{"id":42052057,"url":"https://github.com/aniket-a14/sra","last_synced_at":"2026-02-14T14:07:17.825Z","repository":{"id":326118868,"uuid":"1104050130","full_name":"Aniket-a14/SRA","owner":"Aniket-a14","description":"AI-powered Software Requirements Analysis (SRA) system that evaluates requirement quality, detects ambiguities, and suggests structured improvements for more reliable and complete SRS documents.","archived":false,"fork":false,"pushed_at":"2026-01-26T08:43:12.000Z","size":1115,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-01-26T19:50:41.847Z","etag":null,"topics":["backend","development","frontend","nextjs","react","srs-document","system-design"],"latest_commit_sha":null,"homepage":"https://sra-xi.vercel.app/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Aniket-a14.png","metadata":{"files":{"readme":"Readme.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-11-25T17:23:55.000Z","updated_at":"2026-01-26T08:43:15.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/Aniket-a14/SRA","commit_stats":null,"previous_names":["aniket-a14/sra"],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/Aniket-a14/SRA","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aniket-a14%2FSRA","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aniket-a14%2FSRA/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aniket-a14%2FSRA/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aniket-a14%2FSRA/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Aniket-a14","download_url":"https://codeload.github.com/Aniket-a14/SRA/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Aniket-a14%2FSRA/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28932549,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-31T04:05:25.756Z","status":"ssl_error","status_checked_at":"2026-01-31T04:02:35.005Z","response_time":128,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["backend","development","frontend","nextjs","react","srs-document","system-design"],"created_at":"2026-01-26T07:02:58.448Z","updated_at":"2026-02-14T14:07:17.818Z","avatar_url":"https://github.com/Aniket-a14.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SRA (Smart Requirements Analyzer)\n\n[![Backend CI](https://github.com/Aniket-a14/SRA/actions/workflows/backend.yml/badge.svg)](https://github.com/Aniket-a14/SRA/actions/workflows/backend.yml)\n[![Frontend CI](https://github.com/Aniket-a14/SRA/actions/workflows/frontend.yml/badge.svg)](https://github.com/Aniket-a14/SRA/actions/workflows/frontend.yml)\n[![Linting Quality](https://github.com/Aniket-a14/SRA/actions/workflows/lint.yml/badge.svg)](https://github.com/Aniket-a14/SRA/actions/workflows/lint.yml)\n[![Publish Docker Images](https://github.com/Aniket-a14/SRA/actions/workflows/docker-publish.yml/badge.svg)](https://github.com/Aniket-a14/SRA/actions/workflows/docker-publish.yml)\n[![CodeQL Security](https://github.com/Aniket-a14/SRA/actions/workflows/codeql.yml/badge.svg)](https://github.com/Aniket-a14/SRA/actions/workflows/codeql.yml)\n[![Security Audit](https://github.com/Aniket-a14/SRA/actions/workflows/security-audit.yml/badge.svg)](https://github.com/Aniket-a14/SRA/actions/workflows/security-audit.yml)\n[![Automated Backup](https://github.com/Aniket-a14/SRA/actions/workflows/automated-backup.yml/badge.svg)](https://github.com/Aniket-a14/SRA/actions/workflows/automated-backup.yml)\n[![OpenAPI Lint](https://github.com/Aniket-a14/SRA/actions/workflows/openapi-lint.yml/badge.svg)](https://github.com/Aniket-a14/SRA/actions/workflows/openapi-lint.yml)\n[![Lighthouse CI](https://github.com/Aniket-a14/SRA/actions/workflows/lighthouse.yml/badge.svg)](https://github.com/Aniket-a14/SRA/actions/workflows/lighthouse.yml)\n[![Bundle Size Check](https://github.com/Aniket-a14/SRA/actions/workflows/bundle-size.yml/badge.svg)](https://github.com/Aniket-a14/SRA/actions/workflows/bundle-size.yml)\n[![Health