npm - @malamute/ai-rules - Versions diffs - 1.0.0 → 1.2.0 - Mend

@malamute/ai-rules 1.0.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (133) hide show

package/README.md +270 -121
package/bin/cli.js +5 -2
package/configs/_shared/.claude/rules/conventions/documentation.md +324 -0
package/configs/_shared/.claude/rules/conventions/git.md +265 -0
package/configs/_shared/.claude/rules/{performance.md → conventions/performance.md} +1 -1
package/configs/_shared/.claude/rules/conventions/principles.md +334 -0
package/configs/_shared/.claude/rules/devops/ci-cd.md +262 -0
package/configs/_shared/.claude/rules/devops/docker.md +275 -0
package/configs/_shared/.claude/rules/devops/nx.md +194 -0
package/configs/_shared/.claude/rules/domain/backend/api-design.md +203 -0
package/configs/_shared/.claude/rules/lang/csharp/async.md +220 -0
package/configs/_shared/.claude/rules/lang/csharp/csharp.md +314 -0
package/configs/_shared/.claude/rules/lang/csharp/linq.md +210 -0
package/configs/_shared/.claude/rules/lang/python/async.md +337 -0
package/configs/_shared/.claude/rules/lang/python/celery.md +476 -0
package/configs/_shared/.claude/rules/lang/python/config.md +339 -0
package/configs/{python/.claude/rules → _shared/.claude/rules/lang/python}/database/sqlalchemy.md +6 -1
package/configs/_shared/.claude/rules/lang/python/deployment.md +523 -0
package/configs/_shared/.claude/rules/lang/python/error-handling.md +330 -0
package/configs/_shared/.claude/rules/lang/python/migrations.md +421 -0
package/configs/_shared/.claude/rules/lang/python/python.md +172 -0
package/configs/_shared/.claude/rules/lang/python/repository.md +383 -0
package/configs/{python/.claude/rules → _shared/.claude/rules/lang/python}/testing.md +2 -69
package/configs/_shared/.claude/rules/lang/typescript/async.md +447 -0
package/configs/_shared/.claude/rules/lang/typescript/generics.md +356 -0
package/configs/_shared/.claude/rules/lang/typescript/typescript.md +212 -0
package/configs/_shared/.claude/rules/quality/error-handling.md +48 -0
package/configs/_shared/.claude/rules/quality/logging.md +45 -0
package/configs/_shared/.claude/rules/quality/observability.md +240 -0
package/configs/_shared/.claude/rules/quality/testing-patterns.md +65 -0
package/configs/_shared/.claude/rules/security/secrets-management.md +222 -0
package/configs/_shared/.claude/skills/analysis/explore/SKILL.md +257 -0
package/configs/_shared/.claude/skills/analysis/security-audit/SKILL.md +184 -0
package/configs/_shared/.claude/skills/dev/api-endpoint/SKILL.md +126 -0
package/configs/_shared/.claude/{commands/generate-tests.md → skills/dev/generate-tests/SKILL.md} +6 -0
package/configs/_shared/.claude/{commands/fix-issue.md → skills/git/fix-issue/SKILL.md} +6 -0
package/configs/_shared/.claude/{commands/review-pr.md → skills/git/review-pr/SKILL.md} +6 -0
package/configs/_shared/.claude/skills/infra/deploy/SKILL.md +139 -0
package/configs/_shared/.claude/skills/infra/docker/SKILL.md +95 -0
package/configs/_shared/.claude/skills/infra/migration/SKILL.md +158 -0
