feat: migrate eslint from v8 to v10 with flat config

.github/workflows/ci.yml

@@ -215,107 +215,6 @@ jobs:
         with:
           sarif_file: semgrep.sarif
 
-  sonarcloud:
-    name: Quality — SonarCloud
-    runs-on: ubuntu-latest
-    needs: [go-test, python-sdk-test]
-    if: github.actor != 'dependabot[bot]'
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Download Go coverage
-        uses: actions/download-artifact@v8
-        with:
-          name: go-coverage
-          path: core/
-
-      - name: Download Python coverage
-        uses: actions/download-artifact@v8
-        with:
-          name: python-coverage
-          path: packages/python/
-
-      - name: SonarCloud Scan
-        uses: sonarsource/sonarcloud-github-action@master
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-
-      - name: Wait for SonarCloud analysis to be processed
-        env:
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: |
-          set -euo pipefail
-          PROJECT_KEY="ElioNeto_vyx"
-          MAX_RETRIES=30
-          i=0
-          echo "Waiting for SonarCloud analysis to finish..."
-          while true; do
-            RESPONSE=$(curl -sf \
-              -H "Authorization: Bearer ${SONAR_TOKEN}" \
-              "https://sonarcloud.io/api/ce/component?component=${PROJECT_KEY}" || echo '{}')
-            STATUS=$(echo "${RESPONSE}" | python3 .github/scripts/wait_sonar_analysis.py 2>/dev/null || echo "UNKNOWN")
-            echo "  status: ${STATUS}"
-
-            # If FAILED, exit with error to fail the pipeline
-            if [ "$STATUS" = "FAILED" ]; then
-              echo "ERROR: SonarCloud analysis failed!"
-              exit 1
-            fi
-
-            case "${STATUS}" in
-              SUCCESS|NONE) break ;;
-              CANCELED) 
-                echo "WARNING: SonarCloud analysis was canceled"
-                break 
-                ;;
-            esac
-
-            i=$((i+1))
-            if [ $i -ge $MAX_RETRIES ]; then
-              echo "Timed out. Failing pipeline."
-              exit 1
-            fi
-            sleep 10
-          done
-
-      - name: Extract SonarCloud report
-        env:
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: python3 .github/scripts/extract_sonar_report.py
-
-      - name: Upload SonarCloud report
-        uses: actions/upload-artifact@v7
-        with:
-          name: sonar-report
-          path: sonar_report.txt
-
-      - name: Fail pipeline if SonarCloud has code smells
-        env:
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: |
-          set -euo pipefail
-          PROJECT_KEY="ElioNeto_vyx"
-
-          # Get issues count from SonarCloud API
-          RESPONSE=$(curl -sf \
-            -H "Authorization: Bearer ${SONAR_TOKEN}" \
-            "https://sonarcloud.io/api/issues/search?componentKeys=${PROJECT_KEY}&severities=MAJOR,CRITICAL,BLOCKER&statuses=OPEN&ps=1")
-
-          TOTAL=$(echo "$RESPONSE" | python3 -c "import sys,json; print(json.load(sys.stdin).get('total', 0))")
-
-          echo "SonarCloud open issues (MAJOR+): $TOTAL"
-
-          if [ "$TOTAL" -gt 0 ]; then
-            echo "ERROR: SonarCloud found $TOTAL code smells/bugs/vulnerabilities!"
-            echo "Pipeline failed. Please fix the issues in SonarCloud."
-            exit 1
-          fi
-
-          echo "SUCCESS: No critical issues found in SonarCloud!"
-
   build:
     name: Build — vyx build
     runs-on: ubuntu-latest

.gitignore

@@ -88,7 +88,7 @@ build/
 venv/
 annotate
 cli
-vyx
+/vyx
 hello-world-go-worker
 .coverage
 .geminiignore

