Skip to content

Commit 371318c

Browse files
committed
Add CodeRabbit configuration and new skills for spec-kit integration
- Introduced `.coderabbit.yaml` for CodeRabbit integration, defining review settings, path filters, and instructions for various file types. - Added new skills for the spec-kit: `speckit-analyze`, `speckit-checklist`, `speckit-clarify`, `speckit-constitution`, `speckit-converge`, and `speckit-implement`, enhancing the project's ability to manage specifications and implementation tasks. - Updated `README.md` to include a link to the new GitHub Spec Kit documentation. - Minor adjustments to `Makefile` for improved organization and clarity.
1 parent c8a7df4 commit 371318c

40 files changed

Lines changed: 5217 additions & 7 deletions

File tree

.coderabbit.yaml

Lines changed: 103 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,103 @@
1+
# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json
2+
#
3+
# CodeRabbit configuration for nowo-tech/DoctrineEncryptBundle.
4+
# Requires the CodeRabbit GitHub App installed on nowo-tech/DoctrineEncryptBundle.
5+
# Manual review: comment `@coderabbitai review` on a pull request.
6+
7+
language: en-US
8+
9+
reviews:
10+
profile: chill
11+
request_changes_workflow: false
12+
high_level_summary: true
13+
review_status: true
14+
commit_status: true
15+
poem: false
16+
collapse_walkthrough: true
17+
sequence_diagrams: true
18+
changed_files_summary: true
19+
20+
auto_review:
21+
enabled: true
22+
auto_incremental_review: true
23+
auto_pause_after_reviewed_commits: 10
24+
drafts: false
25+
base_branches:
26+
- main
27+
- master
28+
ignore_title_keywords:
29+
- WIP
30+
- "[skip review]"
31+
32+
path_filters:
33+
- "!**/vendor/**"
34+
- "!**/coverage/**"
35+
- "!**/*.lock"
36+
- "!phpstan-baseline.neon"
37+
- "!.cursor/**"
38+
- "src/**"
39+
- "tests/**"
40+
- "docs/**"
41+
- "demo/**"
42+
- ".github/**"
43+
- "*.md"
44+
- "*.yaml"
45+
- "*.yml"
46+
- "Makefile"
47+
48+
path_instructions:
49+
- path: "src/**/*.php"
50+
instructions: |
51+
nowo-tech/doctrine-encrypt-bundle — Encrypt Doctrine entity fields at rest with Halite, Defuse, or MySQL-compatible MysqlAes. Symfony 7|8 bundle for field-level encryption, GDPR-friendly, multiple keys, key rotation.
52+
Follow PSR-12 and `.php-cs-fixer.dist.php`. Prefer PHP 8 attributes over annotations.
53+
Respect PHP and Symfony ranges in `composer.json` when present. Preserve backward compatibility unless the PR explicitly breaks it.
54+
Use strict comparison (`===`) where appropriate. Keep changes minimal and consistent with existing patterns.
55+
Align with `composer cs-check`, `composer phpstan`, and `composer test` when those scripts exist.
56+
57+
- path: "tests/**/*.php"
58+
instructions: |
59+
PHPUnit tests for this package. Add or update tests for new behaviour.
60+
Match existing test structure (Unit vs Integration). Avoid trivial assertions.
61+
Ensure changes remain compatible with the CI matrix when one is defined.
62+
63+
- path: "docs/**/*.md"
64+
instructions: |
65+
User-facing documentation in English under `docs/`. Do not invent features, versions, or commands.
66+
For notable releases, keep CHANGELOG and UPGRADING aligned. Preserve document structure and tone.
67+
68+
- path: "demo/**/*.php"
69+
instructions: |
70+
Demo applications illustrate bundle usage — not production code.
71+
Keep demos aligned with supported PHP/Symfony versions in composer.json.
72+
73+
- path: ".github/workflows/**"
74+
instructions: |
75+
GitHub Actions workflows for this repository. Match existing workflow style (checkout@v6, matrix exclusions).
76+
Do not echo secrets. Pin third-party actions to major versions already used in this repo.
77+
78+
tools:
79+
phpstan:
80+
enabled: true
81+
phpcs:
82+
enabled: false
83+
phpmd:
84+
enabled: false
85+
yamllint:
86+
enabled: true
87+
hadolint:
88+
enabled: true
89+
gitleaks:
90+
enabled: true
91+
github-checks:
92+
enabled: true
93+
timeout_ms: 900000
94+
actionlint:
95+
enabled: true
96+
zizmor:
97+
enabled: true
98+
99+
knowledge_base:
100+
learnings:
101+
scope: auto
102+
pull_requests:
103+
scope: auto
Lines changed: 259 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,259 @@
1+
---
