npm - @polymorphism-tech/morph-spec - Versions diffs - 4.8.12 → 4.8.15 - Mend

@polymorphism-tech/morph-spec 4.8.12 → 4.8.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

package/framework/standards/STANDARDS.json CHANGED Viewed

@@ -9,7 +9,14 @@
       "subcategory": null,
       "tags": [
         "ai-agents"
-      ]
+      ],
+      "aliases": ["Blazor AI", "AI chat UI", "streaming Blazor", "agent UI", "chat component"],
+      "anchors": {
+        "streaming": "#streaming-responses",
+        "state": "#ui-state-management",
+        "dbcontext": "#dbcontext-in-blazor"
+      },
+      "digest": "Never inject DbContext directly into Blazor components — use a scoped service factory. Stream AI responses via IAsyncEnumerable. Debounce user input. Handle cancellation with CancellationTokenSource per component lifecycle."
     },
     {
       "id": "ai-agents-production",
@@ -19,7 +26,14 @@
       "subcategory": null,
       "tags": [
         "ai-agents"
-      ]
+      ],
+      "aliases": ["AI production", "agent reliability", "production AI", "agent safety", "autonomous systems"],
+      "anchors": {
+        "reliability": "#reliability-patterns",
+        "safety": "#safety-guardrails",
+        "monitoring": "#monitoring-and-logging"
+      },
+      "digest": "Add rate limiting and retry with exponential backoff. Log all agent decisions and tool calls. Implement circuit breakers for external calls. Validate agent output before acting. Never give agents unaudited write access to production systems."
     },
     {
       "id": "ai-agents-setup",
@@ -29,7 +43,14 @@
       "subcategory": null,
       "tags": [
         "ai-agents"
-      ]
+      ],
+      "aliases": ["AI agent setup", "MCP configuration", "tool configuration", "Claude setup", "agent initialization"],
+      "anchors": {
+        "mcp": "#mcp-configuration",
+        "tools": "#tool-definitions",
+        "spawn": "#spawn-configuration"
+      },
+      "digest": "Initialize agents with explicit tool lists — never allow unlimited tool access. Configure MCP servers before spawning subagents. Define system prompts with role + constraints + output format. Validate tool availability before dispatch."
     },
     {
       "id": "ai-agents-team-orchestration",
@@ -39,7 +60,13 @@
       "subcategory": null,
       "tags": [
         "ai-agents"
-      ]
+      ],
+      "aliases": ["team orchestration", "agent team", "multi-agent coordination", "squad dispatch"],
+      "anchors": {
+        "patterns": "#orchestration-patterns",
+        "communication": "#inter-agent-communication"
+      },
+      "digest": "Organize agents into squads with a designated leader. Leader decomposes the task and dispatches to specialists. Pass structured briefs between agents — not raw conversation. Each agent outputs a typed result. Leader aggregates into a unified output."
     },
     {
       "id": "ai-agents-workflows",
@@ -49,7 +76,14 @@
       "subcategory": null,
       "tags": [
         "ai-agents"
-      ]
+      ],
+      "aliases": ["agent workflow", "multi-agent", "orchestration pattern", "agent chain", "parallel agents"],
+      "anchors": {
+        "orchestration": "#orchestration-patterns",
+        "parallel": "#parallel-execution",
+        "handoff": "#agent-handoff"
+      },
+      "digest": "Use orchestrator→specialist pattern for complex tasks. Parallelize independent subtasks. Pass structured context between agents, not raw conversation. Define explicit success criteria before spawning. Implement timeout and fallback strategies."
     },
     {
       "id": "architecture-ddd-aggregates",
@@ -60,7 +94,14 @@
       "tags": [
         "architecture",
         "ddd"
-      ]
+      ],
+      "aliases": ["aggregate root", "DDD aggregate", "domain aggregate", "aggregate pattern"],
+      "anchors": {
+        "root": "#aggregate-root-design",
+        "invariants": "#enforcing-invariants",
+        "events": "#domain-events"
+      },
+      "digest": "AggregateRoot owns its boundary — never reference internal entities from outside. Enforce invariants in aggregate methods, not services. Raise domain events from within the aggregate. Use ID references across aggregate boundaries."
     },
     {
       "id": "architecture-ddd-bounded-contexts",
@@ -71,7 +112,14 @@
       "tags": [
         "architecture",
         "ddd"
-      ]
+      ],
+      "aliases": ["bounded context", "BC", "context map", "integration events", "domain boundary"],
+      "anchors": {
+        "context-map": "#context-map",
+        "integration": "#integration-events",
+        "acl": "#anti-corruption-layer"
+      },
+      "digest": "Each bounded context has its own model, ubiquitous language, and database schema. Communicate between contexts via integration events or anti-corruption layers. Never share domain objects across context boundaries."
     },
     {
       "id": "architecture-ddd-complexity-levels",
@@ -82,7 +130,15 @@
       "tags": [
         "architecture",
         "ddd"
-      ]
+      ],
+      "aliases": ["DDD level", "domain complexity", "CRUD vs DDD", "complexity decision tree", "domain model level"],
+      "anchors": {
+        "decision-tree": "#decision-tree",
+        "level1": "#level-1-crud",
+        "level2": "#level-2-business-logic",
+        "level3": "#level-3-bounded-context"
+      },
+      "digest": "Level 1 CRUD: simple entity + service. Level 2 Business Logic: AggregateRoot, ValueObjects, DomainEvents, CQRS. Level 3 Bounded Context: explicit BC isolation, Integration Events. Use 5-question decision tree to determine level before designing."
     },
     {
       "id": "architecture-ddd-entities",
@@ -93,7 +149,13 @@
       "tags": [
         "architecture",
         "ddd"
-      ]
+      ],
+      "aliases": ["DDD entity", "domain entity", "entity class", "entity ID", "entity lifecycle"],
+      "anchors": {
+        "identity": "#entity-identity",
+        "lifecycle": "#entity-lifecycle"
+      },
+      "digest": "Entities have unique identity that persists through state changes. Identity is the only equality criterion. Mutable state belongs inside the entity, not the service. Avoid anemic entities — put domain logic where the data lives."
     },
     {
       "id": "architecture-ddd-ubiquitous-language",
@@ -104,7 +166,13 @@
       "tags": [
         "architecture",
         "ddd"
-      ]
+      ],
+      "aliases": ["ubiquitous language", "domain language", "shared vocabulary", "domain glossary"],
+      "anchors": {
+        "glossary": "#domain-glossary",
+        "naming": "#naming-from-domain"
+      },
+      "digest": "Use business domain terms directly in code — no translation layer between what the domain expert says and what the code says. If the business says 'Order', the code has Order not SalesTransaction. Maintain a living glossary. Inconsistent naming = inconsistent models."
     },
     {
       "id": "architecture-ddd-value-objects",
@@ -115,7 +183,14 @@
       "tags": [
         "architecture",
         "ddd"
-      ]
+      ],
+      "aliases": ["value object", "VO", "immutable value", "domain value type", "strongly typed"],
+      "anchors": {
+        "equality": "#equality-by-value",
+        "validation": "#value-object-validation",
+        "factory": "#static-factory-method"
+      },
+      "digest": "Value objects are immutable and identified by their properties, not ID. Override equality by value. Create via static factory method with validation. Use for Money, Email, Coordinates, DateRange — any domain concept with rules."
