Back to Details

ln-620-codebase-auditor

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Codebase Auditor (L2 Coordinator)

代码库审计器(L2协调器)

Coordinates 9 specialized audit workers to perform comprehensive codebase quality analysis.
协调9名专业审计工作者执行全面的代码库质量分析。

Purpose & Scope

目标与范围

  • Coordinates 9 audit workers (ln-621 through ln-629) running in parallel
  • Research current best practices for detected tech stack via MCP tools ONCE
  • Pass shared context to all workers (token-efficient)
  • Aggregate worker results into single consolidated report
  • Create single refactoring task in Linear under Epic 0 with all findings
  • Manual invocation by user; not part of Story pipeline
  • 协调9名审计工作者(ln-621至ln-629)并行运行
  • 通过MCP工具针对检测到的技术栈研究当前最佳实践,仅执行一次
  • 向所有工作者传递共享上下文(高效使用令牌)
  • 将工作者的结果汇总为一份整合报告
  • 在Epic 0下的Linear中创建单个重构任务,包含所有发现的问题
  • 由用户手动调用;不属于Story流水线的一部分

Workflow

工作流程

  1. Discovery: Load tech_stack.md, principles.md, package manifests, auto-discover Team ID
  2. Research: Query MCP tools for current best practices per major dependency ONCE
  3. Build Context: Create contextStore with best practices + tech stack metadata
  4. Domain Discovery: Detect project domains from folder structure (NEW)
  5. Delegate: Two-stage delegation - global workers + domain-aware workers (UPDATED)
  6. Aggregate: Collect worker results, group by domain, calculate scores
  7. Generate Report: Build consolidated report with Domain Health Summary, Findings by Domain
  8. Create Task: Create Linear task in Epic 0 titled "Codebase Refactoring: [YYYY-MM-DD]"
  1. 发现阶段:加载tech_stack.md、principles.md、包清单文件,自动发现团队ID
  2. 研究阶段:针对每个主要依赖项,通过MCP工具查询当前最佳实践,仅执行一次
  3. 构建上下文:创建包含最佳实践+技术栈元数据的contextStore
  4. 领域发现:从文件夹结构中检测项目领域(新增功能)
  5. 任务分配:两阶段分配 - 全局工作者+领域感知工作者(已更新)
  6. 结果汇总:收集工作者的结果,按领域分组,计算得分
  7. 生成报告:构建包含领域健康摘要、各领域发现问题的整合报告
  8. 创建任务:在Epic 0下创建标题为“代码库重构:[YYYY-MM-DD]”的Linear任务

Phase 1: Discovery

阶段1:发现

Load project metadata:
  • docs/project/tech_stack.md
    - detect tech stack for research
  • docs/principles.md
    - project-specific quality principles
  • Package manifests: 
    package.json
    , 
    requirements.txt
    , 
    go.mod
    , 
    Cargo.toml
  • Auto-discover Team ID from 
    docs/tasks/kanban_board.md
Extract metadata only (not full codebase scan):
  • Programming language(s)
  • Major frameworks/libraries
  • Database system(s)
  • Build tools
  • Test framework(s)
加载项目元数据:
  • docs/project/tech_stack.md
    - 检测技术栈以开展研究
  • docs/principles.md
    - 项目特定的质量原则
  • 包清单文件:
    package.json
    requirements.txt
    go.mod
    Cargo.toml
  • docs/tasks/kanban_board.md
    自动发现团队ID
仅提取元数据(不扫描完整代码库):
  • 编程语言
  • 主要框架/库
  • 数据库系统
  • 构建工具
  • 测试框架

Phase 2: Research Best Practices (ONCE)

阶段2:研究最佳实践(仅执行一次)

