npm - @umacloud/knowledge - Versions diffs - 1.0.1 - Mend

@umacloud/knowledge 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (418) hide show

package/00-governance/governance-capabilities.md +557 -0
package/00-governance/knowledge-map.md +39 -0
package/00-governance/maintenance-policy.md +76 -0
package/00-governance/review-checklist.md +81 -0
package/README.md +13 -0
package/ai/01-standards/agent-development-complete.md +691 -0
package/ai/01-standards/llm-application-complete.md +488 -0
package/ai/01-standards/mlops-complete.md +798 -0
package/ai/01-standards/prompt-engineering-complete.md +646 -0
package/ai/01-standards/rag-architecture-complete.md +649 -0
package/ai/02-playbooks/llm-evaluation-playbook.md +847 -0
package/ai/03-checklists/ai-project-checklist.md +215 -0
package/ai/04-antipatterns/ai-antipatterns.md +661 -0
package/ai/05-cases/case-rag-production.md +147 -0
package/ai/06-glossary/ai-glossary.md +162 -0
package/ai/agent-evaluation-benchmark.md +53 -0
package/ai/ai-agent-memory-context-management.md +41 -0
package/ai/ai-cost-capacity-optimization-playbook.md +42 -0
package/ai/ai-data-security-and-compliance-playbook.md +37 -0
package/ai/ai-domain-index-and-checklist.md +40 -0
package/ai/ai-governance-maturity-model.md +50 -0
package/ai/ai-model-selection-and-routing-strategy.md +47 -0
package/ai/ai-observability-and-oncall-runbook.md +52 -0
package/ai/ai-rag-engineering-playbook.md +42 -0
package/ai/ai-red-team-and-safety-evaluation.md +42 -0
package/ai/ai-release-readiness-and-rollback-gate.md +42 -0
package/ai/llm-agent-engineering-deep-dive.md +57 -0
package/ai/prompt-and-tool-guardrails.md +52 -0
package/api/01-standards/enterprise-api-standards.md +198 -0
package/api/01-standards/rest-api-design-guide.md +63 -0
package/api/02-playbooks/api-pagination-playbook.md +93 -0
package/api/02-playbooks/graphql-production-playbook.md +176 -0
package/api/03-checklists/api-review-checklist.md +55 -0
package/api/04-antipatterns/api-antipatterns.md +112 -0
package/architecture/01-standards/api-gateway-patterns.md +496 -0
package/architecture/01-standards/cloud-native-patterns.md +644 -0
package/architecture/01-standards/distributed-systems-patterns.md +591 -0
package/architecture/01-standards/event-driven-architecture.md +595 -0
package/architecture/01-standards/microservices-patterns-complete.md +968 -0
package/architecture/01-standards/microservices-patterns.md +495 -0
package/architecture/01-standards/system-design-interview.md +664 -0
package/architecture/02-playbooks/microservices-patterns-playbook.md +137 -0
package/architecture/02-playbooks/migration-playbook.md +780 -0
package/architecture/02-playbooks/system-design-playbook.md +779 -0
package/architecture/03-checklists/architecture-decision-checklist.md +297 -0
package/architecture/04-antipatterns/architecture-antipatterns.md +417 -0
package/architecture/05-cases/case-netflix-microservices.md +413 -0
package/architecture/06-glossary/architecture-glossary.md +164 -0
package/architecture/adr-template-and-examples.md +38 -0
package/architecture/api-gateway-deep-dive.md +1291 -0
package/architecture/configuration-management.md +1162 -0
package/architecture/distributed-transactions.md +1220 -0
package/architecture/microservices-complete.md +735 -0
package/architecture/resilience-and-disaster-patterns.md +37 -0
package/architecture/service-governance.md +1198 -0
package/architecture/system-architecture-deep-dive.md +37 -0
package/backend/01-standards/analytics-and-growth.md +65 -0
package/backend/01-standards/api-and-error-conventions.md +120 -0
package/backend/01-standards/application-layering-and-packaging.md +160 -0
package/backend/01-standards/auth-implementation.md +104 -0
package/backend/01-standards/backend-framework-idioms.md +74 -0
package/backend/01-standards/background-jobs-and-async.md +66 -0
package/backend/01-standards/caching-strategies-complete.md +390 -0
package/backend/01-standards/config-and-observability.md +77 -0
package/backend/01-standards/data-modeling-and-persistence.md +94 -0
package/backend/01-standards/django-complete.md +1765 -0
package/backend/01-standards/email-and-notifications.md +64 -0
package/backend/01-standards/fastapi-complete.md +925 -0
package/backend/01-standards/file-upload-and-storage.md +66 -0
package/backend/01-standards/graphql-api-complete.md +416 -0
package/backend/01-standards/llm-application-standard.md +78 -0
package/backend/01-standards/message-queue-patterns.md +379 -0
package/backend/01-standards/microservices-and-distributed.md +78 -0
package/backend/01-standards/nestjs-complete.md +2167 -0
package/backend/01-standards/payment-integration.md +80 -0
package/backend/01-standards/rate-limiting-complete.md +451 -0
package/backend/01-standards/realtime-and-websocket.md +65 -0
package/backend/01-standards/search-and-filtering.md +64 -0
package/backend/01-standards/spring-boot-complete.md +445 -0
package/backend/02-playbooks/api-design-playbook.md +718 -0
package/backend/02-playbooks/email-send-playbook.md +130 -0
