Stats
Actions
Tags
Use when assessing or hardening a deployable TYPO3 SITE/PROJECT repo (composer type:project + Docker/Compose) — not an extension. Triggers on: compose.yaml/docker-compose.yml + config/sites or config/system in a TYPO3 repo, site conformance, gold standard, project conformance, container/Compose topology, Concourse pipeline review, supply-chain (Trivy/SBOM/cosign), secret-free settings.php/additional.php, Valkey cache, ofelia scheduler, image digest pinning, .gitlab-ci validate-only. For EXTENSION quality use typo3-conformance instead.
How this skill is triggered — by the user, by Claude, or both
Slash command
/typo3-site-conformance:typo3-site-conformanceThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Score and harden a **deployable TYPO3 site distribution** against the Netresearch
Score and harden a deployable TYPO3 site distribution against the Netresearch
gold standard. This is the site/project counterpart to typo3-conformance
(which scopes to extensions).
composer.json "type": "project" and a root Compose file.config/system, config/sites).Extension repos (ext_emconf.php, Classes/, TER) → use typo3-conformance.
Generic supply-chain hardening → enterprise-readiness; Docker/Compose →
docker-development; Concourse → concourse-ci.
The rule catalogue and the executable checker are bundled in this skill — it needs no external checkout to run:
checker/rules.json (machine-readable; generated by
checker/gen_rules.py).checker/check.py — python3 checker/check.py <repo-path>
(only pyyaml required). Scores a target repo and prints PASS/FAIL per rule.typo3-14-gold is a runnable reference implementation that scores 100 %;
typo3-project-standard is the human-readable companion. Both are
Netresearch-internal and optional. Propose rule changes in gen_rules.py.
| Family | Intent |
|---|---|
STRUCT | TYPO3-native layout: config/ at composer-project root, no build/config, config/sites/*/config.yaml, committed composer.lock, .gitignore excludes vendor/var/public + live-env files |
CONTAINER | compose.yaml (not docker-compose.yml); images pinned — third-party by @sha256 digest or a non-floating tag (no :latest/:edge), first-party registry.netresearch.de images may track a floating tag (internal, trusted); healthchecks + deploy.resources.limits + restart on persistent services; no direct docker.sock mount |
CI | composer audit → Trivy gate → SBOM → cosign; CI task images pinned; fly download checksum-verified; secret detection; test gate; updates via MR |
DEPLOY | Valkey (auth + eviction + no persistence); ofelia scheduler via socket-proxy; weekly restore-verification; logs to stdout/stderr |
DEP | declared PHP platform constraint; no dev-branch constraints; minimum-stability: stable; committed lock |
SEC | no committed secrets (settings.php/additional.php secret-free, env-driven); no committed live-env files; no debug/host wildcards |
DOC | AGENTS.md + CLAUDE.md→symlink; README documents setup/env/make |
type: project + root Compose. Otherwise N/A (extension → typo3-conformance).python3 checker/check.py <repo>, or evaluate the families above. ERROR blocks; WARN should fix; INFO advisory.See references/migration-from-reference.md for transforming a legacy
support/typo3-NN/app-style repo (app/ wrapper, build/config, committed
secrets, Redis, :latest) into a conformant one.
references/sealed-settings-php.md covers operating the read-only
settings.php (complete ext-config key set; re-seal after checkout).
Provides UI/UX resources: 50+ styles, color palettes, font pairings, guidelines, charts for web/mobile across React, Next.js, Vue, Svelte, Tailwind, React Native, Flutter. Aids planning, building, reviewing interfaces.
Fetches up-to-date documentation from Context7 for libraries and frameworks like React, Next.js, Prisma. Use for setup questions, API references, and code examples.
npx claudepluginhub netresearch/claude-code-marketplace --plugin typo3-site-conformance