v5.0.0 — Trust-Grade Framework Release#16
Conversation
Root cause: fs.renameSync fails intermittently on Windows when antivirus, indexer, or vitest watcher holds a lock on the temp directory during atomic copy. Fix: - bin/kit.js: retry renameSync up to 3 times with 500ms backoff - tests/unit/cli.test.js: retry rmSync cleanup with force flag 568/568 tests passing (3 consecutive runs, 0 flakes).
- Replace busy-wait with Atomics.wait in kit init retry (gemini F3) - Re-throw error on final retry in test cleanup (gemini F4) - Add transient error code gating (EPERM/EACCES/EBUSY) to kit init - Extract TRANSIENT_FS_ERRORS constant to lib/constants.js (DRY) - Update lib/io.js and lib/ide-generator.js to use shared constant - Add user-visible retry warning log in kit init - Remove fragile shell sleep + require() in ESM test file 568/568 tests passing.
- Use fixed 500ms delay instead of linear backoff in kit init retry - Hoist rmWithRetry helper to describe scope for reuse across tests - Apply rmWithRetry to heal and exists tests (previously unprotected) Addresses gemini-code-assist review on commit a07eed0. 568/568 tests passing.
Only retry EPERM/EACCES/EBUSY in test cleanup helper — non-transient errors now fail fast instead of being masked by retry delays. Addresses gemini-code-assist review on commit 7fe3ded.
Pre-release commit: all workflows, commands, rules, skills, agents, checklists, templates, and documentation updates for v5.0.0.
Major release: Trust-Grade AI Development Framework v5.0.0 - 9 critical workflows enriched (Scope Filters, Failure Templates, Ethics gates) - 15 new files: 3 rules, 8 skill sub-files, 2 contexts, 1 workflow, 1 template - 37 commands fully wired with frontmatter dependency declarations - All 23 workflow Output Templates given emoji-prefixed headers - 36 skills, 23 workflows, 13 governance rules
…lity counts - Upgrade all shields.io badges from default to for-the-badge style (~2x larger) - Split badges into two rows: project meta (version/license/tests/deps) and capabilities (AI Agents / Skills / Commands / Workflows / Rules) - Add missing Commands, Workflows, Rules badges - sync-version.js: auto-sync all 5 capability counts from manifest.json on every `npm version` run — no manual badge updates needed - version-sync.test.js: add 5 structural tests to catch badge/manifest drift
OG Image: - Remove dynamic numbers (23 AGENTS, 34 SKILLS, etc.) that go stale - Replace with permanent feature highlights: Multi-Agent Orchestration, Trust-Grade Governance, Cross-IDE Support, Telegram Control - Add icon row: Agents, Skills, Commands, Workflows, Rules (no counts) - Retina-quality 2400x1260 @2x PNG via Puppeteer generator script - scripts/og-image.html: Source template (HTML/CSS) - scripts/generate-og-image.js: Automated generation script Badges: - Upgrade all shields.io badges to height="36" (~3x original size) - Two-row layout: project meta + capability counts - Update tests badge: 568 → 573 passing
OG Image (all P0-P3 fixes applied): - P0: System emoji → monochrome Lucide SVG icons (cross-platform) - P0: Add "TRUST-GRADE AI DEVELOPMENT FRAMEWORK" subtitle - P0: Restore original 3 channel labels (Claude Code, Telegram/Discord/iMessage, Remote Dev) - P1: Unify capability row with feature pill design language - P1: Optical center vertical balance (68px top / 52px bottom) - P2: Pill border opacity 0.08 → 0.12 for better contrast - P3: Glow line 2px → 3px with wider gradient spread Badge palette harmonization: - Row 2 capabilities: rainbow (7 colors) → purple/violet brand family AI Agents (#7c3aed), Skills (#8b5cf6), Commands (#6366f1), Workflows (#a78bfa), Rules (#9333ea) - sync-version.js: color-agnostic regex for future palette changes - version-sync.test.js: color-agnostic assertions
Replace space-between layout with centered single-block stack. All content flows as one cohesive unit with controlled gaps: Title (78px) → Subtitle (14px gap) → Tagline (22px) → Channel pills (30px) → Capability pills (24px). No more empty void between feature pills and bottom row.
- P0: Channel↔Capability gap 24px→18px (tighter grouping) - P1: Content nudge +6px down (title breathing room for social crop) - P2: Capability SVG stroke opacity 0.55→0.65 (readable on all screens) - P2: Capability label opacity 0.48→0.58 - P2: Capability pill border 0.07→0.09
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request upgrades the Devran AI Kit to version 5.0.0, implementing a comprehensive governance framework with new rules for performance, accessibility, and data privacy. Key additions include the /implement workflow, the research-methodology skill, and an 'Instinct System' for confidence-scored pattern memory. Review feedback suggests making dependencies explicit in the new OG image generation script and refactoring tests to use the centralized TRANSIENT_FS_ERRORS constant for better maintainability.
| let puppeteer; | ||
| try { | ||
| puppeteer = require('puppeteer'); | ||
| } catch { | ||
| console.error('❌ puppeteer not found. Installing...'); | ||
| const { execSync } = require('child_process'); | ||
| execSync('npm install --no-save puppeteer', { stdio: 'inherit' }); | ||
| puppeteer = require('puppeteer'); | ||
| } |
There was a problem hiding this comment.
This automatic installation of puppeteer is an anti-pattern. It creates a hidden dependency, has side effects, and won't work in environments without npm or write access.