package/configs/_shared/.claude/skills/nx/nx-affected/SKILL.md +72 -0
package/configs/_shared/.claude/skills/nx/nx-lib/SKILL.md +375 -0
package/configs/_shared/CLAUDE.md +52 -149
package/configs/angular/.claude/rules/{components.md → core/components.md} +69 -15
package/configs/angular/.claude/rules/core/resource.md +285 -0
package/configs/angular/.claude/rules/core/signals.md +323 -0
package/configs/angular/.claude/rules/http.md +338 -0
package/configs/angular/.claude/rules/routing.md +291 -0
package/configs/angular/.claude/rules/ssr.md +312 -0
package/configs/angular/.claude/rules/state/signal-store.md +408 -0
package/configs/angular/.claude/rules/{state.md → state/state.md} +2 -2
package/configs/angular/.claude/rules/testing.md +7 -7
package/configs/angular/.claude/rules/ui/aria.md +422 -0
package/configs/angular/.claude/rules/ui/forms.md +424 -0
package/configs/angular/.claude/rules/ui/pipes-directives.md +335 -0
package/configs/angular/.claude/settings.json +1 -0
package/configs/angular/.claude/skills/ngrx-slice/SKILL.md +362 -0
package/configs/angular/.claude/skills/signal-store/SKILL.md +445 -0
package/configs/angular/CLAUDE.md +24 -216
package/configs/dotnet/.claude/rules/background-services.md +552 -0
package/configs/dotnet/.claude/rules/configuration.md +426 -0
package/configs/dotnet/.claude/rules/ddd.md +447 -0
package/configs/dotnet/.claude/rules/dependency-injection.md +343 -0
package/configs/dotnet/.claude/rules/mediatr.md +320 -0
package/configs/dotnet/.claude/rules/middleware.md +489 -0
package/configs/dotnet/.claude/rules/result-pattern.md +363 -0
package/configs/dotnet/.claude/rules/validation.md +388 -0
package/configs/dotnet/.claude/settings.json +21 -3
package/configs/dotnet/CLAUDE.md +53 -286
package/configs/fastapi/.claude/rules/background-tasks.md +254 -0
package/configs/fastapi/.claude/rules/dependencies.md +170 -0
package/configs/{python → fastapi}/.claude/rules/fastapi.md +61 -1
package/configs/fastapi/.claude/rules/lifespan.md +274 -0
package/configs/fastapi/.claude/rules/middleware.md +229 -0
package/configs/fastapi/.claude/rules/pydantic.md +433 -0
package/configs/fastapi/.claude/rules/responses.md +251 -0
package/configs/fastapi/.claude/rules/routers.md +202 -0
package/configs/fastapi/.claude/rules/security.md +222 -0
package/configs/fastapi/.claude/rules/testing.md +251 -0
package/configs/fastapi/.claude/rules/websockets.md +298 -0
package/configs/fastapi/.claude/settings.json +33 -0
package/configs/fastapi/CLAUDE.md +144 -0
package/configs/flask/.claude/rules/blueprints.md +208 -0
package/configs/flask/.claude/rules/cli.md +285 -0
package/configs/flask/.claude/rules/configuration.md +281 -0
package/configs/flask/.claude/rules/context.md +238 -0
package/configs/flask/.claude/rules/error-handlers.md +278 -0
package/configs/flask/.claude/rules/extensions.md +278 -0
package/configs/flask/.claude/rules/flask.md +171 -0
package/configs/flask/.claude/rules/marshmallow.md +206 -0
package/configs/flask/.claude/rules/security.md +267 -0
package/configs/flask/.claude/rules/testing.md +284 -0
