init: 项目初始提交 - NeoZQYY Monorepo 完整代码

.kiro/scripts/audit_flagger.ps1

@@ -0,0 +1,128 @@
+# audit_flagger.ps1 — 判断 git 工作区是否存在高风险改动
+# 兼容 Windows PowerShell 5.1（避免 try{} 内嵌套脚本块的解析器 bug）
+
+$ErrorActionPreference = "SilentlyContinue"
+
+function Get-TaipeiNow {
+  $tz = [TimeZoneInfo]::FindSystemTimeZoneById("Taipei Standard Time")
+  if ($tz) {
+    return [TimeZoneInfo]::ConvertTime([DateTimeOffset]::Now, $tz)
+  }
+  return [DateTimeOffset]::Now
+}
+
+function Sha1Hex([string]$s) {
+  $sha1 = [System.Security.Cryptography.SHA1]::Create()
+  $bytes = [System.Text.Encoding]::UTF8.GetBytes($s)
+  $hash = $sha1.ComputeHash($bytes)
+  return ([BitConverter]::ToString($hash) -replace "-", "").ToLowerInvariant()
+}
+
+function Get-ChangedFiles {
+  $status = git status --porcelain 2>$null
+  if ($LASTEXITCODE -ne 0) { return @() }
+  $result = @()
+  foreach ($line in $status) {
+    if ([string]::IsNullOrWhiteSpace($line)) { continue }
+    $pathPart = $line.Substring([Math]::Min(3, $line.Length - 1)).Trim()
+    if ($pathPart -match " -> ") { $pathPart = ($pathPart -split " -> ")[-1] }
+    if ([string]::IsNullOrWhiteSpace($pathPart)) { continue }
+    $result += $pathPart.Replace("\", "/").Trim()
+  }
+  return $result
+}
+
+function Test-NoiseFile([string]$f) {
+  if ($f -match "^docs/audit/") { return $true }
+  if ($f -match "^\.kiro/\.audit_state\.json$") { return $true }
+  if ($f -match "^\.kiro/\.last_prompt_id\.json$") { return $true }
+  if ($f -match "^\.kiro/scripts/") { return $true }
+  return $false
+}
+
+function Write-AuditState([string]$json) {
+  $null = New-Item -ItemType Directory -Force -Path ".kiro" 2>$null
+  Set-Content -Path ".kiro/.audit_state.json" -Value $json -Encoding UTF8
+}
+
+# --- 主逻辑 ---
+
+# 非 git 仓库直接退出
+$null = git rev-parse --is-inside-work-tree 2>$null
+if ($LASTEXITCODE -ne 0) { exit 0 }
+
+$allFiles = Get-ChangedFiles
+# 过滤噪声
+$files = @()
+foreach ($f in $allFiles) {
+  if (-not (Test-NoiseFile $f)) { $files += $f }
+}
+$files = $files | Sort-Object -Unique
+
+$now = Get-TaipeiNow
+
+if ($files.Count -eq 0) {
+  $json = '{"audit_required":false,"db_docs_required":false,"reasons":[],"changed_files":[],"change_fingerprint":"","marked_at":"' + $now.ToString("o") + '","last_reminded_at":null}'
+  Write-AuditState $json
+  exit 0
+}
+
+# 高风险路径（"regex|label" 格式，避免 @{} 哈希表在 PS 5.1 的解析问题）
+$riskRules = @(
+  "^apps/etl/pipelines/feiqiu/(api|cli|config|database|loaders|models|orchestration|scd|tasks|utils|quality)/|etl",
+  "^apps/backend/app/|backend",
+  "^packages/shared/|shared",
+  "^db/|db"
+)
+
+$reasons = @()
+$auditRequired = $false
+$dbDocsRequired = $false
+
+foreach ($f in $files) {
+  foreach ($rule in $riskRules) {
+    $idx = $rule.LastIndexOf("|")
+    $pat = $rule.Substring(0, $idx)
+    $lbl = $rule.Substring($idx + 1)
+    if ($f -match $pat) {
+      $auditRequired = $true
+      $tag = "dir:" + $lbl
+      if ($reasons -notcontains $tag) { $reasons += $tag }
+    }
+  }
+  if ($f -notmatch "/") {
+    $auditRequired = $true
+    if ($reasons -notcontains "root-file") { $reasons += "root-file" }
+  }
+  if ($f -match "^db/" -or $f -match "/migrations/" -or $f -match "\.sql$" -or $f -match "\.prisma$") {
+    $dbDocsRequired = $true
+    if ($reasons -notcontains "db-schema-change") { $reasons += "db-schema-change" }
+  }
+}
+
+$fp = Sha1Hex(($files -join "`n"))
+
+# 读取已有状态以保留 last_reminded_at
+$lastReminded = $null
+if (Test-Path ".kiro/.audit_state.json") {
+  $raw = Get-Content ".kiro/.audit_state.json" -Raw 2>$null
+  if ($raw) {
+    $existing = $raw | ConvertFrom-Json 2>$null
+    if ($existing -and $existing.change_fingerprint -eq $fp) {
+      $lastReminded = $existing.last_reminded_at
+    }
+  }
+}
+
+$stateObj = [ordered]@{
+  audit_required     = [bool]$auditRequired
+  db_docs_required   = [bool]$dbDocsRequired
+  reasons            = $reasons
+  changed_files      = $files | Select-Object -First 50
+  change_fingerprint = $fp
+  marked_at          = $now.ToString("o")
+  last_reminded_at   = $lastReminded
+}
+
+Write-AuditState ($stateObj | ConvertTo-Json -Depth 6)
+exit 0