mirror of
https://github.com/NomaDamas/k-skill.git
synced 2026-06-24 02:04:11 +00:00
266 commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Jeffrey (Dongkyu) Kim
|
66acdf249a |
Fix parking lot lookups: force HTTPS, cache full dataset, normalize provider fields
Data.go.kr 이 tn_pubr_prkplce_info_api 를 HTTPS 로만 서비스하고 HTTP 요청은 301 로 리다이렉트하기 때문에 Node fetch 가 `response.ok=false` 로 떨어져 기능이 전체 실패하고 있었다. 이 커밋은 HTTPS 로 직접 호출하도록 수정하면서, 업스트림의 주소/지역 필터가 실제로는 동작하지 않고 페이지당 응답이 1000rows 기준 26s 에 달해 20s fetch timeout 에 꾸준히 걸리던 문제까지 함께 해결한다. ## What changed - packages/k-skill-proxy/src/parking-lots.js - PARKING_LOT_API_URL 을 `http://` → `https://` 로 고정 (root cause). - 업스트림 address/geo 필터가 신뢰 불가하므로 full-dataset 을 한 번 로드해 프로세스 메모리에 6시간 TTL 로 캐시하고, 동시 호출자는 in-flight promise 를 공유하도록 한다. nearby 쿼리는 캐시된 행을 좌표 거리로 필터링해 서비스한다. - DATASET_PAGE_SIZE=300, fetch timeout 30s 로 페이지당 응답이 20s 를 넘기지 않도록 맞췄다. - packages/k-skill-proxy/src/server.js - 더 이상 의미 없어진 numOfRows / maxPages 쿼리 파라미터를 라우트에서 제거하고, 응답 payload 의 query echo 도 정리했다. - packages/k-skill-proxy/test/server.test.js - 새 캐시 기반 동작을 검증하는 테스트로 교체: (1) full dataset load + 좌표 필터 + 프록시 응답 캐시 재사용, (2) public_only 기본값 및 해제 시 동작, (3) 좌표 검증 실패 400, (4) 업스트림 키 미설정 시 503. - packages/parking-lot-search/src/index.js - OFFICIAL_API_URL 도 HTTPS 로 맞춰 직접 호출 모드 사용자도 같은 버그를 밟지 않게 한다. - packages/parking-lot-search/src/parse.js - 업스트림이 `insttCode` / `insttNm` (camelCase) 를 돌려주는데 parser 가 snake_case (`instt_code`, `instt_nm`) 만 인식해 providerCode/providerName 이 비어 있던 문제를 수정. - packages/parking-lot-search/test/* 및 fixtures - HTTPS URL 매칭으로 업데이트하고, insttCode/insttNm 회귀 테스트를 fixture/assertion 에 추가. - docs/features/parking-lot-search.md, parking-lot-search/SKILL.md, packages/parking-lot-search/README.md - 공식 endpoint 표기를 HTTPS 로 통일. - .changeset/parking-lot-https-fix.md - parking-lot-search 패키지 patch 릴리즈 노트 추가. ## How it was verified - `npm run ci` (lint + typecheck + tests + pack:dry-run) 통과. - 로컬에서 실제 `DATA_GO_KR_API_KEY` 로 k-skill-proxy 를 기동해 live 호출 검증: - 광화문 (37.573713, 126.978338) cold cache: 30s 내 전체 18,868 rows 로드, 2km 내 47개 공영주차장 반환 (세종로 414m, 서린노외 456m 등). - 강남역 (37.497952, 127.027621) warm cache: 31ms 응답, 1.5km 내 13개 반환 (역삼문화공원 380m, 역삼푸른솔도서관 421m 등). - 업스트림 직접 HTTPS 호출로 `resultCode=00 NORMAL_SERVICE` 정상 동작 확인. |
||
github-actions[bot]
|
f94b049613 |
chore: version packages (#154)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> |
||
|
Jeffrey (Dongkyu) Kim
|
c002561f34 |
Sync dev → main: MFDS proxy fixes, cache hardening, HWP kordoc, KRX degraded handling + new skills (#152)
* Add a guided Hola Poke Yeoksam skill without widening repo scope Issue #120 only needs a repository skill payload, discoverability docs, and regression coverage. This change adds the new skill, wires it into existing docs surfaces, and locks the remote-MCP-only contract in tests so future edits keep the phone-only event flow and verbatim message relay behavior. Constraint: The upstream Hola Poke flow lives on a remote MCP server, so this repo should not add proxy/runtime code Constraint: Tests must be written before refining the new docs/skill wording Rejected: Add local package or proxy support for Hola Poke | would over-scope a docs-only skill addition Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep this skill limited to 올라포케 역삼점 and treat the MCP response message as the event source of truth Tested: node --test scripts/skill-docs.test.js --test-name-pattern='hola-poke-yeoksam' Tested: npm run ci Tested: Live MCP initialize/tools/list/get_menu/get_shop_info/enter_event(phone_format) smoke checks against https://hola-poke-yeoksam-skill.onrender.com/mcp Not-tested: Successful live event entry with a real phone number * Help users find nearby public restrooms from Korean location queries This adds a new public-restroom-nearby skill and reusable package that resolves a user-provided location, narrows the official 공중화장실정보 dataset by region when possible, and ranks nearby restroom results with opening-time hints and map links. Constraint: Must use free official/open surfaces without introducing new dependencies Constraint: Must follow TDD and keep release/docs metadata aligned in the same change Rejected: Add a proxy route first | direct official CSV access already works and keeps scope narrower Rejected: Use nationwide-only ranking without regional narrowing | too much noisy data for dense urban anchors Confidence: high Scope-risk: moderate Reversibility: clean Directive: If Kakao place-panel or localdata CSV schema changes, update parser fixtures before broad logic changes Tested: npm run ci; live smoke via searchNearbyPublicRestroomsByLocationQuery('광화문', { limit: 3 }); architect review APPROVED Not-tested: Non-Seoul live smoke across every regional orgCode * Pin the Hola Poke MCP contract in repo-owned regression fixtures The earlier issue #120 regression only matched prose, so this follow-up records the verified remote MCP tool/result snapshot in a checked-in fixture and makes both docs surfaces byte-align to it. That keeps the discoverability docs honest while turning the review claim into a real contract lock for tools/list, get_menu, get_shop_info, and the invalid-phone event flow. Constraint: The upstream remote MCP server can change independently of this repo Rejected: Keep prose-only regex checks | would not catch contract drift Confidence: high Scope-risk: narrow Reversibility: clean Directive: Refresh the fixture, both JSON fences, and the live-smoke evidence together whenever the upstream contract changes Tested: node --test scripts/skill-docs.test.js --test-name-pattern='hola-poke-yeoksam'; npm run ci; live MCP smoke check against https://hola-poke-yeoksam-skill.onrender.com/mcp (initialize, tools/list, get_menu, get_shop_info, invalid enter_event) Not-tested: Successful enter_event with a real phone number (intentionally avoided to prevent live event participation) * Keep nearby restroom lookups resilient to flaky Kakao place panels The review caught two regressions in the new public-restroom-nearby package: a single broken Kakao panel aborted anchor resolution, and coordinate search dropped maxDistanceMeters before normalization. This change adds targeted regression coverage first, keeps per-candidate HTTP failures recoverable, and hardens request errors with explicit status/url metadata so fallback logic no longer depends on parsing error strings. Constraint: Must preserve the published package surface and keep the fix scoped to PR #123 follow-up Rejected: Swallow all panel errors | would hide non-HTTP failures like network faults Rejected: Parse request error messages for status codes | brittle coupling to string formatting Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep recoverable Kakao panel handling aligned with request() error annotations if request() changes again Tested: npm test --workspace public-restroom-nearby Tested: npm run ci Tested: live smoke searchNearbyPublicRestroomsByLocationQuery('광화문', { limit: 3 }) Tested: LSP diagnostics on packages/public-restroom-nearby/src/index.js and test/index.test.js Not-tested: Live Kakao fallback against a real upstream 5xx place-panel response * Keep the Hola Poke contract claims aligned with verified coverage The reviewed fixture-based regression already locks the documented remote snapshot, but the docs still implied the enter_event success path had live proof. Narrow the docs and the regression so they explicitly say the success fields are pinned by the recorded snapshot while the live smoke only verifies the invalid-phone retry path. Constraint: Live success-path verification would trigger a real event entry and is intentionally avoided Rejected: Leave the broader wording in place | review feedback showed it overstated the live evidence Confidence: high Scope-risk: narrow Reversibility: clean Directive: If a safe non-mutating success-path probe becomes available, update the docs and fixture wording together Tested: node --test scripts/skill-docs.test.js --test-name-pattern='hola-poke-yeoksam'; npm run ci; live MCP smoke against https://hola-poke-yeoksam-skill.onrender.com/mcp (initialize, tools/list, get_menu subset, get_shop_info subset, invalid enter_event) Not-tested: Real enter_event success-path invocation * Document the restroom distance-cap contract with regression coverage The approved issue-117 code fix already restored maxDistanceMeters behavior, but the published docs did not lock or explain that contract. This follow-up adds a failing-first doc regression, then updates the feature guide and package README with the verified 100m example so users and future reviewers see the same behavior the package now ships. Constraint: Must stay scoped to the existing PR #123 follow-up without reopening the implementation surface Rejected: Leave the behavior implicit in code/tests only | published docs would lag the verified contract Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep the public-restroom-nearby docs and skill-docs regression aligned with live maxDistanceMeters smoke evidence if the sample query changes Tested: node --test scripts/skill-docs.test.js (red then green) Tested: npm test --workspace public-restroom-nearby Tested: npm run ci Tested: live smoke searchNearbyPublicRestroomsByLocationQuery('광화문', { limit: 3 }) Tested: live smoke searchNearbyPublicRestroomsByLocationQuery('광화문', { limit: 3, maxDistanceMeters: 100 }) Tested: architect review APPROVED Not-tested: Alternative landmark queries with a non-zero maxDistanceMeters hit set * Expose KRX partial failures instead of misreporting stock lookups The Korean stock proxy used to silently drop failed market snapshots during search and could turn an empty holiday trade snapshot into a 502 by falling back into base-info lookup. This change surfaces degraded market metadata on partial search success, short-circuits empty trade snapshots to not_found, and refreshes the user docs to use a real trading day in examples. Constraint: KOSPI base-info approval is granted separately from other KRX routes Constraint: Healthy markets should still return usable search results during a partial outage Rejected: Return 502 on every partial search failure | hides still-usable markets and breaks current clients unnecessarily Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep degraded search metadata when any market snapshot fetch fails so partial outages stay visible Tested: npm test --workspace k-skill-proxy Tested: node --test scripts/skill-docs.test.js Tested: npm run ci Not-tested: Live KOSPI base-info behavior after the new KRX permission is approved * Adopt kordoc for the hwp skill workflow Issue #119 replaces the previous HWP guidance with kordoc so the skill matches the newer agent-native document flow. The docs and regression tests now center the HWP skill on kordoc parsing, JSON extraction, diffing, form filling, and Markdown-to-HWPX round-tripping, while the install/source references stay in sync. Constraint: The repository treats skill behavior as documentation contracts backed by regression tests Constraint: The requested branch/PR flow must target dev with TDD and verified execution evidence Rejected: Keep @ohah/hwpjs or hwp-mcp as fallback guidance | issue #119 explicitly approves replacing the prior stack with kordoc Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep future hwp skill/docs/tests aligned to a single kordoc-first contract unless a new issue