validation
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseFeature Validation Skill
功能验证技能
Purpose
用途
This skill provides systematic validation of implemented features, ensuring code quality, test coverage, performance, security, and requirement fulfillment before marking work complete.
本技能可对已实现的功能进行系统性验证,确保在标记工作完成前,代码质量、测试覆盖率、性能、安全性及需求满足度均符合要求。
When to Use
使用时机
- After implementation and testing are complete
- Before creating pull request
- Before marking feature as done
- When verifying all acceptance criteria met
- Final quality gate before deployment
- 实现与测试完成后
- 创建拉取请求(Pull Request)前
- 标记功能为已完成前
- 验证所有验收标准均已满足时
- 部署前的最终质量关卡
Validation Workflow
验证流程
1. Code Quality Validation
1. 代码质量验证
Run Quality Checks:
bash
undefined运行质量检查:
bash
undefinedFormat check (Black)
格式检查(Black)
black --check src/ tests/
black --check src/ tests/
Type checking (mypy)
类型检查(mypy)
mypy src/
mypy src/
Linting (flake8, if configured)
代码风格检查(flake8,若已配置)
flake8 src/ tests/
flake8 src/ tests/
All checks together
一次性运行所有检查
make lint # If Makefile configured
**Quality Checklist:**
Refer to `quality-checklist.md` for comprehensive review
**Key Quality Metrics:**
- [ ] All functions have type hints
- [ ] All public functions have docstrings (Google style)
- [ ] No files exceed 500 lines
- [ ] No lint errors or warnings
- [ ] Code formatted with Black
- [ ] Type checking passes with mypy
- [ ] No code duplication (DRY principle)
- [ ] Single responsibility principle followed
**Automated Script:**
```bashmake lint # 若已配置Makefile
**质量检查清单:**
参考`quality-checklist.md`进行全面评审
**关键质量指标:**
- [ ] 所有函数均包含类型提示
- [ ] 所有公共函数均有文档字符串(Google风格)
- [ ] 无文件超过500行
- [ ] 无代码风格检查错误或警告
- [ ] 代码已使用Black格式化
- [ ] mypy类型检查通过
- [ ] 无代码重复(遵循DRY原则)
- [ ] 遵循单一职责原则
**自动化脚本:**
```bashUse validation script
使用验证脚本
python scripts/run_checks.py --quality
**Deliverable:** Quality report with pass/fail
---python scripts/run_checks.py --quality
**交付物:** 包含通过/未通过结果的质量报告
---2. Test Coverage Validation
2. 测试覆盖率验证
Run Tests with Coverage:
bash
undefined运行带覆盖率统计的测试:
bash
undefinedRun all tests with coverage
运行所有测试并统计覆盖率
pytest --cov=src --cov-report=html --cov-report=term-missing
pytest --cov=src --cov-report=html --cov-report=term-missing
Check coverage threshold
检查覆盖率阈值
pytest --cov=src --cov-fail-under=80
pytest --cov=src --cov-fail-under=80
View HTML coverage report
查看HTML格式的覆盖率报告
open htmlcov/index.html
**Coverage Checklist:**
- [ ] Overall coverage ≥ 80%
- [ ] Core business logic ≥ 90%
- [ ] Utilities and helpers ≥ 85%
- [ ] No critical paths untested
- [ ] All branches covered
- [ ] Edge cases tested
- [ ] Error conditions tested
**Identify Coverage Gaps:**
```bashopen htmlcov/index.html
**覆盖率检查清单:**
- [ ] 整体覆盖率 ≥ 80%
