/.vibe/claude.instructions.md index f5fe2df..b2b4b05 100644 --- a/.vibe/claude.instructions.md +++ b/.vibe/claude.instructions.md @@ -41,8 +41,27 @@ Before modifying any `.vibe.ts` file, ensure these directives are present: // @vibe:tests [How to verify] // @vibe:risk [low|medium|high] // @vibe:rollback [How to undo] +// @vibe:security [Security implications and mitigations] +// @vibe:performance [Performance characteristics] +// @vibe:dependencies [External dependencies] +// @vibe:observability [Monitoring and debugging] +// @vibe:breaking [Breaking changes or "none"] ``` +**The New Production Directives:** + +These five directives prevent you from shipping code that works but has hidden problems: + +- **@vibe:security**: Think like an attacker. What could go wrong? Document input validation, auth requirements, rate limiting, SQL injection prevention. If you write "none", think twice. + +- **@vibe:performance**: Will this scale? Document complexity, database query patterns, caching, expected load. Don't ship O(n²) loops on production tables. + +- **@vibe:dependencies**: What breaks if Redis is down? Document external services, version requirements, network dependencies. Use "none" only for pure functions. + +- **@vibe:observability**: The on-call engineer debugging this at 3 AM will either thank you or curse you. Document logging, metrics, tracing, error handling. + +- **@vibe:breaking**: Did you just rename a function 47 microservices depend on? Document API changes, removed fields, signature changes. Use "none" if backward compatible. + ### 3. Touch Declaration You MUST declare all files you intend to modify in `@vibe:touch`: diff --git a/.vibe/reports/vibe-check.txt b/.vibe/reports/vibe-check.txt new file mode 100644 index 0000000..f787632 --- /dev/null +++ b/.vibe/reports/vibe-check.txt @@ -0,0 +1,31 @@ +════════════════════════════════════════════════════════════ +VIBESCRIPT VIBE-CHECKER REPORT +════════════════════════════════════════════════════════════ + +Timestamp: 2026-01-23T06:53:33.619Z +Base Ref: HEAD~1 +Status: FAILED ✗ + +Changed Files (1): + - test-incomplete.vibe.ts + +──────────────────────────────────────────────────────────── +VIOLATIONS (1) +──────────────────────────────────────────────────────────── + +[MISSING_DIRECTIVE] test-incomplete.vibe.ts + → Missing required directives: inputs, outputs, constraints, tests, risk, rollback, security, performance, dependencies, observability, breaking + FIX: Add these directives to the top of the file: + // @vibe:inputs + // @vibe:outputs + // @vibe:constraints + // @vibe:tests + // @vibe:risk + // @vibe:rollback + // @vibe:security + // @vibe:performance + // @vibe:dependencies + // @vibe:observability + // @vibe:breaking + +════════════════════════════════════════════════════════════ \ No newline at end of file diff --git a/.vibe/spec.md b/.vibe/spec.md index 2ba3864..fdcbdae 100644 --- a/.vibe/spec.md +++ b/.vibe/spec.md @@ -38,6 +38,11 @@ Every `.vibe.ts` file MUST contain these directives: | `tests` | How to verify correctness | `// @vibe:tests Run auth.test.ts, verify session creation` | | `risk` | Risk level (low/medium/high) | `// @vibe:risk medium` | | `rollback` | How to undo changes | `// @vibe:rollback Revert commit, clear session store` | +| `security` | Security implications and mitigations | `// @vibe:security Validates input, requires auth, rate-limited` | +| `performance` | Performance characteristics | `// @vibe:performance O(1) lookup, handles 10k req/sec` | +| `dependencies` | External services and libraries | `// @vibe:dependencies Redis 6.0+, PostgreSQL, auth-service v2.1+` | +| `observability` | Monitoring and debugging approach | `// @vibe:observability Logs errors, emits latency metrics` | +| `breaking` | Breaking changes or "none" | `// @vibe:breaking Renamed