Added cursor rules and skills

Author: reeshika-h

.cursor/rules/README.md

@@ -0,0 +1,23 @@
+# Cursor Rules – Contentstack Utils (Java)
+
+This directory contains Cursor AI rules for **contentstack-utils-java**. Rules give persistent context so the AI follows project conventions and Contentstack RTE / embedded-item patterns.
+
+## How rules are applied
+
+- **File-specific rules** use the `globs` frontmatter: they apply when you open or edit files matching that pattern.
+- **Always-on rules** use `alwaysApply: true`: they are included in every conversation in this project.
+
+## Rule index
+
+| File | Applies when | Purpose |
+|------|--------------|---------|
+| **dev-workflow.md** | (Reference only; no glob) | Development workflow: branches, running tests, PR expectations, optional TDD. |
+| **java.mdc** | Editing any `**/*.java` file | Java 17 standards: naming, package layout under `com.contentstack.utils`, JSON/Jsoup, Javadoc, dependencies. |
+| **contentstack-utils-java.mdc** | Editing `src/main/java/**/*.java` | Utils-specific patterns: `Utils` / `GQL`, RTE and embedded JSON, `DefaultOption` / callbacks; alignment with entry JSON shapes (no HTTP client in this module). |
+| **testing.mdc** | Editing `src/test/**/*.java` | Testing patterns: JUnit 4, fixtures, JaCoCo, Surefire (including `testFailureIgnore`). |
+| **code-review.mdc** | Always | PR / review checklist: API stability, error handling, backward compatibility, dependencies and security (e.g. SCA), tests. |
+
+## Related
+
+- **AGENTS.md** (repo root) – Main entry point for AI agents: project overview, entry points, commands, pointers to rules and skills.
+- **skills/** – Reusable skill docs (`contentstack-utils-java`, `testing`, `code-review`, `framework`) for deeper guidance on specific tasks.

.cursor/rules/code-review.mdc

@@ -0,0 +1,35 @@
+---
+description: PR and code review checklist – API stability, errors, compatibility, security, tests
+alwaysApply: true
+---
+
+# Code review checklist – Contentstack Utils (Java)
+
+Use this checklist when reviewing pull requests or before opening a PR.
+
+## API design and stability
+
+- [ ] **Public API:** New or changed public methods on `Utils`, `GQL`, `DefaultOption`, or `interfaces` are necessary, documented (Javadoc), and justified for `com.contentstack.sdk:utils` consumers.
+- [ ] **Backward compatibility:** No breaking changes unless explicitly versioned (e.g. major) and noted in `Changelog.md`.
+- [ ] **Naming:** Consistent with existing Utils style and Contentstack RTE / embedded terminology.
+
+## Error handling and robustness
+
+- [ ] **JSON safety:** Missing keys / `_embedded_items` handled predictably; no new NPEs or silent behavior changes without rationale.
+- [ ] **Null safety:** `JSONObject` / `JSONArray` access uses `opt*` / `has` patterns consistent with existing code.
+
+## Dependencies and security
+
+- [ ] **Dependencies:** New or upgraded dependencies in `pom.xml` are justified; versions do not introduce known regressions for SDK consumers.
+- [ ] **SCA:** Address security findings (e.g. Snyk on PRs, `.github/workflows/sca-scan.yml`) in scope or track with a follow-up.
+
+## Testing
+
+- [ ] **Coverage:** New or modified behavior has tests under `src/test/java/com/contentstack/utils/` and fixtures under `src/test/resources/` when needed.
+- [ ] **Surefire:** Because `testFailureIgnore` is enabled, confirm results in **`target/surefire-reports/`**, not only exit code.
+
+## Severity (optional)
+
+- **Blocker:** Must fix before merge (e.g. breaking public API without approval, critical vulnerability, no tests for new behavior).
+- **Major:** Should fix (e.g. undocumented HTML/JSON behavior change, missing Javadoc on new public API).
+- **Minor:** Nice to fix (e.g. style, typos in comments).

