npm - @umacloud/knowledge - Versions diffs - 1.0.1 - Mend

@umacloud/knowledge 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (418) hide show

package/00-governance/governance-capabilities.md +557 -0
package/00-governance/knowledge-map.md +39 -0
package/00-governance/maintenance-policy.md +76 -0
package/00-governance/review-checklist.md +81 -0
package/README.md +13 -0
package/ai/01-standards/agent-development-complete.md +691 -0
package/ai/01-standards/llm-application-complete.md +488 -0
package/ai/01-standards/mlops-complete.md +798 -0
package/ai/01-standards/prompt-engineering-complete.md +646 -0
package/ai/01-standards/rag-architecture-complete.md +649 -0
package/ai/02-playbooks/llm-evaluation-playbook.md +847 -0
package/ai/03-checklists/ai-project-checklist.md +215 -0
package/ai/04-antipatterns/ai-antipatterns.md +661 -0
package/ai/05-cases/case-rag-production.md +147 -0
package/ai/06-glossary/ai-glossary.md +162 -0
package/ai/agent-evaluation-benchmark.md +53 -0
package/ai/ai-agent-memory-context-management.md +41 -0
package/ai/ai-cost-capacity-optimization-playbook.md +42 -0
package/ai/ai-data-security-and-compliance-playbook.md +37 -0
package/ai/ai-domain-index-and-checklist.md +40 -0
package/ai/ai-governance-maturity-model.md +50 -0
package/ai/ai-model-selection-and-routing-strategy.md +47 -0
package/ai/ai-observability-and-oncall-runbook.md +52 -0
package/ai/ai-rag-engineering-playbook.md +42 -0
package/ai/ai-red-team-and-safety-evaluation.md +42 -0
package/ai/ai-release-readiness-and-rollback-gate.md +42 -0
package/ai/llm-agent-engineering-deep-dive.md +57 -0
package/ai/prompt-and-tool-guardrails.md +52 -0
package/api/01-standards/enterprise-api-standards.md +198 -0
package/api/01-standards/rest-api-design-guide.md +63 -0
package/api/02-playbooks/api-pagination-playbook.md +93 -0
package/api/02-playbooks/graphql-production-playbook.md +176 -0
package/api/03-checklists/api-review-checklist.md +55 -0
package/api/04-antipatterns/api-antipatterns.md +112 -0
package/architecture/01-standards/api-gateway-patterns.md +496 -0
package/architecture/01-standards/cloud-native-patterns.md +644 -0
package/architecture/01-standards/distributed-systems-patterns.md +591 -0
package/architecture/01-standards/event-driven-architecture.md +595 -0
package/architecture/01-standards/microservices-patterns-complete.md +968 -0
package/architecture/01-standards/microservices-patterns.md +495 -0
package/architecture/01-standards/system-design-interview.md +664 -0
package/architecture/02-playbooks/microservices-patterns-playbook.md +137 -0
package/architecture/02-playbooks/migration-playbook.md +780 -0
package/architecture/02-playbooks/system-design-playbook.md +779 -0
package/architecture/03-checklists/architecture-decision-checklist.md +297 -0
package/architecture/04-antipatterns/architecture-antipatterns.md +417 -0
package/architecture/05-cases/case-netflix-microservices.md +413 -0
package/architecture/06-glossary/architecture-glossary.md +164 -0
package/architecture/adr-template-and-examples.md +38 -0
package/architecture/api-gateway-deep-dive.md +1291 -0
package/architecture/configuration-management.md +1162 -0
package/architecture/distributed-transactions.md +1220 -0
package/architecture/microservices-complete.md +735 -0
package/architecture/resilience-and-disaster-patterns.md +37 -0
package/architecture/service-governance.md +1198 -0
package/architecture/system-architecture-deep-dive.md +37 -0
package/backend/01-standards/analytics-and-growth.md +65 -0
package/backend/01-standards/api-and-error-conventions.md +120 -0
package/backend/01-standards/application-layering-and-packaging.md +160 -0
package/backend/01-standards/auth-implementation.md +104 -0
package/backend/01-standards/backend-framework-idioms.md +74 -0
package/backend/01-standards/background-jobs-and-async.md +66 -0
package/backend/01-standards/caching-strategies-complete.md +390 -0
package/backend/01-standards/config-and-observability.md +77 -0
package/backend/01-standards/data-modeling-and-persistence.md +94 -0
package/backend/01-standards/django-complete.md +1765 -0
package/backend/01-standards/email-and-notifications.md +64 -0
package/backend/01-standards/fastapi-complete.md +925 -0
package/backend/01-standards/file-upload-and-storage.md +66 -0
package/backend/01-standards/graphql-api-complete.md +416 -0
package/backend/01-standards/llm-application-standard.md +78 -0
package/backend/01-standards/message-queue-patterns.md +379 -0
package/backend/01-standards/microservices-and-distributed.md +78 -0
package/backend/01-standards/nestjs-complete.md +2167 -0
package/backend/01-standards/payment-integration.md +80 -0
package/backend/01-standards/rate-limiting-complete.md +451 -0
package/backend/01-standards/realtime-and-websocket.md +65 -0
