Start HereOrdered learning track

Learn Ai Coding Agent Part 006 Use Case Selection And Risk Classification

17 min read3324 words
PrevNext
Lesson 0664 lesson track01–12 Start Here

title: Learn AI Coding Agent From Scratch - Part 006 description: Memilih use case awal untuk AI coding agent dan membuat risk classification yang menentukan autonomous lane, supervised lane, draft-only lane, atau blocked lane. series: learn-ai-coding-agent seriesTitle: Learn AI Coding Agent From Scratch order: 6 partTitle: Use Case Selection and Risk Classification tags:

  • ai-coding-agent
  • risk-classification
  • use-case-selection
  • software-maintenance
  • automation-strategy
  • governance date: 2026-07-03

Part 006 — Use Case Selection and Risk Classification

Part sebelumnya menetapkan domain: kita membangun controlled code-change automation system. Sekarang kita harus memilih pekerjaan pertama yang layak diautomasi.

Ini keputusan arsitektural, bukan hanya product choice. Use case pertama akan menentukan:

  • bentuk task contract;
  • tool yang harus tersedia;
  • verifier yang dibutuhkan;
  • risiko yang harus dikontrol;
  • data evaluasi awal;
  • bagaimana developer menilai sistem;
  • apakah platform mendapat trust atau langsung dianggap PR spammer.

Tujuan part ini:

Membuat framework pemilihan use case dan risk classification agar agent tidak diberi pekerjaan yang terlalu kabur, terlalu berbahaya, atau terlalu sulit diverifikasi pada tahap awal.

Referensi faktual yang relevan:


1. Prinsip utama: pilih use case yang membangun trust

Use case pertama bukan harus yang paling impresif. Use case pertama harus yang paling mungkin menghasilkan:

  • PR kecil;
  • verifier kuat;
  • acceptance jelas;
  • risiko rendah;
  • value nyata;
  • review mudah;
  • failure mudah dipahami.

Banyak tim salah memilih target awal. Mereka langsung memilih “agent bisa ambil issue bebas dan implement feature”. Itu menarik untuk demo, tetapi buruk untuk platform foundation.

Untuk Honk-like background agent, use case awal yang baik biasanya berbentuk maintenance automation, bukan greenfield feature development.

Maintenance automation punya keuntungan:

  • objective biasanya lebih sempit;
  • pola perubahan berulang;
  • banyak contoh lama/baru;
  • verifier lebih jelas;
  • PR mudah direview;
  • bisa dijalankan di banyak repo;
  • value bisa dihitung dari waktu migrasi yang dihemat.

Prinsip:

Start where the change pattern is repetitive, bounded, and externally verifiable.
Avoid starting where success depends mostly on subjective product judgment.

2. Use case lane: autonomous, supervised, draft-only, blocked

Kita tidak akan memberi semua task mode yang sama.

Kita butuh lane:

LaneMaknaOutput
autonomous_prAgent boleh membuat PR jika gates pass.PR siap review.
supervised_prAgent boleh jalan, tetapi butuh approval sebelum PR dibuat atau sebelum tool tertentu.Draft diff atau PR setelah approval.
draft_onlyAgent hanya membuat patch proposal, tidak membuat PR otomatis.Diff artifact + explanation.
analysis_onlyAgent hanya menganalisis repo dan membuat plan.Report/plan.
blockedTask tidak boleh dijalankan oleh agent.Rejection with reason.

Diagram keputusan awal:

Lane bukan status permanen. Use case bisa naik lane setelah sistem punya data:

analysis_only -> draft_only -> supervised_pr -> autonomous_pr

Tetapi jangan lompat langsung ke autonomous untuk task berisiko tinggi.


3. Dimensi pemilihan use case

Kita gunakan delapan dimensi.