For each major dependency identified in Phase 1:
  1. Use 
    mcp__Ref__ref_search_documentation
    for current best practices
  2. Use 
    mcp__context7__get-library-docs
    for up-to-date library documentation
  3. Focus areas by technology type:
TypeResearch Focus
Web FrameworkAsync patterns, middleware, error handling, request lifecycle
ML/AI LibrariesInference optimization, memory management, batching
DatabaseConnection pooling, transactions, query optimization
ContainerizationMulti-stage builds, security, layer caching
Language RuntimeIdioms, performance patterns, memory management
Build contextStore:
json
{
  "tech_stack": {...},
  "best_practices": {...},
  "principles": {...},
  "codebase_root": "..."
}
针对阶段1中识别的每个主要依赖项:
  1. 使用
    mcp__Ref__ref_search_documentation
    获取当前最佳实践
  2. 使用
    mcp__context7__get-library-docs
    获取最新的库文档
  3. 按技术类型划分重点领域:
类型研究重点
Web框架异步模式、中间件、错误处理、请求生命周期
ML/AI库推理优化、内存管理、批处理
数据库连接池、事务、查询优化
容器化多阶段构建、安全、层缓存
语言运行时惯用写法、性能模式、内存管理
构建contextStore:
json
{
  "tech_stack": {...},
  "best_practices": {...},
  "principles": {...},
  "codebase_root": "..."
}

Phase 3: Domain Discovery

阶段3:领域发现

Purpose: Detect project domains from folder structure for domain-aware auditing.
Algorithm:
  1. Priority 1: Explicit domain folders
    • Check for: 
      src/domains/*/
      , 
      src/features/*/
      , 
      src/modules/*/
    • Monorepo patterns: 
      packages/*/
      , 
      libs/*/
      , 
      apps/*/
    • If found (>1 match) → use these as domains
  2. Priority 2: Top-level src/ folders*
    • List folders: 
      src/users/
      , 
      src/orders/
      , 
      src/payments/
    • Exclude infrastructure: 
      utils
      , 
      shared
      , 
      common
      , 
      lib
      , 
      helpers
      , 
      config
      , 
      types
      , 
      interfaces
      , 
      constants
      , 
      middleware
      , 
      infrastructure
      , 
      core
    • If remaining >1 → use as domains
  3. Priority 3: Fallback to global mode
    • If <2 domains detected → 
      domain_mode = "global"
    • All workers scan entire codebase (backward-compatible behavior)
Heuristics for domain detection:
HeuristicIndicatorExample
File count>5 files in folder
src/users/
with 12 files
Structurecontrollers/, services/, models/ presentMVC/Clean Architecture
Barrel exportindex.ts/index.js existsModule pattern
READMEREADME.md describes domainDomain documentation
Output:
json
{
  "domain_mode": "domain-aware",
  "all_domains": [
    {"name": "users", "path": "src/users", "file_count": 45, "is_shared": false},
    {"name": "orders", "path": "src/orders", "file_count": 32, "is_shared": false},
    {"name": "shared", "path": "src/shared", "file_count": 15, "is_shared": true}
  ]
}
Shared folder handling:
  • Folders named 
    shared
    , 
    common
    , 
    utils
    , 
    lib
    , 
    core
    → mark 
    is_shared: true
  • Shared code audited but grouped separately in report
  • Does not affect domain-specific scores
目标:从文件夹结构中检测项目领域,实现领域感知审计。
算法:
  1. 优先级1:显式领域文件夹
    • 检查以下路径:
      src/domains/*/
      src/features/*/
      src/modules/*/
    • 单体仓库模式:
      packages/*/
      libs/*/
      apps/*/
    • 如果找到(匹配>1个)→ 将这些作为领域
  2. *优先级2:顶级src/文件夹
    • 列出文件夹:
      src/users/
      src/orders/
      src/payments/
    • 排除基础设施类文件夹:
      utils
      shared
      common
      lib
      helpers
      config
      types
      interfaces
      constants
      middleware
      infrastructure
      core
    • 如果剩余文件夹>1个 → 将这些作为领域
  3. 优先级3:回退到全局模式
    • 如果检测到的领域<2个 → 
      domain_mode = "global"
    • 所有工作者扫描整个代码库(向后兼容行为)
领域检测的启发式规则:
启发式规则指标示例
文件数量文件夹内文件数>5个
src/users/
包含12个文件
结构存在controllers/、services/、models/MVC/整洁架构
桶导出存在index.ts/index.js模块模式
READMEREADME.md描述领域内容领域文档
输出:
json
{
  "domain_mode": "domain-aware",
  "all_domains": [
    {"name": "users", "path": "src/users", "file_count": 45, "is_shared": false},
    {"name": "orders", "path": "src/orders", "file_count": 32, "is_shared": false},
    {"name": "shared", "path": "src/shared", "file_count": 15, "is_shared": true}
  ]
}
共享文件夹处理:
  • 名为
    shared
    common
    utils
    lib
    core
    的文件夹 → 标记
    is_shared: true
  • 共享代码会被审计,但在报告中单独分组
  • 不影响特定领域的得分

