@relipa/ai-flow-kit 0.0.3 → 0.0.4-beta.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AIFLOW.md +27 -1
- package/QUICK_START.md +8 -4
- package/README.md +8 -0
- package/custom/templates/laravel.md +15 -90
- package/custom/templates/nestjs.md +72 -0
- package/custom/templates/nextjs.md +14 -89
- package/custom/templates/nodejs-express.md +73 -0
- package/custom/templates/python-django.md +71 -0
- package/custom/templates/python-fastapi.md +54 -0
- package/custom/templates/reactjs.md +492 -567
- package/custom/templates/shared/gate-workflow.md +72 -0
- package/custom/templates/spring-boot.md +523 -598
- package/custom/templates/tools/copilot.md +6 -0
- package/custom/templates/tools/cursor.md +6 -0
- package/custom/templates/tools/gemini.md +6 -0
- package/custom/templates/tools/generic.md +10 -0
- package/custom/templates/vue-nuxt.md +14 -89
- package/docs/ai-integration.md +53 -0
- package/docs/developer-overview.md +122 -0
- package/package.json +1 -1
- package/scripts/init.js +57 -19
- package/scripts/prompt.js +12 -2
package/AIFLOW.md
CHANGED
|
@@ -72,7 +72,12 @@ claude # open Claude → AI auto-starts Gate 1
|
|
|
72
72
|
```
|
|
73
73
|
|
|
74
74
|
> `aiflow prompt` is optional — use it only when pasting into Claude Desktop/Web.
|
|
75
|
-
>
|
|
75
|
+
>
|
|
76
|
+
> **Tool Support:**
|
|
77
|
+
> - **Claude Code:** AI auto-starts Gate 1 via SessionStart hook.
|
|
78
|
+
> - **Cursor:** Instructions in `.cursorrules` enforce the Gate Workflow.
|
|
79
|
+
> - **Gemini CLI:** Rules in `GEMINI.md` guide the session.
|
|
80
|
+
> - **Copilot:** Instructions in `.github/copilot-instructions.md`.
|
|
76
81
|
|
|
77
82
|
**What AI does (in order):**
|
|
78
83
|
|
|
@@ -408,6 +413,27 @@ aiflow guide # view quickstart guide
|
|
|
408
413
|
|
|
409
414
|
---
|
|
410
415
|
|
|
416
|
+
## Multi-AI Environment Setup
|
|
417
|
+
|
|
418
|
+
One of the core strengths of `ai-flow-kit` is that the **Gate Workflow** is tool-agnostic. Since state is saved in `.claude/context/current.json` and the `plan/` directory, you can switch tools mid-task.
|
|
419
|
+
|
|
420
|
+
### How to Switch Tools
|
|
421
|
+
1. **Analyze (Gate 1)** using Claude Code CLI (great for deep codebase scans).
|
|
422
|
+
2. **Review** the `requirement.md` file.
|
|
423
|
+
3. **Open Cursor** to perform the coding (Gate 3).
|
|
424
|
+
4. Cursor will automatically read `.cursorrules`, detect the active ticket, and see that Gate 1 is already finished.
|
|
425
|
+
5. Cursor will proceed to Gate 2 or 3 as appropriate.
|
|
426
|
+
|
|
427
|
+
### Instruction Files Created
|
|
428
|
+
| Tool | File Name | Purpose |
|
|
429
|
+
|------|-----------|---------|
|
|
430
|
+
| Claude Code | `CLAUDE.md` | Primary rules for the CLI tool. |
|
|
431
|
+
| Cursor AI | `.cursorrules` | Project-wide rules for Cursor. |
|
|
432
|
+
| Gemini CLI | `GEMINI.md` | Context for Gemini sessions. |
|
|
433
|
+
| Copilot | `.github/copilot-instructions.md` | Custom instructions for Copilot. |
|
|
434
|
+
|
|
435
|
+
---
|
|
436
|
+
|
|
411
437
|
## FAQ
|
|
412
438
|
|
|
413
439
|
**Q: PM didn't write enough on the ticket, what happens?**
|
package/QUICK_START.md
CHANGED
|
@@ -90,7 +90,11 @@ claude # AI auto-starts Gate 1 immediately
|
|
|
90
90
|
```
|
|
91
91
|
|
|
92
92
|
> **Note:** `aiflow prompt` is optional — only needed when pasting into Claude Desktop/Web.