     },
     {
       "id": "architecture-vertical-slice-vertical-slice",
@@ -126,7 +201,14 @@
       "tags": [
         "architecture",
         "vertical-slice"
-      ]
+      ],
+      "aliases": ["vertical slice", "VSA", "slice architecture", "feature slice", "CQRS slice"],
+      "anchors": {
+        "structure": "#slice-structure",
+        "rules": "#slice-rules",
+        "cqrs": "#cqrs-in-slices"
+      },
+      "digest": "Organize by feature, not layer. Each slice contains Command/Query, Handler, Validator, Response. No cross-slice dependencies — shared code goes to a dedicated Shared project. Use MediatR for in-process CQRS dispatch."
     },
     {
       "id": "backend-api-minimal-api",
@@ -137,7 +219,13 @@
       "tags": [
         "backend",
         "api"
-      ]
+      ],
+      "aliases": ["minimal api", "minimal APIs", ".NET minimal API", "route handler", "MapGet"],
+      "anchors": {
+        "endpoints": "#endpoint-registration",
+        "grouping": "#route-groups"
+      },
+      "digest": "Group endpoints by feature with MapGroup. Use typed results (TypedResults.Ok, TypedResults.NotFound) for Swagger accuracy. Register endpoint groups in extension methods, not Program.cs directly. Add [EndpointSummary] for OpenAPI docs. Prefer Minimal API over controllers for new code."
     },
     {
       "id": "backend-api-rest",
@@ -148,7 +236,13 @@
       "tags": [
         "backend",
         "api"
-      ]
+      ],
+      "aliases": ["REST API", "RESTful", "HTTP API", "resource API", "HTTP methods"],
+      "anchors": {
+        "resources": "#resource-design",
+        "errors": "#error-responses"
+      },
+      "digest": "Resources are nouns, HTTP verbs are actions. GET /users, POST /users, PUT /users/{id}, DELETE /users/{id}. 201+Location for creation, 204 for deletion. Use RFC 9457 ProblemDetails for all errors. Cursor-based pagination for large collections. API versioning via URL path (/v1/)."
     },
     {
       "id": "backend-api-validation",
@@ -159,7 +253,13 @@
       "tags": [
         "backend",
         "api"
-      ]
+      ],
+      "aliases": ["FluentValidation", "input validation", "request validation", "API validation", "model validation"],
+      "anchors": {
+        "fluent": "#fluentvalidation-setup",
+        "rules": "#validation-rules"
+      },
+      "digest": "Use FluentValidation for all request validation. Register validators as scoped services. Return 422 UnprocessableEntity with field-level error messages. Validate at API boundary — not inside domain logic. Never trust client-side validation alone."
     },
     {
       "id": "backend-authentication-passkeys",
@@ -170,7 +270,13 @@
       "tags": [
         "backend",
         "authentication"
-      ]
+      ],
+      "aliases": ["passkeys", "WebAuthn", "FIDO2", "passwordless", "biometric auth"],
+      "anchors": {
+        "registration": "#passkey-registration",
+        "authentication": "#passkey-authentication"
+      },
+      "digest": "Implement WebAuthn/FIDO2 for passwordless authentication. Registration: generate challenge → verify attestation → store credential. Authentication: generate challenge → verify assertion → issue JWT. Use ASP.NET Core Identity with FIDO2 library. Always store relying party ID as domain, not localhost."
     },
     {
       "id": "backend-database-ef-core",
@@ -181,7 +287,14 @@
       "tags": [
         "backend",
         "database"
-      ]
+      ],
+      "aliases": ["Entity Framework", "EF Core", "DbContext", "LINQ queries", "ORM"],
+      "anchors": {
+        "dbcontext": "#dbcontext-patterns",
+        "queries": "#query-optimization",
+        "migrations": "#migration-strategy"
+      },
+      "digest": "Use Scoped DbContext per request. Never expose IQueryable outside repository. Use AsNoTracking for read-only queries. Batch writes with SaveChangesAsync. Avoid N+1 queries — use Include for eager loading. Never use lazy loading in production."
     },
     {
       "id": "backend-database-migrations",
@@ -192,7 +305,13 @@
       "tags": [
         "backend",
         "database"
-      ]
+      ],
+      "aliases": ["EF migrations", "database migration", "schema migration", "dotnet ef", "Add-Migration"],
+      "anchors": {
+        "workflow": "#migration-workflow",
+        "production": "#production-migrations"
+      },
+      "digest": "Run migrations at app startup via MigrateAsync() only in dev. In production, apply migrations as part of CI/CD, never at runtime. Never modify existing migrations — always create a new one. Use meaningful names (Add-Migration AddUserEmailIndex). Test rollback on every migration."
     },
     {
       "id": "backend-database-postgresql-database",
@@ -204,7 +323,13 @@
         "backend",
         "database",
         "postgresql"
-      ]
+      ],
+      "aliases": ["PostgreSQL", "postgres", "pg", "database design", "SQL schema"],
+      "anchors": {
+        "schema": "#schema-design",
+        "indexes": "#index-strategy"
+      },
+      "digest": "Use timestamptz for all timestamps (not timestamp). UUID primary keys for public-facing IDs. Add indexes on FK columns and frequently filtered columns. Use GIN indexes for JSON/array columns. JSONB over JSON. Row-level security for multi-tenant. Never store binary in columns — use storage URLs."
     },
     {
       "id": "backend-database-repository-patterns",
@@ -215,7 +340,13 @@
       "tags": [
         "backend",
         "database"
-      ]
+      ],
+      "aliases": ["repository", "IRepository", "Unit of Work", "data access", "repository pattern"],
+      "anchors": {
+        "pattern": "#repository-pattern",
+        "uow": "#unit-of-work"
+      },
+      "digest": "Repository abstracts data access behind an interface. Return domain objects, not IQueryable. Unit of Work coordinates multiple repository operations in one transaction. Avoid generic repositories — domain-specific repositories express intent better. Test repositories with in-memory providers or integration tests."
     },
     {
       "id": "backend-database-vector-search-rag",
@@ -226,7 +357,13 @@
       "tags": [
         "backend",
         "database"
-      ]
+      ],
+      "aliases": ["vector search", "RAG", "embeddings", "pgvector", "semantic search"],
+      "anchors": {
+        "chunking": "#chunking-strategy",
+        "retrieval": "#retrieval-patterns"
+      },
+      "digest": "Chunk documents with 512 token size and 50 token overlap for RAG. Embed with text-embedding-3-small. Store embedding + metadata (source, chunk index). Retrieve top-k=5 by cosine similarity. Re-rank before injecting into LLM context. Use pgvector HNSW index for performance at scale."
     },
     {
       "id": "backend-dotnet-async",
@@ -237,7 +374,13 @@
       "tags": [
         "backend",
         "dotnet"
-      ]
+      ],
+      "aliases": ["async/await", "Task<T>", "CancellationToken", "ValueTask", "async programming"],
+      "anchors": {
+        "cancellation": "#cancellation-token-pattern",
+        "parallel": "#parallel-execution-patterns"
+      },
+      "digest": "Use CancellationToken in all async signatures. Prefer Task<T> over ValueTask<T> unless hot-path allocation is measured. Never async void except event handlers. Task.WhenAll for independent parallel ops."
