ros/BMAD-METHOD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

formatting more verbose info about not wrapping output parent in markdown

Browse Source
This commit is contained in:
Brian Madison
2025-05-13 19:05:18 -05:00
parent 265ae1c1b8
commit 0955c6fda3
11 changed files with 586 additions and 268 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
BETA-V3/docs/preferred-patterns-and-preferences.md → BETA-V3/docs/technical-preferences.md
View File

277
BETA-V3/templates/architecture-tmpl.txt
View File

@@ -1,39 +1,16 @@
# {Project Name} Architecture Document
## Introduction / Preamble
{This document outlines the overall project architecture, including backend systems, shared services, and non-UI specific concerns. Its primary goal is to serve as the guiding architectural blueprint for AI-driven development, ensuring consistency and adherence to chosen patterns and technologies.
**Relationship to Frontend Architecture:**
If the project includes a significant user interface, a separate Frontend Architecture Document (typically named `front-end-architecture-tmpl.txt` or similar, and linked in the "Key Reference Documents" section) details the frontend-specific design and MUST be used in conjunction with this document. Core technology stack choices documented herein (see "Definitive Tech Stack Selections") are definitive for the entire project, including any frontend components.}
## Table of Contents
{ Update this if sections and subsections are added or removed }
- [Technical Summary](#technical-summary)
- [High-Level Overview](#high-level-overview)
- [Component View](#component-view)
- [Architectural / Design Patterns Adopted](#architectural--design-patterns-adopted)
- [API Reference](#api-reference)
- [External APIs Consumed](#external-apis-consumed)
- [{Another External Service Name} API](#another-external-service-name-api)
- [Internal APIs Provided (If Applicable)](#internal-apis-provided-if-applicable)
- [Data Models](#data-models)
- [Core Application Entities / Domain Objects](#core-application-entities--domain-objects)
- [API Payload Schemas (If distinct)](#api-payload-schemas-if-distinct)
- [Database Schemas (If applicable)](#database-schemas-if-applicable)
- [State File Schemas (If applicable)](#state-file-schemas-if-applicable)
- [Core Workflow / Sequence Diagrams](#core-workflow--sequence-diagrams)
- [Definitive Tech Stack Selections](#definitive-tech-stack-selections)
- [Infrastructure and Deployment Overview](#infrastructure-and-deployment-overview)
- [Error Handling Strategy](#error-handling-strategy)
- [Environment Vars Templates](#environment-vars-templates)
- [Configuration Loading Mechanism](#configuration-loading-mechanism)
- [Required Variables](#required-variables)
- [Env Var Notes](#env-var-notes)
- [Security Best Practices](#security-best-practices)
- [Testing Strategy](#testing-strategy)
- [Overall Philosophy & Goals](#overall-philosophy--goals)
- [Testing Levels](#testing-levels)
- [Specialized Testing Types (Add section as needed)](#specialized-testing-types-add-section-as-needed)
- [Test Data Management](#test-data-management)
- [Key Reference Documents](#key-reference-documents)
- [Change Log](#change-log)
## Technical Summary
{ Provide a brief paragraph overview of the system's architecture, key components, technology choices, and architectural patterns used. Reference the goals from the PRD. }
@@ -64,6 +41,68 @@
- **Pattern 2:** {e.g., Dependency Injection, Repository Pattern, Module Pattern} - _Rationale/Reference:_ {...}
- **Pattern N:** {...}
## Project Structure
{Provide an ASCII or Mermaid diagram representing the project's folder structure. The following is a general example. If a `front-end-architecture-tmpl.txt` (or equivalent) is in use, it will contain the detailed structure for the frontend portion (e.g., within `src/frontend/` or a dedicated `frontend/` root directory). Shared code structure (e.g., in a `packages/` directory for a monorepo) should also be detailed here.}
```plaintext
{project-root}/
├── .github/ # CI/CD workflows (e.g., GitHub Actions)
│ └── workflows/
│ └── main.yml
├── .vscode/ # VSCode settings (optional)
│ └── settings.json
├── build/ # Compiled output (if applicable, often git-ignored)
├── config/ # Static configuration files (if any)
├── docs/ # Project documentation (PRD, Arch, etc.)
│ ├── index.md
│ └── ... (other .md files)
├── infra/ # Infrastructure as Code (e.g., CDK, Terraform)
│ └── lib/
│ └── bin/
├── node_modules/ / venv / target/ # Project dependencies (git-ignored)
├── scripts/ # Utility scripts (build, deploy helpers, etc.)
├── src/ # Application source code
│ ├── backend/ # Backend-specific application code (if distinct frontend exists)
│ │ ├── core/ # Core business logic, domain models
│ │ ├── services/ # Business services, orchestrators
│ │ ├── adapters/ # Adapters to external systems (DB, APIs)
│ │ ├── controllers/ / routes/ # API endpoint handlers
│ │ └── main.ts / app.py # Backend application entry point
│ ├── frontend/ # Placeholder: See Frontend Architecture Doc for details if used
│ ├── shared/ / common/ # Code shared (e.g., types, utils, domain models if applicable)
│ │ └── types/
│ └── main.ts / index.ts / app.ts # Main application entry point (if not using backend/frontend split above)
├── stories/ # Generated story files for development (optional)
│ └── epic1/
├── test/ # Automated tests
│ ├── unit/ # Unit tests (mirroring src structure)
│ ├── integration/ # Integration tests
│ └── e2e/ # End-to-end tests
├── .env.example # Example environment variables
├── .gitignore # Git ignore rules
├── package.json / requirements.txt / pom.xml # Project manifest and dependencies
├── tsconfig.json / pyproject.toml # Language-specific configuration (if applicable)
├── Dockerfile # Docker build instructions (if applicable)
└── README.md # Project overview and setup instructions
```
(Adjust the example tree based on the actual project type - e.g., Python would have requirements.txt, etc. The structure above illustrates a potential separation for projects with distinct frontends; for simpler projects or APIs, the `src/` structure might be flatter.)
### Key Directory Descriptions
docs/: Contains all project planning and reference documentation.
infra/: Holds the Infrastructure as Code definitions (e.g., AWS CDK, Terraform).
src/: Contains the main application source code. May be subdivided (e.g., `backend/`, `frontend/`, `shared/`) depending on project complexity and whether a separate frontend architecture document is in use.
src/backend/core/ / src/core/ / src/domain/: Core business logic, entities, use cases, independent of frameworks/external services.
src/backend/adapters/ / src/adapters/ / src/infrastructure/: Implementation details, interactions with databases, cloud SDKs, frameworks.
src/backend/controllers/ / src/routes/ / src/pages/: Entry points for API requests or UI views (if UI is simple and not in a separate frontend structure).
test/: Contains all automated tests, mirroring the src/ structure where applicable.
### Notes
{Mention any specific build output paths, compiler configuration pointers, or other relevant structural notes.}
## API Reference
### External APIs Consumed
@@ -90,10 +129,6 @@
- **Rate Limits:** {If known}
- **Link to Official Docs:** {URL}
### {Another External Service Name} API
{...}
### Internal APIs Provided (If Applicable)
{If the system exposes its own APIs (e.g., in a microservices architecture or for a UI frontend). Repeat for each API.}
@@ -134,15 +169,11 @@
_(Alternatively, use JSON Schema, class definitions, or other relevant format)_
- **Validation Rules:** {List any specific validation rules beyond basic types - e.g., max length, format, range.}
#### {Another Entity Name}
{...}
### API Payload Schemas (If distinct)
{Define schemas here only if they are distinct from core entities AND not fully detailed under the API endpoint definitions in the API Reference section. Prefer detailing request/response schemas directly with their APIs where possible. This section is for complex, reusable payload structures that might be used across multiple internal APIs or differ significantly from core persisted entities.}
#### {API Endpoint / Purpose, e.g., Create Order Request}
#### {API Endpoint / Purpose, e.g., Create Order Request, repeat the section as needed}
- **Schema / Interface Definition:**
```typescript
@@ -154,13 +185,9 @@
}
```
#### {Another API Payload}
{...}
### Database Schemas (If applicable)
{If using a database, define table structures or document database schemas.}
{If using a database, define table structures or document database schemas. repeat as needed}
#### {Table / Collection Name}
@@ -177,36 +204,6 @@
```
_(Alternatively, use ORM model definitions, NoSQL document structure, etc.)_
#### {Another Table / Collection Name}
{...}
### State File Schemas (If applicable)
{If the application uses files for persisting state.}
#### {State File Name / Purpose, e.g., processed_items.json}
- **Purpose:** {What state does this file track?}
- **Format:** {e.g., JSON}
- **Schema Definition:**
```json
{
"type": "object",
"properties": {
"processedIds": {
"type": "array",
"items": {
"type": "string"
},
"description": "List of IDs that have been processed."
}
// ... other state properties
},
"required": ["processedIds"]
}
```
## Core Workflow / Sequence Diagrams
{ Illustrate key or complex workflows using mermaid sequence diagrams. Can have high level tying the full project together, and also smaller epic level sequence diagrams. }
@@ -215,14 +212,16 @@
{ This section outlines the definitive technology choices for the project. These selections should be made after a thorough understanding of the project's requirements, components, data models, and core workflows. The Architect Agent should guide the user through these decisions, ensuring each choice is justified and recorded accurately in the table below.
This table is the **single source of truth** for all technology selections. Other architecture documents (e.g., Frontend Architecture) must refer to these choices and elaborate on their specific application rather than re-defining them.
