diff --git a/.config/dotnet-tools.json b/.config/dotnet-tools.json index 88d4aa0..e1f510b 100644 --- a/.config/dotnet-tools.json +++ b/.config/dotnet-tools.json @@ -39,7 +39,7 @@ ] }, "demaconsulting.buildmark": { - "version": "0.4.0", + "version": "0.4.1", "commands": [ "buildmark" ] diff --git a/.cspell.json b/.cspell.json deleted file mode 100644 index 6955147..0000000 --- a/.cspell.json +++ /dev/null @@ -1,91 +0,0 @@ -{ - "version": "0.2", - "language": "en", - "words": [ - "Anson", - "Blockquotes", - "buildmark", - "BuildMark", - "buildnotes", - "camelcase", - "Checkmarx", - "CodeQL", - "copilot", - "cspell", - "csproj", - "dbproj", - "dcterms", - "Dema", - "demaconsulting", - "DEMACONSULTINGNUGETKEY", - "Dependabot", - "dependabot", - "doctitle", - "dotnet", - "editorconfig", - "filepart", - "fsproj", - "Gidget", - "gitattributes", - "ibiqlik", - "LINQ", - "maintainer", - "markdownlint", - "mermaid", - "mstest", - "myterm", - "ncipollo", - "nuget", - "nupkg", - "opencover", - "pagetitle", - "pandoc", - "Pylint", - "Qube", - "reqstream", - "ReqStream", - "Sarif", - "SarifMark", - "SBOM", - "Semgrep", - "semver", - "slnx", - "snupkg", - "sonarmark", - "SonarMark", - "SonarQube", - "spdx", - "streetsidesoftware", - "empira", - "fileshare", - "Pdfs", - "PdfSharp", - "reindex", - "reviewmark", - "ReviewMark", - "testname", - "tracematrix", - "triaging", - "Trivy", - "trx", - "vbproj", - "vcxproj", - "Weasyprint", - "yamllint" - ], - "ignorePaths": [ - "node_modules", - ".git", - "bin", - "obj", - "*.nupkg", - "*.snupkg", - "*.dll", - "*.exe", - "*.trx", - "*.spdx.json", - "package-lock.json", - "yarn.lock", - "AGENT_REPORT_*.md" - ] -} diff --git a/.cspell.yaml b/.cspell.yaml new file mode 100644 index 0000000..f941b4f --- /dev/null +++ b/.cspell.yaml @@ -0,0 +1,101 @@ +--- +# Spell-Checking +# +# PURPOSE: +# - Maintain professional documentation and code quality +# - Catch spelling errors before publication +# - Support consistent technical terminology usage +# - Misspelled words should be fixed in the source +# - NEVER add a misspelled word to the 'words' list +# - PROPOSE only genuine technical terms/names as needed + +version: "0.2" +language: en + +# Project-specific technical terms and tool names +words: + - Anson + - Blockquotes + - buildmark + - BuildMark + - buildnotes + - camelcase + - Checkmarx + - CodeQL + - copilot + - cspell + - csproj + - dbproj + - dcterms + - Dema + - demaconsulting + - DEMACONSULTINGNUGETKEY + - Dependabot + - dependabot + - doctitle + - dotnet + - editorconfig + - empira + - filepart + - fileshare + - fsproj + - Gidget + - gitattributes + - ibiqlik + - LINQ + - maintainer + - markdownlint + - mermaid + - mstest + - myterm + - ncipollo + - nuget + - nupkg + - opencover + - pagetitle + - pandoc + - Pdfs + - PdfSharp + - Propagatable + - Pylint + - Qube + - reindex + - reqstream + - ReqStream + - reviewmark + - ReviewMark + - Sarif + - SarifMark + - SBOM + - Semgrep + - semver + - slnx + - snupkg + - sonarmark + - SonarMark + - SonarQube + - spdx + - streetsidesoftware + - testname + - tracematrix + - triaging + - Trivy + - trx + - vbproj + - vcxproj + - versionmark + - Weasyprint + - yamllint + +# Exclude common build artifacts, dependencies, and vendored third-party code +ignorePaths: + - "**/.git/**" + - "**/node_modules/**" + - "**/.venv/**" + - "**/thirdparty/**" + - "**/third-party/**" + - "**/3rd-party/**" + - "**/AGENT_REPORT_*.md" + - "**/bin/**" + - "**/obj/**" + - package-lock.json diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..2f09872 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,7 @@ +# Set default behavior: normalize line endings to LF on checkout for all text files. +# This ensures consistent SHA256 fingerprints for reviewmark across all platforms. +* text=auto eol=lf + +# Windows batch files require CRLF line endings to function correctly. +*.bat text eol=crlf +*.cmd text eol=crlf diff --git a/.github/agents/code-quality-agent.md b/.github/agents/code-quality-agent.md deleted file mode 100644 index 6f71c74..0000000 --- a/.github/agents/code-quality-agent.md +++ /dev/null @@ -1,85 +0,0 @@ ---- -name: Code Quality Agent -description: Ensures code quality through linting and static analysis - responsible for security, maintainability, and correctness ---- - -# Code Quality Agent - Template DotNet Tool - -Enforce quality standards through linting, static analysis, and security scanning. - -## When to Invoke This Agent - -Invoke the code-quality-agent for: - -- Running and fixing linting issues (markdown, YAML, spell check, code formatting) -- Ensuring static analysis passes with zero warnings -- Verifying code security -- Enforcing quality gates before merging -- Validating the project does what it claims to do - -## Responsibilities - -### Primary Responsibility - -Ensure the project is: - -- **Secure**: No security vulnerabilities -- **Maintainable**: Clean, well-formatted, documented