.cursor/rules/contentstack-utils-java.mdc

@@ -0,0 +1,29 @@
+---
+description: Contentstack Utils patterns — RTE, embedded items, GraphQL JSON; no in-module HTTP client
+globs:
+  - "src/main/java/**/*.java"
+---
+
+# Contentstack Utils (Java) – SDK rules
+
+Apply when editing the Utils library. Behavior should stay aligned with [Content Delivery API](https://www.contentstack.com/docs/apis/content-delivery-api/) entry JSON and with how the [Java Delivery SDK](https://www.contentstack.com/docs/developers/sdks/content-delivery-sdk/java) fetches entries (this module does **not** perform HTTP calls itself).
+
+## Entry points
+
+- **`com.contentstack.utils.Utils`** — `render`, `renderContent`, `renderContents`, `jsonToHTML` for REST/CDA-style JSON with `_embedded_items`; dot-paths into the entry (e.g. `group.field`).
+- **`com.contentstack.utils.GQL`** — `jsonToHTML` for GraphQL-shaped responses (`embedded_itemsConnection`, `edges`, `node`, JSON RTE under `json`). Do not instantiate `GQL` (private constructor).
+
+## Rendering and options
+
+- Implement **`com.contentstack.utils.interfaces.Option`** or extend **`com.contentstack.utils.render.DefaultOption`** for custom embedded HTML, marks, and nodes.
+- Use **`com.contentstack.utils.interfaces.NodeCallback`** and metadata helpers where the codebase already does.
+- **`com.contentstack.utils.helper.Metadata`**, **`embedded.StyleType`**, **`embedded.ItemType`** classify embedded content.
+
+## Data flow
+
+- **No standalone HTTP client:** this library transforms **already-fetched** JSON. API keys, delivery tokens, and `includeEmbeddedItems()` belong to the Java SDK or app code, documented in root `README.md`.
+- Shared traversal lives in **`AutomateCommon`**; JSON RTE trees in **`NodeToHTML`**. Preserve JSON key assumptions (`_embedded_items`, HTML classes such as `embedded-entry`) unless versioning a breaking change.
+
+## Errors
+
+- Prefer null-safe `opt*` / `has` on `JSONObject` / `JSONArray` consistent with existing code.

.cursor/rules/dev-workflow.md

@@ -0,0 +1,36 @@
+# Development workflow – Contentstack Utils (Java)
+
+Use this as the standard workflow when contributing to **contentstack-utils-java**. For Java style and test conventions, see **java.mdc** and **testing.mdc**.
+
+## Branches
+
+- Default integration for PRs is often **`staging`**; merging into **`master`** may be restricted (see `.github/workflows/check-branch.yml`).
+- Feature/fix branches often use ticket-style names (e.g. `fix/DX-5734`).
+
+## Running tests
+
+- **All tests:** `mvn test`
+- **Build only:** `mvn clean compile`
+- **Sample module** (after installing the parent JAR): `mvn -f sample/pom.xml compile` — see `sample/README.md` for credentials and env vars if using the Delivery SDK.
+
+Run tests before opening a PR. Review **`target/surefire-reports/`** if anything looks flaky (`testFailureIgnore` is set in `pom.xml`).
+
+## Pull requests
+
+- Ensure the build passes: `mvn clean test` (and sample compile if you changed `sample/`).
+- Follow the **code-review** rule (`.cursor/rules/code-review.mdc`) for the PR checklist.
+- Keep public API backward-compatible unless releasing a breaking version; update `Changelog.md` when behavior changes.
+
+## Optional: TDD
+
+If the team uses TDD, follow RED–GREEN–REFACTOR: failing test first, then implementation, then refactor. The **testing** rule and **skills/testing** describe structure and Surefire/JaCoCo behavior.
+
+## CI and security
+
+- **Java 17** in publish workflow (`.github/workflows/maven-publish.yml`).
+- **Snyk** Maven scan on PRs (`.github/workflows/sca-scan.yml`).
+- **Javadoc:** `mvn javadoc:javadoc` (optional locally); attach phase may use `-Xdoclint:none` per `pom.xml`.
+
+## Lint / format
+
+- No Checkstyle/Spotless in repo — match existing style in surrounding files.