DimensiPertanyaan utama
ClarityApakah objective bisa ditulis jelas?
BoundednessApakah path/symbol/change shape bisa dibatasi?
VerifiabilityApakah hasil bisa dibuktikan dengan build/test/static analysis?
RepeatabilityApakah pattern muncul di banyak repo/file?
ValueApakah automation menghemat waktu nyata?
Blast radiusJika salah, seberapa luas dampaknya?
ReversibilityApakah rollback mudah?
ReviewabilityApakah PR bisa dibaca cepat oleh reviewer?

Scoring awal: 1 sampai 5.

SkorArti
1buruk untuk automation
2lemah, butuh supervision kuat
3bisa dicoba sebagai draft/supervised
4baik untuk automation
5sangat cocok untuk automation

Kita hitung dua skor:

automation_fit = clarity + boundedness + verifiability + repeatability + value + reversibility + reviewability
risk_pressure = blast_radius_inverse_adjusted

Agar lebih jelas, kita pakai tabel scoring konkret.


4. Scoring table

4.1 Clarity

SkorKriteria
1Objective subjektif: “improve design”, “make it better”.
2Objective ada tetapi ambigu: “modernize auth”.
3Objective cukup jelas tetapi detail acceptance kurang.
4Objective jelas dan punya contoh before/after.
5Objective jelas, punya migration guide, examples, forbidden changes.

4.2 Boundedness

SkorKriteria
1Bisa menyentuh seluruh repo tanpa batas.
2Batas module ada tetapi path/symbol belum jelas.
3Allowed path bisa ditentukan.
4Allowed/forbidden path dan expected diff shape jelas.
5Bisa dibatasi dengan symbol-level atau AST-level rules.

4.3 Verifiability

SkorKriteria
1Tidak ada test/build oracle yang relevan.
2Hanya lint/syntax check.
3Compile/build bisa dijalankan.
4Unit test relevan tersedia.
5Unit + integration/golden/static policy checks tersedia.

4.4 Repeatability

SkorKriteria
1One-off, unik.
2Mirip di beberapa file.
3Muncul di beberapa repo.
4Pattern berulang di banyak repo.
5Fleet-wide maintenance campaign.

4.5 Value

SkorKriteria
1Nice-to-have.
2Menghemat sedikit waktu.
3Menghapus backlog maintenance.
4Menghindari deadline/platform cutoff.
5Security/compliance/platform migration bernilai tinggi.

4.6 Blast radius

Untuk blast radius, skor tinggi berarti lebih aman.

SkorKriteria
1Critical: auth/crypto/data destructive/public API external.
2High: production behavior lintas module/service.
3Medium: production path terbatas.
4Low: internal mechanical change.
5Very low: test/config/docs/non-runtime atau generated safe.

4.7 Reversibility

SkorKriteria
1Tidak mudah rollback, data bisa berubah irreversible.
2Rollback butuh coordinated deployment.
3Normal revert tetapi ada runtime risk.
4Normal git revert cukup.
5No production effect sebelum merge/release.

4.8 Reviewability

SkorKriteria
1Diff besar, banyak topik, sulit direview.
2Banyak file dan reviewer harus memahami konteks besar.
3Medium PR, satu topik.
4Small PR, expected shape jelas.
5Mechanical diff, mudah dicek cepat.

5. Decision rule awal

Kita bisa memakai rule sederhana:

total_score = clarity + boundedness + verifiability + repeatability + value + blast_radius + reversibility + reviewability

Lane default:

Total scoreLane default
34–40autonomous_pr kandidat kuat
28–33supervised_pr
21–27draft_only
14–20analysis_only
<=13blocked atau reject

Tetapi ada hard blocker yang override skor:

hard_blockers:
  - destructive_database_migration
  - secret_or_credential_handling
  - production_authz_policy_change
  - cryptographic_algorithm_change
  - public_external_api_breaking_change_without_migration_plan
  - deletes_or_disables_tests_to_pass_verification
  - modifies_ci_to_skip_required_checks
  - requires_access_to_production_data
  - modifies_license_or_legal_files_without_approval

Jika hard blocker muncul, lane otomatis turun ke blocked atau minimal draft_only dengan explicit human approval.