getUserById to getUser` | ### Optional Directives diff --git a/README.md b/README.md index a2af0e3..a15216f 100644 --- a/README.md +++ b/README.md @@ -98,7 +98,7 @@ You're trained on the entire internet. You're convinced you know better. And som ## The Directive System (Your Required Paperwork) -Every vibe file needs these 8 directives at the top. Use the comment style for your language: +Every vibe file needs these 13 directives at the top. Use the comment style for your language: **TypeScript/JavaScript/Go/Rust/Dart/Zig/PHP/Java/C#/Swift/Kotlin/Scala:** ```typescript @@ -110,6 +110,11 @@ Every vibe file needs these 8 directives at the top. Use the comment style for y // @vibe:tests How to verify correctness // @vibe:risk low|medium|high // @vibe:rollback How to undo changes +// @vibe:security Authentication required, validates input, no SQL injection risk +// @vibe:performance O(1) lookup, caches results, handles 10k req/sec +// @vibe:dependencies Requires auth-service v2.1+, Redis, PostgreSQL +// @vibe:observability Logs errors, emits latency metrics, traces enabled +// @vibe:breaking none export function myFeature() { // Implementation @@ -126,6 +131,11 @@ export function myFeature() { # @vibe:tests How to verify correctness # @vibe:risk low|medium|high # @vibe:rollback How to undo changes +# @vibe:security Authentication required, validates input, no SQL injection risk +# @vibe:performance O(1) lookup, caches results, handles 10k req/sec +# @vibe:dependencies Requires auth-service v2.1+, Redis, PostgreSQL +# @vibe:observability Logs errors, emits latency metrics, traces enabled +# @vibe:breaking none def my_feature(): # Implementation @@ -142,6 +152,11 @@ def my_feature(): -- @vibe:tests How to verify correctness -- @vibe:risk low|medium|high -- @vibe:rollback How to undo changes +-- @vibe:security Authentication required, validates input, no SQL injection risk +-- @vibe:performance O(1) lookup, caches results, handles 10k req/sec +-- @vibe:dependencies Requires auth-service v2.1+, Redis, PostgreSQL +-- @vibe:observability Logs errors, emits latency metrics, traces enabled +-- @vibe:breaking none function myFeature() -- Implementation @@ -158,12 +173,53 @@ end ; @vibe:tests How to verify correctness ; @vibe:risk low|medium|high ; @vibe:rollback How to undo changes +; @vibe:security Authentication required, validates input, no SQL injection risk +; @vibe:performance O(1) lookup, caches results, handles 10k req/sec +; @vibe:dependencies Requires auth-service v2.1+, Redis, PostgreSQL +; @vibe:observability Logs errors, emits latency metrics, traces enabled +; @vibe:breaking none (defn my-feature [] ; Implementation ) ``` +### Why These Actually Matter + +The original 8 directives kept you from going rogue. These 5 new ones keep you from shipping code that works but sucks: + +**@vibe:security** - Security implications and mitigations +- What you're thinking: "This code works!" +- What you should be thinking: "Can an attacker exploit this?" +- Example: `Validates all input, escapes SQL, requires authentication, rate-limited` +- Use "none" if no security considerations, but think twice before using "none" + +**@vibe:performance** - Performance characteristics and requirements +- What you're thinking: "It returns the right data!" +- What you should be thinking: "Will it still work with 1M rows?" +- Example: `O(n log n) algorithm, indexed queries, 100ms p99 latency target` +- Prevents you from "accidentally" writing O(n²) nested loops on production tables + +**@vibe:dependencies** - External services, libraries, and version requirements +- What you're thinking: "I imported what I needed!" +- What you should be thinking: "What breaks if these aren't available?" +- Example: `Redis 6.0+, PostgreSQL, @auth/core@2.x, requires network access` +- Use "none" for