when-verifying-quality-use-verification-quality

What this skill does

# Quality Verification and Validation

## Purpose

Execute comprehensive quality verification across static analysis, dynamic testing, integration validation, and certification gates to ensure code meets production standards with measurable quality metrics and approval documentation.

## Core Principles

- **Multi-Dimensional Quality**: Static + dynamic + integration + certification
- **Evidence-Based**: Measurable quality metrics with objective thresholds
- **Automated Gates**: Validation checkpoints with pass/fail criteria
- **Audit Trail**: Complete documentation for compliance and certification
- **Continuous Validation**: Quality checks at every stage of development

## Phase 1: Static Analysis

### Objective
Analyze code quality, maintainability, complexity, and adherence to standards without execution.

### Agent Configuration
```yaml
agent: code-analyzer
specialization: static-analysis
tools: SonarQube, ESLint, TypeScript
```

### Execution Steps

**1. Initialize Static Analysis**
```bash
# Pre-task setup
npx claude-flow@alpha hooks pre-task \
  --agent-id "code-analyzer" \
  --description "Static code quality analysis" \
  --task-type "static-analysis"

# Restore session context
npx claude-flow@alpha hooks session-restore \
  --session-id "quality-verification-${BUILD_ID}" \
  --agent-id "code-analyzer"
```

**2. Code Quality Metrics**
```bash
# SonarQube analysis
sonar-scanner \
  -Dsonar.projectKey=${PROJECT_KEY} \
  -Dsonar.sources=./src \
  -Dsonar.host.url=${SONAR_URL} \
  -Dsonar.login=${SONAR_TOKEN}

# ESLint quality scan
npx eslint . --format json --output-file eslint-report.json

# TypeScript type checking
npx tsc --noEmit --pretty false 2> typescript-errors.txt
```

**3. Complexity Analysis**
```javascript
// McCabe cyclomatic complexity
const complexityMetrics = {
  max_complexity: 10,        // Threshold
  high_complexity_files: [], // Functions with complexity >10
  average_complexity: 0,     // Project average

  // Cognitive complexity (Sonar)
  max_cognitive_complexity: 15,
  high_cognitive_files: []
};

// Analyze each function
function analyzeComplexity(ast) {
  const metrics = {
    cyclomatic: calculateCyclomaticComplexity(ast),
    cognitive: calculateCognitiveComplexity(ast),
    nesting_depth: calculateNestingDepth(ast),
    halstead: calculateHalsteadMetrics(ast)
  };

  return metrics;
}
```

**4. Maintainability Index**
```javascript
// Maintainability Index = 171 - 5.2*ln(V) - 0.23*G - 16.2*ln(L)
// V = Halstead Volume
// G = Cyclomatic Complexity
// L = Lines of Code

const maintainabilityMetrics = {
  project_score: 0,          // 0-100
  high_risk_files: [],       // Score <20 (red)
  medium_risk_files: [],     // Score 20-50 (yellow)
  maintainable_files: []     // Score >50 (green)
};
```

**5. Code Duplication Detection**
```bash
# Run jscpd for copy-paste detection
npx jscpd ./src --format json --output ./jscpd-report.json

# Analyze duplication
# Threshold: <5% duplication
```

**6. Generate Static Analysis Report**
```markdown
## Static Analysis Results

### Code Quality Metrics
| Metric | Current | Target | Status |
|--------|---------|--------|--------|
| Maintainability Index | 67.3 | >65 | ✅ PASS |
| Cyclomatic Complexity | 8.2 | <10 | ✅ PASS |
| Cognitive Complexity | 12.4 | <15 | ✅ PASS |
| Code Duplication | 3.8% | <5% | ✅ PASS |
| Technical Debt Ratio | 2.1% | <5% | ✅ PASS |

### High Complexity Files (Refactoring Candidates)
- `src/api/order-processor.js` - Complexity: 18 (⚠️ Threshold: 10)
- `src/utils/data-transformer.js` - Complexity: 14 (⚠️ Threshold: 10)

### Code Smells
- **67 code smells detected**
  - 12 Bloater (long methods, large classes)
  - 23 Object-Orientation Abusers
  - 18 Change Preventers
  - 14 Dispensables (dead code, speculative generality)

### TypeScript Issues
- 8 type errors
- 15 strict null check warnings
- 23 implicit any warnings
```

