zhongwei/gh-rhuss-cc-superpowers-sdd
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
gh-rhuss-cc-superpowers-sdd/skills/constitution/SKILL.md
Zhongwei Li a0be4de7ac Initial commit
2025-11-30 08:51:44 +08:00

519 lines
11 KiB
Markdown
Raw Permalink Blame History

---
name: constitution
description: Create and manage project constitution - defines project-wide principles, patterns, and standards that guide all specs and implementations
---
# Project Constitution Management
## Overview
Create and maintain a project constitution that defines project-wide principles, standards, and patterns.
A constitution provides:
- Architectural decisions
- Coding standards
- Error handling patterns
- Quality gates
- Common practices
All specs are validated against the constitution for consistency.
## Prerequisites
Ensure spec-kit is initialized:
{Skill: spec-kit}
If spec-kit prompts for restart, pause this workflow and resume after restart.
## What is a Constitution?
**Purpose:**
Document project-wide rules that ensure consistency across features.
**Contains:**
- Architectural principles
- Coding standards
- API design patterns
- Error handling approaches
- Security requirements
- Testing standards
- Performance requirements
- Accessibility standards
**Benefits:**
- Consistency across features
- Onboarding documentation
- Design decision record
- Spec validation reference
## When to Create
**Good times:**
- New project starting
- After second or third feature (patterns emerging)
- Team wants consistency
- Before major expansion
**Bad times:**
- First feature (too early, no patterns yet)
- During active implementation
- As reaction to single issue
**Rule of thumb:** Create after you see patterns repeating.
## The Process
### 1. Decide if Constitution Needed
**Ask:**
- Are there repeated patterns in specs?
- Do you want consistency enforced?
- Is this a team project?
- Is this a long-term project?
**If solo + small project:** Constitution might be overkill
**If team OR large OR long-term:** Constitution recommended
### 2. Gather Existing Patterns
**Review existing specs:**
```bash
ls specs/features/
cat specs/features/*.md
```
**Identify patterns:**
- How do we handle errors?
- What API patterns do we follow?
- What security requirements are common?
- What coding standards do we use?
**Extract commonalities:**
Make implicit standards explicit.
### 3. Use Spec-Kit or Manual Creation
**With spec-kit:**
```bash
speckit constitution
```
**Manual creation:**
Create `specs/constitution.md` with template below.
### 4. Create Constitution Content
**Template:**
```markdown
# Project Constitution
**Project:** [Project Name]
**Created:** YYYY-MM-DD
**Last Updated:** YYYY-MM-DD
## Purpose
This constitution defines project-wide principles, patterns, and standards.
All features and implementations must align with these principles.
## Architectural Principles
### [Principle Name]
**Description:** [What this principle means]
**Rationale:** [Why we follow this]
**Examples:**
- ✓ [Good example]
- ✗ [Bad example]
[Repeat for each principle]
## API Design Standards
### RESTful Conventions
- Use standard HTTP methods (GET, POST, PUT, DELETE)
- Plural resource names (/users, not /user)
- Return appropriate status codes
- Use JSON for request/response bodies
### Error Responses
**Format:**
```json
{
"error": "Human-readable error message",
"code": "ERROR_CODE",
"details": { ... }
}
```
**Status Codes:**
- 400: Bad Request (client error)
- 401: Unauthorized (auth required)
- 403: Forbidden (auth insufficient)
- 404: Not Found
- 422: Unprocessable Entity (validation failed)
- 500: Internal Server Error
## Error Handling
### Approach
- All errors must be handled explicitly
- Use try-catch for I/O operations
- Log errors with context
- Return user-friendly messages
### Retry Logic
- Database operations: 3 retries with exponential backoff
- External APIs: 2 retries with fixed delay
- Timeout: 30 seconds for external calls
## Security Requirements
### Authentication
- All API endpoints require JWT authentication (except public endpoints)
- JWTs expire after 30 minutes
- Refresh tokens expire after 7 days
### Input Validation
- Validate all user input
- Sanitize before database operations
- Reject unexpected fields
### Secrets Management
- Never commit secrets to git
- Use environment variables
- Rotate secrets quarterly
## Testing Standards
### Coverage Requirements
- Minimum 80% code coverage
- 100% coverage for critical paths
### Test Types
- Unit tests for all functions
- Integration tests for API endpoints
- E2E tests for critical user flows
### Test Organization
- Tests in `tests/` directory
- Mirror source structure
- Use descriptive test names
## Performance Requirements
### Response Times
- API responses: < 200ms (p95)
- Database queries: < 50ms (p95)
- Page loads: < 2 seconds
### Scalability
- Design for 10,000 concurrent users
- Horizontal scaling preferred
- Stateless where possible
## Code Quality Standards
### Code Style
- Follow [ESLint/Prettier/etc.] configuration
- Consistent naming conventions
- Comments for complex logic only
### Code Review
- All code must be reviewed
- Spec compliance verified
- Tests required before merge
## Accessibility Standards
### WCAG Compliance
- Meet WCAG 2.1 Level AA
- Keyboard navigation required
- Screen reader compatible
## Documentation Standards
### Code Documentation
- JSDoc for public functions
- README in each module
- Architecture diagrams for complex systems
### Spec Documentation
- All features must have specs
- Specs updated with changes
- Specs validated before implementation
## Change Management
### Updating This Constitution
- Requires team discussion (if team)
- Document rationale for changes
- Update all affected specs
- Communicate changes
### Exceptions
- Exceptions must be documented in spec
- Requires justification
- Reviewed during code review
## Glossary
**[Term 1]:** [Definition]
**[Term 2]:** [Definition]
## Decision Log
### [Decision Date]: [Decision Title]
**Context:** [Why decision needed]
**Decision:** [What was decided]
**Rationale:** [Why this decision]
**Implications:** [What this affects]
[Add new decisions here]
```
### 5. Review and Refine
**Questions to ask:**
- Is this too restrictive?
