forked from fa/breadcrumb-the-shire
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
5.4 KiB
5.4 KiB
Guard Checklist
Use this checklist for the guard reviewer.
Canonical guard IDs live in agent-system/checks/guard-catalog.json.
Architecture
GR-CORE-001no boundary violations against project layeringGR-CORE-002no direct bypass of shared factories/services where prohibitedGR-CORE-003request input contract is respected (requestInput(), no $_POST/$_GET/$_FILES/REQUEST_METHOD)GR-CORE-004API json body contract is respectedGR-CORE-008no direct superglobal access in pages ($_SESSION, $_SERVER, $_COOKIE, $_ENV)GR-CORE-009new Repository list methods use RepoQuery::sanitizeLimitOffset(); no unbounded SELECTs on large tables; maxLimit 100 not raised without justificationGR-CORE-010DB schema changes for existing installs shipped as idempotent SQL scripts in db/updates/; db/init/init.sql alone is not sufficientGR-CORE-011new settings stored in DB settings table via settings gateway; config/settings.php is hot-path cache only, not primary storageGR-CORE-012successful mutating POSTs respond with redirect (PRG); flash messages set before redirect via Flash::set()
Security
GR-CORE-005auth and permission checks stay intactGR-CORE-006tenant-scope checks stay intactGR-SEC-001CSRF token verified on every POST endpoint before request body processingGR-SEC-002no unredacted PII or secrets in logs and audit metadataGR-SEC-003all SQL goes through Repository with prepared statements; no string-interpolated queriesGR-SEC-004no external CDN or remote asset loading; all JS/CSS/fonts must be vendored locally and served via assetVersion()GR-SEC-005encryption only via lib/Support/Crypto.php (AES-256-GCM); no raw openssl_encrypt, no base64-as-encryption, no hand-rolled cryptoGR-SEC-006user-uploaded files stored under storage/{type}/{uuid}/ only; never written to web/; served via PHP controller with authz check; MIME + extension validated before storage
Frontend and UX
GR-UI-001list initialization standard is preservedGR-UI-002no legacy filter toggle markup introducedGR-UI-003row interaction standard is preserved where applicableGR-UI-004page size standard is preserved where applicableGR-UI-005detail page standard is preserved where applicableGR-UI-006no inline confirm hacksGR-UI-007shared partial usage remains consistent (existing partials reused where applicable)GR-UI-016template structure discipline: new pages use established layout system; blocks reused in ≥2 pages extracted as partial in templates/partials/ with naming app-{context}-{purpose}.phtml; no ad-hoc layout HTML in pages that bypasses the layout systemGR-UI-008template RBAC contract remains consistentGR-UI-009no regression in a11y basics (labels, roles, keyboard focus) for touched flowsGR-UI-013a11y by design: new interactive components use semantic HTML, are keyboard-operable (Tab/Enter/Escape), use ARIA only where necessary, meet WCAG 2.1 AA contrastGR-UI-014UI state completeness: new views/components define and implement loading, empty, error, and success states before implementation startsGR-UI-010all user-visible strings in phtml views wrapped in t(); no hardcoded display stringsGR-UI-015new t() keys present in all language files (de + en) in the same merge; no key missing in any language fileGR-UI-011JS reuse-first: existing exports in web/js/core/ and web/js/components/ checked before adding a new function; no logic duplication from core modulesGR-UI-012CSS reuse-first: existing app-* classes and layer rules checked before writing new declarations; only additive overrides on top of shared componentsGR-UI-017lifecycle runtime contract for migrated components is enforced (init(root, config) + destroy(), no component-level auto-init side effects, no legacy wrappers/init alias exports, cleanup of listeners/timers/observers, runtime config via page-config, page-level JS only viaweb/js/pages/*modules, host-bound components incl. tabs withdata-app-componentand root-strict selectors, global utilities only via explicit runtime-global registration, no project-specific customwindow.*globals, namespaced UI storage without legacy fallback/sync paths)
Testing
GR-TEST-001new or changed Service/Gateway logic has accompanying PHPUnit tests (happy path + at least one failure/edge case) in the same mergeGR-TEST-002new code uses constructor injection; no static side-effects, hidden global state, or untestable DB/HTTP calls outside Repository/Gateway abstractions
Language and Style
GR-LANG-001PSR-4 namespace/directory alignment is intact (verified by QG-003)GR-LANG-002PHP style passes composer cs:check without diff for touched files
Quality Gates
QG-001toQG-003are run unless explicitly out of scopeQG-004fast structural checks reported when relevantQG-005JS smoke performed for JS-touching changes; no new unhandled runtime errorsQG-006PHP style check run for any PHP-touching changesQG-007composer-unused run periodically; any newly unused package flagged to reviewer
References:
tools/codex-skills/core-guardrails/references/boundaries-core.mdtools/codex-skills/core-guardrails/references/boundaries-ui.mdtools/codex-skills/core-guardrails/references/quality-gates.mdtools/codex-skills/starterkit-grid-standards/SKILL.mdtools/codex-skills/starterkit-php-style-ci/SKILL.md