explicitly reintroduces multi-backend routing Tested: node --test scripts/skill-docs.test.js; npm run ci; temp-dir kordoc roundtrip via markdownToHwpx -> sample.hwpx -> kordoc CLI markdown output; architect review APPROVED Not-tested: Live parsing of user-provided proprietary HWP/HWPX samples outside the generated roundtrip fixture * Prevent degraded stock search outages from sticking in cache Reviewer feedback showed that partial KRX market failures could be cached as full search answers, masking recovery on the next identical request. This change adds a regression that fails first, skips route-level caching for degraded search payloads, and keeps the trade-info empty-snapshot contract documented alongside the partial-failure response semantics. Constraint: Existing PR #124 already targets dev and must remain the follow-up lane for issue #99 Constraint: Proxy behavior must stay read-only and dependency-free Rejected: Cache degraded search payloads for a short TTL | still risks transient false negatives during the TTL window Rejected: Broaden trade-info fallback behavior | empty snapshots should stay explicit not_found results Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep degraded search responses out of the long-lived route cache unless a future design adds explicit revalidation semantics Tested: npm test --workspace k-skill-proxy; node --test scripts/skill-docs.test.js; npm run ci; explicit buildServer degraded-search recovery repro Not-tested: Live KRX production endpoints from this branch * Align HWP docs with the published kordoc surface The issue #119 follow-up needs the repository contract to match what the currently published kordoc package actually supports. This narrows the HWP skill/docs/tests to the verified install requirement and supported CLI/Node API surfaces, and removes unsupported fill/mcp claims. Constraint: Published kordoc CLI fails at startup without pdfjs-dist Constraint: Docs/tests must reflect the current npm package behavior, not intended future features Rejected: Keep fill/mcp examples with caveats | still documents unsupported entrypoints Confidence: high Scope-risk: narrow Directive: Reintroduce fill/mcp docs only after verifying the published package exposes them in both CLI and Node API Tested: node --test scripts/skill-docs.test.js; npm run ci; temp-dir clean install smoke; temp-dir kordoc+pdfjs-dist watch/parse/extractFormFields/compare/markdownToHwpx/roundtrip smoke; Claude architect review Not-tested: Real-world HWPX template that produces non-empty extractFormFields output * Keep HWP docs runnable against the published kordoc package The follow-up closes the last runnable-contract gaps from review by documenting the working one-shot npx form and separating Node API examples into a local project install path. The regression suite now locks both install notes so future edits do not drift back to broken command shapes. Constraint: Published kordoc CLI still requires pdfjs-dist at startup Constraint: Global NODE_PATH does not make ESM imports from kordoc resolvable in the documented examples Rejected: Keep bare `npx kordoc` examples | fails in a clean environment Rejected: Keep global-install Node API guidance | ESM import remains unresolved Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep HWP docs aligned to verified published kordoc surfaces until the package contract changes upstream Tested: node --test scripts/skill-docs.test.js Tested: npm run ci Tested: temp-dir local npm install kordoc pdfjs-dist plus markdownToHwpx -> sample.hwpx -> one-shot kordoc roundtrip smoke Not-tested: upstream unpublished kordoc features beyond the verified CLI and Node API surfaces * Add Korean scholarship search skill and reporting workflow (#116) * Add nationwide scholarship search skill workflow * Rename scholarship skill to 장학금 주세요 쮜에발 * Fix scholarship skill validation in CI * Trigger GitHub PR diff refresh after dev rebase on main * Fix scholarship helper status handling and test coverage * Use KST as scholarship helper default date basis * Rename scholarship skill display name --------- Co-authored-by: Jeffrey (Dongkyu) Kim <vkehfdl1@gmail.com> * Feature/#121 (#127) * Recover KakaoTalk mac skill auth when upstream user_id detection fails Issue #121 reproduces on a real MacBook because `kakaocli auth` can fail even when the encrypted hex-named DB exists. This change adds a thin repo-owned helper that recovers the active user_id from plist revision hashes, caches the validated DB/key tuple, and reuses it for read-only `kakaocli` commands. The skill and feature docs now steer users to the helper when upstream auto-detection stops at candidate key mismatch, and regression tests lock the recovery flow before the implementation. Constraint: Must stay a thin adapter around upstream kakaocli rather than forking the CLI Constraint: Must verify on a real local macOS KakaoTalk install where issue #121 reproduces Rejected: Full kakaocli reimplementation inside k-skill | too broad for the user_id/key-derivation failure scope Rejected: Docs-only workaround | does not actually fix the broken auth path for users Confidence: high Scope-risk: moderate Reversibility: clean Directive: Keep this helper limited to auth/key recovery and read-only passthrough unless upstream gaps widen materially Tested: python3 -m unittest scripts.test_kakaotalk_mac Tested: node --test scripts/skill-docs.test.js Tested: npm run ci Tested: python3 scripts/kakaotalk_mac.py auth --refresh --max-user-id 800000000 --workers 8 --chunk-size 2000000 Tested: python3 scripts/kakaotalk_mac.py chats --limit 1 --json Not-tested: Other kakaocli subcommands beyond auth/chats/messages/search/query/schema * Protect the KakaoTalk helper's safe recovery path Address the PR follow-up by treating malformed auth cache files as cache misses, removing write-capable passthrough from the wrapper surface, and redacting human-readable auth output so the cached SQLCipher key is not echoed back into terminal history. The docs and regression suite now describe and enforce the read-only contract that the helper is meant to preserve. Constraint: Helper must remain a read-only recovery wrapper around local kakaocli access Rejected: Keep query support with SQL validation | still leaves a risky write-capable escape hatch Confidence: high Scope-risk: narrow Reversibility: clean Directive: Do not re-expose arbitrary SQL passthrough or print the SQLCipher key in default text output Tested: python3 -m unittest scripts.test_kakaotalk_mac; node --test scripts/skill-docs.test.js; npm run ci; python3 scripts/kakaotalk_mac.py auth --refresh --max-user-id 800000000 --workers 8 --chunk-size 2000000; python3 scripts/kakaotalk_mac.py chats --limit 1 --json; python3 scripts/kakaotalk_mac.py auth --cache-path <bad-json>; python3 scripts/kakaotalk_mac.py query --help Not-tested: External automation consumers that depend on shell/json auth output beyond the documented helper flows * Lock the helper CLI surface against accidental regressions The approved issue #121 fixes already hardened the KakaoTalk Mac helper, but the test suite still only exercised the passthrough validator directly. Add an explicit parser-level regression so the public CLI contract stays read-only and `query` cannot quietly reappear in future edits. Constraint: Follow-up is on the existing feature/#121 PR branch and must stay minimal Rejected: Re-open helper implementation changes | current code already satisfies the approved review findings Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep parser exposure tests aligned with READ_ONLY_COMMANDS whenever helper subcommands change Tested: python3 -m unittest scripts.test_kakaotalk_mac; node --test scripts/skill-docs.test.js; npm run ci; python3 scripts/kakaotalk_mac.py auth --refresh --max-user-id 800000000 --workers 8 --chunk-size 2000000; python3 scripts/kakaotalk_mac.py chats --limit 1 --json; python3 scripts/kakaotalk_mac.py auth --cache-path <bad-json> Not-tested: No new production code paths changed in this follow-up * Honor explicit Kakao auth recovery overrides The helper now treats manual auth overrides as a cache-bypassing recovery request and rejects invalid brute-force tuning flags at the CLI boundary so users get deterministic behavior instead of stale cached tuples or Python tracebacks. Regression coverage locks both paths before the PR follow-up lands. Constraint: The helper must remain a thin read-only wrapper around kakaocli auth recovery Rejected: Require --refresh whenever --user-id/--uuid is passed | worse UX than honoring overrides directly Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep explicit auth overrides ahead of cache reuse unless the CLI contract is redesigned and documented Tested: python3 -m unittest scripts.test_kakaotalk_mac; node --test scripts/skill-docs.test.js; npm run ci; python3 scripts/kakaotalk_mac.py auth --refresh --max-user-id 800000000 --workers 8 --chunk-size 2000000; python3 scripts/kakaotalk_mac.py chats --limit 1 --json; python3 scripts/kakaotalk_mac.py auth --cache-path <bad-json>; python3 scripts/kakaotalk_mac.py auth --refresh --max-user-id -1; python3 scripts/kakaotalk_mac.py auth --refresh --workers 2 --chunk-size 0 --max-user-id 10; python3 scripts/kakaotalk_mac.py auth --cache-path <temp-cache> --user-id 999; python3 scripts/kakaotalk_mac.py auth --cache-path <temp-cache> --uuid <live-uuid> Not-tested: Manual override success with a truly alternate valid user_id/uuid pair on a multi-account local install * Feature/#129 (#131) * Add official KBL results support so basketball queries use live league data Issue #129 needs a read-only skill and reusable package for KBL schedules, results, and standings. The implementation follows the existing sports package pattern and uses the league's live JSON APIs after verifying they respond successfully in real requests. Constraint: Must use official KBL JSON surfaces before considering scraping Constraint: Packaging changes must pass npm run ci and include docs plus Changesets updates Rejected: Browser scraping first | official api.kbl.or.kr endpoints are live and simpler to maintain Rejected: Reuse KBO/K League package shapes verbatim | KBL payload and team/status fields differ materially Confidence: high Scope-risk: moderate Reversibility: clean Directive: Keep seasonGrade=1 as the default KBL path unless future docs/tests explicitly widen to D-League flows Tested: npm run ci; npm run lint --workspace kbl-results; npm test --workspace kbl-results; live getKBLSummary("2026-04-01", { team: "KCC", includeStandings: true }) Not-tested: Historical standings snapshots for past seasons via alternative KBL endpoints * Prevent optional standings lookups from over-fetching the KBL API The new kbl-results summary helper exposes includeStandings=false, so the regression suite now proves that path stays schedule-only and never calls the standings endpoint when the caller opts out. Constraint: The KBL package should preserve the caller's no-standings contract Rejected: Rely on manual inspection of the helper options | a targeted test is cheaper and safer Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep includeStandings=false side-effect free unless the public API contract changes explicitly Tested: npm test --workspace kbl-results; npm run lint --workspace kbl-results Not-tested: Full-repo CI before stacking this commit onto the rebased branch * Add