npm - @umacloud/knowledge - Versions diffs - 1.0.1 - Mend

@umacloud/knowledge 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (418) hide show

package/00-governance/governance-capabilities.md +557 -0
package/00-governance/knowledge-map.md +39 -0
package/00-governance/maintenance-policy.md +76 -0
package/00-governance/review-checklist.md +81 -0
package/README.md +13 -0
package/ai/01-standards/agent-development-complete.md +691 -0
package/ai/01-standards/llm-application-complete.md +488 -0
package/ai/01-standards/mlops-complete.md +798 -0
package/ai/01-standards/prompt-engineering-complete.md +646 -0
package/ai/01-standards/rag-architecture-complete.md +649 -0
package/ai/02-playbooks/llm-evaluation-playbook.md +847 -0
package/ai/03-checklists/ai-project-checklist.md +215 -0
package/ai/04-antipatterns/ai-antipatterns.md +661 -0
package/ai/05-cases/case-rag-production.md +147 -0
package/ai/06-glossary/ai-glossary.md +162 -0
package/ai/agent-evaluation-benchmark.md +53 -0
package/ai/ai-agent-memory-context-management.md +41 -0
package/ai/ai-cost-capacity-optimization-playbook.md +42 -0
package/ai/ai-data-security-and-compliance-playbook.md +37 -0
package/ai/ai-domain-index-and-checklist.md +40 -0
package/ai/ai-governance-maturity-model.md +50 -0
package/ai/ai-model-selection-and-routing-strategy.md +47 -0
package/ai/ai-observability-and-oncall-runbook.md +52 -0
package/ai/ai-rag-engineering-playbook.md +42 -0
package/ai/ai-red-team-and-safety-evaluation.md +42 -0
package/ai/ai-release-readiness-and-rollback-gate.md +42 -0
package/ai/llm-agent-engineering-deep-dive.md +57 -0
package/ai/prompt-and-tool-guardrails.md +52 -0
package/api/01-standards/enterprise-api-standards.md +198 -0
package/api/01-standards/rest-api-design-guide.md +63 -0
package/api/02-playbooks/api-pagination-playbook.md +93 -0
package/api/02-playbooks/graphql-production-playbook.md +176 -0
package/api/03-checklists/api-review-checklist.md +55 -0
package/api/04-antipatterns/api-antipatterns.md +112 -0
package/architecture/01-standards/api-gateway-patterns.md +496 -0
package/architecture/01-standards/cloud-native-patterns.md +644 -0
package/architecture/01-standards/distributed-systems-patterns.md +591 -0
package/architecture/01-standards/event-driven-architecture.md +595 -0
package/architecture/01-standards/microservices-patterns-complete.md +968 -0
package/architecture/01-standards/microservices-patterns.md +495 -0
package/architecture/01-standards/system-design-interview.md +664 -0
package/architecture/02-playbooks/microservices-patterns-playbook.md +137 -0
package/architecture/02-playbooks/migration-playbook.md +780 -0
package/architecture/02-playbooks/system-design-playbook.md +779 -0
package/architecture/03-checklists/architecture-decision-checklist.md +297 -0
package/architecture/04-antipatterns/architecture-antipatterns.md +417 -0
package/architecture/05-cases/case-netflix-microservices.md +413 -0
package/architecture/06-glossary/architecture-glossary.md +164 -0
package/architecture/adr-template-and-examples.md +38 -0
package/architecture/api-gateway-deep-dive.md +1291 -0
package/architecture/configuration-management.md +1162 -0
package/architecture/distributed-transactions.md +1220 -0
package/architecture/microservices-complete.md +735 -0
package/architecture/resilience-and-disaster-patterns.md +37 -0
package/architecture/service-governance.md +1198 -0
package/architecture/system-architecture-deep-dive.md +37 -0
package/backend/01-standards/analytics-and-growth.md +65 -0
package/backend/01-standards/api-and-error-conventions.md +120 -0
package/backend/01-standards/application-layering-and-packaging.md +160 -0
package/backend/01-standards/auth-implementation.md +104 -0
package/backend/01-standards/backend-framework-idioms.md +74 -0
package/backend/01-standards/background-jobs-and-async.md +66 -0
package/backend/01-standards/caching-strategies-complete.md +390 -0
package/backend/01-standards/config-and-observability.md +77 -0
package/backend/01-standards/data-modeling-and-persistence.md +94 -0
package/backend/01-standards/django-complete.md +1765 -0
package/backend/01-standards/email-and-notifications.md +64 -0
package/backend/01-standards/fastapi-complete.md +925 -0
package/backend/01-standards/file-upload-and-storage.md +66 -0
package/backend/01-standards/graphql-api-complete.md +416 -0
package/backend/01-standards/llm-application-standard.md +78 -0
package/backend/01-standards/message-queue-patterns.md +379 -0
package/backend/01-standards/microservices-and-distributed.md +78 -0
package/backend/01-standards/nestjs-complete.md +2167 -0
package/backend/01-standards/payment-integration.md +80 -0
package/backend/01-standards/rate-limiting-complete.md +451 -0
package/backend/01-standards/realtime-and-websocket.md +65 -0
package/backend/01-standards/search-and-filtering.md +64 -0
package/backend/01-standards/spring-boot-complete.md +445 -0
package/backend/02-playbooks/api-design-playbook.md +718 -0
package/backend/02-playbooks/email-send-playbook.md +130 -0
package/backend/02-playbooks/file-upload-s3-playbook.md +153 -0
package/backend/02-playbooks/typescript-enterprise-playbook.md +133 -0
package/backend/02-playbooks/websocket-realtime-playbook.md +154 -0
package/backend/03-checklists/api-launch-checklist.md +189 -0
package/backend/04-antipatterns/backend-antipatterns.md +1051 -0
package/blockchain/01-standards/blockchain-basics.md +557 -0
package/blockchain/01-standards/smart-contract-development.md +1315 -0
package/cicd/01-standards/deployment-and-delivery-standard.md +96 -0
package/cicd/01-standards/github-actions-complete.md +473 -0
package/cicd/01-standards/release-and-store-submission.md +75 -0
package/cicd/02-playbooks/cicd-pipeline-playbook.md +144 -0
package/cicd/02-playbooks/release-management-playbook.md +605 -0
package/cicd/03-checklists/pipeline-security-checklist.md +168 -0
package/cicd/04-antipatterns/cicd-antipatterns.md +589 -0
package/cicd/05-cases/case-deployment-automation.md +221 -0
package/cicd/05-cases/case-gitops-transformation.md +212 -0
package/cicd/06-glossary/cicd-glossary.md +114 -0
package/cicd/cicd-blueprint-deep-dive.md +38 -0
