Back to skills
SkillHub ClubRun DevOpsDevOpsBackendTesting
moai-foundation-quality
Provides automated code quality validation using the TRUST 5 framework, integrates with CI/CD pipelines, offers proactive issue detection, and enforces coding standards across 25+ languages. Includes quality gates, benchmarking, and REST API for integration.
Packaged view
This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.
Stars
838
Hot score
99
Updated
March 20, 2026
Overall rating
A8.3
Composite score
6.0
Best-practice grade
C64.8
Install command
npx @skill-hub/cli install modu-ai-moai-adk-moai-foundation-quality
code-qualityautomated-testingci-cdcode-reviewbest-practices
Repository
modu-ai/moai-adk
Skill path: src/moai_adk/templates/.claude/skills/moai-foundation-quality
Provides automated code quality validation using the TRUST 5 framework, integrates with CI/CD pipelines, offers proactive issue detection, and enforces coding standards across 25+ languages. Includes quality gates, benchmarking, and REST API for integration.
Open repositoryBest for
Primary workflow: Run DevOps.
Technical facets: DevOps, Backend, Testing, Integration.
Target audience: Engineering teams implementing automated code quality checks, DevOps engineers building CI/CD pipelines, and organizations enforcing coding standards across multiple projects..
License: Unknown.
Original source
Catalog source: SkillHub Club.
Repository owner: modu-ai.
This is still a mirrored public skill entry. Review the repository before installing into production workflows.
What it helps with
- Install moai-foundation-quality into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
- Review https://github.com/modu-ai/moai-adk before adding moai-foundation-quality to shared team environments
- Use moai-foundation-quality for devops workflows
Works across
Claude CodeCodex CLIGemini CLIOpenCode
Favorites: 0.
Sub-skills: 0.
Aggregator: No.
Original source / Raw SKILL.md
---
name: "moai-foundation-quality"
description: "Enterprise code quality orchestrator with TRUST 5 validation, proactive analysis, and automated best practices enforcement"
version: 2.1.0
category: "foundation"
modularized: true
user-invocable: false
tags: ['foundation', 'quality', 'testing', 'validation', 'trust-5', 'best-practices', 'code-review']
aliases: ['moai-foundation-quality']
updated: 2026-01-08
status: "active"
allowed-tools:
- Read
- Grep
- Glob
- mcp__context7__resolve-library-id
- mcp__context7__get-library-docs
---
# Enterprise Code Quality Orchestrator
Enterprise-grade code quality management system that combines systematic code review, proactive improvement suggestions, and automated best practices enforcement. Provides comprehensive quality assurance through TRUST 5 framework validation with Context7 integration for real-time best practices.
## Quick Reference (30 seconds)
Core Capabilities:
- TRUST 5 Validation: Testable, Readable, Unified, Secured, Trackable quality gates
- Proactive Analysis: Automated issue detection and improvement suggestions
- Best Practices Enforcement: Context7-powered real-time standards validation
- Multi-Language Support: 25+ programming languages with specialized rules
- Enterprise Integration: CI/CD pipelines, quality metrics, reporting
Key Patterns:
1. Quality Gate Pipeline → Automated validation with configurable thresholds
2. Proactive Scanner → Continuous analysis with improvement recommendations
3. Best Practices Engine → Context7-driven standards enforcement
4. Quality Metrics Dashboard → Comprehensive reporting and trend analysis
When to Use:
- Code review automation and quality gate enforcement
- Proactive code quality improvement and technical debt reduction
- Enterprise coding standards enforcement and compliance validation
- CI/CD pipeline integration with automated quality checks
Quick Access:
- TRUST 5 Framework → [trust5-validation.md](modules/trust5-validation.md)
- Proactive Analysis → [proactive-analysis.md](modules/proactive-analysis.md)
- Best Practices → [best-practices.md](modules/best-practices.md)
- Integration Patterns → [integration-patterns.md](modules/integration-patterns.md)
## Implementation Guide
### Getting Started
Basic Quality Validation:
```python
# Initialize quality orchestrator
quality_orchestrator = QualityOrchestrator(
trust5_enabled=True,
proactive_analysis=True,
best_practices_enforcement=True,
context7_integration=True
)
# Run comprehensive quality analysis
result = await quality_orchestrator.analyze_codebase(
path="src/",
languages=["python", "javascript", "typescript"],
quality_threshold=0.85
)