Phase 4: Delegate to Workers

阶段4:分配任务给工作者

CRITICAL: All delegations use Task tool with 
subagent_type: "general-purpose"
for context isolation.
Prompt template:
Task(description: "Audit via ln-62X",
     prompt: "Execute ln-62X-{worker}-auditor. Read skill from ln-62X-{worker}-auditor/SKILL.md. Context: {contextStore}",
     subagent_type: "general-purpose")
Anti-Patterns:
  • ❌ Direct Skill tool invocation without Task wrapper
  • ❌ Any execution bypassing subagent context isolation
Worker Output Contract (Unified):
All workers MUST return JSON with this structure:
json
{
  "category": "Category Name",
  "score": 7,
  "total_issues": 12,
  "critical": 0,
  "high": 3,
  "medium": 7,
  "low": 2,
  "findings": [
    {
      "severity": "HIGH",
      "location": "path/file.ts:123",
      "issue": "Description of the issue",
      "principle": "Category / Sub-principle",
      "recommendation": "How to fix",
      "effort": "S"
    }
  ]
}
Unified Scoring Formula (all workers):
penalty = (critical × 2.0) + (high × 1.0) + (medium × 0.5) + (low × 0.2)
score = max(0, 10 - penalty)
Domain-aware workers add optional fields: 
domain
, 
scan_path
关键注意事项:所有任务分配都使用Task工具,并设置
subagent_type: "general-purpose"
以实现上下文隔离。
提示模板:
Task(description: "通过ln-62X执行审计",
     prompt: "执行ln-62X-{worker}-auditor。从ln-62X-{worker}-auditor/SKILL.md读取技能。上下文:{contextStore}",
     subagent_type: "general-purpose")
反模式:
  • ❌ 不使用Task包装器直接调用Skill工具
  • ❌ 任何绕过子代理上下文隔离的执行行为
统一的工作者输出契约:
所有工作者必须返回如下结构的JSON:
json
{
  "category": "类别名称",
  "score": 7,
  "total_issues": 12,
  "critical": 0,
  "high": 3,
  "medium": 7,
  "low": 2,
  "findings": [
    {
      "severity": "HIGH",
      "location": "path/file.ts:123",
      "issue": "问题描述",
      "principle": "类别 / 子原则",
      "recommendation": "修复建议",
      "effort": "S"
    }
  ]
}
统一评分公式(所有工作者适用):
penalty = (critical × 2.0) + (high × 1.0) + (medium × 0.5) + (low × 0.2)
score = max(0, 10 - penalty)
领域感知工作者可添加可选字段:
domain
scan_path

Phase 4a: Global Workers (PARALLEL)

阶段4a:全局工作者(并行执行)