|
|
93
|
-
>
|
|
93
|
+
>
|
|
94
|
+
> **Multi-Tool Support:**
|
|
95
|
+
> - If using **Cursor**: Gate Workflow is enforced via `.cursorrules`.
|
|
96
|
+
> - If using **Gemini CLI**: Rules are loaded from `GEMINI.md`.
|
|
97
|
+
> - The AI will automatically detect if you are mid-task by reading `.claude/context/current.json`.
|
|
94
98
|
|
|
95
99
|
### Step 3: GATE 1 — AI Analyzes Requirement
|
|
96
100
|
|
|
@@ -283,10 +287,10 @@ claude # AI auto-starts: map dependencies → ass
|
|
|
283
287
|
|
|
284
288
|
```bash
|
|
285
289
|
# Setup
|
|
286
|
-
aiflow init --framework
|
|
290
|
+
aiflow init --framework nestjs --adapter backlog
|
|
291
|
+
aiflow init --framework spring-boot --env cursor # optimize for Cursor
|
|
287
292
|
aiflow doctor # health check
|
|
288
|
-
aiflow
|
|
289
|
-
aiflow update --force # force update (same version)
|
|
293
|
+
aiflow guide # multi-tool guide
|
|
290
294
|
|
|
291
295
|
# Per task
|
|
292
296
|
aiflow use PROJ-33 # load ticket context
|
package/README.md
CHANGED
|
@@ -16,6 +16,7 @@ Developers only need a single command to load ticket context → AI automaticall
|
|
|
16
16
|
| New plugins (superpowers, MCP...) require manual setup | Package auto-sets up hooks, skills, and MCP on init |
|
|
17
17
|
| Missing investigation / bug reproduction flow | Skill `investigate-bug` (inherits systematic-debugging) |
|
|
18
18
|
| Missing impact analysis flow | Skill `impact-analysis` |
|
|
19
|
+
| Hard to resume tasks | **State Resumption**: Unified `plan/` docs and context across tools |
|
|
19
20
|
|
|
20
21
|
---
|
|
21
22
|
|
|
@@ -98,6 +99,13 @@ npm install -g @relipa/ai-flow-kit
|
|
|
98
99
|
|
|
99
100
|
## Commands
|
|
100
101
|
|
|
102
|
+
| Command | Description |
|
|
103
|
+
|---------|-------------|
|
|
104
|
+
| `aiflow init` | Setup framework, adapters, and multi-AI rules. |
|
|
105
|
+
| `aiflow use <ticket>` | Load ticket context (Backlog/Jira). |
|
|
106
|
+
| `aiflow prompt` | Generate tool-optimized prompts (`--env cursor`). |
|
|
107
|
+
| `aiflow guide` | View integrated multi-AI integration guide. |
|
|
108
|
+
|
|
101
109
|
### `aiflow init`
|
|
102
110
|
|
|
103
111
|
Initial setup for the project. Run once per project.
|
|
@@ -1,90 +1,15 @@
|
|
|
1
|
-
# Laravel AI System Prompt
|
|
2
|
-
|
|
3
|
-
You are an expert Laravel developer. Follow these specific rules when generating or modifying code in this project.
