Conversation
* feat: enhanced module manifest security and integrity (arch-06) Co-authored-by: Cursor <cursoragent@cursor.com> * fix: remove duplicate ModulePackageMetadata import (ruff F811) * Fix failed tests * Fix type-check errors --------- Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com> Co-authored-by: Cursor <cursoragent@cursor.com>
…rch-07) (#265) * feat: add schema extension system for modular ProjectBundle extensions Enables modules to extend Feature and ProjectBundle with namespaced custom fields without modifying core models, supporting marketplace-ready interoperability. - Add extensions dict field to Feature and ProjectBundle models - Implement type-safe get/set extension accessors with namespace enforcement - Extend module manifest schema with schema_extensions declaration - Add ExtensionRegistry for collision detection and introspection - Extend module lifecycle registration to load and validate extensions OpenSpec Change: arch-07-schema-extension-system Resolves #213 * feat: schema extension system (arch-07) and quality gate fixes - Add extensions field and get_extension/set_extension to Feature and ProjectBundle - Add SchemaExtension model and schema_extensions to ModulePackageMetadata - Add ExtensionRegistry with collision detection; integrate in module registration - Parse schema_extensions in discover_package_metadata - Docs: extending-projectbundle guide, architecture section, sidebar - Version 0.32.0, CHANGELOG entry, TDD_EVIDENCE - Format: E402 (imports at top in project.py), UP042 (StrEnum in backlog-core), RUF043/B017 in schema extension tests - Type-check: pass schema_metadata/project_metadata in BundleManifest test calls OpenSpec Change: arch-07-schema-extension-system Resolves #213 Co-authored-by: Cursor <cursoragent@cursor.com> * Update change progress * Add docs guides and update changes * Use v0.32.0 as version and combine arch-06/arch-07 * Update change order plan --------- Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com> Co-authored-by: Cursor <cursoragent@cursor.com>
Signed-off-by: Dom <39115308+djm81@users.noreply.github.com>
* feat(workflow): standardize worktree-first development flow * docs(openspec): mark workflow-01 delivery tasks complete * Apply review finding --------- Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
* feat(policy-engine): implement unified policy framework * docs(openspec): mark policy-engine-01 implemented in change order * fix(policy-engine): make module io contract compliant * feat(policy-engine): add policy init templates and docs coverage * fix: refine grouped policy limit semantics and outputs * docs: clarify policy engine value for new users --------- Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
…1) (#275) - Use discover_all_package_metadata() in init so list-modules/enable/disable use same roots as registry (built-in + workspace modules + SPECFACT_MODULES_ROOTS) - Extend backlog-core-01 OpenSpec: init-module-discovery-alignment spec, tasks 0.5.x, TDD evidence - Bump version to 0.34.0; CHANGELOG Fixes #116 Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com> Co-authored-by: Cursor <cursoragent@cursor.com>
* feat: add thorough codebase validation (validation-01) - Add --crosshair-per-path-timeout to specfact repro and ReproChecker - Add docs/reference/thorough-codebase-validation.md (quick check, contract-full, sidecar, dogfooding) - Unit test and TDD evidence for CrossHair per-path timeout - OpenSpec validation-01-deep-validation tasks and TDD_EVIDENCE updated * fix: reject non-positive CrossHair per-path timeout (review) * docs: CHANGELOG v0.34.0 and doc updates for thorough codebase validation --------- Signed-off-by: Dom <39115308+djm81@users.noreply.github.com> Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
* feat(patch-mode): add patch apply (local + --write with confirmation) [#177] - Add patch_mode module: pipeline (generator, applier, idempotency), patch apply command - specfact patch apply <file> (local + preflight), patch apply --write --yes (upstream, idempotent) - OpenSpec patch-mode-01-preview-apply: proposal Source Tracking, tasks, TDD_EVIDENCE - CHANGELOG [Unreleased] entry for v0.34.0 merge Co-authored-by: Cursor <cursoragent@cursor.com> * fix(patch-mode): sanitize idempotency keys, derive key from patch content [PR review] * Fix errors and ensure module compatibility --------- Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com> Co-authored-by: Cursor <cursoragent@cursor.com>