Global workers scan entire codebase (not domain-aware):
#WorkerPriorityWhat It Audits
1ln-621-security-auditorCRITICALHardcoded secrets, SQL injection, XSS, insecure deps
2ln-622-build-auditorCRITICALCompiler/linter errors, deprecations, type errors
5ln-625-dependencies-auditorMEDIUMOutdated packages, unused deps, custom implementations
6ln-626-dead-code-auditorLOWDead code, unused imports/variables, commented-out code
7ln-627-observability-auditorMEDIUMStructured logging, health checks, metrics, tracing
8ln-628-concurrency-auditorHIGHRace conditions, async/await, resource contention
9ln-629-lifecycle-auditorMEDIUMBootstrap, graceful shutdown, resource cleanup
Invocation (7 workers in PARALLEL):
javascript
FOR EACH worker IN [ln-621, ln-622, ln-625, ln-626, ln-627, ln-628, ln-629]:
  Task(description: "Audit via " + worker,
       prompt: "Execute " + worker + ". Read skill. Context: " + JSON.stringify(contextStore),
       subagent_type: "general-purpose")
全局工作者扫描整个代码库(无领域感知):
序号工作者优先级审计内容
1ln-621-security-auditor关键硬编码密钥、SQL注入、XSS、不安全依赖项
2ln-622-build-auditor关键编译器/检查器错误、弃用项、类型错误
5ln-625-dependencies-auditor中等过时包、未使用依赖项、自定义实现
6ln-626-dead-code-auditor死代码、未使用导入/变量、注释掉的代码
7ln-627-observability-auditor中等结构化日志、健康检查、指标、追踪
8ln-628-concurrency-auditor竞态条件、async/await、资源竞争
9ln-629-lifecycle-auditor中等启动、优雅关闭、资源清理
调用方式(7名工作者并行执行):
javascript
FOR EACH worker IN [ln-621, ln-622, ln-625, ln-626, ln-627, ln-628, ln-629]:
  Task(description: "通过 " + worker + " 执行审计",
       prompt: "执行 " + worker + "。读取技能。上下文:" + JSON.stringify(contextStore),
       subagent_type: "general-purpose")

Phase 4b: Domain-Aware Workers (PARALLEL per domain)

阶段4b:领域感知工作者(按领域并行执行)

Domain-aware workers run once per domain:
#WorkerPriorityWhat It Audits
3ln-623-code-principles-auditorHIGHDRY/KISS/YAGNI violations, TODO/FIXME, error handling, DI
4ln-624-code-quality-auditorMEDIUMCyclomatic complexity, O(n²), N+1 queries, magic numbers
Invocation (2 workers × N domains):
javascript
IF domain_mode == "domain-aware":
  FOR EACH domain IN all_domains:
    domain_context = {
      ...contextStore,
      domain_mode: "domain-aware",
      current_domain: { name: domain.name, path: domain.path }
    }
    // Invoke both workers for this domain
    Skill(skill="ln-623-code-principles-auditor", args=JSON.stringify(domain_context))
    Skill(skill="ln-624-code-quality-auditor", args=JSON.stringify(domain_context))
ELSE:
  // Fallback: invoke once for entire codebase (global mode)
  Skill(skill="ln-623-code-principles-auditor", args=JSON.stringify(contextStore))
  Skill(skill="ln-624-code-quality-auditor", args=JSON.stringify(contextStore))
Parallelism strategy:
  • Phase 4a: All 7 global workers run in PARALLEL
  • Phase 4b: All (2 × N) domain-aware invocations run in PARALLEL
  • Example: 3 domains → 6 invocations (ln-363×3 + ln-364×3) in single message
领域感知工作者针对每个领域执行一次:
序号工作者优先级审计内容
3ln-623-code-principles-auditorDRY/KISS/YAGNI原则违反、TODO/FIXME、错误处理、依赖注入
4ln-624-code-quality-auditor中等圈复杂度、O(n²)、N+1查询、魔法值
调用方式(2名工作者 × N个领域):
javascript
IF domain_mode == "domain-aware":
  FOR EACH domain IN all_domains:
    domain_context = {
      ...contextStore,
      domain_mode: "domain-aware",
      current_domain: { name: domain.name, path: domain.path }
    }
    // 针对该领域调用两名工作者
    Skill(skill="ln-623-code-principles-auditor", args=JSON.stringify(domain_context))
    Skill(skill="ln-624-code-quality-auditor", args=JSON.stringify(domain_context))
ELSE:
  // 回退:针对整个代码库调用一次(全局模式)
  Skill(skill="ln-623-code-principles-auditor", args=JSON.stringify(contextStore))
  Skill(skill="ln-624-code-quality-auditor", args=JSON.stringify(contextStore))
并行策略:
  • 阶段4a:所有7名全局工作者并行运行
  • 阶段4b:所有(2 × N)个领域感知调用并行运行
  • 示例:3个领域 → 6次调用(ln-363×3 + ln-364×3)在单个消息中执行