Naver Shopping price comparison skill * Use Naver Shopping BFF fallback * Fix naver shopping BFF page and sort fallback * Clarify Naver OpenAPI review sort fallback * Add library book search skill * Add Data4Library route regression coverage * Fix Data4Library book-exists ISBN-10 handling * Refactor Coupang skill to retention MCP layer * Add Coupang MCP wrapper follow-up coverage * Clarify Coupang wrapper init guidance * Document Coupang MCP init examples * Add parking lot search skill * Add korean-privacy-terms skill regression tests * Add korean-privacy-terms thin-wrapper skill * Document korean-privacy-terms skill across repo docs * Bundle Apache-2.0 LICENSE with korean-privacy-terms wrapper Addresses PR #149 review SHOULD FIX: ship the Apache-2.0 LICENSE text alongside the thin wrapper so Apache License 2.0 §4(a) ('give any other recipients of the Work or Derivative Works a copy of this License') is satisfied even before `install.sh` fetches the upstream payload. - Copy upstream LICENSE verbatim to `korean-privacy-terms/LICENSE.upstream` (byte-for-byte identical to upstream at pinned SHA e390f7b9feb825e368c26726363ea5ce11a34083; SHA256 35ef947614c2f14df01c5fc553f987f644f0c9f6b011adda397bd788a87f1510). - Update SKILL.md Notes to link LICENSE.upstream, clarify that repo-root LICENSE (MIT) is k-skill's own license not this skill's, and document that nested upstream SKILL.md is not discovered by agent platforms. - Document the home-path `bash ~/.claude/skills/.../install.sh` variant in SKILL.md so users who pulled the wrapper via `npx skills add --skill` can install without a repo checkout (installer already resolves ${BASH_SOURCE[0]} absolutely). - Update docs/features/korean-privacy-terms.md to document LICENSE.upstream and the §4(a) rationale. - Strengthen skill-docs regression tests (NICE TO HAVE items from review): * Reject placeholder pins (all-zero / all-f 40-char strings). * Assert the literal upstream clone URL (https://github.com/kimlawtech/korean-privacy-terms.git). * Assert `git clone --filter=blob:none` is used for blobless fetches. * Add new regression test that verifies LICENSE.upstream exists, matches the Apache-2.0 preamble / §4 / APPENDIX structure, and is referenced from both SKILL.md and the feature doc. * Assert APPENDIX anchor in korean-privacy-terms LICENSE.upstream Close Round 3 NICE TO HAVE from PR #149. The LICENSE.upstream regression block asserted preamble, Version 2.0, Redistribution, END OF TERMS, and Copyright 2026 kimlawtech but not the APPENDIX anchor at LICENSE.upstream:179, even though the Round 1 follow-up and Round 2 review collectively described 'APPENDIX structure verification'. Adding this one assertion closes that claim/test parity gap and acts as tamper-detection if upstream reformats LICENSE later. Verified with TDD: temporarily stripped APPENDIX line from LICENSE.upstream, confirmed test 108 FAILS with the expected regex mismatch, then restored and re-confirmed 109/109 GREEN. Byte-for-byte identity with upstream LICENSE still holds (SHA256 35ef947614c2f14df01c5fc553f987f644f0c9f6b011adda397bd788a87f1510). npm run ci exit 0 with 357 ok subtests (unchanged baseline, additive assertion within existing test block). * Fix extractDataGoItems to handle current data.go.kr JSON shapes The MFDS data.go.kr drug and food endpoints now return body.items as a flat array (DrbEasyDrugInfoService, SafeStadDrugService) or an array of {item: {...}} wrappers (PrsecImproptFoodInfoService03), instead of the legacy {items: {item: [...]}} XML→JSON auto-convert shape. Our extractDataGoItems was still looking for body.items.item, so it returned [] for every entry, silently breaking: - /v1/mfds/drug-safety/lookup - /v1/mfds/food-safety/search (improperFood portion) Update extractDataGoItems to accept all three shapes and refresh the mock fixtures in server.test.js to match what upstream actually returns, while adding a backward-compat test for the legacy shape. Note: this does not resolve the remaining FOODSAFETYKOREA_API_KEY being rejected by upstream (issue #148 core symptom) - that is a separate operational key rotation on the proxy server. * Make proxy cache failure-aware and require route-prefixed cache keys Two related issues surfaced while investigating issue #148: 1. Transient upstream failures were being cached for the full 5-minute TTL because every route handler called cache.set() unconditionally with whatever payload came back - including empty items + warnings from a flaky upstream like openapi.foodsafetykorea.go.kr. The user would then see "empty + warning" for 5 minutes even after upstream recovered. 2. makeCacheKey(payload) hashes the whole payload, but fine-dust/report was the only route calling it without a "route" prefix (makeCacheKey(normalized) instead of makeCacheKey({ route: "fine-dust-report", ...normalized })). Different routes with the same normalized shape could collide. Fix both globally in the cache layer so every current and future route benefits without per-route edits: - createMemoryCache.set rejects any payload that isFailureResponse considers a failure (explicit error field, upstream.degraded flag, or empty items alongside warnings). Returns false on reject, true on accept, so callers can observe the decision if needed. - makeCacheKey now throws if payload.route is missing or empty. This catches the fine-dust inconsistency and prevents new routes from reintroducing it. - fine-dust/report now passes `route: "fine-dust-report"` like every other route. New tests: - makeCacheKey asserts distinct routes produce distinct keys and throws without a route. - isFailureResponse covers all failure signatures plus graceful- fallback cases (items present alongside warnings) that must stay cacheable. - createMemoryCache.set refuses each failure shape and still stores healthy payloads. - End-to-end: food-safety/search with a flaky recall upstream serves the upstream failure, retries live when upstream recovers, and only caches once the payload is healthy. TTL itself is unchanged - the value still protects upstream rate limits; it just no longer amplifies transient errors. * Document Coupang hosted fallback contract and affiliate disclosure retention-corp/coupang_partners#1 is merged, so upstream now transparently falls back to the Retention Corp hosted backend at https://a.retn.kr/v1/public/assist when Coupang Partners API credentials are missing. The k-skill wrapper already passes environment variables through unchanged, so this commit lines up the documented contract with the actual two-path behavior without changing runtime logic. - SKILL.md and docs/features/coupang-product-search.md describe both execution paths (operator local HMAC vs credentialless hosted fallback), the honored OPENCLAW_SHOPPING_* env vars, the allowlist client-id convention including the k-skill-specific coupang-mcp-fallback value, and the mandatory affiliate disclosure when a.retn.kr/s/ shortlinks or lptag=AF deeplinks appear in responses. - docs/sources.md adds the hosted assist endpoint and the merged upstream PR so the source surface stays truthful. - README.md reflects the 선택사항 semantics for the 쿠팡 상품 검색 row and extends the column legend so 선택사항 is distinct from 불필요. - coupang_partners_mcp.py expands its --help epilog so operators discover the honored upstream env vars without reading the wrapper source; no runtime behavior change. - scripts/test_coupang_partners_mcp_wrapper.py locks env pass-through as a regression, asserts the new --help contract, and adds an opt-in K_SKILL_COUPANG_SMOKE=1 live smoke test that verifies the credentialless hosted path returns a Coupang deeplink. - scripts/skill-docs.test.js extends the docs regression to require the hosted assist URL, OPENCLAW_SHOPPING_* env prefix, affiliate disclosure wording, and hosted fallback concept while keeping the yuju777 HF Space negative assertion. Verified: npm run ci exits 0, live smoke test (K_SKILL_COUPANG_SMOKE=1) returns a.retn.kr/s/ shortlinks via credentialless wrapper, and manual env -u COUPANG_ACCESS_KEY -u COUPANG_SECRET_KEY call returns isRocket+lptag=AF3727577 responses through the hosted fallback. Refs: #134 * Drop non-allowlisted coupang-mcp-fallback recommendation from hosted fallback docs Direct probes against https://a.retn.kr/v1/public/assist confirmed that X-OpenClaw-Client-Id: coupang-mcp-fallback returns HTTP 403 Client is not allowlisted, while the upstream default openclaw-skill returns HTTP 200. The default wrapper path already works because upstream falls back to openclaw-skill, but the explicit recommendation in SKILL.md and the feature doc was luring users to a 403 path. Remove the dead recommendation and lock in the working configuration: - Docs describe openclaw-skill as the upstream-allowlisted default and note that k-skill does not override OPENCLAW_SHOPPING_CLIENT_ID. - Wrapper --help epilog drops the Suggested k-skill value line and documents openclaw-skill as the allowlist value in play. - New skill-docs regression asserts coupang-mcp-fallback is absent from SKILL.md, the feature doc, the wrapper, and docs/sources.md while openclaw-skill is documented across all three narrative surfaces. - New Python wrapper regression asserts --help drops the dead value and surfaces openclaw-skill so the constraint stays locked. - Existing env-forwarding test uses openclaw-skill as the pass-through sentinel so the repo no longer ships the non-allowlisted string at all. --------- Co-authored-by: minsing-jin <ironman0722@naver.com> |
||
|
github-actions[bot]
|
f6b76e7d40 |
chore: version packages (#137)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> |
||
|
Jeffrey (Dongkyu) Kim
|
68e6829052 |
Sync dev → main: scholarship, public restroom, KBL, Hola Poke + HWP/stock proxy upgrades (#136)