- [ ] 核心业务逻辑覆盖率 ≥ 90%
- [ ] 工具与辅助函数覆盖率 ≥ 85%
- [ ] 无未测试的关键路径
- [ ] 所有分支均已覆盖
- [ ] 边界情况已测试
- [ ] 错误场景已测试
**识别覆盖率缺口:**
```bashShow untested lines
显示未测试的代码行
pytest --cov=src --cov-report=term-missing
pytest --cov=src --cov-report=term-missing
Generate detailed HTML report
生成详细的HTML报告
pytest --cov=src --cov-report=html
**Deliverable:** Coverage report with gaps identified
---pytest --cov=src --cov-report=html
**交付物:** 标记出覆盖率缺口的覆盖率报告
---3. Test Quality Validation
3. 测试质量验证
Review Test Suite:
- All tests passing
- No skipped tests (without justification)
- No flaky tests (intermittent failures)
- Tests run quickly (unit tests < 1 min)
- Tests are independent (no order dependency)
- Tests clean up after themselves
- Mock external dependencies properly
- Test names are clear and descriptive
Run Tests Multiple Times:
bash
undefined评审测试套件:
- 所有测试均通过
- 无无理由跳过的测试
- 无不稳定测试(间歇性失败)
- 测试运行速度快(单元测试总耗时 < 1分钟)
- 测试相互独立(无执行顺序依赖)
- 测试完成后会清理环境
- 外部依赖已正确模拟
- 测试名称清晰且具有描述性
多次运行测试:
bash
undefinedRun tests 10 times to check for flaky tests
运行测试10次以检查是否存在不稳定测试
for i in {1..10}; do pytest || break; done
for i in {1..10}; do pytest || break; done
Run in random order
随机顺序运行测试
pytest --random-order
**Test Markers:**
```bashpytest --random-order
**测试标记:**
```bashVerify no slow tests in unit tests
验证单元测试中无慢测试
pytest tests/unit/ -m "not slow"
pytest tests/unit/ -m "not slow"
Run integration tests separately
单独运行集成测试
pytest tests/integration/
**Deliverable:** Test quality assessment
---pytest tests/integration/
**交付物:** 测试质量评估报告
---4. Performance Validation
4. 性能验证
Performance Checklist:
Refer to for target metrics
performance-benchmarks.mdKey Performance Metrics:
- Response time < target (e.g., < 200ms for p95)
- Throughput meets requirements (e.g., 1000 req/s)
- Memory usage within bounds (e.g., < 100MB)
- CPU usage reasonable (e.g., < 50%)
- No memory leaks detected
- Database queries optimized (< 5 queries per operation)
Performance Testing:
bash
undefined性能检查清单:
参考获取目标指标
performance-benchmarks.md关键性能指标:
- 响应时间 < 目标值(例如,p95 < 200ms)
- 吞吐量满足要求(例如,1000请求/秒)
- 内存使用在合理范围内(例如,< 100MB)
- CPU使用率合理(例如,< 50%)
- 未检测到内存泄漏
- 数据库查询已优化(每次操作查询次数 < 5次)
性能测试:
bash
undefinedRun performance tests
运行性能测试
pytest tests/performance/ -v
pytest tests/performance/ -v
Profile code
代码性能分析
python -m cProfile -o profile.stats script.py
python -m pstats profile.stats
python -m cProfile -o profile.stats script.py
python -m pstats profile.stats
Memory profiling
内存分析
python -m memory_profiler script.py
**Benchmark Against Requirements:**
```pythonpython -m memory_profiler script.py
**与需求基准对比:**
```pythonExample performance test
性能测试示例
def test_performance_requirement():
"""Verify operation meets performance requirement."""