Phase 5: Aggregate Results

阶段5:汇总结果

Collect results from workers:
Global worker output (unchanged):
json
{
  "category": "Security",
  "score": 7,
  "total_issues": 5,
  "critical": 1,
  "high": 2,
  "medium": 2,
  "low": 0,
  "findings": [...]
}
Domain-aware worker output (NEW):
json
{
  "category": "Architecture & Design",
  "score": 6,
  "domain": "users",
  "scan_path": "src/users",
  "total_issues": 4,
  "critical": 1,
  "high": 2,
  "medium": 1,
  "low": 0,
  "findings": [
    {
      "severity": "CRITICAL",
      "location": "src/users/controllers/UserController.ts:45",
      "issue": "Controller directly uses Repository",
      "principle": "Layer Separation (Clean Architecture)",
      "recommendation": "Create UserService",
      "effort": "L",
      "domain": "users"
    }
  ]
}
Aggregation Algorithm:
1. Collect JSON from all 9 workers (7 global + 2×N domain-aware)
2. Merge findings from all workers into single array
3. Sum severity counts:
   total_critical = sum(worker.critical for all workers)
   total_high = sum(worker.high for all workers)
   total_medium = sum(worker.medium for all workers)
   total_low = sum(worker.low for all workers)
4. Calculate Overall Score:
   overall_score = average(worker.score for all 9 categories)
5. Sort findings by severity: CRITICAL → HIGH → MEDIUM → LOW
6. Group findings by category for report sections
Aggregation steps:
  1. Global workers (7) → merge findings into single list
  2. Domain-aware workers (2 × N) → group by domain.name:
    • Calculate domain-level scores (Architecture + Quality per domain)
    • Build Domain Health Summary table
  3. Overall score → average of 9 category scores (Architecture/Quality averaged across domains)
  4. Severity summary → sum critical/high/medium/low across ALL workers
  5. Findings grouping:
    • Global categories (Security, Build, etc.) → single table
    • Domain-aware categories → subtables per domain
收集工作者的结果:
全局工作者输出(无变化):
json
{
  "category": "Security",
  "score": 7,
  "total_issues": 5,
  "critical": 1,
  "high": 2,
  "medium": 2,
  "low": 0,
  "findings": [...]
}
领域感知工作者输出(新增):
json
{
  "category": "Architecture & Design",
  "score": 6,
  "domain": "users",
  "scan_path": "src/users",
  "total_issues": 4,
  "critical": 1,
  "high": 2,
  "medium": 1,
  "low": 0,
  "findings": [
    {
      "severity": "CRITICAL",
      "location": "src/users/controllers/UserController.ts:45",
      "issue": "控制器直接使用Repository",
      "principle": "分层分离(整洁架构)",
      "recommendation": "创建UserService",
      "effort": "L",
      "domain": "users"
    }
  ]
}
汇总算法:
1. 收集所有9名工作者的JSON结果(7名全局 + 2×N名领域感知)
2. 将所有工作者的发现问题合并到单个数组中
3. 汇总严重程度计数:
   total_critical = sum(所有工作者的worker.critical)
   total_high = sum(所有工作者的worker.high)
   total_medium = sum(所有工作者的worker.medium)
   total_low = sum(所有工作者的worker.low)
4. 计算总体得分:
   overall_score = 所有9个类别的worker.score的平均值
5. 按严重程度对发现问题排序:CRITICAL → HIGH → MEDIUM → LOW
6. 按类别分组发现问题,用于报告章节
汇总步骤:
  1. 全局工作者(7名) → 将发现问题合并到单个列表
  2. 领域感知工作者(2 × N名) → 按domain.name分组:
    • 计算领域级得分(每个领域的架构+质量得分)
    • 构建领域健康摘要表格
  3. 总体得分 → 9个类别得分的平均值(架构/质量得分按领域取平均)
  4. 严重程度摘要 → 汇总所有工作者的critical/high/medium/low数量
  5. 发现问题分组:
    • 全局类别(安全、构建等)→ 单个表格
    • 领域感知类别 → 按领域分离子表格