* feat: add bundle-mapper module with confidence-based spec-to-bundle mapping - BundleMapping model and BundleMapper engine (explicit label, historical, content similarity) - Mapping history persistence and MappingRule (save_user_confirmed_mapping, load_bundle_mapping_config) - Interactive UI (ask_bundle_mapping) with Rich confidence visualization - Unit tests and TDD_EVIDENCE for bundle-mapper-01 (OpenSpec #121) Co-authored-by: Cursor <cursoragent@cursor.com> * fix(bundle-mapper): address PR review findings (P1/P2) - P1 interactive: no default accept for low-confidence; use default only when conf >= 0.5 - P1 history: ignore empty key fields in item_keys_similar (only count non-empty matches) - P2 engine: add historical weight only when hist_bundle == primary_bundle_id - Add test_item_keys_similar_empty_fields_not_counted to lock empty-key behavior Co-authored-by: Cursor <cursoragent@cursor.com> --------- Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com> Co-authored-by: Cursor <cursoragent@cursor.com>
* fix: implement verification-01 delta for bundle mapping, patch apply, and docs parity * test: fix patch write yes scenario for real diff apply * fix: keep bundle mapping history out of bundle manifest --------- Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com> Signed-off-by: Dom <39115308+djm81@users.noreply.github.com>
* feat: launch module marketplace lifecycle and trust-first UX Deliver the central module marketplace workflow with source-aware discovery, lifecycle management, and trust/publisher visibility so users can safely manage official vs local modules. This also aligns docs and OpenSpec artifacts with the shipped behavior, including command introspection and clearer install/uninstall guidance. Co-authored-by: Cursor <cursoragent@cursor.com> * fix: respect explicit discovery roots in module tests Disable implicit legacy/workspace roots when explicit roots are passed to module discovery so isolated test roots are honored and deterministic. Co-authored-by: Cursor <cursoragent@cursor.com> * fix: enforce safe module extraction and upgrade reinstall --------- Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com> Co-authored-by: Cursor <cursoragent@cursor.com>
* feat: add bundle-mapper module with confidence-based spec-to-bundle mapping - BundleMapping model and BundleMapper engine (explicit label, historical, content similarity) - Mapping history persistence and MappingRule (save_user_confirmed_mapping, load_bundle_mapping_config) - Interactive UI (ask_bundle_mapping) with Rich confidence visualization - Unit tests and TDD_EVIDENCE for bundle-mapper-01 (OpenSpec #121) Co-authored-by: Cursor <cursoragent@cursor.com> * fix(bundle-mapper): address PR review findings (P1/P2) - P1 interactive: no default accept for low-confidence; use default only when conf >= 0.5 - P1 history: ignore empty key fields in item_keys_similar (only count non-empty matches) - P2 engine: add historical weight only when hist_bundle == primary_bundle_id - Add test_item_keys_similar_empty_fields_not_counted to lock empty-key behavior Co-authored-by: Cursor <cursoragent@cursor.com> * fix: address bundle-mapper review defects with tdd evidence * test: make specmatic integration tests plugin-agnostic --------- Signed-off-by: Dom <39115308+djm81@users.noreply.github.com> Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com> Co-authored-by: Cursor <cursoragent@cursor.com>
* fix: harden trustworthy green checks * fix: restore contract-first ci repro command * fix: apply CodeRabbit auto-fixes Fixed 3 file(s) based on 3 unresolved review comments. Co-authored-by: CodeRabbit <noreply@coderabbit.ai> * fix: resolve CI failures for trustworthy green checks PR - Use hatch run contract-test instead of specfact code repro in CI (CLI bundle not available in CI environment) - Allow test_bundle_import.py in migration cleanup legacy-import check (_bundle_import is an internal helper, not a removed module package) - Fix formatting in test_trustworthy_green_checks.py (CodeRabbit commit was unformatted) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: address CodeRabbit review findings - Add trailing newline to TDD_EVIDENCE.md (MD047) - Make _load_hooks() search for repo: local instead of assuming index 0 - Replace fragile multi-line string assertion in actionlint test with semantic line-by-line checks Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: CodeRabbit <noreply@coderabbit.ai> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- Widen workflow_changed filter to include scripts/run_actionlint.sh and scripts/yaml-tools.sh so Workflow Lint triggers on script changes - Pin actionlint default to v1.7.11 (matches CI) instead of latest - Fix run_actionlint.sh conflating "not installed" with "lint failures" by separating availability check from execution - Restore sys.path after test_bundle_import to avoid cross-test leakage - Normalize CHANGE_ORDER.md status format to semicolon convention Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