package/backend/01-standards/search-and-filtering.md +64 -0
package/backend/01-standards/spring-boot-complete.md +445 -0
package/backend/02-playbooks/api-design-playbook.md +718 -0
package/backend/02-playbooks/email-send-playbook.md +130 -0
package/backend/02-playbooks/file-upload-s3-playbook.md +153 -0
package/backend/02-playbooks/typescript-enterprise-playbook.md +133 -0
package/backend/02-playbooks/websocket-realtime-playbook.md +154 -0
package/backend/03-checklists/api-launch-checklist.md +189 -0
package/backend/04-antipatterns/backend-antipatterns.md +1051 -0
package/blockchain/01-standards/blockchain-basics.md +557 -0
package/blockchain/01-standards/smart-contract-development.md +1315 -0
package/cicd/01-standards/deployment-and-delivery-standard.md +96 -0
package/cicd/01-standards/github-actions-complete.md +473 -0
package/cicd/01-standards/release-and-store-submission.md +75 -0
package/cicd/02-playbooks/cicd-pipeline-playbook.md +144 -0
package/cicd/02-playbooks/release-management-playbook.md +605 -0
package/cicd/03-checklists/pipeline-security-checklist.md +168 -0
package/cicd/04-antipatterns/cicd-antipatterns.md +589 -0
package/cicd/05-cases/case-deployment-automation.md +221 -0
package/cicd/05-cases/case-gitops-transformation.md +212 -0
package/cicd/06-glossary/cicd-glossary.md +114 -0
package/cicd/cicd-blueprint-deep-dive.md +38 -0
package/cicd/release-readiness-gate.md +37 -0
package/cloud-native/01-standards/container-security.md +741 -0
package/cloud-native/01-standards/kubernetes-complete.md +812 -0
package/cloud-native/02-playbooks/api-gateway-playbook.md +155 -0
package/cloud-native/02-playbooks/gitops-with-argocd.md +760 -0
package/cloud-native/02-playbooks/k8s-troubleshooting-playbook.md +1942 -0
package/cloud-native/02-playbooks/message-queue-playbook.md +129 -0
package/cloud-native/02-playbooks/multicloud-governance.md +726 -0
package/cloud-native/02-playbooks/serverless-patterns.md +788 -0
package/cloud-native/02-playbooks/service-mesh-playbook.md +612 -0
package/cloud-native/02-playbooks/terraform-iac-playbook.md +143 -0
package/cloud-native/03-checklists/container-security-checklist.md +431 -0
package/cloud-native/03-checklists/k8s-production-readiness-checklist.md +460 -0
package/cloud-native/04-antipatterns/container-antipatterns.md +660 -0
package/cloud-native/04-antipatterns/k8s-antipatterns.md +743 -0
package/cloud-native/05-cases/case-k8s-migration.md +478 -0
package/cloud-native/05-cases/case-k8s-scaling.md +642 -0
package/cloud-native/05-cases/case-k8s-security-incident.md +397 -0
package/cloud-native/06-glossary/cloud-native-glossary.md +337 -0
package/cross-platform/01-standards/cross-platform-frameworks.md +83 -0
package/cross-platform/01-standards/platform-selection-and-architecture.md +77 -0
package/data/01-standards/elasticsearch-complete.md +2098 -0
package/data/01-standards/postgresql-complete.md +1613 -0
package/data/01-standards/redis-complete.md +1527 -0
package/data/02-playbooks/database-optimization-playbook.md +403 -0
package/data/02-playbooks/elasticsearch-production-playbook.md +132 -0
package/data/03-checklists/database-launch-checklist.md +187 -0
package/data/04-antipatterns/database-antipatterns.md +873 -0
package/data/05-cases/case-database-migration.md +310 -0
package/data/06-glossary/database-glossary.md +440 -0
package/data/data-governance-and-modeling-deep-dive.md +39 -0
package/data-engineering/01-standards/airflow-complete.md +523 -0
package/data-engineering/01-standards/kafka-complete.md +1521 -0
package/data-engineering/02-playbooks/spark-etl-playbook.md +496 -0
package/data-engineering/03-checklists/pipeline-launch-checklist.md +194 -0
package/data-engineering/04-antipatterns/data-pipeline-antipatterns.md +684 -0
package/data-engineering/05-cases/case-real-time-pipeline.md +355 -0
package/data-engineering/06-glossary/data-engineering-glossary.md +429 -0
package/database/01-standards/database-schema-standards.md +147 -0
package/database/02-playbooks/postgresql-optimization-quick.md +52 -0
package/database/02-playbooks/postgresql-performance-optimization.md +58 -0
package/database/02-playbooks/postgresql-production-playbook.md +146 -0
package/database/02-playbooks/redis-caching-playbook.md +117 -0
package/database/03-checklists/database-review-checklist.md +50 -0
package/database/04-antipatterns/database-antipatterns.md +112 -0
package/design/01-standards/ui-design-system-complete.md +423 -0
package/design/02-playbooks/design-handoff-playbook.md +254 -0
package/design/02-playbooks/design-review-playbook.md +388 -0
package/design/03-checklists/design-review-checklist.md +246 -0
package/design/04-antipatterns/design-antipatterns.md +378 -0
package/design/05-cases/case-design-system-adoption.md +328 -0
