This directory contains a complete implementation of the Automated Traceability pattern, maintaining automated links between requirements, specifications, tests, implementation, and documentation using AI.
Automated Traceability enables teams to:
- Automatically link code changes to requirements and user stories
- Validate existing traceability links for accuracy
- Generate impact analysis for code changes
- Maintain comprehensive requirement coverage tracking
maintain_traceability.sh- Main traceability maintenance automationvalidate_links.py- Link validation and gap analysisimpact_analysis.py- Change impact assessment and reportingcoverage_tracker.py- Requirement coverage calculationintegrations/- Project management tool integrationsgithub_integration.py- GitHub issues and PR integrationjira_integration.py- JIRA ticket and requirement linking
templates/- Traceability annotation templates
# Set up traceability automation
./maintain_traceability.sh --init
# This creates:
# - Traceability configuration files
# - Git hooks for automatic link checking
# - Template files for requirement annotations# Scan new code for missing requirement links
./maintain_traceability.sh --scan-new
# Validate existing traceability links
./maintain_traceability.sh --validate
# Generate comprehensive coverage report
./maintain_traceability.sh --coverage-report# Analyze impact of recent changes
./maintain_traceability.sh --impact-analysis --since "HEAD~5"
# Generate change impact matrix
python impact_analysis.py --changes "$(git diff --name-only HEAD~5)" --output matrix.json- Scans code for requirement annotations (
# Implements: [^req_id]) - Identifies user story references (
US-123,Story-456) - Links test files to requirements and implementation
- Tracks documentation updates related to features
- Verifies requirement IDs exist in project management systems
- Checks for orphaned code without requirement links
- Validates bidirectional traceability (req → code → test)
- Reports broken or stale links
- Maps code changes to affected requirements
- Identifies dependent user stories and epics
- Lists tests requiring updates
- Flags documentation needing revision
- Calculates requirement implementation coverage
- Identifies untested requirements
- Reports test coverage by requirement
- Tracks documentation coverage
# File: user_service.py
# Implements: [^req-auth-001] User authentication system
# Satisfies: US-123 "As a user, I want to log in securely"
class UserAuthService:
def authenticate_user(self, credentials):
# Implementation here
pass
# Implements: [^req-auth-002] Password validation
# Related: US-124 "Password strength requirements"
def validate_password_strength(password):
# Validation logic
pass# File: test_user_service.py
# Tests: [^req-auth-001] User authentication
# Covers: US-123 login functionality
class TestUserAuthentication:
def test_valid_login(self):
"""Test successful user authentication - US-123"""
# Test implementation
pass
# Tests: [^req-auth-002] Password validation
def test_password_strength(self):
"""Test password strength validation - US-124"""
# Test implementation
pass# File: authentication.md
## User Authentication System
This document describes the authentication system implementation.
**Requirements Covered:**
- [^req-auth-001]: User login and session management
- [^req-auth-002]: Password validation and security
**User Stories:**
- US-123: Secure user login
- US-124: Password strength requirements
**Implementation:**
- `user_service.py`: Authentication logic
- `test_user_service.py`: Test coverage# Automatic requirement linking in PRs
from integrations.github_integration import GitHubTraceability
tracer = GitHubTraceability(repo="org/project")
# Link PR to requirements based on changed files
pr_requirements = tracer.extract_requirements_from_pr(pr_number=123)
tracer.update_pr_description(pr_number=123, requirements=pr_requirements)
# Validate requirement links in PR comments
tracer.validate_pr_requirements(pr_number=123)# Sync with JIRA tickets and epics
from integrations.jira_integration import JiraTraceability
jira_tracer = JiraTraceability(server="company.atlassian.net")
# Update JIRA tickets with implementation status
jira_tracer.update_ticket_status("US-123", status="In Development")
# Link code commits to JIRA tickets
jira_tracer.link_commit_to_ticket(commit_hash="abc123", ticket="US-123")# .git/hooks/pre-commit
#!/bin/bash
# Validate traceability before commit
echo "Checking traceability links..."