6. Candidate use cases

Kita akan membahas lima keluarga use case utama:

  1. dependency upgrade;
  2. API migration;
  3. config/schema migration;
  4. mechanical refactor;
  5. test fix/test generation.

Masing-masing punya shape, risiko, verifier, dan lane berbeda.


7. Use Case A — Dependency upgrade

7.1 Bentuk masalah

Dependency upgrade adalah target klasik untuk coding agent:

  • update version di pom.xml, build.gradle, package.json, go.mod;
  • build gagal karena API berubah;
  • agent memperbaiki call site;
  • test dijalankan;
  • PR dibuat.

Contoh:

<!-- before -->
<dependency>
  <groupId>com.company.platform</groupId>
  <artifactId>auth-client</artifactId>
  <version>2.8.1</version>
</dependency>
<!-- after -->
<dependency>
  <groupId>com.company.platform</groupId>
  <artifactId>auth-client</artifactId>
  <version>3.1.0</version>
</dependency>

7.2 Mengapa cocok

Dependency upgrade cocok jika:

  • migration guide ada;
  • breaking change terbatas;
  • compile error memberi feedback kuat;
  • test suite cukup baik;
  • versi target jelas;
  • rollback mudah.

7.3 Risiko

RisikoContoh
Transitive dependency conflictVersi baru membawa dependency yang konflik.
Runtime behavior changeCompile pass tetapi behavior berubah.
Security regressionDependency baru punya vulnerability.
Test adaptation cheatingAgent mengubah test agar tidak menguji behavior lama.
Lockfile noiseBanyak perubahan lockfile sulit direview.

7.4 Verifier

Minimal:

verification:
  - mvn -q test
  - mvn -q dependency:tree
  - dependency vulnerability scan
  - forbidden diff check for test deletion

Lebih kuat:

verification:
  - mvn -q -DskipITs=false verify
  - contract tests
  - smoke test with containerized dependencies
  - dependency convergence check

7.5 Lane rekomendasi

KondisiLane
Patch version, no API changesautonomous_pr
Minor version, compile fixes localizedsupervised_pr
Major version with migration guidesupervised_pr atau draft_only
Security/auth/crypto dependencydraft_only dengan human approval
Unknown breaking changesanalysis_only dulu

7.6 Task contract contoh

id: CR-dep-auth-client-3
type: dependency_upgrade
repository: payments-api
objective: Upgrade auth-client from 2.8.1 to 3.1.0
allowed_paths:
  - pom.xml
  - src/main/java/**
  - src/test/java/**
forbidden_paths:
  - openapi/**
  - src/main/resources/db/migration/**
expected_diff_shape:
  - dependency version update
  - compile-error-driven call site adaptation
  - unit test updates only when API construction changed
forbidden_diff_shape:
  - deleting tests
  - disabling Maven plugins
  - skipping test phases
  - changing public REST contract
verifier_commands:
  - mvn -q test
  - mvn -q -DskipITs=false verify
risk:
  max_lane: supervised_pr
review_focus:
  - token validation behavior
  - exception mapping

8. Use Case B — API migration

8.1 Bentuk masalah

API migration terjadi ketika library/platform internal mengganti interface.

Contoh:

// before
PriceResponse response = priceClient.calculate(userId, items);
// after
PriceResponse response = priceClient.calculate(
    PriceRequest.builder()
        .userId(userId)
        .items(items)
        .build()
);

8.2 Mengapa cocok

API migration cocok jika:

  • before/after jelas;
  • pattern call site bisa ditemukan;
  • compile error membantu;
  • semantic mapping eksplisit;
  • migration guide tersedia.

8.3 Risiko

RisikoContoh
Semantic mismatchParameter lama dan field baru tidak satu-ke-satu.
Default value salahAgent memilih default yang tidak sesuai bisnis.
Error handling berubahException baru tidak dimap.
Performance changeAPI baru lebih mahal jika dipanggil dalam loop.
Partial migrationBeberapa call site tertinggal.