* Add a guided Hola Poke Yeoksam skill without widening repo scope Issue #120 only needs a repository skill payload, discoverability docs, and regression coverage. This change adds the new skill, wires it into existing docs surfaces, and locks the remote-MCP-only contract in tests so future edits keep the phone-only event flow and verbatim message relay behavior. Constraint: The upstream Hola Poke flow lives on a remote MCP server, so this repo should not add proxy/runtime code Constraint: Tests must be written before refining the new docs/skill wording Rejected: Add local package or proxy support for Hola Poke | would over-scope a docs-only skill addition Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep this skill limited to 올라포케 역삼점 and treat the MCP response message as the event source of truth Tested: node --test scripts/skill-docs.test.js --test-name-pattern='hola-poke-yeoksam' Tested: npm run ci Tested: Live MCP initialize/tools/list/get_menu/get_shop_info/enter_event(phone_format) smoke checks against https://hola-poke-yeoksam-skill.onrender.com/mcp Not-tested: Successful live event entry with a real phone number * Help users find nearby public restrooms from Korean location queries This adds a new public-restroom-nearby skill and reusable package that resolves a user-provided location, narrows the official 공중화장실정보 dataset by region when possible, and ranks nearby restroom results with opening-time hints and map links. Constraint: Must use free official/open surfaces without introducing new dependencies Constraint: Must follow TDD and keep release/docs metadata aligned in the same change Rejected: Add a proxy route first | direct official CSV access already works and keeps scope narrower Rejected: Use nationwide-only ranking without regional narrowing | too much noisy data for dense urban anchors Confidence: high Scope-risk: moderate Reversibility: clean Directive: If Kakao place-panel or localdata CSV schema changes, update parser fixtures before broad logic changes Tested: npm run ci; live smoke via searchNearbyPublicRestroomsByLocationQuery('광화문', { limit: 3 }); architect review APPROVED Not-tested: Non-Seoul live smoke across every regional orgCode * Pin the Hola Poke MCP contract in repo-owned regression fixtures The earlier issue #120 regression only matched prose, so this follow-up records the verified remote MCP tool/result snapshot in a checked-in fixture and makes both docs surfaces byte-align to it. That keeps the discoverability docs honest while turning the review claim into a real contract lock for tools/list, get_menu, get_shop_info, and the invalid-phone event flow. Constraint: The upstream remote MCP server can change independently of this repo Rejected: Keep prose-only regex checks | would not catch contract drift Confidence: high Scope-risk: narrow Reversibility: clean Directive: Refresh the fixture, both JSON fences, and the live-smoke evidence together whenever the upstream contract changes Tested: node --test scripts/skill-docs.test.js --test-name-pattern='hola-poke-yeoksam'; npm run ci; live MCP smoke check against https://hola-poke-yeoksam-skill.onrender.com/mcp (initialize, tools/list, get_menu, get_shop_info, invalid enter_event) Not-tested: Successful enter_event with a real phone number (intentionally avoided to prevent live event participation) * Keep nearby restroom lookups resilient to flaky Kakao place panels The review caught two regressions in the new public-restroom-nearby package: a single broken Kakao panel aborted anchor resolution, and coordinate search dropped maxDistanceMeters before normalization. This change adds targeted regression coverage first, keeps per-candidate HTTP failures recoverable, and hardens request errors with explicit status/url metadata so fallback logic no longer depends on parsing error strings. Constraint: Must preserve the published package surface and keep the fix scoped to PR #123 follow-up Rejected: Swallow all panel errors | would hide non-HTTP failures like network faults Rejected: Parse request error messages for status codes | brittle coupling to string formatting Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep recoverable Kakao panel handling aligned with request() error annotations if request() changes again Tested: npm test --workspace public-restroom-nearby Tested: npm run ci Tested: live smoke searchNearbyPublicRestroomsByLocationQuery('광화문', { limit: 3 }) Tested: LSP diagnostics on packages/public-restroom-nearby/src/index.js and test/index.test.js Not-tested: Live Kakao fallback against a real upstream 5xx place-panel response * Keep the Hola Poke contract claims aligned with verified coverage The reviewed fixture-based regression already locks the documented remote snapshot, but the docs still implied the enter_event success path had live proof. Narrow the docs and the regression so they explicitly say the success fields are pinned by the recorded snapshot while the live smoke only verifies the invalid-phone retry path. Constraint: Live success-path verification would trigger a real event entry and is intentionally avoided Rejected: Leave the broader wording in place | review feedback showed it overstated the live evidence Confidence: high Scope-risk: narrow Reversibility: clean Directive: If a safe non-mutating success-path probe becomes available, update the docs and fixture wording together Tested: node --test scripts/skill-docs.test.js --test-name-pattern='hola-poke-yeoksam'; npm run ci; live MCP smoke against https://hola-poke-yeoksam-skill.onrender.com/mcp (initialize, tools/list, get_menu subset, get_shop_info subset, invalid enter_event) Not-tested: Real enter_event success-path invocation * Document the restroom distance-cap contract with regression coverage The approved issue-117 code fix already restored maxDistanceMeters behavior, but the published docs did not lock or explain that contract. This follow-up adds a failing-first doc regression, then updates the feature guide and package README with the verified 100m example so users and future reviewers see the same behavior the package now ships. Constraint: Must stay scoped to the existing PR #123 follow-up without reopening the implementation surface Rejected: Leave the behavior implicit in code/tests only | published docs would lag the verified contract Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep the public-restroom-nearby docs and skill-docs regression aligned with live maxDistanceMeters smoke evidence if the sample query changes Tested: node --test scripts/skill-docs.test.js (red then green) Tested: npm test --workspace public-restroom-nearby Tested: npm run ci Tested: live smoke searchNearbyPublicRestroomsByLocationQuery('광화문', { limit: 3 }) Tested: live smoke searchNearbyPublicRestroomsByLocationQuery('광화문', { limit: 3, maxDistanceMeters: 100 }) Tested: architect review APPROVED Not-tested: Alternative landmark queries with a non-zero maxDistanceMeters hit set * Expose KRX partial failures instead of misreporting stock lookups The Korean stock proxy used to silently drop failed market snapshots during search and could turn an empty holiday trade snapshot into a 502 by falling back into base-info lookup. This change surfaces degraded market metadata on partial search success, short-circuits empty trade snapshots to not_found, and refreshes the user docs to use a real trading day in examples. Constraint: KOSPI base-info approval is granted separately from other KRX routes Constraint: Healthy markets should still return usable search results during a partial outage Rejected: Return 502 on every partial search failure | hides still-usable markets and breaks current clients unnecessarily Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep degraded search metadata when any market snapshot fetch fails so partial outages stay visible Tested: npm test --workspace k-skill-proxy Tested: node --test scripts/skill-docs.test.js Tested: npm run ci Not-tested: Live KOSPI base-info behavior after the new KRX permission is approved * Adopt kordoc for the hwp skill workflow Issue #119 replaces the previous HWP guidance with kordoc so the skill matches the newer agent-native document flow. The docs and regression tests now center the HWP skill on kordoc parsing, JSON extraction, diffing, form filling, and Markdown-to-HWPX round-tripping, while the install/source references stay in sync. Constraint: The repository treats skill behavior as documentation contracts backed by regression tests Constraint: The requested branch/PR flow must target dev with TDD and verified execution evidence Rejected: Keep @ohah/hwpjs or hwp-mcp as fallback guidance | issue #119 explicitly approves replacing the prior stack with kordoc Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep future hwp skill/docs/tests aligned to a single kordoc-first contract unless a new issue explicitly reintroduces multi-backend routing Tested: node --test scripts/skill-docs.test.js; npm run ci; temp-dir kordoc roundtrip via markdownToHwpx -> sample.hwpx -> kordoc CLI markdown output; architect review APPROVED Not-tested: Live parsing of user-provided proprietary HWP/HWPX samples outside the generated roundtrip fixture * Prevent degraded stock search outages from sticking in cache Reviewer feedback showed that partial KRX market failures could be cached as full search answers, masking recovery on the next identical request. This change adds a regression that fails first, skips route-level caching for degraded search payloads, and keeps the trade-info empty-snapshot contract documented alongside the partial-failure response semantics. Constraint: Existing PR #124 already targets dev and must remain the follow-up lane for issue #99 Constraint: Proxy behavior must stay read-only and dependency-free Rejected: Cache degraded search payloads for a short TTL | still risks transient false negatives during the TTL window Rejected: Broaden trade-info fallback behavior | empty snapshots should stay explicit not_found results Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep degraded search responses out of the long-lived route cache unless a future design adds explicit revalidation semantics Tested: npm test --workspace k-skill-proxy; node --test scripts/skill-docs.test.js; npm run ci; explicit buildServer degraded-search recovery repro Not-tested: Live KRX production endpoints from this branch * Align HWP docs with the published kordoc surface The issue #119 follow-up needs the repository contract to match what the currently published kordoc package actually supports. This narrows the HWP skill/docs/tests to the verified install requirement and supported CLI/Node API surfaces, and removes unsupported fill/mcp claims. Constraint: Published kordoc CLI fails at startup without pdfjs-dist Constraint: Docs/tests must reflect the current npm package behavior, not intended future features Rejected: Keep fill/mcp examples with caveats | still documents unsupported entrypoints Confidence: high Scope-risk: narrow Directive: Reintroduce fill/mcp docs only after verifying the published package exposes them in both CLI and Node API Tested: node --test scripts/skill-docs.test.js; npm run ci; temp-dir clean install smoke; temp-dir kordoc+pdfjs-dist watch/parse/extractFormFields/compare/markdownToHwpx/roundtrip smoke; Claude architect review Not-tested: Real-world HWPX template that produces non-empty extractFormFields output * Keep HWP docs runnable against the published kordoc package The follow-up closes the last runnable-contract gaps from review by documenting the working one-shot npx form and separating Node API examples into a local project install path. The regression suite now locks both install notes so future edits do not drift back to broken command shapes. Constraint: Published kordoc CLI still requires pdfjs-dist at startup Constraint: Global NODE_PATH does not make ESM imports from kordoc resolvable in the documented examples Rejected: Keep bare `npx kordoc` examples | fails in a clean environment Rejected: Keep global-install Node API guidance | ESM import remains unresolved Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep HWP docs aligned to verified published kordoc surfaces until the package contract changes upstream Tested: node --test scripts/skill-docs.test.js Tested: npm run ci Tested: temp-dir local npm install kordoc pdfjs-dist plus markdownToHwpx -> sample.hwpx -> one-shot kordoc roundtrip smoke Not-tested: upstream unpublished kordoc features beyond the verified CLI and Node API surfaces * Add Korean scholarship search skill and reporting workflow (#116) * Add nationwide scholarship search skill workflow * Rename scholarship skill to 장학금 주세요 쮜에발 * Fix scholarship skill validation in CI * Trigger GitHub PR diff refresh after dev rebase on main * Fix scholarship helper status handling and test coverage * Use KST as scholarship helper default date basis * Rename scholarship skill display name --------- Co-authored-by: Jeffrey (Dongkyu) Kim <vkehfdl1@gmail.com> * Feature/#121 (#127) * Recover