@su-record/vibe 2.7.14 → 2.7.16

package/dist/cli/postinstall/cursor-rules.js

@@ -21,13 +21,13 @@ function convertLanguageRuleToCursor(content, filename) {
     // glob 패턴 가져오기
     const globs = LANGUAGE_GLOBS[filename] || '**/*';
     // .mdc frontmatter + 본문
-    return `---
-description: ${description} - complexity limits, type safety, error handling
-globs: "${globs}"
-alwaysApply: false
----
-
-${normalizedContent}
+    return `---
+description: ${description} - complexity limits, type safety, error handling
+globs: "${globs}"
+alwaysApply: false
+---
+
+${normalizedContent}
 `;
 }
 /**
@@ -104,86 +104,86 @@ export function generateCursorRules(cursorRulesDir, detectedStacks = [], languag
     const commonRules = [
         {
             filename: 'code-quality.mdc',
-            content: `---
-description: General code quality rules for all files
-alwaysApply: true
----
-
-# Code Quality Rules
-
-## Core Principles
-- **Modify only requested scope** - Don't touch unrelated code
-- **Preserve existing style** - Follow project conventions
-- **Keep working code** - No unnecessary refactoring
-
-## Forbidden Patterns
-- No \`console.log\` in production code (remove after debugging)
-- No hardcoded strings/numbers → Extract to constants
-- No commented-out code in commits
-- No incomplete code without TODO marker
-
-## Naming Conventions
-- Variables/functions: camelCase
-- Classes/types: PascalCase
-- Constants: UPPER_SNAKE_CASE
-- Files: kebab-case or PascalCase (match project style)
-
-## Function Design
-- Single responsibility per function
-- Max 5 parameters (use object for more)
-- Descriptive names (verb + noun)
-- Document non-obvious behavior
-
-## Complexity Limits
-| Metric | Limit |
-|--------|-------|
-| Function length | ≤30 lines (recommended), ≤50 lines (max) |
-| Nesting depth | ≤3 levels |
-| Parameters | ≤5 |
-| Cyclomatic complexity | ≤10 |
-
-## Dependency Management
-- Avoid circular dependencies
-- Keep loose coupling (depend on interfaces)
-- High cohesion (group related functions)
+            content: `---
+description: General code quality rules for all files
+alwaysApply: true
+---
+
+# Code Quality Rules
+
+## Core Principles
+- **Modify only requested scope** - Don't touch unrelated code
+- **Preserve existing style** - Follow project conventions
+- **Keep working code** - No unnecessary refactoring
+
+## Forbidden Patterns
+- No \`console.log\` in production code (remove after debugging)
+- No hardcoded strings/numbers → Extract to constants
+- No commented-out code in commits
+- No incomplete code without TODO marker
+
+## Naming Conventions
+- Variables/functions: camelCase
+- Classes/types: PascalCase
+- Constants: UPPER_SNAKE_CASE
+- Files: kebab-case or PascalCase (match project style)
+
+## Function Design
+- Single responsibility per function
+- Max 5 parameters (use object for more)
+- Descriptive names (verb + noun)
+- Document non-obvious behavior
+
+## Complexity Limits
+| Metric | Limit |
+|--------|-------|
+| Function length | ≤30 lines (recommended), ≤50 lines (max) |
+| Nesting depth | ≤3 levels |
+| Parameters | ≤5 |
+| Cyclomatic complexity | ≤10 |
+
+## Dependency Management
+- Avoid circular dependencies
+- Keep loose coupling (depend on interfaces)
+- High cohesion (group related functions)
 `,
         },
         {
             filename: 'security-checklist.mdc',
-            content: `---
-description: Security checklist for code changes
-globs: "**/*.ts,**/*.tsx,**/*.js,**/*.jsx,**/*.py,**/*.go,**/*.rs,**/*.java,**/*.kt,**/*.swift"
-alwaysApply: false
----
-
-# Security Checklist
-
-## Input Validation
-- [ ] Validate all user inputs
-- [ ] Sanitize data before database queries
-- [ ] Use parameterized queries (prevent SQL injection)
-
-## Authentication
-- [ ] Secure password handling (never store plain text)
-- [ ] Session management is secure
-- [ ] Tokens have appropriate expiry
-
-## Data Protection
-- [ ] Sensitive data is encrypted
-- [ ] API keys not committed to code
-- [ ] Error messages don't leak sensitive info
-
-## OWASP Top 10 Awareness
-- Injection (SQL, XSS, Command)
-- Broken authentication
-- Sensitive data exposure
-- XML external entities (XXE)
-- Broken access control
-- Security misconfiguration
-- Cross-site scripting (XSS)
-- Insecure deserialization
-- Using components with known vulnerabilities
-- Insufficient logging & monitoring
+            content: `---
+description: Security checklist for code changes
+globs: "**/*.ts,**/*.tsx,**/*.js,**/*.jsx,**/*.py,**/*.go,**/*.rs,**/*.java,**/*.kt,**/*.swift"
+alwaysApply: false
+---
+
+# Security Checklist
+
+## Input Validation
+- [ ] Validate all user inputs
+- [ ] Sanitize data before database queries
+- [ ] Use parameterized queries (prevent SQL injection)
+
+## Authentication
+- [ ] Secure password handling (never store plain text)
+- [ ] Session management is secure
+- [ ] Tokens have appropriate expiry
+
+## Data Protection
+- [ ] Sensitive data is encrypted
+- [ ] API keys not committed to code
+- [ ] Error messages don't leak sensitive info
+
+## OWASP Top 10 Awareness
+- Injection (SQL, XSS, Command)
+- Broken authentication
+- Sensitive data exposure
+- XML external entities (XXE)
+- Broken access control
+- Security misconfiguration
+- Cross-site scripting (XSS)
+- Insecure deserialization
+- Using components with known vulnerabilities
+- Insufficient logging & monitoring
 `,
         },
     ];