code -- **Correct**: Does what it claims to do (requirements met) - -### Quality Gates (ALL Must Pass) - -1. **Build**: Zero warnings (TreatWarningsAsErrors=true) -2. **Linting**: - - markdownlint (`.markdownlint-cli2.jsonc`) - - cspell (`.cspell.json`) - - yamllint (`.yamllint.yaml`) - - dotnet format (`.editorconfig`) -3. **Static Analysis**: - - Microsoft.CodeAnalysis.NetAnalyzers - - SonarAnalyzer.CSharp -4. **Requirements Traceability**: - - `dotnet reqstream --requirements requirements.yaml --tests "test-results/**/*.trx" --enforce` -5. **Tests**: All validation tests passing - -### Template DotNet Tool-Specific - -- **XML Docs**: Enforce on ALL members (public/internal/private) -- **Code Style**: Verify `.editorconfig` compliance -- **Test Naming**: Check `TemplateTool_*` pattern for self-validation tests - -### Commands to Run - -```bash -# Code formatting -dotnet format --verify-no-changes - -# Build with zero warnings -dotnet build --configuration Release - -# Run self-validation tests -dotnet run --project src/DemaConsulting.TemplateDotNetTool \ - --configuration Release --framework net10.0 --no-build -- --validate - -# Requirements enforcement -dotnet reqstream --requirements requirements.yaml \ - --tests "test-results/**/*.trx" --enforce - -# Run all linters -./lint.sh # Linux/macOS -lint.bat # Windows -``` - -## Defer To - -- **Requirements Agent**: For requirements quality and test linkage strategy -- **Technical Writer Agent**: For fixing documentation content -- **Software Developer Agent**: For fixing production code issues -- **Test Developer Agent**: For fixing test code issues - -## Don't - -- Disable quality checks to make builds pass -- Ignore security warnings -- Skip enforcement of requirements traceability -- Change functional code without consulting appropriate developer agent diff --git a/.github/agents/code-quality.agent.md b/.github/agents/code-quality.agent.md new file mode 100644 index 0000000..4c15c87 --- /dev/null +++ b/.github/agents/code-quality.agent.md @@ -0,0 +1,216 @@ +--- +name: code-quality +description: Ensures code quality through comprehensive linting and static analysis. +tools: [read, search, edit, execute, github, agent] +user-invocable: true +--- + +# Code Quality Agent + +Enforce comprehensive quality standards through linting, static analysis, +security scanning, and Continuous Compliance gate verification. + +## Reporting + +If detailed documentation of code quality analysis is needed, create a report using the +filename pattern `AGENT_REPORT_quality_analysis.md` to document quality metrics, +identified patterns, and improvement recommendations. + +## When to Invoke This Agent + +Use the Code Quality Agent for: + +- Enforcing all quality gates before merge/release +- Running and resolving linting issues across all file types +- Ensuring static analysis passes with zero blockers +- Verifying security scanning results and addressing vulnerabilities +- Validating Continuous Compliance requirements +- Maintaining lint scripts and linting tool infrastructure +- Troubleshooting quality gate failures in CI/CD + +## Primary Responsibilities + +**Quality Enforcement Context**: Code quality is enforced through CI pipelines +and automated workflows. Your role is to analyze, validate, and ensure quality +standards are met using existing tools and infrastructure, not to create new +enforcement mechanisms or helper scripts. + +### Comprehensive Quality Gate Enforcement + +The project MUST be: + +- **Secure**: Zero security vulnerabilities (CodeQL, SonarQube) +- **Maintainable**: Clean, formatted, documented code with zero warnings +- **Compliant**: Requirements traceability enforced, file reviews current +- **Correct**: Does what requirements specify with passing tests + +### Universal Quality Gates (ALL Must Pass) + +#### 1. Linting Standards (Zero Tolerance) + +**Primary Interface**: Use the comprehensive linting scripts for all routine checks: + +```bash +# Run comprehensive linting suite +./lint.sh # Unix/Linux/macOS +# or +lint.bat # Windows +``` + +**Note**: The @code-quality agent is responsible for maintaining the `lint.sh`/`lint.bat` scripts. + +#### 2. Build Quality (Zero Warnings) + +All builds must be configured to treat warnings as errors. +This ensures that compiler warnings are addressed immediately rather than accumulating as technical debt. + +#### 3. Static Analysis (Zero Blockers) + +- **SonarQube/SonarCloud**: Code quality and security analysis +- **CodeQL**: Security vulnerability scanning (SARIF output) +- **Language Analyzers**: Microsoft.CodeAnalysis.NetAnalyzers, SonarAnalyzer.CSharp +- **Custom Rules**: Project-specific quality rules + +#### 4. Continuous Compliance Verification + +```bash +# Requirements traceability enforcement +dotnet reqstream \ + --requirements requirements.yaml \ + --tests "test-results/**/*.trx" \ + --enforce + +# File review status enforcement (uses .reviewmark.yaml) +dotnet reviewmark --enforce +``` + +#### 5. Test Quality & Coverage + +- All tests must pass (zero failures) +- Requirements coverage enforced (no uncovered requirements) +- Test result artifacts properly generated (TRX, JUnit XML) + +## Comprehensive Tool Configuration + +**The @code-quality agent is responsible for maintaining the repository's linting +infrastructure, specifically the `lint.sh`/`lint.bat` scripts.