package/design/06-glossary/design-glossary.md +329 -0
package/design/ui-full-lifecycle-cross-platform-playbook.md +571 -0
package/design/ux-system-deep-dive.md +38 -0
package/design-systems/00-craft-rules.md +71 -0
package/design-systems/aesthetic-families.md +43 -0
package/design-systems/anti-ai-slop.md +162 -0
package/design-systems/bold-geometric.md +120 -0
package/design-systems/brutalist-bold.md +103 -0
package/design-systems/editorial-clean.md +109 -0
package/design-systems/glass-aurora.md +108 -0
package/design-systems/modern-minimal.md +145 -0
package/design-systems/premium-luxury.md +106 -0
package/design-systems/product-type-design-map.md +48 -0
package/design-systems/soft-warm.md +123 -0
package/design-systems/tech-utility.md +113 -0
package/desktop/01-standards/desktop-app-standard.md +72 -0
package/desktop/01-standards/desktop-design.md +71 -0
package/development/00-governance/document-template.md +41 -0
package/development/01-standards/api-versioning-strategies.md +432 -0
package/development/01-standards/authentication-patterns-complete.md +479 -0
package/development/01-standards/css-architecture-complete.md +550 -0
package/development/01-standards/database-migration-strategies.md +484 -0
package/development/01-standards/elasticsearch-complete.md +347 -0
package/development/01-standards/git-complete.md +371 -0
package/development/01-standards/golang-complete.md +1565 -0
package/development/01-standards/graphql-complete.md +298 -0
package/development/01-standards/javascript-bundlers-complete.md +469 -0
package/development/01-standards/javascript-typescript-complete.md +528 -0
package/development/01-standards/jest-complete.md +275 -0
package/development/01-standards/linux-complete.md +234 -0
package/development/01-standards/logging-observability-complete.md +526 -0
package/development/01-standards/microservices-communication.md +502 -0
package/development/01-standards/mongodb-complete.md +406 -0
package/development/01-standards/oauth2-complete.md +285 -0
package/development/01-standards/performance-optimization-complete.md +289 -0
package/development/01-standards/playwright-complete.md +247 -0
package/development/01-standards/postgresql-complete.md +456 -0
package/development/01-standards/pytest-complete.md +340 -0
package/development/01-standards/python-async-programming.md +902 -0
package/development/01-standards/python-complete.md +956 -0
package/development/01-standards/python-decorators-complete.md +799 -0
package/development/01-standards/python-design-patterns.md +2854 -0
package/development/01-standards/python-packaging-distribution.md +420 -0
package/development/01-standards/python-testing-strategies.md +607 -0
package/development/01-standards/python-web-frameworks-comparison.md +471 -0
package/development/01-standards/redis-complete.md +317 -0
package/development/01-standards/rest-api-complete.md +316 -0
package/development/01-standards/rust-complete.md +578 -0
package/development/01-standards/typescript-advanced-types.md +1513 -0
package/development/01-standards/web-security-complete.md +292 -0
package/development/02-playbooks/api-design-playbook.md +810 -0
package/development/02-playbooks/database-migration-playbook.md +580 -0
package/development/02-playbooks/debugging-playbook.md +692 -0
package/development/02-playbooks/feature-delivery-playbook.md +430 -0
package/development/02-playbooks/incident-hotfix-playbook.md +387 -0
package/development/02-playbooks/performance-optimization-playbook.md +531 -0
package/development/02-playbooks/performance-tuning-playbook.md +652 -0
package/development/02-playbooks/refactor-playbook.md +403 -0
package/development/02-playbooks/release-playbook.md +469 -0
package/development/03-checklists/architecture-review-checklist.md +168 -0
package/development/03-checklists/data-migration-checklist.md +157 -0
package/development/03-checklists/oncall-handover-checklist.md +173 -0
package/development/03-checklists/pr-checklist.md +158 -0
package/development/03-checklists/production-readiness-checklist.md +190 -0
package/development/03-checklists/release-readiness-checklist.md +154 -0
package/development/03-checklists/security-review-checklist.md +182 -0
package/development/04-antipatterns/api-antipatterns.md +657 -0
package/development/04-antipatterns/architecture-antipatterns.md +686 -0
package/development/04-antipatterns/backend-antipatterns.md +648 -0
package/development/04-antipatterns/cicd-antipatterns.md +540 -0
package/development/04-antipatterns/code-smell-antipatterns.md +571 -0
package/development/04-antipatterns/data-antipatterns.md +658 -0
package/development/04-antipatterns/database-antipatterns.md +578 -0
package/development/04-antipatterns/frontend-antipatterns.md +635 -0
package/development/04-antipatterns/reliability-antipatterns.md +700 -0