.cursor/rules/java.mdc

@@ -0,0 +1,44 @@
+---
+description: Java 17 and com.contentstack.utils conventions for the Utils SDK
+globs:
+  - "**/*.java"
+---
+
+# Java standards – Contentstack Utils (Java)
+
+Apply these conventions when editing Java code in this repository.
+
+## Language and runtime
+
+- **Java 17** via `maven-compiler-plugin` `<release>17</release>` in `pom.xml`. Ignore legacy `maven.compiler.source/target` `1.8` properties; the compiler plugin is authoritative.
+- Avoid raw types; use proper generics where applicable.
+
+## Package and layout
+
+- Production code lives under **`com.contentstack.utils`** and subpackages (`render`, `node`, `embedded`, `helper`, `interfaces`).
+- Keep the existing package structure; do not introduce new top-level packages without team alignment.
+
+## Naming
+
+- **Classes:** PascalCase (e.g. `Utils`, `DefaultOption`, `AutomateCommon`).
+- **Methods / variables:** camelCase.
+- **Test classes:** Mix of `*Tests`, `*Test`, `Test*` already in use (see **testing.mdc**).
+
+## JSON and HTML
+
+- Prefer **`org.json`** (`JSONObject`, `JSONArray`) for public APIs and internals, consistent with `Utils` and `GQL`.
+- Use **Jsoup** for RTE HTML parsing; follow patterns in `AutomateCommon` and `Utils`.
+
+## Validation and utility types
+
+- `javax.validation.constraints` (e.g. `@NotNull`) appear on some public methods; keep Javadoc aligned with actual null behavior.
+- Hide construction with private constructors where the codebase already does (e.g. `GQL`, `AutomateCommon`).
+
+## Dependencies
+
+- This artifact is a small JAR (`com.contentstack.sdk:utils`) consumed by the Contentstack Java SDK. Prefer minimal, well-scoped dependencies; justify new ones in `pom.xml`.
+- This repo does **not** use Lombok; do not introduce it without an explicit team decision.
+
+## General
+
+- Document public API with Javadoc; keep examples in line with real usage (`Utils.render`, `GQL.jsonToHTML`, `DefaultOption`).

.cursor/rules/testing.mdc

@@ -0,0 +1,31 @@
+---
+description: JUnit 4 testing patterns, fixtures, Surefire, JaCoCo for contentstack-utils-java
+globs:
+  - "src/test/**/*.java"
+---
+
+# Testing rules – Contentstack Utils (Java)
+
+Apply when writing or editing tests. The project uses **JUnit 4** and **JaCoCo** (see `pom.xml`).
+
+## Test naming and layout
+
+- **Unit tests** use class names such as `UtilTests`, `DefaultOptionTests`, `AssetLinkTest`, `TestRte`, `TestMetadata`, or prefixes/suffixes `Test*`, `*Test`, `*Tests`. Place code under `src/test/java/com/contentstack/utils/` (mirror of main).
+- There is **no** separate `*IT` integration suite in this repo; all tests are standard Maven Surefire tests. Optional **`sample/`** may use the Delivery SDK with env vars (see `sample/README.md`).
+
+## JUnit 4 usage
+
+- Use **`org.junit.Test`**, **`Assert`**, **`@BeforeClass`**, **`@FixMethodOrder`** where appropriate (match surrounding test class style).
+
+## Fixtures and data
+
+- JSON fixtures live under **`src/test/resources/`** (e.g. `multiple_rich_text_content.json`, `reports/`). Load via paths relative to the module root or classpath as existing tests do (`ReadResource`, `UtilTests`).
+- Keep tests **offline** — no API keys or network required for default unit tests.
+
+## Surefire
+
+- **`testFailureIgnore`** is set to **`true`** in `pom.xml`. Always check **`target/surefire-reports/`** when investigating failures; do not rely only on Maven’s exit code.
+
+## Coverage
+
+- **JaCoCo** runs on `test`; reports under **`target/site/jacoco/`**. Maintain or improve coverage when changing production code in `Utils`, `GQL`, or `AutomateCommon`.