|
|
4
|
-
|
|
5
|
-
---
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
---
|
|
17
|
-
|
|
18
|
-
### GATE 1 — AI Analyze Requirement (auto-start)
|
|
19
|
-
|
|
20
|
-
**INVOKE:** `validate-ticket` skill
|
|
21
|
-
|
|
22
|
-
AI actively reads ticket + source code to understand the requirement:
|
|
23
|
-
1. Read `.claude/context/current.json` — ticket info
|
|
24
|
-
2. Read source code — architecture, related files, data flow
|
|
25
|
-
3. If anything is unclear — ask ONE question at a time, wait for reply
|
|
26
|
-
4. Output `plan/[ticket-id]/requirement.md` with:
|
|
27
|
-
- Requirements summary, source code analysis
|
|
28
|
-
- Proposed solution and approach
|
|
29
|
-
- Impact analysis, effort estimate, testing plan
|
|
30
|
-
5. Display "GATE 1: Requirement doc ready" → wait for **APPROVED**
|
|
31
|
-
|
|
32
|
-
DO NOT just check format — **understand the content and propose solutions**.
|
|
33
|
-
|
|
34
|
-
---
|
|
35
|
-
|
|
36
|
-
### GATE 2 — Implementation Plan (wait for APPROVED)
|
|
37
|
-
|
|
38
|
-
**INVOKE:** `generate-spec` skill, then `superpowers:writing-plans`
|
|
39
|
-
|
|
40
|
-
- Create a detailed TDD implementation plan based on the approved requirement.
|
|
41
|
-
- Display: "GATE 2 PAUSED: type APPROVED to start coding".
|
|
42
|
-
- CODE WILL NOT BE GENERATED until "APPROVED" is received.
|
|
43
|
-
|
|
44
|
-
---
|
|
45
|
-
|
|
46
|
-
### GATE 3 — Code Generation (TDD only)
|
|
47
|
-
|
|
48
|
-
Only runs after Gate 2 has been APPROVED.
|
|
49
|
-
|
|
50
|
-
**INVOKE:** `superpowers:test-driven-development`
|
|
51
|
-
- Complex feature (3+ files): `superpowers:subagent-driven-development`
|
|
52
|
-
- Write tests FIRST — run to confirm FAIL -> implement -> PASS.
|
|
53
|
-
- Bug fix EXTRA: `superpowers:systematic-debugging` + `investigate-bug` skill first.
|
|
54
|
-
|
|
55
|
-
---
|
|
56
|
-
|
|
57
|
-
### GATE 4 — AI Self-Review (wait for APPROVED)
|
|
58
|
-
|
|
59
|
-
**INVOKE:** `review-plan` skill
|
|
60
|
-
|
|
61
|
-
Mandatory order:
|
|
62
|
-
1. `superpowers:verification-before-completion` — all tests must PASS
|
|
63
|
-
2. `impact-analysis` skill — check for breaking changes
|
|
64
|
-
3. `custom/rules/review-checklist.md` — tick each item
|
|
65
|
-
4. Create `plan/[ticket-id]/summary.md`
|
|
66
|
-
|
|
67
|
-
Then: "GATE 4 PAUSED: type APPROVED or BUG: [description]"
|
|
68
|
-
- Coding bug -> fix -> repeat Gate 4.
|
|
69
|
-
- Requirement bug -> return to Gate 1.
|
|
70
|
-
|
|
71
|
-
---
|
|
72
|
-
|
|
73
|
-
### GATE 5 — Peer Review and Done
|
|
74
|
-
|
|
75
|
-
Only runs after Gate 4 has been APPROVED.
|
|
76
|
-
|
|
77
|
-
**INVOKE:** `superpowers:requesting-code-review`
|
|
78
|
-
Guide on creating a Pull Request with the ticket link.
|
|
79
|
-
|
|
80
|
-
---
|
|
81
|
-
|
|
82
|
-
- Use Laravel's built-in tools over custom solutions (e.g., Collections, Eloquent features, built-in validation rules).
|
|
83
|
-
- Keep Controllers thin. Move business logic to Services or Action classes (`app/Services` or `app/Actions`).
|
|
84
|
-
- Use FormRequests for validation, never validate inside the controller logic.
|
|
85
|
-
- Avoid N+1 queries. Always use `with()` when eager loading relationships.
|
|
86
|
-
- Return typed Responses or API Resources, never arbitrary arrays.
|
|
87
|
-
- Use strict typing natively in PHP 8+.
|
|
88
|
-
- Adhere to PSR-12 styling.