Output Format

输出格式

markdown
undefined
markdown
undefined

Codebase Audit Report - [DATE]

代码库审计报告 - [日期]

Executive Summary

执行摘要

[2-3 sentences on overall codebase health, major risks, and key strengths]
[2-3句话说明代码库整体健康状况、主要风险和核心优势]

Compliance Score

合规得分

CategoryScoreNotes
SecurityX/10...
Build HealthX/10...
Architecture & DesignX/10...
Code QualityX/10...
Dependencies & ReuseX/10...
Dead CodeX/10...
ObservabilityX/10...
ConcurrencyX/10...
LifecycleX/10...
OverallX/10
类别得分说明
安全X/10...
构建健康X/10...
架构与设计X/10...
代码质量X/10...
依赖项与复用X/10...
死代码X/10...
可观测性X/10...
并发X/10...
生命周期X/10...
总体X/10

Severity Summary

严重程度摘要

SeverityCount
CriticalX
HighX
MediumX
LowX
严重程度数量
CriticalX
HighX
MediumX
LowX

Domain Health Summary (NEW - if domain_mode="domain-aware")

领域健康摘要(新增 - 当domain_mode="domain-aware"时)

DomainFilesArch ScoreQuality ScoreIssues
users457/108/105
orders325/106/108
payments288/107/103
shared156/109/102
Total1206.5/107.5/1018
领域文件数架构得分质量得分问题数
users457/108/105
orders325/106/108
payments288/107/103
shared156/109/102
总计1206.5/107.5/1018

Strengths

优势

  • [What's done well in this codebase]
  • [Good patterns and practices identified]
  • [代码库中做得好的方面]
  • [识别到的良好模式与实践]

Findings by Category

按类别划分的发现问题

1. Security (Global)

1. 安全(全局)

SeverityLocationIssuePrinciple ViolatedRecommendationEffort
CRITICALsrc/api/auth.ts:45Hardcoded API keySecrets ManagementMove to .envS
严重程度位置问题违反的原则建议工作量
CRITICALsrc/api/auth.ts:45硬编码API密钥密钥管理迁移到.envS

2. Build Health (Global)

2. 构建健康(全局)

SeverityLocationIssuePrinciple ViolatedRecommendationEffort
CRITICALMultiple filesTypeScript strict errorsType SafetyFix typesS
严重程度位置问题违反的原则建议工作量
CRITICAL多个文件TypeScript严格模式错误类型安全修复类型问题S

3. Architecture & Design (Domain-Grouped)

3. 架构与设计(按领域分组)

Domain: users (src/users/)
领域:users (src/users/)
SeverityLocationIssuePrinciple ViolatedRecommendationEffort
CRITICALUserController.ts:12Controller→Repository bypassLayer SeparationAdd Service layerL
严重程度位置问题违反的原则建议工作量
CRITICALUserController.ts:12控制器→Repository绕过分层分离添加服务层L
Domain: orders (src/orders/)
领域:orders (src/orders/)
SeverityLocationIssuePrinciple ViolatedRecommendationEffort
HIGHOrderService.ts:45DRY violation (duplicate validation)DRY PrincipleExtract to validators/M
严重程度位置问题违反的原则建议工作量
HIGHOrderService.ts:45DRY原则违反(重复验证)DRY原则提取到validators/M
Domain: shared (src/shared/)
领域:shared (src/shared/)
SeverityLocationIssuePrinciple ViolatedRecommendationEffort
MEDIUMutils.ts:78TODO older than 6 monthsCode HygieneComplete or removeS
严重程度位置问题违反的原则建议工作量
MEDIUMutils.ts:78超过6个月的TODO代码卫生完成或移除S