     },
     {
       "id": "backend-dotnet-core",
@@ -248,7 +391,14 @@
       "tags": [
         "backend",
         "dotnet"
-      ]
+      ],
+      "aliases": [".NET core", "dotnet core", "C# patterns", "backend core", "dotnet standards"],
+      "anchors": {
+        "di": "#dependency-injection",
+        "services": "#service-registration",
+        "security": "#security-patterns"
+      },
+      "digest": "Register services in Program.cs with AddScoped/AddSingleton/AddTransient. Use constructor injection only — never service locator. Apply interface segregation. Validate all input at API boundary. Never expose raw exceptions to clients."
     },
     {
       "id": "backend-dotnet-di",
@@ -259,7 +409,13 @@
       "tags": [
         "backend",
         "dotnet"
-      ]
+      ],
+      "aliases": ["dependency injection", "IoC", "DI container", "service registration", "inversion of control"],
+      "anchors": {
+        "patterns": "#di-patterns",
+        "anti-patterns": "#di-anti-patterns"
+      },
+      "digest": "Use constructor injection exclusively. Register concrete types with interfaces. Never use service locator or static factories. Scoped services must not be injected into singletons. Validate dependency graph at startup with ValidateOnBuild."
     },
     {
       "id": "backend-dotnet-program-cs-checklist",
@@ -270,7 +426,13 @@
       "tags": [
         "backend",
         "dotnet"
-      ]
+      ],
+      "aliases": ["program.cs", "startup configuration", "NuGet packages", "package setup", "app bootstrap"],
+      "anchors": {
+        "nuget": "#nuget-packages",
+        "middleware": "#middleware-order"
+      },
+      "digest": "Configure middleware in order: CORS → Auth → Routing → Endpoints. Register all required NuGet packages. Enable Swagger in dev only. Apply global exception handler. Configure HTTPS redirection. Enable CORS before Auth."
     },
     {
       "id": "backend-integrations-asaas-asaas-api",
@@ -282,7 +444,13 @@
         "backend",
         "integrations",
         "asaas"
-      ]
+      ],
+      "aliases": ["asaas", "payment", "PIX", "boleto", "Brazilian payment"],
+      "anchors": {
+        "payments": "#payment-types",
+        "webhooks": "#webhook-handling"
+      },
+      "digest": "Use AsaasClient SDK — never call REST API directly. Register as scoped service. Implement webhook signature verification. Map SDK enums to domain enums at integration boundary. Use idempotency keys for retry safety. Test with Asaas sandbox environment."
     },
     {
       "id": "backend-integrations-clerk-clerk-auth",
@@ -294,7 +462,13 @@
         "backend",
         "integrations",
         "clerk"
-      ]
+      ],
+      "aliases": ["clerk", "authentication", "OAuth", "JWT", "session management"],
+      "anchors": {
+        "setup": "#clerk-setup",
+        "middleware": "#auth-middleware"
+      },
+      "digest": "Add ClerkMiddleware to ASP.NET pipeline. Access userId via User.GetClerkUserId(). Configure allowed redirect URLs in Clerk dashboard. Use [Authorize] for protected endpoints. Never store passwords — Clerk manages credentials. Sync Clerk users to local DB on first login."
     },
     {
       "id": "backend-integrations-hangfire-hangfire-jobs",
@@ -306,7 +480,13 @@
         "backend",
         "integrations",
         "hangfire"
-      ]
+      ],
+      "aliases": ["hangfire", "background jobs", "scheduled jobs", "recurring", "cron", "fire and forget"],
+      "anchors": {
+        "jobs": "#job-types",
+        "retry": "#retry-policies"
+      },
+      "digest": "Use IDbContextFactory for scoped DB operations in jobs — never inject DbContext directly into job classes. BackgroundJob.Enqueue for fire-and-forget, RecurringJob.AddOrUpdate for cron. Add RetryCountAttribute for retries. Secure Hangfire Dashboard with auth in production. Never put long-running work in a single job — decompose."
     },
     {
       "id": "backend-integrations-resend-resend-email",
@@ -318,7 +498,13 @@
         "backend",
         "integrations",
         "resend"
-      ]
+      ],
+      "aliases": ["resend", "email", "transactional email", "SMTP", "email notification"],
+      "anchors": {
+        "sending": "#send-email",
+        "templates": "#email-templates"
+      },
+      "digest": "Register ResendClient as singleton. Provide both HTML and plain-text alternatives. Handle bounce/complaint webhooks to maintain sender reputation. Never send from test domains in production. Queue emails via Hangfire for reliability — don't send inline in request handlers."
     },
     {
       "id": "context-analytics",
@@ -328,7 +514,13 @@
       "subcategory": null,
       "tags": [
         "context"
-      ]
+      ],
+      "aliases": ["analytics", "GTM", "GA4", "event tracking", "data layer"],
+      "anchors": {
+        "events": "#event-tracking",
+        "setup": "#analytics-setup"
+      },
+      "digest": "Install GTM via component, not raw script. Track custom events via dataLayer.push. GA4 events follow snake_case naming. Define event schema before implementing. Never log PII in analytics events. Test event firing with GA4 DebugView or GTM Preview before production."
     },
     {
       "id": "context-bundles",
@@ -338,7 +530,13 @@
       "subcategory": null,
       "tags": [
         "context"
-      ]
+      ],
+      "aliases": ["context bundles", "bundled context", "spec bundles", "feature bundles"],
+      "anchors": {
+        "structure": "#bundle-structure",
+        "loading": "#context-loading"
+      },
+      "digest": "Bundle related context files to reduce per-agent injection overhead. Define bundle manifests listing included standards by scope. Agents load their assigned bundle, not the full context. Bundles are versioned — bump version when standards change significantly."
     },
     {
       "id": "context-priming",
@@ -348,7 +546,13 @@
       "subcategory": null,
       "tags": [
         "context"
-      ]
+      ],
+      "aliases": ["context priming", "agent priming", "system prompt", "context injection"],
+      "anchors": {
+        "patterns": "#priming-patterns",
+        "efficiency": "#context-efficiency"
+      },
+      "digest": "Prime agents with role + constraints + output format in the first message. Keep priming concise — under 200 tokens. Include only relevant standards for the current phase. Re-prime after context compaction. Never include full file contents when a digest suffices."
     },
     {
       "id": "core-architecture",
@@ -358,7 +562,13 @@
       "subcategory": null,
       "tags": [
         "core"
-      ]
+      ],
+      "aliases": ["architecture", "clean architecture", "layered architecture", "SOLID", "design principles"],
+      "anchors": {
+        "layers": "#layer-boundaries",
+        "patterns": "#architectural-patterns"
+      },
+      "digest": "Apply Clean Architecture: dependency rule points inward (Infrastructure → Application → Domain). Domain has no external dependencies. Application orchestrates use cases. Infrastructure implements ports. SOLID principles at every layer. Never skip architecture review for cross-cutting concerns."
     },
     {
       "id": "core-coding",
@@ -368,7 +578,13 @@
       "subcategory": null,
       "tags": [
         "core"
-      ]
+      ],
+      "aliases": ["coding standards", "code style", "clean code", "naming conventions", "code quality"],
+      "anchors": {
+        "naming": "#naming-conventions",
+        "patterns": "#code-patterns"
+      },
+      "digest": "PascalCase for types/methods, camelCase for fields/locals, UPPER_SNAKE_CASE for constants. Methods are verbs, classes are nouns. Single responsibility per class/method. Max 30 lines per method. Prefer immutability. No magic strings — use constants or enums. Every public API has XML docs."