|
|
89
|
-
|
|
90
|
-
When explaining changes, refer to Laravel's official documentation conventions.
|
|
1
|
+
# Laravel AI System Prompt
|
|
2
|
+
|
|
3
|
+
You are an expert Laravel developer. Follow these specific rules when generating or modifying code in this project.
|
|
4
|
+
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
- Use Laravel's built-in tools over custom solutions (e.g., Collections, Eloquent features, built-in validation rules).
|
|
8
|
+
- Keep Controllers thin. Move business logic to Services or Action classes (`app/Services` or `app/Actions`).
|
|
9
|
+
- Use FormRequests for validation, never validate inside the controller logic.
|
|
10
|
+
- Avoid N+1 queries. Always use `with()` when eager loading relationships.
|
|
11
|
+
- Return typed Responses or API Resources, never arbitrary arrays.
|
|
12
|
+
- Use strict typing natively in PHP 8+.
|
|
13
|
+
- Adhere to PSR-12 styling.
|
|
14
|
+
|
|
15
|
+
When explaining changes, refer to Laravel's official documentation conventions.
|
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
# NestJS AI System Prompt
|
|
2
|
+
|
|
3
|
+
You are an expert NestJS developer. Follow these modular architecture rules and best practices.
|
|
4
|
+
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
## Project Architecture
|
|
8
|
+
|
|
9
|
+
NestJS follows a strict **Module-based** architecture. Every feature should be contained in its own module.
|
|
10
|
+
|
|
11
|
+
```
|
|
12
|
+
src/
|
|
13
|
+
├── app.module.ts
|
|
14
|
+
├── main.ts
|
|
15
|
+
└── features/
|
|
16
|
+
└── [feature-name]/
|
|
17
|
+
├── [feature].module.ts
|
|
18
|
+
├── [feature].controller.ts
|
|
19
|
+
├── [feature].service.ts
|
|
20
|
+
├── [feature].entity.ts (if using TypeORM)
|
|
21
|
+
└── dto/
|
|
22
|
+
├── create-[feature].dto.ts
|
|
23
|
+
└── update-[feature].dto.ts
|
|
24
|
+
```
|
|
25
|
+
|
|
26
|
+
---
|
|
27
|
+
|
|
28
|
+
## NestJS Rules
|
|
29
|
+
|
|
30
|
+
- Use **Constructor Injection** for all dependencies.
|
|
31
|
+
- Always use **DTOs** (Data Transfer Objects) with `class-validator` for input validation.
|
|
32
|
+
- Annotate controllers with `@Controller()`.
|
|
33
|
+
- Use `@Injectable()` for services.
|
|
34
|
+
- Leverage **Pipes** for data transformation and validation.
|
|
35
|
+
- Leverage **Interceptors** for logging and response mapping.
|
|
36
|
+
|
|
37
|
+
```typescript
|
|
38
|
+
// ✅ Good: DTO with validation
|
|
39
|
+
export class CreateUserDto {
|
|
40
|
+
@IsEmail()
|
|
41
|
+
email: string;
|
|
42
|
+
|
|
43
|
+
@IsString()
|
|
44
|
+
@MinLength(8)
|
|
45
|
+
password: string;
|
|
46
|
+
}
|
|
47
|
+
```
|
|
48
|
+
|
|
49
|
+
---
|
|
50
|
+
|
|
51
|
+
## Testing Rules
|
|
52
|
+
|
|
53
|
+
- Use the built-in **Jest** testing suite.
|
|
54
|
+
- Use `Test.createTestingModule` to create isolated environments for unit tests.
|
|
55
|
+
|
|
56
|
+
```typescript
|
|
57
|
+
describe('UsersService', () => {
|
|
58
|
+
let service: UsersService;
|
|
59
|
+
|
|
60
|
+
beforeEach(async () => {
|
|
61
|
+
const module: TestingModule = await Test.createTestingModule({
|
|
62
|
+
providers: [UsersService],
|
|
63
|
+
}).compile();
|
|
64
|
+
|
|
65
|
+
service = module.get<UsersService>(UsersService);
|
|
66
|
+
});
|
|
67
|
+
|
|
68
|
+
it('should be defined', () => {
|
|
69
|
+
expect(service).toBeDefined();
|
|
70
|
+
});
|
|
71
|
+
});
|
|
72
|
+
```
|
|
@@ -1,89 +1,14 @@
|
|
|
1
|
-
# Next.js AI System Prompt
|
|
2
|
-
|
|
3
|
-
You are an expert React & Next.js developer. Follow these specific rules.