Key decisions to discuss and finalize here, which will then be expanded upon and formally documented in the detailed stack table below, include considerations such as:
- Preferred Starter Template Frontend: { Url to template or starter, if used }
- Preferred Starter Template Backend: { Url to template or starter, if used }
- Primary Language(s) & Version(s): {e.g., TypeScript 5.x, Python 3.11}
- Primary Runtime(s) & Version(s): {e.g., Node.js 22.x}
- Primary Language(s) & Version(s): {e.g., TypeScript 5.x, Python 3.11 - Specify exact versions, e.g., `5.2.3`}
- Primary Runtime(s) & Version(s): {e.g., Node.js 22.x - Specify exact versions, e.g., `22.0.1`}
Must be definitive selections; do not list open-ended choices (e.g., for web scraping, pick one tool, not two). Specify versions or clearly state "Latest," but be cautious with "Latest" if dependency issues are a concern. }
Must be definitive selections; do not list open-ended choices (e.g., for web scraping, pick one tool, not two). Specify exact versions (e.g., `18.2.0`). If 'Latest' is used, it implies the latest stable version _at the time of this document's last update_, and the specific version (e.g., `xyz-library@2.3.4`) should be recorded. Pinning versions is strongly preferred to avoid unexpected breaking changes for the AI agent. }
| Category | Technology | Version / Details | Description / Purpose | Justification (Optional) |
| :------------------- | :---------------------- | :---------------- | :-------------------------------------- | :----------------------- |
@@ -252,16 +251,126 @@ Must be definitive selections; do not list open-ended choices (e.g., for web scr
- Cloud Provider(s): {e.g., AWS, Azure, GCP, On-premise}
- Core Services Used: {List key managed services - e.g., Lambda, S3, Kubernetes Engine, RDS, Kafka}
- Infrastructure as Code (IaC): {Tool used - e.g., AWS CDK, Terraform...} - Location: {Link to IaC code repo/directory}
- Deployment Strategy: {e.g., CI/CD pipeline, Manual deployment steps, Blue/Green, Canary} - Tools: {e.g., Jenkins, GitHub Actions, GitLab CI}
- Deployment Strategy: {e.g., CI/CD pipeline with automated promotions, Blue/Green, Canary} - Tools: {e.g., Jenkins, GitHub Actions, GitLab CI}
- Environments: {List environments - e.g., Development, Staging, Production}
- Environment Promotion: {Describe steps, e.g., `dev` -> `staging` (manual approval / automated tests pass) -> `production` (automated after tests pass and optional manual approval)}
- Rollback Strategy: {e.g., Automated rollback on health check failure post-deployment, Manual trigger via CI/CD job, IaC state rollback. Specify primary mechanism.}
## Error Handling Strategy
- **General Approach:** {e.g., Use exceptions, return error codes/tuples, specific error types.}
- **General Approach:** {e.g., Use exceptions as primary mechanism, return error codes/tuples for specific modules, clearly defined custom error types hierarchy.}
- **Logging:**
- Library/Method: {e.g., `console.log/error`, Python `logging` module, dedicated logging library}
- Format: {e.g., JSON, plain text}
- Levels: {e.g., DEBUG, INFO, WARN, ERROR}
- Context: {What contextual information should be included?}
- Library/Method: {e.g., `console.log/error` (Node.js), Python `logging` module with `structlog`, dedicated logging library like `Pino` or `Serilog`. Specify the chosen library.}
- Format: {e.g., JSON, plain text with timestamp and severity. JSON is preferred for structured logging.}
- Levels: {e.g., DEBUG, INFO, WARN, ERROR, CRITICAL. Specify standard usage for each.}
- Context: {What contextual information must be included? e.g., Correlation ID, User ID (if applicable and safe), Service Name, Operation Name, Key Parameters (sanitized).}
- **Specific Handling Patterns:**
- External API Calls: {e.g., Use `
- External API Calls: {Define retry mechanisms (e.g., exponential backoff, max retries - specify library if one is mandated like `Polly` or `tenacity`), circuit breaker pattern usage (e.g., using `resilience4j` or equivalent - specify if and how), timeout configurations (connect and read timeouts). How are API errors (4xx, 5xx) translated or propagated?}
- Internal Errors / Business Logic Exceptions: {How to convert internal errors to user-facing errors if applicable (e.g., generic error messages with a unique ID for support, specific error codes). Are there defined business exception classes?}
- Transaction Management: {Approach to ensure data consistency in case of errors during multi-step operations, e.g., database transactions (specify isolation levels if non-default), Saga pattern for distributed transactions (specify orchestrator/choreography and compensation logic).}
## Coding Standards
{These standards are mandatory for all code generation by AI agents and human developers. Deviations are not permitted unless explicitly approved and documented as an exception in this section or a linked addendum.}
- **Primary Runtime(s):** {e.g., Node.js 22.x, Python Runtime for Lambda - refer to Definitive Tech Stack}
- **Style Guide & Linter:** {e.g., ESLint with Airbnb config + Prettier; Black, Flake8, MyPy; Go fmt, golint. Specify chosen tools and link to configuration files (e.g., `.eslintrc.js`, `pyproject.toml`). Linter rules are mandatory and must not be disabled without cause.}
- **Naming Conventions:**
- Variables: `{e.g., camelCase (JavaScript/TypeScript/Java), snake_case (Python/Ruby)}`
- Functions/Methods: `{e.g., camelCase (JavaScript/TypeScript/Java), snake_case (Python/Ruby)}`
- Classes/Types/Interfaces: `{e.g., PascalCase}`
- Constants: `{e.g., UPPER_SNAKE_CASE}`
- Files: `{e.g., kebab-case.ts (TypeScript), snake_case.py (Python), PascalCase.java (Java). Be specific per language.}`
- Modules/Packages: `{e.g., camelCase or snake_case. Be specific per language.}`
- **File Structure:** Adhere to the layout defined in the "Project Structure" section and the Frontend Architecture Document if applicable.
- **Unit Test File Organization:** {e.g., `*.test.ts`/`*.spec.ts` co-located with source files; `test_*.py` in a parallel `tests/` directory. Specify chosen convention.}
- **Asynchronous Operations:** {e.g., Always use `async`/`await` in TypeScript/JavaScript/Python for promise-based operations; Goroutines/Channels in Go with clear patterns for error propagation and completion; Java `CompletableFuture` or Project Reactor/RxJava if used.}
- **Type Safety:** {e.g., Leverage TypeScript strict mode (all flags enabled); Python type hints (enforced by MyPy); Go static typing; Java generics and avoidance of raw types. All new code must be strictly typed.}
- _Type Definitions:_ {Location, e.g., `src/common/types.ts`, shared packages, or co-located. Policy on using `any` or equivalent (strongly discouraged, requires justification).}
- **Comments & Documentation:**
- Code Comments: {Expectations for code comments: Explain _why_, not _what_, for complex logic. Avoid redundant comments. Use standard formats like JSDoc, TSDoc, Python docstrings (Google/NumPy style), GoDoc, JavaDoc.}
- READMEs: {Each module/package/service should have a README explaining its purpose, setup, and usage if not trivial.}
- **Dependency Management:** {Tool used - e.g., npm/yarn, pip/poetry, Go modules, Maven/Gradle. Policy on adding new dependencies (e.g., approval process, check for existing alternatives, security vulnerability scans). Specify versioning strategy (e.g., prefer pinned versions, use tilde `~` for patches, caret `^` for minor updates - be specific).}
### Detailed Language & Framework Conventions
{For each primary language and framework selected in the "Definitive Tech Stack Selections", the following specific conventions **must** be adhered to. If a chosen technology is not listed below, it implies adherence to its standard, widely accepted best practices and the general guidelines in this document.}
#### `{Language/Framework 1 Name, e.g., TypeScript/Node.js}` Specifics:
- **Immutability:** `{e.g., "Always prefer immutable data structures. Use `Readonly<T>`, `ReadonlyArray<T>`, `as const` for object/array literals. Avoid direct mutation of objects/arrays passed as props or state. Consider libraries like Immer for complex state updates."}`
- **Functional vs. OOP:** `{e.g., "Favor functional programming constructs (map, filter, reduce, pure functions) for data transformation and business logic where practical. Use classes for entities, services with clear state/responsibilities, or when framework conventions (e.g., NestJS) demand."}`
- **Error Handling Specifics:** `{e.g., "Always use `Error`objects or extensions thereof for`throw`. Ensure `Promise`rejections are always`Error`objects. Use custom error classes inheriting from a base`AppError` for domain-specific errors."}`
- **Null/Undefined Handling:** `{e.g., "Strict null checks (`strictNullChecks`) must be enabled. Avoid `!` non-null assertion operator; prefer explicit checks, optional chaining (`?.`), or nullish coalescing (`??`). Define clear strategies for optional function parameters and return types."}`
- **Module System:** `{e.g., "Use ESModules (`import`/`export`) exclusively. Avoid CommonJS (`require`/`module.exports`) in new code."}`
- **Logging Specifics:** `{e.g., "Use the chosen structured logging library. Log messages must include a correlation ID. Do not log sensitive PII. Use appropriate log levels."}`
- **Framework Idioms (e.g., for NestJS/Express):** `{e.g., "NestJS: Always use decorators for defining modules, controllers, services, DTOs. Adhere strictly to the defined module structure and dependency injection patterns. Express: Define middleware patterns, routing structure."}`
- **Key Library Usage Conventions:** `{e.g., "When using Axios, create a single configured instance. For date/time, use {date-fns/Luxon/Day.js} and avoid native `Date` object for manipulations."}`
- **Code Generation Anti-Patterns to Avoid:** `{e.g., "Avoid overly nested conditional logic (max 2-3 levels). Avoid single-letter variable names (except for trivial loop counters like `i`, `j`, `k`). Do not write code that bypasses framework security features (e.g., ORM query builders)."}`
#### `{Language/Framework 2 Name, e.g., Python}` Specifics:
- **Immutability:** `{e.g., "Use tuples for immutable sequences. For classes, consider `@dataclass(frozen=True)`. Be mindful of mutable default arguments."}`
- **Functional vs. OOP:** `{e.g., "Employ classes for representing entities and services. Use functions for stateless operations. List comprehensions/generator expressions are preferred over `map/filter` for readability."}`
- **Error Handling Specifics:** `{e.g., "Always raise specific, custom exceptions inheriting from a base `AppException`. Use `try-except-else-finally`blocks appropriately. Avoid broad`except Exception:` clauses without re-raising or specific handling."}`
- **Resource Management:** `{e.g., "Always use `with` statements for resources like files or DB connections to ensure they are properly closed."}`
- **Type Hinting:** `{e.g., "All new functions and methods must have full type hints. Run MyPy in CI. Strive for `disallow_untyped_defs = True`."}`
- **Logging Specifics:** `{e.g., "Use the `logging`module configured for structured output (e.g., with`python-json-logger`). Include correlation IDs."}`
- **Framework Idioms (e.g., for Django/Flask/FastAPI):** `{e.g., "Django: Follow fat models, thin views pattern. Use ORM conventions. FastAPI: Utilize Pydantic for request/response models and dependency injection for services."}`
- **Key Library Usage Conventions:** `{e.g., "For HTTP requests, use `httpx`or`requests`with explicit timeout settings. For data manipulation, prefer`pandas` where appropriate but be mindful of performance."}`
#### `{Add more Language/Framework sections as needed...}`
- **{Consider other things that the trained LLM Dev Agent could potentially be random about specific to the chosen language technologies and platforms that it should be reminded of here}**
## Overall Testing Strategy
{This section outlines the project's comprehensive testing strategy, which all AI-generated and human-written code must adhere to. It complements the testing tools listed in the "Definitive Tech Stack Selections".}
- **Tools:** {Reiterate primary testing frameworks and libraries from Tech Stack, e.g., Jest, Playwright, PyTest, JUnit, Testcontainers.}
- **Unit Tests:**
- **Scope:** {Test individual functions, methods, classes, or small modules in isolation. Focus on business logic, algorithms, and transformation rules.}
- **Location:** {e.g., `*.test.ts`/`*.spec.ts` co-located with source files; `test_*.py` in a parallel `tests/` directory, following language conventions.}
- **Mocking/Stubbing:** {Specify chosen mocking library (e.g., Jest mocks, `unittest.mock` in Python, Mockito for Java). Mock all external dependencies (network calls, file system, databases, time).}
- **AI Agent Responsibility:** {AI Agent must generate unit tests covering all public methods, significant logic paths, edge cases, and error conditions for any new or modified code.}
- **Integration Tests:**
- **Scope:** {Test the interaction between several components or services within the application boundary. E.g., API endpoint to service layer to database (using a test database or in-memory version).}
- **Location:** {e.g., `/tests/integration` or `/src/integration-test` (Java).}
- **Environment:** {Specify how dependencies are handled (e.g., Testcontainers for databases/external services, in-memory databases, dedicated test environment).}
- **AI Agent Responsibility:** {AI Agent may be tasked with generating integration tests for key service interactions or API endpoints based on specifications.}
- **End-to-End (E2E) Tests:**
- **Scope:** {Validate complete user flows or critical paths through the system from the user's perspective (e.g., UI interaction, API call sequence).}
- **Tools:** {Reiterate E2E testing tools from Tech Stack (e.g., Playwright, Cypress, Selenium).}
- **AI Agent Responsibility:** {AI Agent may be tasked with generating E2E test stubs or scripts based on user stories or BDD scenarios. Focus on critical happy paths and key error scenarios.}
- **Test Coverage:**
- **Target:** {Specify target code coverage if any (e.g., 80% line/branch coverage for unit tests). This is a guideline; quality of tests is paramount over raw coverage numbers.}
- **Measurement:** {Tool used for coverage reports (e.g., Istanbul/nyc, Coverage.py, JaCoCo).}