The standard practice is to declare puppeteer as a devDependency in package.json and instruct developers to install it via npm install. This makes dependencies explicit and the project setup more predictable.
Please add puppeteer to your devDependencies and simplify this logic.
| let puppeteer; | |
| try { | |
| puppeteer = require('puppeteer'); | |
| } catch { | |
| console.error('❌ puppeteer not found. Installing...'); | |
| const { execSync } = require('child_process'); | |
| execSync('npm install --no-save puppeteer', { stdio: 'inherit' }); | |
| puppeteer = require('puppeteer'); | |
| } | |
| const puppeteer = require('puppeteer'); |
tests/unit/cli.test.js
Outdated
| } | ||
| return; | ||
| } catch (e) { | ||
| if (!['EPERM', 'EACCES', 'EBUSY'].includes(e.code) || i >= retries - 1) throw e; |
There was a problem hiding this comment.
For consistency and better maintainability, please use the TRANSIENT_FS_ERRORS constant that was introduced in lib/constants.js instead of hardcoding the array of error codes here.
This will ensure that if the list of transient errors is updated, it's changed in one central place.
You'll need to add an import at the top of the file:
import { TRANSIENT_FS_ERRORS } from '../../lib/constants.js';And then update this line.
| if (!['EPERM', 'EACCES', 'EBUSY'].includes(e.code) || i >= retries - 1) throw e; | |
| if (!TRANSIENT_FS_ERRORS.has(e.code) || i >= retries - 1) throw e; |
… constant - generate-og-image.js: Remove hidden `npm install --no-save puppeteer` auto-install. Fail with clear install instructions instead. - cli.test.js: Replace hardcoded ['EPERM','EACCES','EBUSY'] with TRANSIENT_FS_ERRORS constant from lib/constants.js (single source of truth)
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request significantly upgrades the Devran AI Kit to version 5.0.0, introducing comprehensive workflow governance, new governance rules (Performance, Accessibility, Data Privacy), and an Instinct System for pattern memory. Key changes include adding Scope Filters, Failure Templates, and Argument Parsing tables to all workflows, implementing a new /implement workflow, and refining the documentation with new skill sub-files and improved command consistency. I have reviewed the provided comments and identified several formatting issues and naming inconsistencies that should be addressed to ensure a polished and consistent documentation set.
.agent/skills/pr-toolkit/SKILL.md
Outdated
| --- | ||
|
|
||
| --- |
There was a problem hiding this comment.
There appears to be a duplicate horizontal rule here. This is likely a formatting mistake and one of the --- lines should be removed for cleaner rendering.
| --- | |
| --- | |
| --- |
| --- | ||
|
|
||
| --- |
There was a problem hiding this comment.
There appears to be a duplicate horizontal rule here. This is likely a formatting mistake and one of the --- lines should be removed for cleaner rendering.
| --- | |
| --- | |
| --- |
| --- | ||
|
|
||
| --- |
There was a problem hiding this comment.
There appears to be a duplicate horizontal rule here. This is likely a formatting mistake and one of the --- lines should be removed for cleaner rendering.
| --- | |
| --- | |
| --- |
| # /help-kit — Devran AI Kit Quick Reference | ||
|
|
||
| > **Trigger**: `/help_kit` | ||
| > **Trigger**: `/help-kit` |
There was a problem hiding this comment.
Throughout this pull request, command names are being standardized to use hyphens instead of underscores (e.g., /project-status). For consistency, this trigger should be updated from /help_kit to /help-kit.
| > **Trigger**: `/help-kit` | |
| > **Trigger**: /help-kit |
| # /project-status — Project Status Overview | ||
|
|
||
| > **Trigger**: `/project_status [sub-command]` | ||
| > **Trigger**: `/project-status [sub-command]` |
There was a problem hiding this comment.
The command name has been updated to /project-status in other files within this pull request. To maintain consistency across the documentation, this trigger should also be updated to use a hyphen instead of an underscore.
| > **Trigger**: `/project-status [sub-command]` | |
| > **Trigger**: /project-status [sub-command] |
- Remove duplicate --- horizontal rules in 3 SKILL.md files (pr-toolkit, security-practices, testing-patterns) - Replace ALL remaining underscore command names with hyphens: /project_status → /project-status, /help_kit → /help-kit across CheatSheet.md, help.md, project-status.md, README.md, pr.md, upgrade.md, workflows/README.md (24 occurrences fixed) - Zero underscore command references remaining in .agent/
1 participant
Summary
Major release: Devran AI Kit v5.0.0 — Trust-Grade AI Development Framework.
Framework Enrichment (Phase 1-8):
/implementworkflow created (was missing despite command existing)workflow:,invokes:,uses:frontmatter declarationsNew Governance Rules:
performance.md— JS bundle ≤200KB, API p95 ≤300ms, LCP ≤2.5saccessibility.md— WCAG 2.1 AA, semantic HTML, color contrast 4.5:1data-privacy.md— PII handling, GDPR, AI pipeline anonymizationECC-Inspired Innovations:
contexts/instincts.md) — confidence-scored pattern memoryOG Image Redesign (Vercel-grade):
scripts/generate-og-image.js)Badge System Overhaul:
style=for-the-badge+height="36")sync-version.jsInfrastructure:
kit initfile lockssync-version.js: syncs version + all 5 capability badge counts from manifestTest plan
npm test— 573/573 passingkit verify— manifest integrity checknpm publish --access publicafter merge🤖 Generated with Claude Code