ldy26098
/
BMAD-METHOD
mirror of https://github.com/bmad-code-org/BMAD-METHOD.git
1
0
Fork 0
Code Packages Projects Releases Wiki Activity
BMAD-METHOD/expansion-packs/bmad-javascript-fullstack/workflows/maintenance-fixes-updates.yaml

429 lines
9.7 KiB
YAML
Raw Blame History

# Maintenance Workflow
workflow:
id: maintenance
name: Bug Fixes, Updates, and Improvements
description: Quick turnaround for maintenance tasks
duration: 2 hours - 3 days
token_budget: 1000-4000
# TRIAGE (30 minutes)
triage:
agent: appropriate-developer or lead
duration: 30 minutes
tokens: 300
categorize:
bug_fix:
priority: By impact and users affected
sla:
critical: 2-4 hours
high: 4-8 hours
medium: 1-2 days
low: 1 week
dependency_update:
priority: By security and compatibility
types:
security: Immediate
major: Plan carefully
minor: Low risk
patch: Safe to update
performance_issue:
priority: By user impact
approach:
- Profile first
- Fix bottleneck
- Measure improvement
refactoring:
priority: By technical debt impact
rules:
- Don't rewrite
- Incremental changes
- Maintain functionality
outputs:
- issue-assessment.md
- priority-label
- assigned-developer
# BUG FIX WORKFLOW
bug_fix:
duration: 2-8 hours
tokens: 1500
# Step 1: Reproduce (30 min - 2 hours)
reproduce:
agent: assigned-developer
tasks:
- Get reproduction steps
- Reproduce locally
- Identify affected versions
- Check error logs
outputs:
- Confirmed reproduction
- Environment details
# Step 2: Root Cause Analysis (30 min - 2 hours)
analyze:
tasks:
- Debug the issue
- Identify root cause
- Assess fix complexity
- Check for related bugs
outputs:
- Root cause identified
- Fix approach defined
# Step 3: Fix Implementation (1-4 hours)
fix:
tasks:
- Implement fix
- Add regression test
- Update error handling
- Verify fix works
outputs:
- Fixed code
- Regression test
- Verification proof
# Step 4: Deploy (30 min - 1 hour)
deploy:
tasks:
- Code review (expedited if critical)
- Deploy to staging
- Verify fix
- Deploy to production
- Monitor for issues
outputs:
- Fix deployed
- Monitoring active
checklist:
- [ ] Bug reproduced
- [ ] Root cause found
- [ ] Fix implemented
- [ ] Test added
- [ ] Verified working
- [ ] Code reviewed
- [ ] Deployed to production
- [ ] Users notified (if needed)
# DEPENDENCY UPDATE WORKFLOW
dependency_update:
duration: 1-4 hours
tokens: 1000
# Step 1: Audit (15-30 min)
audit:
commands:
- npm audit
- npm outdated
- Check breaking changes
outputs:
- Vulnerability report
- Update candidates
# Step 2: Update Strategy (15-30 min)
strategy:
safe_updates:
- Patch versions (1.2.3 -> 1.2.4)
- Security fixes
- No breaking changes
careful_updates:
- Minor versions (1.2.0 -> 1.3.0)
- Check changelog
- Test thoroughly
major_updates:
- Major versions (1.x -> 2.x)
- Read migration guide
- Plan separate PR
# Step 3: Update & Test (1-2 hours)
update:
tasks:
- Update dependencies
- Fix breaking changes
- Run all tests
- Check build
- Test locally
outputs:
- Updated package.json
- All tests passing
# Step 4: Deploy (30 min)
deploy:
tasks:
- Code review
- Deploy to staging
- Smoke test
- Deploy to production
- Monitor logs
checklist:
- [ ] Dependencies audited
- [ ] Breaking changes reviewed
- [ ] Updates applied
- [ ] Tests passing
- [ ] Build successful
- [ ] Deployed safely
# PERFORMANCE OPTIMIZATION WORKFLOW
performance:
duration: 1-3 days
tokens: 3000
# Step 1: Profile & Measure (2-4 hours)
profile:
agent: performance-expert or senior-dev
tools:
frontend:
- Chrome DevTools
- Lighthouse
- Web Vitals
- Bundle analyzer
backend:
- APM tools (New Relic, DataDog)
- Database query analysis
- CPU/Memory profiling
- Network analysis
outputs:
- Performance baseline
- Bottleneck identification
- Improvement opportunities
# Step 2: Optimize (1-2 days)
optimize:
common_fixes:
frontend:
- Code splitting
- Image optimization
- Remove unused code
- Lazy loading
- Memoization