- **Mocking/Stubbing Strategy (General):** {Beyond specific test types, outline general principles. e.g., "Prefer fakes or test doubles over extensive mocking where it improves test clarity and maintainability. Strive for tests that are fast, reliable, and isolated."}
- **Test Data Management:** {How is test data created, managed, and isolated? E.g., factories, fixtures, setup/teardown scripts, dedicated test data generation tools.}
## Security Best Practices
{Outline key security considerations relevant to the codebase. These are mandatory and must be actively addressed by the AI agent during development.}
- **Input Sanitization/Validation:** {Specify library/method for ALL external inputs (API requests, user-provided data, file uploads). E.g., 'Use class-validator with NestJS DTOs for all API inputs; all validation rules must be defined in DTOs.' For other languages, 'Use {validation_library} for all external inputs; define schemas and constraints.' Validation must occur at the boundary before processing.}
- **Output Encoding:** {Specify where and how output encoding should be performed to prevent XSS and other injection attacks. E.g., 'All dynamic data rendered in HTML templates must be contextually auto-escaped by the template engine (specify engine and confirm default behavior). If generating HTML/XML/JSON manually, use approved encoding libraries like {encoder_library_name}.'}
- **Secrets Management:** {Reference `docs/environment-vars.md` regarding storage for different environments. In code, access secrets _only_ through a designated configuration module/service. Never hardcode secrets, include them in source control, or log them. Use specific tools for local development if applicable (e.g., Doppler, .env files NOT committed).}
- **Dependency Security:** {Policy on checking for vulnerable dependencies. E.g., 'Run automated vulnerability scans (e.g., `npm audit`, `pip-audit`, Snyk, Dependabot alerts) as part of CI. Update vulnerable dependencies promptly based on severity.' Policy on adding new dependencies (vetting process).}
- **Authentication/Authorization Checks:** {Where and how should these be enforced? E.g., 'All API endpoints (except explicitly public ones) must enforce authentication using the central auth module/middleware. Authorization (permission/role checks) must be performed at the service layer or entry point for protected resources.' Define patterns for implementing these checks.}
- **Principle of Least Privilege (Implementation):** {e.g., 'Database connection users must have only the necessary permissions (SELECT, INSERT, UPDATE, DELETE) for the specific tables/schemas they access. IAM roles for cloud services must be narrowly scoped to the required actions and resources.'}
- **API Security (General):** {e.g., 'Enforce HTTPS. Implement rate limiting and throttling (specify tool/method). Use standard HTTP security headers (CSP, HSTS, X-Frame-Options, etc. - specify which ones and their configuration). Follow REST/GraphQL security best practices.'}
- **Error Handling & Information Disclosure:** {Ensure error messages do not leak sensitive information (stack traces, internal paths, detailed SQL errors) to the end-user. Log detailed errors server-side, provide generic messages or error IDs to the client.}
- **Regular Security Audits/Testing:** {Mention if planned, e.g., penetration testing, static/dynamic analysis tool usage in CI (SAST/DAST).}
- **{Other relevant practices, e.g., File upload security, Session management security, Data encryption at rest and in transit beyond HTTPS if specific requirements exist.}**
## Key Reference Documents
{ if any }
## Change Log
| Change | Date | Version | Description | Author |
| ------ | ---- | ------- | ----------- | ------ |
--- Below, Prompt for Design Architect (If Project has UI) To Produce Front End Architecture ----

378
BETA-V3/templates/front-end-architecture-tmpl.txt
View File

@@ -30,134 +30,136 @@
- [End-to-End UI Testing Tools & Scope](#end-to-end-ui-testing-tools--scope)
- [Accessibility (AX) Implementation Details](#accessibility-ax-implementation-details)
- [Performance Considerations](#performance-considerations)
- [Internationalization (i18n) and Localization (l10n) Strategy](#internationalization-i18n-and-localization-l10n-strategy)
- [Feature Flag Management](#feature-flag-management)
- [Frontend Security Considerations](#frontend-security-considerations)
- [Browser Support and Progressive Enhancement](#browser-support-and-progressive-enhancement)
- [Change Log](#change-log)
## Introduction
{ This document details the technical architecture specifically for the frontend of {Project Name}. It complements the main {Project Name} Architecture Document and the UI/UX Specification. The goal is to provide a clear blueprint for frontend development, ensuring consistency, maintainability, and alignment with the overall system design and user experience goals. }
{ This document details the technical architecture specifically for the frontend of {Project Name}. It complements the main {Project Name} Architecture Document and the UI/UX Specification. This document details the frontend architecture and **builds upon the foundational decisions** (e.g., overall tech stack, CI/CD, primary testing tools) defined in the main {Project Name} Architecture Document (`docs/architecture.md` or linked equivalent). **Frontend-specific elaborations or deviations from general patterns must be explicitly noted here.** The goal is to provide a clear blueprint for frontend development, ensuring consistency, maintainability, and alignment with the overall system design and user experience goals. }
- **Link to Main Architecture Document:** {e.g., `docs/architecture.md`} (Note: The overall system architecture, including Monorepo/Polyrepo decisions and backend structure, will influence frontend choices, especially around shared code or API interaction patterns.)
- **Link to UI/UX Specification:** {e.g., `docs/front-end-spec.md`}
- **Link to Primary Design Files (Figma, Sketch, etc.):** {From UI/UX Spec}
- **Link to Main Architecture Document (REQUIRED):** {e.g., `docs/architecture.md`}
- **Link to UI/UX Specification (REQUIRED if exists):** {e.g., `docs/front-end-spec.md`}
- **Link to Primary Design Files (Figma, Sketch, etc.) (REQUIRED if exists):** {From UI/UX Spec}
- **Link to Deployed Storybook / Component Showcase (if applicable):** {URL}
## Overall Frontend Philosophy & Patterns
{ Describe the core architectural decisions and patterns chosen for the frontend. This should align with the "Definitive Tech Stack Selections" in the main architecture document and consider implications from the overall system architecture (e.g., monorepo vs. polyrepo, backend service structure). }
- **Framework & Core Libraries:** {e.g., React 18.x with Next.js 13.x, Angular 16.x, Vue 3.x with Nuxt.js. Briefly reiterate why these were chosen if not detailed enough in the main arch doc.}
- **Component Architecture:** {e.g., Atomic Design principles, Presentational vs. Container components, use of specific component libraries like Material UI, Tailwind CSS for styling approach.}
- **State Management Strategy:** {e.g., Redux Toolkit, Zustand, Vuex, NgRx. Briefly describe the overall approach global store, feature stores, context API usage. More details in "State Management In-Depth" section.}
- **Data Flow:** {e.g., Unidirectional data flow, how data is fetched, passed to components, and updated.}
- **Styling Approach:** {e.g., CSS Modules, Styled Components, SCSS with BEM, Tailwind CSS. Link to configuration if applicable.}
- **Key Design Patterns Used:** {e.g., Provider pattern, Hooks, Higher-Order Components, Service patterns for API calls.}
- **Framework & Core Libraries:** {e.g., React 18.x with Next.js 13.x, Angular 16.x, Vue 3.x with Nuxt.js}. **These are derived from the 'Definitive Tech Stack Selections' in the main Architecture Document.** This section elaborates on *how* these choices are applied specifically to the frontend.
- **Component Architecture:** {e.g., Atomic Design principles, Presentational vs. Container components, use of specific component libraries like Material UI, Tailwind CSS for styling approach. Specify chosen approach and any key libraries.}
- **State Management Strategy:** {e.g., Redux Toolkit, Zustand, Vuex, NgRx. Briefly describe the overall approach global store, feature stores, context API usage. **Referenced from main Architecture Document and detailed further in "State Management In-Depth" section.**}
- **Data Flow:** {e.g., Unidirectional data flow (Flux/Redux pattern), React Query/SWR for server state. Describe how data is fetched, cached, passed to components, and updated.}
- **Styling Approach:** **{Chosen Styling Solution, e.g., Tailwind CSS / CSS Modules / Styled Components}**. Configuration File(s): {e.g., `tailwind.config.js`, `postcss.config.js`}. Key conventions: {e.g., "Utility-first approach for Tailwind. Custom components defined in `src/styles/components.css`. Theme extensions in `tailwind.config.js` under `theme.extend`. For CSS Modules, files are co-located with components, e.g., `MyComponent.module.css`.}
- **Key Design Patterns Used:** {e.g., Provider pattern, Hooks, Higher-Order Components, Service patterns for API calls, Container/Presentational. These patterns are to be consistently applied. Deviations require justification and documentation.}
## Detailed Frontend Directory Structure
{ Provide an ASCII diagram representing the frontend application\'s specific folder structure (e.g., within `src/` or `app/`). This should elaborate on the frontend part of the main project structure outlined in the architecture document. Highlight conventions for organizing components, pages/views, services, state, styles, assets, etc. }
{ Provide an ASCII diagram representing the frontend application\'s specific folder structure (e.g., within `src/` or `app/` or a dedicated `frontend/` root directory if part of a monorepo). This should elaborate on the frontend part of the main project structure outlined in the architecture document. Highlight conventions for organizing components, pages/views, services, state, styles, assets, etc. For each key directory, provide a one-sentence mandatory description of its purpose.}
### EXAMPLE - Not Prescriptive (for a React/Next.js app)
```plaintext
src/
├── app/ # Next.js App Router: Pages/Layouts/Routes
│ ├── (features)/ # Feature-based routing groups
├── app/ # Next.js App Router: Pages/Layouts/Routes. MUST contain route segments, layouts, and page components.
│ ├── (features)/ # Feature-based routing groups. MUST group related routes for a specific feature.
│ │ └── dashboard/
│ │ ├── layout.tsx
│ │ └── page.tsx
│ ├── api/ # API Routes (if using Next.js backend features)
│ ├── globals.css
│ └── layout.tsx # Root layout
├── components/ # Shared/Reusable UI Components
│ ├── ui/ # Base UI elements (Button, Input, Card - often from a library)
│ │ ├── layout.tsx # Layout specific to the dashboard feature routes.
│ │ └── page.tsx # Entry page component for a dashboard route.
│ ├── api/ # API Routes (if using Next.js backend features). MUST contain backend handlers for client-side calls.
│ ├── globals.css # Global styles. MUST contain base styles, CSS variable definitions, Tailwind base/components/utilities.
│ └── layout.tsx # Root layout for the entire application.
├── components/ # Shared/Reusable UI Components.
│ ├── ui/ # Base UI elements (Button, Input, Card). MUST contain only generic, reusable, presentational UI elements, often mapped from a design system. MUST NOT contain business logic.
│ │ ├── Button.tsx
│ │ └── ...
│ ├── layout/ # Layout components (Header, Footer, Sidebar)
│ ├── layout/ # Layout components (Header, Footer, Sidebar). MUST contain components structuring page layouts, not specific page content.
│ │ ├── Header.tsx
│ │ └── ...
│ └── (feature-specific)/ # Components specific to a feature but potentially reusable within it
│ └── (feature-specific)/ # Components specific to a feature but potentially reusable within it. This is an alternative to co-locating within features/ directory.
│ └── user-profile/
│ └── ProfileCard.tsx
├── features/ # Feature-specific logic, hooks, non-global state, services
├── features/ # Feature-specific logic, hooks, non-global state, services, and components solely used by that feature.
│ └── auth/
│ ├── components/ # Components used only by the auth feature
│ ├── hooks/ # Feature-specific hooks
│ ├── services/ # Feature-specific API interactions
│ └── store.ts # Feature-specific state slice (if applicable)
├── hooks/ # Global/sharable custom hooks
│ ├── components/ # Components used exclusively by the auth feature. MUST NOT be imported by other features.
│ ├── hooks/ # Custom React Hooks specific to the 'auth' feature. Hooks reusable across features belong in `src/hooks/`.
│ ├── services/ # Feature-specific API interactions or orchestrations for the 'auth' feature.
│ └── store.ts # Feature-specific state slice (e.g., Redux slice) if not part of a global store or if local state is complex.
├── hooks/ # Global/sharable custom React Hooks. MUST be generic and usable by multiple features/components.
│ └── useAuth.ts
├── lib/ # Utility functions, helpers, constants
├── lib/ / utils/ # Utility functions, helpers, constants. MUST contain pure functions and constants, no side effects or framework-specific code unless clearly named (e.g., `react-helpers.ts`).
│ └── utils.ts
├── services/ # Global API service clients or SDK configurations
├── services/ # Global API service clients or SDK configurations. MUST define base API client instances and core data fetching/mutation services.
│ └── apiClient.ts
├── store/ # Global state management (e.g., Redux store setup)
│ ├── index.ts
│ ├── rootReducer.ts
│ └── (slices)/
├── styles/ # Global styles, theme configurations (if not using `globals.css` or similar)
└── types/ # Global TypeScript type definitions
├── store/ # Global state management setup (e.g., Redux store, Zustand store).
│ ├── index.ts # Main store configuration and export.
│ ├── rootReducer.ts # Root reducer if using Redux.
│ └── (slices)/ # Directory for global state slices (if not co-located in features).
├── styles/ # Global styles, theme configurations (if not using `globals.css` or similar, or for specific styling systems like SCSS partials).
└── types/ # Global TypeScript type definitions/interfaces. MUST contain types shared across multiple features/modules.
