تشغيل أي مهارة في Manus بنقرة واحدة

cnw-update-templates

النجوم١

التفرعات٠

آخر تحديث٢٣ يونيو ٢٠٢٦ في ١٩:٠١

Update all CNW (Create Nx Workspace) template repos to a target Nx version using nx migrate. Handles angular-template, react-template, typescript-template, and empty-template. Runs migrations, commits changes, but does NOT push without user confirmation. Use when "update templates", "cnw templates", "template update", "migrate templates", or specifying a version like "update templates to 22.7.0".

التثبيت

التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.

تشغيل في Manus

المصدر

jaysoo

jaysoo/dot-ai-config

فتح مستودع GitHub عرض مستودعات المنشئ

تنزيل

تشغيل في Manus

SKILL.md

readonly

name	cnw-update-templates
description	Update all CNW (Create Nx Workspace) template repos to a target Nx version using nx migrate. Handles angular-template, react-template, typescript-template, and empty-template. Runs migrations, commits changes, but does NOT push without user confirmation. Use when "update templates", "cnw templates", "template update", "migrate templates", or specifying a version like "update templates to 22.7.0".

CNW Template Updater

⚠️ Partially superseded (2026-06-23). The paths below are the OLD flat ~/projects/<template> — the repos now live at ~/projects/cnw-templates/<template> and there are 15, not 4. For the broad daily dependency audit (nx + @nx/* + third-party, with per-repo PRs and the known upgrade holds) use the cnw-templates-dep-audit skill. Use this one only for a quick nx-migrate of the base templates — and fix the paths first.

Update all 4 CNW template repos to a target Nx version.

Templates

Template	Location
`angular-template`	`~/projects/angular-template`
`react-template`	`~/projects/react-template`
`typescript-template`	`~/projects/typescript-template`
`empty-template`	`~/projects/empty-template`

Arguments

First argument: target Nx version (e.g., 22.7.0)
If no version provided, fetch latest stable: npm view nx@latest version

Process

1. Pre-flight Checks

For each template repo, verify:

Directory exists at ~/projects/<template>
Working tree is clean (git status --porcelain is empty)
Current Nx version from package.json

If any repo has uncommitted changes, stop and report — do not proceed.

Registry check: Before running any npm install, verify there are no localhost/local registry URLs:

# Check ~/.npmrc for local registries
grep -i 'registry.*localhost\|registry.*127\.0\.0\|registry.*0\.0\.0\.0' ~/.npmrc 2>/dev/null

If a local registry is detected, stop and report — local registry URLs will leak into package-lock.json and get committed.

2. Run Migrations (all 4 templates sequentially)

For each template, run these commands. All commands MUST use CI=true prefix to skip interactive prompts:

cd ~/projects/<template>
CI=true npx nx migrate <target-version>
CI=true npm install
# Only if migrations.json was created:
if [ -f migrations.json ]; then
  CI=true npx nx migrate --run-migrations
  rm migrations.json
fi

3. Verify Changes

After migration, for each template:

Run git diff --stat to show what changed
Run grep '"nx"' package.json to confirm target version
Lockfile registry check: Verify no localhost URLs leaked into package-lock.json:
```
grep -i 'localhost\|127\.0\.0\|0\.0\.0\.0' package-lock.json | head -5
```
If found, stop and report — do not commit. User must fix ~/.npmrc and re-run npm install.
Run CI=true npx nx run-many -t test build lint typescript to verify migrations didn't break anything
If any target fails, stop and report the error for that template — do not commit broken code

3a. Security Audit

Run CI=true npm audit --audit-level=critical for each template. Check the exit code:

Exit 0 = no critical vulnerabilities, proceed.
Exit 1 = critical vulnerabilities found.

If any template has critical vulnerabilities, you MUST pause before committing and present a clear warning block like this:

⚠️  CRITICAL VULNERABILITIES DETECTED

| Template           | Critical Packages                              |
|--------------------|------------------------------------------------|
| angular-template   | axios (SSRF via @module-federation)             |
| react-template     | axios (SSRF via @module-federation)             |

These are [pre-existing / newly introduced by this update]. Shall I proceed with committing, or do you want to address these first?