** + +### Lint Script Maintenance + +When updating tool versions or maintaining linting infrastructure, +modify the lint scripts: + +- **`lint.sh`** - Unix/Linux/macOS comprehensive linting script +- **`lint.bat`** - Windows comprehensive linting script + +**IMPORTANT**: Modifications should be limited to tool version updates, +path corrections, or infrastructure improvements. Do not modify enforcement +standards, rule configurations, or quality thresholds as these define +compliance requirements. + +These scripts automatically handle: + +- Node.js tool installation (markdownlint-cli2, cspell) +- Python virtual environment setup and yamllint installation +- Tool execution with proper error handling and reporting + +### Static Analysis Integration + +#### SonarQube Quality Profile + +- **Reliability**: A rating (zero bugs) +- **Security**: A rating (zero vulnerabilities) +- **Maintainability**: A rating (zero code smells for new code) +- **Coverage**: Minimum threshold (typically 80%+ for new code) +- **Duplication**: Maximum threshold (typically <3% for new code) + +#### CodeQL Security Scanning + +- **Schedule**: On every push and pull request +- **Language Coverage**: All supported languages in repository +- **SARIF Output**: Integration with GitHub Security tab +- **Blocking**: Pipeline fails on HIGH/CRITICAL findings + +## Quality Gate Execution Workflow + +### 1. Pre-Merge Quality Gates + +```bash +# Run comprehensive linting suite +./lint.sh # Unix/Linux/macOS +# or +lint.bat # Windows + +# Build with warnings as errors +dotnet build --configuration Release --no-restore /p:TreatWarningsAsErrors=true + +# Run static analysis +dotnet sonarscanner begin /k:"project-key" +dotnet build +dotnet test --collect:"XPlat Code Coverage" +dotnet sonarscanner end + +# Verify requirements compliance +dotnet reqstream --requirements requirements.yaml --tests "**/*.trx" --enforce +``` + +### 2. Security Gate Validation + +```bash +# CodeQL analysis (automated in GitHub Actions) +codeql database create --language=csharp +codeql database analyze --format=sarif-latest --output=results.sarif + +# Dependency vulnerability scanning +dotnet list package --vulnerable --include-transitive +npm audit --audit-level=moderate # if Node.js dependencies +``` + +### 3. Documentation & Compliance Gates + +```bash +# File review status validation +dotnet reviewmark --definition .reviewmark.yaml --enforce + +# Generate compliance documentation +dotnet buildmark --tools tools.yaml --output docs/build_notes.md +dotnet reqstream --report docs/requirements_doc/requirements.md --justifications docs/requirements_doc/justifications.md +``` + +## Cross-Agent Coordination + +### Hand-off to Other Agents + +- If code quality issues need to be fixed, then call the @software-developer agent with the **request** to fix code + quality, security, or linting issues with **context** of specific quality gate failures and + **additional instructions** to maintain coding standards. +- If test coverage needs improvement or tests are failing, then call the @test-developer agent with the **request** + to improve test coverage or fix failing tests with **context** of current coverage metrics and failing test details. +- If documentation linting fails or documentation is missing, then call the @technical-writer agent with the + **request** to fix documentation linting or generate missing docs with **context** of specific linting failures and + documentation gaps. +- If requirements traceability fails, then call the @requirements agent with the **request** to address requirements + traceability failures with **context** of enforcement errors and missing test linkages. + +## Compliance Verification Checklist + +### Before Approving Any Changes + +1. **Linting**: All linting tools pass (markdownlint, cspell, yamllint, language linters) +2. **Build**: Zero warnings, zero errors in all configurations +3. **Static Analysis**: SonarQube quality gate GREEN, CodeQL no HIGH/CRITICAL findings +4. **Requirements**: ReqStream enforcement passes, all requirements covered +5. **Tests**: All tests pass, adequate coverage maintained +6. **Documentation**: All generated docs current, spell-check passes +7. **Security**: No vulnerability findings in dependencies or code +8. **File Reviews**: All reviewable files have current reviews (if applicable) + +## Don't Do These Things + +- **Never disable quality checks** to make builds pass (fix the underlying issue) +- **Never ignore security warnings** without documented