package/cicd/release-readiness-gate.md +37 -0
package/cloud-native/01-standards/container-security.md +741 -0
package/cloud-native/01-standards/kubernetes-complete.md +812 -0
package/cloud-native/02-playbooks/api-gateway-playbook.md +155 -0
package/cloud-native/02-playbooks/gitops-with-argocd.md +760 -0
package/cloud-native/02-playbooks/k8s-troubleshooting-playbook.md +1942 -0
package/cloud-native/02-playbooks/message-queue-playbook.md +129 -0
package/cloud-native/02-playbooks/multicloud-governance.md +726 -0
package/cloud-native/02-playbooks/serverless-patterns.md +788 -0
package/cloud-native/02-playbooks/service-mesh-playbook.md +612 -0
package/cloud-native/02-playbooks/terraform-iac-playbook.md +143 -0
package/cloud-native/03-checklists/container-security-checklist.md +431 -0
package/cloud-native/03-checklists/k8s-production-readiness-checklist.md +460 -0
package/cloud-native/04-antipatterns/container-antipatterns.md +660 -0
package/cloud-native/04-antipatterns/k8s-antipatterns.md +743 -0
package/cloud-native/05-cases/case-k8s-migration.md +478 -0
package/cloud-native/05-cases/case-k8s-scaling.md +642 -0
package/cloud-native/05-cases/case-k8s-security-incident.md +397 -0
package/cloud-native/06-glossary/cloud-native-glossary.md +337 -0
package/cross-platform/01-standards/cross-platform-frameworks.md +83 -0
package/cross-platform/01-standards/platform-selection-and-architecture.md +77 -0
package/data/01-standards/elasticsearch-complete.md +2098 -0
package/data/01-standards/postgresql-complete.md +1613 -0
package/data/01-standards/redis-complete.md +1527 -0
package/data/02-playbooks/database-optimization-playbook.md +403 -0
package/data/02-playbooks/elasticsearch-production-playbook.md +132 -0
package/data/03-checklists/database-launch-checklist.md +187 -0
package/data/04-antipatterns/database-antipatterns.md +873 -0
package/data/05-cases/case-database-migration.md +310 -0
package/data/06-glossary/database-glossary.md +440 -0
package/data/data-governance-and-modeling-deep-dive.md +39 -0
package/data-engineering/01-standards/airflow-complete.md +523 -0
package/data-engineering/01-standards/kafka-complete.md +1521 -0
package/data-engineering/02-playbooks/spark-etl-playbook.md +496 -0
package/data-engineering/03-checklists/pipeline-launch-checklist.md +194 -0
package/data-engineering/04-antipatterns/data-pipeline-antipatterns.md +684 -0
package/data-engineering/05-cases/case-real-time-pipeline.md +355 -0
package/data-engineering/06-glossary/data-engineering-glossary.md +429 -0
package/database/01-standards/database-schema-standards.md +147 -0
package/database/02-playbooks/postgresql-optimization-quick.md +52 -0
package/database/02-playbooks/postgresql-performance-optimization.md +58 -0
package/database/02-playbooks/postgresql-production-playbook.md +146 -0
package/database/02-playbooks/redis-caching-playbook.md +117 -0
package/database/03-checklists/database-review-checklist.md +50 -0
package/database/04-antipatterns/database-antipatterns.md +112 -0
package/design/01-standards/ui-design-system-complete.md +423 -0
package/design/02-playbooks/design-handoff-playbook.md +254 -0
package/design/02-playbooks/design-review-playbook.md +388 -0
package/design/03-checklists/design-review-checklist.md +246 -0
package/design/04-antipatterns/design-antipatterns.md +378 -0
package/design/05-cases/case-design-system-adoption.md +328 -0
package/design/06-glossary/design-glossary.md +329 -0
package/design/ui-full-lifecycle-cross-platform-playbook.md +571 -0
package/design/ux-system-deep-dive.md +38 -0
package/design-systems/00-craft-rules.md +71 -0
package/design-systems/aesthetic-families.md +43 -0
package/design-systems/anti-ai-slop.md +162 -0
package/design-systems/bold-geometric.md +120 -0
package/design-systems/brutalist-bold.md +103 -0
package/design-systems/editorial-clean.md +109 -0
package/design-systems/glass-aurora.md +108 -0
package/design-systems/modern-minimal.md +145 -0
package/design-systems/premium-luxury.md +106 -0
package/design-systems/product-type-design-map.md +48 -0
package/design-systems/soft-warm.md +123 -0
package/design-systems/tech-utility.md +113 -0
package/desktop/01-standards/desktop-app-standard.md +72 -0
package/desktop/01-standards/desktop-design.md +71 -0
package/development/00-governance/document-template.md +41 -0
package/development/01-standards/api-versioning-strategies.md +432 -0
package/development/01-standards/authentication-patterns-complete.md +479 -0
package/development/01-standards/css-architecture-complete.md +550 -0
package/development/01-standards/database-migration-strategies.md +484 -0
package/development/01-standards/elasticsearch-complete.md +347 -0
package/development/01-standards/git-complete.md +371 -0
package/development/01-standards/golang-complete.md +1565 -0
package/development/01-standards/graphql-complete.md +298 -0
package/development/01-standards/javascript-bundlers-complete.md +469 -0
package/development/01-standards/javascript-typescript-complete.md +528 -0
package/development/01-standards/jest-complete.md +275 -0
package/development/01-standards/linux-complete.md +234 -0
package/development/01-standards/logging-observability-complete.md +526 -0
package/development/01-standards/microservices-communication.md +502 -0
package/development/01-standards/mongodb-complete.md +406 -0
package/development/01-standards/oauth2-complete.md +285 -0
package/development/01-standards/performance-optimization-complete.md +289 -0
package/development/01-standards/playwright-complete.md +247 -0
package/development/01-standards/postgresql-complete.md +456 -0
package/development/01-standards/pytest-complete.md +340 -0
package/development/01-standards/python-async-programming.md +902 -0
package/development/01-standards/python-complete.md +956 -0
package/development/01-standards/python-decorators-complete.md +799 -0
package/development/01-standards/python-design-patterns.md +2854 -0
package/development/01-standards/python-packaging-distribution.md +420 -0
package/development/01-standards/python-testing-strategies.md +607 -0
package/development/01-standards/python-web-frameworks-comparison.md +471 -0