package/backend/02-playbooks/file-upload-s3-playbook.md +153 -0
package/backend/02-playbooks/typescript-enterprise-playbook.md +133 -0
package/backend/02-playbooks/websocket-realtime-playbook.md +154 -0
package/backend/03-checklists/api-launch-checklist.md +189 -0
package/backend/04-antipatterns/backend-antipatterns.md +1051 -0
package/blockchain/01-standards/blockchain-basics.md +557 -0
package/blockchain/01-standards/smart-contract-development.md +1315 -0
package/cicd/01-standards/deployment-and-delivery-standard.md +96 -0
package/cicd/01-standards/github-actions-complete.md +473 -0
package/cicd/01-standards/release-and-store-submission.md +75 -0
package/cicd/02-playbooks/cicd-pipeline-playbook.md +144 -0
package/cicd/02-playbooks/release-management-playbook.md +605 -0
package/cicd/03-checklists/pipeline-security-checklist.md +168 -0
package/cicd/04-antipatterns/cicd-antipatterns.md +589 -0
package/cicd/05-cases/case-deployment-automation.md +221 -0
package/cicd/05-cases/case-gitops-transformation.md +212 -0
package/cicd/06-glossary/cicd-glossary.md +114 -0
package/cicd/cicd-blueprint-deep-dive.md +38 -0
package/cicd/release-readiness-gate.md +37 -0
package/cloud-native/01-standards/container-security.md +741 -0
package/cloud-native/01-standards/kubernetes-complete.md +812 -0
package/cloud-native/02-playbooks/api-gateway-playbook.md +155 -0
package/cloud-native/02-playbooks/gitops-with-argocd.md +760 -0
package/cloud-native/02-playbooks/k8s-troubleshooting-playbook.md +1942 -0
package/cloud-native/02-playbooks/message-queue-playbook.md +129 -0
package/cloud-native/02-playbooks/multicloud-governance.md +726 -0
package/cloud-native/02-playbooks/serverless-patterns.md +788 -0
package/cloud-native/02-playbooks/service-mesh-playbook.md +612 -0
package/cloud-native/02-playbooks/terraform-iac-playbook.md +143 -0
package/cloud-native/03-checklists/container-security-checklist.md +431 -0
package/cloud-native/03-checklists/k8s-production-readiness-checklist.md +460 -0
package/cloud-native/04-antipatterns/container-antipatterns.md +660 -0
package/cloud-native/04-antipatterns/k8s-antipatterns.md +743 -0
package/cloud-native/05-cases/case-k8s-migration.md +478 -0
package/cloud-native/05-cases/case-k8s-scaling.md +642 -0
package/cloud-native/05-cases/case-k8s-security-incident.md +397 -0
package/cloud-native/06-glossary/cloud-native-glossary.md +337 -0
package/cross-platform/01-standards/cross-platform-frameworks.md +83 -0
package/cross-platform/01-standards/platform-selection-and-architecture.md +77 -0
package/data/01-standards/elasticsearch-complete.md +2098 -0
package/data/01-standards/postgresql-complete.md +1613 -0
package/data/01-standards/redis-complete.md +1527 -0
package/data/02-playbooks/database-optimization-playbook.md +403 -0
package/data/02-playbooks/elasticsearch-production-playbook.md +132 -0
package/data/03-checklists/database-launch-checklist.md +187 -0
package/data/04-antipatterns/database-antipatterns.md +873 -0
package/data/05-cases/case-database-migration.md +310 -0
package/data/06-glossary/database-glossary.md +440 -0
package/data/data-governance-and-modeling-deep-dive.md +39 -0
package/data-engineering/01-standards/airflow-complete.md +523 -0
package/data-engineering/01-standards/kafka-complete.md +1521 -0
package/data-engineering/02-playbooks/spark-etl-playbook.md +496 -0
package/data-engineering/03-checklists/pipeline-launch-checklist.md +194 -0
package/data-engineering/04-antipatterns/data-pipeline-antipatterns.md +684 -0
package/data-engineering/05-cases/case-real-time-pipeline.md +355 -0
package/data-engineering/06-glossary/data-engineering-glossary.md +429 -0
package/database/01-standards/database-schema-standards.md +147 -0
package/database/02-playbooks/postgresql-optimization-quick.md +52 -0
package/database/02-playbooks/postgresql-performance-optimization.md +58 -0
package/database/02-playbooks/postgresql-production-playbook.md +146 -0
package/database/02-playbooks/redis-caching-playbook.md +117 -0
package/database/03-checklists/database-review-checklist.md +50 -0
package/database/04-antipatterns/database-antipatterns.md +112 -0
package/design/01-standards/ui-design-system-complete.md +423 -0
package/design/02-playbooks/design-handoff-playbook.md +254 -0
package/design/02-playbooks/design-review-playbook.md +388 -0
package/design/03-checklists/design-review-checklist.md +246 -0
package/design/04-antipatterns/design-antipatterns.md +378 -0
package/design/05-cases/case-design-system-adoption.md +328 -0
package/design/06-glossary/design-glossary.md +329 -0
package/design/ui-full-lifecycle-cross-platform-playbook.md +571 -0
package/design/ux-system-deep-dive.md +38 -0
package/design-systems/00-craft-rules.md +71 -0
package/design-systems/aesthetic-families.md +43 -0
package/design-systems/anti-ai-slop.md +162 -0
package/design-systems/bold-geometric.md +120 -0
package/design-systems/brutalist-bold.md +103 -0
package/design-systems/editorial-clean.md +109 -0
package/design-systems/glass-aurora.md +108 -0
package/design-systems/modern-minimal.md +145 -0