# Quality gate validation with TRUST 5
quality_gate = QualityGate()
validation_result = await quality_gate.validate_trust5(
codebase_path="src/",
test_coverage_threshold=0.90,
complexity_threshold=10
)
```
Proactive Quality Analysis:
```python
# Initialize proactive scanner
proactive_scanner = ProactiveQualityScanner(
context7_client=context7_client,
rule_engine=BestPracticesEngine()
)
# Scan for improvement opportunities
improvements = await proactive_scanner.scan_codebase(
path="src/",
scan_types=["security", "performance", "maintainability", "testing"]
)
# Generate improvement recommendations
recommendations = await proactive_scanner.generate_recommendations(
issues=improvements,
priority="high",
auto_fix=True
)
```
### Core Components
#### 1. Quality Orchestration Engine
```python
class QualityOrchestrator:
"""Enterprise quality orchestration with TRUST 5 framework"""
def __init__(self, config: QualityConfig):
self.trust5_validator = TRUST5Validator()
self.proactive_scanner = ProactiveScanner()
self.best_practices_engine = BestPracticesEngine()
self.context7_client = Context7Client()
self.metrics_collector = QualityMetricsCollector()
async def analyze_codebase(self, request: QualityAnalysisRequest) -> QualityResult:
"""Comprehensive codebase quality analysis"""
# Phase 1: TRUST 5 Validation
trust5_result = await self.trust5_validator.validate(
codebase=request.path,
thresholds=request.quality_thresholds
)
# Phase 2: Proactive Analysis
proactive_result = await self.proactive_scanner.scan(
codebase=request.path,
focus_areas=request.focus_areas
)
# Phase 3: Best Practices Check
practices_result = await self.best_practices_engine.validate(
codebase=request.path,
languages=request.languages,
context7_docs=True
)
# Phase 4: Metrics Collection
metrics = await self.metrics_collector.collect_comprehensive_metrics(
codebase=request.path,
analysis_results=[trust5_result, proactive_result, practices_result]
)
return QualityResult(
trust5_validation=trust5_result,
proactive_analysis=proactive_result,
best_practices=practices_result,
metrics=metrics,
overall_score=self._calculate_overall_quality_score([
trust5_result, proactive_result, practices_result
])
)
```
Detailed implementations:
- [TRUST 5 Validator Implementation](modules/trust5-validation.md#trust-5-validator-implementation)
- [Proactive Scanner Implementation](modules/proactive-analysis.md#proactive-scanner-implementation)
- [Best Practices Engine Implementation](modules/best-practices.md#best-practices-engine-implementation)
### Configuration and Customization
Quality Configuration:
```yaml
# quality-config.yaml
quality_orchestration:
trust5_framework:
enabled: true
thresholds:
overall: 0.85
testable: 0.90
readable: 0.80
unified: 0.85
secured: 0.90
trackable: 0.80
proactive_analysis:
enabled: true
scan_frequency: "daily"
focus_areas:
- "performance"
- "security"
- "maintainability"
- "technical_debt"
auto_fix:
enabled: true
severity_threshold: "medium"
confirmation_required: true
best_practices:
enabled: true
context7_integration: true
auto_update_standards: true
compliance_target: 0.85
language_rules:
python:
style_guide: "pep8"
formatter: "black"
linter: "ruff"
type_checker: "mypy"
javascript:
style_guide: "airbnb"
formatter: "prettier"
linter: "eslint"
typescript:
style_guide: "google"
formatter: "prettier"
linter: "eslint"
reporting:
enabled: true
metrics_retention_days: 90
trend_analysis: true
executive_dashboard: true
notifications:
quality_degradation: true
security_vulnerabilities: true
technical_debt_increase: true
```
Integration Examples:
See [Integration Patterns](modules/integration-patterns.md) for:
- CI/CD Pipeline Integration
- GitHub Actions Integration
- Quality-as-Service REST API
- Cross-Project Benchmarking
## Advanced Patterns
### 1. Custom Quality Rules
```python
class CustomQualityRule:
"""Define custom quality validation rules"""
def __init__(self, name: str, validator: Callable, severity: str = "medium"):
self.name = name
self.validator = validator
self.severity = severity
async def validate(self, codebase: str) -> RuleResult:
"""Execute custom rule validation"""
try:
result = await self.validator(codebase)
return RuleResult(
rule_name=self.name,
passed=result.passed,
severity=self.severity,
details=result.details,
recommendations=result.recommendations
)
except Exception as e:
return RuleResult(
rule_name=self.name,
passed=False,
severity="error",
details={"error": str(e)},
recommendations=["Fix rule implementation"]
)
```
See [Best Practices - Custom Rules](modules/best-practices.md#custom-quality-rules) for complete examples.