package/configs/flask/.claude/settings.json +33 -0
package/configs/flask/CLAUDE.md +166 -0
package/configs/nestjs/.claude/rules/common-patterns.md +300 -0
package/configs/nestjs/.claude/rules/filters.md +376 -0
package/configs/nestjs/.claude/rules/interceptors.md +317 -0
package/configs/nestjs/.claude/rules/middleware.md +321 -0
package/configs/nestjs/.claude/rules/modules.md +26 -0
package/configs/nestjs/.claude/rules/pipes.md +351 -0
package/configs/nestjs/.claude/rules/websockets.md +451 -0
package/configs/nestjs/.claude/settings.json +16 -2
package/configs/nestjs/CLAUDE.md +57 -215
package/configs/nextjs/.claude/rules/api-routes.md +358 -0
package/configs/nextjs/.claude/rules/authentication.md +355 -0
package/configs/nextjs/.claude/rules/components.md +52 -0
package/configs/nextjs/.claude/rules/data-fetching.md +249 -0
package/configs/nextjs/.claude/rules/database.md +400 -0
package/configs/nextjs/.claude/rules/middleware.md +303 -0
package/configs/nextjs/.claude/rules/routing.md +324 -0
package/configs/nextjs/.claude/rules/seo.md +350 -0
package/configs/nextjs/.claude/rules/server-actions.md +353 -0
package/configs/nextjs/.claude/rules/state/zustand.md +6 -6
package/configs/nextjs/.claude/settings.json +5 -0
package/configs/nextjs/CLAUDE.md +69 -331
package/package.json +23 -9
package/src/cli.js +220 -0
package/src/config.js +29 -0
package/src/index.js +13 -0
package/src/installer.js +361 -0
package/src/merge.js +116 -0
package/src/tech-config.json +29 -0
package/src/utils.js +96 -0
package/configs/python/.claude/rules/flask.md +0 -332
package/configs/python/.claude/settings.json +0 -18
package/configs/python/CLAUDE.md +0 -273
package/src/install.js +0 -315
/package/configs/_shared/.claude/rules/{accessibility.md → domain/frontend/accessibility.md} +0 -0
/package/configs/_shared/.claude/rules/{security.md → security/security.md} +0 -0
/package/configs/_shared/.claude/skills/{debug → dev/debug}/SKILL.md +0 -0
/package/configs/_shared/.claude/skills/{learning → dev/learning}/SKILL.md +0 -0
/package/configs/_shared/.claude/skills/{spec → dev/spec}/SKILL.md +0 -0
/package/configs/_shared/.claude/skills/{review → git/review}/SKILL.md +0 -0

package/configs/_shared/.claude/rules/quality/observability.md ADDED Viewed

@@ -0,0 +1,240 @@
+---
+paths:
+  - "**/*"
+---
+# Observability (Logs, Metrics, Traces)
+## Three Pillars
+| Pillar | Purpose | Tools |
+|--------|---------|-------|
+| **Logs** | Event records, debugging | ELK, Loki, CloudWatch |
+| **Metrics** | Numeric measurements | Prometheus, Datadog, CloudWatch |
+| **Traces** | Request flow across services | Jaeger, Zipkin, X-Ray |
+## Structured Logging
+### Format (JSON)
+```json
+{
+  "timestamp": "2024-01-15T10:30:00.000Z",
+  "level": "info",
+  "message": "User logged in",
+  "service": "auth-service",
+  "version": "1.2.3",
+  "traceId": "abc-123-def",
+  "spanId": "span-456",
+  "userId": "user-789",
+  "duration": 45,
+  "metadata": {
+    "ip": "192.168.1.1",
+    "userAgent": "Mozilla/5.0..."