package/development/01-standards/redis-complete.md +317 -0
package/development/01-standards/rest-api-complete.md +316 -0
package/development/01-standards/rust-complete.md +578 -0
package/development/01-standards/typescript-advanced-types.md +1513 -0
package/development/01-standards/web-security-complete.md +292 -0
package/development/02-playbooks/api-design-playbook.md +810 -0
package/development/02-playbooks/database-migration-playbook.md +580 -0
package/development/02-playbooks/debugging-playbook.md +692 -0
package/development/02-playbooks/feature-delivery-playbook.md +430 -0
package/development/02-playbooks/incident-hotfix-playbook.md +387 -0
package/development/02-playbooks/performance-optimization-playbook.md +531 -0
package/development/02-playbooks/performance-tuning-playbook.md +652 -0
package/development/02-playbooks/refactor-playbook.md +403 -0
package/development/02-playbooks/release-playbook.md +469 -0
package/development/03-checklists/architecture-review-checklist.md +168 -0
package/development/03-checklists/data-migration-checklist.md +157 -0
package/development/03-checklists/oncall-handover-checklist.md +173 -0
package/development/03-checklists/pr-checklist.md +158 -0
package/development/03-checklists/production-readiness-checklist.md +190 -0
package/development/03-checklists/release-readiness-checklist.md +154 -0
package/development/03-checklists/security-review-checklist.md +182 -0
package/development/04-antipatterns/api-antipatterns.md +657 -0
package/development/04-antipatterns/architecture-antipatterns.md +686 -0
package/development/04-antipatterns/backend-antipatterns.md +648 -0
package/development/04-antipatterns/cicd-antipatterns.md +540 -0
package/development/04-antipatterns/code-smell-antipatterns.md +571 -0
package/development/04-antipatterns/data-antipatterns.md +658 -0
package/development/04-antipatterns/database-antipatterns.md +578 -0
package/development/04-antipatterns/frontend-antipatterns.md +635 -0
package/development/04-antipatterns/reliability-antipatterns.md +700 -0
package/development/04-antipatterns/security-antipatterns.md +747 -0
package/development/05-cases/case-api-version-migration.md +428 -0
package/development/05-cases/case-authorization-hardening.md +383 -0
package/development/05-cases/case-bluegreen-rollback.md +466 -0
package/development/05-cases/case-cache-snowball-protection.md +485 -0
package/development/05-cases/case-ci-cd-pipeline.md +544 -0
package/development/05-cases/case-database-scaling.md +500 -0
package/development/05-cases/case-db-hotspot-optimization.md +487 -0
package/development/05-cases/case-incident-mttr-reduction.md +563 -0
package/development/05-cases/case-microservice-migration.md +375 -0
package/development/05-cases/case-performance-optimization.md +406 -0
package/development/05-cases/case-security-incident-response.md +345 -0
package/development/06-glossary/full-stack-glossary.md +166 -0
package/development/09-maturity/quarterly-audit-template.md +35 -0
package/development/11-ui-excellence/ui-aesthetic-system.md +41 -0
package/development/11-ui-excellence/ui-engineering-excellence.md +435 -0
package/development/12-scenarios/development-scenarios-guide.md +565 -0
package/development/13-implementation-assets/implementation-toolkit.md +282 -0
package/development/13-implementation-assets/knowledge-gates-execution.md +43 -0
package/development/14-full-lifecycle/software-lifecycle-gates.md +511 -0
package/development/15-lifecycle-templates/project-templates-collection.md +791 -0
package/development/api-contract-and-versioning-guide.md +36 -0
package/development/api-governance-complete.md +43 -0
package/development/backend-engineering-complete.md +43 -0
package/development/code-review-quality-complete.md +43 -0
package/development/concurrency-reliability-complete.md +43 -0
package/development/database-engineering-complete.md +43 -0
package/development/engineering-effectiveness-complete.md +43 -0
package/development/engineering-standards-deep-dive.md +38 -0
package/development/frontend-engineering-complete.md +43 -0
package/development/performance-capacity-complete.md +43 -0
package/development/refactor-migration-complete.md +42 -0
package/development/refactoring-and-techdebt-playbook.md +37 -0
package/development/security-in-development-complete.md +43 -0
package/devops/01-standards/cicd-pipeline-complete.md +262 -0
package/devops/01-standards/docker-complete.md +1490 -0
package/devops/01-standards/github-actions-complete.md +337 -0
package/devops/01-standards/kubernetes-complete.md +638 -0
package/devops/01-standards/terraform-complete.md +2117 -0
package/devops/02-playbooks/docker-compose-playbook.md +233 -0
package/devops/02-playbooks/docker-k8s-production-playbook.md +186 -0
package/devops/02-playbooks/docker-production-playbook.md +952 -0
package/edge-iot/01-standards/edge-iot-complete.md +473 -0
package/experts/architect/api-design.md +178 -0
package/experts/architect/methodology.md +124 -0
package/experts/architect/security.md +75 -0
package/experts/backend-lead/methodology.md +216 -0
package/experts/devops/methodology.md +160 -0
package/experts/frontend-lead/methodology.md +178 -0
package/experts/product-manager/industry/ecommerce.md +43 -0
package/experts/product-manager/industry/saas.md +40 -0
package/experts/product-manager/methodology.md +97 -0
package/experts/qa-lead/methodology.md +123 -0
package/experts/qa-lead/test-strategy.md +128 -0
package/experts/uiux-designer/methodology.md +125 -0
package/frontend/01-standards/accessibility-complete.md +532 -0
package/frontend/01-standards/accessibility-standard.md +74 -0
package/frontend/01-standards/admin-dashboard-and-crud.md +72 -0
package/frontend/01-standards/design-tokens-complete.md +444 -0
package/frontend/01-standards/forms-and-validation.md +77 -0
package/frontend/01-standards/frontend-architecture-and-layering.md +119 -0
package/frontend/01-standards/i18n-and-localization.md +65 -0
package/frontend/01-standards/nextjs-complete.md +451 -0
package/frontend/01-standards/react-complete.md +713 -0
package/frontend/01-standards/react-hooks-complete-guide.md +1100 -0