#472) Simplify run_actionlint.sh control flow so both local and docker execution paths propagate actionlint's exit code via `exit $?`. Previously the docker path used `if run_with_docker; then exit 0; fi` which treated lint errors as "docker unavailable" and fell through to install guidance. Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
#473) - Assert hook id == "specfact-smart-checks" to prevent silent renames - cd to REPO_ROOT before running local actionlint so it finds workflows regardless of caller's cwd Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
…4.0 (#474) * feat: clean-code-01-principle-gates — 7-principle charter gates, v0.44.0 Implements openspec/changes/clean-code-01-principle-gates: - Rewrote .cursor/rules/clean-code-principles.mdc as a canonical alias surface for the 7-principle clean-code charter (naming, kiss, yagni, dry, solid) defined in nold-ai/specfact-cli-modules. Documents Phase A KISS thresholds (>80 warning / >120 error LOC), nesting-depth and parameter-count checks active, and Phase B (>40/80) explicitly deferred. - Added Clean-Code Review Gate sections to AGENTS.md and CLAUDE.md listing all 5 expanded review categories and the Phase A thresholds. - Created .github/copilot-instructions.md as a lightweight alias (< 30 lines) referencing the canonical charter without duplicating it inline. - Added unit tests (test_clean_code_principle_gates.py) covering all three spec scenarios: charter references, compliance gate, LOC/nesting thresholds. - TDD evidence recorded in openspec/changes/clean-code-01-principle-gates/TDD_EVIDENCE.md. - Bumped version 0.43.3 → 0.44.0 (minor — feature branch). - Updated CHANGELOG.md and openspec/CHANGE_ORDER.md. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: clean-code-01-principle-gates review findings and broad exception handling\n\n- Fix coderabbitai review findings:\n - Clarify T20 and W0718 are aspirational in clean-code-principles.mdc\n - Add language specifier to TDD_EVIDENCE.md fenced code block\n - Update test to check all 7 canonical principles\n - Make LOC threshold assertion more specific\n- Improve exception handling throughout codebase:\n - Replace broad except Exception with specific exceptions\n - Apply SOLID principle for better error handling\n- Update tasks.md to reflect completion status\n\nFixes #434\n\nGenerated by Mistral Vibe.\nCo-Authored-By: Mistral Vibe <vibe@mistral.ai> --------- Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Archive 11 completed OpenSpec changes: - bugfix-02-ado-import-payload-slugging - ci-02-trustworthy-green-checks - clean-code-01-principle-gates - code-review-zero-findings - docs-04-docs-review-gate-and-link-integrity - docs-05-core-site-ia-restructure - docs-07-core-handoff-conversion - docs-12-docs-validation-ci - docs-13-core-nav-search-theme-roles - docs-14-first-contact-story-and-onboarding - init-ide-prompt-source-selection - packaging-02-cross-platform-runtime-and-module-resources - speckit-02-v04-adapter-alignment Fix spec validation errors: - Add proper delta headers (ADDED/MODIFIED/REMOVED/RENAMED) - Use correct scenario format with GIVEN/WHEN/THEN bullets - Ensure requirement headers match between delta and main specs - Use correct operation type based on existing requirements Update main specs with archived changes: - backlog-adapter: various updates - bridge-adapter: Spec-Kit v0.4.x capabilities - bridge-registry: BridgeConfig preset updates - code-review-module: new requirements - debug-logging: enhancements - devops-sync: improvements - documentation-alignment: core vs modules separation - review-cli-contracts: new contracts - review-run-command: command updates Generated by Mistral Vibe. Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