8.4 Verifier

verification:
  - compile
  - unit tests
  - grep forbidden old API usage
  - optional semantic test for mapping

Rule penting:

No old API usage may remain unless explicitly allowed.

8.5 Lane rekomendasi

KondisiLane
Mechanical import/method renameautonomous_pr
Constructor/request object adaptationsupervised_pr
Business semantic mappingdraft_only
Public API contract migrationdraft_only or blocked without rollout plan

8.6 Pattern detector

Sebelum agent mengedit, kita bisa scan call sites:

rg "priceClient\.calculate\(" src/main/java src/test/java

Atau AST-level detector:

Find MethodInvocation where:
  receiver type = com.company.pricing.PriceClient
  method name = calculate
  argument count = 2

Semakin deterministic detector-nya, semakin aman automation-nya.


9. Use Case C — Config and schema migration

9.1 Bentuk masalah

Config migration:

# before
tracing:
  enabled: true
  sampleRate: 0.1
# after
observability:
  tracing:
    enabled: true
    sampling:
      rate: 0.1

Schema migration bisa berarti:

  • OpenAPI field rename;
  • JSON Schema version bump;
  • Avro schema evolution;
  • database migration;
  • generated client update.

9.2 Mengapa menarik

Config/schema sering muncul fleet-wide. Satu platform team bisa butuh ratusan repo mengikuti format baru.

9.3 Mengapa berbahaya

Config terlihat kecil tetapi runtime-critical.

Risiko:

RisikoContoh
Silent behavior changeKey salah membuat default dipakai.
Environment-specific issueDev pass, prod gagal karena env override.
Backward compatibilityOld config masih dibaca oleh service lama.
Schema compatibilityConsumer belum siap field baru.
Generated code noiseDiff besar dari generator.

9.4 Verifier

Untuk config:

verification:
  - config parser validation
  - application context startup test
  - schema validation
  - forbidden unknown key check

Untuk OpenAPI/JSON Schema/Avro:

verification:
  - schema validation
  - backward compatibility check
  - generated code deterministic check
  - contract tests

Untuk database schema:

verification:
  - migration applies cleanly on empty db
  - migration applies cleanly on previous schema snapshot
  - rollback strategy exists
  - destructive operation detection

Database destructive migration sebaiknya bukan use case awal autonomous.

9.5 Lane rekomendasi

KondisiLane
Non-runtime config rename with validatorautonomous_pr
Runtime config with startup testsupervised_pr
OpenAPI additive changesupervised_pr
Avro/Protobuf compatible evolutionsupervised_pr
DB additive migrationdraft_only atau supervised_pr dengan approval
DB destructive migrationblocked untuk autonomous

10. Use Case D — Mechanical refactor

10.1 Bentuk masalah

Mechanical refactor adalah perubahan struktur kode tanpa niat mengubah behavior.

Contoh:

  • rename package;
  • replace deprecated annotation;
  • convert field injection to constructor injection;
  • replace utility method;
  • normalize logger declaration;
  • update import path;
  • replace test assertion library syntax.

10.2 Mengapa cocok

Mechanical refactor cocok karena expected diff shape jelas.

Contoh:

// before
@Inject
private PaymentService paymentService;
// after
private final PaymentService paymentService;

@Inject
public PaymentController(PaymentService paymentService) {
    this.paymentService = paymentService;
}

Tetapi tidak semua mechanical refactor rendah risiko. Constructor injection bisa memengaruhi framework wiring.

10.3 Risiko

RisikoContoh
Framework behaviorAnnotation placement berubah efek runtime.
ReflectionRename symbol merusak string-based lookup.
SerializationField/property name berubah.
Generated codeAgent mengedit file generated.
Over-refactorAgent memperbaiki style unrelated.

10.4 Verifier

verification:
  - compile
  - unit tests
  - framework startup test
  - no generated file edit
  - no public contract diff

Untuk mechanical refactor yang sangat pattern-based, deterministic AST transform sering lebih baik daripada agent murni.