+  }
+}
+```
+### Log Levels
+| Level | When to Use |
+|-------|-------------|
+| `error` | Failures requiring attention |
+| `warn` | Recoverable issues, deprecations |
+| `info` | Business events, state changes |
+| `debug` | Development details (disabled in prod) |
+### What to Log
+```
+✓ Request received (info)
+✓ Request completed with duration (info)
+✓ Business events (user created, order placed)
+✓ External service calls with duration
+✓ Errors with stack trace and context
+✓ Authentication events
+✗ Passwords, tokens, secrets
+✗ Credit card numbers, PII
+✗ Full request/response bodies
+✗ Health check spam
+```
+## Correlation IDs
+Pass trace ID through entire request chain:
+```typescript
+// Middleware to extract/generate trace ID
+app.use((req, res, next) => {
+  req.traceId = req.headers['x-trace-id'] || uuid();
+  res.setHeader('x-trace-id', req.traceId);
+  next();
+});
+// Include in all logs
+logger.info('Processing order', {
+  traceId: req.traceId,
+  orderId: order.id,
+});
+// Pass to downstream services
+await fetch(url, {
+  headers: { 'x-trace-id': req.traceId }
+});
+```
+## Metrics
+### Types
+| Type | Use Case | Example |
+|------|----------|---------|
+| Counter | Cumulative totals | `http_requests_total` |
+| Gauge | Current value | `active_connections` |
+| Histogram | Value distribution | `request_duration_seconds` |
+| Summary | Percentiles | `request_latency_p99` |
+### Key Metrics (RED Method)
+```
+# Rate - requests per second
+http_requests_total{method="GET", path="/api/users"}
+# Errors - error rate
+http_requests_total{status="5xx"} / http_requests_total
+# Duration - latency percentiles
+http_request_duration_seconds{quantile="0.99"}
+```
+### Business Metrics
+```
+# Orders
+orders_created_total
+orders_value_total
+orders_by_status{status="completed"}
+# Users
+users_registered_total
+users_active_daily
+# Performance
+cache_hit_ratio
+queue_depth
+```
+## Health Checks
+### Endpoints
+```typescript
+// Liveness - is the app running?
+app.get('/health/live', (req, res) => {
+  res.status(200).json({ status: 'ok' });
+});
+// Readiness - can the app serve traffic?
+app.get('/health/ready', async (req, res) => {
+  const checks = {
+    database: await checkDatabase(),
+    redis: await checkRedis(),
+    externalApi: await checkExternalApi(),
+  };
+  const healthy = Object.values(checks).every(c => c.status === 'ok');
+  res.status(healthy ? 200 : 503).json({ checks });
+});
+```
+### Response Format
+```json
+{
+  "status": "healthy",
+  "version": "1.2.3",
+  "uptime": 3600,
+  "checks": {
+    "database": { "status": "ok", "latency": 5 },
+    "redis": { "status": "ok", "latency": 2 },
+    "externalApi": { "status": "degraded", "latency": 500 }
+  }
+}
+```
+## Distributed Tracing
+### Span Structure
+```
+Trace: abc-123
+├── Span: API Gateway (50ms)
+│   ├── Span: Auth Service (10ms)
+│   └── Span: Order Service (35ms)
+│       ├── Span: Database Query (15ms)
+│       └── Span: Payment Service (18ms)
+```
+### OpenTelemetry Setup
+```typescript
+import { NodeSDK } from '@opentelemetry/sdk-node';
+import { getNodeAutoInstrumentations } from '@opentelemetry/auto-instrumentations-node';
+const sdk = new NodeSDK({
+  serviceName: 'order-service',
+  traceExporter: new OTLPTraceExporter({
+    url: 'http://jaeger:4318/v1/traces',
+  }),
+  instrumentations: [getNodeAutoInstrumentations()],
+});
+sdk.start();
+```
+## Alerting Rules
+### SLO-based Alerts
+```yaml
+# Alert when error rate > 1% for 5 minutes
+- alert: HighErrorRate
+  expr: |
+    sum(rate(http_requests_total{status=~"5.."}[5m]))
+    / sum(rate(http_requests_total[5m])) > 0.01
+  for: 5m
+  labels:
+    severity: critical