### 2. Machine Learning Quality Prediction
ML-powered quality issue prediction using code feature extraction and predictive models.
See [Proactive Analysis - ML Prediction](modules/proactive-analysis.md#machine-learning-quality-prediction) for implementation details.
### 3. Real-time Quality Monitoring
Continuous quality monitoring with automated alerting for quality degradation and security vulnerabilities.
See [Proactive Analysis - Real-time Monitoring](modules/proactive-analysis.md#real-time-quality-monitoring) for implementation details.
### 4. Cross-Project Quality Benchmarking
Compare project quality metrics against similar projects in your industry.
See [Integration Patterns - Benchmarking](modules/integration-patterns.md#cross-project-quality-benchmarking) for implementation details.
## Module Reference
### Core Modules
- [TRUST 5 Validation](modules/trust5-validation.md) - Comprehensive quality framework validation
- [Proactive Analysis](modules/proactive-analysis.md) - Automated issue detection and improvements
- [Best Practices](modules/best-practices.md) - Context7-powered standards enforcement
- [Integration Patterns](modules/integration-patterns.md) - CI/CD and enterprise integrations
### Key Components by Module
TRUST 5 Validation:
- `TRUST5Validator` - Five-pillar quality validation
- `TestableValidator` - Test coverage and quality
- `SecuredValidator` - Security and OWASP compliance
- Quality gate pipeline integration
Proactive Analysis:
- `ProactiveQualityScanner` - Automated issue detection
- `QualityPredictionEngine` - ML-powered predictions
- `RealTimeQualityMonitor` - Continuous monitoring
- Performance and maintainability analysis
Best Practices:
- `BestPracticesEngine` - Standards validation
- Context7 integration for latest docs
- Custom quality rules
- Language-specific validators
Integration Patterns:
- CI/CD pipeline integration
- GitHub Actions workflows
- Quality-as-Service REST API
- Cross-project benchmarking
## Context7 Library Mappings
Essential library mappings for quality analysis tools and frameworks.
See [Best Practices - Library Mappings](modules/best-practices.md#context7-library-mappings) for complete list.
## Works Well With
Agents:
- core-planner - Quality requirements planning
- workflow-tdd - TDD implementation validation
- security-expert - Security vulnerability analysis
- code-backend - Backend code quality
- code-frontend - Frontend code quality
Skills:
- moai-foundation-core - TRUST 5 framework reference
- moai-tdd-implementation - TDD workflow validation
- moai-security-owasp - Security compliance
- moai-context7-integration - Context7 best practices
- moai-performance-optimization - Performance analysis
Commands:
- `/moai:2-run` - TDD validation integration
- `/moai:3-sync` - Documentation quality checks
- `/moai:9-feedback` - Quality improvement feedback
## Quick Reference Summary
Core Capabilities: TRUST 5 validation, proactive scanning, Context7-powered best practices, multi-language support, enterprise integration
Key Classes: `QualityOrchestrator`, `TRUST5Validator`, `ProactiveQualityScanner`, `BestPracticesEngine`, `QualityMetricsCollector`
Essential Methods: `analyze_codebase()`, `validate_trust5()`, `scan_for_issues()`, `validate_best_practices()`, `generate_quality_report()`
Integration Ready: CI/CD pipelines, GitHub Actions, REST APIs, real-time monitoring, cross-project benchmarking
Enterprise Features: Custom rules, ML prediction, real-time monitoring, benchmarking, comprehensive reporting
Quality Standards: OWASP compliance, TRUST 5 framework, Context7 integration, automated improvement recommendations
---
## Referenced Files
> The following files are referenced in this skill and included for context.
### modules/trust5-validation.md
```markdown
# TRUST 5 Validation Framework
Comprehensive TRUST 5 quality framework validation for enterprise code quality assurance.