     },
     {
       "id": "core-git-branching-strategy",
@@ -378,7 +594,13 @@
       "subcategory": null,
       "tags": [
         "core"
-      ]
+      ],
+      "aliases": ["git flow", "branch strategy", "feature branch", "gitflow", "branch naming"],
+      "anchors": {
+        "branching": "#branch-naming",
+        "workflow": "#git-workflow"
+      },
+      "digest": "Branch naming: feature/{ticket}-{description}, fix/{ticket}-{description}. main is production-ready, develop is integration branch. PRs require passing CI and at least one review. Squash merge for features. Delete branches after merge. Protect main and develop with required checks."
     },
     {
       "id": "core-git",
@@ -388,7 +610,13 @@
       "subcategory": null,
       "tags": [
         "core"
-      ]
+      ],
+      "aliases": ["git", "commit messages", "conventional commits", "changelog", "git hooks"],
+      "anchors": {
+        "commits": "#commit-format",
+        "hooks": "#pre-commit-hooks"
+      },
+      "digest": "Conventional Commits: feat, fix, chore, docs, refactor, test, style. Scope in parentheses: feat(auth): add JWT validation. Breaking changes use BREAKING CHANGE footer. Commits are atomic — one logical change per commit. Pre-commit hooks run build + lint. Never commit .env or secrets."
     },
     {
       "id": "core-testing",
@@ -398,7 +626,13 @@
       "subcategory": null,
       "tags": [
         "core"
-      ]
+      ],
+      "aliases": ["testing", "unit tests", "integration tests", "TDD", "test coverage", "xUnit"],
+      "anchors": {
+        "patterns": "#test-patterns",
+        "coverage": "#coverage-requirements"
+      },
+      "digest": "Arrange-Act-Assert in every test. Unit tests for domain logic — no DB or HTTP. Integration tests use TestContainers for real dependencies. Minimum 80% coverage on domain layer. Mock external services at system boundaries. Test names: Given_When_Then or MethodName_Scenario_ExpectedResult."
     },
     {
       "id": "data-nosql-blob-storage",
@@ -409,7 +643,13 @@
       "tags": [
         "data",
         "nosql"
-      ]
+      ],
+      "aliases": ["blob storage", "Azure Storage", "file storage", "BlobServiceClient", "object storage"],
+      "anchors": {
+        "upload": "#upload-patterns",
+        "access": "#sas-tokens"
+      },
+      "digest": "Use BlobServiceClient with DefaultAzureCredential — never hardcode connection strings. Organize by container/virtual-path. Generate SAS tokens for client-side access with minimum permissions and short TTL. Set content-type on upload. Use CDN for public assets. Enable versioning + soft delete for business data."
     },
     {
       "id": "data-nosql-cache-redis",
@@ -421,7 +661,13 @@
         "data",
         "nosql",
         "cache"
-      ]
+      ],
+      "aliases": ["redis", "cache", "distributed cache", "IDistributedCache", "cache-aside", "StackExchange.Redis"],
+      "anchors": {
+        "patterns": "#cache-patterns",
+        "invalidation": "#cache-invalidation"
+      },
+      "digest": "IDistributedCache for cache-aside pattern. Set TTL on every entry — never cache without expiry. Serialize with System.Text.Json. Sliding expiration for sessions, absolute for computed results. Invalidate by key prefix. Redis eviction policy must be set (allkeys-lru). Never cache PII without encryption."
     },
     {
       "id": "data-nosql-cosmos-db",
@@ -432,7 +678,13 @@
       "tags": [
         "data",
         "nosql"
-      ]
+      ],
+      "aliases": ["cosmos", "CosmosDB", "document database", "partition key", "RUs"],
+      "anchors": {
+        "modeling": "#document-modeling",
+        "queries": "#query-patterns"
+      },
+      "digest": "Choose partition key with high cardinality for even distribution. Design documents for single-partition reads. Enable TTL for ephemeral data. Prefer point reads (O(1)) over cross-partition queries. Set provisioned throughput based on measured RUs. Use change feed for event-driven processing."
     },
     {
       "id": "data-vector-search-azure-ai-search",
@@ -443,7 +695,13 @@
       "tags": [
         "data",
         "vector-search"
-      ]
+      ],
+      "aliases": ["Azure AI Search", "cognitive search", "vector search", "hybrid search", "semantic ranking"],
+      "anchors": {
+        "indexing": "#index-setup",
+        "queries": "#search-queries"
+      },
+      "digest": "Create index with semantic configuration for hybrid search (keyword + vector). Batch index uploads (1000 docs/batch). Use OData filters for pre-filtering before vector search. Apply RRF fusion for hybrid ranking. Set up incremental indexing for updates. Add enrichment pipeline for PDFs/images."
     },
     {
       "id": "data-vector-search-rag-chunking",
@@ -454,7 +712,13 @@
       "tags": [
         "data",
         "vector-search"
-      ]
+      ],
+      "aliases": ["RAG chunking", "document chunking", "text splitting", "chunk overlap", "embedding chunks"],
+      "anchors": {
+        "strategies": "#chunking-strategies",
+        "retrieval": "#retrieval-pipeline"
+      },
+      "digest": "Recursive character splitting: 512 token chunks, 50 token overlap. Embed with text-embedding-3-small (1536 dims). Store chunk + metadata (source, page, section). Retrieve top-k=5 by cosine similarity. Re-rank with cross-encoder before LLM injection. Evaluate retrieval quality with RAGAS."
     },
     {
       "id": "frontend-blazor-design-checklist",
@@ -465,7 +729,13 @@
       "tags": [
         "frontend",
         "blazor"
-      ]
+      ],
+      "aliases": ["blazor checklist", "blazor design review", "UI checklist", "component checklist"],
+      "anchors": {
+        "components": "#component-checklist",
+        "accessibility": "#a11y-checklist"
+      },
+      "digest": "Every Blazor component must: use @inject not constructor injection, define loading and error states, implement IDisposable for event subscriptions, use CancellationToken for async ops. Fluent UI: use DataGrid not custom tables, FluentDialog for modals, FluentTooltip for hints. No hardcoded colors."
     },
     {
       "id": "frontend-blazor-fluent-ui-setup",
@@ -476,7 +746,13 @@
       "tags": [
         "frontend",
         "blazor"
-      ]
+      ],
+      "aliases": ["fluent ui setup", "blazor fluent", "Microsoft Fluent UI", "FluentUI install"],
+      "anchors": {
+        "setup": "#package-setup",
+        "theme": "#theme-configuration"
+      },
+      "digest": "Install Microsoft.FluentUI.AspNetCore.Components. Register: builder.Services.AddFluentUIComponents(). Add <FluentDesignTheme> to MainLayout.razor. Install FluentIcons package separately. Set CachingEnabled=true for icons in production. Configure theme via --accent-color CSS variable in app.css."
     },
     {
       "id": "frontend-blazor-fluent-ui",
@@ -487,7 +763,13 @@
       "tags": [
         "frontend",
         "blazor"
-      ]
+      ],
+      "aliases": ["fluent ui components", "FluentDataGrid", "FluentDialog", "FluentButton", "FluentCombobox"],
+      "anchors": {
+        "grid": "#data-grid",
+        "forms": "#form-components"
+      },
+      "digest": "Use FluentDataGrid with virtualization for >100 rows. FluentDialog requires DialogService injection. FluentTextField uses @bind-Value. FluentCombobox with @bind-Value and TOption type param. Never mix FluentUI and MudBlazor in the same project. Use Appearance enum for button variants."