- Is this clear enough?
- Can we realistically follow this?
- Does this reflect our actual practices?
**Adjust as needed.**
### 6. Validate Against Existing Specs
**Check existing specs:**
```bash
# For each existing spec
cat specs/features/[feature].md
# Does it align with constitution?
# Any violations?
```
**If violations found:**
- Update spec, OR
- Update constitution (if spec is right), OR
- Note as exception
### 7. Commit Constitution
```bash
git add specs/constitution.md
git commit -m "Add project constitution
Defines project-wide principles and standards:
- Architectural principles
- API design standards
- Error handling patterns
- Security requirements
- Testing standards
- Code quality standards
All future specs will be validated against this constitution.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>"
```
### 8. Communicate and Adopt
**For team projects:**
- Share with team
- Get consensus
- Document exceptions
- Reference in onboarding
**For solo projects:**
- Keep visible
- Reference when creating specs
- Update as you learn
## Constitution Checklist
Use TodoWrite to track:
- [ ] Decide if constitution needed
- [ ] Gather existing patterns from specs/code
- [ ] Create constitution file (spec-kit or manual)
- [ ] Fill in all relevant sections
- [ ] Review for clarity and feasibility
- [ ] Validate against existing specs
- [ ] Handle any violations found
- [ ] Commit constitution to git
- [ ] Communicate to team (if applicable)
## Example Constitution
```markdown
# Todo App Project Constitution
**Created:** 2025-11-10
## Purpose
Define standards for the todo app project to ensure consistency.
## Architectural Principles
### RESTful API Design
All endpoints follow REST conventions:
- `GET /api/todos` - List todos
- `POST /api/todos` - Create todo
- `PUT /api/todos/:id` - Update todo
- `DELETE /api/todos/:id` - Delete todo
### Data Validation
- Validate on server (never trust client)
- Return 422 for validation failures
- Provide specific error messages
## Error Handling
### Error Response Format
```json
{
"error": "Human-readable message",
"field": "field_name", // for validation errors
"code": "ERROR_CODE"
}
```
### Common Errors
- 400: Malformed request
- 401: Not authenticated
- 404: Todo not found
- 422: Validation failed (e.g., title too long)
## Testing Standards
### Requirements
- All endpoints have integration tests
- All validation rules have tests
- Edge cases tested
### Coverage
- Minimum 80% coverage
- 100% coverage for API endpoints
## Code Quality
### Naming
- camelCase for variables and functions
- PascalCase for classes
- UPPER_CASE for constants
### Comments
- JSDoc for public functions
- Inline comments for complex logic only
## Security
### Authentication
- JWT tokens required for all /api/* endpoints
- Tokens expire after 1 hour
- Refresh on activity
### Input Sanitization
- Escape HTML in todo titles/descriptions
- Limit field lengths (title: 200 chars, description: 2000 chars)
## Decision Log
### 2025-11-10: Use JWT for Auth
**Context:** Need authentication for multi-user support
**Decision:** Use JWT tokens stored in httpOnly cookies
**Rationale:** Secure, stateless, industry standard
**Implications:** Need token refresh mechanism, logout handling
```
## Maintaining the Constitution
**Update when:**
- New patterns emerge
- Decisions change
- Standards evolve
- Exceptions become rules
**Don't update when:**
- Single feature needs exception
- Trying to justify shortcut
- Reacting to single issue
**Update process:**
1. Propose change
2. Update constitution
3. Update affected specs
4. Communicate change
5. Add to decision log
## Common Sections
### Minimal Constitution
- Architectural principles
- Error handling
- Testing standards
### Standard Constitution
- Above, plus:
- API design
- Security requirements
- Code quality
### Comprehensive Constitution
- Above, plus:
- Performance requirements
- Accessibility standards
- Deployment practices
- Monitoring/observability
**Start minimal, expand as needed.**
## Anti-Patterns
**Avoid:**
- Creating constitution too early (no patterns yet)
- Making it too restrictive (can't follow it)
- Copying from other projects (doesn't fit yours)
- Never updating it (becomes outdated)
- Not following it (then why have it?)
**Instead:**
- Wait for patterns to emerge
- Make it realistic and followable
- Extract from your own project
- Update as project evolves
- Enforce during spec validation
## Remember
**Constitution is living document.**
- Starts small, grows with project
- Reflects actual practices
- Updated as standards evolve
- Referenced regularly
**Constitution enables consistency.**
- Specs validated against it
- Reduces decision fatigue
- Onboards new developers
- Documents architectural decisions
**Constitution serves the project.**
- Not rigid rules set in stone
- Pragmatic guidelines
- Updated when they don't serve
- Exceptions documented
**Good constitution helps. Bad constitution hinders.**
Make yours helpful.
Reference in New Issue View Git Blame Copy Permalink