start = time.time()
result = expensive_operation()
duration = time.time() - start
assert duration < 1.0, f"Took {duration}s, required < 1.0s"
**Deliverable:** Performance report with metrics
---def test_performance_requirement():
"""验证操作是否满足性能要求。"""
start = time.time()
result = expensive_operation()
duration = time.time() - start
assert duration < 1.0, f"耗时 {duration}秒,要求 < 1.0秒"
**交付物:** 包含指标的性能报告
---5. Security Validation
5. 安全性验证
Security Checklist Review:
Review from analysis phase and verify:
security-checklist.mdInput Validation:
- All user inputs validated and sanitized
- SQL injection prevented (parameterized queries)
- Command injection prevented (no shell=True with user input)
- Path traversal prevented (sanitized file paths)
- XSS prevented (escaped output)
Authentication & Authorization:
- Authentication required for protected endpoints
- Authorization checks at every access point
- Session management secure
- Credentials not hardcoded
Data Protection:
- Sensitive data encrypted in transit
- Sensitive data encrypted at rest (if applicable)
- PII handling compliant
- Secrets in environment variables (not code)
- Error messages don't leak sensitive info
Dependency Security:
bash
undefined安全检查清单评审:
回顾分析阶段的并验证:
security-checklist.md输入验证:
- 所有用户输入均已验证并净化
- 已防止SQL注入(使用参数化查询)
- 已防止命令注入(用户输入未搭配shell=True使用)
- 已防止路径遍历(文件路径已净化)
- 已防止XSS攻击(输出已转义)
认证与授权:
- 受保护的端点需要认证
- 每个访问点均有授权检查
- 会话管理安全
- 凭证未硬编码在代码中
数据保护:
- 敏感数据在传输过程中已加密
- 敏感数据在存储时已加密(如适用)
- PII(个人可识别信息)处理合规
- 密钥存储在环境变量中(而非代码内)
- 错误信息未泄露敏感信息
依赖安全性:
bash
undefinedCheck for vulnerable dependencies
检查存在漏洞的依赖
pip-audit
pip-audit
Or use safety
或使用safety工具
safety check --json
safety check --json
Check for outdated dependencies
检查过时的依赖
pip list --outdated
**Deliverable:** Security validation report
---pip list --outdated
**交付物:** 安全性验证报告
---6. Requirements Validation
6. 需求验证
Verify Acceptance Criteria:
Review original requirements from analysis phase:
- All functional requirements implemented
- All acceptance criteria met
- User stories fulfilled
- Edge cases handled
- Error scenarios handled
Manual Testing:
bash
undefined验证验收标准:
回顾分析阶段的原始需求:
- 所有功能需求均已实现
- 所有验收标准均已满足
- 用户故事已完成
- 边界情况已处理
- 错误场景已处理
手动测试:
bash
undefinedTest CLI (if applicable)
测试CLI(如适用)
python -m src.tools.feature.main --help
python -m src.tools.feature.main create --name test
python -m src.tools.feature.main --help
python -m src.tools.feature.main create --name test
Test with sample data
使用示例数据测试
python -m src.tools.feature.main --input samples/test.json
python -m src.tools.feature.main --input samples/test.json
Test error cases
测试错误场景
python -m src.tools.feature.main --invalid-option
**Regression Testing:**
- [ ] Existing functionality not broken
- [ ] No breaking changes to public APIs
- [ ] Backward compatibility maintained (if required)
**Deliverable:** Requirements validation checklist
---python -m src.tools.feature.main --invalid-option
**回归测试:**
- [ ] 现有功能未被破坏
- [ ] 公共API无破坏性变更
- [ ] 保持向后兼容性(如要求)
**交付物:** 需求验证检查清单
---7. Documentation Validation
7. 文档验证
Code Documentation:
- All public functions have docstrings
- Docstrings follow Google style
- Complex logic has inline comments
- Type hints present and accurate
- README updated (if applicable)
Technical Documentation:
- Architecture documented
- API contracts documented
- Configuration documented
- Setup instructions complete
- Known issues documented
User Documentation:
- Usage guide written (if applicable)
- Examples provided
- Troubleshooting guide included
- FAQ updated
CHANGELOG Update:
- Changes documented in CHANGELOG.md
- Version bumped appropriately
- Breaking changes highlighted
Deliverable: Documentation review checklist
代码文档:
- 所有公共函数均有文档字符串
- 文档字符串遵循Google风格
- 复杂逻辑有内联注释
- 类型提示存在且准确
- README已更新(如适用)
技术文档:
- 架构已文档化
- API契约已文档化
- 配置已文档化
- 安装配置说明完整
- 已知问题已文档化
用户文档:
- 编写了使用指南(如适用)
- 提供了示例
- 包含故障排除指南
- FAQ已更新
更新CHANGELOG:
- 变更已记录在CHANGELOG.md中
- 版本已适当升级
- 破坏性变更已高亮显示
交付物: 文档评审检查清单
8. Integration Validation
8. 集成验证
Integration Testing:
bash
undefined集成测试:
bash
undefinedRun integration tests
运行集成测试
pytest tests/integration/ -v
pytest tests/integration/ -v
Test with real dependencies (in test environment)
使用真实依赖测试(在测试环境中)
pytest tests/integration/ --no-mock
**Integration Checklist:**
- [ ] Integrates correctly with existing code
- [ ] No circular dependencies
- [ ] Module imports work correctly
- [ ] Configuration loads correctly
- [ ] External services connect (if applicable)
**End-to-End Testing:**
```bashpytest tests/integration/ --no-mock
**集成检查清单:**
- [ ] 与现有代码集成正确
- [ ] 无循环依赖
- [ ] 模块导入正常工作
- [ ] 配置加载正常
- [ ] 外部服务可连接(如适用)
**端到端测试:**
```bashTest complete workflows
测试完整工作流
pytest tests/e2e/ -v
pytest tests/e2e/ -v
Manual E2E testing
手动端到端测试
./scripts/manual_test.sh
**Deliverable:** Integration test report
---./scripts/manual_test.sh
**交付物:** 集成测试报告
---9. Final Validation
9. 最终验证
Run Complete Validation Suite:
bash
undefined运行完整验证套件:
bash
undefinedUse automated validation script
使用自动化验证脚本
python scripts/run_checks.py --all
python scripts/run_checks.py --all
Or run individual checks
或运行单独的检查项
python scripts/run_checks.py --quality
python scripts/run_checks.py --tests
python scripts/run_checks.py --coverage
python scripts/run_checks.py --security
**Pre-PR Checklist:**
- [ ] All quality checks passing
- [ ] Test coverage ≥ 80%
- [ ] All tests passing
- [ ] Performance requirements met
- [ ] Security validated
- [ ] Requirements fulfilled
- [ ] Documentation complete
- [ ] Integration verified
- [ ] No known critical bugs
**Create Validation Report:**
```markdownpython scripts/run_checks.py --quality
python scripts/run_checks.py --tests
python scripts/run_checks.py --coverage
python scripts/run_checks.py --security
**拉取请求前检查清单:**
- [ ] 所有质量检查均通过
- [ ] 测试覆盖率 ≥ 80%
- [ ] 所有测试均通过
- [ ] 性能需求已满足
- [ ] 安全性已验证
- [ ] 需求已满足
- [ ] 文档完整
- [ ] 集成已验证
- [ ] 无已知严重bug
**生成验证报告:**
```markdownValidation Report: [Feature Name]
验证报告: [功能名称]
Quality ✅
质量 ✅
- Black: PASS
- mypy: PASS
- flake8: PASS (0 errors, 0 warnings)
- Black: 通过
- mypy: 通过
- flake8: 通过(0个错误,0个警告)
Testing ✅
测试 ✅
- Unit tests: 45 passed
- Integration tests: 12 passed