4. Code Quality (Domain-Grouped)

4. 代码质量(按领域分组)

Domain: users (src/users/)
领域:users (src/users/)
SeverityLocationIssuePrinciple ViolatedRecommendationEffort
HIGHUserService.ts:120Complexity 25MaintainabilitySplit functionM
... (continue for remaining global categories: 5-9)
严重程度位置问题违反的原则建议工作量
HIGHUserService.ts:120复杂度25可维护性拆分函数M
...(剩余全局类别5-9的内容继续)

Recommended Actions (Priority-Sorted)

建议行动(按优先级排序)

PriorityCategoryDomainLocationIssueRecommendationEffort
CRITICALSecurity-src/api/auth.ts:45Hardcoded API keyMove to .envS
CRITICALArchitectureusersUserController.ts:12Controller→Repository bypassAdd Service layerL
CRITICALBuild-Multiple filesTypeScript strict errorsFix typesS
HIGHArchitectureordersOrderService.ts:45DRY violationExtract to validators/M
HIGHCode QualityusersUserService.ts:120Complexity 25Split functionM
优先级类别领域位置问题建议工作量
CRITICAL安全-src/api/auth.ts:45硬编码API密钥迁移到.envS
CRITICAL架构usersUserController.ts:12控制器→Repository绕过添加服务层L
CRITICAL构建-多个文件TypeScript严格模式错误修复类型问题S
HIGH架构ordersOrderService.ts:45DRY原则违反提取到validators/M
HIGH代码质量usersUserService.ts:120复杂度25拆分函数M

Priority Actions

优先级行动

  1. Fix all Critical issues before next release
  2. Address High issues within current sprint
  3. Plan Medium issues for technical debt sprint
  4. Track Low issues in backlog
  1. 在下一个版本发布前修复所有Critical问题
  2. 在当前迭代内处理High问题
  3. 为技术债务迭代规划Medium问题
  4. 在待办事项中追踪Low问题

Sources Consulted

参考来源

  • [Framework] best practices: [URL from MCP Ref]
  • [Library] documentation: [URL from Context7]
undefined
  • [框架] 最佳实践:[来自MCP Ref的URL]
  • [库] 文档:[来自Context7的URL]
undefined

Phase 6: Create Linear Task

阶段6:创建Linear任务

Create task in Epic 0:
  • Title: 
    Codebase Refactoring: [YYYY-MM-DD]
  • Description: Full report from Phase 5 (markdown format)
  • Team: Auto-discovered from kanban_board.md
  • Epic: 0 (technical debt / refactoring epic)
  • Labels: 
    refactoring
    , 
    technical-debt
    , 
    audit
  • Priority: Based on highest severity findings (Critical → Urgent, High → High, etc.)
在Epic 0中创建任务:
  • 标题:
    代码库重构:[YYYY-MM-DD]
  • 描述:阶段5生成的完整报告(markdown格式)
  • 团队:从kanban_board.md自动发现的团队
  • Epic:0(技术债务/重构Epic)
  • 标签:
    refactoring
    technical-debt
    audit
  • 优先级:基于发现问题的最高严重程度(Critical → Urgent, High → High等)