KakaoTalk mac skill auth when upstream user_id detection fails Issue #121 reproduces on a real MacBook because `kakaocli auth` can fail even when the encrypted hex-named DB exists. This change adds a thin repo-owned helper that recovers the active user_id from plist revision hashes, caches the validated DB/key tuple, and reuses it for read-only `kakaocli` commands. The skill and feature docs now steer users to the helper when upstream auto-detection stops at candidate key mismatch, and regression tests lock the recovery flow before the implementation. Constraint: Must stay a thin adapter around upstream kakaocli rather than forking the CLI Constraint: Must verify on a real local macOS KakaoTalk install where issue #121 reproduces Rejected: Full kakaocli reimplementation inside k-skill | too broad for the user_id/key-derivation failure scope Rejected: Docs-only workaround | does not actually fix the broken auth path for users Confidence: high Scope-risk: moderate Reversibility: clean Directive: Keep this helper limited to auth/key recovery and read-only passthrough unless upstream gaps widen materially Tested: python3 -m unittest scripts.test_kakaotalk_mac Tested: node --test scripts/skill-docs.test.js Tested: npm run ci Tested: python3 scripts/kakaotalk_mac.py auth --refresh --max-user-id 800000000 --workers 8 --chunk-size 2000000 Tested: python3 scripts/kakaotalk_mac.py chats --limit 1 --json Not-tested: Other kakaocli subcommands beyond auth/chats/messages/search/query/schema * Protect the KakaoTalk helper's safe recovery path Address the PR follow-up by treating malformed auth cache files as cache misses, removing write-capable passthrough from the wrapper surface, and redacting human-readable auth output so the cached SQLCipher key is not echoed back into terminal history. The docs and regression suite now describe and enforce the read-only contract that the helper is meant to preserve. Constraint: Helper must remain a read-only recovery wrapper around local kakaocli access Rejected: Keep query support with SQL validation | still leaves a risky write-capable escape hatch Confidence: high Scope-risk: narrow Reversibility: clean Directive: Do not re-expose arbitrary SQL passthrough or print the SQLCipher key in default text output Tested: python3 -m unittest scripts.test_kakaotalk_mac; node --test scripts/skill-docs.test.js; npm run ci; python3 scripts/kakaotalk_mac.py auth --refresh --max-user-id 800000000 --workers 8 --chunk-size 2000000; python3 scripts/kakaotalk_mac.py chats --limit 1 --json; python3 scripts/kakaotalk_mac.py auth --cache-path <bad-json>; python3 scripts/kakaotalk_mac.py query --help Not-tested: External automation consumers that depend on shell/json auth output beyond the documented helper flows * Lock the helper CLI surface against accidental regressions The approved issue #121 fixes already hardened the KakaoTalk Mac helper, but the test suite still only exercised the passthrough validator directly. Add an explicit parser-level regression so the public CLI contract stays read-only and `query` cannot quietly reappear in future edits. Constraint: Follow-up is on the existing feature/#121 PR branch and must stay minimal Rejected: Re-open helper implementation changes | current code already satisfies the approved review findings Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep parser exposure tests aligned with READ_ONLY_COMMANDS whenever helper subcommands change Tested: python3 -m unittest scripts.test_kakaotalk_mac; node --test scripts/skill-docs.test.js; npm run ci; python3 scripts/kakaotalk_mac.py auth --refresh --max-user-id 800000000 --workers 8 --chunk-size 2000000; python3 scripts/kakaotalk_mac.py chats --limit 1 --json; python3 scripts/kakaotalk_mac.py auth --cache-path <bad-json> Not-tested: No new production code paths changed in this follow-up * Honor explicit Kakao auth recovery overrides The helper now treats manual auth overrides as a cache-bypassing recovery request and rejects invalid brute-force tuning flags at the CLI boundary so users get deterministic behavior instead of stale cached tuples or Python tracebacks. Regression coverage locks both paths before the PR follow-up lands. Constraint: The helper must remain a thin read-only wrapper around kakaocli auth recovery Rejected: Require --refresh whenever --user-id/--uuid is passed | worse UX than honoring overrides directly Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep explicit auth overrides ahead of cache reuse unless the CLI contract is redesigned and documented Tested: python3 -m unittest scripts.test_kakaotalk_mac; node --test scripts/skill-docs.test.js; npm run ci; python3 scripts/kakaotalk_mac.py auth --refresh --max-user-id 800000000 --workers 8 --chunk-size 2000000; python3 scripts/kakaotalk_mac.py chats --limit 1 --json; python3 scripts/kakaotalk_mac.py auth --cache-path <bad-json>; python3 scripts/kakaotalk_mac.py auth --refresh --max-user-id -1; python3 scripts/kakaotalk_mac.py auth --refresh --workers 2 --chunk-size 0 --max-user-id 10; python3 scripts/kakaotalk_mac.py auth --cache-path <temp-cache> --user-id 999; python3 scripts/kakaotalk_mac.py auth --cache-path <temp-cache> --uuid <live-uuid> Not-tested: Manual override success with a truly alternate valid user_id/uuid pair on a multi-account local install * Feature/#129 (#131) * Add official KBL results support so basketball queries use live league data Issue #129 needs a read-only skill and reusable package for KBL schedules, results, and standings. The implementation follows the existing sports package pattern and uses the league's live JSON APIs after verifying they respond successfully in real requests. Constraint: Must use official KBL JSON surfaces before considering scraping Constraint: Packaging changes must pass npm run ci and include docs plus Changesets updates Rejected: Browser scraping first | official api.kbl.or.kr endpoints are live and simpler to maintain Rejected: Reuse KBO/K League package shapes verbatim | KBL payload and team/status fields differ materially Confidence: high Scope-risk: moderate Reversibility: clean Directive: Keep seasonGrade=1 as the default KBL path unless future docs/tests explicitly widen to D-League flows Tested: npm run ci; npm run lint --workspace kbl-results; npm test --workspace kbl-results; live getKBLSummary("2026-04-01", { team: "KCC", includeStandings: true }) Not-tested: Historical standings snapshots for past seasons via alternative KBL endpoints * Prevent optional standings lookups from over-fetching the KBL API The new kbl-results summary helper exposes includeStandings=false, so the regression suite now proves that path stays schedule-only and never calls the standings endpoint when the caller opts out. Constraint: The KBL package should preserve the caller's no-standings contract Rejected: Rely on manual inspection of the helper options | a targeted test is cheaper and safer Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep includeStandings=false side-effect free unless the public API contract changes explicitly Tested: npm test --workspace kbl-results; npm run lint --workspace kbl-results Not-tested: Full-repo CI before stacking this commit onto the rebased branch --------- Co-authored-by: minsing-jin <ironman0722@naver.com> |
||
|
Jeffrey (Dongkyu) Kim
|
0ec0ab929e |
Merge pull request #112 from NomaDamas/changeset-release/main
chore: version packages |
||
|
github-actions[bot]
|
ca221f5a1c | chore: version packages | ||
|
Jeffrey (Dongkyu) Kim
|
e7df15c234 |
Merge pull request #111 from NomaDamas/dev
Sync dev → main: MFDS food-safety enhancement, school lunch, market kurly, and more |
||
|
Jeffrey (Dongkyu) Kim
|
4c1989fdb2 |
Add product-report proxy route for health food manufacturing data (I0030)
The existing health-food-ingredient route only covers individually-approved ingredients (I-0040/I-0050), missing gazetted ingredients like psyllium husk (차전자피). I0030 (건강기능식품 품목제조 신고사항) has 44k+ registered products with raw materials, functionality, intake precautions, and standards. The new /v1/mfds/food-safety/product-report route queries I0030 with server-side PRDLST_NM and RAWMTRL_NM filters in parallel, deduplicates by report number, and returns normalized results. Live-verified with FOODSAFETYKOREA_API_KEY returning 차전자피 products with full precautions. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Jeffrey (Dongkyu) Kim
|
9dd5438f5f |
Add health-food ingredient and inspection-fail proxy routes for food-safety
The existing food-safety skill only queried recall/sales-suspension records (I0490), which was too edge-case for "can I eat this?" questions. This adds two new foodsafetykorea.go.kr surfaces through k-skill-proxy: - /v1/mfds/food-safety/health-food-ingredient (I-0040 + I-0050): official health food ingredient recognition, daily intake, precautions - /v1/mfds/food-safety/inspection-fail (I2620): domestic inspection failure records with test results and standards All three routes share the same FOODSAFETYKOREA_API_KEY with sample-feed fallback. Python helper gains health-food-ingredient and inspection-fail subcommands. SKILL.md updated with new surfaces, workflow, and CLI examples. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Jeffrey (Dongkyu) Kim
|
2550d19974 |
Route MFDS drug-safety and food-safety lookups through k-skill-proxy
Move direct API calls out of the skill Python scripts and into shared proxy routes so end-users no longer need their own DATA_GO_KR_API_KEY for MFDS surfaces. Adds mfds.js helper, proxy tests, and updates all docs and setup guidance to reflect the hosted proxy workflow. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
Jeffrey (Dongkyu) Kim
|
c6d362a9e9 |
Merge pull request #105 from hon2be/feature/k-schoollunch-menu
fix: #102, #103 수정사항 반영 |
||
|
Jeffrey (Dongkyu) Kim
|
774e3e2d9d |
Merge pull request #103 from NomaDamas/feature/#0
Feature/#0 |
||
|
Jeffrey (Dongkyu) Kim
|
68372bafbc |
Merge pull request #94 from greekr4/feat/blue-ribbon-browser-fallback
blue-ribbon-nearby: rebrowser-playwright 기반 브라우저 fallback 추가 |
||
|
Jeffrey (Dongkyu) Kim
|
6d5f7288c8 |
Ensure the browser fallback ships through the Changesets release flow
The PR changes the published blue-ribbon-nearby package behavior, so it needs a changeset for the automated version-packages PR and publish pipeline. This keeps the release metadata aligned with the repository's Changesets workflow without touching package versions by hand. Constraint: Node package releases in this repo must use Changesets rather than manual version bumps Rejected: Skip the changeset and rely on the feature PR alone | the automated release PR would have no release intent to consume Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep feature PRs release-ready by adding a changeset whenever published package behavior changes Tested: npm --workspace packages/blue-ribbon-nearby test; npm run ci (fails in this environment because tsc is unavailable) Not-tested: Full repo typecheck/test pipeline with TypeScript installed |
||
|
Jeffrey (Dongkyu) Kim
|
5b22fb7546 |
Keep PR #105 mergeable with the current dev branch
Merged origin/dev into feature/k-schoollunch-menu and resolved the stale
conflict surfaces by matching the current dev tree. The branch keeps its
review history, but its content now aligns with the already-verified dev
integration so the cross-repo PR stops reporting merge conflicts.