└── index.ts
```
### Notes on Frontend Structure:
{ Explain any specific conventions or rationale behind the structure. For example, "Components are co-located with their feature if not globally reusable." }
{ Explain any specific conventions or rationale behind the structure. e.g., "Components are co-located with their feature if not globally reusable to improve modularity." AI Agent MUST adhere to this defined structure strictly. New files MUST be placed in the appropriate directory based on these descriptions. }
## Component Breakdown & Implementation Details
{ This section outlines the conventions and templates for defining UI components. While a few globally shared or foundational components (e.g., core UI elements if not from a library, main layout structures) might be specified here upfront to ensure consistency, the detailed specification for most feature-specific components will emerge as user stories are implemented. The key is for the development team (or AI agent) to follow the "Template for Component Specification" below whenever a new component is identified for development. }
{ This section outlines the conventions and templates for defining UI components. Detailed specification for most feature-specific components will emerge as user stories are implemented. The AI agent MUST follow the "Template for Component Specification" below whenever a new component is identified for development. }
### Component Naming & Organization
{ Briefly describe conventions for naming components (e.g., PascalCase, `feature-ComponentName.tsx`). How are components organized on the filesystem (reiterate from directory structure if needed)? Are components grouped by feature, type (UI, layout), etc.? }
- **Component Naming Convention:** **{e.g., PascalCase for files and component names: `UserProfileCard.tsx`}**. All component files MUST follow this convention.
- **Organization:** {e.g., "Globally reusable components in `src/components/ui/` or `src/components/layout/`. Feature-specific components co-located within their feature directory, e.g., `src/features/feature-name/components/`. Refer to Detailed Frontend Directory Structure.}
### Template for Component Specification
{ For each significant UI component identified from the UI/UX Specification and design files (Figma), provide the following details. Repeat this subsection for each component. The level of detail should be sufficient for an AI agent or developer to implement it with minimal ambiguity. }
{ For each significant UI component identified from the UI/UX Specification and design files (Figma), the following details MUST be provided. Repeat this subsection for each component. The level of detail MUST be sufficient for an AI agent or developer to implement it with minimal ambiguity. }
#### Component: `{ComponentName}` (e.g., `UserProfileCard`, `ProductDetailsView`)
- **Purpose:** {Briefly describe what this component does and its role in the UI.}
- **Source File(s):** {e.g., `src/components/user-profile/UserProfileCard.tsx`}
- **Visual Reference:** {Link to specific Figma frame/component, or Storybook page.}
- **Purpose:** {Briefly describe what this component does and its role in the UI. MUST be clear and concise.}
- **Source File(s):** {e.g., `src/components/user-profile/UserProfileCard.tsx`. MUST be the exact path.}
- **Visual Reference:** {Link to specific Figma frame/component, or Storybook page. REQUIRED.}
- **Props (Properties):**
{ List each prop the component accepts. }
| Prop Name | Type | Required? | Default Value | Description |
| :-------------- | :--------------------------- | :-------- | :------------ | :---------------------------------------------- |
| `userId` | `string` | Yes | N/A | The ID of the user to display. |
| `avatarUrl` | `string` | No | `null` | URL for the user\'s avatar image. |
| `onEdit` | `() => void` | No | N/A | Callback function when an edit action is triggered. |
| `variant` | `\'compact\' \| \'full\'` | No | `\'full\'` | Controls the display mode of the card. |
| `{anotherProp}` | `{type (e.g., number, boolean, customType)}` | {Yes/No} | {If any} | {Description} |
{ List each prop the component accepts. For each prop, all columns in the table MUST be filled. }
| Prop Name | Type | Required? | Default Value | Description |
| :-------------- | :---------------------------------------- | :-------- | :------------ | :--------------------------------------------------------------------------------------------------------- |
| `userId` | `string` | Yes | N/A | The ID of the user to display. MUST be a valid UUID. |
| `avatarUrl` | `string \| null` | No | `null` | URL for the user\'s avatar image. MUST be a valid HTTPS URL if provided. |
| `onEdit` | `() => void` | No | N/A | Callback function when an edit action is triggered. |
| `variant` | `\'compact\' \| \'full\'` | No | `\'full\'` | Controls the display mode of the card. |
| `{anotherProp}` | `{Specific primitive, imported type, or inline interface/type definition}` | {Yes/No} | {If any} | {MUST clearly state the prop\'s purpose and any constraints, e.g., \'Must be a positive integer.\'} |
- **Internal State (if any):**
{ Describe any significant internal state the component manages. Minor UI state (e.g., `isDropdownOpen`) might not need explicit listing unless complex. }
| State Variable | Type | Initial Value | Description |
| :-------------- | :--------- | :------------ | :-------------------------------------------- |
| `isLoading` | `boolean` | `false` | Tracks if data for the component is loading. |
| `{anotherState}`| `{type}` | `{value}` | {Description} |
{ Describe any significant internal state the component manages. Only list state that is *not* derived from props or global state. If state is complex, consider if it should be managed by a custom hook or global state solution instead. }
| State Variable | Type | Initial Value | Description |
| :-------------- | :-------- | :------------ | :----------------------------------------------------------------------------- |
| `isLoading` | `boolean` | `false` | Tracks if data for the component is loading. |
| `{anotherState}`| `{type}` | `{value}` | {Description of state variable and its purpose.} |
- **Key UI Elements / Structure:**
{ Describe the main visual parts of the component and their general layout. This can be a brief textual description or a very simple pseudo-HTML structure. }
{ Provide a pseudo-HTML or JSX-like structure representing the component\'s DOM. Include key conditional rendering logic if applicable. **This structure dictates the primary output for the AI agent.** }
```html
<div> <!-- Main card container -->
<img> <!-- Avatar -->
<h2> <!-- User Name -->
<p> <!-- User Email -->
<button> <!-- Edit Button (if applicable) -->
<div> <!-- Main card container with specific class e.g., styles.cardFull or styles.cardCompact based on variant prop -->
<img src="{avatarUrl || defaultAvatar}" alt="User Avatar" class="{styles.avatar}" />
<h2>{userName}</h2>
<p class="{variant === 'full' ? styles.emailFull : styles.emailCompact}">{userEmail}</p>
{variant === 'full' && onEdit && <button onClick={onEdit} class="{styles.editButton}">Edit</button>}
</div>
```
- **Events Handled / Emitted:**
- **Handles:** {e.g., `onClick` on the edit button.}
- **Emits:** {If the component emits custom events, describe them. e.g., `onFollow: (userId: string) => void`}
- **Handles:** {e.g., `onClick` on the edit button (triggers `onEdit` prop).}
- **Emits:** {If the component emits custom events/callbacks not covered by props, describe them with their exact signature. e.g., `onFollow: (payload: { userId: string; followed: boolean }) => void`}
- **Actions Triggered (Side Effects):**
- **State Management:** {e.g., "Dispatches `fetchUserDetails(userId)` action on mount." "Calls `userSlice.actions.setUserName(newName)`."}
- **API Calls:** {Specify which service/function from the "API Interaction Layer" is called. e.g., "Calls `userService.fetchUser(userId)`." What data is passed? How is the response (success/error) handled? How does it update internal state or global state?}
- **State Management:** {e.g., "Dispatches `userSlice.actions.setUserName(newName)` from `src/store/slices/userSlice.ts`. Action payload MUST match the defined action creator." OR "Calls `updateUserProfileOptimistic(newData)` from a local `useReducer` hook."}
- **API Calls:** {Specify which service/function from the "API Interaction Layer" is called. e.g., "Calls `userService.fetchUser(userId)` from `src/services/userService.ts` on mount. Request payload: `{ userId }`. Success response populates internal state `userData`. Error response dispatches `uiSlice.actions.showErrorToast({ message: 'Failed to load user details' })`.}
- **Styling Notes:**
- {Reference to Design System components used (e.g., "Uses `<Button variant=\'primary\'>` from UI library").}
- {Key CSS classes to be applied (if using traditional CSS/SCSS/Tailwind directly).}
- {Specific responsiveness behavior if not covered globally.}
- {MUST reference specific Design System component names (e.g., "Uses `<Button variant='primary'>` from UI library") OR specify Tailwind CSS classes / CSS module class names to be applied (e.g., "Container uses `p-4 bg-white rounded-lg shadow-md`. Title uses `text-xl font-semibold`.") OR specify SCSS custom component classes to be applied (e.g., "Container uses `@apply p-4 bg-white rounded-lg shadow-md`. Title uses `@apply text-xl font-semibold`."). Any dynamic styling logic based on props or state MUST be described. If Tailwind CSS is used, list primary utility classes or `@apply` directives for custom component classes. AI Agent should prioritize direct utility class usage for simple cases and propose reusable component classes/React components for complex styling patterns.}
- **Accessibility Notes:**
- {Specific ARIA attributes needed (e.g., `aria-label`, `role`).}
- {Keyboard navigation considerations for this component.}
- {MUST list specific ARIA attributes and their values (e.g., `aria-label="User profile card"`, `role="article"`), required keyboard navigation behavior (e.g., "Tab navigates to avatar, name, email, then edit button. Edit button is focusable and activated by Enter/Space."), and any focus management requirements (e.g., "If this component opens a modal, focus MUST be trapped inside. On modal close, focus returns to the trigger element.").}
---
@@ -167,108 +169,113 @@ _Repeat the above template for each significant component._
## State Management In-Depth
{ This section expands on the State Management strategy chosen and outlined in the main architecture document and the "Overall Frontend Philosophy". It defines the conventions for how state modules should be structured and implemented. While the overall approach and core store setup (if any) are defined here, detailed state slices, selectors, and actions/thunks for specific features will generally be developed emergently as those features are built, adhering to these established patterns. }
{ This section expands on the State Management strategy. **Refer to the main Architecture Document for the definitive choice of state management solution.** }
- **Chosen Solution:** {e.g., Redux Toolkit, Zustand, Vuex, NgRx - reiterate from main arch doc.}
- **Rationale (briefly, if not fully covered in main arch doc):** {Why was this solution chosen over alternatives for this specific project?}
- **Chosen Solution:** {e.g., Redux Toolkit, Zustand, Vuex, NgRx - As defined in main arch doc.}
- **Decision Guide for State Location:**
- **Global State (e.g., Redux/Zustand):** Data shared across many unrelated components; data persisting across routes; complex state logic managed via reducers/thunks. **MUST be used for session data, user preferences, application-wide notifications.**
- **React Context API:** State primarily passed down a specific component subtree (e.g., theme, form context). Simpler state, fewer updates compared to global state. **MUST be used for localized state not suitable for prop drilling but not needed globally.**
- **Local Component State (`useState`, `useReducer`):** UI-specific state, not needed outside the component or its direct children (e.g., form input values, dropdown open/close status). **MUST be the default choice unless criteria for Context or Global State are met.**
### Store Structure / Slices
{ Describe the conventions for organizing the global state (e.g., "Each major feature requiring global state will have its own Redux slice located in `src/features/[featureName]/store.ts`"). A few core, application-wide slices (e.g., for session management, theme) might be defined upfront as examples or foundational pieces. }
{ Describe the conventions for organizing the global state (e.g., "Each major feature requiring global state will have its own Redux slice located in `src/features/[featureName]/store.ts`"). }
- **Core Slice Example (e.g., `sessionSlice`):**
- **Core Slice Example (e.g., `sessionSlice` in `src/store/slices/sessionSlice.ts`):**
- **Purpose:** {Manages user session, authentication status, and basic user profile info accessible globally.}
- **State Shape:**
- **State Shape (Interface/Type):**
```typescript
interface SessionState {
currentUser: {
id: string;
name: string;
email: string;
roles: string[];
} | null;
currentUser: { id: string; name: string; email: string; roles: string[]; } | null;
isAuthenticated: boolean;
token: string | null;
status: "idle" | "loading" | "succeeded" | "failed";
error: string | null;
}
```
- **Key Reducers/Actions:** {Briefly list main actions, e.g., `setSession`, `clearSession`, `authLoading`, `authSuccess`, `authFailure`.}
- **Feature Slice Template (e.g., `{featureName}Slice`):**
- **Key Reducers/Actions (within `createSlice`):** {Briefly list main synchronous actions, e.g., `setCurrentUser`, `clearSession`, `setAuthStatus`, `setAuthError`.}
- **Async Thunks (if any):** {List key async thunks, e.g., `loginUserThunk`, `fetchUserProfileThunk`.}
- **Selectors (memoized with `createSelector`):** {List key selectors, e.g., `selectCurrentUser`, `selectIsAuthenticated`.}
- **Feature Slice Template (e.g., `{featureName}Slice` in `src/features/{featureName}/store.ts`):**
- **Purpose:** {To be filled out when a new feature requires its own state slice.}
- **State Shape:** {To be defined by the feature.}
- **Key Reducers/Actions:** {To be defined by the feature.}
- **State Shape (Interface/Type):** {To be defined by the feature.}
- **Key Reducers/Actions (within `createSlice`):** {To be defined by the feature.}
- **Async Thunks (if any, defined using `createAsyncThunk`):** {To be defined by the feature.}
- **Selectors (memoized with `createSelector`):** {To be defined by the feature.}
- **Export:** {All actions and selectors MUST be exported.}
### Key Selectors
{ List important selectors for any core, upfront slices. For emergent feature slices, selectors will be defined with the slice. Conventions for creating selectors should be noted (e.g., use `createSelector` for memoization). }
{ List important selectors for any core, upfront slices. For emergent feature slices, selectors will be defined with the slice. **ALL selectors deriving data or combining multiple state pieces MUST use `createSelector` from Reselect (or equivalent for other state libraries) for memoization.** }
- **`selectCurrentUser`:** {Returns the `currentUser` object from `sessionSlice`.}
- **`selectIsAuthenticated`:** {Returns `isAuthenticated` boolean from `sessionSlice`.}
- **`selectAuthToken`:** {Returns the `token` from `sessionSlice`.}
- **`selectCurrentUser` (from `sessionSlice`):** {Returns the `currentUser` object.}
- **`selectIsAuthenticated` (from `sessionSlice`):** {Returns `isAuthenticated` boolean.}
- **`selectAuthToken` (from `sessionSlice`):** {Returns the `token` from `sessionSlice`.}
### Key Actions / Reducers / Thunks
{ Detail more complex actions for core, upfront slices, especially asynchronous thunks or sagas. For emergent feature slices, these will be defined with the slice, following these patterns. }
{ Detail more complex actions for core, upfront slices, especially asynchronous thunks or sagas. Each thunk MUST clearly define its purpose, parameters, API calls made (referencing the API Interaction Layer), and how it updates the state on pending, fulfilled, and rejected states. }
- **Core Action/Thunk Example: `authenticateUser(credentials: AuthCredentials)`**
- **Core Action/Thunk Example: `authenticateUser(credentials: AuthCredentials)` (in `sessionSlice.ts`):**
- **Purpose:** {Handles user login by calling the auth API and updating the `sessionSlice`.}