Critical Rules

关键规则

  • Two-stage delegation: Global workers (7) + Domain-aware workers (2 × N domains)
  • Domain discovery: Auto-detect domains from folder structure; fallback to global mode
  • Parallel execution: All workers (global + domain-aware) run in PARALLEL
  • Single context gathering: Research best practices ONCE, pass contextStore to all workers
  • Metadata-only loading: Coordinator loads metadata only; workers load full file contents
  • Domain-grouped output: Architecture & Code Quality findings grouped by domain
  • Language preservation: Task description in project's language (EN/RU from kanban_board.md)
  • Single task: Create ONE task with all findings; do not create multiple tasks
  • Do not audit: Coordinator orchestrates only; audit logic lives in workers
  • 两阶段分配:全局工作者(7名)+ 领域感知工作者(2 × N个领域)
  • 领域发现:从文件夹结构自动检测领域;回退到全局模式
  • 并行执行:所有工作者(全局+领域感知)并行运行
  • 单次上下文收集:仅研究一次最佳实践,将contextStore传递给所有工作者
  • 仅加载元数据:协调器仅加载元数据;工作者加载完整文件内容
  • 按领域分组输出:架构与代码质量发现问题按领域分组
  • 语言保留:任务描述使用项目的语言(从kanban_board.md获取EN/RU)
  • 单个任务:创建一个包含所有发现问题的任务;不要创建多个任务
  • 不执行审计:协调器仅负责编排;审计逻辑在工作者中实现

Definition of Done

完成定义

  • Best practices researched via MCP tools for major dependencies
  • Domain discovery completed (domain_mode determined)
  • contextStore built with tech stack + best practices + domain info
  • Global workers (7) invoked in PARALLEL
  • Domain-aware workers (2 × N domains) invoked in PARALLEL
  • All workers completed successfully (or reported errors)
  • Results aggregated with domain grouping
  • Domain Health Summary built (if domain_mode="domain-aware")
  • Compliance score (X/10) calculated per category + overall
  • Executive Summary and Strengths sections included
  • Linear task created in Epic 0 with full report
  • Sources consulted listed with URLs
  • 已通过MCP工具针对主要依赖项研究最佳实践
  • 已完成领域发现(确定domain_mode)
  • 已构建包含技术栈+最佳实践+领域信息的contextStore
  • 已并行调用全局工作者(7名)
  • 已并行调用领域感知工作者(2 × N个领域)
  • 所有工作者已成功完成(或报告错误)
  • 已按领域分组汇总结果
  • 已构建领域健康摘要(如果domain_mode="domain-aware")
  • 已计算每个类别+总体的合规得分(X/10)
  • 已包含执行摘要和优势章节
  • 已在Epic 0中创建包含完整报告的Linear任务
  • 已列出参考来源的URL

Workers

工作者

See individual worker SKILL.md files for detailed audit rules:
  • ln-621-security-auditor
  • ln-622-build-auditor
  • ln-623-code-principles-auditor
  • ln-624-code-quality-auditor
  • ln-625-dependencies-auditor
  • ln-626-dead-code-auditor
  • ln-627-observability-auditor
  • ln-628-concurrency-auditor
  • ln-629-lifecycle-auditor
查看各个工作者的SKILL.md文件获取详细审计规则:
  • ln-621-security-auditor
  • ln-622-build-auditor
  • ln-623-code-principles-auditor
  • ln-624-code-quality-auditor
  • ln-625-dependencies-auditor
  • ln-626-dead-code-auditor
  • ln-627-observability-auditor
  • ln-628-concurrency-auditor
  • ln-629-lifecycle-auditor

Reference Files

参考文件

  • Orchestrator lifecycle: 
    shared/references/orchestrator_pattern.md
  • Task delegation pattern: 
    shared/references/task_delegation_pattern.md
  • Audit scoring formula: 
    shared/references/audit_scoring.md
  • Audit output schema: 
    shared/references/audit_output_schema.md
  • Principles: 
    docs/principles.md
  • Tech stack: 
    docs/project/tech_stack.md
  • Kanban board: 
    docs/tasks/kanban_board.md
Version: 5.0.0 Last Updated: 2025-12-23
  • 编排器生命周期
    shared/references/orchestrator_pattern.md
  • 任务分配模式
    shared/references/task_delegation_pattern.md
  • 审计评分公式
    shared/references/audit_scoring.md
  • 审计输出 schema
    shared/references/audit_output_schema.md
  • 原则:
    docs/principles.md
  • 技术栈:
    docs/project/tech_stack.md
  • 看板:
    docs/tasks/kanban_board.md
版本: 5.0.0 最后更新: 2025-12-23