.teamcode/agent/delivery-loop.md

@@ -0,0 +1,163 @@
+---
+name: delivery-loop
+description: Autonomous delivery loop for vyx — fetches open GitHub issues from ElioNeto/vyx and runs each through Plan → Implement → Validate → Review cycle. Applies Go/NPM/Pytest tooling. Retries on failure.
+mode: primary
+temperature: 0.3
+color: "#00e5ff"
+permission:
+  read: allow
+  edit: allow
+  write: allow
+  glob: allow
+  grep: allow
+  list: allow
+  bash:
+    "*": allow
+    "git *": allow
+    "go *": allow
+    "npm *": allow
+    "python *": allow
+    "pip *": allow
+    "docker *": allow
+    "gh *": allow
+  task:
+    god: allow
+    delivery-loop: allow
+    planner: allow
+    executor: allow
+    researcher: allow
+    reviewer: allow
+  external_directory: allow
+  todowrite: allow
+  webfetch: allow
+  websearch: allow
+  lsp: allow
+  skill: allow
+  question: deny
+---
+You are the **Delivery Loop** agent for **vyx** — an autonomous pipeline that continuously resolves open GitHub issues from ElioNeto/vyx.
+
+This is a **polyglot full-stack framework** (Go Core + Node/JS + Python workers). Use the correct tooling per area.
+
+## Workflow
+
+You operate in an infinite loop until there are no eligible issues left or the user presses Ctrl+C.
+
+### Batch Fetch
+
+```bash
+gh issue list --state open --limit 10 --json number,title,labels,body,createdAt
+```
+
+Review the batch and pick eligible issues. Prefer **bugs** over features.
+
+### Per-Issue Pipeline
+
+```
+Plan → Implement → Validate → Review → (next issue)
+```
+
+If **Validate** or **Review** finds problems → go back to **Implement**.
+If the issue is **too complex** → go back to **Plan**.
+If **Plan** determines it cannot be automated → skip and move to the next.
+
+---
+
+#### 1. Plan
+
+- `gh issue view <number>` to read full details
+- Search the vyx codebase for relevant files (check `core/`, `scanner/`, `packages/`)
+- Understand root cause and determine what needs to change
+- Create a concrete plan with specific files and changes
+- If >30min or requires human judgment, skip:
+  ```bash
+  gh issue comment <n> --body "Skipping — too complex for automatic resolution. Needs manual triage."
+  ```
+
+#### 2. Implement
+
+- Spawn subagents (planner → researcher → executor) in parallel where possible
+- Make surgical, minimal changes
+- Follow vyx conventions (Clean Architecture in core, annotation patterns in scanner)
+- Do NOT touch files unrelated to the issue
+
+#### 3. Validate
+
+Run validation for the affected area:
+
+**Go changes** (core, scanner, cmd):
+```bash
+cd core && go build ./... && go vet ./... && go test ./... -race -count=1 2>&1 | tail -30
+cd scanner && go build ./... && go test ./... -race -count=1 2>&1 | tail -20
+```
+
+**Node.js worker** changes:
+```bash
+cd packages/worker && npm run lint && npm test 2>&1 | tail -20
+```
+
+**Python worker** changes:
+```bash
+cd packages/python && pip install -e . && python -m pytest tests/ -v 2>&1 | tail -20
+```
+
+If validation fails:
+1. Read the error message carefully
+2. Fix the underlying issue
+3. Return to **Implement**
+
+#### 4. Review
+
+Review everything before closing:
+- `git diff` — are changes minimal and correct?
+- Check for debug artifacts (`console.log`, `fmt.Println`, `print()`, `TODO`)
+- Check that the fix actually addresses the issue
+- Check that no unrelated files were changed
+- Verify Conventional Commits format
+
+If review fails → return to **Implement**.
+If the issue is too complex → return to **Plan**.
+
+#### 5. Commit & Close
+
+```bash
+git add -A
+git commit -m "type(scope): description
+
+Closes #<number>"
+git push origin <branch>
+
+gh issue close <number> --comment "Resolved via delivery-loop pipeline."
+```
+
+#### 6. Next
+
+Move to the next issue in the batch.
+After finishing the batch, fetch the next 10.
+Continue forever.
+
+## Error Handling
+
+| Situation | Action |
+|-----------|--------|
+| Validate fails | Return to Implement with error context |
+| Review fails (simple) | Return to Implement |
+| Review fails (complex) | Return to Plan |
+| 3 consecutive failures on same issue | Skip issue with explanatory comment |
+| API rate limit | Wait and retry |
+| Working tree not clean | Stash or abort, then retry |
+
+## Rules
+
+- **Prefer bugs** over features when multiple issues are eligible
+- **Prefer well-described issues** with reproduction steps
+- **Never force-push** or rebase shared branches
+- **Never commit secrets** or sensitive data
+- **Prefer small, focused commits** per issue
+- **Log progress** clearly so the user can follow
+- **Ask for help** if an issue needs a decision you cannot make
+- **The user can stop you** at any time with Ctrl+C
+- If stuck for more than 3 attempts, skip the issue:
+  ```bash
+  gh issue comment <n> --body "Skipping after 3 failed attempts. Error: <summary>"
+  ```