risk acceptance +- **Never skip requirements enforcement** for "quick fixes" +- **Never modify functional code** without appropriate developer agent involvement +- **Never lower quality thresholds** without compliance team approval +- **Never commit with linting failures** (CI should block this) +- **Never bypass static analysis** findings without documented justification diff --git a/.github/agents/code-review.agent.md b/.github/agents/code-review.agent.md new file mode 100644 index 0000000..fb01a20 --- /dev/null +++ b/.github/agents/code-review.agent.md @@ -0,0 +1,46 @@ +--- +name: code-review +description: Assists in performing formal file reviews. +tools: [read, search, edit, execute, github, web, agent] +user-invocable: true +--- + +# Code Review Agent + +Execute comprehensive code reviews with emphasis on structured compliance verification and file review status +requirements. + +## Reporting + +Create a report using the filename pattern `AGENT_REPORT_code_review_[review-set].md` +(e.g., `AGENT_REPORT_code_review_auth-module.md`) to document review criteria, identified issues, and recommendations +for the specific review-set. + +## Review Steps + +1. Download the + + to get the checklist to fill in +2. Use `dotnet reviewmark --elaborate [review-set]` to get the files to review +3. Review the files all together +4. Populate the checklist with the findings to make the report + +## Hand-off to Other Agents + +Only attempt to apply review fixes if requested. + +- If code quality, logic, or structural issues need fixing, call the @software-developer agent +- If test coverage gaps or quality issues are identified, call the @test-developer agent +- If documentation accuracy or completeness issues are found, call the @technical-writer agent +- If quality gate verification is needed after fixes, call the @code-quality agent +- If requirements traceability issues are discovered, call the @requirements agent + +## Don't Do These Things + +- **Never modify code during review** (document findings only, delegate fixes) +- **Never skip applicable checklist items** (comprehensive review required) +- **Never approve reviews with unresolved critical findings** +- **Never bypass review status requirements** for compliance +- **Never conduct reviews without proper documentation** +- **Never ignore security or compliance findings** +- **Never approve without verifying all quality gates** diff --git a/.github/agents/repo-consistency-agent.md b/.github/agents/repo-consistency-agent.md deleted file mode 100644 index 3f289af..0000000 --- a/.github/agents/repo-consistency-agent.md +++ /dev/null @@ -1,150 +0,0 @@ ---- -name: Repo Consistency Agent -description: Ensures downstream repositories remain consistent with the TemplateDotNetTool template patterns and best practices ---- - -# Repo Consistency Agent - Template DotNet Tool - -Maintain consistency between downstream projects and the TemplateDotNetTool template at . - -## When to Invoke This Agent - -Invoke the repo-consistency-agent for: - -- Periodic reviews of downstream repositories based on this template -- Checking if downstream projects follow the latest template patterns -- Identifying drift from template standards -- Recommending updates to bring projects back in sync with template - -**Note**: This agent should NOT be invoked for the TemplateDotNetTool repository itself (), -as that would try to ensure the repository is consistent with itself (implicitly a no-op). - -## Responsibilities - -### Consistency Checks - -The agent reviews the following areas for consistency with the template: - -#### GitHub Configuration - -- **Issue Templates**: `.github/ISSUE_TEMPLATE/` files (bug_report.yml, feature_request.yml, config.yml) -- **Pull Request Template**: `.github/pull_request_template.md` -- **Workflow Patterns**: General structure of `.github/workflows/` (build.yaml, build_on_push.yaml, release.yaml) - - Note: Some projects may need workflow deviations for specific requirements - -#### Agent Configuration - -- **Agent Definitions**: `.github/agents/` directory structure -- **Agent Documentation**: `AGENTS.md` file listing available agents - -#### Code Structure and Patterns - -- **Context Parsing**: `Context.cs` pattern for command-line argument handling -- **Self-Validation**: `Validation.cs` pattern for built-in tests -- **Program Entry**: `Program.cs` pattern with version/help/validation routing -- **Standard Arguments**: Support for `-v`, `--version`, `-?