ldy26098
/
BMAD-METHOD
mirror of https://github.com/bmad-code-org/BMAD-METHOD.git
1
0
Fork 0
Code Packages Projects Releases Wiki Activity
BMAD-METHOD/expansion-packs/javascript-fullstack-pack/checklists/architecture-review-checkli...

182 lines
8.4 KiB
Markdown
Raw Blame History

# <!-- Powered by BMAD™ Core -->
# Architecture Review Checklist
## Document Completeness
### Executive Summary
- [ ] **System Overview** - Clear 2-3 paragraph description of the system
- [ ] **Technology Stack** - All major technologies listed with versions
- [ ] **Architecture Pattern** - Pattern identified (monolith, microservices, serverless, JAMstack)
- [ ] **Key Design Decisions** - 3-5 major decisions documented with rationale
- [ ] **Scalability Overview** - High-level scalability approach described
### Frontend Architecture
- [ ] **Framework Choice** - React, Vue, or other with version and justification
- [ ] **Build Tool** - Vite, Next.js, or Webpack with configuration approach
- [ ] **State Management** - Clear strategy (React Query, Zustand, Redux, Context)
- [ ] **Routing** - Client-side vs server-side routing explained
- [ ] **Styling Approach** - CSS solution chosen (Tailwind, CSS Modules, Styled Components)
- [ ] **Component Structure** - Folder structure and component organization defined
- [ ] **Code Splitting** - Strategy for bundle optimization
- [ ] **SEO Strategy** - SSR, SSG, or CSR approach with reasoning
### Backend Architecture
- [ ] **Runtime and Framework** - Node.js version and framework (Express, Fastify, NestJS)
- [ ] **API Design** - REST, GraphQL, or tRPC with endpoint organization
- [ ] **Authentication** - Strategy defined (JWT, OAuth, session-based)
- [ ] **Authorization** - RBAC, ABAC, or other approach
- [ ] **Middleware Stack** - Security, logging, error handling middleware
- [ ] **Background Jobs** - Queue system if needed (Bull, BullMQ)
- [ ] **File Uploads** - Strategy for handling file uploads
- [ ] **Email System** - Email sending approach (SendGrid, SES, SMTP)
### Database Design
- [ ] **Database Choice** - SQL vs NoSQL with justification
- [ ] **Schema Design** - Entity relationships documented
- [ ] **Indexes** - Key indexes identified for performance
- [ ] **Migrations** - Migration strategy defined
- [ ] **Seeding** - Data seeding approach for development
- [ ] **Backup Strategy** - Backup frequency and retention
- [ ] **Connection Pooling** - Connection management strategy
### API Design
- [ ] **Versioning Strategy** - URL-based, header-based, or other
- [ ] **Request/Response Format** - JSON schema or GraphQL schema
- [ ] **Error Handling** - Standardized error response format
- [ ] **Pagination** - Cursor-based or offset-based approach
- [ ] **Rate Limiting** - Rate limit strategy and thresholds
- [ ] **CORS Configuration** - Allowed origins and methods
- [ ] **API Documentation** - OpenAPI/Swagger or other documentation
### TypeScript Configuration
- [ ] **Strict Mode** - Strict TypeScript settings justified
- [ ] **Path Aliases** - Import aliases configured (@/, ~/)
- [ ] **Type Definitions** - Strategy for third-party type definitions
- [ ] **Shared Types** - Location of shared types between frontend/backend
## Non-Functional Requirements
### Performance
- [ ] **Performance Targets** - Specific metrics defined (Lighthouse score, API latency)
- [ ] **Caching Strategy** - Redis, CDN, or in-memory caching approach
- [ ] **Database Optimization** - Query optimization and indexing plan
- [ ] **Asset Optimization** - Image optimization, lazy loading strategy
- [ ] **Bundle Size** - Target bundle sizes and code splitting approach
### Security
- [ ] **Authentication Security** - Token expiration, refresh strategy
- [ ] **Authorization Checks** - Where and how authorization is enforced
- [ ] **Input Validation** - Validation on both frontend and backend
- [ ] **SQL Injection Prevention** - Parameterized queries or ORM usage
- [ ] **XSS Prevention** - Content Security Policy and sanitization
- [ ] **CSRF Protection** - Token-based CSRF protection
- [ ] **Secrets Management** - Environment variables and secret storage
- [ ] **HTTPS Enforcement** - SSL/TLS configuration
- [ ] **Security Headers** - Helmet.js or equivalent configuration
- [ ] **Dependency Scanning** - npm audit or Snyk integration
### Scalability
- [ ] **Horizontal Scaling** - Stateless application design
- [ ] **Database Scaling** - Read replicas or sharding strategy