**7. Store Static Analysis Data**
```bash
npx claude-flow@alpha hooks post-edit \
  --file "static-analysis-report.json" \
  --memory-key "swarm/code-analyzer/static-metrics" \
  --metadata "{\"maintainability\": ${MAINTAINABILITY_SCORE}, \"complexity\": ${AVG_COMPLEXITY}}"
```

### Validation Gates
- ✅ Maintainability Index >65
- ✅ Cyclomatic complexity <10
- ✅ Code duplication <5%
- ✅ No critical code smells

### Expected Outputs
- `static-analysis-report.json` - Complete metrics
- `sonarqube-report.html` - SonarQube dashboard
- `complexity-heatmap.svg` - Visual complexity map

---

## Phase 2: Dynamic Testing

### Objective
Execute runtime validation through unit, integration, and E2E tests with coverage and performance tracking.

### Agent Configuration
```yaml
agent: tester
specialization: dynamic-testing
frameworks: Jest, Cypress, Playwright
```

### Execution Steps

**1. Initialize Dynamic Testing**
```bash
npx claude-flow@alpha hooks pre-task \
  --agent-id "tester" \
  --description "Dynamic runtime validation" \
  --task-type "dynamic-testing"
```

**2. Unit Test Execution**
```bash
# Run Jest with coverage and performance tracking
npm run test:unit -- \
  --coverage \
  --coverageReporters=json-summary \
  --coverageReporters=html \
  --detectOpenHandles \
  --maxWorkers=4 \
  --json \
  --outputFile=unit-test-results.json

# Performance benchmarks
npm run test:perf -- --profile
```

**3. Integration Test Execution**
```bash
# API integration tests
npm run test:integration -- \
  --json \
  --outputFile=integration-test-results.json

# Database integration tests
npm run test:db -- --verbose
```

**4. End-to-End Test Execution**
```bash
# Cypress E2E tests
npx cypress run \
  --browser chrome \
  --headless \
  --reporter json \
  --reporter-options output=cypress-results.json

# Playwright E2E tests
npx playwright test \
  --reporter=json \
  --output=playwright-results.json
```

**5. Test Quality Analysis**
```javascript
// Analyze test suite quality
const testQualityMetrics = {
  total_tests: 0,
  passing_tests: 0,
  failing_tests: 0,
  skipped_tests: 0,
  flaky_tests: [],           // Tests that fail intermittently

  avg_execution_time_ms: 0,
  slowest_tests: [],         // Tests >1s execution time

  assertions_per_test: 0,    // Avg assertions per test
  test_coverage_pct: 0,

  // Test patterns
  has_arrange_act_assert: false,
  has_proper_mocking: false,
  has_error_assertions: false,
  has_edge_case_coverage: false
};

// Identify flaky tests
function detectFlakyTests(testResults) {
  const flakyTests = testResults.filter(test =>
    test.retry_count > 0 || test.intermittent_failures > 0
  );
  return flakyTests;
}
```

**6. Coverage Analysis**
```javascript
// Coverage thresholds
const coverageThresholds = {
  statements: 90,
  branches: 85,
  functions: 90,
  lines: 90
};

// Analyze coverage gaps
const coverageGaps = {
  uncovered_statements: [],
  uncovered_branches: [],
  uncovered_functions: [],
  untested_files: []
};
```

**7. Generate Dynamic Testing Report**
```markdown
## Dynamic Testing Results

### Test Execution Summary
| Category | Total | Passed | Failed | Skipped | Pass Rate |
|----------|-------|--------|--------|---------|-----------|
| Unit Tests | 347 | 342 | 3 | 2 | 98.6% |
| Integration Tests | 89 | 86 | 3 | 0 | 96.6% |
| E2E Tests | 42 | 41 | 1 | 0 | 97.6% |
| **TOTAL** | **478** | **469** | **7** | **2** | **98.1%** |

### Test Coverage
| Metric | Current | Target | Status |
|--------|---------|--------|--------|
| Statements | 91.2% | 90% | ✅ PASS |
| Branches | 87.4% | 85% | ✅ PASS |
| Functions | 93.1% | 90% | ✅ PASS |
| Lines | 90.8% | 90% | ✅ PASS |

### Failing Tests (7)
1. **Unit**: `api/users.test.js` - getUserById returns 500 on invalid UUID
2. **Unit**: `utils/validator.test.js` - validateEmail rejects valid international domains
3. **Unit**: `auth/jwt.test.js` - token refresh fails with expired refresh token
4. **Integration**: `api/orders.integration.test.js` - concurrent order creation causes race condition
5. **Integration**: `api/payment.integration.test.js` - Stripe webhook s