## Overview
The TRUST 5 framework validates five core quality principles:
- Testable - Test coverage and quality
- Readable - Code clarity and maintainability
- Unified - Consistent patterns and standards
- Secured - Security compliance (OWASP)
- Trackable - Version control and audit trails
## TRUST 5 Validator Implementation
```python
class TRUST5Validator:
"""Comprehensive TRUST 5 quality framework validation"""
VALIDATORS = {
"testable": TestableValidator(),
"readable": ReadableValidator(),
"unified": UnifiedValidator(),
"secured": SecuredValidator(),
"trackable": TrackableValidator()
}
async def validate(self, codebase: str, thresholds: Dict[str, float]) -> TRUST5Result:
"""Execute complete TRUST 5 validation"""
results = {}
for principle, validator in self.VALIDATORS.items():
result = await validator.validate(
codebase=codebase,
threshold=thresholds.get(principle, 0.8)
)
results[principle] = result
# Calculate overall TRUST 5 score
overall_score = sum(r.score for r in results.values()) / len(results)
return TRUST5Result(
principles=results,
overall_score=overall_score,
passed=overall_score >= thresholds.get("overall", 0.85),
recommendations=self._generate_trust5_recommendations(results)
)
class TestableValidator:
"""Test-first principle validation"""
async def validate(self, codebase: str, threshold: float) -> ValidationResult:
"""Validate test coverage and quality"""
# Check test coverage
coverage_result = await self._analyze_test_coverage(codebase)
# Validate test quality
test_quality = await self._analyze_test_quality(codebase)
# Check test structure
test_structure = await self._validate_test_structure(codebase)
score = (coverage_result.score * 0.5 +
test_quality.score * 0.3 +
test_structure.score * 0.2)
return ValidationResult(
score=score,
passed=score >= threshold,
details={
"coverage": coverage_result,
"quality": test_quality,
"structure": test_structure
},
recommendations=self._generate_testing_recommendations(
coverage_result, test_quality, test_structure
)
)
class SecuredValidator:
"""Security principle validation with OWASP compliance"""
async def validate(self, codebase: str, threshold: float) -> ValidationResult:
"""Validate security compliance and vulnerabilities"""
# OWASP Top 10 validation
owasp_result = await self._validate_owasp_compliance(codebase)
# Security best practices
security_practices = await self._validate_security_practices(codebase)
# Dependency vulnerability scan
dependency_scan = await self._scan_dependency_vulnerabilities(codebase)
# Code security patterns
code_security = await self._analyze_code_security(codebase)
score = (owasp_result.score * 0.4 +
security_practices.score * 0.3 +
dependency_scan.score * 0.2 +
code_security.score * 0.1)
return ValidationResult(
score=score,
passed=score >= threshold,
details={
"owasp": owasp_result,
"practices": security_practices,
"dependencies": dependency_scan,
"code_patterns": code_security
},
security_level=self._calculate_security_level(score),
recommendations=self._generate_security_recommendations(
owasp_result, security_practices, dependency_scan, code_security
)
)
```
## Configuration
```yaml
trust5_framework:
enabled: true
thresholds:
overall: 0.85
testable: 0.90
readable: 0.80
unified: 0.85
secured: 0.90
trackable: 0.80
```
## Quality Gate Pipeline
```python
async def quality_gate_pipeline():
"""Integrate quality validation into CI/CD pipeline"""
# Initialize quality orchestrator
quality_orchestrator = QualityOrchestrator.from_config("quality-config.yaml")
# Run comprehensive quality analysis
quality_result = await quality_orchestrator.analyze_codebase(
path="src/",
languages=["python", "typescript"],
quality_threshold=0.85
)
# Quality gate validation
if not quality_result.trust5_validation.passed:
print(" Quality gate failed!")
print(f"Overall score: {quality_result.overall_score:.2f}")
# Print failed principles
for principle, result in quality_result.trust5_validation.principles.items():
if not result.passed:
print(f" {principle}: {result.score:.2f} (threshold: 0.80)")
# Exit with error code
sys.exit(1)
print(" Quality gate passed!")
```
## Integration Examples
See [Integration Patterns](integration-patterns.md) for CI/CD and GitHub Actions integration examples.
```
### modules/proactive-analysis.md
```markdown
# Proactive Quality Analysis
Automated code quality issue detection and continuous improvement recommendations.