Prinsip:

If a transformation can be expressed safely as AST rules, do not delegate the core transformation to an LLM.
Use the agent for discovery, repair, explanation, and edge cases.

11. Use Case E — Test fix and test generation

11.1 Bentuk masalah

Test-related automation ada beberapa jenis:

  1. memperbaiki test yang gagal karena API migration;
  2. menambah test untuk uncovered bug;
  3. memperbaiki flaky test;
  4. menulis characterization test sebelum refactor;
  5. memperbarui snapshot/golden file.

11.2 Mengapa sulit

Test bisa meningkatkan trust, tetapi agent juga bisa menyalahgunakan test.

Failure mode serius:

  • test dihapus;
  • assertion dilemahkan;
  • mock dibuat terlalu longgar;
  • snapshot diperbarui tanpa memahami behavior;
  • flaky test “fixed” dengan sleep lebih panjang;
  • bug disesuaikan ke test, bukan behavior diperbaiki.

11.3 Lane rekomendasi

KondisiLane
Update test compile error akibat API signature berubahsupervised_pr
Add test for pure function with clear expected behaviorsupervised_pr atau autonomous_pr setelah matang
Update snapshot with deterministic generatorsupervised_pr
Fix flaky concurrency testdraft_only
Change test expectation for business ruledraft_only dengan owner approval
Delete/disable testblocked unless explicit human approval

11.4 Test policy

test_policy:
  default_forbid:
    - deleting test files
    - disabling test classes
    - removing assertions without replacement
    - adding broad catch-ignore blocks
    - adding sleeps as primary flaky fix
    - changing expected business values without explanation
  allowed_when_justified:
    - adapting constructor setup to new API
    - updating imports
    - adding focused assertions
    - adding regression test for specified bug

12. Use case comparison matrix

Use caseFit awalRisiko utamaVerifier utamaLane awal
Deprecated annotation replacementsangat tinggireflection/framework nuancecompile + grep old usageautonomous_pr
Dependency patch upgradetinggitransitive dependencytest + dependency scanautonomous_pr
Dependency major upgrademediumbreaking behaviorverify + reviewsupervised_pr
Internal API method renametinggimissed call sitescompile + grepautonomous_pr/supervised_pr
Request object migrationmediumwrong field mappingtests + judgesupervised_pr
Config key renamemediumsilent runtime defaultconfig validationsupervised_pr
OpenAPI additive fieldmediumconsumer compatibilityschema compatibilitysupervised_pr
DB additive migrationrendah-mediumdeployment orderingmigration testdraft_only
DB destructive migrationrendahdata lossnot enoughblocked
Test generation for pure functionmediumweak assertionsmutation/coverage optionalsupervised_pr
Flaky test fixrendahhiding real racerepeated test rundraft_only
Architecture redesignrendahsubjective correctnessweakanalysis_only

13. Pilihan use case pertama untuk seri ini

Untuk seri build-from-scratch ini, kita akan memulai dengan kombinasi berikut:

Primary use case: Java internal API migration

Mengapa?

  • cocok dengan background kamu sebagai Java/backend engineer;
  • cukup realistis untuk enterprise codebase;
  • punya compile feedback kuat;
  • bisa dibuat dalam sample repo;
  • bisa menunjukkan multi-file cascading change;
  • bisa diperluas menjadi fleet migration;
  • tidak perlu production secret atau cloud access.

Bentuknya:

Migrate usage of deprecated `LegacyAuditClient.record(String actor, String action, String target)`
to `AuditClient.record(AuditEvent event)`.

Before:

legacyAuditClient.record(userId, "APPROVE_CASE", caseId);

After:

auditClient.record(
    AuditEvent.builder()
        .actor(userId)
        .action("APPROVE_CASE")
        .target(caseId)
        .source("case-management")
        .build()
);

Verifier:

mvn -q test
rg "LegacyAuditClient|legacyAuditClient\.record" src/main/java src/test/java

Risk:

  • medium jika audit path production-critical;
  • low-medium untuk sample repo;
  • supervised initially;
  • autonomous setelah policy/verifier/judge matang.