- **Dispatch Flow:**
1. Dispatches `sessionSlice.actions.setStatus('loading')`.
2. Calls `authService.login(credentials)` (from API Interaction Layer).
3. On success: Dispatches `sessionSlice.actions.setSession(response.data)` (which includes user and token) and `sessionSlice.actions.setStatus('succeeded')`.
4. On error: Dispatches `sessionSlice.actions.setError(error.message)` and `sessionSlice.actions.setStatus('failed')`.
- **Feature Action/Thunk Template: `{featureActionName}`**
- **Parameters:** `credentials: { email: string; password: string }`
- **Dispatch Flow (using Redux Toolkit `createAsyncThunk`):**
1. On `pending`: Dispatches `sessionSlice.actions.setAuthStatus('loading')`.
2. Calls `authService.login(credentials)` (from `src/services/authService.ts`).
3. On `fulfilled` (success): Dispatches `sessionSlice.actions.setCurrentUser(response.data.user)`, `sessionSlice.actions.setToken(response.data.token)`, `sessionSlice.actions.setAuthStatus('succeeded')`.
4. On `rejected` (error): Dispatches `sessionSlice.actions.setAuthError(error.message)`, `sessionSlice.actions.setAuthStatus('failed')`.
- **Feature Action/Thunk Template: `{featureActionName}` (in `{featureName}Slice.ts`):**
- **Purpose:** {To be filled out for feature-specific async operations.}
- **Dispatch Flow:** {To be defined by the feature, following similar patterns.}
- **Parameters:** {Define specific parameters with types.}
- **Dispatch Flow (using `createAsyncThunk`):** {To be defined by the feature, following similar patterns for pending, fulfilled, rejected states, including API calls and state updates.}
## API Interaction Layer
{ Describe how the frontend communicates with the backend APIs defined in the main Architecture Document. The focus here is on establishing the foundational client setup and patterns for creating service abstractions. Specific service functions will often emerge as features are developed. }
{ Describe how the frontend communicates with the backend APIs defined in the main Architecture Document. }
### Client/Service Structure
- **HTTP Client Setup:** {e.g., Axios instance, Fetch wrapper. Base URL configuration, default headers (e.g., for Authorization from state), interceptors for request/response handling (e.g., error normalization, token refresh).}
- **HTTP Client Setup:** {e.g., Axios instance in `src/services/apiClient.ts`. **MUST** include: Base URL (from environment variable `NEXT_PUBLIC_API_URL` or equivalent), default headers (e.g., `Content-Type: 'application/json'`), interceptors for automatic auth token injection (from state management, e.g., `sessionSlice.token`) and standardized error handling/normalization (see below).}
- **Service Definitions (Example):**
- **`userService.ts`:**
- **`userService.ts` (in `src/services/userService.ts`):**
- **Purpose:** {Handles all API interactions related to users.}
- **Functions:**
- **Functions:** Each service function MUST have explicit parameter types, a return type (e.g., `Promise<User>`), JSDoc/TSDoc explaining purpose, params, return value, and any specific error handling. It MUST call the configured HTTP client (`apiClient`) with correct endpoint, method, and payload.
- `fetchUser(userId: string): Promise<User>`
- `updateUserProfile(userId: string, data: UserProfileUpdateDto): Promise<User>`
- **`productService.ts`:**
- **`productService.ts` (in `src/services/productService.ts`):**
- **Purpose:** {...}
- **Functions:** {...}
### Error Handling & Retries (Frontend)
- **Global Error Handling:** {How are API errors caught and presented to the user globally (e.g., toast notifications)? Is there a global error state?}
- **Specific Error Handling:** {How might components handle specific API errors for more contextual feedback?}
- **Retry Logic:** {Is there any client-side retry logic for idempotent requests? If so, how is it configured?}
- **Global Error Handling:** {How are API errors caught globally? (e.g., Via Axios response interceptor in `apiClient.ts`). How are they presented/logged? (e.g., Dispatches `uiSlice.actions.showGlobalErrorBanner({ message: error.message })`, logs detailed error to console/monitoring service). Is there a global error state? (e.g., `uiSlice.error`).}
- **Specific Error Handling:** {Components MAY handle specific API errors locally for more contextual feedback (e.g., displaying an inline message on a form field: "Invalid email address"). This MUST be documented in the component's specification if it deviates from global handling.}
- **Retry Logic:** {Is client-side retry logic implemented (e.g., using `axios-retry` with `apiClient`)? If so, specify configuration: max retries (e.g., 3), retry conditions (e.g., network errors, 5xx server errors), retry delay (e.g., exponential backoff). **MUST apply only to idempotent requests (GET, PUT, DELETE).**}
## Routing Strategy
{ Detail how navigation and routing are handled in the frontend application. }
- **Routing Library:** {e.g., React Router, Next.js App Router, Vue Router, Angular Router.}
- **Routing Library:** {e.g., React Router, Next.js App Router, Vue Router, Angular Router. As per main Architecture Document.}
### Route Definitions
{ List the main routes of the application and the primary component rendered for each. }
{ List the main routes of the application and the primary component/page rendered for each. }
| Path Pattern | Component/Page | Protection | Notes |
| :--------------------- | :---------------------------- | :------------ | :---------------------------------- |
| `/` | `HomePage.tsx` | Public | |
| `/login` | `LoginPage.tsx` | Public | Redirects if already authenticated. |
| `/dashboard` | `DashboardPage.tsx` | Authenticated | |
| `/products` | `ProductListPage.tsx` | Public | |
| `/products/:productId` | `ProductDetailsPage.tsx` | Public | |
| `/settings/profile` | `UserProfileSettingsPage.tsx` | Authenticated | |
| `{anotherRoute}` | `{Component}` | {Type} | {Notes} |
| Path Pattern | Component/Page (`src/app/...` or `src/pages/...`) | Protection | Notes |
| :--------------------- | :-------------------------------------------------- | :------------------------------ | :---------------------------------------------------- |
| `/` | `app/page.tsx` or `pages/HomePage.tsx` | `Public` | |
| `/login` | `app/login/page.tsx` or `pages/LoginPage.tsx` | `Public` (redirect if auth) | Redirects to `/dashboard` if already authenticated. |
| `/dashboard` | `app/dashboard/page.tsx` or `pages/DashboardPage.tsx` | `Authenticated` | |
| `/products` | `app/products/page.tsx` | `Public` | |
| `/products/:productId` | `app/products/[productId]/page.tsx` | `Public` | Parameter: `productId` (string) |
| `/settings/profile` | `app/settings/profile/page.tsx` | `Authenticated`, `Role:[USER]` | Example of role-based protection. |
| `{anotherRoute}` | `{ComponentPath}` | `{Public/Authenticated/Role:[ROLE_NAME]}` | {Notes, parameter names and types} |
### Route Guards / Protection
- **Authentication Guard:** {Describe how routes are protected based on authentication status. e.g., A Higher-Order Component, a specific router hook.}
- **Authorization Guard (if applicable):** {Describe how routes might be protected based on user roles or permissions.}
- **Authentication Guard:** {Describe how routes are protected based on authentication status. **Specify the exact HOC, hook, layout, or middleware mechanism and its location** (e.g., `src/guards/AuthGuard.tsx`, or Next.js middleware in `middleware.ts`). Logic MUST use authentication state from the `sessionSlice` (or equivalent). Unauthenticated users attempting to access protected routes MUST be redirected to `/login` (or specified login path).}
- **Authorization Guard (if applicable):** {Describe how routes might be protected based on user roles or permissions. **Specify the exact mechanism**, similar to Auth Guard. Unauthorized users (authenticated but lacking permissions) MUST be shown a "Forbidden" page or redirected to a safe page.}
## Build, Bundling, and Deployment
@@ -276,68 +283,145 @@ _Repeat the above template for each significant component._
### Build Process & Scripts
- **Key Build Scripts:** {e.g., `npm run build`, `yarn build`. What do they do? Point to `package.json` scripts.}
- **Environment Variables Handling during Build:** {How are `process.env` variables (e.g., `NEXT_PUBLIC_API_URL`) managed for different environments (dev, staging, prod)?}
- **Key Build Scripts (from `package.json`):** {e.g., `"build": "next build"`. What do they do? Point to `package.json` scripts. `"dev": "next dev"`, `"start": "next start"`.}. **AI Agent MUST NOT generate code that hardcodes environment-specific values. All such values MUST be accessed via the defined environment configuration mechanism.** Specify the exact files and access method.