AGENTS.md

@@ -0,0 +1,62 @@
+# Contentstack Utils (Java) – Agent guide
+
+This document is the main entry point for AI agents working in **contentstack-utils-java**. Repo: [contentstack-utils-java](https://github.com/contentstack/contentstack-utils-java).
+
+## Project
+
+- **Name:** Contentstack Utils (Java) — Maven artifact `com.contentstack.sdk:utils`.
+- **Purpose:** Library for **rendering Rich Text Editor (RTE) content and embedded items** from Contentstack entry JSON (REST/CDA-style with `_embedded_items`) and GraphQL-shaped responses. It does **not** perform HTTP calls or manage API keys; use it with the [Contentstack Java Delivery SDK](https://www.contentstack.com/docs/developers/sdks/content-delivery-sdk/java) after fetching entries.
+
+## Tech stack
+
+- **Language:** Java **17** (`maven-compiler-plugin` `<release>17</release>` in `pom.xml`).
+- **Build:** Maven.
+- **Testing:** JUnit 4, Maven Surefire, JaCoCo (see `pom.xml`; Surefire uses `testFailureIgnore`).
+- **JSON / HTML:** `org.json`, Jsoup, `commons-text`; `javax.validation` API; `spring-web` is a compile dependency (not a public HTTP client surface for this module).
+
+## Main entry points
+
+- **`Contentstack.stack(...)`** — Not in this repo; provided by the Java SDK (see root `README.md`).
+- **`com.contentstack.utils.Utils`** — `render`, `renderContent`, `jsonToHTML`, variant helpers, etc.
+- **`com.contentstack.utils.GQL`** — GraphQL entry `jsonToHTML`.
+- **`com.contentstack.utils.render.DefaultOption`** / **`interfaces.Option`** — custom RTE/embedded rendering.
+- **Paths:** `src/main/java/com/contentstack/utils/` (production), `src/test/java/com/contentstack/utils/` (tests). Optional **`sample/`** demonstrates Delivery SDK + Utils together.
+
+## Commands
+
+- **Build and test:** `mvn clean test`
+- **Compile only:** `mvn clean compile`
+- **Single test class:** `mvn test -Dtest=UtilTests`
+- **Javadoc (optional):** `mvn javadoc:javadoc`
+
+CI uses Java **17** (`.github/workflows/maven-publish.yml`). **Snyk** runs on PRs (`.github/workflows/sca-scan.yml`).
+
+## Rules and skills
+
+### `.cursor/rules/`
+
+| Resource | Role |
+|----------|------|
+| **README.md** | Index of all rules and when they apply |
+| **dev-workflow.md** | Branches, tests, PRs, optional TDD |
+| **java.mdc** | Applies to `**/*.java`: Java 17, `com.contentstack.utils`, JSON/Jsoup |
+| **contentstack-utils-java.mdc** | Applies to `src/main/java/**/*.java`: Utils/GQL, RTE, embedded JSON |
+| **testing.mdc** | Applies to `src/test/**/*.java`: JUnit 4, fixtures, JaCoCo |
+| **code-review.mdc** | Always applied: PR checklist |
+
+### `skills/`
+
+| Skill | Use when |
+|-------|----------|
+| **contentstack-utils-java** | Changing RTE, embedded items, `Utils` / `GQL`, `DefaultOption`, callbacks |
+| **testing** | Adding or refactoring tests and fixtures |
+| **code-review** | Reviewing PRs or pre-merge self-review |
+| **framework** | Editing `pom.xml`, plugins, publishing, or `sample/` dependency management |
+
+See **`skills/README.md`** for details. For editor-wide Cursor user skills (if configured), this repo’s project skills live only under **`./skills/`**.
+
+## Official documentation
+
+- [Contentstack Developers](https://www.contentstack.com/docs/)
+- [Content Delivery API](https://www.contentstack.com/docs/apis/content-delivery-api/)
+- Root **`README.md`** — Maven coordinates and embedded-items examples

skills/README.md

@@ -0,0 +1,21 @@
+# Skills – Contentstack Utils (Java)
+
+This directory contains **skills**: reusable guidance for AI agents (and developers) on specific tasks. Each skill is a folder with a `SKILL.md` file (YAML frontmatter: `name`, `description`).
+
+## When to use which skill
+
+| Skill | Use when |
+|-------|----------|
+| **contentstack-utils-java** | Implementing or changing RTE/embedded behavior: `Utils`, `GQL`, `DefaultOption`, callbacks, JSON shapes for CDA/GraphQL entries. |
+| **testing** | Writing or refactoring tests: JUnit 4, fixtures, Surefire, JaCoCo, offline unit tests. |
+| **code-review** | Reviewing a PR or preparing your own: API stability, compatibility, dependencies/security, tests. |
+| **framework** | Changing `pom.xml`, Java release level, plugins (Surefire, JaCoCo, javadoc, GPG, Central publishing), or sample module dependency management. |
+
+## How agents should use skills
+
+- **contentstack-utils-java:** Apply when editing `src/main/java/com/contentstack/utils/**` or adding RTE/embedded-related behavior. Follow existing JSON/HTML contracts and public API rules.
+- **testing:** Apply when creating or modifying `src/test/**`. Respect `testFailureIgnore` and JaCoCo layout.
+- **code-review:** Apply when simulating or performing a PR review; use the checklist and optional severity levels.
+- **framework:** Apply when touching build or release tooling; keep consumer impact (Java SDK) in mind.
+
+Each skill’s `SKILL.md` contains more detail and cross-links to `.cursor/rules/`.