## Overview
The Proactive Quality Scanner automatically detects code quality issues and provides improvement recommendations across multiple dimensions:
- Performance optimization opportunities
- Maintainability improvements
- Security vulnerabilities
- Code duplication
- Technical debt analysis
- Complexity reduction
## Proactive Scanner Implementation
```python
class ProactiveQualityScanner:
"""Proactive code quality issue detection and analysis"""
def __init__(self, context7_client: Context7Client):
self.context7_client = context7_client
self.issue_detectors = self._initialize_detectors()
self.pattern_analyzer = CodePatternAnalyzer()
async def scan(self, codebase: str, focus_areas: List[str]) -> ProactiveResult:
"""Comprehensive proactive quality scanning"""
scan_results = {}
# Performance analysis
if "performance" in focus_areas:
scan_results["performance"] = await self._scan_performance_issues(codebase)
# Maintainability analysis
if "maintainability" in focus_areas:
scan_results["maintainability"] = await self._scan_maintainability_issues(codebase)
# Security vulnerabilities
if "security" in focus_areas:
scan_results["security"] = await self._scan_security_issues(codebase)
# Code duplication
if "duplication" in focus_areas:
scan_results["duplication"] = await self._scan_code_duplication(codebase)
# Technical debt
if "technical_debt" in focus_areas:
scan_results["technical_debt"] = await self._analyze_technical_debt(codebase)
# Code complexity
if "complexity" in focus_areas:
scan_results["complexity"] = await self._analyze_complexity(codebase)
# Generate improvement recommendations
recommendations = await self._generate_improvement_recommendations(scan_results)
return ProactiveResult(
scan_results=scan_results,
recommendations=recommendations,
priority_issues=self._identify_priority_issues(scan_results),
estimated_effort=self._calculate_improvement_effort(recommendations)
)
async def _scan_performance_issues(self, codebase: str) -> PerformanceResult:
"""Scan for performance-related issues"""
issues = []
# Get language-specific performance patterns from Context7
for language in self._detect_languages(codebase):
try:
# Resolve library ID
library_id = await self.context7_client.resolve_library_id(language)
# Get performance best practices
perf_docs = await self.context7_client.get_library_docs(
context7CompatibleLibraryID=library_id,
topic="performance",
tokens=3000
)
# Analyze code against performance patterns
language_issues = await self._analyze_performance_patterns(
codebase, language, perf_docs
)
issues.extend(language_issues)
except Exception as e:
logger.warning(f"Failed to get performance docs for {language}: {e}")
# Common performance issues
common_issues = await self._detect_common_performance_issues(codebase)
issues.extend(common_issues)
return PerformanceResult(
issues=issues,
score=self._calculate_performance_score(issues),
hotspots=self._identify_performance_hotspots(issues),
optimizations=self._suggest_optimizations(issues)
)
```
## Usage Examples
```python
# Initialize proactive scanner
proactive_scanner = ProactiveQualityScanner(
context7_client=context7_client,
rule_engine=BestPracticesEngine()
)
# Scan for improvement opportunities
improvements = await proactive_scanner.scan_codebase(
path="src/",
scan_types=["security", "performance", "maintainability", "testing"]
)
# Generate improvement recommendations
recommendations = await proactive_scanner.generate_recommendations(
issues=improvements,
priority="high",
auto_fix=True
)
```
## Configuration
```yaml
proactive_analysis:
enabled: true
scan_frequency: "daily"
focus_areas:
- "performance"
- "security"
- "maintainability"
- "technical_debt"
auto_fix:
enabled: true
severity_threshold: "medium"
confirmation_required: true
```
## Advanced Patterns
### Machine Learning Quality Prediction
```python
class QualityPredictionEngine:
"""ML-powered quality issue prediction"""
def __init__(self, model_path: str):
self.model = self._load_model(model_path)
self.feature_extractor = CodeFeatureExtractor()
async def predict_quality_issues(self, codebase: str) -> PredictionResult:
"""Predict potential quality issues using ML"""
# Extract code features
features = await self.feature_extractor.extract_features(codebase)
# Make predictions
predictions = self.model.predict(features)
# Analyze prediction confidence
confidence_scores = self.model.predict_proba(features)
# Group predictions by issue type
issue_predictions = self._group_predictions_by_type(
predictions, confidence_scores
)
return PredictionResult(
predictions=issue_predictions,
confidence_scores=confidence_scores,
high_risk_areas=self._identify_high_risk_areas(issue_predictions),
prevention_recommendations=self._generate_prevention_recommendations(
issue_predictions
)
)
```
### Real-time Quality Monitoring
```python
class RealTimeQualityMonitor:
"""Real-time code quality monitoring and alerting"""
def __init__(self, webhook_url: str, notification_config: Dict):
self.webhook_url = webhook_url
self.notification_config = notification_config
self.quality_history = deque(maxlen=1000)
self.alert_thresholds = notification_config.get("thresholds", {})
async def monitor_quality_changes(self, codebase: str):
"""Continuously monitor quality changes"""
while True:
# Get current quality metrics
current_metrics = await self._get_current_quality_metrics(codebase)
# Compare with historical data
if self.quality_history:
previous_metrics = self.quality_history[-1]
quality_change = self._calculate_quality_change(
previous_metrics, current_metrics
)
# Check for quality degradation
if quality_change < -self.alert_thresholds.get("degradation", 0.1):
await self._send_quality_alert(
alert_type="quality_degradation",
metrics=current_metrics,
change=quality_change
)
# Store metrics
self.quality_history.append(current_metrics)
# Wait for next check
await asyncio.sleep(self.notification_config.get("check_interval", 300))
```
## Related
- [TRUST 5 Validation](trust5-validation.md)
- [Best Practices Engine](best-practices.md)
- [Integration Patterns](integration-patterns.md)
```
### modules/best-practices.md
```markdown
# Best Practices Enforcement
Context7-powered best practices validation and automated standards enforcement.