Constraint: The school-lunch and household-waste changes already live on dev and should remain the source of truth
Rejected: Force-reset the contributor branch to origin/dev | destructive for a cross-repo PR and unnecessary
Rejected: Keep branch-only drift on docs/tests/proxy files | preserves conflict noise without new shipped behavior
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: For long-lived cross-repo follow-up PRs, prefer sync merges that converge to the verified base branch
Tested: Tree equality against origin/dev after merge resolution
Tested: npm run ci before final tree convergence on this branch; origin/dev npm run ci at commit
|
||
|
Jeffrey (Dongkyu) Kim
|
f551ab208e |
Keep PR #103 mergeable with the current dev branch
Merged origin/dev into feature/#0 and resolved the stale conflict surfaces by
matching the current dev tree. This preserves the branch history while making
the branch content equivalent to the already-verified integration branch so the
open PR no longer carries outdated merge blockers.
Constraint: The approved household-waste and school-lunch work is already integrated on dev
Rejected: Force-reset feature/#0 to origin/dev | would drop branch history and require a force push
Rejected: Preserve stale branch-only doc/test drift | kept the PR conflicting without new product value
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: If this PR stays open for coordination only, prefer merge-sync commits over force-push rewrites
Tested: Tree equality against origin/dev after merge resolution
Tested: origin/dev npm run ci at commit
|
||
|
Jeffrey (Dongkyu) Kim
|
8b544b4868 |
Keep PR #94 current with the latest mainline docs and release state
Merged origin/main into feat/blue-ribbon-browser-fallback so the feature branch carries the latest main-branch packaging and documentation context while preserving the blue-ribbon browser fallback implementation. No manual conflict resolution was required. Constraint: PR #94 still needs its browser-fallback feature diff intact while main keeps moving Rejected: Rebase the feature branch onto main | unnecessary risk for an already-reviewable cross-repo branch Rejected: Leave the branch behind main | makes future review and merge harder as main continues to move Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep package-lock and optional dependency behavior validated whenever this branch is re-synced with main Tested: npm test --workspace blue-ribbon-nearby Tested: npm run lint --workspace blue-ribbon-nearby Not-tested: Full workspace npm run ci on the feature branch after the merge-sync commit |
||
|
Jeffrey (Dongkyu) Kim
|
7b82d4d409 |
Keep dev aligned with main after the Naver blog skill landed
Merged origin/main into dev so the branch regains direct ancestry with the mainline release history while preserving newer dev-side docs, proxy, and helper updates. Conflict resolution kept the richer dev documentation and proxy behavior, took the mainline Naver blog skill files as the canonical source, and preserved the released package-version/changelog updates from main where they were the authoritative record of published state. Constraint: dev already contained newer docs/proxy work that would have regressed if main-side older variants won Constraint: main carried release metadata that should remain authoritative for published package versions Rejected: Cherry-pick main-only commits again | fixes content but does not restore formal dev<-main merge ancestry Rejected: Prefer main on all conflicts | would drop newer dev-only skill and proxy guidance Confidence: high Scope-risk: moderate Reversibility: clean Directive: On future dev<-main syncs, preserve newer dev docs/proxy behavior first, then re-run full workspace CI before concluding Tested: npm run ci; inspected README/proxy/setup/package metadata after conflict resolution Not-tested: push to origin/dev; GitHub mergeability after remote update |
||
|
Jeffrey (Dongkyu) Kim
|
77001d7202 |
Merge pull request #109 from NomaDamas/feature/#108
Feature/#108 |
||
|
Jeffrey (Dongkyu) Kim
|
5e34ee041b |
Normalize NEIS proxy failures and repair the selective install command
The GeekNews follow-up review found two merge blockers outside the new helper itself: rejected NEIS upstream fetches escaped as Fastify 500s, and the documented selective install block split into two shell commands. This change adds regression coverage first, catches rejected NEIS fetches at the route boundary with the established proxy_error/502 contract, and locks the multiline install snippet so copy-paste works. Constraint: Keep NEIS proxy failures aligned with existing public proxy error handling Constraint: Preserve the published GeekNews verification commands and current PR scope Rejected: Wrapping fetch inside the NEIS helper functions | route-level handling matches the surrounding Fastify endpoint pattern Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep public proxy routes fail-closed on rejected upstream fetches and keep multiline install snippets copy-pasteable Tested: PYTHONPATH=.:scripts python3 -m unittest scripts.test_geeknews_search; node --test scripts/skill-docs.test.js; node --test packages/k-skill-proxy/test/server.test.js; python3 scripts/geeknews_search.py list --limit 3; python3 scripts/geeknews_search.py search --query Claude --limit 3; python3 scripts/geeknews_search.py detail --id 28439; node NEIS rejected-fetch repro; npm run ci Not-tested: Live NEIS upstream success responses against the real public API in this follow-up |
||
|
Jeffrey (Dongkyu) Kim
|
43e8625986 |
Add a repeatable GeekNews lookup path without unofficial APIs
Issue #108 needs a dedicated read-only skill that can browse, search, and inspect GeekNews posts using the public feed alone. The implementation adds a fixture-backed Atom helper, skill/docs surfaces, and install/README wiring, then verifies the helper against the live GeekNews feed. Constraint: Must stay RSS-first and avoid new dependencies or unofficial APIs Constraint: Skill development requires syncing the skill into ~/.claude/skills and ~/.agents/skills during verification Rejected: Fetch article pages directly for v1 | expands scope beyond the approved RSS-driven workflow Rejected: Use XML parser modules | current python3 environment has expat issues, so regex + HTML parsing is safer here Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep the root helper and geeknews-search/scripts copy behaviorally identical because the installed skill must remain self-contained Tested: PYTHONPATH=.:scripts python3 -m unittest scripts.test_geeknews_search; node --test scripts/skill-docs.test.js; python3 scripts/geeknews_search.py list --limit 3; python3 scripts/geeknews_search.py search --query Claude --limit 3; python3 scripts/geeknews_search.py detail --id 28439; npm run ci Not-tested: Non-default feed mirrors or future Atom schema changes beyond the current public GeekNews feed shape Related: Issue #108 |
||
owen
|
4f015c5680 |
feat: 네이버 블로그 리서치 스킬 추가 (#107)
* feat: 네이버 블로그 리서치 스킬 추가 API 키 없이 python3 표준 라이브러리만으로 네이버 블로그 검색, 원문 읽기, 이미지 다운로드를 수행하는 스킬. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Restore Naver blog search paging and newest-sort behavior Naver's current blog search surface does not honor the older where=blog + sort query pattern used by this skill. The request now targets the blog tab surface, uses the observed NSO sort controls, and trims each parsed page to the visible 15-result window so count-based pagination returns distinct results. Constraint: Must keep using stdlib-only HTTP scraping without adding dependencies Constraint: Current Naver blog tab behavior requires ssc/tab parameters plus nso sort controls Rejected: Keep where=blog and tune start values only | still returned repeated first-page results Rejected: Leave sort=date as-is | current endpoint ignored it and returned relevance ordering Confidence: medium Scope-risk: narrow Reversibility: clean Directive: Re-verify request params against live Naver markup before changing paging or sort semantics again Tested: python3 -m py_compile on naver-blog-research scripts and new regression test; PYTHONPATH=.:scripts python3 -m unittest scripts.test_naver_blog_search; npm run lint; live naver_search.py --count 20/30 --sort sim; live naver_search.py --count 10/20 --sort date Not-tested: Full npm run test remains blocked by unrelated local pyexpat/libexpat environment failures in patent-search tests * Surface the new Naver blog skill in the main README PR 107 adds the skill and feature guide, but the repository landing page still omitted it from the user-facing capability list. This commit keeps the README aligned with the actual shipped skill set so users can discover the new entry point from the main docs. Constraint: README capability tables and feature lists should stay aligned with docs/features entries Rejected: Leave README unchanged until merge | hides the new skill from the main index during PR review Confidence: high Scope-risk: narrow Reversibility: clean Directive: When adding a new skill guide, update both the summary table and the included-features list together Tested: README diff review; verified docs/features/naver-blog-research.md link target exists Not-tested: Full npm run ci (docs-only change) --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: Jeffrey (Dongkyu) Kim <vkehfdl1@gmail.com> |
||
hyeongr
|
0b37193fd6 |
🔀 Merge branch 'feature/#0' into feature/k-schoollunch-menu
NEIS 급식·생활쓰레기 프록시·문서·skill-docs 테스트 정렬 충돌을 해소했다. Made-with: Cursor |
||
|
Jeffrey (Dongkyu) Kim
|
59073f1e30 |
Close the remaining household-waste validation loopholes before merge
Review follow-up found that mixed alias pagination params could still bypass the narrowed public route contract even after duplicate scalar handling was added. This tightens the query normalizer so pageNo/page_no and numOfRows/num_of_rows must appear exactly once and match the fixed allowed values, expands regression coverage for those alias combinations, and aligns the public docs/examples with the exact pageNo=1 + numOfRows=100 contract. The household-waste test setup was also de-duplicated within the scoped suite to keep the follow-up readable without widening behavior. Constraint: The public household-waste proxy route must stay narrow and reject ambiguous scalar query shapes before any upstream fetch Rejected: Keep alias resolution as first-non-null | mixed pageNo/page_no and numOfRows/num_of_rows would still bypass the documented 400 path Rejected: Broaden the route to support alternate page sizes | outside the approved issue scope and contrary to the fixed-value contract Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep household-waste docs and regression tests aligned whenever the allowed query surface changes, including alias handling Tested: node --test packages/k-skill-proxy/test/server.test.js Tested: node --test scripts/skill-docs.test.js Tested: npm run lint Tested: npm run typecheck Tested: npm run test Tested: local proxy smoke on port 4121 for mixed pageNo/page_no 400, mixed numOfRows/num_of_rows 400, and returnType override reaching upstream with fixed pagination Not-tested: Live successful household-waste upstream response with a real DATA_GO_KR_API_KEY |