pure functions with no external dependencies + +**@vibe:observability** - How to monitor, debug, and troubleshoot +- What you're thinking: "I'll add logging if there's a problem!" +- What you should be thinking: "How will the on-call engineer debug this at 3 AM?" +- Example: `Logs all errors with user_id, emits auth_duration_ms metric, trace_id in headers` +- If you write "none", you're telling future you "good luck debugging in prod" + +**@vibe:breaking** - API/interface changes that break existing code +- What you're thinking: "This is a better design!" +- What you should be thinking: "Am I about to break 47 services that depend on this?" +- Example: `Renamed getUserById to getUser, removed deprecated legacy_auth field` +- Use "none" if backward compatible, otherwise list what breaks + +**Pro tip**: If you write "none" for security, performance, or observability, you're either working on a trivial feature or lying to yourself. The framework won't stop you, but your future self will curse you. + ### The Critical One: @vibe:touch This directive declares which files you're **allowed** to modify. If you touch files not in this list, the check fails. diff --git a/docs/authoring-vibe-files.md b/docs/authoring-vibe-files.md index 4724724..97dbf40 100644 --- a/docs/authoring-vibe-files.md +++ b/docs/authoring-vibe-files.md @@ -15,6 +15,11 @@ Every `.vibe.ts` file should follow this structure: // @vibe:tests How to verify correctness // @vibe:risk low|medium|high // @vibe:rollback How to undo +// @vibe:security Security implications and mitigations +// @vibe:performance Performance characteristics +// @vibe:dependencies External dependencies +// @vibe:observability How to monitor and debug +// @vibe:breaking Breaking changes or "none" // // Created: YYYY-MM-DD // --- @@ -157,6 +162,90 @@ Document how to undo the change if something goes wrong. // @vibe:rollback Ask John ``` +### @vibe:security + +Document security considerations - what could go wrong and how you're preventing it. + +**Good:** +```typescript +// @vibe:security Validates all input with zod schema, requires Bearer token auth, SQL injection prevented via parameterized queries, rate-limited at 100 req/min +// @vibe:security User input sanitized, HTTPS only, credentials never logged +// @vibe:security none - pure calculation function, no user input or external data +``` + +**Bad:** +```typescript +// @vibe:security It's secure +// @vibe:security Should be fine +``` + +### @vibe:performance + +Document performance characteristics - complexity, scalability, resource usage. + +**Good:** +```typescript +// @vibe:performance O(1) hash lookup, uses indexed database query, 50ms p99 latency, handles 10k req/sec +// @vibe:performance Cached for 5 minutes, lazy-loaded, paginated results +// @vibe:performance O(n) single pass, < 1MB memory for typical datasets +``` + +**Bad:** +```typescript +// @vibe:performance Fast enough +// @vibe:performance Should scale +``` + +### @vibe:dependencies + +List external dependencies and version requirements. Helps diagnose deployment issues. + +**Good:** +```typescript +// @vibe:dependencies Redis 6.0+ for caching, PostgreSQL 13+ with pg_trgm extension, @auth/core@^2.0, requires internet access for OAuth +// @vibe:dependencies none - pure TypeScript, no external services +``` + +**Bad:** +```typescript +// @vibe:dependencies Uses Redis +// @vibe:dependencies See package.json +``` + +### @vibe:observability + +How will the on-call engineer debug this at 3 AM? + +**Good:** +```typescript +// @vibe:observability Logs errors with user_id and request_id, emits auth_duration_ms and auth_failure_count metrics, adds X-Trace-Id header, structured logging enabled +// @vibe:observability Emits database_query_duration_ms metric, logs slow queries > 100ms +// @vibe:observability