Files
alla-allaos-fullstack/docs/standards/task-contract-template.md
phaichayon c1ecd5ea50 commit
2026-06-23 22:13:08 +07:00

2.9 KiB

Task Contract Template

Use this template for every future task before implementation starts.

The contract exists to force review-first execution, foundation reuse, and explicit scope control.


Task Information

  • Task ID:
  • Title:
  • Owner:
  • Requested by:
  • Date:
  • Related ticket / plan:

Objective

  • Describe the business outcome, not just the code change.

Business Context

  • Relevant domain background:
  • Why this task exists now:
  • Related ADRs:
  • Related business docs:

Required Skills & Context

  • AGENTS.md
  • docs/standards/task-catalog.md
  • docs/standards/project-foundations.md
  • docs/standards/architecture-rules.md
  • docs/standards/ui-ux-rules.md
  • docs/standards/task-review-checklist.md
  • Relevant docs/adr/**
  • Relevant docs/business/**
  • Relevant docs/security/**
  • Existing feature and API references:
  • Historical task documents reviewed:

Architecture Constraints

  • Frontend constraints:
  • Backend constraints:
  • Security constraints:
  • Reuse constraints:
  • Forbidden patterns:

Reuse Existing Foundations

  • Foundations reviewed:
  • Existing services to extend:
  • Existing APIs to extend:
  • Existing query/mutation patterns to reuse:
  • Existing UI shells/components to reuse:
  • Existing audit patterns to reuse:
  • Why a new foundation is not required:

Data Model Changes

  • Schema changes required:
  • Existing tables impacted:
  • Migration required:
  • Explicit non-changes:

API Requirements

  • Route handlers involved:
  • Request/response contracts:
  • Service layer functions:
  • Validation rules:
  • Existing APIs reused or extended:

UI Requirements

  • Routes / screens:
  • Page shell pattern:
  • Form / table / filter patterns:
  • Terminology requirements:
  • Empty / loading / error states:

Report / Export Rules

  • Report foundation reviewed:
  • Shared filters reused:
  • Dataset layer reused:
  • Export path reused:
  • Revenue/pricing visibility rule:

Permission Requirements

  • Required permissions:
  • Scope enforcement requirements:
  • Resolved access helper to use:
  • Server-side protection points:

Audit Requirements

  • Entity type:
  • Actions:
  • Required payload:
  • Existing audit naming reused:

Scope

  • In scope:

Explicit Non-Scope

  • Out of scope:

Security Verification Matrix

Scenario Expected access Enforcement point
Admin
Scoped user
Unauthorized user
Pricing-restricted user

Deliverables

  • Documentation deliverables:
  • Code deliverables:
  • Verification deliverables:

Verification

  • Typecheck:
  • Lint:
  • Targeted tests:
  • Manual scenarios:

Documentation

  • Docs to update:
  • ADR needed:
  • Task implementation note:

Definition of Done

  • Review completed before implementation
  • Existing foundations reused or extension rationale documented
  • Security and audit requirements verified
  • Documentation updated
  • Verification evidence recorded