Key points:

List the actual vulnerable package names and which transitive dependency pulls them in
Note whether the vulns are pre-existing (already in origin/main) or newly introduced by this migration — run git stash && npm audit --audit-level=critical; git stash pop against the pre-migration state if needed, or compare with origin/main
Do NOT silently commit past critical audit failures — always get explicit user confirmation first
Non-critical vulnerabilities (moderate, high) should be noted in the final summary table but do not block committing

3b. Check Framework Package Versions

After nx migrate, check if framework-specific packages have updates that nx migrate missed. nx migrate only updates nx and @nx/* packages — framework packages (Angular, React, Vite, etc.) may need separate updates.

For each template, check key framework packages:

# angular-template: check Angular packages
npm view @angular/core version  # latest stable
grep '"@angular/core"' package.json  # current

# react-template: check React packages
npm view react version
grep '"react"' package.json

# all templates with vite: check Vite
npm view vite version
grep '"vite"' package.json

If any framework package is behind by a minor or major version, report it in the summary with the current and latest versions. Do not auto-update — these may require their own migration steps (e.g., ng update, peer dep changes). Let the user decide.

4. Commit Changes

For each template that has changes:

cd ~/projects/<template>
git add -A
git commit --amend

IMPORTANT: There must be only one commit in these repos.

Keep a note of what's changed from origin/main. If you did not capture them in the diff prevously, now is your chance to diff with origin/main. I need a summary as seen in the next secion. Keep details notes of all the files and changes in case I ask questions.

5. Summary Report

Print a summary table:

| Template              | Previous | Updated | Files Changed | Status    |
|-----------------------|----------|---------|---------------|-----------|
| angular-template      | 22.6.1   | 22.7.0  | 2             | committed |
| react-template        | 22.6.1   | 22.7.0  | 2             | committed |
| typescript-template   | 22.6.1   | 22.7.0  | 2             | committed |
| empty-template        | 22.6.1   | 22.7.0  | 2             | committed |

Be prepared to be asked questions about changes. What migrations they might come from, why, etc.

6. Do NOT Push

After committing, remind the user:

Changes are committed locally but NOT pushed
User should verify before pushing
Each template repo has a post-merge-squash.yml workflow that squashes to a single "Initial commit" after merge

Important Notes

Always use CI=true to prevent interactive prompts from nx migrate
Never push without explicit user confirmation
Patch releases typically only change package.json + lockfile (no code migrations)
Minor/major releases may generate migrations.json with code changes — review carefully
If nx migrate fails for a template, report the error and continue with remaining templates
The react-template previously had a pre-existing unrelated change — always check for clean working tree first
localhost registry leak (2026-03-27): ~/.npmrc with a local registry causes localhost URLs in package-lock.json. Always check before and after install.
Framework packages lag behind (2026-03-27): nx migrate only handles nx/@nx/* packages. Angular, React, Vite, etc. versions may fall behind if their update migrations were in a version range the template already passed through. Always check and report.

المزيد من هذا المستودع

نفس المستودع

cnw-templates-dep-audit

jaysoo/dot-ai-config

Daily dependency-staleness audit for the CNW (Create Nx Workspace) template repos under ~/projects/cnw-templates/. Detects out-of-date deps (nx, @nx/*, AND third-party), applies safe upgrades within known compatibility constraints, verifies each repo (build/test/lint/typecheck/e2e), and opens one PR per repo that has updates. Use when "audit template deps", "check template dependencies", "update template deps", "template dep audit", or for a scheduled/daily run. Distinct from `cnw-update-templates` (which only nx-migrates the 4 base templates at the old flat paths).