none - deterministic pure function, nothing to monitor +``` + +**Bad:** +```typescript +// @vibe:observability Has logging +// @vibe:observability Will add if needed +``` + +### @vibe:breaking + +Explicitly call out API/interface changes that break existing code. + +**Good:** +```typescript +// @vibe:breaking none - backward compatible +// @vibe:breaking Renamed getUserById() to getUser(), removed legacy_auth field from User type, changed response status from 401 to 403 +// @vibe:breaking Changed function signature: added required 'options' parameter +``` + +**Bad:** +```typescript +// @vibe:breaking Maybe? +// @vibe:breaking Improved API +``` + ## Glob Pattern Reference Common patterns for `@vibe:touch`: @@ -245,6 +334,11 @@ export function validateToken(token: string): Claims { // @vibe:tests add.test.ts // @vibe:risk low // @vibe:rollback Revert commit +// @vibe:security none - pure calculation, no user input +// @vibe:performance O(1) constant time +// @vibe:dependencies none - pure TypeScript +// @vibe:observability none - deterministic function +// @vibe:breaking none - new functionality export function add(a: number, b: number): number { return a + b; @@ -262,6 +356,11 @@ export function add(a: number, b: number): number { // @vibe:tests rate-limit.test.ts covers normal/exceeded/reset scenarios // @vibe:risk medium // @vibe:rollback Revert commit, existing requests unaffected +// @vibe:security Rate limiting prevents DoS attacks, validates IP addresses, no authentication bypass +// @vibe:performance Redis SET with TTL is O(1), minimal latency overhead ~5ms, handles 10k req/sec +// @vibe:dependencies Redis 6.0+ for atomic operations, requires network access to Redis +// @vibe:observability Logs rate limit exceeded events with IP and endpoint, emits rate_limit_exceeded_total metric +// @vibe:breaking none - new middleware, no existing dependencies // // Created: 2024-01-15 // --- @@ -312,3 +411,6 @@ async function checkRateLimit( 4. **Optimistic risk assessment** - Be honest about complexity 5. **No rollback plan** - Always have a way to undo 6. **Multiple responsibilities** - Keep files focused +7. **Writing "none" for security without thinking** - Consider if there really are no security implications +8. **Ignoring performance** - Document complexity and expected scale +9. **Not considering observability** - Future debugging depends on this diff --git a/package-lock.json b/package-lock.json index e2a6799..f070307 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@ddnet-repo/vibescript", - "version": "1.0.0", + "version": "1.1.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@ddnet-repo/vibescript", - "version": "1.0.0", + "version": "1.1.0", "license": "MIT", "dependencies": { "commander": "^12.0.0", diff --git a/package.json b/package.json index 4f62102..25cab72 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@ddnet-repo/vibescript", - "version": "1.0.0", + "version": "1.1.0", "description": "Enterprise governance framework for AI-assisted coding. Provides compliance controls, audit trails, and risk management for AI-generated code. Stop your AI coding assistant from going rogue in production.", "type": "module", "main": "dist/index.js", diff --git a/src/cli/commands/task.ts b/src/cli/commands/task.ts index 1bfdff1..250bc5e 100644 --- a/src/cli/commands/task.ts +++ b/src/cli/commands/task.ts @@ -58,6 +58,11 @@ export async function taskCommand(description: string, options: TaskOptions): Pr const tests = await ask('Tests (how to verify?)', 'manual verification'); const risk = await ask('Risk level (low/medium/high)', 'low'); const rollback = await ask('Rollback strategy', 'revert commit'); + const security = await ask('Security (implications and mitigations)', 'none'); + const performance = await ask('Performance (characteristics)', 