- Coverage: 87% (target: 80%)
- 单元测试: 45个通过
- 集成测试: 12个通过
- 覆盖率: 87%(目标: 80%)
Performance ✅
性能 ✅
- Response time (p95): 145ms (target: < 200ms)
- Throughput: 1200 req/s (target: 1000 req/s)
- Memory usage: 75MB (target: < 100MB)
- 响应时间(p95): 145ms(目标: < 200ms)
- 吞吐量: 1200请求/秒(目标: 1000请求/秒)
- 内存使用: 75MB(目标: < 100MB)
Security ✅
安全性 ✅
- No vulnerable dependencies
- Input validation: Complete
- Secrets management: Secure
- 无脆弱依赖
- 输入验证: 已完成
- 密钥管理: 安全
Requirements ✅
需求 ✅
- All acceptance criteria met
- No regressions detected
- 所有验收标准均已满足
- 未检测到回归问题
Documentation ✅
文档 ✅
- Code documentation: Complete
- Technical docs: Complete
- CHANGELOG: Updated
- 代码文档: 完整
- 技术文档: 完整
- CHANGELOG: 已更新
Status: READY FOR PR ✅
状态: 可提交拉取请求 ✅
**Deliverable:** Final validation report
---
**交付物:** 最终验证报告
---Quality Standards
质量标准
Code Quality Metrics
代码质量指标
Complexity:
- Cyclomatic complexity < 10 per function
- Max nesting depth: 4 levels
Maintainability:
- Files < 500 lines
- Functions < 50 lines
- Classes < 300 lines
Documentation:
- 100% public API documented
- Docstring coverage ≥ 90%
复杂度:
- 每个函数的圈复杂度 < 10
- 最大嵌套深度: 4层
可维护性:
- 文件行数 < 500行
- 函数行数 < 50行
- 类行数 < 300行
文档:
- 100%的公共API已文档化
- 文档字符串覆盖率 ≥ 90%
Test Quality Metrics
测试质量指标
Coverage:
- Overall: ≥ 80%
- Critical paths: 100%
- Core logic: ≥ 90%
Test Quality:
- No flaky tests
- Unit tests < 1 minute total
- Integration tests < 5 minutes total
覆盖率:
- 整体: ≥ 80%
- 关键路径: 100%
- 核心逻辑: ≥ 90%
测试质量:
- 无不稳定测试
- 单元测试总耗时 < 1分钟
- 集成测试总耗时 < 5分钟
Performance Benchmarks
性能基准
Refer to for detailed criteria
performance-benchmarks.mdResponse Time:
- p50: < 50ms
- p95: < 200ms
- p99: < 500ms
Resource Usage:
- Memory: < 100MB
- CPU: < 50% single core
参考获取详细标准
performance-benchmarks.md响应时间:
- p50: < 50ms
- p95: < 200ms
- p99: < 500ms
资源使用:
- 内存: < 100MB
- CPU: 单核使用率 < 50%
Automated Validation Script
自动化验证脚本
The script automates validation:
scripts/run_checks.pybash
undefinedscripts/run_checks.pybash
undefinedRun all checks
运行所有检查
python scripts/run_checks.py --all
python scripts/run_checks.py --all
Run specific checks
运行特定检查
python scripts/run_checks.py --quality
python scripts/run_checks.py --tests
python scripts/run_checks.py --coverage
python scripts/run_checks.py --security
python scripts/run_checks.py --performance
python scripts/run_checks.py --quality
python scripts/run_checks.py --tests
python scripts/run_checks.py --coverage
python scripts/run_checks.py --security
python scripts/run_checks.py --performance
Generate report
生成报告
python scripts/run_checks.py --all --report validation-report.md
---python scripts/run_checks.py --all --report validation-report.md
---Supporting Resources
支持资源
- quality-checklist.md: Comprehensive code quality standards
- performance-benchmarks.md: Performance criteria and targets
- scripts/run_checks.py: Automated validation runner
- quality-checklist.md: 全面的代码质量标准
- performance-benchmarks.md: 性能标准与目标
- scripts/run_checks.py: 自动化验证运行器
Integration with Feature Implementation Flow
与功能实现流程的集成
Input: Completed implementation with tests