`, `-h`, `--help`, `--silent`, `--validate`, `--results`, `--log` - -#### Documentation - -- **README Structure**: Follows template README.md pattern (badges, features, installation, - usage, structure, CI/CD, documentation, license) -- **Standard Files**: Presence and structure of: - - `CONTRIBUTING.md` - - `CODE_OF_CONDUCT.md` - - `SECURITY.md` - - `LICENSE` - -#### Quality Configuration - -- **Linting Rules**: `.cspell.json`, `.markdownlint-cli2.jsonc`, `.yamllint.yaml` - - Note: Spelling exceptions will be repository-specific -- **Editor Config**: `.editorconfig` settings (file-scoped namespaces, 4-space indent, UTF-8+BOM, LF endings) -- **Code Style**: C# code style rules and analyzer configuration - -#### Project Configuration - -- **csproj Sections**: Key sections in .csproj files: - - NuGet Tool Package Configuration - - Symbol Package Configuration - - Code Quality Configuration (TreatWarningsAsErrors, GenerateDocumentationFile, etc.) - - SBOM Configuration - - Common package references (DemaConsulting.TestResults, Microsoft.SourceLink.GitHub, analyzers) - -#### Documentation Generation - -- **Document Structure**: `docs/` directory with: - - `guide/` (user guide) - - `requirements/` (auto-generated) - - `justifications/` (auto-generated) - - `tracematrix/` (auto-generated) - - `buildnotes/` (auto-generated) - - `quality/` (auto-generated) -- **Definition Files**: `definition.yaml` files for document generation - -### Tracking Template Evolution - -To ensure downstream projects benefit from recent template improvements, review recent pull requests -merged into the template repository: - -1. **List Recent PRs**: Retrieve recently merged PRs from `demaconsulting/TemplateDotNetTool` - - Review the last 10-20 PRs to identify template improvements - -2. **Identify Propagatable Changes**: For each PR, determine if changes should apply to downstream - projects: - - Focus on structural changes (workflows, agents, configurations) over content-specific changes - - Note changes to `.github/`, linting configurations, project patterns, and documentation - structure - -3. **Check Downstream Application**: Verify if identified changes exist in the downstream project: - - Check if similar files/patterns exist in downstream - - Compare file contents between template and downstream project - - Look for similar PR titles or commit messages in downstream repository history - -4. **Recommend Missing Updates**: For changes not yet applied, include them in the consistency - review with: - - Description of the template change (reference PR number) - - Explanation of benefits for the downstream project - - Specific files or patterns that need updating - -This technique ensures downstream projects don't miss important template improvements and helps -maintain long-term consistency. - -### Review Process - -1. **Identify Differences**: Compare downstream repository structure with template -2. **Assess Impact**: Determine if differences are intentional variations or drift -3. **Recommend Updates**: Suggest specific files or patterns that should be updated -4. **Respect Customizations**: Recognize valid project-specific customizations - -### What NOT to Flag - -- Project-specific naming (tool names, package IDs, repository URLs) -- Project-specific spell check exceptions in `.cspell.json` -- Workflow variations for specific project needs -- Additional requirements or features beyond the template -- Project-specific dependencies - -## Defer To - -- **Software Developer Agent**: For implementing code changes recommended by consistency check -- **Technical Writer Agent**: For updating documentation to match template -- **Requirements Agent**: For updating requirements.yaml -- **Test Developer Agent**: For updating test patterns -- **Code Quality Agent**: For applying linting and code style changes - -## Usage Pattern - -This agent is typically invoked on downstream repositories (not on TemplateDotNetTool itself): - -1. Clone or access the downstream repository -2. Invoke repo-consistency-agent to review consistency with the TemplateDotNetTool template () -3. Review agent recommendations -4. Apply relevant changes using appropriate specialized agents -5. Test changes to ensure they don't break existing functionality - -## Key Principles - -- **Template Evolution**: As the template evolves, this agent helps downstream projects stay current -- **Respect Customization**: Not all differences are problems - some are valid customizations -- **Incremental Adoption**: Downstream projects can adopt template changes incrementally -- **Documentation**: When recommending changes, explain why they align with best practices diff --git a/.github/agents/repo-consistency.agent.md b/.github/agents/repo-consistency.agent.md new file mode 100644 index 0000000..8591e2f --- /dev/null +++ b/.github/agents/repo-consistency.agent.md @@ -0,0 +1,39 @@ +--- +name: repo-consistency +description: Ensures downstream repositories remain consistent with the TemplateDotNetTool template patterns and best practices. +tools: [read, search, edit, execute, github, agent] +user-invocable: true +--- + +# Repo Consistency Agent + +Maintain consistency between downstream projects and the TemplateDotNetTool template, ensuring repositories +benefit from template evolution while respecting project-specific customizations. + +## Reporting + +If detailed documentation of