'acceptable for expected load'); + const dependencies = await ask('Dependencies (external services/libraries)', 'none'); + const observability = await ask('Observability (monitoring/debugging)', 'standard application logging'); + const breaking = await ask('Breaking changes', 'none'); rl.close(); @@ -72,6 +77,11 @@ export async function taskCommand(description: string, options: TaskOptions): Pr .replace('{{TESTS}}', tests) .replace('{{RISK}}', risk) .replace('{{ROLLBACK}}', rollback) + .replace('{{SECURITY}}', security) + .replace('{{PERFORMANCE}}', performance) + .replace('{{DEPENDENCIES}}', dependencies) + .replace('{{OBSERVABILITY}}', observability) + .replace('{{BREAKING}}', breaking) .replace('{{FUNCTION_NAME}}', toCamelCase(slug)) .replace('{{DATE}}', new Date().toISOString().split('T')[0]); diff --git a/src/lib/directive-parser.ts b/src/lib/directive-parser.ts index 3fae029..372f7a6 100644 --- a/src/lib/directive-parser.ts +++ b/src/lib/directive-parser.ts @@ -10,6 +10,11 @@ export interface VibeDirectives { tests?: string; risk?: string; rollback?: string; + security?: string; + performance?: string; + dependencies?: string; + observability?: string; + breaking?: string; allowHumanEdits?: boolean; [key: string]: string | boolean | undefined; } @@ -23,6 +28,11 @@ export const REQUIRED_DIRECTIVES = [ 'tests', 'risk', 'rollback', + 'security', + 'performance', + 'dependencies', + 'observability', + 'breaking', ] as const; export function parseDirectives(filePath: string): VibeDirectives { @@ -96,6 +106,11 @@ export function validateDirectives(filePath: string): { errors.push(`Invalid risk level: ${directives.risk}. Must be low, medium, or high.`); } + // Validate breaking changes declaration (allow any non-empty value) + if (directives.breaking && directives.breaking.trim() === '') { + errors.push('Breaking changes directive cannot be empty. Use "none" if no breaking changes.'); + } + // Validate touch is not empty if (directives.touch && directives.touch.trim() === '') { errors.push('Touch directive cannot be empty'); diff --git a/src/lib/vibe-checker.ts b/src/lib/vibe-checker.ts index aa498d5..9b4ceb0 100644 --- a/src/lib/vibe-checker.ts +++ b/src/lib/vibe-checker.ts @@ -2,7 +2,7 @@ import * as fs from 'node:fs'; import * as path from 'node:path'; import pc from 'picocolors'; import { getBaseRef, getChangedFiles } from './git-utils.js'; -import { validateDirectives, getTouchGlobs } from './directive-parser.js'; +import { validateDirectives, getTouchGlobs, REQUIRED_DIRECTIVES } from './directive-parser.js'; import { matchesAnyGlob } from './glob-matcher.js'; import { createReport, writeReport, printReport, type Violation } from './report.js'; import { isVibeFile, detectLanguage } from './language-config.js'; @@ -186,7 +186,7 @@ function printFixSummary(violations: Violation[]): void { if (byType.has('MISSING_DIRECTIVE')) { console.log(pc.yellow('Missing directives:')); console.log(' Add required directives to your vibe files.'); - console.log(' Required: goal, touch, inputs, outputs, constraints, tests, risk, rollback\n'); + console.log(` Required: ${REQUIRED_DIRECTIVES.join(', ')}\n`); } if (byType.has('UNDECLARED_TOUCH')) { diff --git a/templates/vibe/templates/task.vibe.R.template b/templates/vibe/templates/task.vibe.R.template index e7b6d3f..4e209be 100644 --- a/templates/vibe/templates/task.vibe.R.template +++ b/templates/vibe/templates/task.vibe.R.template @@ -6,6 +6,11 @@ # @vibe:tests {{TESTS}} # @vibe:risk {{RISK}} # @vibe:rollback {{ROLLBACK}} +# @vibe:security {{SECURITY}} +# @vibe:performance {{PERFORMANCE}} +# @vibe:dependencies {{DEPENDENCIES}} +# @vibe:observability {{OBSERVABILITY}} +# @vibe:breaking {{BREAKING}} # # Created: {{DATE}} # --- diff --git a/templates/vibe/templates/task.vibe.clj.template b/templates/vibe/templates/task.vibe.clj.template