- [ ] **Caching Layer** - Cache invalidation strategy
- [ ] **CDN Usage** - Static asset delivery via CDN
- [ ] **Load Balancing** - Load balancer configuration if needed
- [ ] **Auto-scaling** - Metrics and triggers for scaling
### Reliability
- [ ] **Error Handling** - Global error handling strategy
- [ ] **Logging Strategy** - Structured logging with correlation IDs
- [ ] **Monitoring** - APM and error tracking tools (Sentry, Datadog)
- [ ] **Health Checks** - Liveness and readiness endpoints
- [ ] **Graceful Shutdown** - Proper cleanup on application shutdown
- [ ] **Database Migrations** - Zero-downtime migration strategy
- [ ] **Rollback Plan** - How to rollback failed deployments
### DevOps & Deployment
- [ ] **CI/CD Pipeline** - Build, test, and deploy automation
- [ ] **Environment Strategy** - Development, staging, production environments
- [ ] **Infrastructure as Code** - Terraform, CloudFormation, or Docker Compose
- [ ] **Container Strategy** - Docker configuration and orchestration
- [ ] **Deployment Strategy** - Blue-green, canary, or rolling deployments
- [ ] **Backup and Disaster Recovery** - RTO and RPO defined
## Implementation Readiness
### Development Environment
- [ ] **Local Setup** - Clear README with setup instructions
- [ ] **Environment Variables** - .env.example file with all required variables
- [ ] **Database Setup** - Local database setup instructions
- [ ] **Seed Data** - Development seed data available
- [ ] **Hot Reload** - Development server with hot module replacement
### Code Quality
- [ ] **Linting** - ESLint configuration defined
- [ ] **Formatting** - Prettier configuration
- [ ] **Pre-commit Hooks** - Husky or lint-staged configuration
- [ ] **Code Style Guide** - Naming conventions and patterns documented
- [ ] **TypeScript Standards** - Type usage guidelines
### Testing Strategy
- [ ] **Unit Testing** - Framework chosen (Jest, Vitest)
- [ ] **Integration Testing** - API testing approach (Supertest)
- [ ] **E2E Testing** - E2E framework (Playwright, Cypress)
- [ ] **Coverage Goals** - Target code coverage percentages
- [ ] **CI Integration** - Tests run in CI pipeline
### Documentation
- [ ] **Architecture Diagrams** - System architecture visualized
- [ ] **Database Schema** - ER diagram or schema documentation
- [ ] **API Documentation** - Endpoint documentation (Swagger, GraphQL introspection)
- [ ] **Deployment Guide** - How to deploy to production
- [ ] **ADRs** - Architecture Decision Records for key choices
## Risk Assessment
### Technical Risks
- [ ] **Complexity Risks** - Over-engineering or under-engineering identified
- [ ] **Performance Bottlenecks** - Potential bottlenecks documented
- [ ] **Scalability Limits** - Known scalability constraints
- [ ] **Technology Risks** - Unproven or bleeding-edge tech flagged
- [ ] **Dependency Risks** - Critical third-party dependencies assessed
### Mitigation Strategies
- [ ] **Risk Mitigation** - Plan for each identified risk
- [ ] **Fallback Options** - Alternative approaches documented
- [ ] **Monitoring Plan** - How risks will be monitored in production
## Validation Questions
### Alignment with Requirements
- [ ] **Requirements Coverage** - All functional requirements addressed
- [ ] **Non-functional Requirements** - Performance, security, scalability covered
- [ ] **Scope Appropriateness** - Architecture matches project scope
- [ ] **Over-engineering Check** - Not adding unnecessary complexity
- [ ] **Future-proofing** - Extensible without being over-architected
### Team Capability
- [ ] **Team Skills** - Team has or can acquire necessary skills
- [ ] **Learning Curve** - New technologies have acceptable learning curve
- [ ] **Support Resources** - Documentation and community support available
- [ ] **Maintenance Burden** - Architecture is maintainable long-term
### Cost Considerations
- [ ] **Infrastructure Costs** - Estimated monthly costs
- [ ] **Development Costs** - Time and effort realistic
- [ ] **Third-party Services** - External service costs budgeted
- [ ] **Scaling Costs** - Cost implications of scaling understood
## Final Assessment
**Architecture Quality Rating:** ⭐⭐⭐⭐⭐
**Ready for Implementation:** [ ] Yes [ ] No
**Critical Issues to Address:**
_List any must-fix issues before development begins_
**Recommendations:**
_Suggestions for improvement or alternative approaches_
**Next Steps:**
_What needs to happen before story creation begins_
View Git Blame Copy Permalink