package/development/04-antipatterns/security-antipatterns.md +747 -0
package/development/05-cases/case-api-version-migration.md +428 -0
package/development/05-cases/case-authorization-hardening.md +383 -0
package/development/05-cases/case-bluegreen-rollback.md +466 -0
package/development/05-cases/case-cache-snowball-protection.md +485 -0
package/development/05-cases/case-ci-cd-pipeline.md +544 -0
package/development/05-cases/case-database-scaling.md +500 -0
package/development/05-cases/case-db-hotspot-optimization.md +487 -0
package/development/05-cases/case-incident-mttr-reduction.md +563 -0
package/development/05-cases/case-microservice-migration.md +375 -0
package/development/05-cases/case-performance-optimization.md +406 -0
package/development/05-cases/case-security-incident-response.md +345 -0
package/development/06-glossary/full-stack-glossary.md +166 -0
package/development/09-maturity/quarterly-audit-template.md +35 -0
package/development/11-ui-excellence/ui-aesthetic-system.md +41 -0
package/development/11-ui-excellence/ui-engineering-excellence.md +435 -0
package/development/12-scenarios/development-scenarios-guide.md +565 -0
package/development/13-implementation-assets/implementation-toolkit.md +282 -0
package/development/13-implementation-assets/knowledge-gates-execution.md +43 -0
package/development/14-full-lifecycle/software-lifecycle-gates.md +511 -0
package/development/15-lifecycle-templates/project-templates-collection.md +791 -0
package/development/api-contract-and-versioning-guide.md +36 -0
package/development/api-governance-complete.md +43 -0
package/development/backend-engineering-complete.md +43 -0
package/development/code-review-quality-complete.md +43 -0
package/development/concurrency-reliability-complete.md +43 -0
package/development/database-engineering-complete.md +43 -0
package/development/engineering-effectiveness-complete.md +43 -0
package/development/engineering-standards-deep-dive.md +38 -0
package/development/frontend-engineering-complete.md +43 -0
package/development/performance-capacity-complete.md +43 -0
package/development/refactor-migration-complete.md +42 -0
package/development/refactoring-and-techdebt-playbook.md +37 -0
package/development/security-in-development-complete.md +43 -0
package/devops/01-standards/cicd-pipeline-complete.md +262 -0
package/devops/01-standards/docker-complete.md +1490 -0
package/devops/01-standards/github-actions-complete.md +337 -0
package/devops/01-standards/kubernetes-complete.md +638 -0
package/devops/01-standards/terraform-complete.md +2117 -0
package/devops/02-playbooks/docker-compose-playbook.md +233 -0
package/devops/02-playbooks/docker-k8s-production-playbook.md +186 -0
package/devops/02-playbooks/docker-production-playbook.md +952 -0
package/edge-iot/01-standards/edge-iot-complete.md +473 -0
package/experts/architect/api-design.md +178 -0
package/experts/architect/methodology.md +124 -0
package/experts/architect/security.md +75 -0
package/experts/backend-lead/methodology.md +216 -0
package/experts/devops/methodology.md +160 -0
package/experts/frontend-lead/methodology.md +178 -0
package/experts/product-manager/industry/ecommerce.md +43 -0
package/experts/product-manager/industry/saas.md +40 -0
package/experts/product-manager/methodology.md +97 -0
package/experts/qa-lead/methodology.md +123 -0
package/experts/qa-lead/test-strategy.md +128 -0
package/experts/uiux-designer/methodology.md +125 -0
package/frontend/01-standards/accessibility-complete.md +532 -0
package/frontend/01-standards/accessibility-standard.md +74 -0
package/frontend/01-standards/admin-dashboard-and-crud.md +72 -0
package/frontend/01-standards/design-tokens-complete.md +444 -0
package/frontend/01-standards/forms-and-validation.md +77 -0
package/frontend/01-standards/frontend-architecture-and-layering.md +119 -0
package/frontend/01-standards/i18n-and-localization.md +65 -0
package/frontend/01-standards/nextjs-complete.md +451 -0
package/frontend/01-standards/react-complete.md +713 -0
package/frontend/01-standards/react-hooks-complete-guide.md +1100 -0
package/frontend/01-standards/react-hooks-complete.md +1171 -0
package/frontend/01-standards/seo-and-web-vitals.md +77 -0
package/frontend/01-standards/state-management-complete.md +444 -0
package/frontend/01-standards/vue-complete.md +499 -0
package/frontend/01-standards/vue3-complete.md +2002 -0
package/frontend/01-standards/web-framework-best-practices.md +64 -0
package/frontend/01-standards/web-performance-complete.md +495 -0
package/frontend/02-playbooks/accessibility-a11y-playbook.md +161 -0
package/frontend/02-playbooks/frontend-performance-playbook.md +707 -0
package/frontend/02-playbooks/i18n-internationalization-playbook.md +120 -0
package/frontend/02-playbooks/performance-optimization-playbook.md +163 -0