||
|
Jeffrey (Dongkyu) Kim
|
8482ddf847 |
Prevent duplicate household-waste filters from reaching upstream
Fastify parses repeated query parameters as arrays, so the household-waste normalizer now rejects repeated scalar fields before any upstream request. This adds a regression test for duplicated cond[SGG_NM::LIKE] values and keeps invalid requests on the documented 400 bad_request path. Constraint: Household-waste validation must fail before any upstream fetch Rejected: Join repeated query values into one filter | ambiguous request semantics Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep repeated scalar query params on the 400 path unless the public contract is expanded intentionally Tested: node --test packages/k-skill-proxy/test/server.test.js; npm test; npm run lint; npm run typecheck; local proxy smoke on duplicated cond[SGG_NM::LIKE] Not-tested: Live household-waste upstream success path with a real DATA_GO_KR_API_KEY |
||
|
hyeongr
|
d3d048e822 |
📝 docs: 생활쓰레기·급식 hosted proxy 문서 정합성 및 skill-docs 회귀 테스트
- setup.md·k-skill-setup: 생활쓰레기/급식을 기본 hosted·unset base URL 문구에 포함, 서버 키(DATA_GO_KR·KEDU) 명시 - 표·다음 문서: 생활쓰레기 행·가이드 링크, pageNo/numOfRows 필수 - proxy README·feature doc·household-waste 스킬: 키·페이지네이션·400 계약 보강 - skill-docs.test.js: hosted 생활쓰레기/급식 흐름 회귀 테스트, 예시 secrets에 KEDU_INFO_KEY 금지 Made-with: Cursor |
||
|
hyeongr
|
23dd424dd7 |
✨ feat(k-skill-proxy): 생활쓰레기 페이지네이션 검증 및 문서 보강
- /v1/household-waste/info에 pageNo·numOfRows 필수, 값은 1·100만 허용(미충족·비정수 문자열은 400) - validateHouseholdWastePaginationQuery 오동작 수정 - validate-skills.sh에서 .cursor·.vscode 디렉터리 제외 - household-waste·k-skill-proxy 문서, 스킬, 패키지 README에 NEIS·생활쓰레기 curl 예시 정리 Made-with: Cursor |
||
|
hyeongr
|
0ceff05e20 | fix: PR #102 관련 잘못된 머지 충돌 처리 및 API 키 누락 방지를 위한 proxy 서버에 설명 추가 | ||
|
Jeffrey (Dongkyu) Kim
|
08408cab4a |
Keep setup guidance aligned with hosted proxy capabilities
The setup skill had drifted behind docs/setup.md after the household-waste and school-lunch proxy follow-ups. This updates the skill guidance and locks it with a regression so future doc edits keep the hosted-proxy and server-only-key story consistent across the user-facing setup surfaces. Constraint: Follow-up scope is limited to the approved docs/setup consistency gap from PR #103 review Rejected: Broad setup-doc sweep | unnecessary beyond the approved drift fix Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep k-skill-setup/SKILL.md aligned with docs/setup.md whenever hosted proxy coverage changes Tested: npm run lint; npm run typecheck; node --test packages/k-skill-proxy/test/server.test.js; bash scripts/validate-skills.sh; node --test scripts/skill-docs.test.js; local buildServer smoke for /health and household-waste pagination Not-tested: Live upstream NEIS/Data.go.kr network calls with real server credentials Related: PR #103 |
||
|
Jeffrey (Dongkyu) Kim
|
9e3f2aff85 |
Keep hosted-proxy school lunch guidance and waste guard coverage aligned
The feature/#0 follow-up already had the proxy/runtime fixes in place, but the branch still needed the final regression locks and doc wording that keep the review fixes durable. This commit adds lower-bound household-waste pagination tests and aligns install/security docs with the proxy-only KEDU_INFO_KEY policy so the school lunch feature stays on the hosted-proxy / no-user-key path. Constraint: Follow-up had to stay on feature/#0 so PR #103 updates in place Constraint: User-facing secrets guidance must not imply KEDU_INFO_KEY belongs in the default client env file Rejected: Broaden the pass into more proxy/doc rewrites | unnecessary beyond the approved Issue #0 follow-up Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep school lunch docs and regression text aligned with the hosted proxy policy whenever setup/security wording changes Tested: npm run lint; npm run typecheck; node --test packages/k-skill-proxy/test/server.test.js; bash scripts/validate-skills.sh; node --test scripts/skill-docs.test.js; local proxy smoke for /health, invalid household-waste 400, valid household-waste 200, NEIS without KEDU_INFO_KEY 503 Not-tested: Live NEIS curl against a valid KEDU_INFO_KEY-enabled proxy Related: PR #102 Related: PR #103 |
||
|
Jeffrey (Dongkyu) Kim
|
d18c8a5917 |
Keep hosted proxy setup guidance aligned for school-lunch follow-up
The approved PR #103 follow-up extends the setup-doc regression coverage so it checks the hosted KSKILL_PROXY_BASE_URL guidance and both household-waste + school-lunch setup entries, then updates the guide text to match the shipped hosted-proxy behavior. Constraint: Must stay within the approved PR #103 follow-up scope Rejected: Broader setup-doc wording sweep across unrelated features | unnecessary for this approved follow-up Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep docs/setup.md and scripts/skill-docs.test.js aligned whenever hosted proxy coverage changes Tested: node --test scripts/skill-docs.test.js Tested: npm run lint Tested: npm run typecheck Tested: node --test packages/k-skill-proxy/test/server.test.js Tested: bash scripts/validate-skills.sh Tested: local buildServer(...).inject(...) smoke for /health and household-waste pagination Not-tested: Live NEIS curl smoke with a real KEDU_INFO_KEY |
||
|
Jeffrey (Dongkyu) Kim
|
b7a39dbd4e |
Keep setup guidance consistent with hosted school lunch access
The setup guide already described proxy-hosted household-waste and NEIS flows elsewhere, but the opening summary still omitted school lunch from the no-user-key hosted-proxy list. This adds a regression test first, then aligns the intro sentence and test label so the doc stays consistent with the shipped proxy-backed feature set. Constraint: Keep the follow-up scoped to existing Issue #0/PR #103 documentation surfaces Rejected: Broader setup guide rewrite | unnecessary for the approved follow-up Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep hosted-proxy/no-user-key summaries aligned with the per-feature setup matrix when adding new proxy-backed skills Tested: Targeted red/green skill-docs regression; npm run lint; npm run typecheck; node --test packages/k-skill-proxy/test/server.test.js; bash scripts/validate-skills.sh; node --test scripts/skill-docs.test.js; buildServer runtime smoke for /health, household-waste validation, and NEIS missing-key behavior Not-tested: Live NEIS upstream call with a real KEDU_INFO_KEY Related: PR #102 Related: PR #103 |
||
|
Jeffrey (Dongkyu) Kim
|
42a6ee176f |
Keep setup guidance aligned with the shipped household-waste proxy route
Issue #0's core proxy and NEIS changes were already present on feature/#0, but the setup guide still omitted the hosted/self-host household-waste entry that users need when checking which features require local secrets. Add a regression test first, then document the household-waste row and guide link so the setup matrix stays aligned with the shipped proxy routes. Constraint: Keep the follow-up diff narrow and avoid touching already-approved proxy behavior Rejected: Leave the setup matrix as-is | it would keep user-facing docs inconsistent with the shipped route list Confidence: high Scope-risk: narrow Reversibility: clean Directive: When proxy-backed skills move between hosted and self-host flows, update docs/setup.md alongside the feature docs Tested: node --test scripts/skill-docs.test.js Tested: npm run lint Tested: npm run typecheck Tested: node --test packages/k-skill-proxy/test/server.test.js Tested: bash scripts/validate-skills.sh Not-tested: Live hosted proxy deployment docs rendering on GitHub |
||
hon2be
|
1e89bace8b |
Merge branch 'dev' into feature/k-schoollunch-menu | ||
|
Jeffrey (Dongkyu) Kim
|
99d174a951 |
Close the proxy review gaps before merging school lunch support
The existing school lunch feature branch was mergeable in shape, but review found that the public household-waste route still forwarded unchecked pagination inputs, user-facing secrets docs suggested storing a server-only KEDU key locally, and the proxy/operator docs omitted the new household-waste env requirements. This follow-up validates the public query surface before fetch, aligns docs with the proxy-only secret policy, and keeps the requested validation workflow green by ignoring hidden metadata folders in the skill-layout checker. Constraint: Public proxy routes must stay narrow and keep upstream keys server-only Rejected: Forward arbitrary pageNo values | violates the documented public-route contract Rejected: Leave validate-skills unchanged | hidden metadata directories break the requested verification flow Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep household-waste parameter support and docs/tests in lockstep when widening this route Tested: npm run lint Tested: npm run typecheck Tested: node --test packages/k-skill-proxy/test/server.test.js Tested: node --test scripts/skill-docs.test.js Tested: bash scripts/validate-skills.sh Tested: local proxy smoke (/health, household-waste invalid 400, household-waste valid 200) Not-tested: Live NEIS curl smoke test (KEDU_INFO_KEY unavailable locally) |
||
|
hyeongr
|
eacd087359 |
🔀 origin/main 병합 및 NEIS·문서 충돌 정리
- upstream 생활쓰레기 프록시/스킬·skill-docs 변경 반영 - README 표에 학교 급식 행 복원, security에 KEDU_INFO_KEY·household 라우트 문구 정리 - NEIS 프록시 단위 테스트 블록 복원 Made-with: Cursor |
||
|
hyeongr
|
fb9a5c6f0d |
✨ NEIS 급식·학교검색 프록시, k-schoollunch-menu 스킬 및 문서
- KEDU_INFO_KEY로 /v1/neis/school-search, /v1/neis/school-meal 중계 - 시도교육청 자연어 해석(neis-office-codes.js) - k-schoollunch-menu 스킬, README·설치/설정/보안·프록시 문서 반영 - docs/adding-a-skill.md 스킬 추가 가이드 Made-with: Cursor |
||
|
Jeffrey (Dongkyu) Kim
|
d7e0406a0a |
Merge pull request #101 from NomaDamas/feature/#98
Feature/#98 |
||
|
Jeffrey (Dongkyu) Kim
|
32a33c3ce5 |
Keep LOST112 curl guidance usable under live latency