package/frontend/01-standards/react-hooks-complete.md +1171 -0
package/frontend/01-standards/seo-and-web-vitals.md +77 -0
package/frontend/01-standards/state-management-complete.md +444 -0
package/frontend/01-standards/vue-complete.md +499 -0
package/frontend/01-standards/vue3-complete.md +2002 -0
package/frontend/01-standards/web-framework-best-practices.md +64 -0
package/frontend/01-standards/web-performance-complete.md +495 -0
package/frontend/02-playbooks/accessibility-a11y-playbook.md +161 -0
package/frontend/02-playbooks/frontend-performance-playbook.md +707 -0
package/frontend/02-playbooks/i18n-internationalization-playbook.md +120 -0
package/frontend/02-playbooks/performance-optimization-playbook.md +163 -0
package/frontend/02-playbooks/react-nextjs-production-playbook.md +167 -0
package/frontend/02-playbooks/react-state-management-playbook.md +173 -0
package/frontend/03-checklists/component-quality-checklist.md +166 -0
package/frontend/03-checklists/frontend-launch-checklist.md +299 -0
package/frontend/04-antipatterns/frontend-antipatterns.md +886 -0
package/frontend/05-cases/case-performance-optimization.md +274 -0
package/harmony/01-standards/harmonyos-arkts-standard.md +75 -0
package/harmony/01-standards/harmonyos-design.md +65 -0
package/high-quality-engineering-playbook.md +54 -0
package/incident/01-standards/incident-response-complete.md +303 -0
package/incident/02-playbooks/chaos-engineering-playbook.md +883 -0
package/incident/02-playbooks/postmortem-playbook.md +398 -0
package/incident/03-checklists/incident-readiness-checklist.md +181 -0
package/incident/04-antipatterns/incident-antipatterns.md +490 -0
package/incident/05-cases/case-cascade-failure.md +176 -0
package/incident/06-glossary/incident-glossary.md +114 -0
package/incident/postmortem-and-response-deep-dive.md +39 -0
package/industries/ecommerce/ecommerce-complete.md +631 -0
package/industries/education/education-complete.md +555 -0
package/industries/fintech/fintech-complete.md +501 -0
package/industries/gaming/gaming-complete.md +587 -0
package/industries/healthcare/healthcare-complete.md +452 -0
package/low-code/01-standards/low-code-complete.md +944 -0
package/miniprogram/01-standards/ai-common-mistakes.md +61 -0
package/miniprogram/01-standards/miniprogram-custom-navbar-capsule.md +77 -0
package/miniprogram/01-standards/miniprogram-design.md +61 -0
package/miniprogram/01-standards/miniprogram-standard.md +81 -0
package/mobile/01-standards/android-material-design.md +70 -0
package/mobile/01-standards/flutter-complete.md +384 -0
package/mobile/01-standards/ios-design-hig.md +78 -0
package/mobile/01-standards/mobile-app-standard.md +85 -0
package/mobile/01-standards/react-native-complete.md +352 -0
package/mobile/02-playbooks/mobile-cross-platform-playbook.md +175 -0
package/mobile/02-playbooks/mobile-performance.md +473 -0
package/mobile/03-checklists/mobile-release-checklist.md +234 -0
package/mobile/04-antipatterns/mobile-antipatterns.md +798 -0
package/mobile/05-cases/case-app-performance.md +500 -0
package/mobile/05-cases/case-app-startup-optimization.md +218 -0
package/mobile/06-glossary/mobile-glossary.md +484 -0
package/observability/01-standards/observability-standards.md +103 -0
package/observability/02-playbooks/prometheus-grafana-playbook.md +135 -0
package/observability/02-playbooks/structured-logging-playbook.md +73 -0
package/observability/03-checklists/observability-checklist.md +54 -0
package/observability/04-antipatterns/observability-antipatterns.md +106 -0
package/operations/01-standards/prometheus-monitoring-complete.md +1578 -0
package/operations/02-playbooks/capacity-planning-playbook.md +620 -0
package/operations/03-checklists/production-launch-checklist.md +365 -0
package/operations/04-antipatterns/operations-antipatterns.md +664 -0
package/operations/05-cases/case-sre-practices.md +581 -0
package/operations/06-glossary/operations-glossary.md +120 -0
package/operations/aiops-anomaly-detection.md +758 -0
package/operations/capacity-planning.md +1061 -0
package/operations/chaos-engineering.md +659 -0
package/operations/incident-command-system.md +38 -0
package/operations/observability-complete.md +442 -0
package/operations/slo-sli-playbook.md +517 -0
package/operations/sre-operations-deep-dive.md +39 -0
package/package.json +8 -0
package/performance/01-standards/performance-and-scalability.md +80 -0
package/performance/01-standards/performance-standards.md +156 -0
package/performance/02-playbooks/query-optimization-playbook.md +103 -0
package/performance/03-checklists/performance-checklist.md +56 -0
package/performance/04-antipatterns/performance-antipatterns.md +146 -0
package/product/01-standards/product-management-complete.md +285 -0
package/product/02-playbooks/feature-launch-playbook.md +207 -0
package/product/02-playbooks/user-research-playbook.md +532 -0
package/product/03-checklists/feature-launch-checklist.md +275 -0
package/product/04-antipatterns/product-antipatterns.md +355 -0
package/product/05-cases/case-mvp-to-scale.md +384 -0
package/product/06-glossary/product-glossary.md +462 -0
package/product/feature-prioritization-framework.md +40 -0
package/product/kpi-and-metric-tree.md +37 -0
package/product/product-discovery-and-prd-deep-dive.md +41 -0
package/quantum/01-standards/quantum-complete.md +1186 -0
package/security/01-standards/api-security-complete.md +511 -0
package/security/01-standards/container-runtime-security.md +574 -0
package/security/01-standards/data-protection-gdpr.md +543 -0
package/security/01-standards/owasp-top10-complete.md +1890 -0
package/security/01-standards/secure-coding-baseline.md +90 -0
package/security/01-standards/supply-chain-security.md +441 -0
package/security/01-standards/web-security-checklist.md +108 -0
package/security/01-standards/zero-trust-architecture.md +521 -0
package/security/02-playbooks/auth-sso-playbook.md +166 -0
package/security/02-playbooks/incident-response-security-playbook.md +588 -0
package/security/02-playbooks/owasp-api-security-playbook.md +129 -0
package/security/02-playbooks/payment-integration-playbook.md +119 -0
