metabuilder/docs/todo/core/21-SDLC-TODO.md

TODO 21 - SDLC (Software Development Lifecycle)

Phase 1: Planning & Design

Workflow: planning.yml

• Test planning.yml workflow with real feature requests
• Validate architecture review suggestions are actionable
• Ensure PRD alignment checks reference correct docs
• Add planning templates for different feature types
• Create checklist automation for complex features

Design Tooling

• Add visual architecture diagram generation
• Create component dependency visualization
• Implement impact analysis for proposed changes
• Add package structure recommendation engine
• Create permission level planning tool

---

Phase 2: Development

Workflow: development.yml

• Verify code metrics calculation is accurate
• Test component size monitoring thresholds
• Validate declarative ratio tracking
• Ensure refactoring suggestions are relevant
• Test @copilot mention responses in PRs

Developer Experience

• Add real-time linting feedback in IDE
• Create code snippet library for common patterns
• Implement auto-imports for project conventions
• Add declarative-first code suggestions
• Create hardcoded-to-config migration tool

Metrics Goals

• Achieve declarative ratio >50% (JSON + Lua / TS)
• Maintain component size <150 LOC
• Move 100% configuration to database
• Track and reduce TypeScript LOC over time

Development Scripts

• Add Codegen Studio export verification script (tools/validate-codegen-export.ts)
• Add permission level catalog script (tools/list-permissions.ts)

---

Phase 3: Testing & Code Review

Workflow: code-review.yml

• Validate security scanning detects all risk patterns
• Test auto-approval logic for clean PRs
• Ensure label management is consistent
• Add custom rule configuration for project
• Implement incremental review for large PRs

Workflow: ci.yml

• Fix current build failures
• Add parallel test execution
• Implement test result caching
• Add visual regression testing
• Create accessibility checks in CI

Review Automation

• Add AI-powered code suggestions
• Implement pattern-based review rules
• Create architecture compliance checker
• Add multi-tenant safety validator
• Implement Lua script linting

---

Phase 4: Integration & Merge

Workflow: pr-management.yml

• Test auto-labeling accuracy
• Validate size classification thresholds
• Ensure description quality checks are helpful
• Add branch naming convention validation
• Create PR template enforcement

Workflow: merge-conflict-check.yml

• Test conflict detection accuracy
• Add conflict resolution suggestions
• Implement auto-rebase for simple conflicts
• Create conflict notification system

Workflow: auto-merge.yml

• Validate auto-merge conditions are correct
• Add merge queue support
• Implement merge window configuration
• Create merge analytics tracking
• Add rollback automation on failure

---

Phase 5: Deployment

Workflow: deployment.yml

• Complete pre-deployment validation checks
• Test breaking change detection
• Validate deployment notes generation
• Add environment-specific deployment paths
• Implement blue-green deployment support

Deployment Safety

• Add database migration validation
• Implement feature flag integration
• Create canary deployment support
• Add automated rollback triggers
• Implement deployment approval gates

Monitoring Integration

• Create deployment health check automation
• Add performance regression detection
• Implement error rate monitoring post-deploy
• Create deployment success metrics
• Add 48-hour monitoring issue automation

---

Phase 6: Maintenance & Operations

Workflow: issue-triage.yml

• Validate automatic categorization accuracy
• Test AI-fixable issue detection
• Ensure priority assignment is correct
• Add custom triage rules for project
• Implement stale issue handling

Workflow: quality-metrics.yml

• Verify all metrics are calculated correctly
• Add trend tracking over time
• Create quality dashboard integration
• Implement quality gate enforcement
• Add quality regression alerts

Workflow: detect-stubs.yml

• Validate stub detection patterns
• Test PR comment generation
• Add completeness scoring tracking
• Implement stub-to-issue conversion
• Create stub reduction metrics

Dependabot & Dependencies

• Configure daily npm update schedule
• Set up weekly devcontainer updates
• Add security vulnerability auto-issues
• Implement dependency review automation
• Create license compliance checking

---

Prompts & Copilot Integration

.github/prompts/ Review

• Audit 0-kickstart.md for current accuracy
• Update 1-plan-feature.prompt.md
• Review 2-design-component.prompt.md
• Update all 3-impl-*.prompt.md implementation prompts
• Review 4-test-*.prompt.md testing prompts
• Update 5-review-code.prompt.md
• Review 6-deploy-*.prompt.md deployment prompts
• Update 7-maintain-*.prompt.md maintenance prompts
• Review 8-docs-feature.prompt.md
• Update EEK-STUCK.md troubleshooting guide

Copilot Instructions

• Review .github/copilot-instructions.md for accuracy
• Add new patterns and examples
• Update architecture documentation links
• Add common mistake examples
• Create context-specific instruction sections

---

Future Enhancements (from COPILOT_SDLC_SUMMARY.md)

Planned Additions

• Copilot Workspace integration with workflow context
• AI-generated E2E tests from issue descriptions
• Performance monitoring (bundle size, render performance)
• Accessibility checks in PRs
• Visual regression testing with screenshot comparison
• Lua linting for project patterns
• Package structure validation
• Multi-tenant isolation testing automation

Metrics Dashboard

• Declarative ratio trend visualization
• Average component size tracking
• PR merge time analytics
• Auto-fix success rate tracking
• Security vulnerability resolution time
• Test coverage trend graphs
• Deployment frequency metrics

---

Local Development Validation

• Run npm run act:diagnose to verify local Actions setup ✅
• Configure .actrc for Apple Silicon Macs ✅
• Run npm run act to test workflows locally
• Validate all workflow files syntax
• Test workflow triggers manually
• Document workflow testing procedures

---

Documentation Alignment

• Ensure COPILOT_SDLC_SUMMARY.md reflects actual workflow behavior
• Update workflows README with current status
• Create workflow troubleshooting guide
• Add workflow customization documentation
• Document CI/CD pipeline architecture