package/design-systems/premium-luxury.md +106 -0
package/design-systems/product-type-design-map.md +48 -0
package/design-systems/soft-warm.md +123 -0
package/design-systems/tech-utility.md +113 -0
package/desktop/01-standards/desktop-app-standard.md +72 -0
package/desktop/01-standards/desktop-design.md +71 -0
package/development/00-governance/document-template.md +41 -0
package/development/01-standards/api-versioning-strategies.md +432 -0
package/development/01-standards/authentication-patterns-complete.md +479 -0
package/development/01-standards/css-architecture-complete.md +550 -0
package/development/01-standards/database-migration-strategies.md +484 -0
package/development/01-standards/elasticsearch-complete.md +347 -0
package/development/01-standards/git-complete.md +371 -0
package/development/01-standards/golang-complete.md +1565 -0
package/development/01-standards/graphql-complete.md +298 -0
package/development/01-standards/javascript-bundlers-complete.md +469 -0
package/development/01-standards/javascript-typescript-complete.md +528 -0
package/development/01-standards/jest-complete.md +275 -0
package/development/01-standards/linux-complete.md +234 -0
package/development/01-standards/logging-observability-complete.md +526 -0
package/development/01-standards/microservices-communication.md +502 -0
package/development/01-standards/mongodb-complete.md +406 -0
package/development/01-standards/oauth2-complete.md +285 -0
package/development/01-standards/performance-optimization-complete.md +289 -0
package/development/01-standards/playwright-complete.md +247 -0
package/development/01-standards/postgresql-complete.md +456 -0
package/development/01-standards/pytest-complete.md +340 -0
package/development/01-standards/python-async-programming.md +902 -0
package/development/01-standards/python-complete.md +956 -0
package/development/01-standards/python-decorators-complete.md +799 -0
package/development/01-standards/python-design-patterns.md +2854 -0
package/development/01-standards/python-packaging-distribution.md +420 -0
package/development/01-standards/python-testing-strategies.md +607 -0
package/development/01-standards/python-web-frameworks-comparison.md +471 -0
package/development/01-standards/redis-complete.md +317 -0
package/development/01-standards/rest-api-complete.md +316 -0
package/development/01-standards/rust-complete.md +578 -0
package/development/01-standards/typescript-advanced-types.md +1513 -0
package/development/01-standards/web-security-complete.md +292 -0
package/development/02-playbooks/api-design-playbook.md +810 -0
package/development/02-playbooks/database-migration-playbook.md +580 -0
package/development/02-playbooks/debugging-playbook.md +692 -0
package/development/02-playbooks/feature-delivery-playbook.md +430 -0
package/development/02-playbooks/incident-hotfix-playbook.md +387 -0
package/development/02-playbooks/performance-optimization-playbook.md +531 -0
package/development/02-playbooks/performance-tuning-playbook.md +652 -0
package/development/02-playbooks/refactor-playbook.md +403 -0
package/development/02-playbooks/release-playbook.md +469 -0
package/development/03-checklists/architecture-review-checklist.md +168 -0
package/development/03-checklists/data-migration-checklist.md +157 -0
package/development/03-checklists/oncall-handover-checklist.md +173 -0
package/development/03-checklists/pr-checklist.md +158 -0
package/development/03-checklists/production-readiness-checklist.md +190 -0
package/development/03-checklists/release-readiness-checklist.md +154 -0
package/development/03-checklists/security-review-checklist.md +182 -0
package/development/04-antipatterns/api-antipatterns.md +657 -0
package/development/04-antipatterns/architecture-antipatterns.md +686 -0
package/development/04-antipatterns/backend-antipatterns.md +648 -0
package/development/04-antipatterns/cicd-antipatterns.md +540 -0
package/development/04-antipatterns/code-smell-antipatterns.md +571 -0
package/development/04-antipatterns/data-antipatterns.md +658 -0
package/development/04-antipatterns/database-antipatterns.md +578 -0
package/development/04-antipatterns/frontend-antipatterns.md +635 -0
package/development/04-antipatterns/reliability-antipatterns.md +700 -0
package/development/04-antipatterns/security-antipatterns.md +747 -0
package/development/05-cases/case-api-version-migration.md +428 -0
package/development/05-cases/case-authorization-hardening.md +383 -0
package/development/05-cases/case-bluegreen-rollback.md +466 -0
package/development/05-cases/case-cache-snowball-protection.md +485 -0
package/development/05-cases/case-ci-cd-pipeline.md +544 -0
package/development/05-cases/case-database-scaling.md +500 -0
package/development/05-cases/case-db-hotspot-optimization.md +487 -0
package/development/05-cases/case-incident-mttr-reduction.md +563 -0
package/development/05-cases/case-microservice-migration.md +375 -0
package/development/05-cases/case-performance-optimization.md +406 -0
package/development/05-cases/case-security-incident-response.md +345 -0