backend:
- Database indexing
- Query optimization
- Caching (Redis)
- Connection pooling
- Background jobs
both:
- API response size
- Reduce requests
- CDN usage
- Compression
tasks:
- Implement optimizations
- Measure improvements
- A/B test if possible
- Document changes
# Step 3: Validate (2-4 hours)
validate:
metrics:
- Page load time
- Time to Interactive
- API response time
- Database query time
- Bundle size
targets:
- 30%+ improvement minimum
- Meet performance budget
- No regressions
outputs:
- Performance report
- Before/after metrics
checklist:
- [ ] Baseline measured
- [ ] Bottlenecks identified
- [ ] Optimizations implemented
- [ ] Improvements measured
- [ ] No regressions
- [ ] Deployed to production
# REFACTORING WORKFLOW
refactoring:
duration: 1-5 days
tokens: 4000
# Step 1: Plan (2-4 hours)
planning:
identify:
- Code smells
- Technical debt
- Duplication
- Complexity
prioritize:
- High-traffic code first
- Business-critical paths
- Frequently changed code
scope:
- One module at a time
- Incremental changes
- Maintain tests
# Step 2: Refactor (1-4 days)
refactor:
principles:
- Keep tests green
- Small commits
- No behavior changes
- Incremental improvements
patterns:
- Extract methods/components
- Remove duplication
- Simplify logic
- Improve naming
- Add types
outputs:
- Cleaner code
- Better structure
- Same functionality
# Step 3: Verify (2-4 hours)
verify:
checks:
- All tests pass
- No new bugs
- Performance same/better
- Code review approval
outputs:
- Verified refactoring
- Documentation updated
checklist:
- [ ] Refactoring plan created
- [ ] Code incrementally improved
- [ ] Tests still passing
- [ ] No functionality changes
- [ ] Code reviewed
- [ ] Deployed safely
# SECURITY PATCH WORKFLOW
security_patch:
duration: 2-8 hours
priority: URGENT
tokens: 2000
# Step 1: Assess (30 min)
assess:
severity:
critical: Exploit in the wild
high: Easy to exploit
medium: Requires conditions
low: Theoretical risk
impact:
- Data exposure risk
- System compromise risk
- User impact
outputs:
- Severity assessment
- Patch urgency
# Step 2: Patch (1-4 hours)
patch:
immediate_actions:
- Apply security update
- Test critical paths
- Deploy to production ASAP
follow_up:
- Comprehensive testing
- Security scan
- Audit related code
# Step 3: Communicate (30 min)
communicate:
notify:
- Security team
- Engineering team
- Management (if severe)
- Users (if data exposure)
document:
- What was vulnerable
- How it was fixed
- Impact assessment
- Prevention measures
checklist:
- [ ] Vulnerability assessed
- [ ] Patch applied
- [ ] Testing completed
- [ ] Deployed to production
- [ ] Security scan clean
- [ ] Team notified
- [ ] Incident documented
# COMMON PATTERNS
patterns:
quick_fix:
when: Simple, low-risk change
process:
- Make fix
- Add test
- Deploy quickly
careful_fix:
when: Complex or high-risk
process:
- Thorough analysis
- Comprehensive testing
- Staged deployment
hotfix:
when: Production is broken
process:
- Fix on hotfix branch
- Minimal testing
- Deploy immediately
- Thorough testing later
# ESCALATION
escalation:
when_to_escalate:
- Can't reproduce bug
- Fix causes regressions
- Security vulnerability
- Breaking change needed
- Requires architecture change
escalation_path:
- Team lead
- Senior developer
- Architect
- CTO (critical security)
# SUCCESS METRICS
success:
bug_fix:
- Issue resolved
- No regression
- Test coverage added
- Users satisfied
update:
- Dependencies current
- No vulnerabilities
- All tests pass
- Production stable
performance:
- 30%+ improvement
- Targets met
- No degradation elsewhere
refactoring:
- Code cleaner
- Same functionality
- Team velocity maintained
# DELIVERABLES
deliverables:
- [ ] Issue resolved
- [ ] Tests added/passing
- [ ] Code reviewed
- [ ] Deployed to production
- [ ] Documented (if needed)
- [ ] Monitoring confirmed
View Git Blame Copy Permalink