2026-06-231

pre-pr-review

jaysoo/dot-ai-config

Adversarial multi-dimension review of a branch's uncommitted/committed diff before opening or updating a PR. Fans out review dimensions (correctness, design conformance, copy/voice, hygiene/tests), adversarially verifies each finding, and drafts a terse PR description. Use for a pre-PR review, "review my branch before I open the PR", adversarial PR review, or a conformance gate before push. For deep maintainability/abstraction audits use thermo-nuclear-code-quality-review instead (complementary, not a substitute).

2026-06-181

nx-docs-iterate

jaysoo/dot-ai-config

Validate-and-ship loop for nx astro-docs changes. Runs prettier, vale, the STYLE_GUIDE structural pass, an anchor sweep, then amends the squashed commit and force-pushes with 1Password op-request logging. Use after every docs edit round in the nx repo. Triggers on "docs iterate", "amend and push the docs", "ship the docs change", "docs validate and push".

2026-06-171

readme-demo-injector

jaysoo/dot-ai-config

Save a live third-party page (GitHub repo page, npmx/npm package page, docs site) as a local static copy and inject an element into it (badge, banner, widget) for demos without shipping to prod. Use when user wants to "demo X on the GitHub README", "inject the badge into a real page", "make this page work locally", "mock up how it looks on npmjs/github", or "download and serve this page with my change". Output is a directory servable with `npx serve`.

2026-06-171

nx-deprecate-config-helper

jaysoo/dot-ai-config

Warn-only deprecation of a first-party Nx bundler config helper (composePlugins/withNx/withWeb/withReact and friends) for removal in the next major. Use when asked to "deprecate <helper>", for a "config helpers deprecated" milestone NXC ticket, or any of the @nx/{vite,webpack,rspack,next,expo,rollup}/react config-composition helpers. Triggers on "deprecate config helper", "deprecate withNx/withWeb/withReact/composePlugins", "warn-only deprecate <helper>".

2026-06-091

nx-scorecard

jaysoo/dot-ai-config

Compute Nx CLI scorecard metrics for a month: GitHub issues/PRs (nrwl/nx), Linear high-priority misc issues, and npm download counts with YoY growth. Outputs a Notion-ready markdown table. Use when user says "scorecard", "nx scorecard", "cli scorecard", "monthly scorecard", or asks for the Nx CLI team's monthly issue/PR/download metrics.

2026-06-091

name	cnw-update-templates
description	Update all CNW (Create Nx Workspace) template repos to a target Nx version using nx migrate. Handles angular-template, react-template, typescript-template, and empty-template. Runs migrations, commits changes, but does NOT push without user confirmation. Use when "update templates", "cnw templates", "template update", "migrate templates", or specifying a version like "update templates to 22.7.0".

CNW Template Updater

⚠️ Partially superseded (2026-06-23). The paths below are the OLD flat ~/projects/<template> — the repos now live at ~/projects/cnw-templates/<template> and there are 15, not 4. For the broad daily dependency audit (nx + @nx/* + third-party, with per-repo PRs and the known upgrade holds) use the cnw-templates-dep-audit skill. Use this one only for a quick nx-migrate of the base templates — and fix the paths first.

Update all 4 CNW template repos to a target Nx version.

Templates

Template	Location
`angular-template`	`~/projects/angular-template`
`react-template`	`~/projects/react-template`
`typescript-template`	`~/projects/typescript-template`
`empty-template`	`~/projects/empty-template`

Arguments

First argument: target Nx version (e.g., 22.7.0)
If no version provided, fetch latest stable: npm view nx@latest version

Process

1. Pre-flight Checks

For each template repo, verify:

Directory exists at ~/projects/<template>
Working tree is clean (git status --porcelain is empty)
Current Nx version from package.json

If any repo has uncommitted changes, stop and report — do not proceed.

Registry check: Before running any npm install, verify there are no localhost/local registry URLs:

# Check ~/.npmrc for local registries
grep -i 'registry.*localhost\|registry.*127\.0\.0\|registry.*0\.0\.0\.0' ~/.npmrc 2>/dev/null

If a local registry is detected, stop and report — local registry URLs will leak into package-lock.json and get committed.