Secondary use case: dependency upgrade

Nanti kita gunakan untuk menunjukkan build failure repair loop.

Tertiary use case: config migration

Nanti kita gunakan untuk schema/config verifier dan fleet campaign.


14. Risk classification model

Kita akan membuat classification output seperti ini:

risk_classification:
  level: medium
  lane: supervised_pr
  reasons:
    - touches production audit path
    - compile verifier available
    - old API usage can be detected deterministically
    - no database or public API change expected
  required_gates:
    - allowed_path_check
    - forbidden_diff_check
    - compile_test
    - old_api_absence_check
    - llm_diff_judge
    - human_review
  disallowed_actions:
    - delete_tests
    - modify_ci
    - change_public_api
    - edit_database_migrations

Classifier tidak harus ML. Untuk awal, rule-based lebih baik.

Rule-based classifier:

Signals:

signals:
  touches_auth: false
  touches_authz: false
  touches_crypto: false
  touches_db_migration: false
  touches_public_api: false
  touches_ci: false
  touches_tests: true
  expected_file_count: 8
  has_compile_verifier: true
  has_unit_tests: true
  has_integration_tests: false
  old_api_detector_available: true
  rollback: git_revert

15. Policy mapping dari risk ke gates

Risk levelLaneRequired gates
very lowautonomous_prpath check, build/test, diff summary
lowautonomous_prpath check, forbidden diff, build/test, simple judge
mediumsupervised_prall low gates + risk explanation + human review focus
highdraft_onlyanalysis, patch proposal, no automatic PR
criticalblockedexplain rejection

Contoh gate mapping:

risk_gate_policy:
  low:
    - validate_task_contract
    - enforce_allowed_paths
    - enforce_forbidden_paths
    - run_verifier_commands
    - run_forbidden_diff_rules
    - create_pr_if_pass
  medium:
    - validate_task_contract
    - enforce_allowed_paths
    - enforce_forbidden_paths
    - run_verifier_commands
    - run_forbidden_diff_rules
    - run_llm_diff_judge
    - require_pr_body_risk_section
    - create_pr_with_supervised_label
  high:
    - validate_task_contract
    - run_analysis
    - optionally_generate_patch
    - do_not_create_pr_without_approval
  critical:
    - reject_or_manual_process

16. Dataset awal untuk evaluasi use case

Sebelum menjalankan agent di repo nyata, kita butuh evaluation dataset.

Untuk primary use case API migration, buat beberapa sample repo/task:

CaseDeskripsiExpected outcome
simple-single-callsiteSatu call site legacy API.Patch berhasil.
multiple-callsiteBanyak call site di beberapa class.Semua migrated.
test-callsiteTest juga memakai legacy API.Test updated tanpa melemahkan assertion.
ambiguous-field-mappingParameter tidak jelas map ke field baru.Agent stop atau ask approval.
forbidden-pathLegacy usage di generated file.Tidak mengedit generated file.
compile-failure-repairPerubahan awal compile fail.Agent repair.
no-testsCompile pass tapi tidak ada test relevan.Lane turun atau warning.
public-contract-riskMigration menyentuh API DTO.Draft/supervised, tidak autonomous.

Folder struktur nanti:

evals/
  api-migration/
    simple-single-callsite/
      repo/
      task.yaml
      expected.patch
      rubric.yaml
    multiple-callsite/
      repo/
      task.yaml
      expected.patch
      rubric.yaml

Rubric contoh:

rubric:
  must:
    - no usage of LegacyAuditClient remains in src/main/java
    - mvn test passes
    - no test file deleted
    - no public API files changed
  should:
    - PR body mentions audit event field mapping
    - diff changes fewer than 10 files
  must_not:
    - modify pom.xml
    - disable tests
    - change database migration files

17. Implementation preview: risk classifier interface

Kita belum implement full platform, tetapi shape awalnya bisa dirancang.