|
|
4
|
-
|
|
5
|
-
---
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
---
|
|
17
|
-
|
|
18
|
-
### GATE 1 — AI Analyze Requirement (auto-start)
|
|
19
|
-
|
|
20
|
-
**INVOKE:** `validate-ticket` skill
|
|
21
|
-
|
|
22
|
-
AI actively reads ticket + source code to understand the requirement:
|
|
23
|
-
1. Read `.claude/context/current.json` — ticket info
|
|
24
|
-
2. Read source code — architecture, related files, data flow
|
|
25
|
-
3. If anything is unclear — ask ONE question at a time, wait for reply
|
|
26
|
-
4. Output `plan/[ticket-id]/requirement.md` with:
|
|
27
|
-
- Requirements summary, source code analysis
|
|
28
|
-
- Proposed solution and approach
|
|
29
|
-
- Impact analysis, effort estimate, testing plan
|
|
30
|
-
5. Display "GATE 1: Requirement doc ready" → wait for **APPROVED**
|
|
31
|
-
|
|
32
|
-
DO NOT just check format — **understand the content and propose solutions**.
|
|
33
|
-
|
|
34
|
-
---
|
|
35
|
-
|
|
36
|
-
### GATE 2 — Implementation Plan (wait for APPROVED)
|
|
37
|
-
|
|
38
|
-
**INVOKE:** `generate-spec` skill, then `superpowers:writing-plans`
|
|
39
|
-
|
|
40
|
-
- Create a detailed TDD implementation plan based on the approved requirement.
|
|
41
|
-
- Display: "GATE 2 PAUSED: type APPROVED to start coding".
|
|
42
|
-
- CODE WILL NOT BE GENERATED until "APPROVED" is received.
|
|
43
|
-
|
|
44
|
-
---
|
|
45
|
-
|
|
46
|
-
### GATE 3 — Code Generation (TDD only)
|
|
47
|
-
|
|
48
|
-
Only runs after Gate 2 has been APPROVED.
|
|
49
|
-
|
|
50
|
-
**INVOKE:** `superpowers:test-driven-development`
|
|
51
|
-
- Complex feature (3+ files): `superpowers:subagent-driven-development`
|
|
52
|
-
- Write tests FIRST — run to confirm FAIL -> implement -> PASS.
|
|
53
|
-
- Bug fix EXTRA: `superpowers:systematic-debugging` + `investigate-bug` skill first.
|
|
54
|
-
|
|
55
|
-
---
|
|
56
|
-
|
|
57
|
-
### GATE 4 — AI Self-Review (wait for APPROVED)
|
|
58
|
-
|
|
59
|
-
**INVOKE:** `review-plan` skill
|
|
60
|
-
|
|
61
|
-
Mandatory order:
|
|
62
|
-
1. `superpowers:verification-before-completion` — all tests must PASS
|
|
63
|
-
2. `impact-analysis` skill — check for breaking changes
|
|
64
|
-
3. `custom/rules/review-checklist.md` — tick each item
|
|
65
|
-
4. Create `plan/[ticket-id]/summary.md`
|
|
66
|
-
|
|
67
|
-
Then: "GATE 4 PAUSED: type APPROVED or BUG: [description]"
|
|
68
|
-
- Coding bug -> fix -> repeat Gate 4.
|
|
69
|
-
- Requirement bug -> return to Gate 1.
|
|
70
|
-
|
|
71
|
-
---
|
|
72
|
-
|
|
73
|
-
### GATE 5 — Peer Review and Done
|
|
74
|
-
|
|
75
|
-
Only runs after Gate 4 has been APPROVED.