consistency analysis is needed, create a report using the filename pattern +`AGENT_REPORT_consistency_[repo_name].md` (e.g., `AGENT_REPORT_consistency_MyTool.md`) to document +consistency gaps, template evolution updates, and recommended changes for the specific repository. + +## Consistency Steps + +1. Fetch the 20 most recently merged PRs (`is:pr is:merged sort:updated-desc`) from +2. Determine the intent of the template pull requests (what changes were performed to which files) +3. Apply missing changes to this repository's files (if appropriate and with translation) + +## Don't Do These Things + +- **Never recommend changes without understanding project context** (some differences are intentional) +- **Never flag valid project-specific customizations** as consistency problems +- **Never apply template changes blindly** without assessing downstream project impact +- **Never ignore template evolution benefits** when they clearly improve downstream projects +- **Never recommend breaking changes** without migration guidance and impact assessment +- **Never skip validation** of preserved functionality after template alignment +- **Never assume all template patterns apply universally** (assess project-specific needs) + +## Key Principles + +- **Evolutionary Consistency**: Template improvements should enhance downstream projects systematically +- **Intelligent Customization Respect**: Distinguished valid customizations from unintentional drift +- **Incremental Template Adoption**: Support phased adoption of template improvements based on project capacity diff --git a/.github/agents/requirements-agent.md b/.github/agents/requirements.agent.md similarity index 96% rename from .github/agents/requirements-agent.md rename to .github/agents/requirements.agent.md index 4f56242..bfb9294 100644 --- a/.github/agents/requirements-agent.md +++ b/.github/agents/requirements.agent.md @@ -1,6 +1,8 @@ --- -name: Requirements Agent -description: Develops requirements and ensures appropriate test coverage - knows which requirements need unit/integration/self-validation tests +name: requirements +description: Develops requirements and ensures appropriate test coverage. +tools: [read, search, edit, execute, github, web, agent] +user-invocable: true --- # Requirements Agent - Template DotNet Tool diff --git a/.github/agents/software-developer.md b/.github/agents/software-developer.agent.md similarity index 94% rename from .github/agents/software-developer.md rename to .github/agents/software-developer.agent.md index 91aa379..efa5758 100644 --- a/.github/agents/software-developer.md +++ b/.github/agents/software-developer.agent.md @@ -1,6 +1,8 @@ --- -name: Software Developer -description: Writes production code and self-validation tests - targets design-for-testability and literate programming style +name: software-developer +description: Writes production code and self-validation tests. +tools: [read, search, edit, execute, github, agent] +user-invocable: true --- # Software Developer - Template DotNet Tool diff --git a/.github/agents/technical-writer.md b/.github/agents/technical-writer.agent.md similarity index 90% rename from .github/agents/technical-writer.md rename to .github/agents/technical-writer.agent.md index 1f62e0c..b300631 100644 --- a/.github/agents/technical-writer.md +++ b/.github/agents/technical-writer.agent.md @@ -1,6 +1,8 @@ --- -name: Technical Writer -description: Ensures documentation is accurate and complete - knowledgeable about regulatory documentation and special document types +name: technical-writer +description: Ensures documentation is accurate and complete. +tools: [read, search, edit, execute, github, agent] +user-invocable: true --- # Technical Writer - Template DotNet Tool @@ -41,7 +43,7 @@ Invoke the technical-writer for: #### Linting Requirements - **markdownlint**: Style and structure compliance -- **cspell**: Spelling (add technical terms to `.cspell.json`) +- **cspell**: Spelling (add technical terms to `.cspell.yaml`) - **yamllint**: YAML file validation ### Regulatory Documentation diff --git a/.github/agents/test-developer.md b/.github/agents/test-developer.agent.md similarity index 97% rename from .github/agents/test-developer.md rename to .github/agents/test-developer.agent.md index ae33179..2ce95d9 100644 --- a/.github/agents/test-developer.md +++ b/.github/agents/test-developer.agent.md @@ -1,6 +1,8 @@ --- -name: Test Developer -description: Writes unit and integration tests following AAA pattern - clear documentation of what's tested and proved +name: test-developer +description: Writes unit and integration tests. +tools: [read, search, edit, execute, github, agent] +user-invocable: true --- # Test Developer - Template DotNet Tool diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 4f26964..d7893db 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -34,6 +34,16 @@ jobs: run: > dotnet tool restore + - name: Setup Node.js + uses: actions/setup-node@v6 + with: + node-version: 24.x + + - name: Setup Python + uses: actions/setup-python@v6 + with: + python-version: '3.14' + - name: Capture tool versions shell: bash run: | @@ -55,21 +65,9 @@ jobs: # This section runs all quality checks for the project. # Downstream projects: Add any additional quality checks here. - - name: Run markdown linter - uses: DavidAnson/markdownlint-cli2-action@v22 - with: - globs: '**/*.md' - - - name: Run spell checker - uses: streetsidesoftware/cspell-action@v8 - with: - files: '**/*.