Check](https://github.com/Aniket-a14/SRA/actions/workflows/health-check.yml/badge.svg)](https://github.com/Aniket-a14/SRA/actions/workflows/health-check.yml)\n[![IEEE-830](https://img.shields.io/badge/Compliance-IEEE--830-blue)](https://ieeexplore.ieee.org/document/720577)\n[![Dependabot](https://img.shields.io/badge/Dependabot-enabled-success)](https://github.com/Aniket-a14/SRA/blob/main/.github/dependabot.yml)\n[![Maintenance](https://img.shields.io/badge/Maintained%3F-yes-green.svg)](https://github.com/Aniket-a14/SRA/graphs/commit-activity)\n[![Frontend Deploy](https://img.shields.io/badge/Frontend-Live-brightgreen?logo=vercel)](https://sra-xi.vercel.app/)\n\n**SRA** is an enterprise-grade, AI-orchestrated ecosystem designed to formalize the software requirements engineering lifecycle. By combining Large Language Model (LLM) reasoning with rigorous architectural standards, SRA transforms fragmented project visions into high-fidelity, production-ready technical specifications (IEEE-830).\n\n---\n\n## πŸ”— Quick Links\n\n| Resource | URL | Description |\n|----------|-----|-------------|\n| **Live Application** | [sra-xi.vercel.app](https://sra-xi.vercel.app/) | Production frontend deployment |\n| **Architecture Guide** | [ARCHITECTURE.md](./ARCHITECTURE.md) | System architecture \u0026 design |\n| **Operations Manual** | [OPERATIONS.md](./docs/operations/OPERATIONS.md) | Deployment, backup \u0026 DR procedures |\n| **Contributing** | [CONTRIBUTING.md](./CONTRIBUTING.md) | Development setup \u0026 guidelines |\n\n---\n\n## πŸ›οΈ Executive Summary\n\nIn contemporary software development, **43% of project failures** are attributed to poor requirements gathering. **SRA** mitigates this risk by providing an automated, multi-layered validation and synthesis engine. It serves as the bridge between business objectives and technical execution, ensuring that every project starts with a cohesive, logical, and architecturally sound foundation.\n\n### Core Value Propositions\n* **Zero-Ambiguity Intake**: Standardizes raw stakeholder descriptions into structured architectural models.\n* **AI-Driven Governance**: Real-time logic checking to identify contradictions, missing logic, and technical gaps.\n* **High-Fidelity Visuals**: Automated generation of multi-level Data Flow Diagrams (DFD) and system-level Mermaid diagrams.\n* **Semantic Intelligence**: Leverages vector-based knowledge retrieval (RAG) and **Graph-Hybrid Search** to ensure consistency across complex project portfolios.\n* **Objective Quality Auditing**: Real-time scoring against the **6Cs of Requirements Quality** (Clarity, Completeness, etc.).\n* **Industry Benchmarking**: Integrated RAG evaluation for **Faithfulness** and **Answer Relevancy**.\n\n---\n\n## πŸ”„ The 5-Layer Analysis Pipeline\n\nSRA operates on a proprietary 5-layer pipeline that ensures every requirement is processed through a rigid quality-control sequence.\n\n```mermaid\ngraph TD\n subgraph \"The SRA Pipeline\"\n L1[\u003cb\u003eLayer 1: Strategic Intake\u003c/b\u003e\u003cbr/\u003eUnstructured Input Mapping]\n L2[\u003cb\u003eLayer 2: Multi-Agent Analysis\u003c/b\u003e\u003cbr/\u003ePO, Architect, \u0026 Dev Personas]\n L3[\u003cb\u003eLayer 3: Objective Review\u003c/b\u003e\u003cbr/\u003e6Cs Audit \u0026 RAG Evaluation]\n L4[\u003cb\u003eLayer 4: Iterative Refinement\u003c/b\u003e\u003cbr/\u003eLive Workspace \u0026 Diff Tracking]\n L5[\u003cb\u003eLayer 5: Knowledge Persistence\u003c/b\u003e\u003cbr/\u003eSemantic Indexing \u0026 Hybrid Search]\n \n Reliability[(\u003cb\u003eReliability Layer\u003c/b\u003e\u003cbr/\u003e360s Timeout \u0026 Jittered Retries)]\n L2 \u0026 L3 -.