一键导入
arib-session-end
Session | Close session — update all memory files, run tests, commit, push, report next steps
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Session | Close session — update all memory files, run tests, commit, push, report next steps
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Memory | Code-graph subsystem — a native lightweight IMPORT graph (which file imports which, god-node candidates) built with ripgrep/grep, so a large monorepo can be navigated by structure instead of re-grepping every session. build/refresh/query. Honest scope: structural import graph, NOT semantic (no call-graph/type resolution); no Graphify dependency. Loads ON DEMAND only (zero always-on tokens). ADR-034.
Dev | Over-engineering review — reads a diff/module and returns a delete-list of bloat (single-use abstractions, premature generalization, speculative config, dead options) WITHOUT stripping legitimate structure. Advisory: returns recommendations, never auto-deletes. The on-demand companion to the ponytail-lite tripwire hook. Authored natively (no Ponytail dependency). ADR-033.
Wave | Pre-wave requirement lock — Act 1 derives the requirements from the codebase + memory (an honest grill, not guesswork), Act 2 hands the locked plan to an independent model (Codex) to tear apart until sign-off. Produces waves/<id>/PLAN.md + PLAN-REVIEW-LOG.md. Auto-chained idempotently from /arib-wave-start. If Act 2 can't run (no Codex), the wave proceeds but HOLDS MERGE for a human. Absorbs grill-me-codex (ADR-032).
Wave | Start a multi-session delivery wave — branch, plan, parallel architect+planner
Engine | Command the engineering team to deliver a known goal — dispatches the engineer-manager to decompose → dispatch specialists (parallel where safe) → integrate → reconcile (verification-agent) → merge gate. Scales its own reach: runs inline for a bounded goal, escalates to a parallel Workflow for a broad one, and paces under /loop for a multi-turn campaign — only when it needs to. Use when a goal needs a coordinated TEAM, not one specialist. Sibling of /arib-engine: the engine DISCOVERS its own backlog; /arib-build EXECUTES a goal you hand it.
Stack | NestJS architecture & patterns reference — modules/providers/DI, DTO+validation, guards/interceptors/pipes/filters, config, async lifecycle, testing, and the security + performance pitfalls that bite at scale. Use when building or reviewing a NestJS backend. Composes with security-auditor (OWASP), database-guardian (TypeORM/Prisma migrations), and performance (N+1). Authored natively (the ECC graft was unsourceable; this is CCM's own, MIT).
| name | arib-session-end |
| description | Session | Close session — update all memory files, run tests, commit, push, report next steps |
Proper session closure is what makes the next session-start work. Without it, the next session starts blind. A session without memory updates is a session that never happened.
This skill ensures all work is documented, tested, committed, and pushed. It's the counterpart to /arib-session-start — session-start reads what session-end writes. If you skip session-end, the next session has no handoff, no context, no direction. The entire team's continuity depends on this protocol.
If you don't run session-end, you haven't properly closed the session.
Update each memory file with structured content. These files are read first in /arib-session-start.
This is the primary contract with the next session. Write as if explaining to a teammate who knows nothing about what happened today.
## Session: [YYYY-MM-DD] [HH:MM]
### Completed
- [task 1 — what was done, not just "worked on X"]
- [task 2 — specific outcome, e.g. "Added JWT auth to /api/login, returns token with 24h expiry"]
- [task 3 — or ⚠️ if partial: "Started payment integration, Stripe client configured but webhook handler incomplete"]
### Files Changed
| File | Change | Lines |
|------|--------|-------|
| src/auth/login.ts | New file — login endpoint | +82 |
| src/routes/index.ts | Added auth routes | +5/-0 |
| tests/auth.test.ts | Updated JWT expiry test | +3/-2 |
### Problems Encountered
- [Problem]: [Resolution or status]
- Example: "bcrypt hash comparison failed silently" → "Fixed: was comparing hash to hash instead of plain to hash"
- Example: "Email service timeout on reset flow" → "Unresolved: service intermittently slow, documented in ticket #4521"
### Next Session Starts With
1. [Most important task — be specific and actionable]
- Example: "Implement password reset flow — email template is ready in src/templates/reset.html, needs backend handler at POST /api/auth/reset"
2. [Second priority]
3. [Optional: context the next session needs]
- Example: "bcrypt comparison bug was subtle; see commit abc123def for the fix pattern"
Writing good handoff notes:
✅ Good:
❌ Bad:
Update this to reflect overall progress. The next session reads this to understand where the project stands.