package/security/02-playbooks/penetration-testing-playbook.md +517 -0
package/security/03-checklists/security-audit-checklist.md +356 -0
package/security/04-antipatterns/security-coding-antipatterns.md +580 -0
package/security/05-cases/case-log4shell-incident.md +537 -0
package/security/05-cases/case-major-breaches.md +468 -0
package/security/06-glossary/security-glossary.md +212 -0
package/security/compliance-automation.md +993 -0
package/security/container-security.md +680 -0
package/security/devsecops-complete.md +426 -0
package/security/sast-dast-sca.md +775 -0
package/security/secrets-management.md +594 -0
package/security/security-architecture-deep-dive.md +37 -0
package/security/threat-modeling-stride-playbook.md +40 -0
package/seed-templates/auth-system.md +59 -0
package/seed-templates/blog-content.md +94 -0
package/seed-templates/dashboard.md +89 -0
package/seed-templates/docs-site.md +73 -0
package/seed-templates/e-commerce.md +50 -0
package/seed-templates/saas-landing.md +92 -0
package/seed-templates/settings-page.md +51 -0
package/testing/01-standards/test-strategy-and-layering.md +83 -0
package/testing/01-standards/testing-strategy-complete.md +422 -0
package/testing/01-standards/unit-testing-best-practices.md +118 -0
package/testing/02-playbooks/e2e-testing-playbook.md +988 -0
package/testing/02-playbooks/testing-strategy-playbook.md +126 -0
package/testing/03-checklists/test-strategy-checklist.md +208 -0
package/testing/04-antipatterns/testing-antipatterns.md +718 -0
package/testing/05-cases/case-testing-transformation.md +300 -0
package/testing/06-glossary/testing-glossary.md +110 -0
package/testing/risk-based-test-matrix.md +36 -0
package/testing/testing-strategy-deep-dive.md +37 -0

package/development/04-antipatterns/architecture-antipatterns.md ADDED Viewed

@@ -0,0 +1,686 @@
+---
+id: architecture-antipatterns
+title: 架构反模式指南
+domain: development
+category: 04-antipatterns
+difficulty: intermediate
+tags: [agent, antipatterns, architecture, ball, bounded, checklist, context, dependency]
+quality_score: 70
+last_updated: 2026-06-15
+---
+# 架构反模式指南
+> 适用范围：微服务 / 单体 / 模块化单体 / 事件驱动架构
+> 约束级别：SHALL（必须在架构评审阶段拦截）
+---
+## 1. 分布式单体（Distributed Monolith）
+### 描述
+名义上拆分为多个微服务，但服务间通过同步 RPC 紧密耦合，共享数据库，必须同时部署。具备了分布式系统的所有复杂性（网络延迟、部分失败、数据一致性），却没有获得微服务的任何好处（独立部署、独立扩展、技术多样性）。
+### 错误示例
+```python
+# order-service 同步调用 user-service、inventory-service、payment-service
+# 任何一个服务宕机，整个下单流程失败
+class OrderService:
+    def create_order(self, user_id: str, items: list) -> Order:
+        # 同步 RPC 链：order -> user -> inventory -> payment -> notification
+        user = requests.get(f"{USER_SERVICE}/users/{user_id}").json()       # 阻塞
+        for item in items:
+            stock = requests.get(                                            # 阻塞
+                f"{INVENTORY_SERVICE}/stock/{item['product_id']}"
+            ).json()
+            if stock['quantity'] < item['qty']:
+                raise InsufficientStockError(item['product_id'])
+        order = self._save_order(user_id, items)
+        payment = requests.post(f"{PAYMENT_SERVICE}/charge", json={          # 阻塞
+            "order_id": order.id, "amount": order.total
+        }).json()
+        requests.post(f"{NOTIFICATION_SERVICE}/email", json={                # 阻塞
+            "to": user['email'], "template": "order_created"
+        })
+        return order
+```
+```yaml
+# 所有服务共享同一个数据库 -- 本质还是单体
+# docker-compose.yml
+services:
+  user-service:
+    environment:
+      DATABASE_URL: postgres://shared-db:5432/main_db
+  order-service:
+    environment:
+      DATABASE_URL: postgres://shared-db:5432/main_db  # 同一个库！
+  payment-service:
+    environment:
+      DATABASE_URL: postgres://shared-db:5432/main_db  # 同一个库！
+```
+### 正确示例
+```python
+# 使用事件驱动解耦关键路径
+class OrderService:
+    def __init__(self, event_bus: EventBus, order_repo: OrderRepository):
+        self._event_bus = event_bus
+        self._repo = order_repo
+    async def create_order(self, user_id: str, items: list) -> Order:
+        # 只做最少的同步校验
+        order = self._repo.create(user_id=user_id, items=items, status="pending")
+        # 通过事件异步编排后续流程
+        await self._event_bus.publish(OrderCreatedEvent(
+            order_id=order.id,
+            user_id=user_id,
+            items=items,
+            total=order.total,
+        ))
+        return order
+# inventory-service 订阅事件，独立处理
+class InventoryEventHandler:
+    async def handle_order_created(self, event: OrderCreatedEvent):
+        try:
+            self._reserve_stock(event.items)
+            await self._event_bus.publish(StockReservedEvent(order_id=event.order_id))
+        except InsufficientStockError:
+            await self._event_bus.publish(StockReservationFailedEvent(
+                order_id=event.order_id, reason="insufficient_stock"
+            ))
+# 每个服务有自己的数据库
+# docker-compose.yml
+services:
+  user-service:
+    environment:
+      DATABASE_URL: postgres://user-db:5432/users
+  order-service:
+    environment:
+      DATABASE_URL: postgres://order-db:5432/orders
+  payment-service:
+    environment:
+      DATABASE_URL: postgres://payment-db:5432/payments
+```
+### 检测方法
+- 部署时需要多个服务同时发版才能工作。
+- 服务间调用链深度 > 3（A -> B -> C -> D）。
+- 多个服务连接同一个数据库实例。
+- 单个服务宕机导致全链路不可用。
+- 服务间 RPC 调用无超时、无熔断、无降级。
+### 修复步骤
+1. 绘制服务依赖图，识别同步调用链。
+2. 将非关键路径（通知、日志、统计）改为异步事件。
+3. 为每个服务建立独立数据库（Database per Service）。
+4. 引入消息队列（Kafka / RabbitMQ / NATS）作为服务间通信骨干。
+5. 对仍需同步调用的场景，添加超时、熔断、降级策略。
+6. 实现 Saga 模式处理跨服务的分布式事务。
+### Agent Checklist
+- [ ] 每个服务有独立数据库
+- [ ] 服务间同步调用链深度 <= 2
+- [ ] 非关键路径使用异步事件
+- [ ] 同步 RPC 有超时 + 熔断 + 降级
+- [ ] 可独立部署和扩展单个服务
+---
+## 2. 大泥球（Big Ball of Mud）
+### 描述
+系统没有明确的架构，代码随意组织，模块间无边界，任何代码可以调用任何代码。随着功能增长，系统变得越来越难以理解、修改和测试。通常是长期缺乏架构治理的结果。
+### 错误示例
+```
+# 项目结构：所有代码扁平堆放在一起
+src/
+├── utils.py          # 3000 行的"工具"文件
+├── helpers.py        # 2000 行的"帮助"文件
+├── models.py         # 所有表模型混在一个文件
+├── views.py          # 所有 API 混在一个文件
+├── services.py       # 所有业务逻辑混在一个文件
+├── tasks.py          # 所有异步任务混在一个文件
+└── constants.py      # 所有常量混在一个文件
+```
+```python
+# utils.py -- 什么都往里塞
+def send_email(to, subject, body): ...