|
|
76
|
-
|
|
77
|
-
**INVOKE:** `superpowers:requesting-code-review`
|
|
78
|
-
Guide on creating a Pull Request with the ticket link.
|
|
79
|
-
|
|
80
|
-
---
|
|
81
|
-
|
|
82
|
-
- Use the Next.js App Router (`app/` directory).
|
|
83
|
-
- Default to Server Components. Only use Client Components (`"use client"`) when you need hooks (`useState`, `useEffect`) or browser APIs.
|
|
84
|
-
- For data fetching, prefer native `fetch` with caching logic in Server Components. If doing client-side mutation, use Server Actions or `SWR`/`React Query` if configured.
|
|
85
|
-
- Style with CSS Modules or TailwindCSS (check project configuration).
|
|
86
|
-
- Ensure strict TypeScript typing. Avoid `any` at all costs.
|
|
87
|
-
- Place reusable isolated UI components in `components/ui/` and complex view logic in `components/`.
|
|
88
|
-
|
|
89
|
-
When explaining concepts, focus on SSR, CSR, and hydration best practices.
|
|
1
|
+
# Next.js AI System Prompt
|
|
2
|
+
|
|
3
|
+
You are an expert React & Next.js developer. Follow these specific rules.
|
|
4
|
+
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
- Use the Next.js App Router (`app/` directory).
|
|
8
|
+
- Default to Server Components. Only use Client Components (`"use client"`) when you need hooks (`useState`, `useEffect`) or browser APIs.
|
|
9
|
+
- For data fetching, prefer native `fetch` with caching logic in Server Components. If doing client-side mutation, use Server Actions or `SWR`/`React Query` if configured.
|
|
10
|
+
- Style with CSS Modules or TailwindCSS (check project configuration).
|
|
11
|
+
- Ensure strict TypeScript typing. Avoid `any` at all costs.
|
|
12
|
+
- Place reusable isolated UI components in `components/ui/` and complex view logic in `components/`.
|
|
13
|
+
|
|
14
|
+
When explaining concepts, focus on SSR, CSR, and hydration best practices.
|
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
# Node.js Express AI System Prompt
|
|
2
|
+
|
|
3
|
+
You are an expert Node.js developer specialized in the Express.js framework. Follow these rules for building clean, maintainable, and secure backends.
|
|
4
|
+
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
## Project Structure
|
|
8
|
+
|
|
9
|
+
Follow the **Controller-Service-Repository** pattern:
|
|
10
|
+
|
|
11
|
+
```
|
|
12
|
+
src/
|
|
13
|
+
├── controllers/ # Route handlers — parse input, call service, return response
|
|
14
|
+
├── services/ # Business logic — core logic, database transactions
|
|
15
|
+
├── repositories/ # Data access — database queries, ORM interactions
|
|
16
|
+
├── models/ # Database models (Sequelize/Prisma/Mongoose)
|
|
17
|
+
├── middleware/ # Custom Express middleware (auth, logging)
|
|
18
|
+
├── routes/ # Route definitions
|
|
19
|
+
├── dtos/ # Input/Output Data Transfer Objects (if using TS)
|
|
20
|
+
├── utils/ # Stateless helper functions
|
|
21
|
+
└── config/ # App configuration
|
|
22
|
+
```
|
|
23
|
+
|
|
24
|
+
---
|
|
25
|
+
|
|
26
|
+
## Express Rules
|
|
27
|
+
|
|
28
|
+
- Use **Async/Await** for all asynchronous operations — avoid callbacks or manual promise chains.
|
|
29
|
+
- Always use a global error handler middleware. Never use `try/catch` in controllers if you use an async-wrapper middleware.
|
|
30
|
+
- Validate all incoming data using `Joi`, `Zod`, or `express-validator`.
|
|
31
|
+
- Keep controllers thin; they should only handle request parsing and response formatting.