+# Alert when p99 latency > 1s
+- alert: HighLatency
+  expr: |
+    histogram_quantile(0.99,
+      rate(http_request_duration_seconds_bucket[5m])
+    ) > 1
+  for: 5m
+  labels:
+    severity: warning
+```
+## Dashboards
+### Essential Panels
+1. **Request rate** (per endpoint)
+2. **Error rate** (4xx, 5xx breakdown)
+3. **Latency** (p50, p95, p99)
+4. **Active connections**
+5. **Resource usage** (CPU, memory)
+6. **Business metrics** (orders, users)
+## Anti-patterns
+- Logging sensitive data
+- No correlation IDs
+- Alerting on symptoms not causes
+- Too many alerts (alert fatigue)
+- Metrics without labels
+- No retention policy
+- Health checks that don't check dependencies

package/configs/_shared/.claude/rules/quality/testing-patterns.md ADDED Viewed

@@ -0,0 +1,65 @@
+---
+paths:
+  - "**/*"
+---
+# Testing Principles
+## Test Structure (AAA Pattern)
+1. **Arrange** - Set up test data and dependencies
+2. **Act** - Execute the code under test
+3. **Assert** - Verify the expected outcome
+## Naming Conventions
+| Language | Pattern |
+|----------|---------|
+| TypeScript | `should_ExpectedBehavior_When_Condition` |
+| Python | `test_action_condition_expected` |
+| C# | `MethodName_Scenario_ExpectedBehavior` |
+## Test Organization
+- Group tests by class/module
+- Sub-group by method or behavior
+- Use descriptive describe/context blocks
+## Mocking Best Practices
+- Mock only external dependencies
+- Don't mock internal implementation details
+- Use factories for test data
+- Verify interactions when behavior matters
+## Test Isolation
+- Each test must be independent
+- No shared mutable state
+- Tests should run in any order
+- Clean up after each test
+## What to Test
+| Priority | What | Why |
+|----------|------|-----|
+| High | Business logic | Core value |
+| High | Edge cases | Common bugs |
+| Medium | Error paths | Graceful degradation |
+| Medium | Integration points | Contract verification |
+| Low | Trivial getters/setters | Low value |
+## Coverage Guidelines
+- **80%+** on business logic
+- **100%** on critical paths (payments, auth)
+- Don't chase coverage numbers blindly
+- One meaningful test > many trivial tests
+## Anti-Patterns
+- Tests that depend on execution order
+- Testing implementation, not behavior
+- Excessive mocking (testing mocks, not code)
+- Flaky tests (non-deterministic)
+- Slow tests in the unit test suite

package/configs/_shared/.claude/rules/security/secrets-management.md ADDED Viewed

@@ -0,0 +1,222 @@
+---
+paths:
+  - "**/.env*"
+  - "**/secrets/**"
+  - "**/config/**"
+  - "**/appsettings*.json"
+---
+# Secrets Management
+## Core Principles
+- **Never commit secrets** to version control
+- **Rotate regularly** (90 days max for critical secrets)
+- **Least privilege** - only grant necessary access
+- **Audit access** - log who accessed what
+- **Encrypt at rest** and in transit
+## Environment Files
+### Structure
+```
+.env                 # Shared defaults (commit)
+.env.local           # Local overrides (gitignore)
+.env.development     # Dev environment (commit, no secrets)
+.env.production      # Prod template (commit, no secrets)
+.env.production.local # Prod secrets (gitignore)
+```
+### .gitignore
+```gitignore
+# Always ignore
+.env.local
+.env.*.local
+*.pem
+*.key
+**/secrets/
+credentials.json
+service-account.json
+```
+### Format
+```bash
+# .env.example (commit this as template)
+DATABASE_URL=postgresql://user:password@localhost:5432/db
+REDIS_URL=redis://localhost:6379
+JWT_SECRET=your-secret-here
+API_KEY=your-api-key-here
+# Required for production
+# AWS_ACCESS_KEY_ID=
+# AWS_SECRET_ACCESS_KEY=
+# STRIPE_SECRET_KEY=
+```
+## Secret Types & Storage
+| Type | Example | Storage |