+def calculate_tax(amount): ...
+def parse_csv(file_path): ...
+def resize_image(image, width): ...
+def validate_credit_card(number): ...
+def generate_report(data): ...
+def encrypt_password(password): ...
+def format_currency(amount, locale): ...
+# ... 300 个互不相关的函数
+```
+### 正确示例
+```
+# 按业务域组织的模块化结构
+src/
+├── users/
+│   ├── __init__.py
+│   ├── models.py          # User、UserProfile
+│   ├── repository.py      # UserRepository
+│   ├── service.py         # UserService
+│   ├── api.py             # /api/v1/users 路由
+│   └── tests/
+│       ├── test_service.py
+│       └── test_api.py
+├── orders/
+│   ├── __init__.py
+│   ├── models.py          # Order、OrderItem
+│   ├── repository.py
+│   ├── service.py
+│   ├── api.py
+│   ├── events.py          # OrderCreated、OrderPaid
+│   └── tests/
+├── payments/
+│   ├── __init__.py
+│   ├── models.py
+│   ├── gateway.py         # 支付网关抽象
+│   ├── service.py
+│   └── tests/
+├── shared/
+│   ├── auth/              # 认证模块
+│   ├── email/             # 邮件模块
+│   └── storage/           # 文件存储模块
+└── infrastructure/
+    ├── database.py        # 数据库连接
+    ├── cache.py           # 缓存配置
+    └── message_bus.py     # 消息队列
+```
+```python
+# 明确的模块边界：模块间通过接口通信
+# orders/service.py
+class OrderService:
+    def __init__(
+        self,
+        order_repo: OrderRepository,
+        user_service: UserServiceInterface,    # 接口，不是具体实现
+        payment_service: PaymentServiceInterface,
+    ):
+        self._repo = order_repo
+        self._users = user_service
+        self._payments = payment_service
+```
+### 检测方法
+- 单文件行数 > 1000 行。
+- `utils.py` / `helpers.py` / `common.py` 文件存在且行数 > 500。
+- 模块间存在双向 import。
+- 无法用一句话描述一个模块的职责。
+- `git log` 显示大部分 PR 都修改了同一组文件。
+### 修复步骤
+1. 梳理业务域，列出 3-7 个核心域（用户、订单、支付等）。
+2. 按业务域创建目录结构，每个域包含 models / repository / service / api。
+3. 将现有代码按业务域逐步迁移到对应目录。
+4. 定义模块间的公开接口（`__init__.py` 只导出接口类）。
+5. 使用 `import-linter` 或 `deptry` 强制模块间的依赖方向。
+6. 每次迁移后运行全量测试确认行为不变。
+### Agent Checklist
+- [ ] 按业务域组织目录结构
+- [ ] 单文件行数 <= 500
+- [ ] 无 `utils.py` / `helpers.py` 万能文件
+- [ ] 模块间无双向依赖
+- [ ] 有 import lint 工具强制依赖方向
+---
+## 3. 金锤子（Golden Hammer）
+### 描述
+对所有问题都使用同一个技术方案，不考虑场景适配性。例如所有存储都用 MySQL、所有通信都用 REST、所有前端都用 React。导致在不适合的场景中勉强使用，增加了复杂度和维护成本。
+### 错误示例
+```python
+# 所有数据都塞进 MySQL，包括日志、会话、搜索、缓存
+# 用 MySQL 做缓存（应该用 Redis）
+def get_cached_result(key):
+    row = db.execute("SELECT value FROM cache_table WHERE key = %s AND expires_at > NOW()", (key,))
+    return json.loads(row['value']) if row else None
+# 用 MySQL 做全文搜索（应该用 Elasticsearch）
+def search_products(query):
+    return db.execute(
+        "SELECT * FROM products WHERE name LIKE %s OR description LIKE %s",
+        (f"%{query}%", f"%{query}%")
+    )  # 性能极差，不支持分词、相关度排序
+# 用 MySQL 做消息队列（应该用 Kafka / RabbitMQ）
+def publish_message(topic, payload):
+    db.execute(
+        "INSERT INTO message_queue (topic, payload, status) VALUES (%s, %s, 'pending')",
+        (topic, json.dumps(payload))
+    )
+def consume_messages(topic):
+    while True:
+        rows = db.execute(
+            "SELECT * FROM message_queue WHERE topic = %s AND status = 'pending' "
+            "ORDER BY id LIMIT 10 FOR UPDATE SKIP LOCKED",
+            (topic,)
+        )
+        for row in rows:
+            process(row)
+            db.execute("UPDATE message_queue SET status = 'done' WHERE id = %s", (row['id'],))
+        time.sleep(1)  # 轮询
+```
+### 正确示例
+```python
+# 根据场景选择合适的技术
+# 结构化业务数据 -> PostgreSQL
+class OrderRepository:
+    def __init__(self, db: AsyncSession):
+        self._db = db
+# 缓存 -> Redis
+class CacheService:
+    def __init__(self, redis: Redis):
+        self._redis = redis
+    async def get(self, key: str) -> str | None:
+        return await self._redis.get(key)
+    async def set(self, key: str, value: str, ttl: int = 300) -> None:
+        await self._redis.setex(key, ttl, value)
+# 全文搜索 -> Elasticsearch
+class ProductSearchService:
+    def __init__(self, es: AsyncElasticsearch):
+        self._es = es
+    async def search(self, query: str, page: int = 1, size: int = 20):
+        return await self._es.search(
+            index="products",
+            body={
+                "query": {"multi_match": {"query": query, "fields": ["name^3", "description"]}},
+                "from": (page - 1) * size,
+                "size": size,
+            },
+        )
+# 异步消息 -> Kafka / RabbitMQ
+class EventPublisher:
+    def __init__(self, producer: AIOKafkaProducer):
+        self._producer = producer
+    async def publish(self, topic: str, event: BaseEvent) -> None:
+        await self._producer.send_and_wait(
+            topic, value=event.model_dump_json().encode()
+        )
+```
+### 检测方法
+- 同一个数据库承担了缓存、搜索、消息队列、会话管理等多种职责。
+- 技术选型文档中只有一种方案，无对比分析。
+- `LIKE '%query%'` 出现在搜索场景中。
+- 数据库中存在名为 `cache_table`、`message_queue`、`sessions` 的表。
+### 修复步骤