…w fixes (#477) * Fix content for install, sync, uninstallä * test(docs): align first-contact contracts and stabilize module CLI tests - docs/index: restore Why does it exist?, tagline, OpenSpec, canonical core CLI story - Update init profile tests for solo-developer + install all (code-review, six bundles) - Lean help test accepts uvx init hint; upgrade/core_compatibility tests match runtime - Autouse fixture re-bootstraps CommandRegistry after category-group tests - Rebase tasks conflict resolved; TDD_EVIDENCE + tasks for gates 7.1/7.2/12.1/12.2 Made-with: Cursor * fix(tools): smart-test baseline and pre-commit single code-review run - Run full suite when smart-test cache has no last_full_run; force+auto falls back to full when incremental is a no-op - Pre-commit: invoke pre_commit_code_review.py once (no xargs split) so .specfact/code-review.json is not clobbered - Tests and OpenSpec tasks for docs-new-user-onboarding Made-with: Cursor * test: fix CI backlog copy assertions and module install test isolation - Align backlog not-installed tests with solo-developer init guidance (no <profile> placeholder) - Autouse: reset CommandRegistry, register_builtin_commands, rebuild_root_app_from_registry so module install tests work after registry-only clears Made-with: Cursor * docs: README wow path + tests locking entrypoint with docs - README leads with uvx init + code review run --scope full; pip install secondary - Unit contract tests: README and docs/index.md share canonical uvx strings and order - E2E: init --profile solo-developer in temp git repo; registry ready for step two with mock bundles Made-with: Cursor * feat(init): solo-developer includes code-review bundle and marketplace install - Add specfact-code-review to canonical bundles and solo-developer preset - Install marketplace module nold-ai/specfact-code-review via install_bundles_for_init - Docs index: core CLI story and default starting point copy for parity tests - CLI: missing-module hint references solo-developer profile - smart_test_coverage: icontract requires use (self, test_level) for method contracts - Re-sign init and module_registry manifests; tests and registry updates Made-with: Cursor * fix(tools): align _run_changed_only with tuple return and baseline full run - Return (success, ran_any) from _run_changed_only; run full suite when no last_full_run - run_smart_tests(auto, force): fall back to full tests when incremental ran nothing - Fix wow e2e fixture typing (Iterator[None]) for basedpyright Unblocks PR #477 CI: type-check, tests, lint job. Made-with: Cursor * chore(release): bump to 0.45.1 and update OpenSpec tasks status - Sync version across pyproject.toml, setup.py, and __init__ modules - Changelog: 0.45.1 entry for dependency profiles, smart-test baseline, CI, UX - openspec: rolling status snapshot and task checkboxes for PR verification - Includes prior branch work: init/profile, module registry, docs entry path, workflows Made-with: Cursor --------- Co-authored-by: Dominikus Nold <djm81@users.noreply.github.com>
…pgrade tests (#479) * fix: code-review gate (Typer params), typer<0.24 vs semgrep, module upgrade tests - Split root/install Typer callbacks into merged param stubs (KISS param count). - Patch typer.main via importlib; merge install param specs in module_registry. - Cap typer<0.24 to stay compatible with semgrep click~=8.1.8. - Invoke module_registry app directly in upgrade CLI tests (root app may lack module group). - Refactors for first_run_selection, module_packages, registry tests, semgrep README. Worktree: specfact-cli-worktrees/bugfix/code-review-cli-tests Made-with: Cursor * docs: use code import in examples (flat import removed from CLI) Replace specfact [--flags] import from-code with specfact [--flags] code import from-code so check-docs-commands matches the nested Typer path after removing the flat import shim. Made-with: Cursor * Fix review findings --------- Co-authored-by: Dom <djm81@users.noreply.github.com>
* docs: restructure readme for star conversion Co-authored-by: Dom <djm81@users.noreply.github.com> * docs: sync readme change tracking Co-authored-by: Dom <djm81@users.noreply.github.com> * docs: relocate readme support artifacts Co-authored-by: Dom <djm81@users.noreply.github.com> * docs: fix readme workflow snippet and pin demo capture Co-authored-by: Dom <djm81@users.noreply.github.com> * docs: address remaining readme review findings Co-authored-by: Dom <djm81@users.noreply.github.com> --------- Co-authored-by: Dom <djm81@users.noreply.github.com>
Signed-off-by: Dom <39115308+djm81@users.noreply.github.com>
djm81
added
documentation
Contributor
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (132)