2+
name: "speckit-analyze"
3+
description: "Perform a non-destructive cross-artifact consistency and quality analysis across spec.md, plan.md, and tasks.md after task generation."
4+
compatibility: "Requires spec-kit project structure with .specify/ directory"
5+
metadata:
6+
author: "github-spec-kit"
7+
source: "templates/commands/analyze.md"
8+
---
9+
10+
11+
## User Input
12+
13+
```text
14+
$ARGUMENTS
15+
```
16+
17+
You **MUST** consider the user input before proceeding (if not empty).
18+
19+
## Pre-Execution Checks
20+
21+
**Check for extension hooks (before analysis)**:
22+
- Check if `.specify/extensions.yml` exists in the project root.
23+
- If it exists, read it and look for entries under the `hooks.before_analyze` key
24+
- If the YAML cannot be parsed or is invalid, skip hook checking silently and continue normally
25+
- Filter out hooks where `enabled` is explicitly `false`. Treat hooks without an `enabled` field as enabled by default.
26+
- For each remaining hook, do **not** attempt to interpret or evaluate hook `condition` expressions:
27+
- If the hook has no `condition` field, or it is null/empty, treat the hook as executable
28+
- If the hook defines a non-empty `condition`, skip the hook and leave condition evaluation to the HookExecutor implementation
29+
- When constructing slash commands from hook command names, replace dots (`.`) with hyphens (`-`). For example, `speckit.git.commit``/speckit-git-commit`.
30+
- For each executable hook, output the following based on its `optional` flag:
31+
- **Optional hook** (`optional: true`):
32+
```
33+
## Extension Hooks
34+
35+
**Optional Pre-Hook**: {extension}
36+
Command: `/{command}`
37+
Description: {description}
38+
39+
Prompt: {prompt}
40+
To execute: `/{command}`
41+
```
42+
- **Mandatory hook** (`optional: false`):
43+
```
44+
## Extension Hooks
45+
46+
**Automatic Pre-Hook**: {extension}
47+
Executing: `/{command}`
48+
EXECUTE_COMMAND: {command}
49+
50+
Wait for the result of the hook command before proceeding to the Goal.
51+
```
52+
After emitting the block above you MUST actually invoke the hook and wait for it to finish before continuing. Run it the same way you would run the command yourself in this agent/session (the invocation may differ from the literal `{command}` id shown above, e.g. a skills-mode agent runs it as `/skill:speckit-...` or `$speckit-...`). Emitting the block alone does not run the hook.
53+
- If no hooks are registered or `.specify/extensions.yml` does not exist, skip silently
54+
55+
## Goal
56+
57+
Identify inconsistencies, duplications, ambiguities, and underspecified items across the three core artifacts (`spec.md`, `plan.md`, `tasks.md`) before implementation. This command MUST run only after `/speckit-tasks` has successfully produced a complete `tasks.md`.
58+
59+
## Operating Constraints
60+
61+
**STRICTLY READ-ONLY**: Do **not** modify any files. Output a structured analysis report. Offer an optional remediation plan (user must explicitly approve before any follow-up editing commands would be invoked manually).
62+
63+
**Constitution Authority**: The project constitution (`.specify/memory/constitution.md`) is **non-negotiable** within this analysis scope. Constitution conflicts are automatically CRITICAL and require adjustment of the spec, plan, or tasks—not dilution, reinterpretation, or silent ignoring of the principle. If a principle itself needs to change, that must occur in a separate, explicit constitution update outside `/speckit-analyze`.
64+
65+
## Execution Steps
66+
67+
### 1. Initialize Analysis Context
68+
69+
Run `.specify/scripts/bash/check-prerequisites.sh --json --require-tasks --include-tasks` once from repo root and parse JSON for FEATURE_DIR and AVAILABLE_DOCS. Derive absolute paths:
70+
71+
- SPEC = FEATURE_DIR/spec.md
72+
- PLAN = FEATURE_DIR/plan.md
73+
- TASKS = FEATURE_DIR/tasks.md
74+
75+
Abort with an error message if any required file is missing (instruct the user to run missing prerequisite command).
76+
For single quotes in args like "I'm Groot", use escape syntax: e.g 'I'\''m Groot' (or double-quote if possible: "I'm Groot").
77+
78+
### 2. Load Artifacts (Progressive Disclosure)
79+
80+