+1. 列出系统中所有的数据访问模式（CRUD、缓存、搜索、消息、流处理）。
+2. 为每种访问模式选择最适合的技术方案。
+3. 制定技术选型决策记录（ADR），记录选型理由和替代方案。
+4. 通过抽象层（Repository / Client 接口）隔离具体实现。
+5. 逐步迁移，先迁移性能瓶颈最严重的场景。
+### Agent Checklist
+- [ ] 技术选型有 ADR 文档记录
+- [ ] 缓存使用 Redis / Memcached
+- [ ] 全文搜索使用 Elasticsearch / Meilisearch
+- [ ] 消息队列使用 Kafka / RabbitMQ / NATS
+- [ ] 不同技术通过抽象接口隔离
+---
+## 4. 过度设计（Over-Engineering）
+### 描述
+在简单的业务场景中引入了不必要的复杂架构（微服务、CQRS、Event Sourcing、DDD 全套战术模式），导致开发效率低、认知负担高、运维成本大。典型表现是项目只有 3 个开发者和 1000 个 DAU，却部署了 20 个微服务。
+### 错误示例
+```python
+# 一个简单的博客系统，被过度设计为完整的 DDD + CQRS + Event Sourcing
+# 6 层抽象才能创建一篇文章
+class CreatePostCommandHandler:
+    def __init__(self, unit_of_work: UnitOfWork):
+        self._uow = unit_of_work
+    def handle(self, command: CreatePostCommand) -> None:
+        with self._uow:
+            post = PostAggregate.create(
+                title=Title(command.title),          # 值对象
+                content=Content(command.content),    # 值对象
+                author_id=AuthorId(command.author_id),  # 值对象
+            )
+            self._uow.posts.add(post)
+            self._uow.commit()
+class CreatePostCommand:
+    title: str
+    content: str
+    author_id: str
+class PostAggregate(AggregateRoot):
+    @classmethod
+    def create(cls, title: Title, content: Content, author_id: AuthorId):
+        post = cls()
+        post.apply(PostCreatedEvent(title=title, content=content, author_id=author_id))
+        return post
+    def _on_post_created(self, event: PostCreatedEvent):
+        self._title = event.title
+        self._content = event.content
+# 读模型还需要单独的投影和查询处理器...
+class PostReadModelProjection:
+    def on_post_created(self, event: PostCreatedEvent): ...
+class GetPostQueryHandler:
+    def handle(self, query: GetPostQuery) -> PostReadModel: ...
+```
+### 正确示例
+```python
+# 同样的博客系统，适度设计
+# models.py
+class Post(Base):
+    __tablename__ = "posts"
+    id = Column(Integer, primary_key=True)
+    title = Column(String(200), nullable=False)
+    content = Column(Text, nullable=False)
+    author_id = Column(Integer, ForeignKey("users.id"), nullable=False)
+    created_at = Column(DateTime, default=func.now())
+    updated_at = Column(DateTime, onupdate=func.now())
+# service.py
+class PostService:
+    def __init__(self, db: Session):
+        self._db = db
+    def create_post(self, author_id: int, title: str, content: str) -> Post:
+        post = Post(author_id=author_id, title=title, content=content)
+        self._db.add(post)
+        self._db.commit()
+        return post
+    def get_post(self, post_id: int) -> Post | None:
+        return self._db.query(Post).get(post_id)
+# api.py
+@app.post("/posts", response_model=PostResponse, status_code=201)
+def create_post(data: CreatePostRequest, user: User = Depends(get_current_user)):
+    return post_service.create_post(
+        author_id=user.id, title=data.title, content=data.content
+    )
+```
+### 检测方法
+- 实现一个简单 CRUD 功能需要修改 > 5 个文件。
+- 项目中存在大量只有一个实现的接口（`IXxxRepository`、`IXxxService`）。
+- 代码行数和业务复杂度不成比例（1000 DAU 的应用有 10 万行代码）。
+- 新人 onboarding 需要 > 1 周才能提交第一个 PR。
+- 存在 `AbstractFactoryBuilder`、`CommandHandlerDispatcher` 等深层嵌套的设计模式。
+### 修复步骤
+1. 评估当前系统的实际规模（DAU、数据量、团队大小）。
+2. 对比当前架构复杂度与业务复杂度是否匹配。
+3. 删除只有一个实现的接口，直接使用具体类。
+4. 合并过度拆分的微服务为模块化单体。
+5. 保留架构扩展点（接口），但延迟到真正需要时再引入。
+### Agent Checklist
+- [ ] CRUD 功能修改文件数 <= 3
+- [ ] 接口和实现的比例合理（非 1:1 对应）
+- [ ] 架构复杂度与业务规模匹配
+- [ ] 新人可在 3 天内提交首个 PR
+- [ ] 无不必要的设计模式嵌套
+---
+## 5. 循环依赖（Circular Dependency）
+### 描述
+模块 A 依赖 B，B 又依赖 A（直接或间接），形成环形依赖。导致无法独立测试、无法独立部署、import 顺序敏感、编译错误。在微服务场景下表现为服务间的循环调用。
+### 错误示例
+```python
+# user/service.py
+from order.service import OrderService  # user 依赖 order
+class UserService:
+    def __init__(self):
+        self._order_service = OrderService()
+    def get_user_with_orders(self, user_id: int):
+        user = self._repo.get(user_id)
+        user.orders = self._order_service.get_by_user(user_id)
+        return user
+    def deactivate_user(self, user_id: int):
+        self._repo.deactivate(user_id)
+# order/service.py
+from user.service import UserService  # order 反过来依赖 user -- 循环！
+class OrderService:
+    def __init__(self):
+        self._user_service = UserService()
+    def get_by_user(self, user_id: int):
+        return self._repo.get_by_user(user_id)
+    def cancel_order(self, order_id: int):
+        order = self._repo.get(order_id)
+        # 取消订单时需要检查用户状态
+        user = self._user_service.get_user(order.user_id)
+        if user.is_deactivated:
+            raise UserDeactivatedError()
+        self._repo.cancel(order_id)
+```
+### 正确示例
+```python
+# 方案 1: 依赖倒置 -- 引入接口
+# shared/interfaces.py
+from abc import ABC, abstractmethod
+class UserQueryInterface(ABC):
+    @abstractmethod
+    def get_user(self, user_id: int) -> User: ...
+    @abstractmethod
+    def is_active(self, user_id: int) -> bool: ...