     },
     {
       "id": "frontend-blazor-html-conversion",
@@ -498,7 +780,13 @@
       "tags": [
         "frontend",
         "blazor"
-      ]
+      ],
+      "aliases": ["html to blazor", "blazor migration", "html conversion", "razor conversion"],
+      "anchors": {
+        "mapping": "#html-to-blazor-mapping",
+        "components": "#component-patterns"
+      },
+      "digest": "Convert <div> containers to <FluentStack> or <FluentGrid>. Replace <input> with FluentTextField/FluentCheckbox/FluentSelect. Convert <table> to FluentDataGrid. Replace class= with Class=. Event handlers: onclick → @onclick. Use CascadingValue for theme propagation. Blazor-specific: @ref, @key, @bind."
     },
     {
       "id": "frontend-blazor-lifecycle",
@@ -509,7 +797,13 @@
       "tags": [
         "frontend",
         "blazor"
-      ]
+      ],
+      "aliases": ["blazor lifecycle", "OnInitialized", "OnAfterRender", "StateHasChanged", "component lifecycle"],
+      "anchors": {
+        "hooks": "#lifecycle-hooks",
+        "async": "#async-patterns"
+      },
+      "digest": "OnInitializedAsync for data loading (not constructor or OnInitialized). JSInterop only in OnAfterRenderAsync(firstRender:true). Dispose event subscriptions in IDisposable.Dispose(). Call StateHasChanged() after async state changes from non-UI threads. Cancel background work with CancellationTokenSource in Dispose()."
     },
     {
       "id": "frontend-blazor-pitfalls",
@@ -520,7 +814,13 @@
       "tags": [
         "frontend",
         "blazor"
-      ]
+      ],
+      "aliases": ["blazor anti-patterns", "blazor mistakes", "blazor gotchas", "blazor bugs", "common errors"],
+      "anchors": {
+        "concurrency": "#concurrency-pitfalls",
+        "memory": "#memory-leaks"
+      },
+      "digest": "Never inject DbContext directly — use IDbContextFactory. Avoid async void event handlers (use async Task). Route parameters need [Parameter] attribute. Use EventCallback<T> not Action<T> for parent-child callbacks. Dispose HttpClient connections, SignalR connections, and timers in IDisposable."
     },
     {
       "id": "frontend-blazor-state",
@@ -531,7 +831,30 @@
       "tags": [
         "frontend",
         "blazor"
-      ]
+      ],
+      "aliases": ["blazor state", "cascading value", "state container", "component state", "Fluxor"],
+      "anchors": {
+        "patterns": "#state-patterns",
+        "sharing": "#state-sharing"
+      },
+      "digest": "CascadingParameter for app-wide state (auth, theme). Scoped services as state containers for per-user state. Local component state with private fields + StateHasChanged. Never store state in static fields — use DI. localStorage via IJSRuntime for persistence. Fluxor for complex state with multiple consumers."
+    },
+    {
+      "id": "frontend-design-system-aesthetic-direction",
+      "name": "aesthetic direction",
+      "path": "frontend/design-system/aesthetic-direction.md",
+      "category": "frontend",
+      "subcategory": "design-system",
+      "tags": [
+        "frontend",
+        "design-system"
+      ],
+      "aliases": ["aesthetic direction", "visual design", "brand identity", "design language", "design tone"],
+      "anchors": {
+        "principles": "#design-principles",
+        "tokens": "#design-tokens"
+      },
+      "digest": "Define aesthetic direction before generating mockups: tone (professional/playful), density (compact/spacious), brand colors (primary, secondary, accent). Document in design-system.md. All UI decisions derive from aesthetic direction — never use arbitrary colors or spacing values."
     },
     {
       "id": "frontend-design-system-animations",
@@ -542,7 +865,13 @@
       "tags": [
         "frontend",
         "design-system"
-      ]
+      ],
+      "aliases": ["animations", "transitions", "motion", "CSS animations", "keyframes", "prefers-reduced-motion"],
+      "anchors": {
+        "tokens": "#animation-tokens",
+        "principles": "#motion-principles"
+      },
+      "digest": "Use CSS custom properties for durations: --duration-fast (100ms), --duration-normal (200ms), --duration-slow (300ms). Prefer transform/opacity for GPU-accelerated animations. Always respect prefers-reduced-motion. No decorative animations over 300ms. Ease-out for entrances, ease-in for exits."
     },
     {
       "id": "frontend-design-system-naming",
@@ -553,7 +882,13 @@
       "tags": [
         "frontend",
         "design-system"
-      ]
+      ],
+      "aliases": ["BEM", "CSS naming", "class naming", "design token naming", "component naming"],
+      "anchors": {
+        "blocks": "#bem-blocks",
+        "tokens": "#token-naming"
+      },
+      "digest": "BEM for CSS: .block__element--modifier. Design tokens: --color-primary-500, --spacing-4, --font-size-base. Component names PascalCase (Blazor) / kebab-case (CSS). No generic names (blue, big). Semantic names only: --color-action, --spacing-page-gutter. Tokens are the single source of truth."
     },
     {
       "id": "frontend-nextjs-app-router",
@@ -564,7 +899,13 @@
       "tags": [
         "frontend",
         "nextjs"
-      ]
+      ],
+      "aliases": ["app router", "Next.js 14", "server components", "app directory", "RSC"],
+      "anchors": {
+        "layout": "#layout-patterns",
+        "routing": "#routing-patterns"
+      },
+      "digest": "Server Components by default — only add 'use client' when needed (interactivity, browser APIs, hooks). Layouts persist across navigations. Parallel Routes with @folder for simultaneous views. Route Groups with (folder) to organize without affecting URL. Use generateMetadata() for dynamic SEO metadata."
     },
     {
       "id": "frontend-nextjs-components",
@@ -575,7 +916,13 @@
       "tags": [
         "frontend",
         "nextjs"
-      ]
+      ],
+      "aliases": ["react components", "server component", "client component", "shadcn/ui", "UI components"],
+      "anchors": {
+        "patterns": "#component-patterns",
+        "shadcn": "#shadcn-usage"
+      },
+      "digest": "Server Components for data fetching and static content. Client Components for interactivity. shadcn/ui components are copy-paste — customize in src/components/ui/. Never use index.tsx for named exports. One component per file. Avoid prop drilling — use composition or Context API."
     },
     {
       "id": "frontend-nextjs-data-fetching",
@@ -586,7 +933,13 @@
       "tags": [
         "frontend",
         "nextjs"
-      ]
+      ],
+      "aliases": ["TanStack Query", "react-query", "server actions", "data fetching", "useQuery"],
+      "anchors": {
+        "server": "#server-fetching",
+        "client": "#client-fetching"
+      },
+      "digest": "Server Components: fetch() with caching tags for static/ISR. Client Components: TanStack Query useQuery/useMutation for client-side state. Server Actions for mutations from Client Components. Never fetch in useEffect — use TanStack Query. Set revalidate intervals for ISR. Use React Suspense for loading states."