package/development/06-glossary/full-stack-glossary.md +166 -0
package/development/09-maturity/quarterly-audit-template.md +35 -0
package/development/11-ui-excellence/ui-aesthetic-system.md +41 -0
package/development/11-ui-excellence/ui-engineering-excellence.md +435 -0
package/development/12-scenarios/development-scenarios-guide.md +565 -0
package/development/13-implementation-assets/implementation-toolkit.md +282 -0
package/development/13-implementation-assets/knowledge-gates-execution.md +43 -0
package/development/14-full-lifecycle/software-lifecycle-gates.md +511 -0
package/development/15-lifecycle-templates/project-templates-collection.md +791 -0
package/development/api-contract-and-versioning-guide.md +36 -0
package/development/api-governance-complete.md +43 -0
package/development/backend-engineering-complete.md +43 -0
package/development/code-review-quality-complete.md +43 -0
package/development/concurrency-reliability-complete.md +43 -0
package/development/database-engineering-complete.md +43 -0
package/development/engineering-effectiveness-complete.md +43 -0
package/development/engineering-standards-deep-dive.md +38 -0
package/development/frontend-engineering-complete.md +43 -0
package/development/performance-capacity-complete.md +43 -0
package/development/refactor-migration-complete.md +42 -0
package/development/refactoring-and-techdebt-playbook.md +37 -0
package/development/security-in-development-complete.md +43 -0
package/devops/01-standards/cicd-pipeline-complete.md +262 -0
package/devops/01-standards/docker-complete.md +1490 -0
package/devops/01-standards/github-actions-complete.md +337 -0
package/devops/01-standards/kubernetes-complete.md +638 -0
package/devops/01-standards/terraform-complete.md +2117 -0
package/devops/02-playbooks/docker-compose-playbook.md +233 -0
package/devops/02-playbooks/docker-k8s-production-playbook.md +186 -0
package/devops/02-playbooks/docker-production-playbook.md +952 -0
package/edge-iot/01-standards/edge-iot-complete.md +473 -0
package/experts/architect/api-design.md +178 -0
package/experts/architect/methodology.md +124 -0
package/experts/architect/security.md +75 -0
package/experts/backend-lead/methodology.md +216 -0
package/experts/devops/methodology.md +160 -0
package/experts/frontend-lead/methodology.md +178 -0
package/experts/product-manager/industry/ecommerce.md +43 -0
package/experts/product-manager/industry/saas.md +40 -0
package/experts/product-manager/methodology.md +97 -0
package/experts/qa-lead/methodology.md +123 -0
package/experts/qa-lead/test-strategy.md +128 -0
package/experts/uiux-designer/methodology.md +125 -0
package/frontend/01-standards/accessibility-complete.md +532 -0
package/frontend/01-standards/accessibility-standard.md +74 -0
package/frontend/01-standards/admin-dashboard-and-crud.md +72 -0
package/frontend/01-standards/design-tokens-complete.md +444 -0
package/frontend/01-standards/forms-and-validation.md +77 -0
package/frontend/01-standards/frontend-architecture-and-layering.md +119 -0
package/frontend/01-standards/i18n-and-localization.md +65 -0
package/frontend/01-standards/nextjs-complete.md +451 -0
package/frontend/01-standards/react-complete.md +713 -0
package/frontend/01-standards/react-hooks-complete-guide.md +1100 -0
package/frontend/01-standards/react-hooks-complete.md +1171 -0
package/frontend/01-standards/seo-and-web-vitals.md +77 -0
package/frontend/01-standards/state-management-complete.md +444 -0
package/frontend/01-standards/vue-complete.md +499 -0
package/frontend/01-standards/vue3-complete.md +2002 -0
package/frontend/01-standards/web-framework-best-practices.md +64 -0
package/frontend/01-standards/web-performance-complete.md +495 -0
package/frontend/02-playbooks/accessibility-a11y-playbook.md +161 -0
package/frontend/02-playbooks/frontend-performance-playbook.md +707 -0
package/frontend/02-playbooks/i18n-internationalization-playbook.md +120 -0
package/frontend/02-playbooks/performance-optimization-playbook.md +163 -0
package/frontend/02-playbooks/react-nextjs-production-playbook.md +167 -0
package/frontend/02-playbooks/react-state-management-playbook.md +173 -0
package/frontend/03-checklists/component-quality-checklist.md +166 -0
package/frontend/03-checklists/frontend-launch-checklist.md +299 -0
package/frontend/04-antipatterns/frontend-antipatterns.md +886 -0
package/frontend/05-cases/case-performance-optimization.md +274 -0
package/harmony/01-standards/harmonyos-arkts-standard.md +75 -0
package/harmony/01-standards/harmonyos-design.md +65 -0
package/high-quality-engineering-playbook.md +54 -0
package/incident/01-standards/incident-response-complete.md +303 -0
package/incident/02-playbooks/chaos-engineering-playbook.md +883 -0
package/incident/02-playbooks/postmortem-playbook.md +398 -0
package/incident/03-checklists/incident-readiness-checklist.md +181 -0
package/incident/04-antipatterns/incident-antipatterns.md +490 -0
package/incident/05-cases/case-cascade-failure.md +176 -0
package/incident/06-glossary/incident-glossary.md +114 -0