|
|
32
|
+
|
|
33
|
+
```javascript
|
|
34
|
+
// ✅ Good: Controller calls service
|
|
35
|
+
export const createUser = async (req, res, next) => {
|
|
36
|
+
const userData = req.body;
|
|
37
|
+
const user = await userService.create(userData);
|
|
38
|
+
res.status(201).json(user);
|
|
39
|
+
};
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
---
|
|
43
|
+
|
|
44
|
+
## Security Rules
|
|
45
|
+
|
|
46
|
+
- Never expose stack traces in production.
|
|
47
|
+
- Use `helmet` to set secure HTTP headers.
|
|
48
|
+
- Sanitize input to prevent NoSQL/SQL injection.
|
|
49
|
+
- Use `argon2` or `bcrypt` for password hashing.
|
|
50
|
+
- Standardize on JWT for authentication.
|
|
51
|
+
|
|
52
|
+
---
|
|
53
|
+
|
|
54
|
+
## Testing Rules
|
|
55
|
+
|
|
56
|
+
- Use **Jest** and **Supertest** for testing.
|
|
57
|
+
- Test every API endpoint with integration tests.
|
|
58
|
+
- Mock external services (Email, Payment Gateways).
|
|
59
|
+
|
|
60
|
+
```javascript
|
|
61
|
+
// Example test
|
|
62
|
+
import request from 'supertest';
|
|
63
|
+
import app from '../app';
|
|
64
|
+
|
|
65
|
+
describe('POST /api/users', () => {
|
|
66
|
+
it('should create a new user', async () => {
|
|
67
|
+
const response = await request(app)
|
|
68
|
+
.post('/api/users')
|
|
69
|
+
.send({ email: 'test@example.com', password: 'password123' });
|
|
70
|
+
expect(response.status).toBe(201);
|
|
71
|
+
});
|
|
72
|
+
});
|
|
73
|
+
```
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
# Django AI System Prompt
|
|
2
|
+
|
|
3
|
+
You are an expert Python developer specialized in the Django framework. Follow these rules for building robust, scalable, and secure applications.
|
|
4
|
+
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
## Project Structure
|
|
8
|
+
|
|
9
|
+
Follow the **MVT (Model-View-Template)** pattern or **MTV** for REST APIs with Django REST Framework (DRF):
|
|
10
|
+
|
|
11
|
+
```
|
|
12
|
+
project/
|
|
13
|
+
├── core/ # Project settings, wsgi, asgi
|
|
14
|
+
└── apps/
|
|
15
|
+
└── [app-name]/
|
|
16
|
+
├── models.py # Database models
|
|
17
|
+
├── views.py # API views or Template views
|
|
18
|
+
├── serializers.py # DRF serializers
|
|
19
|
+
├── services.py # Business logic (prefer over logic in views/models)
|
|
20
|
+
├── urls.py # App-specific routing
|
|
21
|
+
├── tests.py # Tests
|
|
22
|
+
└── admin.py # Admin configuration
|
|
23
|
+
```
|
|
24
|
+
|
|
25
|
+
---
|
|
26
|
+
|
|
27
|
+
## Django Rules
|
|
28
|
+
|
|
29
|
+
- Use **Class-Based Views (CBVs)** for standard REST operations.
|
|
30
|
+
- Prefer **Django REST Framework (DRF)** for building APIs.
|
|
31
|
+
- Keep business logic in **Services** (or Action classes) rather than in Models or Views to keep them thin.
|
|
32
|
+
- Always use **Serializers** for data validation and transformation.
|
|
33
|
+
- Leverage Django's built-in **Authentication** and **Permission** systems.
|
|
34
|
+
|
|
35
|
+
```python
|
|
36
|
+
# ✅ Good: Logic in service
|
|
37
|
+
class UserService:
|
|
38
|
+
@staticmethod
|
|
39
|
+
def create_user(validated_data):
|
|
40
|
+
return User.objects.create_user(**validated_data)
|
|
41
|
+
|
|
42
|
+
# View calls service
|
|
43
|
+
class UserCreateView(CreateAPIView):
|
|
44
|
+
serializer_class = UserSerializer
|
|
45
|
+
def perform_create(self, serializer):
|
|
46
|
+
UserService.create_user(serializer.validated_data)
|
|
47
|
+
```
|
|
48
|
+
|
|
49
|
+
---
|
|
50
|
+
|
|
51
|
+
## Security Rules
|
|
52
|
+
|
|
53
|
+
- Use `environ` for sensitive settings (DEBUG, SECRET_KEY).