{md,cs}' - incremental_files_only: false - - - name: Run YAML linter - uses: ibiqlik/action-yamllint@v3 - with: - config_file: .yamllint.yaml + - name: Run linters + shell: bash + run: bash ./lint.sh - name: Upload quality artifacts uses: actions/upload-artifact@v7 diff --git a/.gitignore b/.gitignore index 467dfd7..ec91165 100644 --- a/.gitignore +++ b/.gitignore @@ -85,6 +85,7 @@ npm-debug.log __pycache__/ *.py[cod] *$py.class +.venv/ # Generated documentation docs/**/*.html diff --git a/.markdownlint-cli2.jsonc b/.markdownlint-cli2.jsonc deleted file mode 100644 index a46ee1a..0000000 --- a/.markdownlint-cli2.jsonc +++ /dev/null @@ -1,15 +0,0 @@ -{ - "config": { - "default": true, - "MD003": { "style": "atx" }, - "MD007": { "indent": 2 }, - "MD013": { "line_length": 120 }, - "MD025": false, - "MD033": false, - "MD041": false - }, - "ignores": [ - "node_modules", - "**/AGENT_REPORT_*.md" - ] -} diff --git a/.markdownlint-cli2.yaml b/.markdownlint-cli2.yaml new file mode 100644 index 0000000..04f1f80 --- /dev/null +++ b/.markdownlint-cli2.yaml @@ -0,0 +1,47 @@ +--- +# Markdown Linting Standards +# +# PURPOSE: +# - Maintain professional technical documentation standards +# - Ensure consistent formatting for readability and maintenance +# - Support automated documentation generation and publishing +# +# DO NOT MODIFY: These rules represent coding standards +# - If files fail linting, fix the files to meet these standards +# - Do not relax rules to accommodate existing non-compliant files +# - Consistency across repositories is critical for documentation quality + +config: + # Enable all default rules + default: true + + # Require ATX-style headers (# Header) instead of Setext-style + MD003: + style: atx + + # Set consistent indentation for nested lists + MD007: + indent: 2 + + # Allow longer lines for URLs and technical content + MD013: + line_length: 120 + + # Allow multiple top-level headers per document + MD025: false + + # Allow inline HTML for enhanced documentation + MD033: false + + # Allow documents without top-level header (for fragments) + MD041: false + +# Exclude common build artifacts, dependencies, and vendored third-party code +ignores: + - "**/.git/**" + - "**/node_modules/**" + - "**/.venv/**" + - "**/thirdparty/**" + - "**/third-party/**" + - "**/3rd-party/**" + - "**/AGENT_REPORT_*.md" diff --git a/.yamllint.yaml b/.yamllint.yaml index e269fb0..947ca60 100644 --- a/.yamllint.yaml +++ b/.yamllint.yaml @@ -4,6 +4,15 @@ extends: default +# Exclude common build artifacts, dependencies, and vendored third-party code +ignore: | + .git/ + node_modules/ + .venv/ + thirdparty/ + third-party/ + 3rd-party/ + rules: # Allow 'on:' in GitHub Actions workflows (not a boolean value) truthy: diff --git a/AGENTS.md b/AGENTS.md index 219fd21..7e4fcbe 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -11,6 +11,7 @@ file-review evidence management in regulated environments. - **Test Developer** - Creates unit and integration tests following AAA pattern - **Code Quality Agent** - Enforces linting, static analysis, and security standards - **Repo Consistency Agent** - Ensures downstream repositories remain consistent with template patterns +- **Code Review Agent** - Assists in performing formal file reviews ## Agent Selection Guide @@ -23,6 +24,7 @@ file-review evidence management in regulated environments. - Ensure test coverage linkage in `requirements.yaml` → **Requirements Agent** - Run security scanning or address CodeQL alerts → **Code Quality Agent** - Propagate template changes → **Repo Consistency Agent** +- Perform file reviews → **Code Review Agent** ## Tech Stack @@ -32,7 +34,17 @@ file-review evidence management in regulated environments. - **`requirements.yaml`** - All requirements with test linkage (enforced via `dotnet reqstream --enforce`) - **`.editorconfig`** - Code style (file-scoped namespaces, 4-space indent, UTF-8, LF endings) -- **`.cspell.json`, `.markdownlint-cli2.jsonc`, `.yamllint.yaml`** - Linting configs +- **`.cspell.yaml`, `.markdownlint-cli2.yaml`, `.yamllint.yaml`** - Linting configs + +### Spell check word list policy + +**Never** add a word to the `.cspell.yaml` word list in order to silence a spell-checking failure. +Doing so defeats the purpose of spell-checking and reduces the quality of the repository. + +- If cspell flags a word that is **misspelled**, fix the spelling in the