package/incident/postmortem-and-response-deep-dive.md +39 -0
package/industries/ecommerce/ecommerce-complete.md +631 -0
package/industries/education/education-complete.md +555 -0
package/industries/fintech/fintech-complete.md +501 -0
package/industries/gaming/gaming-complete.md +587 -0
package/industries/healthcare/healthcare-complete.md +452 -0
package/low-code/01-standards/low-code-complete.md +944 -0
package/miniprogram/01-standards/ai-common-mistakes.md +61 -0
package/miniprogram/01-standards/miniprogram-custom-navbar-capsule.md +77 -0
package/miniprogram/01-standards/miniprogram-design.md +61 -0
package/miniprogram/01-standards/miniprogram-standard.md +81 -0
package/mobile/01-standards/android-material-design.md +70 -0
package/mobile/01-standards/flutter-complete.md +384 -0
package/mobile/01-standards/ios-design-hig.md +78 -0
package/mobile/01-standards/mobile-app-standard.md +85 -0
package/mobile/01-standards/react-native-complete.md +352 -0
package/mobile/02-playbooks/mobile-cross-platform-playbook.md +175 -0
package/mobile/02-playbooks/mobile-performance.md +473 -0
package/mobile/03-checklists/mobile-release-checklist.md +234 -0
package/mobile/04-antipatterns/mobile-antipatterns.md +798 -0
package/mobile/05-cases/case-app-performance.md +500 -0
package/mobile/05-cases/case-app-startup-optimization.md +218 -0
package/mobile/06-glossary/mobile-glossary.md +484 -0
package/observability/01-standards/observability-standards.md +103 -0
package/observability/02-playbooks/prometheus-grafana-playbook.md +135 -0
package/observability/02-playbooks/structured-logging-playbook.md +73 -0
package/observability/03-checklists/observability-checklist.md +54 -0
package/observability/04-antipatterns/observability-antipatterns.md +106 -0
package/operations/01-standards/prometheus-monitoring-complete.md +1578 -0
package/operations/02-playbooks/capacity-planning-playbook.md +620 -0
package/operations/03-checklists/production-launch-checklist.md +365 -0
package/operations/04-antipatterns/operations-antipatterns.md +664 -0
package/operations/05-cases/case-sre-practices.md +581 -0
package/operations/06-glossary/operations-glossary.md +120 -0
package/operations/aiops-anomaly-detection.md +758 -0
package/operations/capacity-planning.md +1061 -0
package/operations/chaos-engineering.md +659 -0
package/operations/incident-command-system.md +38 -0
package/operations/observability-complete.md +442 -0
package/operations/slo-sli-playbook.md +517 -0
package/operations/sre-operations-deep-dive.md +39 -0
package/package.json +8 -0
package/performance/01-standards/performance-and-scalability.md +80 -0
package/performance/01-standards/performance-standards.md +156 -0
package/performance/02-playbooks/query-optimization-playbook.md +103 -0
package/performance/03-checklists/performance-checklist.md +56 -0
package/performance/04-antipatterns/performance-antipatterns.md +146 -0
package/product/01-standards/product-management-complete.md +285 -0
package/product/02-playbooks/feature-launch-playbook.md +207 -0
package/product/02-playbooks/user-research-playbook.md +532 -0
package/product/03-checklists/feature-launch-checklist.md +275 -0
package/product/04-antipatterns/product-antipatterns.md +355 -0
package/product/05-cases/case-mvp-to-scale.md +384 -0
package/product/06-glossary/product-glossary.md +462 -0
package/product/feature-prioritization-framework.md +40 -0
package/product/kpi-and-metric-tree.md +37 -0
package/product/product-discovery-and-prd-deep-dive.md +41 -0
package/quantum/01-standards/quantum-complete.md +1186 -0
package/security/01-standards/api-security-complete.md +511 -0
package/security/01-standards/container-runtime-security.md +574 -0
package/security/01-standards/data-protection-gdpr.md +543 -0
package/security/01-standards/owasp-top10-complete.md +1890 -0
package/security/01-standards/secure-coding-baseline.md +90 -0
package/security/01-standards/supply-chain-security.md +441 -0
package/security/01-standards/web-security-checklist.md +108 -0
package/security/01-standards/zero-trust-architecture.md +521 -0
package/security/02-playbooks/auth-sso-playbook.md +166 -0
package/security/02-playbooks/incident-response-security-playbook.md +588 -0
package/security/02-playbooks/owasp-api-security-playbook.md +129 -0
package/security/02-playbooks/payment-integration-playbook.md +119 -0
package/security/02-playbooks/penetration-testing-playbook.md +517 -0
package/security/03-checklists/security-audit-checklist.md +356 -0
package/security/04-antipatterns/security-coding-antipatterns.md +580 -0
package/security/05-cases/case-log4shell-incident.md +537 -0
package/security/05-cases/case-major-breaches.md +468 -0
package/security/06-glossary/security-glossary.md +212 -0
package/security/compliance-automation.md +993 -0
package/security/container-security.md +680 -0
package/security/devsecops-complete.md +426 -0
package/security/sast-dast-sca.md +775 -0
package/security/secrets-management.md +594 -0
package/security/security-architecture-deep-dive.md +37 -0
package/security/threat-modeling-stride-playbook.md +40 -0