+|------|---------|---------|
+| API Keys | Stripe, Twilio | Vault / Cloud Secrets |
+| DB Credentials | Connection strings | Vault / Cloud Secrets |
+| JWT Secrets | Signing keys | Vault / Env vars |
+| OAuth Secrets | Client secrets | Cloud Secrets |
+| Encryption Keys | AES keys | KMS / HSM |
+| Certificates | TLS certs | Cert Manager |
+## Cloud Provider Solutions
+### AWS Secrets Manager
+```typescript
+import { SecretsManagerClient, GetSecretValueCommand } from "@aws-sdk/client-secrets-manager";
+async function getSecret(secretName: string): Promise<string> {
+  const client = new SecretsManagerClient({ region: "us-east-1" });
+  const response = await client.send(
+    new GetSecretValueCommand({ SecretId: secretName })
+  );
+  return response.SecretString!;
+}
+```
+### Azure Key Vault
+```csharp
+var client = new SecretClient(
+    new Uri("https://myvault.vault.azure.net/"),
+    new DefaultAzureCredential()
+);
+KeyVaultSecret secret = await client.GetSecretAsync("my-secret");
+```
+### Google Secret Manager
+```python
+from google.cloud import secretmanager
+def get_secret(secret_id: str) -> str:
+    client = secretmanager.SecretManagerServiceClient()
+    name = f"projects/my-project/secrets/{secret_id}/versions/latest"
+    response = client.access_secret_version(request={"name": name})
+    return response.payload.data.decode("UTF-8")
+```
+## CI/CD Secrets
+### GitHub Actions
+```yaml
+# Set in: Settings > Secrets and variables > Actions
+jobs:
+  deploy:
+    environment: production  # Environment-specific secrets
+    steps:
+      - name: Deploy
+        env:
+          DATABASE_URL: ${{ secrets.DATABASE_URL }}
+          API_KEY: ${{ secrets.API_KEY }}
+        run: ./deploy.sh
+```
+### GitLab CI
+```yaml
+# Set in: Settings > CI/CD > Variables
+# Mark as "Protected" and "Masked"
+deploy:
+  script:
+    - echo "$DATABASE_URL"  # Available as env var
+  environment:
+    name: production
+```
+## Docker & Kubernetes
+### Docker Secrets
+```yaml
+# docker-compose.yml
+services:
+  app:
+    secrets:
+      - db_password
+    environment:
+      - DB_PASSWORD_FILE=/run/secrets/db_password
+secrets:
+  db_password:
+    file: ./secrets/db_password.txt
+```
+### Kubernetes Secrets
+```yaml
+# sealed-secret.yaml (encrypted, safe to commit)
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  name: my-secret
+spec:
+  encryptedData:
+    password: AgBy3i4OJSWK+...
+# Usage in pod
+env:
+  - name: DB_PASSWORD
+    valueFrom:
+      secretKeyRef:
+        name: my-secret
+        key: password
+```
+## Validation at Startup
+```typescript
+// Validate required secrets exist at startup
+const requiredSecrets = [
+  'DATABASE_URL',
+  'JWT_SECRET',
+  'REDIS_URL',
+];
+for (const secret of requiredSecrets) {
+  if (!process.env[secret]) {
+    throw new Error(`Missing required secret: ${secret}`);
+  }
+}
+```
+## Secret Rotation
+1. **Generate new secret**
+2. **Deploy with both old and new** (accept both)
+3. **Update all consumers** to use new
+4. **Remove old secret** from config
+5. **Revoke old secret** in provider
+## Audit Checklist
+- [ ] No secrets in code or commits
+- [ ] All secrets in gitignore
+- [ ] Secrets encrypted at rest
+- [ ] Access logged and auditable
+- [ ] Rotation policy in place
+- [ ] Secrets validated at startup
+- [ ] Different secrets per environment
+- [ ] Backup/recovery procedure documented
+## Anti-patterns
+- Committing `.env` with real secrets
+- Using same secrets across environments
+- Sharing secrets via Slack/email
+- Hardcoding secrets in Dockerfiles
+- Not rotating compromised secrets immediately
+- Logging secrets (even accidentally)
+- Storing secrets in plain text files on servers