## Current Phase
- [Phase name, e.g. "Authentication MVP"]
- Estimated completion: [date if known]
## Feature Tracker
| Feature | Status | % Complete | Notes |
|---------|--------|------------|-------|
| User registration | ✅ Done | 100% | Commit abc123, test coverage 95% |
| Login | 🔄 In Progress | 85% | JWT token working, logout needs implementation |
| Password reset | ❌ Blocked | 0% | Waiting for email service setup |
## Known Blockers
- [Blocker]: [status and impact]
- Example: "Email service not configured in staging — blocks password reset flow"
- Example: "Database migration script failing on legacy user records — needs investigation"
## Completion Status
- Overall: 45% (18/40 features)
- Critical path: On track / At risk / Behind
- Next milestone: [date]
This is the historical audit trail. Entries are added at session-end, in reverse chronological order (most recent first).
## [YYYY-MM-DD] Session Changes
### Added
- Added JWT authentication to /api/login (commit abc123def)
- Added bcrypt password hashing to user registration (commit abc123def)
- Added email verification template (src/templates/verify-email.html)
### Changed
- Refactored auth middleware to use new JWT validation (commit abc123def)
- Updated user schema to include password_hash field (commit abc123def)
### Fixed
- Fixed bcrypt comparison bug in login endpoint (commit abc123def) — was comparing hash to hash instead of plaintext to hash
- Fixed flaky test in auth.test.ts line 42 (commit abc123def) — mock token expiry was inconsistent
### Deprecated
- Old session_token approach no longer used; replaced by JWT (commit abc123def)
Record test results at session-end. This helps track test stability and regressions.
## [YYYY-MM-DD] Test Results
- **Total**: 42 tests
- **Passed**: 40 ✅
- **Failed**: 2 ❌
- `test/auth.test.ts:18` "should hash password correctly" — crypto module mock issue (pre-existing, see issue #456)
- `test/email.test.ts:5` "should send verification email" — flaky, passed on retry
- **Skipped**: 0 ⏭️
- **Coverage**: 87% (if available)
- **New tests added**:
- `test/auth.test.ts:35` "should create JWT with 24h expiry"
- `test/auth.test.ts:42` "should reject expired JWT"
Execute the project's test suite:
npm test # or project-specific command
Decision tree:
Never push with failing tests that are your responsibility. It breaks the next developer's environment.
Create a commit documenting the session closure:
git add [specific-files]
git commit -m "[chore]: end of session — [summary of all work]"
Commit message examples:
✅ Good:
[chore]: end of session — completed user auth (register/login), added JWT token validation, 40/42 tests passing[chore]: end of session — WIP on payment integration, Stripe webhook handler 50% done, see session_notes for next steps[chore]: end of session — fixed bcrypt comparison bug, updated 3 tests, all passing❌ Bad:
[chore]: end of session (too vague)[chore]: session end (missing summary)[chore]: updates (what updates?)Important: Include memory files in the commit. They are part of the project and must be in version control:
git add memory/session_notes.md memory/project_status.md memory/change_log.md memory/testing_log.md
Push all changes to the remote repository:
git push origin [current-branch]
If push fails:
git pull --rebase origin [branch], resolve conflicts, push again.Never end a session with unpushed changes. Remote must always have the latest work.
Present a concise report to the user. This is their summary of what happened.
## Session Complete — [DATE]
### Completed
- ✅ [Task 1 — outcome]
- ✅ [Task 2 — outcome]
- ⚠️ [Task 3 — partial, see notes]
### Test Status
[N passing]/[N total] tests passing
### Issues
- [Any unresolved problems and impact]
### Next Session
1. [Top priority for next time — be specific]
2. [Secondary priority]
3. [Optional: context or warnings]
### Commit
[commit-hash] on branch [branch-name] → pushed to origin
Example:
## Session Complete — 2024-01-15
### Completed
- ✅ Implemented user registration endpoint with email validation
- ✅ Added bcrypt password hashing
- ✅ Created 8 new tests for auth module
- ⚠️ JWT token expiry working but logout not yet implemented
### Test Status
40/42 tests passing (2 pre-existing failures in email module)
### Issues
- Email service timeout intermittently in staging; may affect password reset feature
- One test flaky but passes on retry
### Next Session
1. Implement logout endpoint — clear JWT token from client
2. Integrate email service for password reset flow (handler at POST /api/auth/reset)
3. Monitor email service reliability; consider adding retry logic
### Commit
abc123def on branch auth/jwt → pushed to origin
Confirm the session is properly closed. The session is not over until all of these are done:
Still run session-end. Document what was attempted and why it didn't work.