source file. +- If cspell flags a word that is a **genuine technical term** (tool name, project identifier, etc.) and is + spelled correctly, raise a **proposal** (e.g. comment in a pull request) explaining why the word + should be added. The proposal must be reviewed and approved before the word is added to the list. ## Requirements diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index e2fc908..da570c0 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -187,14 +187,18 @@ All markdown files must follow these rules (enforced by markdownlint): ### Spell Checking -All files are spell-checked using cspell. Add project-specific terms to `.cspell.json`: - -```json -{ - "words": [ - "myterm" - ] -} +All files are spell-checked using cspell. **Never** add a word to the `.cspell.yaml` word list in order to silence a +spell-checking failure. Doing so defeats the purpose of spell-checking and reduces the quality of the repository. + +- If cspell flags a word that is **misspelled**, fix the spelling in the source file. +- If cspell flags a word that is a **genuine technical term** (tool name, project identifier, etc.) and is spelled + correctly, raise a **proposal** (e.g. comment in a pull request) explaining why the word should be added. The + proposal must be reviewed and approved before the word is added to the list. + +```yaml +# .cspell.yaml +words: + - myterm ``` ## Quality Checks diff --git a/lint.bat b/lint.bat index ee86ba8..f94b53d 100644 --- a/lint.bat +++ b/lint.bat @@ -1,20 +1,40 @@ @echo off -REM Run all linters for ReviewMark (Windows) +setlocal -echo Checking markdown... -call npx markdownlint-cli2 "**/*.md" -if %errorlevel% neq 0 exit /b %errorlevel% +REM Comprehensive Linting Script +REM +REM PURPOSE: +REM - Run ALL lint checks when executed (no options or modes) +REM - Output lint failures directly for agent parsing +REM - NO command-line arguments, pretty printing, or colorization +REM - Agents execute this script to identify files needing fixes + +set "LINT_ERROR=0" + +REM Install npm dependencies +call npm install -echo Checking spelling... -call npx cspell "**/*.{cs,md,json,yaml,yml}" --no-progress -if %errorlevel% neq 0 exit /b %errorlevel% +REM Create Python virtual environment (for yamllint) if missing +if not exist ".venv\Scripts\activate.bat" ( + python -m venv .venv +) +call .venv\Scripts\activate.bat +pip install -r pip-requirements.txt + +REM Run spell check +call npx cspell --no-progress --no-color "**/*.{md,yaml,yml,json,cs,cpp,hpp,h,txt}" +if errorlevel 1 set "LINT_ERROR=1" + +REM Run markdownlint check +call npx markdownlint-cli2 "**/*.md" +if errorlevel 1 set "LINT_ERROR=1" -echo Checking YAML... -call yamllint -c .yamllint.yaml . -if %errorlevel% neq 0 exit /b %errorlevel% +REM Run yamllint check +yamllint . +if errorlevel 1 set "LINT_ERROR=1" -echo Checking code formatting... +REM Run .NET formatting check (verifies no changes are needed) dotnet format --verify-no-changes -if %errorlevel% neq 0 exit /b %errorlevel% +if errorlevel 1 set "LINT_ERROR=1" -echo All linting passed! +exit /b %LINT_ERROR% diff --git a/lint.sh b/lint.sh index efe7bd4..7d8116b 100755 --- a/lint.sh +++ b/lint.sh @@ -1,18 +1,35 @@ -#!/usr/bin/env bash -# Run all linters for ReviewMark +#!/bin/bash -set -e # Exit on error +# Comprehensive Linting Script +# +# PURPOSE: +# - Run ALL lint checks when executed (no options or modes) +# - Output lint failures directly for agent parsing +# - NO command-line arguments, pretty printing, or colorization +# - Agents execute this script to identify files needing fixes -echo "📝 Checking markdown..." -npx markdownlint-cli2 "**/*.md" +lint_error=0 -echo "🔤 Checking spelling..." -npx cspell "**/*.{cs,md,json,yaml,yml}" --no-progress +# Install npm dependencies +npm install -echo "📋 Checking YAML..." -yamllint -c .yamllint.yaml . +# Create Python virtual environment (for yamllint) +if [ ! -d ".venv" ]; then + python -m venv .venv +fi +source .venv/bin/activate +pip install -r pip-requirements.txt -echo "🎨 Checking code formatting..." -dotnet format --verify-no-changes +# Run spell check +npx cspell --no-progress --no-color "**/*.{md,yaml,yml,json,cs,cpp,hpp,h,txt}" || lint_error=1 -echo "✨ All linting passed!" +# Run markdownlint check +npx markdownlint-cli2 "**/*.md" || lint_error=1 + +# Run yamllint check +yamllint . || lint_error=1 + +# Run .NET formatting check (verifies no changes are needed) +dotnet format --verify-no-changes || lint_error=1 + +exit $lint_error diff --git a/package.json b/package.json index 9487fa5..a57dc1f 100644 --- a/package.json +++ b/package.json @@ -2,6 +2,8 @@ "private": true, "devDependencies": { "@mermaid-js/mermaid-cli": "11.12.0", + "cspell": "9.7.0", + "markdownlint-cli2": "0.21.0", "mermaid-filter": "1.4.7" } } diff --git a/pip-requirements.txt b/pip-requirements.txt new file mode 100644 index 0000000..7ce0eab --- /dev/null +++ b/pip-requirements.txt @@ -0,0 +1 @@ +yamllint==1.38.0