Load only the minimal necessary context from each artifact:
81+
82+
**From spec.md:**
83+
84+
- Overview/Context
85+
- Functional Requirements
86+
- Success Criteria (measurable outcomes — e.g., performance, security, availability, user success, business impact)
87+
- User Stories
88+
- Edge Cases (if present)
89+
90+
**From plan.md:**
91+
92+
- Architecture/stack choices
93+
- Data Model references
94+
- Phases
95+
- Technical constraints
96+
97+
**From tasks.md:**
98+
99+
- Task IDs
100+
- Descriptions
101+
- Phase grouping
102+
- Parallel markers [P]
103+
- Referenced file paths
104+
105+
**From constitution:**
106+
107+
- Load `.specify/memory/constitution.md` for principle validation
108+
109+
### 3. Build Semantic Models
110+
111+
Create internal representations (do not include raw artifacts in output):
112+
113+
- **Requirements inventory**: For each Functional Requirement (FR-###) and Success Criterion (SC-###), record a stable key. Use the explicit FR-/SC- identifier as the primary key when present, and optionally also derive an imperative-phrase slug for readability (e.g., "User can upload file" → `user-can-upload-file`). Include only Success Criteria items that require buildable work (e.g., load-testing infrastructure, security audit tooling), and exclude post-launch outcome metrics and business KPIs (e.g., "Reduce support tickets by 50%").
114+
- **User story/action inventory**: Discrete user actions with acceptance criteria
115+
- **Task coverage mapping**: Map each task to one or more requirements or stories (inference by keyword / explicit reference patterns like IDs or key phrases)
116+
- **Constitution rule set**: Extract principle names and MUST/SHOULD normative statements
117+
118+
### 4. Detection Passes (Token-Efficient Analysis)
119+
120+
Focus on high-signal findings. Limit to 50 findings total; aggregate remainder in overflow summary.
121+
122+
#### A. Duplication Detection
123+
124+
- Identify near-duplicate requirements
125+
- Mark lower-quality phrasing for consolidation
126+
127+
#### B. Ambiguity Detection
128+
129+
- Flag vague adjectives (fast, scalable, secure, intuitive, robust) lacking measurable criteria
130+
- Flag unresolved placeholders (TODO, TKTK, ???, `<placeholder>`, etc.)
131+
132+
#### C. Underspecification
133+
134+
- Requirements with verbs but missing object or measurable outcome
135+
- User stories missing acceptance criteria alignment
136+
- Tasks referencing files or components not defined in spec/plan
137+
138+
#### D. Constitution Alignment
139+
140+
- Any requirement or plan element conflicting with a MUST principle
141+
- Missing mandated sections or quality gates from constitution
142+
143+
#### E. Coverage Gaps
144+
145+
- Requirements with zero associated tasks
146+
- Tasks with no mapped requirement/story
147+
- Success Criteria requiring buildable work (performance, security, availability) not reflected in tasks
148+
149+
#### F. Inconsistency
150+
151+
- Terminology drift (same concept named differently across files)
152+
- Data entities referenced in plan but absent in spec (or vice versa)
153+
- Task ordering contradictions (e.g., integration tasks before foundational setup tasks without dependency note)
154+
- Conflicting requirements (e.g., one requires Next.js while other specifies Vue)
155+
156+
### 5. Severity Assignment
157+
158+
Use this heuristic to prioritize findings:
159+
160+
- **CRITICAL**: Violates constitution MUST, missing core spec artifact, or requirement with zero coverage that blocks baseline functionality
161+
- **HIGH**: Duplicate or conflicting requirement, ambiguous security/performance attribute, untestable acceptance criterion
162+
- **MEDIUM**: Terminology drift, missing non-functional task coverage, underspecified edge case
163+
- **LOW**: Style/wording improvements, minor redundancy not affecting execution order
164+
165+
### 6. Produce Compact Analysis Report
166+
167+
Output a Markdown report (no file writes) with the following structure:
168+
169+
## Specification Analysis Report
170+
171+
| ID | Category | Severity | Location(s) | Summary | Recommendation |
172+
|----|----------|----------|-------------|---------|----------------|
173+
