@@ -191,40 +191,56 @@ make serve-docs # Installs dependencies if needed, generates and serves docs
191191
192192### Configuration Loading Pattern (MANDATORY)
193193
194- ** ALWAYS use ` config.AutoBindFlags ` for configuration loading in ALL commands: **
194+ ** Use ` config.NewCommandSetup ` as the canonical command configuration pattern. **
195195
196196``` go
197197func CommandRun (cmd *cobra .Command , args []string ) {
198- // 1. Bind flags to config keys
199- if err := config.AutoBindFlags (cmd, map [string ]string {
200- " platform-flag" " platform.url"
201- " token" " platform.token"
202- " threads" " common.threads"
203- }); err != nil {
204- log.Fatal ().Err (err).Msg (" Failed to bind command flags to configuration keys"
205- }
206-
207- // 2. Validate required keys
208- if err := config.RequireConfigKeys (" platform.url" " platform.token" nil {
209- log.Fatal ().Err (err).Msg (" required configuration missing"
210- }
211-
212- // 3. Get values from unified config (supports flags/env/file)
198+ config.NewCommandSetup (cmd).
199+ WithFlagBindings (map [string ]string {
200+ " url" " platform.url"
201+ " token" " platform.token"
202+ " threads" " common.threads"
203+ }).
204+ RequireKeys (" platform.url" " platform.token"
205+ AddValidator (func () error { return config.ValidateURL (config.GetString (" platform.url" " Platform URL"
206+ AddValidator (func () error { return config.ValidateToken (config.GetString (" platform.token" " Platform API Token"
207+ MustBind ()
208+
209+ // Read values from unified config (supports flags/env/file)
213210 url := config.GetString (" platform.url"
214211 token := config.GetString (" platform.token"
215212 threads := config.GetInt (" common.threads"
216213}
217214```
218215
216+ ** Migration policy (mandatory):**
217+ - When modifying an existing command, migrate that touched command to ` config.NewCommandSetup ` .
218+ - Do not leave mixed setup styles in the same command implementation.
219+ - ` config.AutoBindFlags ` is still an internal building block, but command code should use ` NewCommandSetup ` .
220+
219221** Key naming convention:**
220222- Platform settings: ` <platform>.<key> ` (e.g., ` github.url ` , ` gitlab.token ` )
221223- Subcommand settings: ` <platform>.<subcommand>.<key> ` (e.g., ` github.renovate.enum.owned ` )
222224- Common settings: ` common.<key> ` (e.g., ` common.threads ` )
223225
226+ ### Command Coverage Policy (MANDATORY)
227+
228+ - When asked to update "all commands" for a platform, enumerate command files recursively under ` internal/cmd/<platform>/ ` before editing.
229+ - Apply the requested change to scan and non-scan child commands, including nested children.
230+ - Do not stop after updating only ` scan ` commands.
231+ - Include grouped or nested command trees when applicable (for example, runners/list, runners/exploit, cicd/yaml, users/enum).
232+
233+ ** Checklist for broad command updates:**
234+ 1 . Discover command tree under ` internal/cmd/<platform>/ ` recursively.
235+ 2 . Identify every command Run entrypoint impacted by the request.
236+ 3 . Apply updates across all applicable child commands (scan + non-scan + nested).
237+ 4 . Verify no command directory in scope was skipped.
238+ 5 . Confirm touched commands follow ` config.NewCommandSetup ` migration policy.
239+
224240** DO NOT:**
225241- Read flags directly with ` cmd.Flags().GetString() ` - always use config system
226- - Use ` config.BindCommandFlags ` - it's deprecated in favor of ` AutoBindFlags `
227- - Skip ` RequireConfigKeys ` validation for required flags
242+ - Use ` config.BindCommandFlags ` - it's deprecated
243+ - Skip required key validation for mandatory config values
228244
229245### Package Organization
230246
0 commit comments