package/frontend/02-playbooks/react-nextjs-production-playbook.md +167 -0
package/frontend/02-playbooks/react-state-management-playbook.md +173 -0
package/frontend/03-checklists/component-quality-checklist.md +166 -0
package/frontend/03-checklists/frontend-launch-checklist.md +299 -0
package/frontend/04-antipatterns/frontend-antipatterns.md +886 -0
package/frontend/05-cases/case-performance-optimization.md +274 -0
package/harmony/01-standards/harmonyos-arkts-standard.md +75 -0
package/harmony/01-standards/harmonyos-design.md +65 -0
package/high-quality-engineering-playbook.md +54 -0
package/incident/01-standards/incident-response-complete.md +303 -0
package/incident/02-playbooks/chaos-engineering-playbook.md +883 -0
package/incident/02-playbooks/postmortem-playbook.md +398 -0
package/incident/03-checklists/incident-readiness-checklist.md +181 -0
package/incident/04-antipatterns/incident-antipatterns.md +490 -0
package/incident/05-cases/case-cascade-failure.md +176 -0
package/incident/06-glossary/incident-glossary.md +114 -0
package/incident/postmortem-and-response-deep-dive.md +39 -0
package/industries/ecommerce/ecommerce-complete.md +631 -0
package/industries/education/education-complete.md +555 -0
package/industries/fintech/fintech-complete.md +501 -0
package/industries/gaming/gaming-complete.md +587 -0
package/industries/healthcare/healthcare-complete.md +452 -0
package/low-code/01-standards/low-code-complete.md +944 -0
package/miniprogram/01-standards/ai-common-mistakes.md +61 -0
package/miniprogram/01-standards/miniprogram-custom-navbar-capsule.md +77 -0
package/miniprogram/01-standards/miniprogram-design.md +61 -0
package/miniprogram/01-standards/miniprogram-standard.md +81 -0
package/mobile/01-standards/android-material-design.md +70 -0
package/mobile/01-standards/flutter-complete.md +384 -0
package/mobile/01-standards/ios-design-hig.md +78 -0
package/mobile/01-standards/mobile-app-standard.md +85 -0
package/mobile/01-standards/react-native-complete.md +352 -0
package/mobile/02-playbooks/mobile-cross-platform-playbook.md +175 -0
package/mobile/02-playbooks/mobile-performance.md +473 -0
package/mobile/03-checklists/mobile-release-checklist.md +234 -0
package/mobile/04-antipatterns/mobile-antipatterns.md +798 -0
package/mobile/05-cases/case-app-performance.md +500 -0
package/mobile/05-cases/case-app-startup-optimization.md +218 -0
package/mobile/06-glossary/mobile-glossary.md +484 -0
package/observability/01-standards/observability-standards.md +103 -0
package/observability/02-playbooks/prometheus-grafana-playbook.md +135 -0
package/observability/02-playbooks/structured-logging-playbook.md +73 -0
package/observability/03-checklists/observability-checklist.md +54 -0
package/observability/04-antipatterns/observability-antipatterns.md +106 -0
package/operations/01-standards/prometheus-monitoring-complete.md +1578 -0
package/operations/02-playbooks/capacity-planning-playbook.md +620 -0
package/operations/03-checklists/production-launch-checklist.md +365 -0
package/operations/04-antipatterns/operations-antipatterns.md +664 -0
package/operations/05-cases/case-sre-practices.md +581 -0
package/operations/06-glossary/operations-glossary.md +120 -0
package/operations/aiops-anomaly-detection.md +758 -0
package/operations/capacity-planning.md +1061 -0
package/operations/chaos-engineering.md +659 -0
package/operations/incident-command-system.md +38 -0
package/operations/observability-complete.md +442 -0
package/operations/slo-sli-playbook.md +517 -0
package/operations/sre-operations-deep-dive.md +39 -0
package/package.json +8 -0
package/performance/01-standards/performance-and-scalability.md +80 -0
package/performance/01-standards/performance-standards.md +156 -0
package/performance/02-playbooks/query-optimization-playbook.md +103 -0
package/performance/03-checklists/performance-checklist.md +56 -0
package/performance/04-antipatterns/performance-antipatterns.md +146 -0
package/product/01-standards/product-management-complete.md +285 -0
package/product/02-playbooks/feature-launch-playbook.md +207 -0
package/product/02-playbooks/user-research-playbook.md +532 -0
package/product/03-checklists/feature-launch-checklist.md +275 -0
package/product/04-antipatterns/product-antipatterns.md +355 -0
package/product/05-cases/case-mvp-to-scale.md +384 -0
package/product/06-glossary/product-glossary.md +462 -0
package/product/feature-prioritization-framework.md +40 -0
package/product/kpi-and-metric-tree.md +37 -0
package/product/product-discovery-and-prd-deep-dive.md +41 -0
package/quantum/01-standards/quantum-complete.md +1186 -0
package/security/01-standards/api-security-complete.md +511 -0
package/security/01-standards/container-runtime-security.md +574 -0