-\u003e Reliability\n end\n\n Stakeholder((Stakeholder)) --\u003e|Raw Vision| L1\n L1 --\u003e L2\n L2 --\u003e L3\n L3 --\u003e|FAIL: Poor Industry Score| L2\n L3 --\u003e|PASS| L4\n L4 --\u003e|Export| Artifacts[IEEE SRS, PDF, DFD, API Spec]\n L4 --\u003e L5\n```\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eπŸ“ Click to Expand Layer Details\u003c/strong\u003e\u003c/summary\u003e\n\n1. **Strategic Intake**: Translates free-text into a mapped JSON model aligned with IEEE section hierarchies.\n2. **Multi-Agent Analysis**: Orchestrates specialized AI agents (Product Owner, Architect, Developer) using the **v1.1.0 Gold Standard** prompt registry.\n3. **Objective Review**: Automated auditing of SRS content against the 6Cs and RAG evaluation for contextual faithfulness.\n4. **Iterative Refinement**: A modular Workspace UI for manual adjustments, version branching, and intelligent diagram repair.\n5. **Knowledge Persistence**: Finalized requirements are \"shredded\" and indexed into a **PostgreSQL + pgvector** graph for cross-project intelligence.\n\n\u003c/details\u003e\n\n---\n\n## ✨ Enterprise Feature Modules\n\n### πŸ“Š Professional Requirements Engineering\n* **IEEE-830 v1.1.0 Compliance**: Automated generation with strict identifier governance and academic prose discipline.\n* **6Cs Quality Audit**: Automated scoring for Clarity, Completeness, Conciseness, Consistency, Correctness, and Context.\n* **RAG Benchmarking**: Real-time evaluation of LLM Faithfulness and Answer Relevancy.\n* **User Story Evolution**: Generates \"Jira-Ready\" user stories with granular acceptance criteria.\n\n### 🎨 Advanced Architectural Visualization\n* **Multi-Level DFDs**: Generates Level 0 (Context) and Level 1 (Functional Decomposition) Gane-Sarson diagrams.\n- **Interactive Explorer**: Powered by `@xyflow/react` with support for high-fidelity **PNG Export**.\n* **Self-Healing Diagrams**: Integrated **Mermaid Repair Engine** that identifies and fixes syntax errors in generated UML.\n\n### πŸ”’ Security, Privacy \u0026 Governance\n* **Proactive PII Redaction**: Automated sanitization of user intent (Emails, Phone, CC) before processing by external AI providers.\n* **RBAC Architecture**: Secure access control with JWT integration and social OAuth (Google/GitHub).\n* **Revision History**: Complete versioning system with visual diff tracking between requirement updates.\n* **Audit-Ready Exports**: One-click professional PDF generation with table of contents and revision logs.\n\n---\n\n## πŸ›‘οΈ Production Hardening\n\nSRA is engineered for stability, security, and enterprise-grade performance.\n\n### 🧩 Infrastructure Security\n- **Multi-Stage Docker Builds**: Minimized production images using separate build/runtime environments.\n- **Non-Root Execution**: Containers run as unprivileged users (`nodejs`/`nextjs`) to mitigate security risks.\n- **Dependency Pinning**: Strict versioning of core dependencies (e.g., Next.js 16.1.6) to ensure environment parity.\n\n### 🌐 Network \u0026 Content Security\n- **Hardened CSP**: Strict Content Security Policy injected via Next.js and Express security headers.\n- **HSTS \u0026 Frame Protection**: Production-grade `Strict-Transport-Security` and `X-Frame-Options` (DENY/SAMEORIGIN) enforcement.\n- **Secure Session Management**: JWT-based authentication with secure cookie handling.\n- **Privacy Sanitization**: Integrated `sanitizer.js` layer to prevent data leakage to LLM providers.\n- **Distributed Rate Limiting**: Redis-backed throttling ensures global protection across all server instances.\n\n### πŸ” AI Reliability \u0026 Performance optimization\n- **AI Reliability Layer**: Implemented a standardized `BaseAgent` with a 6-minute timeout, jittered retries, and high-fidelity JSON parsing logs for stable long-form document generation.\n- **Frontend Code Splitting**: Transitioned to an \"Archive-First\" dynamic loading strategy using `next/dynamic`. Components like `ResultsTabs` and their individual sub-tabs are lazy-loaded to minimize initial JS payload and improve TBT.