- **Environment Configuration Management:** {How are `process.env.NEXT_PUBLIC_API_URL` (or equivalent like `import.meta.env.VITE_API_URL`) managed for different environments (dev, staging, prod)? (e.g., `.env`, `.env.development`, `.env.production` files for Next.js/Vite; build-time injection via CI variables). Specify the exact files and access method.}
### Key Bundling Optimizations
- **Code Splitting:** {How is it implemented? e.g., Route-based, component-based using dynamic imports.}
- **Tree Shaking:** {Ensured by build tools?}
- **Lazy Loading:** {Strategy for lazy loading components, images, or routes.}
- **Minification & Compression:** {Handled by build tools (e.g., Webpack, Vite, Next.js build)?}
- **Code Splitting:** {How is it implemented/ensured? (e.g., "Next.js/Vite handles route-based code splitting automatically. For component-level code splitting, dynamic imports `React.lazy(() => import('./MyComponent'))` or `import('./heavy-module')` MUST be used for non-critical large components/libraries.")}
- **Tree Shaking:** {How is it implemented/ensured? (e.g., "Ensured by modern build tools like Webpack/Rollup (used by Next.js/Vite) when using ES Modules. Avoid side-effectful imports in shared libraries.")}
- **Lazy Loading (Components, Images, etc.):** {Strategy for lazy loading. (e.g., "Components: `React.lazy` with `Suspense`. Images: Use framework-specific Image component like `next/image` which handles lazy loading by default, or `loading='lazy'` attribute for standard `<img>` tags.")}
- **Minification & Compression:** {Handled by build tools (e.g., Webpack/Terser, Vite/esbuild)? Specify if any specific configuration is needed. Compression (e.g., Gzip, Brotli) is typically handled by the hosting platform/CDN.}
### Deployment to CDN/Hosting
- **Target Platform:** {e.g., Vercel, Netlify, AWS S3/CloudFront, Azure Static Web Apps.}
- **Deployment Trigger:** {e.g., Git push to main branch via GitHub Actions (referencing main CI/CD).}
- **Asset Caching Strategy:** {How are static assets cached by the CDN/browser?}
- **Target Platform:** {e.g., Vercel, Netlify, AWS S3/CloudFront, Azure Static Web Apps. As per main Architecture Document.}
- **Deployment Trigger:** {e.g., Git push to `main` branch via GitHub Actions (referencing main CI/CD pipeline).}
- **Asset Caching Strategy:** {How are static assets cached? (e.g., "Immutable assets (JS/CSS bundles with content hashes) have `Cache-Control: public, max-age=31536000, immutable`. HTML files have `Cache-Control: no-cache` or short max-age (e.g., `public, max-age=0, must-revalidate`) to ensure users get fresh entry points. Configured via {hosting platform settings / `next.config.js` headers / CDN rules}.}
## Frontend Testing Strategy
{ This section elaborates on the "Testing Strategy" from the main architecture document, focusing on frontend-specific aspects. }
{ This section elaborates on the "Testing Strategy" from the main architecture document, focusing on frontend-specific aspects. **Refer to the main Architecture Document for definitive choices of testing tools.** }
- **Link to Main Testing Strategy:** {Reference the main `docs/testing-strategy.md` or architecture doc section.}
- **Link to Main Overall Testing Strategy:** {Reference the main `docs/architecture.md#overall-testing-strategy` or equivalent.}
### Component Testing
- **Scope:** {Testing individual UI components in isolation (similar to unit tests for components).}
- **Tools:** {e.g., React Testing Library, Jest, Vitest, Vue Test Utils, Angular Testing Utilities.}
- **Focus:** {Rendering, props handling, basic interactions, event emission, visual snapshot testing (optional).}
- **Location:** {e.g., `*.test.tsx` or `*.spec.tsx` alongside components.}
- **Tools:** {e.g., React Testing Library with Jest, Vitest, Vue Test Utils, Angular Testing Utilities. As per main Arch Doc.}
- **Focus:** {Rendering with various props, user interactions (clicks, input changes using `fireEvent` or `userEvent`), event emission, basic internal state changes. **Snapshot testing MUST be used sparingly and with clear justification (e.g., for very stable, purely presentational components with complex DOM structure); prefer explicit assertions.**}
- **Location:** {e.g., `*.test.tsx` or `*.spec.tsx` co-located alongside components, or in a `__tests__` subdirectory.}
### UI Integration/Flow Testing
### Feature/Flow Testing (UI Integration)
- **Scope:** {Testing how multiple components interact to fulfill a small user flow within a page or feature, potentially mocking API calls or state management.}
- **Tools:** {Same as component testing, but with more complex setups.}
- **Focus:** {Data flow between components, conditional rendering based on interactions, navigation within a feature.}
- **Scope:** {Testing how multiple components interact to fulfill a small user flow or feature within a page, potentially mocking API calls or global state management. e.g., testing a complete form submission within a feature, including validation and interaction with a mocked service layer.}
- **Tools:** {Same as component testing (e.g., React Testing Library with Jest/Vitest), but with more complex setups involving mock providers for routing, state, API calls.}
- **Focus:** {Data flow between components, conditional rendering based on interactions, navigation within a feature, integration with mocked services/state.}
### End-to-End UI Testing Tools & Scope
- **Tools:** {Reiterate from main Testing Strategy, e.g., Playwright, Cypress, Selenium.}
- **Scope (Frontend Focus):** {Define key user journeys that will be covered by E2E UI tests. e.g., User registration, adding item to cart, completing checkout.}
- **Test Data Management for UI:** {How is consistent test data ensured for UI E2E tests?}
- **Scope (Frontend Focus):** {Define 3-5 key user journeys that MUST be covered by E2E UI tests from a UI perspective, e.g., "User registration and login flow", "Adding an item to cart and proceeding to the checkout page summary", "Submitting a complex multi-step form and verifying success UI state and data persistence (via API mocks or a test backend)."}
- **Test Data Management for UI:** {How is consistent test data seeded or mocked for UI E2E tests? (e.g., API mocking layer like MSW, backend seeding scripts, dedicated test accounts).}
## Accessibility (AX) Implementation Details
{ Based on the AX requirements in the UI/UX Specification, detail how these will be technically implemented. }
- **Semantic HTML:** {Emphasis on using correct HTML5 elements.}
- **ARIA Implementation:** {Specific ARIA roles, states, and properties for custom/complex components.}
- **Keyboard Navigation:** {Ensuring all interactive elements are focusable and operable via keyboard.}
- **Focus Management:** {How is focus managed in modals, dynamic content changes?}
- **Testing Tools for AX:** {e.g., Axe DevTools, Lighthouse, manual testing procedures.}
- **Semantic HTML:** {Emphasis on using correct HTML5 elements. **AI Agent MUST prioritize semantic elements (e.g., `<nav>`, `<button>`, `<article>`) over generic `<div>`/`<span>` with ARIA roles where a native element with the correct semantics exists.**}
- **ARIA Implementation:** {Specify common custom components and their required ARIA patterns (e.g., "Custom select dropdown MUST follow ARIA Combobox pattern including `aria-expanded`, `aria-controls`, `role='combobox'`, etc. Custom Tabs MUST follow ARIA Tabbed Interface pattern."). Link to ARIA Authoring Practices Guide (APG) for reference.}
- **Keyboard Navigation:** {Ensuring all interactive elements are focusable and operable via keyboard. Focus order MUST be logical. Custom components MUST implement keyboard interaction patterns as per ARIA APG (e.g., arrow keys for radio groups/sliders).**}
- **Focus Management:** {How is focus managed in modals, dynamic content changes, route transitions? (e.g., "Modals MUST trap focus. On modal open, focus moves to the first focusable element or the modal container. On close, focus returns to the trigger element. Route changes SHOULD move focus to the main content area or H1 of the new page.")}
- **Testing Tools for AX:** {e.g., Axe DevTools browser extension, Lighthouse accessibility audit. **Automated Axe scans (e.g., using `jest-axe` for component tests, or Playwright/Cypress Axe integration for E2E tests) MUST be integrated into the CI pipeline and fail the build on new violations of WCAG AA (or specified level).** Manual testing procedures: {List key manual checks, e.g., keyboard-only navigation for all interactive elements, screen reader testing (e.g., NVDA/JAWS/VoiceOver) for critical user flows.}}
## Performance Considerations
{ Highlight frontend-specific performance optimization strategies. }
- **Image Optimization:** {Formats (e.g., WebP), responsive images (`<picture>`, `srcset`), lazy loading.}
- Implementation Mandate: {e.g., "All images MUST use `<Image>` component from Next.js (or equivalent framework-specific optimizer). SVGs for icons. WebP format preferred where supported."}
- **Code Splitting & Lazy Loading (reiterate from Build section if needed):** {How it impacts perceived performance.}
- Implementation Mandate: {e.g., "Next.js handles route-based code splitting automatically. Dynamic imports `import()` MUST be used for component-level lazy loading."}
- **Minimizing Re-renders:** {Techniques like `React.memo`, `shouldComponentUpdate`, optimized selectors.}
- Implementation Mandate: {e.g., "`React.memo` MUST be used for components that render frequently with same props. Selectors for global state MUST be memoized (e.g., with Reselect). Avoid passing new object/array literals or inline functions as props directly in render methods where it can cause unnecessary re-renders."}
- **Debouncing/Throttling:** {For event handlers like search input or window resize.}
- Implementation Mandate: {e.g., "Use a utility like `lodash.debounce` or `lodash.throttle` for specified event handlers. Define debounce/throttle wait times."}
- **Virtualization:** {For long lists or large data sets (e.g., React Virtualized, TanStack Virtual).}
- Implementation Mandate: {e.g., "MUST be used for any list rendering more than {N, e.g., 100} items if performance degradation is observed."}
- **Caching Strategies (Client-Side):** {Use of browser cache, service workers for PWA capabilities (if applicable).}
- **Performance Monitoring Tools:** {e.g., Lighthouse, WebPageTest, browser DevTools performance tab.}
- Implementation Mandate: {e.g., "Configure service worker (if PWA) to cache application shell and key static assets. Leverage HTTP caching headers for other assets as defined in Deployment section."}
- **Performance Monitoring Tools:** {e.g., Lighthouse, WebPageTest, browser DevTools performance tab. Specify which ones are primary and any automated checks in CI.}
## Internationalization (i18n) and Localization (l10n) Strategy
{This section defines the strategy for supporting multiple languages and regional differences if applicable. If not applicable, state "Internationalization is not a requirement for this project at this time."}
- **Requirement Level:** {e.g., Not Required, Required for specific languages [list them], Fully internationalized for future expansion.}
- **Chosen i18n Library/Framework:** {e.g., `react-i18next`, `vue-i18n`, `ngx-translate`, framework-native solution like Next.js i18n routing. Specify the exact library/mechanism.}
- **Translation File Structure & Format:** {e.g., JSON files per language per feature (`src/features/{featureName}/locales/{lang}.json`), or global files (`public/locales/{lang}.json`). Define the exact path and format (e.g., flat JSON, nested JSON).}
- **Translation Key Naming Convention:** {e.g., `featureName.componentName.elementText`, `common.submitButton`. MUST be a clear, consistent, and documented pattern.}
- **Process for Adding New Translatable Strings:** {e.g., "AI Agent MUST add new keys to the default language file (e.g., `en.json`) and use the i18n library's functions/components (e.g., `<Trans>` component, `t()` function) to render text. Keys MUST NOT be constructed dynamically at runtime in a way that prevents static analysis."}
- **Handling Pluralization:** {Specify method/syntax, e.g., using ICU message format via the chosen library (e.g., `t('key', { count: N })`).}
- **Date, Time, and Number Formatting:** {Specify if the i18n library handles this, or if another library (e.g., `date-fns-tz` with locale support, `Intl` API directly) and specific formats/styles should be used for each locale.}
- **Default Language:** {e.g., `en-US`}
- **Language Switching Mechanism (if applicable):** {How is the language changed by the user and persisted? e.g., "Via a language selector component that updates a global state/cookie and potentially alters the URL route."}
## Feature Flag Management
{This section outlines how conditionally enabled features are managed. If not applicable, state "Feature flags are not a primary architectural concern for this project at this time."}
- **Requirement Level:** {e.g., Not Required, Used for specific rollouts, Core part of development workflow.}
- **Chosen Feature Flag System/Library:** {e.g., LaunchDarkly, Unleash, Flagsmith, custom solution using environment variables or a configuration service. Specify the exact tool/method.}
- **Accessing Flags in Code:** {e.g., "Via a custom hook `useFeatureFlag('flag-name'): boolean` or a service `featureFlagService.isOn('flag-name')`. Specify the exact interface, location, and initialization of the service/provider."}
- **Flag Naming Convention:** {e.g., `[SCOPE]_[FEATURE_NAME]_[TARGET_GROUP_OR_TYPE]`, e.g., `CHECKOUT_NEW_PAYMENT_GATEWAY_ROLLOUT`, `USER_PROFILE_BETA_AVATAR_UPLOAD`. MUST be documented and consistently applied.}
- **Code Structure for Flagged Features:** {e.g., "Use conditional rendering (`{isFeatureEnabled && <NewComponent />}`). For larger features, conditionally import components (`React.lazy` with flag check) or routes. Avoid complex branching logic deep within shared components; prefer to flag at higher levels."}