skills/code-review/SKILL.md

@@ -0,0 +1,58 @@
+---
+name: code-review
+description: Use when reviewing PRs or before opening a PR — API design, compatibility, dependencies, security, tests
+---
+
+# Code review – Contentstack Utils (Java)
+
+Use this skill when performing or preparing a pull request review for this repository.
+
+## When to use
+
+- Reviewing another contributor’s PR.
+- Self-review before submission.
+- Verifying changes meet API, compatibility, security, and test standards.
+
+## Instructions
+
+Work through the checklist below. Optionally tag items with **Blocker**, **Major**, or **Minor**.
+
+### 1. API design and stability
+
+- [ ] **Public API:** New or changed public surface on `Utils`, `GQL`, `DefaultOption`, or `interfaces` is documented and justified for Maven consumers.
+- [ ] **Backward compatibility:** Breaking changes only with version/changelog alignment.
+- [ ] **Naming:** Consistent with existing Utils and RTE terminology.
+
+**Severity:** Unapproved breaking API change = Blocker. Missing Javadoc on new public API = Major.
+
+### 2. Robustness
+
+- [ ] **JSON:** No unintended behavior change for `_embedded_items` / GraphQL shapes without tests and release notes.
+- [ ] **HTML output:** Customer-visible markup changes are documented.
+
+**Severity:** Silent breaking HTML/JSON behavior = Major.
+
+### 3. Dependencies and security
+
+- [ ] **Dependencies:** Version bumps in `pom.xml` are intentional; consider Snyk/SCA.
+- [ ] **SCA:** Address or defer security findings with a ticket.
+
+**Severity:** New critical/high CVE in scope = Blocker.
+
+### 4. Testing
+
+- [ ] **Coverage:** New logic has tests; Surefire reports reviewed when using global `testFailureIgnore`.
+- [ ] **Quality:** Tests are deterministic and assert meaningful behavior.
+
+**Severity:** No tests for new behavior = Blocker.
+
+### 5. Optional severity summary
+
+- **Blocker:** Breaking API without approval, security issue, missing tests for new code.
+- **Major:** Missing docs, risky dependency bump, unclear JSON/HTML behavior.
+- **Minor:** Style, typos, minor refactors.
+
+## References
+
+- Project rule: `.cursor/rules/code-review.mdc`
+- Testing skill: `skills/testing/SKILL.md`

skills/contentstack-utils-java/SKILL.md

@@ -0,0 +1,29 @@
+---
+name: contentstack-utils-java
+description: Use when implementing RTE, embedded items, Utils/GQL, DefaultOption — JSON shapes and no HTTP client in-module
+---
+
+# Contentstack Utils (Java) – skill
+
+Use this skill when changing **`Utils`**, **`GQL`**, **`DefaultOption`**, callbacks, or embedded/RTE behavior in this repository.
+
+## Scope
+
+This artifact (`com.contentstack.sdk:utils`) **renders** RTE and embedded content from JSON already obtained from Contentstack. **Authentication, stack keys, delivery tokens, and `includeEmbeddedItems()`** are handled by the **[Contentstack Java SDK](https://www.contentstack.com/docs/developers/sdks/content-delivery-sdk/java)** (or your own HTTP layer), not by this repo.
+
+## Core types
+
+- **`com.contentstack.utils.Utils`** — `render`, `renderContent`, `renderContents`, `jsonToHTML` (CDA-style JSON with `_embedded_items`).
+- **`com.contentstack.utils.GQL`** — `jsonToHTML` for GraphQL entry shapes.
+- **`com.contentstack.utils.render.DefaultOption`** / **`interfaces.Option`** — custom rendering; see root `README.md`.
+- **`com.contentstack.utils.helper.Metadata`** — embedded metadata.
+
+## JSON contracts
+
+- REST: `_embedded_items`; RTE HTML classes such as `embedded-entry`, `embedded-asset`.
+- GraphQL: `embedded_itemsConnection`, `edges`, `node`, `uid` matching metadata.
+
+## References
+
+- Project rule: `.cursor/rules/contentstack-utils-java.mdc`
+- Root `README.md` for usage with `Contentstack.stack`, `Entry`, `Query`.