mancitrus/system-prompts-and-models-of-ai-tools
1
0
Fork 0
mirror of https://github.com/x1xhlol/system-prompts-and-models-of-ai-tools.git synced 2026-06-18 15:29:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
ba5cd75466
system-prompts-and-models-o.../salesflow-saas/.claude/commands/release-prep.md
Claude f5c5aafbb0
feat(dealix): wire all Tier-1 APIs to real database — Sprints A-G 
Sprint A — Executive Room real data:
  Rewrote executive_roi_service.py (20→158 lines) to aggregate from 7 live
  services: deals (revenue/pipeline/win_rate), approval SLA (pending/warning/
  breach from _dealix_sla), connector health (IntegrationSyncState), compliance
  posture (saudi_compliance_matrix), contradictions (contradiction_engine),
  strategic deals, evidence packs.

Sprint B — Approval Center live:
  Wired approval_center.py to query real ApprovalRequest table with SLA data
  from payload["_dealix_sla"]. Approve/reject endpoints update real DB records
  with reviewed_at timestamp.

Sprint C — Saudi Compliance live:
  Wired saudi_compliance.py to call saudi_compliance_matrix service methods
  (get_matrix, get_posture, get_risk_heatmap) with real AsyncSession + tenant_id.

Sprint D — Contradiction + Evidence Pack DB:
  Wired contradiction.py and evidence_packs.py to real database via
  contradiction_engine and evidence_pack_service. All CRUD operations
  now persist to PostgreSQL with proper tenant isolation.

Sprint F — Operating Plane:
  Created CODEOWNERS file mapping sensitive paths to @VoXc2.
  Added architecture_brief.py step to CI pipeline (runs before pytest).

Sprint G — OWASP LLM:
  Added OWASP LLM Top 10 review + architecture brief validation to
  release-prep.md (steps 10-11).

https://claude.ai/code/session_01W1rJthWDkasijTdXCfxVHs
2026-04-16 13:44:35 +00:00

3.5 KiB
Raw Blame History

/release-prep — Release Preparation Checklist for Dealix

Prepare a release candidate. Run all checks and generate release notes.

Steps

1. Run Full Test Suite

cd backend && pytest -v --tb=short 2>&1 | tail -30

All tests must pass. If any fail, list them and stop.

2. Lint & Format Check

cd backend && ruff check . --select E,W,F,I
cd backend && ruff format --check .

Fix any issues found.

3. Security Scan

  • Grep for hardcoded secrets: 
    grep -rn "API_KEY\|SECRET_KEY\|PASSWORD\|PRIVATE_KEY" backend/app/ --include="*.py" | grep -v "settings\.\|config\.\|get_settings\|os\.environ\|\.env"
  • Check for known vulnerable dependencies: 
    pip-audit -r backend/requirements.txt 2>/dev/null || echo "pip-audit not installed"

4. Database Migrations

  • Check for pending migrations: 
    cd backend && alembic heads
cd backend && alembic current
  • Verify migration chain is linear (no branch conflicts)
  • Confirm all migrations have downgrade functions

5. Arabic Translation Completeness

  • Scan frontend for untranslated strings: 
    grep -rn "TODO.*translat\|FIXME.*arabic\|FIXME.*rtl" frontend/src/ --include="*.tsx" --include="*.ts"
  • Check that all toast messages, error messages, and form labels have Arabic variants
  • Verify RTL layout in key pages: dashboard, leads, deals, settings

6. Build Frontend

cd frontend && npm run build 2>&1 | tail -20

Build must complete without errors. Warnings are acceptable but should be noted.

7. Docker Build Verification

docker compose build --no-cache 2>&1 | tail -10

All services must build successfully.

8. Environment Variable Audit

Compare .env.example against required variables:

  • Database: DATABASE_URL, REDIS_URL
  • Auth: JWT_SECRET_KEY, JWT_ALGORITHM
  • AI: GROQ_API_KEY, OPENAI_API_KEY
  • WhatsApp: ULTRAMSG_INSTANCE_ID, ULTRAMSG_TOKEN
  • Payments: STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET
  • Monitoring: SENTRY_DSN

Verify no variable is empty or placeholder in production config.

9. Generate Release Notes

Based on commits since last tag:

git log $(git describe --tags --abbrev=0 2>/dev/null || echo "HEAD~20")..HEAD --oneline --no-merges

Organize into:

  • New Features — user-facing capabilities
  • Improvements — enhancements to existing features
  • Bug Fixes — resolved issues
  • Security — security-related changes
  • Infrastructure — deployment, CI/CD, config changes
  • Breaking Changes — anything requiring migration or config updates

10. OWASP LLM Top 10 Review

Verify controls for each OWASP LLM risk:

  • LLM01 Prompt Injection: Input sanitization active? System prompts isolated?
  • LLM02 Insecure Output: All critical outputs validated via Pydantic schemas?
  • LLM04 Model DoS: Rate limiting (slowapi) + timeout configured?
  • LLM05 Supply Chain: Only approved LLM providers in model_router?
  • LLM06 Sensitive Info: No PII in prompts? Audit trail for AI conversations?
  • LLM07 Insecure Plugins: All plugins go through OpenClaw policy gate?
  • LLM08 Excessive Agency: Class B/C enforcement active for sensitive actions?
  • LLM09 Overreliance: HITL required for all external commitments?

11. Architecture Brief Validation

cd .. && python scripts/architecture_brief.py

Must pass 40/40 checks. If any fail, block the release.

12. Pre-release Summary

Output a go/no-go decision with:

  • Test results (pass/fail count)
  • Security findings
  • Migration status
  • Build status
  • Outstanding risks or blockers