\n- **Redis Caching**: High-traffic endpoints (Dashboard) cached via Upstash for sub-millisecond retrieval.\n- **Automated SEO**: Dynamic `sitemap.xml` and `robots.txt` generation for search engine discoverability.\n- **Graceful Shutdown**: Native handling of `SIGTERM`/`SIGINT` to ensure zero-downtime deployments.\n- **Standalone Mode**: Next.js optimized standalone output.\n- **Smart Data Fetching**: SWR-based caching and background revalidation.\n\n### πŸ” Backup \u0026 Disaster Recovery\n- **Automated Encrypted Backups**: Weekly automated database backups with AES-256-GCM encryption.\n- **Point-in-Time Recovery**: 7-day PITR via Supabase for granular data restoration.\n- **CLI Backup Management**: Command-line tools for manual backup creation, restoration, and verification.\n- **Multi-Location Storage**: Backups stored locally, in GitHub Artifacts, and Supabase snapshots.\n- **Integrity Verification**: SHA-256 checksums ensure backup file integrity.\n\n### �️ Security Monitoring \u0026 Audit\n- **Comprehensive Audit Logging**: Tracks all sensitive operations (create, delete, export) with full metadata.\n- **Threat Detection**: Real-time monitoring for brute force attempts, mass deletions, and unusual access patterns.\n- **Field-Level Encryption**: PII data encrypted at rest using AES-256-GCM.\n- **Daily Security Audits**: Automated dependency scanning, secret leak detection, and security header validation.\n- **Compliance Ready**: Audit trails and security reports for regulatory compliance.\n\n---\n\n## πŸš€ CI/CD \u0026 Monitoring\n\nSRA leverages professional GitHub Actions for continuous quality assurance and operational excellence.\n\n### πŸ”„ Continuous Integration \u0026 Delivery\n- **Automated Docker Builds**: Multi-stage Docker builds triggered on every push to `main`, publishing optimized images to GHCR.\n- **Bundle Size Monitoring**: Tracks and reports JavaScript bundle size changes for the Next.js frontend, preventing performance regressions.\n- **Linting \u0026 Formatting**: Enforces consistent code style and catches potential errors early in the development cycle.\n\n### 🩺 Health \u0026 Security Monitoring\n- **Scheduled Health Checks**: Hourly automated uptime verification of the entire SRA pipeline.\n- **Real-time Observability**: Dedicated `/api/health` endpoint for deep system diagnostics (DB, AI Provider).\n- **Docker Healthchecks**: Infrastructure-aware readiness probes ensure the frontend only serves traffic once the backend is fully initialized.\n- **CodeQL Security Scans**: Proactive identification of security vulnerabilities and common coding errors.\n- **Dependency Vulnerability Checks**: Scans for known vulnerabilities in project dependencies.\n- **Automated Backup Verification**: Weekly encrypted database backups with integrity validation.\n- **Daily Security Audits**: Comprehensive security posture checks including secret leak detection and permission audits.\n\n---\n\n## πŸ’» Tech Stack \u0026 Rationale\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eπŸ› οΈ Click to Expand\u003c/strong\u003e\u003c/summary\u003e\n\n| Component | Technology | Rationale |\n|-----------|------------|-----------|\n| **Frontend** | [Next.js 16.1.6](https://nextjs.org/) | App Router with standalone output for enterprise scalability. |\n| **Styling** | [Tailwind CSS v4](https://tailwindcss.com/) | Next-gen JIT engine for high-performance, responsive UI. |\n| **Backend** | [Node.js 20](https://nodejs.org/) / [Prisma 7](https://www.prisma.io/) | Type-safe ORM for robust asynchronous data orchestration. |\n| **Database** | [PostgreSQL 16+](https://www.postgresql.org/) | High-concurrency persistence with `pgvector` RAG support. |\n| **Orchestration** | [Upstash QStash](https://upstash.com/) | Serverless job queue for reliable, long-running AI tasks. |\n| **LLM Engine** | [Gemini 2.5 Flash](https://ai.google.dev/) | Advanced reasoning and context window for complex architectural mapping. |\n\n\u003c/details\u003e\n\n---\n\n## πŸ—οΈ Infrastructure as Code\n\nSRA uses **Terraform** to manage cloud infrastructure declaratively, ensuring reproducibility, disaster recovery, and version-controlled infrastructure changes.