Specifica — A specification format for software projects

The format

Every feature is three files.

Spec, design, tasks. What, how, work. Three audiences, three concerns, three files. Mixing them into one document is how specs become unreadable.

spec.md

Specification

Answers: "What does it do?"

Requirements as checkboxes. Each one is a single, testable behavior. Edge cases at the end. Written for everyone — PM, designer, engineer.

PM · Designer · Engineer

# GitHub Auth

Users sign in with GitHub OAuth.

- [ ] "Sign in with GitHub" button
- [ ] OAuth requests `repo` scope
- [ ] Redirect to `/dashboard`
- [ ] Expired token → re-auth prompt

**Edge cases:** User revokes
OAuth app → re-auth prompt.

design.md

Technical Design

Answers: "How does it work?"

Architecture, data model, API contracts, and key decisions. The reasoning behind choices, not just the choices. Written for engineers.

Engineer · Tech Lead

# Auth — Design

## Flow
Browser → /auth/github → 302
GitHub → /callback?code=xxx
Worker → encrypt → KV → cookie

## Key Decisions
1. Token in KV, not cookie
2. 8h TTL — security vs friction
3. `repo` scope — private access

tasks.md

Implementation

Answers: "In what order?"

A flat checklist ordered by dependency. Each item is completable in a single PR. No nesting, no sub-items, no ambiguity about what's next.

Engineer (the builder)

# Auth — Tasks

- [ ] Create GitHub OAuth App
- [ ] Implement `/auth/github`
- [ ] Implement `/auth/callback`
- [ ] Upsert user in D1
- [ ] Implement `/auth/logout`
- [ ] Auth middleware
- [ ] Handle expired token
- [ ] D1 migration: `users`

Directory structure

Root files for the project.
Feature folders for each piece.

Root-level files describe the project as a whole. Feature folders use kebab-case names and each contain the same three files. Extra files are fine — the convention is a guide, not a gate.

.specifica/
│
├── principles.md
├── spec.md
├── architecture.md ← optional
│
├── auth/
│ ├── spec.md
│ ├── design.md
│ └── tasks.md
│
├── connect-repo/
│ ├── spec.md
│ ├── design.md
│ └── tasks.md
│
└── chat-refine/
├── spec.md
├── design.md
└── tasks.md

`principles.md`

3–7 numbered constraints that guide every decision. These are rules, not aspirations. Each one should rule something out.

`spec.md` at root

The project-level spec. Defines scope, success criteria, time appetite, and non-goals. The one document someone reads to understand the whole project.

`feature/` folders

Kebab-case names that describe the feature — auth, connect-repo, commit. Name the behavior, not the page or component.

Status tags

Optional. Tag any H1 heading with [draft], [review], or [final] to signal where a spec is in its lifecycle.

Conventions

Write specs that someone else can ship.

Standard GitHub-Flavored Markdown. No custom syntax, no preprocessors. If GitHub renders it correctly, it's valid Specifica.

Requirements are checkboxes

Each requirement is a GFM checkbox describing a single, testable behavior. If you can't verify it, it's not specific enough.

- [ ] Expired token → show "Re-authenticate" prompt
- [ ] "Commit" button shows pending changes badge
────
- [ ] Good error handling ← too vague
- [ ] Use Zustand for state ← implementation

Edge cases are compact

At the end of each section: bold label, then scenario → outcome pairs separated by periods. Not stories — failure modes.

**Edge cases:** User revokes OAuth
app → re-auth prompt. User has no
repos → empty state with CTA. Token
expires mid-edit → preserve draft.

Design docs explain why

Key Decisions sections carry the reasoning. "Token in KV, not cookie" isn't enough — say why. Future-you needs the context.

## Key Decisions

1. Token in KV, not cookie
— never expose token client-side
2. 8h TTL, not 24h
— balance security with re-auth friction

Tasks are flat and ordered

No nesting. Ordered by dependency — top items unblock bottom items. Each task is completable in a single PR or commit.

- [ ] Create GitHub OAuth App
- [ ] Implement `/auth/github` redirect
- [ ] Implement `/auth/callback` exchange
- [ ] Auth middleware for `/api/*`
- [ ] Landing page with sign-in button

Naming at a glance

Five rules the format doesn't break.

Repo is the source of truth

Every spec is a .md file in .specifica/. No external database, no SaaS platform, no proprietary format owns the content. Clone the repo and you have the specs.

Markdown is the format

Standard GitHub-Flavored Markdown. No custom syntax, no preprocessor, no build step. Readable on GitHub, in VS Code, in a terminal, on paper, in email.

Three files per feature

Spec (what it does), design (how it works), tasks (implementation order). Separate concerns, separate audiences. Mixing them is how specs become unreadable.

Opinionated structure

One directory layout. One naming convention. Constraints eliminate the decisions that don't matter — where to put files, what to call them, how to organize features.

Tool-agnostic

The format works with any text editor, any Git workflow, any CI pipeline. Tooling enhances Specifica — it doesn't own it. You can always fall back to vim and git push.

Start with `mkdir`

Create the directory, add your first feature, commit. You're using Specifica. Or use the editor if you prefer a UI.

Open specifica.app View on GitHub

# scaffold your first project
$ mkdir -p .specifica/auth
$ touch .specifica/principles.md
$ touch .specifica/spec.md
$ touch .specifica/auth/{spec,design,tasks}.md
$ git add .specifica/ && git commit -m "docs: init specifica"