1) Preflight
- confirm target domain:
clientserversharedwhatsapp-extension-reactlinkshot-extension
- read relevant docs for the touched domain
- run baseline checks:
pnpm check- targeted tests for touched area
2) During Change
- keep scope tight
- add or update tests for changed logic
- avoid silent behavior changes
- preserve backward compatibility for public APIs unless intentionally versioned
3) Postflight
- run validation commands
- update docs in the same change
- include residual risk and rollback notes
High-Risk Paths (Extra Review Required)
/server/middleware/auth.ts/server/routes/auth.ts/server/routes/public.ts/server/routes/shares.ts/server/routes/external-shares.ts/server/lib/googleSheets*- extension auth-sync scripts
Required Hand-Off Template
- scope completed
- files changed
- commands run + results
- remaining risk
- recommended next action