package/seed-templates/auth-system.md +59 -0
package/seed-templates/blog-content.md +94 -0
package/seed-templates/dashboard.md +89 -0
package/seed-templates/docs-site.md +73 -0
package/seed-templates/e-commerce.md +50 -0
package/seed-templates/saas-landing.md +92 -0
package/seed-templates/settings-page.md +51 -0
package/testing/01-standards/test-strategy-and-layering.md +83 -0
package/testing/01-standards/testing-strategy-complete.md +422 -0
package/testing/01-standards/unit-testing-best-practices.md +118 -0
package/testing/02-playbooks/e2e-testing-playbook.md +988 -0
package/testing/02-playbooks/testing-strategy-playbook.md +126 -0
package/testing/03-checklists/test-strategy-checklist.md +208 -0
package/testing/04-antipatterns/testing-antipatterns.md +718 -0
package/testing/05-cases/case-testing-transformation.md +300 -0
package/testing/06-glossary/testing-glossary.md +110 -0
package/testing/risk-based-test-matrix.md +36 -0
package/testing/testing-strategy-deep-dive.md +37 -0

package/data/01-standards/redis-complete.md ADDED Viewed

@@ -0,0 +1,1527 @@
+---
+id: redis-complete
+title: Redis 数据领域完整指南
+domain: data
+category: 01-standards
+difficulty: intermediate
+tags: [complete, data, redis, 分布式锁, 持久化, 核心数据结构, 概述, 消息队列]
+quality_score: 70
+last_updated: 2026-06-15
+---
+# Redis 数据领域完整指南
+> 文档版本: v1.0 | 最后更新: 2026-03-28
+## 概述
+Redis (Remote Dictionary Server) 是一款开源的内存键值数据库，以极低的读写延迟（微秒级）著称。它不仅是缓存层的首选方案，还广泛应用于会话管理、排行榜、实时分析、分布式锁、消息队列等场景。Redis 7.x 支持多线程 I/O、ACL 2.0、Function API 和 Sharded Pub/Sub，在数据领域承担着从缓存加速到流式计算的关键角色。
+### 核心特性
+- **内存优先**: 所有数据驻留内存，读写延迟 < 1ms
+- **丰富数据结构**: String / Hash / List / Set / Sorted Set / Stream / HyperLogLog / Bitmap / Geospatial
+- **持久化可选**: RDB 快照 + AOF 日志 + 混合持久化
+- **高可用**: 主从复制 / Sentinel 哨兵 / Cluster 集群
+- **原子操作**: 单线程命令执行模型，天然避免竞态
+- **可扩展**: Lua 脚本、Module API、Function API
+### 典型数据领域使用场景
+| 场景 | 数据结构 | 说明 |
+|------|----------|------|
+| ETL 中间缓存 | String / Hash | 加速重复查询，减轻源库压力 |
+| 实时指标聚合 | Sorted Set / HyperLogLog | 排行榜、UV 去重统计 |
+| 流式数据管道 | Stream | 替代轻量级 Kafka 场景 |
+| 数据血缘锁 | String (SET NX EX) | 防止并发血缘刷新冲突 |
+| 特征存储 | Hash | ML 在线特征毫秒级读取 |
+| 数据目录缓存 | String + JSON | 元数据目录热点加速 |
+---
+## 核心数据结构
+### 1. String（字符串）
+最基础的数据类型，可存储字符串、整数、浮点数或二进制数据（最大 512MB）。
+```bash
+# 基本读写
+SET user:1001 "Alice"
+GET user:1001
+# 带过期时间
+SET session:abc123 "token_data" EX 3600       # 秒级过期
+SET session:abc123 "token_data" PX 3600000    # 毫秒级过期
+SETEX cache:product:99 300 '{"name":"Widget"}'
+# 条件写入
+SET lock:order:5001 "owner_a" NX EX 30   # 仅当 key 不存在时写入
+SET counter:daily 100 XX                  # 仅当 key 存在时写入
+# 原子自增/自减
+SET counter:pageview 0
+INCR counter:pageview           # -> 1
+INCRBY counter:pageview 10     # -> 11
+DECR counter:pageview           # -> 10
+INCRBYFLOAT price:item:1 2.5   # 浮点自增
+# 批量操作
+MSET k1 "v1" k2 "v2" k3 "v3"
+MGET k1 k2 k3
+# 位操作（适合标记类场景）
+SETBIT user:1001:login 0 1     # 第0天登录
+GETBIT user:1001:login 0       # -> 1
+BITCOUNT user:1001:login        # 统计登录天数
+# 获取子串
+GETRANGE user:1001 0 2         # -> "Ali"
+STRLEN user:1001               # -> 5
+```
+**Python redis-py 示例:**
+```python
+import redis
+r = redis.Redis(host="localhost", port=6379, db=0, decode_responses=True)
+# 基本操作
+r.set("user:1001", "Alice", ex=3600)
+value = r.get("user:1001")  # "Alice"
+# 原子自增
+r.set("counter:pv", 0)
+r.incr("counter:pv")        # 1
+r.incrby("counter:pv", 10)  # 11
+# 批量操作
+r.mset({"k1": "v1", "k2": "v2", "k3": "v3"})
+values = r.mget("k1", "k2", "k3")  # ["v1", "v2", "v3"]
+# 条件写入（分布式锁基础）
+acquired = r.set("lock:order:5001", "owner_a", nx=True, ex=30)
+```
+### 2. Hash（哈希）
+适合存储对象，每个 key 下可以有多个 field-value 对。
+```bash
+# 设置字段
+HSET user:1001 name "Alice" age 30 email "alice@example.com" role "analyst"
+# 读取
+HGET user:1001 name             # -> "Alice"
+HMGET user:1001 name age        # -> ["Alice", "30"]
+HGETALL user:1001               # 返回所有字段
+# 字段自增
+HINCRBY user:1001 age 1         # -> 31
+HINCRBYFLOAT user:1001 score 0.5
+# 字段操作
+HDEL user:1001 role
+HEXISTS user:1001 name          # -> 1
+HLEN user:1001                  # 字段数量
+HKEYS user:1001                 # 所有字段名
+HVALS user:1001                 # 所有字段值
+# 扫描大 Hash（生产环境推荐）
+HSCAN user:1001 0 MATCH "na*" COUNT 100
+```
+**Python redis-py 示例:**
+```python
+# 对象存储
+r.hset("user:1001", mapping={
+    "name": "Alice",
+    "age": 30,
+    "email": "alice@example.com",
+})
+user = r.hgetall("user:1001")
+# {"name": "Alice", "age": "30", "email": "alice@example.com"}
+r.hincrby("user:1001", "age", 1)  # 31
+exists = r.hexists("user:1001", "name")  # True
+# 特征存储示例
+r.hset("feature:user:1001", mapping={
+    "click_rate": "0.032",
+    "avg_session": "245",
+    "last_active": "2026-03-28",
+})
+features = r.hmget("feature:user:1001", "click_rate", "avg_session")
+```
+### 3. List（列表）
+双向链表，支持头/尾插入和弹出，适合队列和栈场景。
+```bash
+# 左/右推入
+LPUSH queue:tasks "task1" "task2" "task3"
+RPUSH queue:tasks "task4"
+# 弹出
+LPOP queue:tasks            # -> "task3"（LIFO 栈）
+RPOP queue:tasks            # -> "task4"（FIFO 队列）
+# 阻塞弹出（消费者模式）