     },
     {
       "id": "frontend-nextjs-forms",
@@ -597,7 +950,13 @@
       "tags": [
         "frontend",
         "nextjs"
-      ]
+      ],
+      "aliases": ["react-hook-form", "Zod", "form validation", "Server Actions forms", "useFormState"],
+      "anchors": {
+        "validation": "#zod-schemas",
+        "submission": "#form-submission"
+      },
+      "digest": "react-hook-form with Zod resolver for client forms. Define Zod schema before component. Server Actions for mutations: 'use server' directive. Use useFormState/useActionState for Server Action feedback. Never submit to API routes — use Server Actions or React Query mutations. Display field-level errors from Zod."
     },
     {
       "id": "frontend-nextjs-naming-conventions",
@@ -608,7 +967,13 @@
       "tags": [
         "frontend",
         "nextjs"
-      ]
+      ],
+      "aliases": ["naming conventions", "file naming", "component naming", "Next.js naming", "TypeScript naming"],
+      "anchors": {
+        "files": "#file-naming",
+        "components": "#component-naming"
+      },
+      "digest": "Pages: lowercase kebab-case (user-profile/page.tsx). Components: PascalCase (UserProfile.tsx). Hooks: camelCase with 'use' prefix (useUserProfile.ts). API routes: kebab-case. Types: PascalCase. No default exports except page.tsx and layout.tsx. Feature-based co-location preferred."
     },
     {
       "id": "frontend-nextjs-nextjs-patterns",
@@ -619,7 +984,13 @@
       "tags": [
         "frontend",
         "nextjs"
-      ]
+      ],
+      "aliases": ["Next.js patterns", "middleware", "auth patterns", "caching patterns", "image optimization"],
+      "anchors": {
+        "auth": "#auth-patterns",
+        "caching": "#caching-patterns"
+      },
+      "digest": "Middleware for auth redirects (use matcher config). next/image for all images (auto-optimization). next/link for navigation (prefetching). loading.tsx for Suspense boundaries per route. error.tsx for error boundaries. Use unstable_cache for expensive server computations with tag-based revalidation."
     },
     {
       "id": "frontend-nextjs-project-structure",
@@ -630,7 +1001,13 @@
       "tags": [
         "frontend",
         "nextjs"
-      ]
+      ],
+      "aliases": ["project structure", "folder structure", "src directory", "app directory organization"],
+      "anchors": {
+        "structure": "#directory-structure",
+        "organization": "#feature-organization"
+      },
+      "digest": "src/app/ for routes, src/components/ for shared UI, src/lib/ for utilities, src/hooks/ for custom hooks, src/types/ for TypeScript types. Co-locate feature components near their routes. Public API via components/index.ts. Avoid barrel files in app/ directory. Keep pages thin — logic in hooks and utilities."
     },
     {
       "id": "frontend-nextjs-state-management",
@@ -641,7 +1018,13 @@
       "tags": [
         "frontend",
         "nextjs"
-      ]
+      ],
+      "aliases": ["zustand", "React context", "global state", "state management", "client state"],
+      "anchors": {
+        "patterns": "#state-patterns",
+        "server": "#server-state"
+      },
+      "digest": "TanStack Query for server state (caching, background sync, optimistic updates). Zustand for global client state (auth, theme, user preferences). URL params for shareable UI state (filters, pagination). useState for local component state. Avoid Redux — Zustand is sufficient for most Next.js use cases."
     },
     {
       "id": "frontend-nextjs-testing",
@@ -652,7 +1035,13 @@
       "tags": [
         "frontend",
         "nextjs"
-      ]
+      ],
+      "aliases": ["vitest", "jest", "testing-library", "Playwright", "Next.js testing", "component tests"],
+      "anchors": {
+        "unit": "#unit-tests",
+        "e2e": "#e2e-tests"
+      },
+      "digest": "Vitest for unit tests, React Testing Library for component tests. Mock next/navigation with vi.mock. Test Server Actions with direct function calls. Use MSW for API mocking in component tests. Playwright for E2E tests against running app. Never test implementation details — test user behavior and output."
     },
     {
       "id": "infrastructure-azure-azure",
@@ -663,7 +1052,13 @@
       "tags": [
         "infrastructure",
         "azure"
-      ]
+      ],
+      "aliases": ["azure", "Azure setup", "resource group", "subscription", "azure baseline"],
+      "anchors": {
+        "resources": "#core-resources",
+        "security": "#security-baseline"
+      },
+      "digest": "Organize resources by resource groups per environment (dev/staging/prod). Use managed identities for service-to-service auth — never service principals or keys in code. Tag all resources (env, project, owner). Enable diagnostic settings for all services. All secrets in Key Vault. Apply Azure Policy for compliance guardrails."
     },
     {
       "id": "infrastructure-azure-bicep-bicep-patterns",
@@ -675,7 +1070,13 @@
         "infrastructure",
         "azure",
         "bicep"
-      ]
+      ],
+      "aliases": ["bicep", "ARM template", "IaC", "infrastructure as code", "resource deployment"],
+      "anchors": {
+        "modules": "#module-patterns",
+        "parameters": "#parameter-files"
+      },
+      "digest": "Structure as main.bicep + modules/. Parameters in parameters.{env}.bicepparams. Use @secure() for secrets — never hardcode. Run What-If before apply. Use existing keyword for cross-RG references. Modules are reusable units — never duplicate resource blocks. Deploy via CI/CD pipeline, not ad hoc."
     },
     {
       "id": "infrastructure-azure-devops-azure-devops-setup",
@@ -687,7 +1088,13 @@
         "infrastructure",
         "azure",
         "devops"
-      ]
+      ],
+      "aliases": ["azure devops", "ADO", "pipelines", "YAML pipeline", "azure-pipelines.yml"],
+      "anchors": {
+        "setup": "#organization-setup",
+        "pipelines": "#pipeline-setup"
+      },
+      "digest": "YAML pipelines checked into repo — no classic editor. Separate environments: dev, staging, prod with approval gates. Service connections use managed identity (no service principals). Variable groups for per-env config. Artifacts feed for private NuGet packages. Branch policies require PR + CI for main/develop."
     },
     {
       "id": "infrastructure-azure-devops-local-development",
@@ -699,7 +1106,13 @@
         "infrastructure",
         "azure",
         "devops"
-      ]
+      ],
+      "aliases": ["local dev", "azurite", "local azure", "dev container", "local secrets", "dotnet user-secrets"],
+      "anchors": {
+        "emulators": "#local-emulators",
+        "secrets": "#local-secrets"
+      },
+      "digest": "Use Azurite for local Blob/Queue/Table storage emulation. dotnet user-secrets for local credentials — never .env files committed to git. Use Connection String for local, Managed Identity for deployed. Dev containers for reproducible environments. Local HTTPS with ASP.NET dev certificates."
     },
     {
       "id": "infrastructure-azure-services-functions",
@@ -711,7 +1124,13 @@
         "infrastructure",
         "azure",
         "services"
-      ]
+      ],
+      "aliases": ["Azure Functions", "serverless", "function app", "timer trigger", "HTTP trigger", "Durable Functions"],
+      "anchors": {
+        "triggers": "#trigger-types",
+        "bindings": "#input-output-bindings"
+      },
+      "digest": "Use isolated worker model (.NET 8+). HTTP triggers for API endpoints, Timer triggers for scheduled work, Service Bus triggers for event processing. Configure scale-out limits to prevent runaway costs. Durable Functions for long-running orchestrations. Deploy with deployment slots for zero-downtime."
