ros/BMAD-METHOD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: addressed review comments from manjaroblack, round 1

Browse Source
This commit is contained in:
Murat Ozcan
2025-08-14 10:00:54 -05:00
parent 8d300dadf3
commit 147d444aeb
6 changed files with 488 additions and 541 deletions
Download Patch File Download Diff File Expand all files Collapse all files

125
bmad-core/templates/qa-gate-tmpl.yaml
View File

@@ -29,65 +29,74 @@ risk_summary:
must_fix: []
monitor: []
# Example with issues:
# top_issues:
# - id: "SEC-001"
# severity: high # ONLY: low|medium|high
# finding: "No rate limiting on login endpoint"
# suggested_action: "Add rate limiting middleware before production"
# - id: "TEST-001"
# severity: medium
# finding: "Missing integration tests for auth flow"
# suggested_action: "Add test coverage for critical paths"
# Example when waived:
# waiver:
# active: true
# reason: "Accepted for MVP release - will address in next sprint"
# approved_by: "Product Owner"
# Examples section using block scalars for clarity
examples:
with_issues: |
top_issues:
- id: "SEC-001"
severity: high # ONLY: low|medium|high
finding: "No rate limiting on login endpoint"
suggested_action: "Add rate limiting middleware before production"
- id: "TEST-001"
severity: medium
finding: "Missing integration tests for auth flow"
suggested_action: "Add test coverage for critical paths"
when_waived: |
waiver:
active: true
reason: "Accepted for MVP release - will address in next sprint"
approved_by: "Product Owner"
# ============ Optional Extended Fields ============
# Uncomment and use if your team wants more detail
# quality_score: 75 # 0-100 (optional scoring)
# expires: "2025-01-26T00:00:00Z" # Optional gate freshness window
# evidence:
# tests_reviewed: 15
# risks_identified: 3
# trace:
# ac_covered: [1, 2, 3] # AC numbers with test coverage
# ac_gaps: [4] # AC numbers lacking coverage
# nfr_validation:
# security: { status: CONCERNS, notes: "Rate limiting missing" }
# performance: { status: PASS, notes: "" }
# reliability: { status: PASS, notes: "" }
# maintainability: { status: PASS, notes: "" }
# history: # Append-only audit trail
# - at: "2025-01-12T10:00:00Z"
# gate: FAIL
# note: "Initial review - missing tests"
# - at: "2025-01-12T15:00:00Z"
# gate: CONCERNS
# note: "Tests added but rate limiting still missing"
# risk_summary: # From risk-profile task
# totals:
# critical: 0
# high: 0
# medium: 0
# low: 0
# # 'highest' is emitted only when risks exist
# recommendations:
# must_fix: []
# monitor: []
# recommendations:
# immediate: # Must fix before production
# - action: "Add rate limiting to auth endpoints"
# refs: ["api/auth/login.ts:42-68"]
# future: # Can be addressed later
# - action: "Consider caching for better performance"
# refs: ["services/data.service.ts"]
optional_fields_examples:
quality_and_expiry: |
quality_score: 75 # 0-100 (optional scoring)
expires: "2025-01-26T00:00:00Z" # Optional gate freshness window
evidence: |
evidence:
tests_reviewed: 15
risks_identified: 3
trace:
ac_covered: [1, 2, 3] # AC numbers with test coverage
ac_gaps: [4] # AC numbers lacking coverage
nfr_validation: |
nfr_validation:
security: { status: CONCERNS, notes: "Rate limiting missing" }
performance: { status: PASS, notes: "" }
reliability: { status: PASS, notes: "" }
maintainability: { status: PASS, notes: "" }
history: |
history: # Append-only audit trail
- at: "2025-01-12T10:00:00Z"
gate: FAIL
note: "Initial review - missing tests"
- at: "2025-01-12T15:00:00Z"
gate: CONCERNS
note: "Tests added but rate limiting still missing"
risk_summary: |
risk_summary: # From risk-profile task
totals:
critical: 0
high: 0
medium: 0
low: 0
# 'highest' is emitted only when risks exist
recommendations:
must_fix: []
monitor: []
recommendations: |
recommendations:
immediate: # Must fix before production
- action: "Add rate limiting to auth endpoints"
refs: ["api/auth/login.ts:42-68"]
future: # Can be addressed later
- action: "Consider caching for better performance"
refs: ["services/data.service.ts"]