Process: Systematic validation against all criteria
Output: Validation report + approval for PR
Next Step: Create pull request or deploy
输入: 已完成测试的功能实现
流程: 基于所有标准进行系统性验证
输出: 验证报告 + 拉取请求批准
下一步: 创建拉取请求或部署
Validation Checklist Summary
验证检查清单摘要
Quality ✓
质量 ✓
- Code formatted (Black)
- Type checked (mypy)
- Linted (no errors/warnings)
- Files < 500 lines
- Functions documented
- Quality checklist complete
- 代码已格式化(Black)
- 类型已检查(mypy)
- 代码风格检查通过(无错误/警告)
- 文件行数 < 500行
- 函数已文档化
- 质量检查清单已完成
Testing ✓
测试 ✓
- All tests passing
- Coverage ≥ 80%
- Core logic ≥ 90% coverage
- No flaky tests
- Tests run quickly
- 所有测试均通过
- 覆盖率 ≥ 80%
- 核心逻辑覆盖率 ≥ 90%
- 无不稳定测试
- 测试运行速度快
Performance ✓
性能 ✓
- Response time < target
- Throughput meets requirements
- Memory usage reasonable
- No performance regressions
- 响应时间 < 目标值
- 吞吐量满足要求
- 内存使用合理
- 无性能回归
Security ✓
安全性 ✓
- Input validation complete
- No hardcoded secrets
- Dependencies scanned
- Security checklist complete
- 输入验证已完成
- 无硬编码密钥
- 依赖已扫描
- 安全检查清单已完成
Requirements ✓
需求 ✓
- Acceptance criteria met
- User stories fulfilled
- Edge cases handled
- No regressions
- 验收标准已满足
- 用户故事已完成
- 边界情况已处理
- 无回归问题
Documentation ✓
文档 ✓
- Code documented
- Technical docs complete
- User docs (if applicable)
- CHANGELOG updated
- 代码已文档化
- 技术文档完整
- 用户文档(如适用)已完成
- CHANGELOG已更新
Integration ✓
集成 ✓
- Integration tests passing
- No breaking changes
- Backward compatible
- 集成测试已通过
- 无破坏性变更
- 向后兼容
Final Approval ✓
最终批准 ✓
- All checklists complete
- Validation report generated
- Ready for pull request
- Stakeholder approval (if required)
- 所有检查清单已完成
- 已生成验证报告
- 可提交拉取请求
- 相关方已批准(如需要)
Sign-off
签署确认
Feature: [Feature Name]
Validated By: [Your Name]
Date: [YYYY-MM-DD]
Status: ☐ Approved ☐ Needs Work
Notes:
[Any additional notes or concerns]
功能: [功能名称]
验证人: [你的姓名]
日期: [YYYY-MM-DD]
状态: ☐ 批准 ☐ 需要改进
备注:
[任何额外备注或问题]
What to Do If Validation Fails
验证失败时的处理步骤
Quality Issues:
- Fix formatting:
black src/ tests/ - Fix type errors: Review mypy output
- Fix lint errors: Review flake8 output
- Refactor large files/functions
Coverage Issues:
- Identify untested code:
pytest --cov-report=html - Add missing tests
- Review edge cases
- Add error condition tests
Performance Issues:
- Profile code:
python -m cProfile - Optimize hot paths
- Add caching where appropriate
- Optimize database queries
Security Issues:
- Address vulnerabilities:
pip-audit - Review input validation
- Check secrets management
- Run security checklist again
Requirement Issues:
- Review acceptance criteria
- Implement missing functionality
- Test edge cases
- Verify with stakeholders
After Fixes:
- Re-run validation
- Update validation report
- Verify all checks pass
- Proceed to PR
质量问题:
- 修复格式:
black src/ tests/ - 修复类型错误:查看mypy输出
- 修复代码风格错误:查看flake8输出
- 重构大文件/函数
覆盖率问题:
- 识别未测试代码:
pytest --cov-report=html - 添加缺失的测试
- 评审边界情况
- 添加错误场景测试
性能问题:
- 代码性能分析:
python -m cProfile - 优化热点路径
- 合理添加缓存
- 优化数据库查询
安全性问题:
- 处理漏洞:
pip-audit - 评审输入验证
- 检查密钥管理
- 重新运行安全检查清单
需求问题:
- 评审验收标准
- 实现缺失的功能
- 测试边界情况
- 与相关方确认
修复后:
- 重新运行验证
- 更新验证报告
- 确认所有检查均通过
- 提交拉取请求