\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eπŸ› οΈ Click to Expand Terraform Details\u003c/strong\u003e\u003c/summary\u003e\n\n### Infrastructure Management\n\nAll infrastructure configuration is defined in the `terraform/` directory:\n\n```bash\nterraform/\nβ”œβ”€β”€ main.tf # Provider \u0026 backend configuration\nβ”œβ”€β”€ variables.tf # Variable definitions\nβ”œβ”€β”€ vercel.tf # Vercel project resources\nβ”œβ”€β”€ outputs.tf # Output values\nβ”œβ”€β”€ terraform.tfvars.example # Configuration template\n└── README.md # Detailed usage guide\n```\n\n### Managed Resources\n\nTerraform manages the following infrastructure:\n- βœ… **Vercel Projects**: Frontend (`sra`) and Backend (`sra-backend`)\n- βœ… **Build Configuration**: Build/install commands and framework settings\n- βœ… **Git Integration**: Repository connections and deployment triggers\n\n**Note:** Environment variables are managed directly in Vercel dashboard to avoid storing secrets in Terraform state.\n\n### Quick Start\n\n```bash\n# Navigate to terraform directory\ncd terraform\n\n# Initialize Terraform\nterraform init\n\n# Preview infrastructure changes\nterraform plan\n\n# Apply changes (when ready)\nterraform apply\n```\n\n### Benefits\n\n- πŸ”„ **Version Control**: Infrastructure changes tracked in git\n- πŸ›‘οΈ **Disaster Recovery**: Rebuild entire infrastructure with one command\n- πŸ“ **Documentation**: Infrastructure is self-documenting code\n- πŸ” **Audit Trail**: Complete history of infrastructure changes\n- 🀝 **Collaboration**: Team members can propose infrastructure changes via PRs\n\nFor detailed Terraform usage, see [`terraform/README.md`](./terraform/README.md).\n\n\u003c/details\u003e\n\n---\n\n## βš™οΈ Operational Guide \u0026 Deployment\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003e�️ Click to Expand Environment \u0026 Deployment\u003c/strong\u003e\u003c/summary\u003e\n\n### 1. Advanced Environment Configuration\n\nEnsure the following variables are defined in your infrastructure (see `.env.example` files in `backend/` and `frontend/` for details):\n\n| Group | Key | Required | Description |\n|-------|-----|:--------:|-------------|\n| **Database** | `DATABASE_URL` | Yes | Postgres connection string with pooling. |\n| **Database** | `DIRECT_URL` | Yes | Direct connection string for Prisma migrations. |\n| **Database** | `REDIS_URL` | Optional | Redis connection string for rate limiting/caching. |\n| **AI (Gemini)** | `GEMINI_API_KEY` | Yes | API key for Google Gemini 2.5 Flash (Primary). |\n| **AI (OpenAI)**| `OPENAI_API_KEY` | Optional | API key for OpenAI (Secondary/Internal). |\n| **Async** | `QSTASH_TOKEN` | Yes | Bearer token for Upstash QStash job publishing. |\n| **Async** | `QSTASH_SIGNING_KEYS` | Yes | Signing keys for verifying QStash webhooks. |\n| **Auth** | `JWT_SECRET` | Yes | Secret key for signing authorization tokens. |\n| **Auth** | `COOKIE_SECRET` | Yes | Secret key for signed cookies. |\n| **Security** | `JWT_SECRET` | Yes | Secret key for JWT signing. |\n| **Backup** | `BACKUP_ENCRYPTION_KEY` | Yes | AES-256 key for encrypting database backups. |\n| **Backup** | `ENCRYPTION_KEY` | Yes | Master key for field-level data encryption. |\n| **Backup** | `BACKUP_DIR` | Optional | Directory for backup storage (default: `./backups`). |\n| **Backup** | `BACKUP_RETENTION_DAYS` | Optional | Backup retention period in days (default: 30). |\n| **Social Auth** | `GOOGLE_CLIENT_ID` | Optional | Google OAuth 2.0 Client ID. |\n| **Social Auth** | `GITHUB_CLIENT_ID` | Optional | GitHub OAuth App Client ID. |\n\n### 2. Deployment Strategies\n\n#### 🐳 Docker Orchestration (Recommended)\nSRA is fully containerized for cloud-agnostic deployment. Our CI pipeline automatically publishes production-ready images to **GitHub Container Registry (GHCR)**.