package/security/01-standards/data-protection-gdpr.md +543 -0
package/security/01-standards/owasp-top10-complete.md +1890 -0
package/security/01-standards/secure-coding-baseline.md +90 -0
package/security/01-standards/supply-chain-security.md +441 -0
package/security/01-standards/web-security-checklist.md +108 -0
package/security/01-standards/zero-trust-architecture.md +521 -0
package/security/02-playbooks/auth-sso-playbook.md +166 -0
package/security/02-playbooks/incident-response-security-playbook.md +588 -0
package/security/02-playbooks/owasp-api-security-playbook.md +129 -0
package/security/02-playbooks/payment-integration-playbook.md +119 -0
package/security/02-playbooks/penetration-testing-playbook.md +517 -0
package/security/03-checklists/security-audit-checklist.md +356 -0
package/security/04-antipatterns/security-coding-antipatterns.md +580 -0
package/security/05-cases/case-log4shell-incident.md +537 -0
package/security/05-cases/case-major-breaches.md +468 -0
package/security/06-glossary/security-glossary.md +212 -0
package/security/compliance-automation.md +993 -0
package/security/container-security.md +680 -0
package/security/devsecops-complete.md +426 -0
package/security/sast-dast-sca.md +775 -0
package/security/secrets-management.md +594 -0
package/security/security-architecture-deep-dive.md +37 -0
package/security/threat-modeling-stride-playbook.md +40 -0
package/seed-templates/auth-system.md +59 -0
package/seed-templates/blog-content.md +94 -0
package/seed-templates/dashboard.md +89 -0
package/seed-templates/docs-site.md +73 -0
package/seed-templates/e-commerce.md +50 -0
package/seed-templates/saas-landing.md +92 -0
package/seed-templates/settings-page.md +51 -0
package/testing/01-standards/test-strategy-and-layering.md +83 -0
package/testing/01-standards/testing-strategy-complete.md +422 -0
package/testing/01-standards/unit-testing-best-practices.md +118 -0
package/testing/02-playbooks/e2e-testing-playbook.md +988 -0
package/testing/02-playbooks/testing-strategy-playbook.md +126 -0
package/testing/03-checklists/test-strategy-checklist.md +208 -0
package/testing/04-antipatterns/testing-antipatterns.md +718 -0
package/testing/05-cases/case-testing-transformation.md +300 -0
package/testing/06-glossary/testing-glossary.md +110 -0
package/testing/risk-based-test-matrix.md +36 -0
package/testing/testing-strategy-deep-dive.md +37 -0

package/cloud-native/04-antipatterns/container-antipatterns.md ADDED Viewed

@@ -0,0 +1,660 @@
+---
+title: 容器反模式库
+version: 1.0.0
+last_updated: 2025-03-20
+owner: platform-team
+tags: [container, docker, antipatterns, best-practices]
+status: production
+domain: cloud-native
+difficulty: intermediate
+quality_score: 70
+---
+# 开发：Excellent（11964948@qq.com）
+# 功能：容器常见反模式识别与修正
+# 作用：帮助团队避免容器化常见错误
+# 创建时间：2025-03-20
+# 最后修改：2025-03-20
+## 反模式分类
+- **P0** - 严重问题，必须立即修复
+- **P1** - 重要问题，应尽快修复
+- **P2** - 建议改进，可计划修复
+---
+## 1. 镜像构建反模式
+### 1.1 使用 latest 标签 [P0]
+**反模式描述**：镜像使用 latest 标签，版本不可追溯。
+```dockerfile
+# [FAIL] 反模式
+FROM node:latest
+```
+**问题影响**：
+- 版本不可预测
+- 构建结果不一致
+- 无法回滚到特定版本
+- 生产环境风险
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+FROM node:20.11-alpine3.19@sha256:abc123...
+```
+### 1.2 镜像过大 [P1]
+**反模式描述**：镜像包含不必要的工具和包。
+```dockerfile
+# [FAIL] 反模式
+FROM ubuntu:latest
+RUN apt-get update && apt-get install -y \
+    curl wget vim git build-essential python3 nodejs
+```
+**问题影响**：
+- 拉取时间长
+- 存储成本高
+- 攻击面大
+- 启动慢
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+FROM python:3.11-slim-bookworm
+# 或使用 alpine
+FROM python:3.11-alpine
+# 或使用 distroless
+FROM gcr.io/distroless/python3-debian12
+```
+### 1.3 未清理缓存 [P1]
+**反模式描述**：安装后未清理包管理器缓存。
+```dockerfile
+# [FAIL] 反模式
+RUN apt-get update && apt-get install -y python3
+RUN pip install -r requirements.txt
+# 未清理缓存
+```
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends python3 && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+RUN pip install --no-cache-dir -r requirements.txt
+```
+### 1.4 多个 RUN 指令 [P2]
+**反模式描述**：每个命令单独一层，增加镜像大小。
+```dockerfile
+# [FAIL] 反模式
+RUN apt-get update
+RUN apt-get install -y python3
+RUN apt-get install -y pip
+RUN pip install -r requirements.txt
+```
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends python3 python3-pip && \
+    pip install --no-cache-dir -r requirements.txt && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+```
+---
+## 2. 安全反模式
+### 2.1 以 root 运行 [P0]
+**反模式描述**：容器默认以 root 用户运行。
+```dockerfile
+# [FAIL] 反模式
+FROM python:3.11-slim
+WORKDIR /app
+COPY . .
+CMD ["python", "app.py"]
+# 默认以 root 运行
+```
+**问题影响**：
+- 安全风险
+- 权限过大
+- 容器逃逸风险
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+FROM python:3.11-slim
+RUN groupadd -r appgroup && useradd -r -g appgroup appuser
+WORKDIR /app
+COPY --chown=appuser:appgroup . .