📝 WalkthroughSummaryThis PR implements cross-repository alignment governance documentation for the SpecFact CLI project, formalizing rules for splitting work between the core OpenSpec Specifications AddedNew specification documents in
Specification Updates
Archival
Impact Assessment
WalkthroughThis PR reorganizes OpenSpec change ownership and governance across Changes
Estimated Code Review Effort🎯 4 (Complex) | ⏱️ ~60 minutes Reasoning: This PR involves heterogeneous, interdependent changes across strategic ownership boundaries. While many individual files are documentation-only, the cumulative scope demands careful verification: (1) consistency of split/rescope decisions across 9+ rescoped proposals and 14+ archived changes, (2) correctness of paired modules-repo issue links (20+ cross-repo references), (3) alignment of new governance specs with existing contract-first boundaries and Typer/Rich CLI shape, (4) verification that removed proposals are truly redundant rather than orphaning critical requirements, and (5) confirmation that CHANGE_ORDER.md updates correctly reflect both repos' planning hierarchies. The lack of code changes paradoxically increases review complexity—architectural correctness depends entirely on governance documentation coherence. Possibly Related Issues
Possibly Related PRs
Suggested Labels
Architectural NotesThis PR codifies a lean-core + modular-bundles ownership model through systematic rescoping. Key architectural decisions:
Recommend reviewers verify that no critical Typer CLI shapes are being deferred without explicit paired modules-repo issues, and that all rescoped proposals have valid GitHub issue cross-links to unblock implementation. ✨ Finishing Touches🧪 Generate unit tests (beta)
|
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: e8c3848624
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
|
||
| ## Sources Used | ||
|
|
||
| - [core-lean-package](/home/dom/git/nold-ai/specfact-cli/openspec/specs/core-lean-package/spec.md) |
There was a problem hiding this comment.
This archived analysis introduces Markdown links that point to /home/dom/git/..., which only resolve on one local workstation and are broken for everyone else (including GitHub rendering and other clones). Because this document is used to justify cross-repo ownership moves, broken references make the decision trail unverifiable and can lead to incorrect reassignment follow-ups.
Useful? React with 👍 / 👎.
|
|
||
| | Module | Order | Change folder | GitHub # | Blocked by | | ||
| |--------|-------|---------------|----------|------------| | ||
| | governance | 01 | cross-repo-issue-realignment | [#484](https://github.com/nold-ai/specfact-cli/issues/484) | agile-01 ✅; module-migration-11 [#408](https://github.com/nold-ai/specfact-cli/issues/408); backlog-module-ownership-cleanup | |
There was a problem hiding this comment.
This row lists cross-repo-issue-realignment as an active governance change even though the same commit archives it under openspec/changes/archive/2026-04-08-cross-repo-issue-realignment/. Leaving the planning ledger in a non-complete state creates an inconsistent source of truth and can cause maintainers or workflow tooling to treat an already-archived change as still pending.
Useful? React with 👍 / 👎.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Cross-repo alignment - organizational change, no cli change.
Fixes #484
New Features #484
Contract References: List any contracts (
@icontractdecorators) that this change affects or implements.Type of Change
Please check all that apply:
@icontractdecorators)Contract-First Testing Evidence
Required for all changes affecting CLI commands or public APIs:
Contract Validation
@icontractdecorators on public APIs)@beartypedecorators applied)hatch run contract-test-explorationTest Execution
hatch run contract-test-contracts✅hatch run contract-test-exploration✅hatch run contract-test-scenarios✅hatch run contract-test-full✅Test Quality
How Has This Been Tested?
Contract-First Approach: Describe how contracts and scenario tests validate your changes.
Manual Testing
Automated Testing
Test Environment
Checklist
@icontract,@beartype)Quality Gates Status
hatch run type-check)hatch run lint)hatch run contract-test-contracts)hatch run contract-test-exploration)hatch run contract-test-scenarios)Screenshots/Recordings (if applicable)
Add screenshots or recordings of CLI output, especially for new commands or UI changes.