Mikk
Reference

mikk.json Reference

Complete schema reference for the mikk.json architecture contract file — modules, constraints, ADRs, and safety policies.

mikk.json is generated by mikk init. Edit it to define your module boundaries, constraints, architectural decisions, and safety policy thresholds.

Top-level Schema

Prop

Type

ProjectDefinition

Prop

Type

ModuleDefinition

Prop

Type

Policies Schema

Prop

Type

ADR Schema

Prop

Type

Full Example

mikk.json
{
  "version": "1.0.0",
  "project": {
    "name": "my-project",
    "description": "Full-stack TypeScript API with Next.js frontend.",
    "language": "typescript",
    "framework": "nextjs",
    "entryPoints": ["src/server.ts"]
  },
  "declared": {
    "modules": [
      {
        "id": "auth",
        "name": "Authentication",
        "description": "JWT auth and session management",
        "intent": "Handle user authentication and session lifecycle",
        "owners": ["security-team"],
        "paths": ["src/auth/**"],
        "entryFunctions": ["login", "logout", "validateToken"]
      },
      {
        "id": "payments",
        "name": "Payments",
        "description": "Payment processing and billing via Stripe",
        "paths": ["src/payments/**"]
      },
      {
        "id": "shared",
        "name": "Shared Utilities",
        "description": "Shared helpers, validators, and type definitions",
        "paths": ["src/shared/**", "src/utils/**"]
      }
    ],
    "constraints": [
      "auth must not import from payments",
      "payments can only import from shared, db",
      "module:api cannot import from db directly"
    ],
    "decisions": [
      {
        "id": "ADR-001",
        "title": "Stateless JWT authentication",
        "reason": "Avoids session storage in distributed deployments. Access tokens are short-lived (15 min), refresh tokens stored in HttpOnly cookies.",
        "date": "2025-01-15"
      },
      {
        "id": "ADR-002",
        "title": "Payments module is isolated",
        "reason": "PCI DSS compliance requires strict boundary isolation for payment logic. No other module may import from payments.",
        "date": "2025-02-01"
      }
    ]
  },
  "overwrite": {
    "mode": "never",
    "requireConfirmation": true
  },
  "policies": {
    "maxRiskScore": 70,
    "maxImpactNodes": 10,
    "protectedModules": ["auth", "payments"],
    "enforceStrictBoundaries": true,
    "requireTestsForChangedFiles": true,
    "requireDocumentationForApiChanges": false
  }
}

Constraint Syntax Reference

All constraints are plain strings. The boundary checker parses them at runtime.

PatternMeaning
A must not import from BA cannot have import edges to any file in B
A can only import from B, CA may only import from B and C
A is isolatedA has no cross-module imports
module:A cannot import BExplicit module: prefix form
module:A has no importsA has zero cross-module dependencies

Constraint matching is case-insensitive on the module name portion.

Was this page helpful?

Contract & Policies Reference

Define module boundaries, enforce architectural constraints, configure safety policies, run safety gates, and fail CI on violations — with Mikk's contract system.

On this page

Top-level Schema
ProjectDefinition
ModuleDefinition
Policies Schema
ADR Schema
Full Example
Constraint Syntax Reference