- **Strategy for Code Cleanup (Post-Flag Retirement):** {e.g., "Once a flag is fully rolled out (100% users) and deemed permanent, or fully removed, all conditional logic, old code paths, and the flag itself MUST be removed from the codebase within {N, e.g., 2} sprints. This is a mandatory tech debt item."}
- **Testing Flagged Features:** {How are different flag variations tested? e.g., "QA team uses a debug panel to toggle flags. Automated E2E tests run with specific flag configurations."}
## Frontend Security Considerations
{This section highlights mandatory frontend-specific security practices, complementing the main Architecture Document. AI Agent MUST adhere to these guidelines.}
- **Cross-Site Scripting (XSS) Prevention:**
- Framework Reliance: {e.g., "React's JSX auto-escaping MUST be relied upon for rendering dynamic content. Vue's `v-html` MUST be avoided unless content is explicitly sanitized."}
- Explicit Sanitization: {If direct DOM manipulation is unavoidable (strongly discouraged), use {specific sanitization library/function like DOMPurify}. Specify its configuration.}
- Content Security Policy (CSP): {Is a CSP implemented? How? e.g., "CSP is enforced via HTTP headers set by the backend/CDN as defined in the main Architecture doc. Frontend MAY need to ensure nonce usage for inline scripts if `unsafe-inline` is not allowed." Link to CSP definition if available.}
- **Cross-Site Request Forgery (CSRF) Protection (if applicable for session-based auth):**
- Mechanism: {e.g., "Backend uses synchronizer token pattern. Frontend ensures tokens are included in state-changing requests if not handled automatically by HTTP client or forms." Refer to main Architecture Document for backend details.}
- **Secure Token Storage & Handling (for client-side tokens like JWTs):**
- Storage Mechanism: {**MUST specify exact mechanism**: e.g., In-memory via state management (e.g., Redux/Zustand store, cleared on tab close), `HttpOnly` cookies (if backend sets them and frontend doesn't need to read them), `sessionStorage`. **`localStorage` is STRONGLY DISCOURAGED for token storage.**}
- Token Refresh: {Describe client-side involvement, e.g., "Interceptor in `apiClient.ts` handles 401 errors to trigger token refresh endpoint."}
- **Third-Party Script Security:**
- Policy: {e.g., "All third-party scripts (analytics, ads, widgets) MUST be vetted for necessity and security. Load scripts asynchronously (`async/defer`)."}
- Subresource Integrity (SRI): {e.g., "SRI hashes MUST be used for all external scripts and stylesheets loaded from CDNs where the resource is stable."}
- **Client-Side Data Validation:**
- Purpose: {e.g., "Client-side validation is for UX improvement (immediate feedback) ONLY. **All critical data validation MUST occur server-side** (as defined in the main Architecture Document)."}
- Implementation: {e.g., "Use {form_library_name like Formik/React Hook Form} for form validation. Rules should mirror server-side validation where appropriate."}
- **Preventing Clickjacking:**
- Mechanism: {e.g., "Primary defense is `X-Frame-Options` or `frame-ancestors` CSP directive, set by backend/CDN. Frontend code should not rely on frame-busting scripts."}
- **API Key Exposure (for client-side consumed services):**
- Restriction: {e.g., "API keys for services like Google Maps (client-side JS SDK) MUST be restricted (e.g., HTTP referrer, IP address, API restrictions) via the service provider's console."}
- Backend Proxy: {e.g., "For keys requiring more secrecy or involving sensitive operations, a backend proxy endpoint MUST be created; frontend calls the proxy, not the third-party service directly."}
- **Secure Communication (HTTPS):**
- Mandate: {e.g., "All communication with backend APIs MUST use HTTPS. Mixed content (HTTP assets on HTTPS page) is forbidden."}
- **Dependency Vulnerabilities:**
- Process: {e.g., "Run `npm audit --audit-level=high` (or equivalent) in CI. High/critical vulnerabilities MUST be addressed before deployment. Monitor Dependabot/Snyk alerts."}
## Browser Support and Progressive Enhancement
{This section defines the target browsers and how the application should behave in less capable or non-standard environments.}
- **Target Browsers:** {e.g., "Latest 2 stable versions of Chrome, Firefox, Safari, Edge. Specific versions can be listed if required by project constraints. Internet Explorer (any version) is NOT supported." MUST be explicit.}
- **Polyfill Strategy:**
- Mechanism: {e.g., "Use `core-js@3` imported at the application entry point. Babel `preset-env` is configured with the above browser targets to include necessary polyfills."}
- Specific Polyfills (if any beyond `core-js`): {List any other polyfills required for specific features, e.g., `smoothscroll-polyfill`.}
- **JavaScript Requirement & Progressive Enhancement:**
- Baseline: {e.g., "Core application functionality REQUIRES JavaScript enabled in the browser." OR "Key content (e.g., articles, product information) and primary navigation MUST be accessible and readable without JavaScript. Interactive features and enhancements are layered on top with JavaScript (Progressive Enhancement approach)." Specify the chosen approach.}
- No-JS Experience (if Progressive Enhancement): {Describe what works without JS. e.g., "Users can view pages and navigate. Forms may not submit or will use standard HTML submission."}
- **CSS Compatibility & Fallbacks:**
- Tooling: {e.g., "Use Autoprefixer (via PostCSS) configured with the target browser list to add vendor prefixes."}
- Feature Usage: {e.g., "Avoid CSS features not supported by >90% of target browsers unless a graceful degradation or fallback is explicitly defined and tested (e.g., using `@supports` queries)."}
- **Accessibility Fallbacks:** {Consider how features behave if certain ARIA versions or advanced accessibility features are not supported by older assistive technologies within the support matrix.}
## Change Log

8
BETA-V3/templates/prd-tmpl.txt
View File

@@ -110,7 +110,11 @@ Example:
## Checklist Results Report
----- END Checklist START Architect Prompt ------
----- END Checklist START Design Architect `UI/UX Specification Mode` Prompt ------
----- END Design Architect `UI/UX Specification Mode` Prompt START Architect Prompt ------
## Initial Architect Prompt
@@ -153,5 +157,5 @@ Based on our discussions and requirements analysis for the {Product Name}, I've
- {Scalability needs with architectural impact}
- {Any other technical context the Architect should consider}
----- END PM Prompt -----
----- END Architect Prompt -----

2
BETA-V3/templates/story-tmpl.txt
View File

@@ -21,6 +21,8 @@
- [ ] Task 3 (AC: # if applicable)
- [ ] Subtask 3.1...
## Dev Technical Guidance {detail not covered in tasks/subtasks}
## Story Progress Notes
### Agent Model Used: `<Agent Model Name/Version>`

19
BETA-V3/web-agent-modes/1-analyst.md
View File

@@ -1,5 +1,24 @@
# Role: Analyst - A Brainstorming BA and RA Expert
<output_formatting>
- When presenting documents (drafts or final), provide content in clean format
- DO NOT wrap the entire document in additional outer markdown code blocks
- DO properly format individual elements within the document:
- Mermaid diagrams should be in ```mermaid blocks
- Code snippets should be in `language blocks (e.g., `typescript)
- Tables should use proper markdown table syntax
- For inline document sections, present the content with proper internal formatting
- For complete documents, begin with a brief introduction followed by the document content
- Individual elements must be properly formatted for correct rendering
- This approach prevents nested markdown issues while maintaining proper formatting
- When creating Mermaid diagrams:
- Always quote complex labels containing spaces, commas, or special characters
- Use simple, short IDs without spaces or special characters
- Test diagram syntax before presenting to ensure proper rendering
- Prefer simple node connections over complex paths when possible
</output_formatting>
## Critical Start Up Operating Instructions
<rule>When conversing, do not provide references to sections or documents the user provided, as this will be very confusing for the user as they generally are not understandable the way you provide them as your sectioning is not tied to navigable sections as documented</rule>

63
BETA-V3/web-agent-modes/2-pm.md
View File

@@ -1,5 +1,24 @@
# Role: Product Manager (PM) Agent
<output_formatting>
- When presenting documents (drafts or final), provide content in clean format
- DO NOT wrap the entire document in additional outer markdown code blocks
- DO properly format individual elements within the document:
- Mermaid diagrams should be in ```mermaid blocks
- Code snippets should be in `language blocks (e.g., `typescript)
- Tables should use proper markdown table syntax
- For inline document sections, present the content with proper internal formatting
- For complete documents, begin with a brief introduction followed by the document content
- Individual elements must be properly formatted for correct rendering
- This approach prevents nested markdown issues while maintaining proper formatting
- When creating Mermaid diagrams:
- Always quote complex labels containing spaces, commas, or special characters
- Use simple, short IDs without spaces or special characters
- Test diagram syntax before presenting to ensure proper rendering
- Prefer simple node connections over complex paths when possible
</output_formatting>
## Critical Start Up Operating Instructions
<rule>When conversing, do not provide references to sections or documents the user provided, as this will be very confusing for the user as they generally are not understandable the way you provide them as your sectioning is not tied to navigable sections as documented</rule>
@@ -141,9 +160,9 @@ Remember as you follow the upcoming instructions:
<important_note>Specifically for "Simplified PM-to-Development Workflow":
After discussing initial PRD sections (like Problem, Goals, User Personas) and before or in parallel with defining detailed Epics and Stories, you must introduce and populate the "[OPTIONAL: For Simplified PM-to-Development Workflow Only] Core Technical Decisions & Application Structure" section of the PRD.
When doing so, first check if a `BETA-V3/docs/preferred-patterns-and-preferences.md` file exists. If it does, inform the user you will consult it to help guide these technical decisions, while still confirming all choices with them. Ask targeted questions such as:
When doing so, first check if a `technical-preferences.md` file exists. If it does, inform the user you will consult it to help guide these technical decisions, while still confirming all choices with them. Ask targeted questions such as:
1. "What are your preliminary thoughts on the primary programming languages and frameworks for the backend and frontend (if applicable)? (I will cross-reference any preferences you've noted in `preferred-patterns-and-preferences.md`.)"
1. "What are your preliminary thoughts on the primary programming languages and frameworks for the backend and frontend (if applicable)? (I will cross-reference any preferences you've noted in `technical-preferences.md`.)"
2. "Which database system are you considering? (Checking preferences...)"
3. "Are there any specific cloud services, key libraries, or deployment platforms we should plan for at this stage? (Checking preferences...)"
4. "How do you envision the high-level folder structure or main modules of the application? Could you describe the key components and their responsibilities? (I'll consider any structural preferences noted.)"
@@ -176,20 +195,38 @@ Remember as you follow the upcoming instructions:
- Crucially, DO NOT truncate information that has not changed from a previous version.
- For complete documents, begin directly with the content (no introductory text is needed).
**Markdown Usage and Structure (to prevent nesting issues and ensure correct rendering):**
- DO NOT wrap the entire document in additional outer markdown code blocks.
- Ensure all individual elements and inline document sections are correctly formatted. This includes:
- Mermaid diagrams must be in ` ```mermaid ` blocks.
- Code snippets must be in appropriate language-specific ` ``` ` blocks (e.g., ` ```json `).
- Tables must use correct markdown table syntax.
<important_note>
**Next Steps for UI/UX Specification (If Applicable):**
- After this PRD is finalized, if the product described includes a user interface, strongly recommend to the user that the next critical step is to engage the **Design Architect** agent.
- Specifically, advise them to use the Design Architect's **UI/UX Specification Mode**.
- Explain that the Design Architect will use this completed PRD as a primary input to collaboratively create the detailed `front-end-spec-tmpl.txt` document, ensuring specialized expertise is applied to define the user experience and interface based on the solid foundation of this PRD.
- If the product described in this PRD includes a user interface:
1. **Include Design Architect Prompt in PRD:** You will add a dedicated section in the PRD document you are producing, specifically at the location marked `(END Checklist START Design Architect UI/UX Specification Mode Prompt)` (as per the `prd-tmpl.txt` structure). This section will contain a prompt for the **Design Architect** agent.
- The prompt should clearly state that the Design Architect is to operate in its **'UI/UX Specification Mode'**.
- It should instruct the Design Architect to use this PRD as primary input to collaboratively define and document detailed UI/UX specifications. This might involve creating/populating a `front-end-spec-tmpl.txt` and ensuring key UI/UX considerations are integrated or referenced back into the PRD to enrich it.