## Overview
The Best Practices Engine validates coding standards and best practices using real-time documentation from Context7, ensuring code follows latest framework and language standards.
## Best Practices Engine Implementation
```python
class BestPracticesEngine:
"""Context7-powered best practices validation and enforcement"""
def __init__(self, context7_client: Context7Client):
self.context7_client = context7_client
self.language_rules = self._load_language_rules()
self.practice_validators = self._initialize_validators()
async def validate(self, codebase: str, languages: List[str], context7_docs: bool = True) -> PracticesResult:
"""Validate coding best practices with real-time documentation"""
validation_results = {}
for language in languages:
# Get latest best practices from Context7
if context7_docs:
try:
library_id = await self.context7_client.resolve_library_id(language)
latest_docs = await self.context7_client.get_library_docs(
context7CompatibleLibraryID=library_id,
topic="best-practices",
tokens=5000
)
# Validate against latest standards
validation_result = await self._validate_against_latest_standards(
codebase, language, latest_docs
)
except Exception as e:
logger.warning(f"Failed to get Context7 docs for {language}: {e}")
# Fallback to cached rules
validation_result = await self._validate_with_cached_rules(
codebase, language
)
else:
validation_result = await self._validate_with_cached_rules(
codebase, language
)
validation_results[language] = validation_result
# Cross-language best practices
cross_language_result = await self._validate_cross_language_practices(codebase)
# Calculate overall practices score
overall_score = sum(
result.score for result in validation_results.values()
) / len(validation_results)
return PracticesResult(
language_results=validation_results,
cross_language_practices=cross_language_result,
overall_score=overall_score,
compliance_level=self._determine_compliance_level(overall_score),
improvement_roadmap=self._create_improvement_roadmap(validation_results)
)
async def _validate_against_latest_standards(
self,
codebase: str,
language: str,
latest_docs: str
) -> LanguageValidationResult:
"""Validate code against latest language standards from Context7"""
# Extract best practices from documentation
best_practices = await self._extract_best_practices_from_docs(latest_docs)
# Validate naming conventions
naming_result = await self._validate_naming_conventions(
codebase, language, best_practices.get("naming", {})
)
# Validate code structure
structure_result = await self._validate_code_structure(
codebase, language, best_practices.get("structure", {})
)
# Validate error handling
error_handling_result = await self._validate_error_handling(
codebase, language, best_practices.get("error_handling", {})
)
# Validate documentation
documentation_result = await self._validate_documentation(
codebase, language, best_practices.get("documentation", {})
)
# Validate testing patterns
testing_result = await self._validate_testing_patterns(
codebase, language, best_practices.get("testing", {})
)
# Calculate language-specific score
language_score = (
naming_result.score * 0.2 +
structure_result.score * 0.3 +
error_handling_result.score * 0.2 +
documentation_result.score * 0.15 +
testing_result.score * 0.15
)
return LanguageValidationResult(
language=language,
score=language_score,
validations={
"naming": naming_result,
"structure": structure_result,
"error_handling": error_handling_result,
"documentation": documentation_result,
"testing": testing_result
},
best_practices_version=await self._get_docs_version(latest_docs),
recommendations=self._generate_language_recommendations(
naming_result, structure_result, error_handling_result,
documentation_result, testing_result
)
)
```
## Configuration
```yaml
best_practices:
enabled: true
context7_integration: true
auto_update_standards: true
compliance_target: 0.85
language_rules:
python:
style_guide: "pep8"
formatter: "black"
linter: "ruff"
type_checker: "mypy"