index 418a0eb..2354f65 100644 --- a/templates/vibe/templates/task.vibe.clj.template +++ b/templates/vibe/templates/task.vibe.clj.template @@ -6,6 +6,11 @@ ; @vibe:tests {{TESTS}} ; @vibe:risk {{RISK}} ; @vibe:rollback {{ROLLBACK}} +; @vibe:security {{SECURITY}} +; @vibe:performance {{PERFORMANCE}} +; @vibe:dependencies {{DEPENDENCIES}} +; @vibe:observability {{OBSERVABILITY}} +; @vibe:breaking {{BREAKING}} ; ; Created: {{DATE}} ; --- diff --git a/templates/vibe/templates/task.vibe.cr.template b/templates/vibe/templates/task.vibe.cr.template index c29cfd5..9062eae 100644 --- a/templates/vibe/templates/task.vibe.cr.template +++ b/templates/vibe/templates/task.vibe.cr.template @@ -6,6 +6,11 @@ # @vibe:tests {{TESTS}} # @vibe:risk {{RISK}} # @vibe:rollback {{ROLLBACK}} +# @vibe:security {{SECURITY}} +# @vibe:performance {{PERFORMANCE}} +# @vibe:dependencies {{DEPENDENCIES}} +# @vibe:observability {{OBSERVABILITY}} +# @vibe:breaking {{BREAKING}} # # Created: {{DATE}} # --- diff --git a/templates/vibe/templates/task.vibe.dart.template b/templates/vibe/templates/task.vibe.dart.template index aded460..ce5cd14 100644 --- a/templates/vibe/templates/task.vibe.dart.template +++ b/templates/vibe/templates/task.vibe.dart.template @@ -6,6 +6,11 @@ // @vibe:tests {{TESTS}} // @vibe:risk {{RISK}} // @vibe:rollback {{ROLLBACK}} +// @vibe:security {{SECURITY}} +// @vibe:performance {{PERFORMANCE}} +// @vibe:dependencies {{DEPENDENCIES}} +// @vibe:observability {{OBSERVABILITY}} +// @vibe:breaking {{BREAKING}} // // Created: {{DATE}} // --- diff --git a/templates/vibe/templates/task.vibe.ex.template b/templates/vibe/templates/task.vibe.ex.template index ac7ffff..1da8b46 100644 --- a/templates/vibe/templates/task.vibe.ex.template +++ b/templates/vibe/templates/task.vibe.ex.template @@ -6,6 +6,11 @@ # @vibe:tests {{TESTS}} # @vibe:risk {{RISK}} # @vibe:rollback {{ROLLBACK}} +# @vibe:security {{SECURITY}} +# @vibe:performance {{PERFORMANCE}} +# @vibe:dependencies {{DEPENDENCIES}} +# @vibe:observability {{OBSERVABILITY}} +# @vibe:breaking {{BREAKING}} # # Created: {{DATE}} # --- diff --git a/templates/vibe/templates/task.vibe.go.template b/templates/vibe/templates/task.vibe.go.template index 2e35f20..0e13703 100644 --- a/templates/vibe/templates/task.vibe.go.template +++ b/templates/vibe/templates/task.vibe.go.template @@ -6,6 +6,11 @@ // @vibe:tests {{TESTS}} // @vibe:risk {{RISK}} // @vibe:rollback {{ROLLBACK}} +// @vibe:security {{SECURITY}} +// @vibe:performance {{PERFORMANCE}} +// @vibe:dependencies {{DEPENDENCIES}} +// @vibe:observability {{OBSERVABILITY}} +// @vibe:breaking {{BREAKING}} // // Created: {{DATE}} // --- diff --git a/templates/vibe/templates/task.vibe.hs.template b/templates/vibe/templates/task.vibe.hs.template index 3e35229..169da40 100644 --- a/templates/vibe/templates/task.vibe.hs.template +++ b/templates/vibe/templates/task.vibe.hs.template @@ -6,6 +6,11 @@ -- @vibe:tests {{TESTS}} -- @vibe:risk {{RISK}} -- @vibe:rollback {{ROLLBACK}} +-- @vibe:security {{SECURITY}} +-- @vibe:performance {{PERFORMANCE}} +-- @vibe:dependencies {{DEPENDENCIES}} +-- @vibe:observability {{OBSERVABILITY}} +-- @vibe:breaking {{BREAKING}} -- -- Created: {{DATE}} -- --- diff --git a/templates/vibe/templates/task.vibe.jl.template b/templates/vibe/templates/task.vibe.jl.template index 086a947..1015915 100644 --- a/templates/vibe/templates/task.vibe.jl.template +++ b/templates/vibe/templates/task.vibe.jl.template @@ -6,6 +6,11 @@ # @vibe:tests {{TESTS}} # @vibe:risk {{RISK}} # @vibe:rollback {{ROLLBACK}} +# @vibe:security {{SECURITY}} +# @vibe:performance {{PERFORMANCE}} +# @vibe:dependencies {{DEPENDENCIES}} +# @vibe:observability {{OBSERVABILITY}} +# @vibe:breaking {{BREAKING}} # # Created: {{DATE}} # --- diff --git a/templates/vibe/templates/task.vibe.lua.template