+USER appuser
+CMD ["python", "app.py"]
+```
+### 2.2 硬编码密钥 [P0]
+**反模式描述**：敏感信息硬编码在镜像中。
+```dockerfile
+# [FAIL] 反模式
+ENV DATABASE_PASSWORD="plaintext_password"
+ENV API_KEY="secret_key_123"
+RUN echo "password=secret" > /app/config
+```
+**问题影响**：
+- 密钥泄露
+- 无法更换密钥
+- 安全审计失败
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+# 镜像中不包含敏感信息
+# 运行时通过环境变量或 Secret 注入
+ENV DATABASE_PASSWORD=""
+# Kubernetes 中：
+# env:
+# - name: DATABASE_PASSWORD
+#   valueFrom:
+#     secretKeyRef:
+#       name: db-credentials
+#       key: password
+```
+### 2.3 暴露不必要的端口 [P1]
+**反模式描述**：暴露所有端口。
+```dockerfile
+# [FAIL] 反模式
+EXPOSE 80 443 8080 3000 5432 6379
+```
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+EXPOSE 8080
+```
+### 2.4 使用 ADD 而非 COPY [P2]
+**反模式描述**：不必要的 ADD 增加安全风险。
+```dockerfile
+# [FAIL] 反模式
+ADD http://example.com/file.tar.gz /tmp/
+ADD archive.tar.gz /app/
+```
+**问题影响**：
+- 自动解压可能导致意外行为
+- 远程文件下载风险
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+# 使用 COPY 复制本地文件
+COPY archive.tar.gz /app/
+RUN tar -xzf /app/archive.tar.gz -C /app && rm /app/archive.tar.gz
+```
+---
+## 3. 运行时反模式
+### 3.1 单进程容器运行多服务 [P0]
+**反模式描述**：一个容器运行多个服务。
+```dockerfile
+# [FAIL] 反模式
+CMD nginx && php-fpm && mysql
+```
+**问题影响**：
+- 进程管理困难
+- 资源隔离失效
+- 日志混乱
+- 扩缩容困难
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+# 每个服务独立容器
+# Nginx 容器
+FROM nginx:alpine
+CMD ["nginx", "-g", "daemon off;"]
+# PHP-FPM 容器
+FROM php:8.2-fpm-alpine
+CMD ["php-fpm"]
+# 使用 Kubernetes Pod 或 Docker Compose 编排
+```
+### 3.2 阻塞式启动脚本 [P1]
+**反模式描述**：使用复杂的启动脚本。
+```bash
+# [FAIL] 反模式
+#!/bin/bash
+echo "Starting..."
+sleep 10
+./start.sh
+tail -f /var/log/app.log
+```
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+# 直接运行应用进程
+CMD ["python", "app.py"]
+# 或使用 entrypoint 处理信号
+ENTRYPOINT ["./entrypoint.sh"]
+CMD ["python", "app.py"]
+```
+```bash
+# entrypoint.sh
+#!/bin/sh
+set -e
+# 初始化操作
+exec "$@"  # 使用 exec 传递信号
+```
+### 3.3 忽略信号处理 [P1]
+**反模式描述**：应用不处理 SIGTERM 信号。
+```dockerfile
+# [FAIL] 反模式
+CMD python app.py &  # 后台运行
+```
+**问题影响**：
+- 优雅终止失败
+- 强制杀死导致数据丢失
+- 更新中断
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+# 前台运行，正确处理信号
+CMD ["python", "app.py"]
+# 或使用 exec
+CMD ["sh", "-c", "exec python app.py"]
+```
+---
+## 4. 数据管理反模式
+### 4.1 数据存储在容器内 [P0]
+**反模式描述**：持久化数据存储在容器内部。
+```dockerfile
+# [FAIL] 反模式
+VOLUME /data
+# 数据在容器删除时丢失
+```
+**问题影响**：
+- 容器删除数据丢失
+- 无法备份
+- 无法共享
+**正确实践**：
+```yaml
+# [DONE] 正确做法
+# Kubernetes 中使用 PVC
+apiVersion: v1
+kind: Pod
+spec:
+  containers:
+  - name: app
+    volumeMounts:
+    - name: data
+      mountPath: /data
+  volumes:
+  - name: data
+    persistentVolumeClaim:
+      claimName: app-pvc
+```
+### 4.2 写入容器文件系统 [P1]
+**反模式描述**：应用写入容器文件系统。
+```dockerfile
+# [FAIL] 反模式
+# 应用写入 /app/data/
+# 每次重启数据丢失
+```
+**正确实践**：
+```yaml
+# [DONE] 正确做法
+# 挂载 emptyDir 或 PVC
+volumeMounts:
+- name: app-data
+  mountPath: /app/data
+volumes:
+- name: app-data
+  emptyDir: {}
+```
+---
+## 5. 网络反模式
+### 5.1 host 网络模式 [P0]
+**反模式描述**：使用 host 网络模式。
+```yaml
+# [FAIL] 反模式
+docker run --net host myapp
+```
+**问题影响**：
+- 端口冲突
+- 网络隔离失效
+- 安全风险
+**正确实践**：
+```yaml
+# [DONE] 正确做法
+docker run -p 8080:8080 myapp
+# Kubernetes
+apiVersion: v1
+kind: Pod
+spec:
+  hostNetwork: false
+  containers:
+  - name: app
+    ports:
+    - containerPort: 8080
+```
