mancitrus/system-prompts-and-models-of-ai-tools
1
0
Fork 0
mirror of https://github.com/x1xhlol/system-prompts-and-models-of-ai-tools.git synced 2026-06-18 15:29:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
ba5cd75466
system-prompts-and-models-o.../salesflow-saas/.claude/commands/release-prep.md
Claude f5c5aafbb0
feat(dealix): wire all Tier-1 APIs to real database — Sprints A-G 
Sprint A — Executive Room real data:
  Rewrote executive_roi_service.py (20→158 lines) to aggregate from 7 live
  services: deals (revenue/pipeline/win_rate), approval SLA (pending/warning/
  breach from _dealix_sla), connector health (IntegrationSyncState), compliance
  posture (saudi_compliance_matrix), contradictions (contradiction_engine),
  strategic deals, evidence packs.

Sprint B — Approval Center live:
  Wired approval_center.py to query real ApprovalRequest table with SLA data
  from payload["_dealix_sla"]. Approve/reject endpoints update real DB records
  with reviewed_at timestamp.

Sprint C — Saudi Compliance live:
  Wired saudi_compliance.py to call saudi_compliance_matrix service methods
  (get_matrix, get_posture, get_risk_heatmap) with real AsyncSession + tenant_id.

Sprint D — Contradiction + Evidence Pack DB:
  Wired contradiction.py and evidence_packs.py to real database via
  contradiction_engine and evidence_pack_service. All CRUD operations
  now persist to PostgreSQL with proper tenant isolation.

Sprint F — Operating Plane:
  Created CODEOWNERS file mapping sensitive paths to @VoXc2.
  Added architecture_brief.py step to CI pipeline (runs before pytest).

Sprint G — OWASP LLM:
  Added OWASP LLM Top 10 review + architecture brief validation to
  release-prep.md (steps 10-11).

https://claude.ai/code/session_01W1rJthWDkasijTdXCfxVHs
2026-04-16 13:44:35 +00:00

108 lines
3.5 KiB
Markdown
Raw Blame History

# /release-prep — Release Preparation Checklist for Dealix
Prepare a release candidate. Run all checks and generate release notes.
## Steps
### 1. Run Full Test Suite
```bash
cd backend && pytest -v --tb=short 2>&1 | tail -30
```
All tests must pass. If any fail, list them and stop.
### 2. Lint & Format Check
```bash
cd backend && ruff check . --select E,W,F,I
cd backend && ruff format --check .
```
Fix any issues found.
### 3. Security Scan
- Grep for hardcoded secrets:
```bash
grep -rn "API_KEY\|SECRET_KEY\|PASSWORD\|PRIVATE_KEY" backend/app/ --include="*.py" | grep -v "settings\.\|config\.\|get_settings\|os\.environ\|\.env"
```
- Check for known vulnerable dependencies:
```bash
pip-audit -r backend/requirements.txt 2>/dev/null || echo "pip-audit not installed"
```
### 4. Database Migrations
- Check for pending migrations:
```bash
cd backend && alembic heads
cd backend && alembic current
```
- Verify migration chain is linear (no branch conflicts)
- Confirm all migrations have downgrade functions
### 5. Arabic Translation Completeness
- Scan frontend for untranslated strings:
```bash
grep -rn "TODO.*translat\|FIXME.*arabic\|FIXME.*rtl" frontend/src/ --include="*.tsx" --include="*.ts"
```
- Check that all toast messages, error messages, and form labels have Arabic variants
- Verify RTL layout in key pages: dashboard, leads, deals, settings
### 6. Build Frontend
```bash
cd frontend && npm run build 2>&1 | tail -20
```
Build must complete without errors. Warnings are acceptable but should be noted.
### 7. Docker Build Verification
```bash
docker compose build --no-cache 2>&1 | tail -10
```
All services must build successfully.
### 8. Environment Variable Audit
Compare `.env.example` against required variables:
- Database: `DATABASE_URL`, `REDIS_URL`
- Auth: `JWT_SECRET_KEY`, `JWT_ALGORITHM`
- AI: `GROQ_API_KEY`, `OPENAI_API_KEY`
- WhatsApp: `ULTRAMSG_INSTANCE_ID`, `ULTRAMSG_TOKEN`
- Payments: `STRIPE_SECRET_KEY`, `STRIPE_WEBHOOK_SECRET`
- Monitoring: `SENTRY_DSN`
Verify no variable is empty or placeholder in production config.
### 9. Generate Release Notes
Based on commits since last tag:
```bash
git log $(git describe --tags --abbrev=0 2>/dev/null || echo "HEAD~20")..HEAD --oneline --no-merges
```
Organize into:
- **New Features** — user-facing capabilities
- **Improvements** — enhancements to existing features
- **Bug Fixes** — resolved issues
- **Security** — security-related changes
- **Infrastructure** — deployment, CI/CD, config changes
- **Breaking Changes** — anything requiring migration or config updates
### 10. OWASP LLM Top 10 Review
Verify controls for each OWASP LLM risk:
- **LLM01 Prompt Injection**: Input sanitization active? System prompts isolated?
- **LLM02 Insecure Output**: All critical outputs validated via Pydantic schemas?
- **LLM04 Model DoS**: Rate limiting (slowapi) + timeout configured?
- **LLM05 Supply Chain**: Only approved LLM providers in model_router?
- **LLM06 Sensitive Info**: No PII in prompts? Audit trail for AI conversations?
- **LLM07 Insecure Plugins**: All plugins go through OpenClaw policy gate?
- **LLM08 Excessive Agency**: Class B/C enforcement active for sensitive actions?
- **LLM09 Overreliance**: HITL required for all external commitments?
### 11. Architecture Brief Validation
```bash
cd .. && python scripts/architecture_brief.py
```
Must pass 40/40 checks. If any fail, block the release.
### 12. Pre-release Summary
Output a go/no-go decision with:
- Test results (pass/fail count)
- Security findings
- Migration status
- Build status
- Outstanding risks or blockers
Reference in New Issue View Git Blame Copy Permalink