javascript:
style_guide: "airbnb"
formatter: "prettier"
linter: "eslint"
typescript:
style_guide: "google"
formatter: "prettier"
linter: "eslint"
```
## Context7 Library Mappings
```python
QUALITY_LIBRARY_MAPPINGS = {
# Static Analysis Tools
"eslint": "/eslint/eslint",
"prettier": "/prettier/prettier",
"black": "/psf/black",
"ruff": "/astral-sh/ruff",
"mypy": "/python/mypy",
"pylint": "/pylint-dev/pylint",
"sonarqube": "/SonarSource/sonarqube",
# Testing Frameworks
"jest": "/facebook/jest",
"pytest": "/pytest-dev/pytest",
"mocha": "/mochajs/mocha",
"junit": "/junit-team/junit5",
# Security Tools
"bandit": "/PyCQA/bandit",
"snyk": "/snyk/snyk",
"owasp-zap": "/zaproxy/zaproxy",
# Performance Tools
"lighthouse": "/GoogleChrome/lighthouse",
"py-spy": "/benfred/py-spy",
# Documentation Standards
"openapi": "/OAI/OpenAPI-Specification",
"sphinx": "/sphinx-doc/sphinx",
"jsdoc": "/jsdoc/jsdoc"
}
```
## Custom Quality Rules
```python
class CustomQualityRule:
"""Define custom quality validation rules"""
def __init__(self, name: str, validator: Callable, severity: str = "medium"):
self.name = name
self.validator = validator
self.severity = severity
async def validate(self, codebase: str) -> RuleResult:
"""Execute custom rule validation"""
try:
result = await self.validator(codebase)
return RuleResult(
rule_name=self.name,
passed=result.passed,
severity=self.severity,
details=result.details,
recommendations=result.recommendations
)
except Exception as e:
return RuleResult(
rule_name=self.name,
passed=False,
severity="error",
details={"error": str(e)},
recommendations=["Fix rule implementation"]
)
# Usage example
async def custom_naming_convention_rule(codebase: str):
"""Custom rule: Enforce project-specific naming conventions"""
patterns = {
"api_endpoints": r"^[a-z]+_[a-z]+$",
"database_models": r"^[A-Z][a-zA-Z]*Model$",
"utility_functions": r"^util_[a-z_]+$"
}
violations = []
for pattern_name, pattern in patterns.items():
pattern_violations = await scan_for_pattern_violations(codebase, pattern, pattern_name)
violations.extend(pattern_violations)
return RuleValidationResult(
passed=len(violations) == 0,
details={"violations": violations, "total_violations": len(violations)},
recommendations=[f"Fix {len(violations)} naming convention violations"]
)
# Register custom rule
custom_rule = CustomQualityRule(
name="project_naming_conventions",
validator=custom_naming_convention_rule,
severity="medium"
)
quality_orchestrator.register_custom_rule(custom_rule)
```
## Related
- [TRUST 5 Validation](trust5-validation.md)
- [Proactive Analysis](proactive-analysis.md)
- [Integration Patterns](integration-patterns.md)
```
### modules/integration-patterns.md
```markdown
# Integration Patterns
Enterprise integration patterns for CI/CD pipelines, GitHub Actions, and Quality-as-Service APIs.
## CI/CD Pipeline Integration
```python
async def quality_gate_pipeline():
"""Integrate quality validation into CI/CD pipeline"""
# Initialize quality orchestrator
quality_orchestrator = QualityOrchestrator.from_config("quality-config.yaml")
# Run comprehensive quality analysis
quality_result = await quality_orchestrator.analyze_codebase(
path="src/",
languages=["python", "typescript"],
quality_threshold=0.85
)
# Quality gate validation
if not quality_result.trust5_validation.passed:
print(" Quality gate failed!")
print(f"Overall score: {quality_result.overall_score:.2f}")
# Print failed principles
for principle, result in quality_result.trust5_validation.principles.items():
if not result.passed:
print(f" {principle}: {result.score:.2f} (threshold: 0.80)")
# Exit with error code
sys.exit(1)
# Check for critical security issues
critical_issues = [
issue for issue in quality_result.proactive_analysis.recommendations
if issue.severity == "critical" and issue.category == "security"
]
if critical_issues:
print(f" Found {len(critical_issues)} critical security issues!")
for issue in critical_issues:
print(f" - {issue.description}")
sys.exit(1)
print(" Quality gate passed!")