| A1 | Duplication | HIGH | spec.md:L120-134 | Two similar requirements ... | Merge phrasing; keep clearer version |
174+
175+
(Add one row per finding; generate stable IDs prefixed by category initial.)
176+
177+
**Coverage Summary Table:**
178+
179+
| Requirement Key | Has Task? | Task IDs | Notes |
180+
|-----------------|-----------|----------|-------|
181+
182+
**Constitution Alignment Issues:** (if any)
183+
184+
**Unmapped Tasks:** (if any)
185+
186+
**Metrics:**
187+
188+
- Total Requirements
189+
- Total Tasks
190+
- Coverage % (requirements with >=1 task)
191+
- Ambiguity Count
192+
- Duplication Count
193+
- Critical Issues Count
194+
195+
### 7. Provide Next Actions
196+
197+
At end of report, output a concise Next Actions block:
198+
199+
- If CRITICAL issues exist: Recommend resolving before `/speckit-implement`
200+
- If only LOW/MEDIUM: User may proceed, but provide improvement suggestions
201+
- Provide explicit command suggestions: e.g., "Run /speckit-specify with refinement", "Run /speckit-plan to adjust architecture", "Manually edit tasks.md to add coverage for 'performance-metrics'"
202+
203+
### 8. Offer Remediation
204+
205+
Ask the user: "Would you like me to suggest concrete remediation edits for the top N issues?" (Do NOT apply them automatically.)
206+
207+
### 9. Check for extension hooks
208+
209+
After reporting, check if `.specify/extensions.yml` exists in the project root.
210+
- If it exists, read it and look for entries under the `hooks.after_analyze` key
211+
- If the YAML cannot be parsed or is invalid, skip hook checking silently and continue normally
212+
- Filter out hooks where `enabled` is explicitly `false`. Treat hooks without an `enabled` field as enabled by default.
213+
- For each remaining hook, do **not** attempt to interpret or evaluate hook `condition` expressions:
214+
- If the hook has no `condition` field, or it is null/empty, treat the hook as executable
215+
- If the hook defines a non-empty `condition`, skip the hook and leave condition evaluation to the HookExecutor implementation
216+
- When constructing slash commands from hook command names, replace dots (`.`) with hyphens (`-`). For example, `speckit.git.commit` → `/speckit-git-commit`.
217+
- For each executable hook, output the following based on its `optional` flag:
218+
- **Optional hook** (`optional: true`):
219+
```
220+
## Extension Hooks
221+
222+
**Optional Hook**: {extension}
223+
Command: `/{command}`
224+
Description: {description}
225+
226+
Prompt: {prompt}
227+
To execute: `/{command}`
228+
```
229+
- **Mandatory hook** (`optional: false`):
230+
```
231+
## Extension Hooks
232+
233+
**Automatic Hook**: {extension}
234+
Executing: `/{command}`
235+
EXECUTE_COMMAND: {command}
236+
```
237+
After emitting the block above you MUST actually invoke the hook and wait for it to finish before continuing. Run it the same way you would run the command yourself in this agent/session (the invocation may differ from the literal `{command}` id shown above, e.g. a skills-mode agent runs it as `/skill:speckit-...` or `$speckit-...`). Emitting the block alone does not run the hook.
238+
- If no hooks are registered or `.specify/extensions.yml` does not exist, skip silently
239+
240+
## Operating Principles
241+
242+
### Context Efficiency
243+
244+
- **Minimal high-signal tokens**: Focus on actionable findings, not exhaustive documentation
245+
- **Progressive disclosure**: Load artifacts incrementally; don't dump all content into analysis
246+
- **Token-efficient output**: Limit findings table to 50 rows; summarize overflow
247+
- **Deterministic results**: Rerunning without changes should produce consistent IDs and counts
248+
249+
### Analysis Guidelines
250+
251+
- **NEVER modify files** (this is read-only analysis)
252+
- **NEVER hallucinate missing sections** (if absent, report them accurately)
253+
- **Prioritize constitution violations** (these are always CRITICAL)
254+
- **Use examples over exhaustive rules** (cite specific instances, not generic patterns)
255+
- **Report zero issues gracefully** (emit success report with coverage statistics)
256+
257+
## Context
258+
259+
$ARGUMENTS

0 commit comments

Comments
 (0)