+BLPOP queue:tasks 30        # 阻塞等待最多30秒
+BRPOP queue:tasks 30
+# 范围查询
+LRANGE queue:tasks 0 -1     # 所有元素
+LRANGE queue:tasks 0 9      # 前10个
+# 长度和索引
+LLEN queue:tasks
+LINDEX queue:tasks 0        # 第一个元素
+# 修剪（保留最近N条）
+LTRIM queue:tasks 0 99      # 只保留前100个
+```
+**Python redis-py 示例:**
+```python
+# 简单任务队列
+r.lpush("queue:tasks", "task1", "task2", "task3")
+# 消费者
+task = r.brpop("queue:tasks", timeout=30)
+# ("queue:tasks", "task1")
+# 保留最近100条日志
+r.lpush("log:app", "2026-03-28 10:00 INFO started")
+r.ltrim("log:app", 0, 99)
+```
+### 4. Set（集合）
+无序不重复集合，支持集合运算。
+```bash
+# 添加成员
+SADD tags:article:1 "python" "redis" "database"
+SADD tags:article:2 "python" "django" "web"
+# 查询
+SMEMBERS tags:article:1      # 所有成员
+SISMEMBER tags:article:1 "redis"  # -> 1
+SCARD tags:article:1         # 成员数量
+# 集合运算
+SINTER tags:article:1 tags:article:2      # 交集 -> {"python"}
+SUNION tags:article:1 tags:article:2      # 并集
+SDIFF tags:article:1 tags:article:2       # 差集
+# 随机成员
+SRANDMEMBER tags:article:1 2    # 随机取2个
+SPOP tags:article:1             # 随机弹出1个
+# 删除
+SREM tags:article:1 "database"
+```
+**Python redis-py 示例:**
+```python
+# 标签系统
+r.sadd("tags:article:1", "python", "redis", "database")
+r.sadd("tags:article:2", "python", "django", "web")
+common_tags = r.sinter("tags:article:1", "tags:article:2")
+# {"python"}
+all_tags = r.sunion("tags:article:1", "tags:article:2")
+# {"python", "redis", "database", "django", "web"}
+is_member = r.sismember("tags:article:1", "redis")  # True
+```
+### 5. Sorted Set（有序集合 / ZSet）
+带分值的有序集合，按 score 排序，适合排行榜和范围查询。
+```bash
+# 添加（score + member）
+ZADD leaderboard 100 "alice" 95 "bob" 88 "charlie" 120 "diana"
+# 排名查询（升序，0-based）
+ZRANK leaderboard "alice"        # -> 2
+ZREVRANK leaderboard "alice"     # -> 1（降序排名）
+# 分值查询
+ZSCORE leaderboard "alice"       # -> 100
+# 范围查询
+ZRANGE leaderboard 0 2                    # 升序前3
+ZREVRANGE leaderboard 0 2 WITHSCORES     # 降序前3（带分值）
+ZRANGEBYSCORE leaderboard 90 110         # 分值 90-110
+ZRANGEBYSCORE leaderboard -inf +inf LIMIT 0 10  # 分页
+# 分值自增
+ZINCRBY leaderboard 5 "alice"    # -> 105
+# 集合运算
+ZUNIONSTORE combined 2 leaderboard:week1 leaderboard:week2 WEIGHTS 1 2
+ZINTERSTORE overlap 2 set1 set2
+# 删除
+ZREM leaderboard "charlie"
+ZREMRANGEBYRANK leaderboard 0 0          # 删除最低分
+ZREMRANGEBYSCORE leaderboard 0 60        # 删除低于60分的
+# 数量统计
+ZCARD leaderboard
+ZCOUNT leaderboard 90 110               # 分值在 90-110 之间的数量
+```
+**Python redis-py 示例:**
+```python
+# 实时排行榜
+r.zadd("leaderboard", {"alice": 100, "bob": 95, "charlie": 88, "diana": 120})
+# Top 3（降序）
+top3 = r.zrevrange("leaderboard", 0, 2, withscores=True)
+# [("diana", 120.0), ("alice", 100.0), ("bob", 95.0)]
+# 用户排名
+rank = r.zrevrank("leaderboard", "alice")  # 1
+# 分值自增
+r.zincrby("leaderboard", 5, "alice")  # 105.0
+# 分页查询
+page = r.zrevrangebyscore("leaderboard", "+inf", "-inf", start=0, num=10, withscores=True)
+```
+### 6. Stream（流）
+Redis 5.0+ 引入的日志型数据结构，支持消费者组，适合事件流和消息队列。
+```bash
+# 写入消息
+XADD events:orders * action "created" order_id "5001" amount "99.50"
+XADD events:orders * action "paid" order_id "5001" payment "stripe"
+# 读取
+XLEN events:orders
+XRANGE events:orders - +               # 全部
+XRANGE events:orders - + COUNT 10      # 前10条
+XREVRANGE events:orders + - COUNT 5    # 最近5条
+# 消费者组
+XGROUP CREATE events:orders cg_analytics $ MKSTREAM
+XREADGROUP GROUP cg_analytics consumer1 COUNT 10 BLOCK 5000 STREAMS events:orders >
+# 确认消费
+XACK events:orders cg_analytics 1679012345678-0
+# 查看待处理消息
+XPENDING events:orders cg_analytics - + 10
+# 裁剪（保留最近1000条）
+XTRIM events:orders MAXLEN ~ 1000
+```
+**Python redis-py 示例:**
+```python
+# 生产者
+msg_id = r.xadd("events:orders", {
+    "action": "created",
+    "order_id": "5001",
+    "amount": "99.50",
+})
+# 创建消费者组
+try:
+    r.xgroup_create("events:orders", "cg_analytics", id="$", mkstream=True)
+except redis.exceptions.ResponseError:
+    pass  # 组已存在
+# 消费者
+messages = r.xreadgroup(
+    groupname="cg_analytics",
+    consumername="consumer1",
+    streams={"events:orders": ">"},
+    count=10,
+    block=5000,
+)
+for stream, msgs in messages:
+    for msg_id, fields in msgs:
+        print(f"Processing {msg_id}: {fields}")
+        r.xack("events:orders", "cg_analytics", msg_id)
+```
+### 7. HyperLogLog
+概率数据结构，用极小内存（12KB）估算集合基数（误差 < 0.81%），适合 UV 统计。
+```bash
+# 添加元素
+PFADD uv:2026-03-28 "user1" "user2" "user3" "user1"
+# 估算基数
+PFCOUNT uv:2026-03-28         # -> 3
+# 合并多天
+PFMERGE uv:week uv:2026-03-28 uv:2026-03-27 uv:2026-03-26
+PFCOUNT uv:week
+```
+**Python redis-py 示例:**
+```python
+# 日活统计
+r.pfadd("uv:2026-03-28", "user1", "user2", "user3", "user1")
+daily_uv = r.pfcount("uv:2026-03-28")  # 3
+# 周活统计
+keys = [f"uv:2026-03-{d}" for d in range(22, 29)]
+r.pfmerge("uv:week", *keys)
+weekly_uv = r.pfcount("uv:week")
+```
+### 8. Bitmap（位图）
+基于 String 的位操作，极致节省空间，适合布尔状态标记。
+```bash
+# 用户签到（day_offset 从年初算）
+SETBIT sign:user:1001:2026 86 1    # 第87天签到
+GETBIT sign:user:1001:2026 86      # -> 1
+# 统计签到天数
+BITCOUNT sign:user:1001:2026
+# 位运算（统计连续签到）