TypeScript-like model:

type Lane =
  | "autonomous_pr"
  | "supervised_pr"
  | "draft_only"
  | "analysis_only"
  | "blocked";

type RiskLevel = "very_low" | "low" | "medium" | "high" | "critical";

interface ChangeRequest {
  id: string;
  type: string;
  repository: string;
  objective: string;
  allowedPaths: string[];
  forbiddenPaths: string[];
  expectedDiffShape: string[];
  forbiddenDiffShape: string[];
  verifierCommands: string[];
  metadata: Record<string, unknown>;
}

interface RiskClassification {
  level: RiskLevel;
  lane: Lane;
  score: number;
  reasons: string[];
  hardBlockers: string[];
  requiredGates: string[];
  disallowedActions: string[];
}

Rule function:

function classifyRisk(request: ChangeRequest): RiskClassification {
  const signals = extractSignals(request);
  const hardBlockers = detectHardBlockers(signals, request);

  if (hardBlockers.length > 0) {
    return {
      level: "critical",
      lane: "blocked",
      score: 0,
      reasons: ["Hard blocker detected"],
      hardBlockers,
      requiredGates: ["manual_review"],
      disallowedActions: ["agent_execution"]
    };
  }

  const score = scoreAutomationFit(signals, request);
  const { level, lane } = mapScoreToLane(score, signals);

  return {
    level,
    lane,
    score,
    reasons: explainScore(score, signals),
    hardBlockers: [],
    requiredGates: gatesFor(level),
    disallowedActions: disallowedActionsFor(level)
  };
}

Kita akan implement detail seperti ini nanti saat membangun control plane.


18. Stop conditions per use case

Agent harus punya stop condition yang jelas.

Untuk API migration:

stop_conditions:
  - verifier failed more than 3 times
  - diff touches forbidden paths
  - files changed exceeds 20
  - old API remains but no progress between iterations
  - agent wants to change public contract
  - agent wants to delete or disable tests
  - build failure unrelated to migration cannot be isolated

Untuk dependency upgrade:

stop_conditions:
  - dependency resolution cannot converge
  - major version requires unsupported runtime upgrade
  - vulnerability scan fails for target version
  - generated lockfile diff too large for review policy

Untuk config migration:

stop_conditions:
  - config parser unavailable
  - environment-specific values required
  - old and new keys need dual-write/dual-read rollout but task lacks rollout plan

Stop condition bukan kegagalan platform. Stop condition adalah safety feature.


19. PR label strategy berdasarkan lane

Agar reviewer langsung paham risiko, PR harus diberi label.

labels:
  autonomous_pr:
    - ai-agent
    - automation
    - risk:low
  supervised_pr:
    - ai-agent
    - needs-owner-review
    - risk:medium
  draft_only:
    - ai-agent-proposal
    - do-not-merge
  high_risk:
    - risk:high
    - manual-approval-required

PR title pattern:

[agent][api-migration] Migrate LegacyAuditClient usage to AuditClient in payments-api

Commit message pattern:

Migrate LegacyAuditClient usage to AuditClient

Generated by ai-coding-agent run CR-2026-000123.
Verification:
- mvn -q test: passed
- legacy API grep: passed

Traceability harus terlihat dari PR tanpa membuka internal dashboard.


20. Recommendation final untuk urutan build

Kita akan membangun use case dalam urutan ini:

Alasannya:

  1. API migration memberi kita agent loop, file edit, grep detector, compile verifier, forbidden diff rule.
  2. Dependency upgrade menambah package/build complexity dan repair loop.
  3. Config migration menambah schema/config validation dan runtime startup concern.
  4. Test generation menambah policy untuk mencegah test cheating.
  5. Fleet campaign menambah batching, targeting, rollout, backoff, dan metrics.

Ini progresif. Setiap use case menambah satu dimensi sistem tanpa membakar trust terlalu awal.