## Session: [DATE] [TIME]
### Completed
(nothing)
### Problems Encountered
- Attempted to set up Stripe integration but API key not available in staging environment
- Contacted DevOps; no ETA for key provisioning
- Blocked on external dependency
### Next Session Starts With
1. Check with DevOps if Stripe API key is available
2. If available: follow Stripe SDK setup guide in docs/STRIPE_SETUP.md
3. If not available: proceed with password reset feature instead (does not depend on Stripe)
This tells the next session exactly what was tried and why it failed.
Minimum viable session-end:
git stash (saves work without committing)git stash pop"Your work is saved; the next session can resume with git stash pop.
Commit with WIP prefix:
git commit -m "[feat]: WIP — login endpoint, missing validation and tests"
In session_notes, mark progress clearly:
### Completed
- ⚠️ Login endpoint scaffolded: accepts email/password, compares with DB
- ⚠️ 50% done: missing password validation, error handling, tests
### Files Changed
| File | Status |
|------|--------|
| src/routes/auth.ts | +120 lines, WIP |
| tests/auth.test.ts | No change yet |
### Next Session Starts With
1. Add password validation (regex for strength requirements)
2. Add error handling (invalid credentials, user not found)
3. Write tests (happy path, invalid user, wrong password)
4. All 3 must complete before marking feature done
This way, the next session knows exactly where you stopped and what's left.
If you worked on multiple branches in one session:
### Branches Touched
- `auth/jwt` — completed JWT implementation, pushed
- `feature/email-verification` — scaffolded, WIP, stashed (not pushed)
- `bugfix/bcrypt-comparison` — completed and merged to main, pushed
### Next Session Starts On
- Branch: `feature/email-verification` (resume with `git stash pop`)
If any memory file exceeds 200 lines, archive old entries:
memory/archive/[filename]-[YYYY-MM-DD].mdmemory/archive/ for historical entries before [date]"Example:
## session_notes.md (Main)
- 50 lines: sessions from the last 7 days
## session_notes-2024-01-01.md (Archive)
- 200 lines: sessions from 2024-01-01 to 2024-01-08
## Index
See memory/archive/ for entries before [DATE]
| Mistake | Why It's Bad | Fix |
|---|---|---|
| Skipping memory updates ("I'll remember") | You won't. Next session is blind. | Always update all 4 files. |
| Vague handoff notes ("continue auth work") | Next session doesn't know what's done or what's left. | Be specific: "JWT tokens working, logout not yet implemented." |
| Not running tests ("nothing changed that would break tests") | Tests reveal hidden bugs. Always verify. | Run npm test every session-end. |
| Forgetting to push ("I'll push next time") | If hardware fails, work is lost. Remote must have latest. | Always push. It takes 10 seconds. |
| Not documenting failures ("the test is flaky, it'll pass next time") | Next session hits the same flaky test, wastes time. | Document everything: "Flaky test in email.test.ts line 5 — passes on retry." |
Committing with git add . | You might accidentally commit node_modules, .env, or build artifacts. | Use git add [specific-files] or review with git diff --staged. |
| Leaving TODO comments without memory notes | Comments are for code, memory files are for sessions. | If a TODO is important, put it in session_notes under "Next Session Starts With." |
/arib-session-start — The counterpart that reads what session-end writes. Reads memory files, understands context, and plans the session./arib-io — If there are I/O channel updates or signals to send before closing./arib-memory-search — If you need to confirm a decision before recording it, search prior sessions first.Use this when you reach session-end:
MEMORY FILES
☐ Updated memory/session_notes.md (completed, files changed, problems, next steps)
☐ Updated memory/project_status.md (phase, features, blockers)
☐ Updated memory/change_log.md (added, changed, fixed)
☐ Updated memory/testing_log.md (pass/fail counts, new tests)
TESTING
☐ Ran final test suite (`npm test` or equivalent)
☐ All tests pass OR failures documented in session_notes
COMMIT
☐ Staged memory files + code changes (`git add [specific-files]`)
☐ Created commit with clear message (`[chore]: end of session — [summary]`)
PUSH
☐ Pushed to remote (`git push origin [branch]`)
☐ No unpushed changes remain
REPORT
☐ Delivered session report to user
☐ Confirmed session is properly closed