This repository contains organization-wide configurations, documentation, and GitHub Copilot setup for the YASM (Yet Another Skill Management) ecosystem.
YASM is a comprehensive skill management platform built by PRODYNA, designed to help organizations track, manage, and visualize employee skills, projects, and competencies. The platform is built on a modern microservices architecture with a Graph Database (Neo4j) foundation.
- Frontend (yasm-frontend): TypeScript, React
- Backend (yasm-backend): Java 21, Quarkus (Reactive)
- Supporting Services: Go (yasm-integration, yasm-metrics, yasm-github, etc.)
- Database: Neo4j Graph Database
- Infrastructure: Kubernetes, Azure, Terraform
This repository provides organization-wide GitHub Copilot configuration to ensure consistent, high-quality code across all YASM projects.
.github/copilot-instructions.md
The main configuration file that GitHub Copilot uses for all repositories in the PRODYNA-YASM organization. Includes:
- Overview of YASM and its architecture
- Technology stack details (TypeScript, Java/Quarkus, Go)
- General coding standards and principles
- Security guidelines overview
- Code review expectations
- Observability requirements
- CI/CD practices
.github/prompts/coding-standards.md
Comprehensive coding standards for all three tech stacks:
- TypeScript/React: Component patterns, hooks, state management, testing
- Java/Quarkus: Reactive programming, CDI, REST APIs, graph database queries
- Go: Idiomatic patterns, concurrency, error handling, HTTP services
Each section includes:
- Naming conventions
- Code examples (good and bad)
- Best practices
- Testing patterns
- Common pitfalls to avoid
.github/prompts/code-review-guidelines.md
Complete code review process documentation:
- Responsibilities of authors and reviewers
- Review checklist by category (functionality, security, performance, etc.)
- How to provide constructive feedback
- PR size and timing recommendations
- Language-specific review points
- Templates for PRs and review comments
.github/prompts/security-guidelines.md
Security best practices for all technology stacks:
- OWASP Top 10 awareness
- Input validation and sanitization
- Authentication and authorization
- Secure password handling
- SQL injection prevention
- XSS and CSRF protection
- Secrets management
- Dependency security
Includes specific examples for TypeScript, Java, and Go.
.github/agents/code-reviewer.md
A specialized code review agent that understands:
- YASM technology stack
- TypeScript/React, Java/Quarkus, and Go best practices
- Security vulnerabilities
- Performance optimization
- Our coding standards
.github/agents/documentation-helper.md
A documentation assistant that helps with:
- README creation
- API documentation
- Architecture diagrams
- User guides
- Code comments
.github/knowledge-base/README.md
Guide for setting up and maintaining knowledge bases:
- How GitHub Copilot uses knowledge bases
- Organization-level vs repository-level knowledge
- Creating effective prompts
- Best practices for documentation
- Examples and templates
-
GitHub Copilot is automatically configured for all repositories in the PRODYNA-YASM organization using the files in this repository.
-
Reference the coding standards when writing code:
- Before starting a new feature, review the relevant language standards
- Use the examples as templates for your code
- Follow the patterns established in the standards
-
Use the code review guidelines when reviewing PRs:
- Follow the review checklist
- Use the conventional comments (issue:, suggestion:, etc.)
- Be constructive and educational
-
Follow security guidelines for all code:
- Validate all inputs
- Use secure authentication
- Handle errors properly
- Keep dependencies updated
Ask Copilot to reference our standards:
@workspace Using the coding standards from .github/prompts/coding-standards.md,
help me write a React component for displaying user skills
Based on .github/prompts/security-guidelines.md, review this password
validation function for security issues
Invoke our specialized agents:
@code-reviewer Please review this pull request focusing on
Java/Quarkus reactive patterns
@documentation-helper Create API documentation for this endpoint
following our standards
-
Add repository-specific instructions by creating
.github/copilot-instructions.mdin your repository -
Create project-specific prompts in
.github/prompts/for common tasks -
Document architecture in
docs/architecture/with diagrams and explanations -
Maintain examples in
docs/examples/showing common patterns
See .github/knowledge-base/README.md for detailed guidance.
.github/
βββ copilot-instructions.md # Organization-wide Copilot configuration
βββ prompts/
β βββ coding-standards.md # TypeScript, Java, Go standards
β βββ code-review-guidelines.md # Review process and best practices
β βββ security-guidelines.md # Security best practices
βββ agents/
β βββ code-reviewer.md # Custom code review agent
β βββ documentation-helper.md # Documentation assistant
βββ knowledge-base/
β βββ README.md # Knowledge base setup guide
βββ workflows/
βββ ... # GitHub Actions workflows
profile/
βββ README.md # Organization profile (deployment overview)
README.md # This file
The PRODYNA-YASM organization includes these main projects:
- yasm-frontend - React/TypeScript frontend
- yasm-backend - Java/Quarkus backend
- yasm-api - API definitions and schemas
- yasm-integration - Microsoft 365 integration
- yasm-metrics - Metrics collection service
- yasm-github - GitHub integration
- yasm-geocoding - Geocoding service
- yasm-mainproject - Main project service
- yasm-proxy-odbc - ODBC proxy service
- yasmctl - CLI tool
- yasm-infrastructure-staged - Staged environments
- yasm-infrastructure-common - Common infrastructure
- fox-and-hound - Consultant skills matcher
- sales-copilot - Sales assistant
- yasm-test - E2E tests
- yasm-data - Data management
See the organization profile for deployment status and release information.
- Propose improvements to coding standards or guidelines via pull request
- Add new prompts for common tasks or patterns
- Update documentation when best practices evolve
- Share knowledge by documenting solutions to common problems
Each project has its own contribution guidelines. Generally:
- Follow the coding standards in this repository
- Write tests for all new code
- Update documentation
- Submit a pull request for review
- Address review feedback promptly
- Issues: Open an issue in the relevant repository
- Discussions: Use GitHub Discussions for questions and ideas
- Security: Report security issues privately to the security team
These guidelines and configurations are living documents. We encourage:
- Regular review and updates
- Feedback from the development team
- Documentation of lessons learned
- Sharing of best practices
See LICENSE file for details.
- GitHub Copilot Documentation
- Quarkus Documentation
- React Documentation
- Go Documentation
- Neo4j Documentation
Maintained by the PRODYNA YASM Team
For questions or suggestions, please open an issue or contact the team.