print(f"Overall quality score: {quality_result.overall_score:.2f}")
# Generate quality report
await generate_quality_report(quality_result, output_path="quality-report.json")
```
## GitHub Actions Integration
```python
async def github_actions_quality_check():
"""Quality check for GitHub Actions workflow"""
# Parse inputs
github_token = os.getenv("GITHUB_TOKEN")
repo_path = os.getenv("GITHUB_WORKSPACE", ".")
pr_number = os.getenv("PR_NUMBER")
# Run quality analysis
quality_orchestrator = QualityOrchestrator()
quality_result = await quality_orchestrator.analyze_codebase(
path=repo_path,
languages=["python", "javascript", "typescript"]
)
# Post comment on PR if quality issues found
if pr_number and quality_result.overall_score < 0.85:
comment = generate_pr_quality_comment(quality_result)
await post_github_comment(github_token, pr_number, comment)
# Set output for GitHub Actions
print(f"::set-output name=quality_score::{quality_result.overall_score}")
print(f"::set-output name=quality_passed::{quality_result.trust5_validation.passed}")
```
## Quality-as-Service REST API
```python
from fastapi import FastAPI, HTTPException
from pydantic import BaseModel
app = FastAPI(title="Code Quality Analysis API")
class QualityAnalysisRequest(BaseModel):
repository_url: str
languages: List[str]
quality_threshold: float = 0.85
class QualityAnalysisResponse(BaseModel):
analysis_id: str
overall_score: float
trust5_validation: Dict
recommendations: List[Dict]
analysis_completed_at: datetime
@app.post("/api/quality/analyze", response_model=QualityAnalysisResponse)
async def analyze_quality(request: QualityAnalysisRequest):
"""API endpoint for quality analysis"""
try:
# Clone and analyze repository
with tempfile.TemporaryDirectory() as temp_dir:
await clone_repository(request.repository_url, temp_dir)
quality_orchestrator = QualityOrchestrator()
quality_result = await quality_orchestrator.analyze_codebase(
path=temp_dir,
languages=request.languages,
quality_threshold=request.quality_threshold
)
return QualityAnalysisResponse(
analysis_id=str(uuid.uuid4()),
overall_score=quality_result.overall_score,
trust5_validation=quality_result.trust5_validation.dict(),
recommendations=[rec.dict() for rec in quality_result.proactive_analysis.recommendations],
analysis_completed_at=datetime.now(UTC)
)
except Exception as e:
raise HTTPException(status_code=500, detail=str(e))
```
## Cross-Project Quality Benchmarking
```python
class QualityBenchmarking:
"""Cross-project quality benchmarking and comparison"""
def __init__(self, benchmark_database: str):
self.benchmark_db = benchmark_database
self.comparison_metrics = [
"code_coverage",
"security_score",
"maintainability_index",
"technical_debt_ratio",
"duplicate_code_percentage"
]
async def benchmark_project(self, project_path: str, project_metadata: Dict) -> BenchmarkResult:
"""Benchmark project quality against similar projects"""
# Analyze current project
current_metrics = await self._analyze_project_quality(project_path)
# Find comparable projects from database
comparable_projects = await self._find_comparable_projects(project_metadata)
# Calculate percentiles and rankings
benchmark_comparison = await self._calculate_benchmark_comparison(
current_metrics, comparable_projects
)
# Generate improvement recommendations based on top performers
improvement_recommendations = await self._generate_benchmark_recommendations(
current_metrics, benchmark_comparison
)
return BenchmarkResult(
project_metrics=current_metrics,
benchmark_comparison=benchmark_comparison,
industry_percentiles=benchmark_comparison.percentiles,
improvement_roadmap=improvement_recommendations,
competitive_analysis=self._analyze_competitive_position(
current_metrics, benchmark_comparison
)
)
async def _find_comparable_projects(self, project_metadata: Dict) -> List[ProjectMetrics]:
"""Find projects with similar characteristics for comparison"""
query = {
"language": project_metadata.get("language"),
"project_type": project_metadata.get("type", "web_application"),
"team_size_range": self._get_team_size_range(project_metadata.get("team_size", 5)),
"industry": project_metadata.get("industry", "technology")
}
# Query benchmark database
comparable_projects = await self.benchmark_db.find_projects(query)
return comparable_projects[:50] # Limit to top 50 comparable projects
```
## Related
- [TRUST 5 Validation](trust5-validation.md)
- [Proactive Analysis](proactive-analysis.md)
- [Best Practices Engine](best-practices.md)
```