./maintain_traceability.sh --validate-staged
if [ $? -ne 0 ]; then
echo "❌ Traceability validation failed"
echo "Please add requirement links to your code changes"
exit 1
fi
echo "✅ Traceability validation passed"# .github/workflows/traceability.yml
name: Traceability Check
on: [pull_request]
jobs:
traceability:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0 # Full history for impact analysis
- name: Validate Traceability
run: |
./maintain_traceability.sh --validate
./maintain_traceability.sh --coverage-report
- name: Impact Analysis
run: |
python impact_analysis.py \
--base-branch origin/main \
--output pr-impact.json
- name: Comment PR with Impact
uses: actions/github-script@v6
with:
script: |
const fs = require('fs');
const impact = JSON.parse(fs.readFileSync('pr-impact.json'));
const comment = `## 🔗 Traceability Impact Analysis
**Requirements Affected:** ${impact.requirements.length}
**Tests to Update:** ${impact.tests.length}
**Documentation Changes:** ${impact.docs.length}
${impact.summary}`;
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: comment
});# Generate comprehensive coverage report
./maintain_traceability.sh --coverage-report --format html
# Output includes:
# - Requirement implementation coverage (%)
# - Test coverage by requirement
# - Documentation coverage metrics
# - Orphaned code identification
# - Missing requirement links# Generate impact analysis for specific changes
python impact_analysis.py \
--changes "src/auth/*.py" \
--output-format markdown \
--include-dependencies
# Report includes:
# - Affected requirements and user stories
# - Dependent components and services
# - Test files requiring updates
# - Documentation sections to review
# - Risk assessment for changes{
"requirement_patterns": [
"\\[\\^req-[a-zA-Z0-9-]+\\]",
"\\[\\^REQ[0-9]+\\]"
],
"user_story_patterns": [
"US-[0-9]+",
"Story-[0-9]+",
"#[0-9]+"
],
"ignore_paths": [
"node_modules/",
".git/",
"build/",
"dist/"
],
"integrations": {
"github": {
"enabled": true,
"auto_link_prs": true
},
"jira": {
"enabled": true,
"server": "company.atlassian.net",
"auto_update_status": true
}
}
}validation_rules:
- name: "require_implementation_link"
pattern: "class|function|def "
requires: "# Implements: "
- name: "require_test_coverage"
pattern: "def test_"
requires: "# Tests: "
- name: "validate_requirement_format"
pattern: "\\[\\^req-"
format: "^\\[\\^req-[a-z]+-[0-9]+\\]$"- Consistent Format: Use standardized annotation patterns
- Granular Linking: Link at function/class level, not file level
- Bidirectional: Ensure both code→req and test→req links
- Clear Context: Include brief description with requirement ID
- Daily Validation: Run link validation in CI/CD
- Weekly Coverage Review: Assess requirement coverage gaps
- Monthly Cleanup: Remove stale links and update formats
- Release Planning: Generate impact analysis for major changes
- Missing Requirement Links: Use automated scanning to identify gaps
- Broken Links: Regular validation catches stale requirement IDs
- Coverage Gaps: Impact analysis highlights untested requirements
- Integration Failures: Check API credentials and permissions
# Debug specific requirement coverage
./validate_links.py --requirement "req-auth-001" --verbose
# Check link format compliance
./maintain_traceability.sh --validate --strict
# Generate detailed impact analysis
python impact_analysis.py --debug --changes "specific/file.py"When extending traceability features:
- Update annotation patterns for new requirement formats
- Add integration support for new project management tools
- Enhance impact analysis with dependency tracking
- Improve coverage calculation accuracy
- Add tests for traceability automation logic
- Protect API credentials for project management integrations
- Validate requirement IDs to prevent injection attacks
- Audit traceability data access and modifications
- Secure webhook endpoints for external integrations