+# user/service.py -- 实现接口
+class UserService(UserQueryInterface):
+    def get_user(self, user_id: int) -> User:
+        return self._repo.get(user_id)
+    def is_active(self, user_id: int) -> bool:
+        user = self._repo.get(user_id)
+        return user is not None and not user.is_deactivated
+# order/service.py -- 依赖接口而非具体实现
+class OrderService:
+    def __init__(self, user_query: UserQueryInterface):  # 注入接口
+        self._user_query = user_query
+    def cancel_order(self, order_id: int):
+        order = self._repo.get(order_id)
+        if not self._user_query.is_active(order.user_id):
+            raise UserDeactivatedError()
+        self._repo.cancel(order_id)
+```
+```python
+# 方案 2: 事件解耦
+# user/service.py
+class UserService:
+    def deactivate_user(self, user_id: int):
+        self._repo.deactivate(user_id)
+        self._event_bus.publish(UserDeactivatedEvent(user_id=user_id))
+# order/event_handler.py -- 订阅事件，无 import 依赖
+class OrderEventHandler:
+    def on_user_deactivated(self, event: UserDeactivatedEvent):
+        self._order_repo.cancel_pending_orders(event.user_id)
+```
+### 检测方法
+- Python: `import-linter` 配置分层规则，CI 中检查。
+- `pydeps` / `madge` (JS) 生成依赖图，检查是否有环。
+- 运行时出现 `ImportError: cannot import name` 循环导入错误。
+- 微服务场景：绘制服务调用图，检查是否有双向调用。
+### 修复步骤
+1. 使用 `pydeps` / `madge` 生成依赖图，识别所有环。
+2. 对于直接循环：引入接口层（依赖倒置原则）。
+3. 对于间接循环：考虑事件驱动解耦或合并紧耦合的模块。
+4. 在 CI 中配置 `import-linter` 规则，阻止新的循环依赖进入。
+5. 定期检查依赖图，确保架构约束持续有效。
+### Agent Checklist
+- [ ] 无循环 import（`import-linter` CI 检查通过）
+- [ ] 模块间依赖方向单一（上层 -> 下层）
+- [ ] 紧耦合的模块通过接口解耦
+- [ ] 服务间无双向同步调用
+---
+## 6. 无边界上下文（Missing Bounded Context）
+### 描述
+不同业务域共用相同的模型定义，导致一个模型承担多个业务域的含义。例如 `User` 模型同时用于认证、订单、支付、社交，修改认证逻辑可能意外影响订单模块。
+### 错误示例
+```python
+# 一个 User 模型被所有业务域共用
+class User(Base):
+    __tablename__ = "users"
+    id = Column(Integer, primary_key=True)
+    # 认证域
+    username = Column(String(50))
+    password_hash = Column(String(255))
+    last_login = Column(DateTime)
+    mfa_secret = Column(String(100))
+    # 订单域
+    shipping_address = Column(String(500))
+    default_payment_method = Column(String(50))
+    # 社交域
+    bio = Column(Text)
+    avatar_url = Column(String(500))
+    follower_count = Column(Integer)
+    # 营销域
+    newsletter_opt_in = Column(Boolean)
+    referral_code = Column(String(20))
+    loyalty_points = Column(Integer)
+# 所有服务都直接操作这个巨型 User 表
+# auth_service.py
+def login(username, password):
+    user = session.query(User).filter_by(username=username).first()
+    # 加载了 20+ 列，只需要 2 列
+# social_service.py
+def get_profile(user_id):
+    user = session.query(User).get(user_id)
+    # 修改这个查询可能影响认证服务的性能
+```
+### 正确示例
+```python
+# 按边界上下文拆分模型
+# auth/models.py -- 认证上下文
+class AuthUser(Base):
+    __tablename__ = "auth_users"
+    id = Column(Integer, primary_key=True)
+    username = Column(String(50), unique=True, nullable=False)
+    password_hash = Column(String(255), nullable=False)
+    last_login = Column(DateTime)
+    mfa_secret = Column(String(100))
+# orders/models.py -- 订单上下文
+class Customer(Base):
+    """订单域中的用户表示 -- 只包含订单相关的属性"""
+    __tablename__ = "order_customers"
+    id = Column(Integer, primary_key=True)
+    user_id = Column(Integer, index=True)  # 关联到 auth_users.id
+    shipping_address = Column(String(500))
+    default_payment_method = Column(String(50))
+# social/models.py -- 社交上下文
+class UserProfile(Base):
+    """社交域中的用户表示 -- 只包含社交相关的属性"""
+    __tablename__ = "social_profiles"
+    id = Column(Integer, primary_key=True)
+    user_id = Column(Integer, unique=True, index=True)
+    display_name = Column(String(100))
+    bio = Column(Text)
+    avatar_url = Column(String(500))
+    follower_count = Column(Integer, default=0)
+# 上下文间通过 user_id 关联，不直接 import 对方的模型
+# 跨上下文的数据同步通过事件实现
+class UserRegisteredEventHandler:
+    """当用户注册时，在其他上下文中创建对应的记录"""
+    def handle(self, event: UserRegisteredEvent):
+        # 在订单域创建 Customer
+        customer_repo.create(Customer(user_id=event.user_id))
+        # 在社交域创建 Profile
+        profile_repo.create(UserProfile(user_id=event.user_id))
+```
+### 检测方法
+- 单个模型类的字段数 > 20。
+- 模型类包含属于不同业务域的字段（认证 + 支付 + 社交）。
+- 修改一个业务域的逻辑需要修改另一个业务域的代码。
+- 多个团队频繁在同一个模型文件上产生合并冲突。
+### 修复步骤
+1. 进行事件风暴（Event Storming），识别业务域和边界上下文。
+2. 为每个边界上下文定义独立的模型，即使它们代表同一个实体。
+3. 上下文间通过 ID 关联，不直接 import 对方的模型。
+4. 使用领域事件同步跨上下文的数据变更。
+5. 每个上下文可以有自己的数据库 Schema 或独立数据库。
+### Agent Checklist
+- [ ] 每个业务域有独立的模型定义
+- [ ] 单个模型字段数 <= 15
+- [ ] 模块间不直接 import 对方的模型类
+- [ ] 跨域数据同步使用事件机制
+- [ ] 不同团队不会在同一个模型文件上冲突
+---
+## 全局 Agent Checklist
+| 检查项 | 阈值 | 工具 |
+|--------|------|------|
+| 服务间同步调用链深度 | <= 2 | 调用链追踪 / APM |
+| 共享数据库 | 0 个 | 架构图审查 |
+| 单文件行数 | <= 500 | `wc -l` |
+| 循环依赖 | 0 个 | `import-linter` / `pydeps` |
+| 单模型字段数 | <= 15 | Code Review |
+| CRUD 修改文件数 | <= 3 | git diff 统计 |
+| 万能工具文件 | 0 个 | `grep -r "utils.py"` |