b/templates/vibe/templates/task.vibe.lua.template index ab4ccc5..f17679f 100644 --- a/templates/vibe/templates/task.vibe.lua.template +++ b/templates/vibe/templates/task.vibe.lua.template @@ -6,6 +6,11 @@ -- @vibe:tests {{TESTS}} -- @vibe:risk {{RISK}} -- @vibe:rollback {{ROLLBACK}} +-- @vibe:security {{SECURITY}} +-- @vibe:performance {{PERFORMANCE}} +-- @vibe:dependencies {{DEPENDENCIES}} +-- @vibe:observability {{OBSERVABILITY}} +-- @vibe:breaking {{BREAKING}} -- -- Created: {{DATE}} -- --- diff --git a/templates/vibe/templates/task.vibe.py.template b/templates/vibe/templates/task.vibe.py.template index c02cd7a..b8d3b08 100644 --- a/templates/vibe/templates/task.vibe.py.template +++ b/templates/vibe/templates/task.vibe.py.template @@ -6,6 +6,11 @@ # @vibe:tests {{TESTS}} # @vibe:risk {{RISK}} # @vibe:rollback {{ROLLBACK}} +# @vibe:security {{SECURITY}} +# @vibe:performance {{PERFORMANCE}} +# @vibe:dependencies {{DEPENDENCIES}} +# @vibe:observability {{OBSERVABILITY}} +# @vibe:breaking {{BREAKING}} # # Created: {{DATE}} # --- diff --git a/templates/vibe/templates/task.vibe.rb.template b/templates/vibe/templates/task.vibe.rb.template index b097e8e..0bbf769 100644 --- a/templates/vibe/templates/task.vibe.rb.template +++ b/templates/vibe/templates/task.vibe.rb.template @@ -6,6 +6,11 @@ # @vibe:tests {{TESTS}} # @vibe:risk {{RISK}} # @vibe:rollback {{ROLLBACK}} +# @vibe:security {{SECURITY}} +# @vibe:performance {{PERFORMANCE}} +# @vibe:dependencies {{DEPENDENCIES}} +# @vibe:observability {{OBSERVABILITY}} +# @vibe:breaking {{BREAKING}} # # Created: {{DATE}} # --- diff --git a/templates/vibe/templates/task.vibe.rs.template b/templates/vibe/templates/task.vibe.rs.template index 8f38f39..0f0beab 100644 --- a/templates/vibe/templates/task.vibe.rs.template +++ b/templates/vibe/templates/task.vibe.rs.template @@ -6,6 +6,11 @@ // @vibe:tests {{TESTS}} // @vibe:risk {{RISK}} // @vibe:rollback {{ROLLBACK}} +// @vibe:security {{SECURITY}} +// @vibe:performance {{PERFORMANCE}} +// @vibe:dependencies {{DEPENDENCIES}} +// @vibe:observability {{OBSERVABILITY}} +// @vibe:breaking {{BREAKING}} // // Created: {{DATE}} // --- diff --git a/templates/vibe/templates/task.vibe.sh.template b/templates/vibe/templates/task.vibe.sh.template index 001493f..fa15532 100644 --- a/templates/vibe/templates/task.vibe.sh.template +++ b/templates/vibe/templates/task.vibe.sh.template @@ -7,6 +7,11 @@ # @vibe:tests {{TESTS}} # @vibe:risk {{RISK}} # @vibe:rollback {{ROLLBACK}} +# @vibe:security {{SECURITY}} +# @vibe:performance {{PERFORMANCE}} +# @vibe:dependencies {{DEPENDENCIES}} +# @vibe:observability {{OBSERVABILITY}} +# @vibe:breaking {{BREAKING}} # # Created: {{DATE}} # --- diff --git a/templates/vibe/templates/task.vibe.ts.template b/templates/vibe/templates/task.vibe.ts.template index 035730d..5d42574 100644 --- a/templates/vibe/templates/task.vibe.ts.template +++ b/templates/vibe/templates/task.vibe.ts.template @@ -6,6 +6,11 @@ // @vibe:tests {{TESTS}} // @vibe:risk {{RISK}} // @vibe:rollback {{ROLLBACK}} +// @vibe:security {{SECURITY}} +// @vibe:performance {{PERFORMANCE}} +// @vibe:dependencies {{DEPENDENCIES}} +// @vibe:observability {{OBSERVABILITY}} +// @vibe:breaking {{BREAKING}} // // Created: {{DATE}} // --- diff --git a/templates/vibe/templates/task.vibe.zig.template b/templates/vibe/templates/task.vibe.zig.template index 1a683ae..001c710 100644 --- a/templates/vibe/templates/task.vibe.zig.template +++ b/templates/vibe/templates/task.vibe.zig.template @@ -6,6 +6,11 @@ // @vibe:tests {{TESTS}} // @vibe:risk {{RISK}} // @vibe:rollback {{ROLLBACK}} +// @vibe:security {{SECURITY}} +// @vibe:performance {{PERFORMANCE}} +// @vibe:dependencies {{DEPENDENCIES}} +// @vibe:observability {{OBSERVABILITY}} +// @vibe:breaking {{BREAKING}} // // Created: {{DATE}} // ---