     },
     {
       "id": "infrastructure-azure-services-service-bus",
@@ -723,7 +1142,13 @@
         "infrastructure",
         "azure",
         "services"
-      ]
+      ],
+      "aliases": ["service bus", "message queue", "topics", "subscriptions", "dead letter queue"],
+      "anchors": {
+        "setup": "#namespace-setup",
+        "patterns": "#messaging-patterns"
+      },
+      "digest": "Topics+subscriptions for pub/sub, queues for point-to-point. Set MaxDeliveryCount=10 for retry limit. Monitor dead letter queue. Use message sessions for ordered processing. Implement idempotent handlers (check processed message IDs). Use managed identity for authentication. Prefetch for high-throughput consumers."
     },
     {
       "id": "infrastructure-azure-services-storage",
@@ -735,7 +1160,13 @@
         "infrastructure",
         "azure",
         "services"
-      ]
+      ],
+      "aliases": ["azure storage", "blob", "table storage", "queue storage", "storage account tiers"],
+      "anchors": {
+        "tiers": "#storage-tiers",
+        "security": "#access-control"
+      },
+      "digest": "Hot tier for frequently accessed, cool for infrequent, archive for compliance. Always use managed identity — not storage keys. Enable versioning + soft delete for business data. Lifecycle management rules for cost optimization. Private endpoints for secure access from VNet. CDN for public static assets."
     },
     {
       "id": "infrastructure-docker-easypanel-deploy",
@@ -746,7 +1177,13 @@
       "tags": [
         "infrastructure",
         "docker"
-      ]
+      ],
+      "aliases": ["easypanel", "docker deploy", "self-hosted", "VPS deployment", "docker compose"],
+      "anchors": {
+        "setup": "#easypanel-setup",
+        "deployment": "#deployment-flow"
+      },
+      "digest": "Create app in EasyPanel from container registry image. Configure environment variables in EasyPanel UI — not in Dockerfile. Use EasyPanel's managed Postgres/Redis for databases. Configure /health endpoint for health checks. Enable HTTPS via Let's Encrypt automatically. Use EasyPanel volumes for persistent storage."
     },
     {
       "id": "infrastructure-supabase-mcp-setup",
@@ -757,7 +1194,13 @@
       "tags": [
         "infrastructure",
         "supabase"
-      ]
+      ],
+      "aliases": ["supabase MCP", "supabase tools", "supabase configuration", "MCP supabase"],
+      "anchors": {
+        "setup": "#mcp-configuration",
+        "tools": "#available-tools"
+      },
+      "digest": "Configure Supabase MCP server with project URL and service_role key in .claude/settings.json. Use MCP tools for schema inspection, query execution, and migration management. Never expose service_role key client-side. Set up anon key for client SDK. Enable in Claude settings for database introspection during design phase."
     },
     {
       "id": "infrastructure-supabase-supabase-auth",
@@ -768,7 +1211,13 @@
       "tags": [
         "infrastructure",
         "supabase"
-      ]
+      ],
+      "aliases": ["supabase auth", "magic link", "OAuth", "JWT supabase", "row level security auth"],
+      "anchors": {
+        "setup": "#auth-setup",
+        "providers": "#auth-providers"
+      },
+      "digest": "Use Supabase Auth for magic links, OAuth (Google, GitHub), phone OTP. Configure site URL and redirect URLs in dashboard. Server-side: use supabase.auth.getUser() not getSession(). Enable email confirmations for production. JWT expiry 3600s. RLS policies must reference auth.uid() for user isolation."
     },
     {
       "id": "infrastructure-supabase-supabase-pgvector",
@@ -779,7 +1228,13 @@
       "tags": [
         "infrastructure",
         "supabase"
-      ]
+      ],
+      "aliases": ["pgvector", "vector embeddings", "similarity search", "supabase vectors", "HNSW index"],
+      "anchors": {
+        "setup": "#pgvector-setup",
+        "queries": "#similarity-queries"
+      },
+      "digest": "Enable: CREATE EXTENSION vector. Define column as vector(1536) for OpenAI embeddings. Create HNSW index: CREATE INDEX USING hnsw (embedding vector_cosine_ops). Use match_documents() RPC for similarity search. Batch insert embeddings (100 at a time). RLS policies apply to vector queries like all other tables."
     },
     {
       "id": "infrastructure-supabase-supabase-rls",
@@ -790,7 +1245,13 @@
       "tags": [
         "infrastructure",
         "supabase"
-      ]
+      ],
+      "aliases": ["RLS", "row level security", "postgres policies", "multi-tenant security", "supabase policies"],
+      "anchors": {
+        "policies": "#rls-policies",
+        "patterns": "#tenant-patterns"
+      },
+      "digest": "Enable RLS on every table: ALTER TABLE ... ENABLE ROW LEVEL SECURITY. User isolation: USING (auth.uid() = user_id). Multi-tenant: USING (tenant_id = (auth.jwt()->>'tenant_id')::uuid). Test policies with SET LOCAL ROLE anon. Service role bypasses RLS — use only server-side. Never rely on application-level security alone."
     },
     {
       "id": "infrastructure-supabase-supabase-storage",
@@ -801,7 +1262,13 @@
       "tags": [
         "infrastructure",
         "supabase"
-      ]
+      ],
+      "aliases": ["supabase storage", "file uploads", "storage buckets", "storage policies", "signed URLs"],
+      "anchors": {
+        "buckets": "#bucket-setup",
+        "policies": "#storage-policies"
+      },
+      "digest": "Public buckets for CDN-served assets, private for user files (signed URLs). Storage policies use same RLS syntax as tables. Upload: supabase.storage.from('bucket').upload(path, file). Signed URLs: createSignedUrl(path, 3600). Set content-type on upload. Enable image transformations for on-the-fly resizing."
     },
     {
       "id": "integration-api-graphql",
@@ -812,7 +1279,13 @@
       "tags": [
         "integration",
         "api"
-      ]
+      ],
+      "aliases": ["graphql", "Hot Chocolate", "GraphQL schema", "query", "mutation", "subscription"],
+      "anchors": {
+        "setup": "#hot-chocolate-setup",
+        "patterns": "#schema-patterns"
+      },
+      "digest": "Use Hot Chocolate for .NET GraphQL. Define types with [GraphQLType], mutations with [UseMutationConvention]. Enable pagination with [UsePaging]. Use DataLoader to prevent N+1 queries. Add [Authorize] for field-level security. Never expose internal exceptions — use custom error types. Enable introspection only in dev."
     },
     {
       "id": "integration-api-grpc",
@@ -823,7 +1296,13 @@
       "tags": [
         "integration",
         "api"
-      ]
+      ],
+      "aliases": ["grpc", "protobuf", ".proto files", "gRPC service", "server streaming"],
+      "anchors": {
+        "proto": "#proto-design",
+        "patterns": "#service-patterns"
+      },
+      "digest": "Define .proto files first, generate C# stubs. Use proto3 syntax. Unary for request-response, server streaming for real-time data. GrpcChannel with managed credentials. Add grpc-health-probe for health checks. Prefer REST for external APIs, gRPC for internal service-to-service. Use Buf for proto linting and schema registry."