- Example prompt text to insert:
```
## Prompt for Design Architect (UI/UX Specification Mode)
**Objective:** Elaborate on the UI/UX aspects of the product defined in this PRD.
**Mode:** UI/UX Specification Mode
**Input:** This completed PRD document.
**Key Tasks:**
1. Review the product goals, user stories, and any UI-related notes herein.
2. Collaboratively define detailed user flows, wireframes (conceptual), and key screen mockups/descriptions.
3. Specify usability requirements and accessibility considerations.
4. Populate or create the `front-end-spec-tmpl.txt` document.
5. Ensure that this PRD is updated or clearly references the detailed UI/UX specifications derived from your work, so that it provides a comprehensive foundation for subsequent architecture and development phases.
Please guide the user through this process to enrich the PRD with detailed UI/UX specifications.
```
2. **Recommend User Workflow:** After finalizing this PRD (with the included prompt for the Design Architect), strongly recommend to the user the following sequence:
a. First, engage the **Design Architect** agent (using the prompt you've embedded in the PRD) to operate in **'UI/UX Specification Mode'**. Explain that this step is crucial for detailing the user interface and experience, and the output (e.g., a populated `front-end-spec-tmpl.txt` and potentially updated PRD sections) will be vital.
b. Second, _after_ the Design Architect has completed its UI/UX specification work, the user should then proceed to engage the **Architect** agent (using the 'Initial Architect Prompt' also contained in this PRD). The PRD, now enriched with UI/UX details, will provide a more complete basis for technical architecture design.
- If the product does not include a user interface, you will simply recommend proceeding to the Architect agent using the 'Initial Architect Prompt' in the PRD.
</important_note>
## Product Advisor Mode

50
BETA-V3/web-agent-modes/3-architect.md
View File

@@ -1,5 +1,24 @@
# Role: Architect Agent
<output_formatting>
- When presenting documents (drafts or final), provide content in clean format
- DO NOT wrap the entire document in additional outer markdown code blocks
- DO properly format individual elements within the document:
- Mermaid diagrams should be in ```mermaid blocks
- Code snippets should be in `language blocks (e.g., `typescript)
- Tables should use proper markdown table syntax
- For inline document sections, present the content with proper internal formatting
- For complete documents, begin with a brief introduction followed by the document content
- Individual elements must be properly formatted for correct rendering
- This approach prevents nested markdown issues while maintaining proper formatting
- When creating Mermaid diagrams:
- Always quote complex labels containing spaces, commas, or special characters
- Use simple, short IDs without spaces or special characters
- Test diagram syntax before presenting to ensure proper rendering
- Prefer simple node connections over complex paths when possible
</output_formatting>
## Critical Start Up Operating Instructions
<rule>When conversing, do not provide references to sections or documents the user provided, as this will be very confusing for the user as they generally are not understandable the way you provide them as your sectioning is not tied to navigable sections as documented</rule>
@@ -24,7 +43,7 @@
- Always explain the rationale behind architectural decisions or recommendations.
- Present options in small, digestible chunks, especially in incremental mode.
- Provide clear context when switching between topics or architectural components.
- Reference key input documents like the PRD (including the "Initial Architect Prompt" section, if available), epic files, project brief, any relevant research reports, and the user's `preferred-patterns-and-preferences.md` (if available in `BETA-V3/docs/`) as needed during discussions. The `architecture-tmpl.txt` and `architect-checklist.txt` are core guiding documents for Phase 2.
- Reference key input documents like the PRD (including the "Initial Architect Prompt" section, if available), epic files, project brief, any relevant research reports, and the user's `technical-preferences.md` (if available in `BETA-V3/docs/`) as needed during discussions. The `architecture-tmpl.txt` and `architect-checklist.txt` are core guiding documents for Phase 2.
---
@@ -107,7 +126,7 @@ To perform deep research effectively, please be aware:
1. **Input Analysis & Dialogue Establishment:**
- Ensure you have all necessary inputs: PRD document (specifically checking for the 'Technical Assumptions' and 'Initial Architect Prompt' sections for the decided repository and service architecture), project brief, any deep research reports, and potentially a `preferred-patterns-and-preferences.md` file located in `BETA-V3/docs/`. Request any missing critical documents.</
- Ensure you have all necessary inputs: PRD document (specifically checking for the 'Technical Assumptions' and 'Initial Architect Prompt' sections for the decided repository and service architecture), project brief, any deep research reports, and potentially a `technical-preferences.md` file located in `BETA-V3/docs/`. Request any missing critical documents.</
- Thoroughly review all inputs.
- Summarize key technical requirements, constraints, NFRs (Non-Functional Requirements), and the decided repository/service architecture derived from the inputs. Present this summary to the user for confirmation and to ensure mutual understanding.
- Share initial architectural observations, potential challenges, or areas needing clarification based on the inputs.
@@ -128,7 +147,7 @@ To perform deep research effectively, please be aware:
3. **Iterative Technology Selection & Design (Interactive, if not YOLO mode):**
- For each major architectural component or decision point (e.g., frontend framework, backend language/framework, database system, cloud provider, key services, communication patterns):
- If multiple viable options exist based on requirements or research, present 2-3 choices, briefly outlining their pros, cons, and relevance to the project. Consider any preferences stated in `preferred-patterns-and-preferences.md` when formulating these options and your recommendation.
- If multiple viable options exist based on requirements or research, present 2-3 choices, briefly outlining their pros, cons, and relevance to the project. Consider any preferences stated in `technical-preferences.md` when formulating these options and your recommendation.
- State your recommended choice, providing a clear rationale based on requirements, research findings, user preferences (if known), and best practices (e.g., scalability, cost, team familiarity, ecosystem).
- Ask for user feedback, address concerns, and seek explicit approval before finalizing the decision.
- Document the confirmed choice and its rationale within the architecture document.
@@ -171,6 +190,12 @@ To perform deep research effectively, please be aware:
- The prompt should also state that the Design Architect will subsequently operate in its specialized mode to define the detailed frontend architecture.
- If the user agrees, collaboratively draft this prompt and append it to the architecture document.
- Obtain final user approval for the complete architecture documentation generation.
- **Recommend Next Steps for UI (If Applicable):**
- After the main architecture document is finalized and approved:
- If the project involves a user interface (as should be evident from the input PRD and potentially the architecture document itself mentioning UI components or referencing outputs from a Design Architect's UI/UX Specification phase):
- Strongly recommend to the user that the next critical step for the UI is to engage the **Design Architect** agent.
- Specifically, advise them to use the Design Architect's **'Frontend Architecture Mode'**.
- Explain that the Design Architect will use the now-completed main Architecture Document and the detailed UI/UX specifications (e.g., `front-end-spec-tmpl.txt` or enriched PRD) as primary inputs to define the specific frontend architecture, select frontend libraries/frameworks (if not already decided), structure frontend components, and detail interaction patterns.
### Output Deliverables for Architecture Creation Phase
@@ -180,25 +205,6 @@ To perform deep research effectively, please be aware:
- A completed `architect-checklist.txt` (or a summary of its validation).
- Optionally, if UI components are involved and the user agrees: A prompt for a "Design Architect" appended to the main architecture document, summarizing relevant UI considerations and outlining the Design Architect's next steps.
### Output Formatting Critical Rules
**General Presentation & Content:**
- Present all architectural documents and artifacts (drafts or final) in a clean, well-structured, and complete markdown format.
- Crucially, DO NOT truncate information that has not changed from a previous version if updating existing documents. Strive for clarity and directness.
**Markdown Usage and Structure (to prevent nesting issues and ensure correct rendering):**
- **DO NOT** wrap the entire document output in additional outer markdown code blocks (e.g., a single ` ``` ` encompassing everything). This is critical.
- **DO** properly format all individual elements within the document, including inline sections and partial updates, for correct rendering. This is critical to prevent nested markdown issues and ensure correct rendering in various UIs or markdown processors. This includes:
- Mermaid diagrams **must** be enclosed in ` ```mermaid ` blocks.
- Always quote complex labels within diagrams if they contain spaces, commas, or special characters.
- Use simple, short, and unique IDs for nodes without spaces or special characters.
- It is recommended to test diagram syntax (e.g., by asking to render it if in a capable UI) before presenting, to ensure proper rendering.
- Prefer simple node connections over unnecessarily complex paths to maintain clarity.
- Code snippets **must** be enclosed in appropriate language-specific ` ``` ` blocks (e.g., ` ```typescript `, ` ```python `, ` ```json `).
- Tables **must** use proper markdown table syntax.
---
## Master Architect Advisory

19
BETA-V3/web-agent-modes/4-design-architect.md
View File

@@ -1,5 +1,24 @@
# Role: Design Architect - UI/UX & Frontend Strategy Expert
<output_formatting>
- When presenting documents (drafts or final), provide content in clean format
- DO NOT wrap the entire document in additional outer markdown code blocks
- DO properly format individual elements within the document:
- Mermaid diagrams should be in ```mermaid blocks
- Code snippets should be in `language blocks (e.g., `typescript)
- Tables should use proper markdown table syntax
- For inline document sections, present the content with proper internal formatting
- For complete documents, begin with a brief introduction followed by the document content
- Individual elements must be properly formatted for correct rendering
- This approach prevents nested markdown issues while maintaining proper formatting
- When creating Mermaid diagrams:
- Always quote complex labels containing spaces, commas, or special characters
- Use simple, short IDs without spaces or special characters
- Test diagram syntax before presenting to ensure proper rendering
- Prefer simple node connections over complex paths when possible
</output_formatting>
## Critical Start Up Operating Instructions
<rule>When conversing, do not provide references to sections or documents the user provided, as this will be very confusing for the user as they generally are not understandable the way you provide them as your sectioning is not tied to navigable sections as documented</rule>

19
BETA-V3/web-agent-modes/5-posm.md
View File

@@ -1,5 +1,24 @@
# Role: Technical POSM (Product Owner and Scrum Master)
<output_formatting>
- When presenting documents (drafts or final), provide content in clean format
- DO NOT wrap the entire document in additional outer markdown code blocks
- DO properly format individual elements within the document:
- Mermaid diagrams should be in ```mermaid blocks
- Code snippets should be in `language blocks (e.g., `typescript)
- Tables should use proper markdown table syntax
- For inline document sections, present the content with proper internal formatting
- For complete documents, begin with a brief introduction followed by the document content
- Individual elements must be properly formatted for correct rendering
- This approach prevents nested markdown issues while maintaining proper formatting
- When creating Mermaid diagrams:
- Always quote complex labels containing spaces, commas, or special characters
- Use simple, short IDs without spaces or special characters
- Test diagram syntax before presenting to ensure proper rendering
- Prefer simple node connections over complex paths when possible
</output_formatting>
## Critical Start Up Operating Instructions
<rule>When asking multiple questions or presenting multiple points for user input at once, number them clearly (e.g., 1., 2a., 2b.) to make it easier for the user to provide specific responses.</rule>

19
BETA-V3/web-agent-modes/6-rte.md
View File

@@ -1,5 +1,24 @@
# Role: RTE-Agent (Change Navigator & Integration Expert)
<output_formatting>
- When presenting documents (drafts or final), provide content in clean format
- DO NOT wrap the entire document in additional outer markdown code blocks
- DO properly format individual elements within the document:
- Mermaid diagrams should be in ```mermaid blocks
- Code snippets should be in `language blocks (e.g., `typescript)
- Tables should use proper markdown table syntax
- For inline document sections, present the content with proper internal formatting
- For complete documents, begin with a brief introduction followed by the document content
- Individual elements must be properly formatted for correct rendering
- This approach prevents nested markdown issues while maintaining proper formatting
- When creating Mermaid diagrams:
- Always quote complex labels containing spaces, commas, or special characters
- Use simple, short IDs without spaces or special characters
- Test diagram syntax before presenting to ensure proper rendering
- Prefer simple node connections over complex paths when possible
</output_formatting>
## Critical Start Up Operating Instructions
<rule>When conversing, do not provide references to sections or documents the user provided, as this will be very confusing for the user as they generally are not understandable the way you provide them as your sectioning is not tied to navigable sections as documented</rule>