+### 5.2 特权端口 [P1]
+**反模式描述**：容器尝试绑定特权端口。
+```dockerfile
+# [FAIL] 反模式
+EXPOSE 80
+# 非 root 无法绑定
+```
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+EXPOSE 8080
+# 或使用 Kubernetes service 映射
+```
+---
+## 6. 资源管理反模式
+### 6.1 无资源限制 [P0]
+**反模式描述**：容器无资源限制。
+```yaml
+# [FAIL] 反模式
+docker run myapp
+# 无 CPU/内存限制
+```
+**问题影响**：
+- 资源耗尽
+- OOMKilled
+- 影响其他容器
+**正确实践**：
+```yaml
+# [DONE] 正确做法
+docker run --memory=1g --cpus=2 myapp
+# Kubernetes
+resources:
+  requests:
+    cpu: "500m"
+    memory: "512Mi"
+  limits:
+    cpu: "2000m"
+    memory: "1Gi"
+```
+### 6.2 内存限制过低 [P1]
+**反模式描述**：内存限制低于实际需求。
+```yaml
+# [FAIL] 反模式
+resources:
+  limits:
+    memory: "64Mi"  # 太小
+```
+**正确实践**：
+```yaml
+# [DONE] 正确做法
+# 根据实际使用设置
+resources:
+  limits:
+    memory: "1Gi"
+# 基于监控数据调整
+```
+---
+## 7. 日志管理反模式
+### 7.1 日志写入文件 [P1]
+**反模式描述**：应用日志写入文件。
+```python
+# [FAIL] 反模式
+with open('/var/log/app.log', 'a') as f:
+    f.write(log_message)
+```
+**问题影响**：
+- 日志采集困难
+- 磁盘空间耗尽
+- 无法集中管理
+**正确实践**：
+```python
+# [DONE] 正确做法
+import logging
+import sys
+logger = logging.getLogger()
+logger.addHandler(logging.StreamHandler(sys.stdout))
+logger.info("Application started")
+```
+### 7.2 日志格式不规范 [P2]
+**反模式描述**：日志格式不统一。
+```python
+# [FAIL] 反模式
+print(f"Error: {error}")
+print(f"User {user_id} logged in")
+```
+**正确实践**：
+```python
+# [DONE] 正确做法
+import logging
+import json
+logger = logging.getLogger()
+# 结构化日志
+log_data = {
+    "level": "INFO",
+    "message": "User logged in",
+    "user_id": user_id,
+    "timestamp": datetime.utcnow().isoformat()
+}
+logger.info(json.dumps(log_data))
+```
+---
+## 8. 健康检查反模式
+### 8.1 无健康检查 [P1]
+**反模式描述**：容器无健康检查。
+```dockerfile
+# [FAIL] 反模式
+# 无 HEALTHCHECK
+```
+**问题影响**：
+- 死锁无法检测
+- 流量发送到不健康容器
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+HEALTHCHECK --interval=30s --timeout=3s --start-period=10s --retries=3 \
+    CMD curl -f http://localhost:8080/health || exit 1
+```
+### 8.2 健康检查过于简单 [P2]
+**反模式描述**：健康检查不验证依赖。
+```dockerfile
+# [FAIL] 反模式
+HEALTHCHECK CMD echo "healthy"
+```
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+HEALTHCHECK --interval=30s --timeout=3s \
+    CMD curl -f http://localhost:8080/health/ready || exit 1
+# /health/ready 检查数据库连接等
+```
+---
+## 9. 依赖管理反模式
+### 9.1 依赖未锁定 [P1]
+**反模式描述**：未使用 lock 文件。
+```dockerfile
+# [FAIL] 反模式
+RUN pip install flask
+RUN npm install express
+# 无版本锁定
+```
+**问题影响**：
+- 构建不一致
+- 依赖冲突
+- 安全漏洞
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+# 或使用 lock 文件
+COPY Pipfile Pipfile.lock .
+RUN pip install pipenv && pipenv install --system
+```
+### 9.2 开发依赖进入生产 [P1]
+**反模式描述**：生产镜像包含开发依赖。
+```dockerfile
+# [FAIL] 反模式
+COPY package.json .
+RUN npm install  # 包含 devDependencies
+```
+**正确实践**：
+```dockerfile
+# [DONE] 正确做法
+# 多阶段构建
+FROM node:20 AS builder
+WORKDIR /app
+COPY package*.json ./
+RUN npm ci
+FROM node:20-alpine
+WORKDIR /app
+COPY --from=builder /app/node_modules ./node_modules
+COPY . .
+RUN npm prune --production
+CMD ["node", "app.js"]
+```
+---
+## 参考资料
+- [Docker 最佳实践](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/)
+- [CIS Docker Benchmark](https://www.cisecurity.org/benchmark/docker)
+- [OWASP Docker Security](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html)
+- [Docker 反模式](https://docs.docker.com/develop/dev-best-practices/)