This commit enhances the internal review process by adding three critical review criteria that align with industry-standard automated code review practices.
New review criteria:
- **Security Vulnerabilities**: Checks for input validation, authentication issues, data exposure, and hardcoded secrets
- **Performance Impact**: Identifies N+1 queries, memory leaks, inefficient algorithms, and excessive resource usage
- **Architecture Compliance**: Validates separation of concerns, SOLID principles, and established architectural patterns
The expanded criteria bring BMAD's review process in line with tools like SonarQube and ESLint, ensuring comprehensive code quality assessment across functionality, security, performance, and architecture dimensions.
Updated review summary template to capture learnings from all six criteria, providing richer project memory synthesis and better guidance for future development.
This commit introduces two new orchestrator commands to manage the project memory system, enabling manual control over the automated learning process.
New commands:
- \*mem-synth\: Scans completed stories and re-synthesizes project memory, useful for catching missed stories or manual additions
- \*mem-add [memory]\: Immediately processes a user-provided memory through the same validation system used in automatic synthesis
Key features:
- Friendly failure messages for duplicates, contradictions, and invalid memories
- Progress reporting during bulk synthesis operations
- Consistent validation logic with the automated workflow
- Integration with existing core-config.yml settings for story locations
This enhancement provides users with direct control over the project memory system while maintaining the same quality standards as the automated process.
This commit updates the complexity assessment system from a 1-10 scale to the industry-standard Fibonacci scale (1, 2, 3, 5, 8, 13), aligning BMAD with Agile best practices.
Key changes:
- Updated agentThresholdStory from 6 to 5 (Fibonacci equivalent)
- Updated agentThresholdTask from 7 to 8 (Fibonacci equivalent)
- Added Fibonacci complexity guidelines to help agents make consistent assessments
- Modified task instructions to reference Fibonacci scale instead of 1-10
This change ensures consistency with industry standards that most development teams already understand, while maintaining the same relative complexity thresholds for triggering review processes.
This commit enhances the resilience of the `implement-story-with-review` task by adding a graceful fallback mechanism for when the agent cannot access the internet.
Previously, the "Dependency & Standards Analysis" step assumed that an internet connection was available to research modern best practices. This would cause the agent to fail or hang in offline or restricted environments.
The workflow has been updated as follows:
1. The agent now *attempts* to perform the internet search.
2. If the search fails due to a lack of connectivity, it will:
- Inform the user of the situation.
- Ask the user if they want to enable access or if it should proceed using only its existing training data.
- Halt and wait for explicit user confirmation before continuing.
This change prevents the agent from getting stuck and empowers the user to make an informed decision, making the entire process more robust and suitable for a wider range of development environments.
This commit refactors the `implement-story-with-review` task to close a critical logic flaw.
Previously, the task-level complexity check was only performed if the entire story was already in "Review Mode." This created a blind spot where a complex task could go unreviewed if it was part of a story deemed "simple."
The workflow has been updated to a single, unified execution path:
1. The initial story-level complexity assessment now only serves to log a general "state of caution."
2. The task-level complexity check against `agentThresholdTask` is now **mandatory for every task in every story**, regardless of the initial mode.
This ensures that no complex task can be implemented without triggering the internal review process, making the agent's workflow more robust and reliable.
This major feature evolves the Developer Agent from a simple task executor into a context-aware engineer by introducing a new, intelligent workflow and a persistent project memory system.
The new workflow, encapsulated in the `implement-story-with-review` task, consists of two primary phases:
1. **Analysis & Review Phase:**
- Before implementation, the agent proactively analyzes the codebase using semantic search to find reusable patterns and components.
- It assesses story and task complexity against configurable thresholds (`agentThresholdStory`, `agentThresholdTask` in `core-config.yml`).
- For complex tasks, it enters a "Review Mode" and uses an internal "Reviewer" persona to self-critique its own code for duplication, errors, and standards alignment before proceeding.
2. **Memory Synthesis Phase:**
- Upon successfully completing a story, the agent automatically performs a holistic scan of its own developer notes.
- It distills explicit "Lessons Learned" and implicit knowledge into general, actionable rules.
- These memories are validated against existing knowledge to prevent contradictions and are then intelligently upserted into a new, shared `bmad-project-memory.md` file.
**Supporting System Changes:**
- **Orchestrator:** The `bmad-orchestrator` now loads the `bmad-project-memory.md` file on startup, providing all agents with shared, evolving project context.
- **Installer:** The BMAD installation process has been updated to correctly scaffold the new `.bmad-core/data/bmad-project-memory.md` file into new projects, ensuring the feature is available out-of-the-box.
This creates a powerful, real-time learning loop, enabling the AI team to improve and adapt based on project-specific experience, leading to higher-quality and more consistent code.
Issue Being Solved:
Dev agent was marking tasks as complete even when tests/lint/typecheck failed,
causing broken code to reach merge and creating technical debt.
Gap in System:
Missing explicit quality gates in dev agent configuration to block task completion
until all automated validations pass.
Solution:
- Add "Quality Gate Discipline" core principle
- Update task execution flow: Execute validations→Only if ALL pass→Update [x]
- Add "Failing validations" to blocking conditions
- Simplify completion criteria to focus on validation success
Alignment with BMAD Core Principles:
- Quality-First: Prevents defective code progression through workflow
- Agent Excellence: Ensures dev agent maintains high standards
- Technology Agnostic: Uses generic "validations" concept vs specific tools
Small, focused change that strengthens existing dev agent without architectural changes.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-authored-by: Claude <noreply@anthropic.com>
- Add markdownExploder setting to core-config.yml
- Update shard-doc task to use md-tree command when enabled
- Implement proper fallback handling when tool is unavailable
- Update core-config structure to remove nested wrapper
- Fix field naming to use camelCase throughout
- Remove 'root' property from YAML when building web bundles
- Remove 'IDE-FILE-RESOLUTION' and 'REQUEST-RESOLUTION' properties
- Filter out IDE-specific activation instructions
- Keep agent header minimal for web bundles
- Ensures web bundles are clean of IDE-specific configuration
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added two concise activation instructions to SM agent
- IDE-FILE-RESOLUTION: One-line explanation of file path mapping
- REQUEST-RESOLUTION: One-line instruction for flexible request matching
- Simplified file-resolution-context.md to be a quick reference
- Removed verbose documentation in favor of clear, actionable instructions
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added file resolution section to SM agent explaining path patterns
- Created reusable file-resolution-context.md utility
- Documents how agents resolve tasks/templates/checklists to file paths
- Provides natural language to command mapping examples
- Helps IDE agents understand file system structure
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* feat: add expansion pack installation system with game dev and infrastructure expansion packs
- Added expansion pack discovery and installation to BMAD installer
- Supports interactive and CLI installation of expansion packs
- Expansion pack files install to destination root (.bmad-core)
- Added game development expansion pack (.bmad-2d-phaser-game-dev)
- Game designer, developer, and scrum master agents
- Game-specific templates, tasks, workflows, and guidelines
- Specialized for Phaser 3 + TypeScript development
- Added infrastructure devops expansion pack (.bmad-infrastructure-devops)
- Platform engineering agent and infrastructure templates
- Expansion pack agents automatically integrate with IDE rules
- Added list:expansions command and --expansion-packs CLI option
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
* alpha expansion packs and installer update to support installing expansion packs optionally
* node20
---------
Co-authored-by: Brian Madison <brianmadison@Brians-MacBook-Pro.local>
Co-authored-by: Claude <noreply@anthropic.com>
kevlingo
gabadi
Brian Madison
titocr
Brian