\n\n```bash\n# Pull and run the latest images\ndocker-compose up --build -d\n```\n* **API Service**: `http://localhost:3000` (Optimized Multi-stage Build)\n* **Application UI**: `http://localhost:3001` (Next.js Standalone Build)\n* **Registry**: `ghcr.io/aniket-a14/sra-backend:latest`\n\n#### βš’οΈ Manual Infrastructure Setup\nFor local development or specialized environments:\n```bash\n# Initialize Identity \u0026 Data\ncd backend \u0026\u0026 npm install \u0026\u0026 npx prisma migrate dev\n\n# Initialize Application Layer\ncd ../frontend \u0026\u0026 npm install \u0026\u0026 npm run dev\n```\n\n#### πŸ€– Agentic \u0026 CI Workflows\nSRA leverages professional GitHub Actions for continuous quality assurance:\n* **Publish Docker**: Automated image pushes to [GHCR](https://github.com/Aniket-a14/SRA/pkgs/container/sra-frontend).\n* **Bundle Size**: Continuous monitoring of Next.js JS payloads on every branch.\n* **Health Checks**: Hourly automated uptime verification of the entire pipeline.\n* **Security Scans**: Integrated CodeQL and dependency vulnerability checks.\n\n\u003c/details\u003e\n\n---\n\n## πŸ“‚ Project Structure\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eπŸ“ Click to Expand Directory Tree\u003c/strong\u003e\u003c/summary\u003e\n\n```bash\nSRA/\nβ”œβ”€β”€ .github/ # CI/CD Workflows (Lint, CodeQL, Stale)\nβ”œβ”€β”€ .agent/ # Agentic Workflows (Setup, Test, Deploy)\nβ”œβ”€β”€ backend/ # API Engine \u0026 AI Orchestration\nβ”‚ β”œβ”€β”€ prisma/ # Schema \u0026 Migrations\nβ”‚ β”œβ”€β”€ src/\nβ”‚ β”‚ β”œβ”€β”€ services/ # AI logic, QStash workers, \u0026 business rules\nβ”‚ β”‚ └── controllers/ # API request handlers\nβ”œβ”€β”€ frontend/ # Next.js 16 Application Layer\nβ”‚ β”œβ”€β”€ app/ # Server-driven App Router\nβ”‚ β”œβ”€β”€ components/ # High-fidelity React components\nβ”‚ └── lib/ # Shared utilities \u0026 API clients\nβ”œβ”€β”€ terraform/ # Infrastructure as Code (Terraform)\nβ”‚ β”œβ”€β”€ main.tf # Provider configuration\nβ”‚ β”œβ”€β”€ vercel.tf # Vercel project resources\nβ”‚ └── README.md # Terraform usage guide\nβ”œβ”€β”€ docs/ # Documentation\nβ”‚ β”œβ”€β”€ security/ # Security policies \u0026 procedures\nβ”‚ └── operations/ # Operational procedures\n└── README.md\n```\n\n\u003c/details\u003e\n\n---\n\n## πŸ—ΊοΈ Roadmap \u0026 Governance\n\n- [x] **v2.0**: Strategic 5-Layer Pipeline Implementation.\n- [x] **v2.1**: Interactive DFD Explorer \u0026 PNG Export.\n- [x] **v2.2**: GitHub CI/CD \u0026 Agentic Automation.\n- [x] **v3.0**: SWR Data Fetching \u0026 Backup Automation.\n- [x] **v3.0**: Enterprise Security Monitoring \u0026 Audit Logging.\n- [x] **v3.1**: **Distributed Rate Limiting \u0026 Load Balancing**.\n- [x] **v3.2**: **Industry Benchmarking \u0026 MAS Refinement**.\n- [ ] **v3.5**: Collaborative Real-time Multi-User Editing.\n- [ ] **v4.0**: Custom Model Fine-tuning (MLOps integration).\n\n### Contributing\nWe welcome contributions from the community. Please review our [Contribution Guidelines](CONTRIBUTING.md) and [Governance Policy](GOVERNANCE.md) for architectural context and coding standards.\n\n### Security Policy\nTo report vulnerabilities, please contact the security team via the repository's security advisory tab.\n\n---\n\n## πŸ“„ License\n\nThis project is licensed under the **Apache License 2.0**. See the [LICENSE](LICENSE) file for the full legal text.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faniket-a14%2Fsra","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faniket-a14%2Fsra","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faniket-a14%2Fsra/lists"}