     },
     {
       "id": "integration-api-rest-design",
@@ -834,7 +1313,13 @@
       "tags": [
         "integration",
         "api"
-      ]
+      ],
+      "aliases": ["REST design", "RESTful API", "HTTP API design", "resource naming", "API versioning"],
+      "anchors": {
+        "resources": "#resource-naming",
+        "errors": "#error-handling"
+      },
+      "digest": "Resources are nouns, HTTP verbs are actions: GET /users, POST /users, PUT /users/{id}, DELETE /users/{id}. 201+Location for creation, 204 for deletion. RFC 9457 ProblemDetails for errors. Cursor-based pagination for large collections. URL versioning (/api/v1/). HATEOAS links for discoverable APIs."
     },
     {
       "id": "integration-event-driven-cqrs",
@@ -845,7 +1330,13 @@
       "tags": [
         "integration",
         "event-driven"
-      ]
+      ],
+      "aliases": ["CQRS", "command query separation", "MediatR", "read model", "write model"],
+      "anchors": {
+        "commands": "#command-patterns",
+        "queries": "#query-patterns"
+      },
+      "digest": "Commands mutate state, queries read state — never mix. Commands return void or Result (not data). Queries return DTOs (not domain entities). Use MediatR for in-process CQRS. Validate commands at API boundary before handler. Read models can be denormalized for query performance."
     },
     {
       "id": "integration-event-driven-event-sourcing",
@@ -856,7 +1347,13 @@
       "tags": [
         "integration",
         "event-driven"
-      ]
+      ],
+      "aliases": ["event sourcing", "event store", "event replay", "aggregate events", "append-only log"],
+      "anchors": {
+        "events": "#domain-events",
+        "replay": "#event-replay"
+      },
+      "digest": "Store events as immutable past-tense facts: OrderCreated, PaymentProcessed. Aggregate rebuilds state from event stream. Take snapshots for aggregates with >100 events. Use EventStoreDB or CosmosDB change feed for storage. Projections build read models from events. Never delete events — use correction events."
     },
     {
       "id": "integration-event-driven-service-bus",
@@ -867,7 +1364,13 @@
       "tags": [
         "integration",
         "event-driven"
-      ]
+      ],
+      "aliases": ["service bus integration", "message broker", "event bus", "publisher", "consumer"],
+      "anchors": {
+        "topics": "#topic-subscription",
+        "patterns": "#integration-patterns"
+      },
+      "digest": "Publish domain events to Service Bus after aggregate persistence (transactional outbox). Consumers must be idempotent — check processed message IDs. Use correlation IDs for distributed tracing. Message envelope includes schema version. Consumer groups enable event replay. Monitor dead letter queue in production."
     },
     {
       "id": "integration-mcp-mcp-tools",
@@ -878,7 +1381,13 @@
       "tags": [
         "integration",
         "mcp"
-      ]
+      ],
+      "aliases": ["MCP", "Model Context Protocol", "Claude tools", "MCP server", "MCP client"],
+      "anchors": {
+        "tools": "#tool-definitions",
+        "setup": "#server-setup"
+      },
+      "digest": "MCP tools extend Claude with external data and actions. Tools are synchronous request-response with typed inputSchema. Resources provide read-only data access. Prompts are reusable templates. Register MCP servers in .claude/settings.json. Prefer @context7 for live library docs. Test tools with MCP Inspector before integrating."
     },
     {
       "id": "observability-logging",
@@ -888,7 +1397,13 @@
       "subcategory": null,
       "tags": [
         "observability"
-      ]
+      ],
+      "aliases": ["logging", "serilog", "ILogger", "structured logging", "log levels", "Application Insights"],
+      "anchors": {
+        "setup": "#serilog-setup",
+        "patterns": "#logging-patterns"
+      },
+      "digest": "Use Serilog with structured logging. Sinks: Console (dev), Application Insights (prod). Inject ILogger<T> — never static Logger. Log levels: Debug for trace, Information for business events, Warning for recoverable, Error for failures. Include correlation IDs in all logs. Never log PII or credentials."
     },
     {
       "id": "observability-metrics",
@@ -898,7 +1413,13 @@
       "subcategory": null,
       "tags": [
         "observability"
-      ]
+      ],
+      "aliases": ["metrics", "prometheus", "OpenTelemetry metrics", "custom metrics", "counters", "histograms"],
+      "anchors": {
+        "setup": "#metrics-setup",
+        "instruments": "#metric-types"
+      },
+      "digest": "System.Diagnostics.Metrics API for .NET. Register meters: builder.Services.AddMetrics(). Types: Counter (total count), Histogram (latency distribution), Gauge (current value). Export to Prometheus or Azure Monitor. Tag dimensions: environment, service, version. Define SLIs from business metrics, not technical ones."
     },
     {
       "id": "observability-monitoring",
@@ -908,7 +1429,13 @@
       "subcategory": null,
       "tags": [
         "observability"
-      ]
+      ],
+      "aliases": ["monitoring", "alerts", "dashboards", "Application Insights", "health checks", "SLA"],
+      "anchors": {
+        "alerts": "#alert-rules",
+        "dashboards": "#dashboard-setup"
+      },
+      "digest": "Health checks: /health for liveness, /health/ready for readiness. Application Insights for distributed tracing. SLA-based alerts: p99 latency, error rate >1%, availability <99.9%. Azure Workbooks dashboards per feature. Availability tests for external endpoints. Each alert has an on-call runbook."
     },
     {
       "id": "observability-tracing",
@@ -918,7 +1445,13 @@
       "subcategory": null,
       "tags": [
         "observability"
-      ]
+      ],
+      "aliases": ["tracing", "OpenTelemetry", "distributed trace", "spans", "W3C TraceContext"],
+      "anchors": {
+        "setup": "#otel-setup",
+        "propagation": "#context-propagation"
+      },
+      "digest": "Add OpenTelemetry SDK. Auto-instrument HTTP, SQL, Service Bus. Propagate W3C TraceContext across services. Custom spans for business operations: using var span = tracer.StartActiveSpan('operation'). Export to Azure Monitor or Jaeger. Sampling: 10% in prod, 100% for errors. Correlate traces with logs via trace ID."
     },
     {
       "id": "workflows-parallel-execution",
@@ -928,7 +1461,13 @@
       "subcategory": null,
       "tags": [
         "workflows"
-      ]
+      ],
+      "aliases": ["parallel", "Task.WhenAll", "concurrent", "parallelism", "async parallel", "Parallel.ForEachAsync"],
+      "anchors": {
+        "patterns": "#parallel-patterns",
+        "throttling": "#concurrency-limits"
+      },
+      "digest": "Task.WhenAll for I/O-bound independent parallel ops. Parallel.ForEachAsync with CancellationToken for CPU-bound batches. SemaphoreSlim for concurrency limiting. Channel<T> for producer-consumer. Never Task.WhenAll with DbContext — use separate factory-created instances per task. Measure actual benefit before adding parallelism."
     },
     {
       "id": "workflows-thread-management",
@@ -938,7 +1477,13 @@
       "subcategory": null,
       "tags": [
         "workflows"
-      ]
+      ],
+      "aliases": ["threads", "ThreadPool", "ConfigureAwait", "deadlock prevention", "async void", "synchronization"],
+      "anchors": {
+        "patterns": "#thread-patterns",
+        "deadlocks": "#deadlock-prevention"
+      },
+      "digest": "Use async/await throughout — never mix blocking calls (.Result, .Wait()). ConfigureAwait(false) in library code. Never Thread.Sleep — use Task.Delay with CancellationToken. Lock-free with Interlocked for counters, ConcurrentDictionary for shared state. ThreadPool.QueueUserWorkItem only for truly detached background work."
     }
   ]
 }