springboot-verification
Verification loop for Spring Boot projects: build, static analysis, tests with coverage, security scans, and diff review before release or PR.
Best use case
springboot-verification is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Verification loop for Spring Boot projects: build, static analysis, tests with coverage, security scans, and diff review before release or PR.
Teams using springboot-verification should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/springboot-verification/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How springboot-verification Compares
| Feature / Agent | springboot-verification | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Verification loop for Spring Boot projects: build, static analysis, tests with coverage, security scans, and diff review before release or PR.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Spring Boot 検証ループ PR前、大きな変更後、デプロイ前に実行します。 ## フェーズ1: ビルド ```bash mvn -T 4 clean verify -DskipTests # または ./gradlew clean assemble -x test ``` ビルドが失敗した場合は、停止して修正します。 ## フェーズ2: 静的解析 Maven(一般的なプラグイン): ```bash mvn -T 4 spotbugs:check pmd:check checkstyle:check ``` Gradle(設定されている場合): ```bash ./gradlew checkstyleMain pmdMain spotbugsMain ``` ## フェーズ3: テスト + カバレッジ ```bash mvn -T 4 test mvn jacoco:report # 80%以上のカバレッジを確認 # または ./gradlew test jacocoTestReport ``` レポート: - 総テスト数、合格/失敗 - カバレッジ%(行/分岐) ## フェーズ4: セキュリティスキャン ```bash # 依存関係のCVE mvn org.owasp:dependency-check-maven:check # または ./gradlew dependencyCheckAnalyze # シークレット(git) git secrets --scan # 設定されている場合 ``` ## フェーズ5: Lint/Format(オプションゲート) ```bash mvn spotless:apply # Spotlessプラグインを使用している場合 ./gradlew spotlessApply ``` ## フェーズ6: 差分レビュー ```bash git diff --stat git diff ``` チェックリスト: - デバッグログが残っていない(`System.out`、ガードなしの `log.debug`) - 意味のあるエラーとHTTPステータス - 必要な場所にトランザクションと検証がある - 設定変更が文書化されている ## 出力テンプレート ``` 検証レポート =================== ビルド: [合格/不合格] 静的解析: [合格/不合格] (spotbugs/pmd/checkstyle) テスト: [合格/不合格] (X/Y 合格, Z% カバレッジ) セキュリティ: [合格/不合格] (CVE発見: N) 差分: [X ファイル変更] 全体: [準備完了 / 未完了] 修正が必要な問題: 1. ... 2. ... ``` ## 継続モード - 大きな変更があった場合、または長いセッションで30〜60分ごとにフェーズを再実行 - 短いループを維持: `mvn -T 4 test` + spotbugs で迅速なフィードバック **注意**: 迅速なフィードバックは遅い驚きに勝ります。ゲートを厳格に保ち、本番システムでは警告を欠陥として扱います。
Related Skills
springboot-tdd
Test-driven development for Spring Boot using JUnit 5, Mockito, MockMvc, Testcontainers, and JaCoCo. Use when adding features, fixing bugs, or refactoring.
springboot-security
Spring Security best practices for authn/authz, validation, CSRF, secrets, headers, rate limiting, and dependency security in Java Spring Boot services.
springboot-patterns
Spring Boot architecture patterns, REST API design, layered services, data access, caching, async processing, and logging. Use for Java Spring Boot backend work.
django-verification
Verification loop for Django projects: migrations, linting, tests with coverage, security scans, and deployment readiness checks before release or PR.
verification-loop
A comprehensive verification system for Copilot CLI sessions.
wpds
Use when building UIs leveraging the WordPress Design System (WPDS) and its components, tokens, patterns, etc.
wp-wpcli-and-ops
Use when working with WP-CLI (wp) for WordPress operations: safe search-replace, db export/import, plugin/theme/user/content management, cron, cache flushing, multisite, and scripting/automation with wp-cli.yml.
wp-rest-api
Use when building, extending, or debugging WordPress REST API endpoints/routes: register_rest_route, WP_REST_Controller/controller classes, schema/argument validation, permission_callback/authentication, response shaping, register_rest_field/register_meta, or exposing CPTs/taxonomies via show_in_rest.
wp-project-triage
Use when you need a deterministic inspection of a WordPress repository (plugin/theme/block theme/WP core/Gutenberg/full site) including tooling/tests/version hints, and a structured JSON report to guide workflows and guardrails.
wp-plugin-development
Use when developing WordPress plugins: architecture and hooks, activation/deactivation/uninstall, admin UI and Settings API, data storage, cron/tasks, security (nonces/capabilities/sanitization/escaping), and release packaging.
wp-playground
Use for WordPress Playground workflows: fast disposable WP instances in the browser or locally via @wp-playground/cli (server, run-blueprint, build-snapshot), auto-mounting plugins/themes, switching WP/PHP versions, blueprints, and debugging (Xdebug).
wp-phpstan
Use when configuring, running, or fixing PHPStan static analysis in WordPress projects (plugins/themes/sites): phpstan.neon setup, baselines, WordPress-specific typing, and handling third-party plugin classes.