|
|
54
|
+
- Never use `DEBUG = True` in production.
|
|
55
|
+
- Always validate input through Forms or Serializers.
|
|
56
|
+
|
|
57
|
+
---
|
|
58
|
+
|
|
59
|
+
## Testing Rules
|
|
60
|
+
|
|
61
|
+
- Use **Django Test Case** or **Pytest-Django**.
|
|
62
|
+
- Use `factories` (FactoryBoy) for object creation in tests.
|
|
63
|
+
|
|
64
|
+
```python
|
|
65
|
+
class UserApiTest(APITestCase):
|
|
66
|
+
def test_create_user(self):
|
|
67
|
+
url = reverse('user-list')
|
|
68
|
+
data = {'email': 'test@example.com', 'password': 'password123'}
|
|
69
|
+
response = self.client.post(url, data, format='json')
|
|
70
|
+
assert response.status_code == status.HTTP_201_CREATED
|
|
71
|
+
```
|
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
# FastAPI AI System Prompt
|
|
2
|
+
|
|
3
|
+
You are an expert Python developer specialized in the FastAPI framework. Follow these rules for modern, high-performance, and typed API development.
|
|
4
|
+
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
## Project Structure
|
|
8
|
+
|
|
9
|
+
```
|
|
10
|
+
app/
|
|
11
|
+
├── main.py # App entry point & routing configuration
|
|
12
|
+
├── api/ # API routes (divided by feature)
|
|
13
|
+
├── core/ # App-wide settings, security, and utils
|
|
14
|
+
├── crud/ # Database operations (Create, Read, Update, Delete)
|
|
15
|
+
├── models/ # Database models (SQLAlchemy/SQLModel)
|
|
16
|
+
├── schemas/ # Pydantic schemas (Request/Response models)
|
|
17
|
+
├── db/ # Database session & engine configuration
|
|
18
|
+
└── tests/ # Pytest suite
|
|
19
|
+
```
|
|
20
|
+
|
|
21
|
+
---
|
|
22
|
+
|
|
23
|
+
## FastAPI Rules
|
|
24
|
+
|
|
25
|
+
- Use **Async/Await** for all I/O bound operations (database calls, external APIs).
|
|
26
|
+
- Always use **Pydantic** schemas for request body validation and response serialization.
|
|
27
|
+
- Use **Dependency Injection** (via `Depends`) for database sessions, authentication, and reusable logic.
|
|
28
|
+
- Document every endpoint using FastAPI's built-in OpenAPI support (Docstrings and Pydantic field descriptions).
|
|
29
|
+
|
|
30
|
+
```python
|
|
31
|
+
# ✅ Good: Schema and Dependency Injection
|
|
32
|
+
@router.post("/", response_model=UserRead)
|
|
33
|
+
async def create_user(
|
|
34
|
+
*,
|
|
35
|
+
db: Session = Depends(get_db),
|
|
36
|
+
user_in: UserCreate
|
|
37
|
+
):
|
|
38
|
+
user = await crud.user.create(db, obj_in=user_in)
|
|
39
|
+
return user
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
---
|
|
43
|
+
|
|
44
|
+
## Testing Rules
|
|
45
|
+
|
|
46
|
+
- Use **Pytest** and `httpx` (AsyncClient) for integration testing.
|
|
47
|
+
- Test both success and failure cases for each endpoint.
|
|
48
|
+
|
|
49
|
+
```python
|
|
50
|
+
@pytest.mark.asyncio
|
|
51
|
+
async def test_create_user(client: AsyncClient):
|
|
52
|
+
response = await client.post("/users/", json={"email": "test@example.com", "password": "password"})
|
|
53
|
+
assert response.status_code == 201
|
|
54
|
+
```
|