2. Run Migrations (all 4 templates sequentially)

For each template, run these commands. All commands MUST use CI=true prefix to skip interactive prompts:

cd ~/projects/<template>
CI=true npx nx migrate <target-version>
CI=true npm install
# Only if migrations.json was created:
if [ -f migrations.json ]; then
  CI=true npx nx migrate --run-migrations
  rm migrations.json
fi

3. Verify Changes

After migration, for each template:

Run git diff --stat to show what changed
Run grep '"nx"' package.json to confirm target version
Lockfile registry check: Verify no localhost URLs leaked into package-lock.json:
```
grep -i 'localhost\|127\.0\.0\|0\.0\.0\.0' package-lock.json | head -5
```
If found, stop and report — do not commit. User must fix ~/.npmrc and re-run npm install.
Run CI=true npx nx run-many -t test build lint typescript to verify migrations didn't break anything
If any target fails, stop and report the error for that template — do not commit broken code

3a. Security Audit

Run CI=true npm audit --audit-level=critical for each template. Check the exit code:

Exit 0 = no critical vulnerabilities, proceed.
Exit 1 = critical vulnerabilities found.

If any template has critical vulnerabilities, you MUST pause before committing and present a clear warning block like this:

⚠️  CRITICAL VULNERABILITIES DETECTED

| Template           | Critical Packages                              |
|--------------------|------------------------------------------------|
| angular-template   | axios (SSRF via @module-federation)             |
| react-template     | axios (SSRF via @module-federation)             |

These are [pre-existing / newly introduced by this update]. Shall I proceed with committing, or do you want to address these first?

Key points:

List the actual vulnerable package names and which transitive dependency pulls them in
Note whether the vulns are pre-existing (already in origin/main) or newly introduced by this migration — run git stash && npm audit --audit-level=critical; git stash pop against the pre-migration state if needed, or compare with origin/main
Do NOT silently commit past critical audit failures — always get explicit user confirmation first
Non-critical vulnerabilities (moderate, high) should be noted in the final summary table but do not block committing

3b. Check Framework Package Versions

For each template, check key framework packages:

# angular-template: check Angular packages
npm view @angular/core version  # latest stable
grep '"@angular/core"' package.json  # current

# react-template: check React packages
npm view react version
grep '"react"' package.json

# all templates with vite: check Vite
npm view vite version
grep '"vite"' package.json

4. Commit Changes

For each template that has changes:

cd ~/projects/<template>
git add -A
git commit --amend

IMPORTANT: There must be only one commit in these repos.

5. Summary Report

Print a summary table:

| Template              | Previous | Updated | Files Changed | Status    |
|-----------------------|----------|---------|---------------|-----------|
| angular-template      | 22.6.1   | 22.7.0  | 2             | committed |
| react-template        | 22.6.1   | 22.7.0  | 2             | committed |
| typescript-template   | 22.6.1   | 22.7.0  | 2             | committed |
| empty-template        | 22.6.1   | 22.7.0  | 2             | committed |

Be prepared to be asked questions about changes. What migrations they might come from, why, etc.

6. Do NOT Push

After committing, remind the user:

Changes are committed locally but NOT pushed
User should verify before pushing
Each template repo has a post-merge-squash.yml workflow that squashes to a single "Initial commit" after merge

Important Notes

Always use CI=true to prevent interactive prompts from nx migrate
Never push without explicit user confirmation
Patch releases typically only change package.json + lockfile (no code migrations)
Minor/major releases may generate migrations.json with code changes — review carefully
If nx migrate fails for a template, report the error and continue with remaining templates
The react-template previously had a pre-existing unrelated change — always check for clean working tree first
localhost registry leak (2026-03-27): ~/.npmrc with a local registry causes localhost URLs in package-lock.json. Always check before and after install.
Framework packages lag behind (2026-03-27): nx migrate only handles nx/@nx/* packages. Angular, React, Vite, etc. versions may fall behind if their update migrations were in a version range the template already passed through. Always check and report.