21. Template use case card

Setiap use case dalam platform harus punya card.

use_case_card:
  id:
  name:
  owner_team:
  description:
  examples:
  non_examples:
  default_lane:
  allowed_repositories:
  allowed_paths:
  forbidden_paths:
  required_inputs:
  expected_diff_shape:
  forbidden_diff_shape:
  verifier_profile:
  risk_profile:
  stop_conditions:
  pr_template:
  success_metrics:
  rollout_policy:

Contoh:

use_case_card:
  id: java-api-migration-legacy-audit
  name: Migrate LegacyAuditClient to AuditClient
  owner_team: platform-audit
  description: Replace deprecated audit client call sites with AuditEvent-based API.
  examples:
    - legacyAuditClient.record(userId, "APPROVE_CASE", caseId)
  non_examples:
    - redesign audit taxonomy
    - change audit event semantics
  default_lane: supervised_pr
  allowed_repositories:
    - java-service
  allowed_paths:
    - src/main/java/**
    - src/test/java/**
  forbidden_paths:
    - openapi/**
    - src/main/resources/db/migration/**
    - generated/**
  required_inputs:
    - sourceApplicationName
  expected_diff_shape:
    - replace legacy audit client injection
    - construct AuditEvent object
    - update tests for constructor/API change
  forbidden_diff_shape:
    - remove audit calls
    - replace audit with logging only
    - disable tests
  verifier_profile: java-maven-standard
  risk_profile: medium-production-audit-path
  stop_conditions:
    - more than 20 files changed
    - old API remains after 3 repair attempts
  pr_template: api-migration-pr-template-v1
  success_metrics:
    - no old API usage remains
    - mvn test pass
    - reviewer requests fewer than 2 changes
  rollout_policy:
    batch_size: 5
    require_owner_review: true

22. Checklist pemahaman

Sebelum lanjut, pastikan kamu bisa menjawab:

  1. Mengapa use case pertama harus membangun trust, bukan sekadar terlihat canggih?
  2. Apa perbedaan autonomous_pr, supervised_pr, draft_only, analysis_only, dan blocked?
  3. Apa delapan dimensi pemilihan use case?
  4. Mengapa dependency upgrade cocok tetapi tetap berisiko?
  5. Mengapa API migration bisa menjadi use case awal yang baik?
  6. Kapan config migration aman dan kapan berbahaya?
  7. Mengapa test generation perlu policy khusus?
  8. Apa hard blocker yang harus menurunkan lane ke blocked?
  9. Mengapa stop condition adalah fitur keselamatan?
  10. Mengapa deterministic AST transform kadang lebih baik daripada LLM agent?

23. Latihan kecil

Pilih tiga candidate use case dari pekerjaanmu sendiri. Isi tabel berikut:

Use caseClarityBoundednessVerifiabilityRepeatabilityValueBlast radius safetyReversibilityReviewabilityLane

Lalu tulis satu use_case_card untuk candidate terbaik.

Jangan mulai dari prompt. Mulai dari classification.


24. Ringkasan

Use case selection adalah guardrail pertama dari AI coding agent.

Kita memilih pekerjaan berdasarkan:

  • objective clarity;
  • bounded scope;
  • verifier strength;
  • repeatability;
  • value;
  • blast radius;
  • reversibility;
  • reviewability.

Kita tidak memberi semua pekerjaan mode yang sama. Kita memakai lane:

  • autonomous_pr;
  • supervised_pr;
  • draft_only;
  • analysis_only;
  • blocked.

Untuk seri ini, use case utama kita adalah Java internal API migration karena ia cukup realistis, cukup menantang, tetapi masih bisa diverifikasi dengan compile/test/grep/policy/judge.

Di part berikutnya kita akan membuat requirements, non-functional requirements, invariant, dan acceptance criteria untuk platform ini. Itu akan mengubah domain model menjadi specification yang bisa diimplementasikan.

Lesson Recap

You just completed lesson 06 in start here. Use the series map if you want to review the broader track, or continue directly into the next lesson while the context is still warm.

Continue The Track

Keep the momentum while the lesson is still fresh. Move backward for review or continue forward into the next concept.