The helper's emitted POST example still timed out against LOST112 in live verification because the 20-second timeout budget was too short for the observed form-submit path. Raise the generated timeout to 60 seconds, lock that contract in the regression, and align the skill/doc wording so users receive guidance that matches the runnable command. Constraint: LOST112 live POST latency can exceed 20 seconds even when reachability probes succeed Rejected: Keep 20 seconds and rely on manual retry | still ships a broken default curl_example Confidence: high Scope-risk: narrow Reversibility: clean Directive: If the timeout budget changes again, rerun the exact emitted curl_example against LOST112 rather than only the lightweight reachability probe Tested: python3 -m unittest scripts.test_subway_lost_property Tested: python3 scripts/subway_lost_property.py --station 강남역 --item 지갑 --days 14 --verify-live Tested: npm run ci Not-tested: Long-term LOST112 latency drift beyond the currently observed 60-second budget |
||
|
Jeffrey (Dongkyu) Kim
|
748967c21c |
Make LOST112 curl guidance runnable in practice
The review found that the generated subway lost-property curl example still timed out even when the helper's reachability probe passed. This change updates the helper to emit the command shape that actually succeeds against LOST112, tightens the regression test to lock that contract, and aligns the published skill/docs text with the runnable output users now receive. Constraint: LOST112 POST flow requires a referer and does not behave reliably with the prior redirect-following command shape Constraint: Keep the v1 scope hybrid/guidance-only without adding new dependencies or scraping guarantees Rejected: Only add a referer header while leaving the rest of the curl shape unchanged | still reproduced timeouts with the generated command during verification Rejected: Add a live network regression test for the emitted curl command | would make CI flaky and violate deterministic regression expectations Confidence: high Scope-risk: narrow Reversibility: clean Directive: If the LOST112 request shape changes again, re-verify the emitted curl command end-to-end before updating docs or tests Tested: python3 -m unittest scripts.test_subway_lost_property; python3 scripts/subway_lost_property.py --station 강남역 --item 지갑 --days 14 --verify-live; generated curl_example executed via shell and wrote lost112-search-result.html; npm run ci Not-tested: Alternate LOST112 item/station combinations beyond the verified 강남역/지갑 example |
||
|
Jeffrey (Dongkyu) Kim
|
8d61339634 |
Add an official subway lost-property guidance path
Issue #98 was approved as a conservative implementation: structure the official LOST112 and 서울교통공사 workflows instead of pretending a stable public API exists. The new helper builds the documented search payload, the docs explain the v1 hybrid scope, and regression coverage locks the helper plus repo docs into the shipped flow. Constraint: Public subway lost-property APIs remain unconfirmed, so v1 must stay guidance-first Rejected: Full automated scraping of live result tables | unstable without confirmed API/session guarantees Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep this skill on official HTTPS entry points until a stable public API is verified end-to-end Tested: python3 -m unittest scripts.test_subway_lost_property; python3 scripts/subway_lost_property.py --station 강남역 --item 지갑 --days 14 --verify-live; npm run ci Not-tested: Browser-only user journey through LOST112 search submission beyond payload generation |
||
|
Jeffrey (Dongkyu) Kim
|
8f28e44324 |
Keep PR 94 CI aligned with Blue Ribbon fallback behavior
The browser fallback landed without regenerating package-lock, so npm ci failed immediately. Once the lockfile was synced, the blue-ribbon-nearby direct-API tests also showed that structured 403 domain errors were being retried through Playwright whenever the optional dependency was present. This commit refreshes the workspace lockfile and restricts browser fallback to unclassified 403 automation blocks so PREMIUM_REQUIRED and other structured upstream errors still surface deterministically. Constraint: CI runs npm ci from the root lockfile and installs optional dependencies when they are captured there Rejected: Update tests to stub browser fallback | would hide the incorrect production retry path Confidence: high Scope-risk: narrow Directive: Preserve structured upstream 403 errors from bluer.co.kr; only browser-fallback opaque automation blocks Tested: npm ci Tested: npm test --workspace blue-ribbon-nearby (python3.12 first on PATH) Tested: npm run ci (python3.12 first on PATH) Not-tested: GitHub Actions rerun on ubuntu after push |
||
|
Jeffrey (Dongkyu) Kim
|
4bceaefef4 |
Merge pull request #100 from NomaDamas/feature/#96
Feature/#96 |
||
|
Jeffrey (Dongkyu) Kim
|
a6ad86dc3e |
Document direct zipcode helper execution so the executable follow-up stays discoverable
The approved Issue #96 branch already shipped the ePost English-address helper and executable shebang/mode fix. This follow-up only locks the last user-facing surface: docs and docs regression now mention the direct `./scripts/zipcode_search.py` entrypoint alongside the `python3` form, so the published guidance matches the actual executable helper behavior. Constraint: Keep the branch diff narrow and aligned with the already-approved Issue #96 scope Rejected: Add more helper code changes | executable behavior was already correct and verified Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep docs/tests aligned whenever helper entrypoint contracts change Tested: node --test scripts/skill-docs.test.js; python3 -m unittest scripts.test_zipcode_search; python3 scripts/zipcode_search.py "서울특별시 강남구 테헤란로 123"; ./scripts/zipcode_search.py "서울특별시 강남구 테헤란로 123"; npm run build; PYTHONPATH=.:scripts python3 -m unittest scripts.test_patent_search; npm run ci Not-tested: No additional live address samples beyond the documented Gangnam example |
||
|
Jeffrey (Dongkyu) Kim
|
35c91a0717 |
Keep the zipcode helper directly executable
The feature branch already routed zipcode lookup through the integrated ePost English-address surface, but the helper scripts themselves still lacked a shebang and executable mode. This follow-up locks the packaging/CLI contract with a regression test and marks both entrypoints executable so the documented helper can be invoked directly as a script. Constraint: Issue #96 requires an executable zipcode_search.py helper in both the repo script wrapper and bundled skill helper Rejected: Document python3-only invocation and leave file modes unchanged | would not satisfy the executable-helper requirement or catch future regressions Confidence: high Scope-risk: narrow Reversibility: clean Directive: Keep the wrapper and bundled helper executable together because tests assert the pair as the public entrypoints Tested: python3 -m unittest scripts.test_zipcode_search; node --test scripts/skill-docs.test.js; python3 scripts/zipcode_search.py "서울특별시 강남구 테헤란로 123"; ./scripts/zipcode_search.py "서울특별시 강남구 테헤란로 123"; npm run build; PYTHONPATH=.:scripts python3 -m unittest scripts.test_patent_search; npm run ci Not-tested: Direct execution of the bundled zipcode-search/scripts/zipcode_search.py helper against the live endpoint |
||
|
Jeffrey (Dongkyu) Kim
|
5c95e9e742 |
Enable official English address lookup for Korean postcode searches
The zipcode-search feature now uses the official ePost integrated search surface for postcode plus English-address lookups, ships a runnable helper, and locks the behavior with regression coverage plus aligned docs. A narrow compatibility fallback was also added to the KIPRIS XML parser so repository CI stays green on the current Python 3.14 environment where pyexpat is unavailable. Constraint: Must use official public ePost output instead of custom romanization rules Constraint: Repository verification must pass under the current local Python 3.14 toolchain Rejected: Implement our own Hangul-to-English address formatter | would diverge from the official postal rendering Rejected: Leave the KIPRIS parser untouched | npm run ci currently fails in this environment without the XML fallback Confidence: medium Scope-risk: moderate Reversibility: clean Directive: Keep zipcode-search tied to the official ePost integrated surface unless a new approved source is added Tested: python3 -m unittest scripts.test_zipcode_search Tested: node --test scripts/skill-docs.test.js Tested: python3 scripts/zipcode_search.py '서울특별시 강남구 테헤란로 123' Tested: npm run build Tested: PYTHONPATH=.:scripts python3 -m unittest scripts.test_patent_search Tested: npm run ci Not-tested: Live no-result and multi-result zipcode queries beyond the verified Teheran-ro example |
||
|
Jeffrey (Dongkyu) Kim
|
224fd3aad5 |
Merge pull request #95 from NomaDamas/feature/#88
Feature/#88 |
||
|
Jeffrey (Dongkyu) Kim
|
eb0757009c |
Preserve discounted Market Kurly detail fields from live goods pages
Discounted goods pages are currently exposing original-price and image data
through retail/showable fields that the detail normalizer was not reading,
so the follow-up fix prefers those live fields and locks the behavior with
a discounted-detail regression fixture.
Constraint: Kurly detail payloads do not mirror the search API price field semantics
Rejected: Trust top-level basePrice alone | discounted live pages currently use retailPrice/showablePrices for the original price
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep detail normalization aligned with live goods-page payloads; verify real discounted products before changing price precedence again
Tested: node --test packages/market-kurly-search/test/index.test.js; npm run ci; live Node smoke for countProducts('우유'), searchProducts('우유'), getProductDetail(5063110), getProductDetail(5048935) on 2026-04-09
Not-tested: Additional undiscovered Market Kurly detail payload variants beyond the covered discounted fixture and live sample
|
||
|
Jeffrey (Dongkyu) Kim
|
4ce29ae009 |
Add a supported Market Kurly price-lookup skill
Implement a reusable Market Kurly workspace package plus a repo skill/doc set that uses the unauthenticated Kurly search and goods-page surfaces. The change keeps the scope read-only, adds regression coverage, updates release/docs metadata, and records the new publishable package through Changesets. Constraint: Must rely on unauthenticated public web surfaces instead of login/session flows Constraint: Release workflow requires Changesets for publishable Node packages Rejected: Docs-only skill | issue approval called for real lookup helpers and live verification Confidence: high Scope-risk: moderate Reversibility: clean Directive: Kurly endpoints are web-internal surfaces; verify schema behavior before extending fields or adding action flows Tested: npm run ci; live node smoke for countProducts/searchProducts/getProductDetail on 2026-04-09 Not-tested: Pagination beyond page 1; long-term stability of Kurly internal response schema |