+BITOP AND result sign:user:1001:2026 sign:user:1002:2026
+BITPOS sign:user:1001:2026 0       # 第一个未签到的天
+```
+**Python redis-py 示例:**
+```python
+# 用户签到系统
+day_of_year = 86  # 3月28日大约是第87天
+r.setbit("sign:user:1001:2026", day_of_year, 1)
+# 统计本年签到天数
+total_sign = r.bitcount("sign:user:1001:2026")
+# 检查某天是否签到
+signed = r.getbit("sign:user:1001:2026", day_of_year)  # 1
+```
+---
+## 持久化
+### RDB（快照）
+将内存数据以二进制快照形式写入磁盘。
+```bash
+# redis.conf 配置
+save 900 1        # 900秒内至少1次写入则触发
+save 300 10       # 300秒内至少10次写入
+save 60 10000     # 60秒内至少10000次写入
+dbfilename dump.rdb
+dir /var/lib/redis/
+# 手动触发
+BGSAVE              # 后台异步保存（推荐）
+SAVE                # 同步保存（阻塞，生产禁用）
+LASTSAVE            # 最近一次成功保存时间
+```
+**优点**: 文件紧凑，恢复速度快，适合灾备。
+**缺点**: 可能丢失最近一次快照后的数据。
+### AOF（追加日志）
+将每条写命令追加到日志文件。
+```bash
+# redis.conf 配置
+appendonly yes
+appendfilename "appendonly.aof"
+appenddirname "appendonlydir"
+# 刷盘策略
+appendfsync always     # 每条命令刷盘（最安全，最慢）
+appendfsync everysec   # 每秒刷盘（推荐，最多丢1秒）
+appendfsync no         # OS 决定（最快，最不安全）
+# AOF 重写（压缩日志）
+BGREWRITEAOF
+# 自动重写阈值
+auto-aof-rewrite-percentage 100
+auto-aof-rewrite-min-size 64mb
+```
+**优点**: 数据丢失少（everysec 最多丢1秒），日志可读。
+**缺点**: 文件比 RDB 大，恢复速度较慢。
+### 混合持久化（Redis 4.0+，推荐）
+RDB + AOF 结合：重写时先写 RDB 格式，之后增量命令用 AOF 格式追加。
+```bash
+# redis.conf
+aof-use-rdb-preamble yes    # 默认开启
+appendonly yes
+```
+**优点**: 兼顾快速恢复（RDB 部分）和低数据丢失（AOF 增量）。
+**Python 验证持久化状态:**
+```python
+info = r.info("persistence")
+print(f"RDB 上次保存: {info['rdb_last_save_time']}")
+print(f"RDB 状态: {info['rdb_last_bgsave_status']}")
+print(f"AOF 开启: {info['aof_enabled']}")
+print(f"AOF 重写进行中: {info['aof_rewrite_in_progress']}")
+```
+---
+## 高可用
+### 主从复制
+```bash
+# 从节点配置
+# redis.conf
+replicaof 192.168.1.100 6379
+masterauth "your_master_password"
+# 动态设置
+REPLICAOF 192.168.1.100 6379
+REPLICAOF NO ONE               # 提升为主节点
+# 查看复制状态
+INFO replication
+```
+**关键参数:**
+```bash
+repl-backlog-size 256mb          # 复制积压缓冲区
+repl-diskless-sync yes           # 无盘复制（网络快于磁盘时开启）
+min-replicas-to-write 1          # 至少1个从节点确认写入
+min-replicas-max-lag 10          # 从节点最大延迟10秒
+```
+### Sentinel（哨兵）
+自动故障转移，适合中小规模部署。
+```bash
+# sentinel.conf
+sentinel monitor mymaster 192.168.1.100 6379 2      # 2个哨兵同意才切换
+sentinel down-after-milliseconds mymaster 5000       # 5秒无响应判定下线
+sentinel failover-timeout mymaster 60000             # 故障转移超时60秒
+sentinel parallel-syncs mymaster 1                   # 切换后同时同步的从节点数
+sentinel auth-pass mymaster "your_password"
+```
+**Python redis-py 连接 Sentinel:**
+```python
+from redis.sentinel import Sentinel
+sentinel = Sentinel(
+    [("sentinel1", 26379), ("sentinel2", 26379), ("sentinel3", 26379)],
+    socket_timeout=0.5,
+)
+# 获取主节点连接
+master = sentinel.master_for("mymaster", socket_timeout=0.5, password="your_password")
+master.set("key", "value")
+# 获取从节点连接（读操作）
+slave = sentinel.slave_for("mymaster", socket_timeout=0.5, password="your_password")
+value = slave.get("key")
+```
+### Cluster（集群）
+数据分片（16384 个 slot），适合大规模高可用部署。
+```bash
+# 创建集群（至少6个节点：3主3从）
+redis-cli --cluster create \
+    192.168.1.101:6379 192.168.1.102:6379 192.168.1.103:6379 \
+    192.168.1.104:6379 192.168.1.105:6379 192.168.1.106:6379 \
+    --cluster-replicas 1
+# 查看集群信息
+redis-cli -c -h 192.168.1.101 -p 6379
+CLUSTER INFO
+CLUSTER NODES
+CLUSTER SLOTS
+# 添加节点
+redis-cli --cluster add-node 192.168.1.107:6379 192.168.1.101:6379
+# 重新分片
+redis-cli --cluster reshard 192.168.1.101:6379
+# 检查集群健康
+redis-cli --cluster check 192.168.1.101:6379
+```
+**Python redis-py 集群连接:**
+```python
+from redis.cluster import RedisCluster
+rc = RedisCluster(
+    host="192.168.1.101",
+    port=6379,
+    password="your_password",
+    decode_responses=True,
+)
+rc.set("key", "value")
+value = rc.get("key")
+# 注意：集群模式下多 key 操作需要 Hash Tag
+rc.mset({"{user:1001}.name": "Alice", "{user:1001}.age": "30"})
+```
+---
+## 缓存策略
+### Cache-Aside（旁路缓存，最常用）
+```python
+def get_user(user_id: int) -> dict:
+    cache_key = f"user:{user_id}"
+    # 1. 先查缓存
+    cached = r.get(cache_key)
+    if cached:
+        return json.loads(cached)
+    # 2. 缓存未命中，查数据库
+    user = db.query("SELECT * FROM users WHERE id = %s", (user_id,))
+    if user is None:
+        # 防止缓存穿透：缓存空值（短TTL）
+        r.set(cache_key, json.dumps(None), ex=60)
+        return None
+    # 3. 写入缓存
+    r.set(cache_key, json.dumps(user), ex=3600)
+    return user
+def update_user(user_id: int, data: dict):
+    # 1. 先更新数据库
+    db.execute("UPDATE users SET ... WHERE id = %s", (user_id,))
+    # 2. 再删除缓存（而非更新缓存，避免并发不一致）
+    r.delete(f"user:{user_id}")
+```
+### Write-Through（写穿透）
+```python
+def write_through_set(key: str, value: str, ttl: int = 3600):
+    """写入时同时更新缓存和数据库"""
+    # 1. 更新数据库
+    db.execute("INSERT INTO kv_store (key, value) VALUES (%s, %s) "
+               "ON CONFLICT (key) DO UPDATE SET value = %s", (key, value, value))
+    # 2. 更新缓存
+    r.set(key, value, ex=ttl)
+```
+### Write-Behind（写回，异步写入数据库）
+```python
+def write_behind_set(key: str, value: str):
+    """先写缓存，异步写数据库"""
+    r.set(key, value, ex=3600)
+    # 将写操作放入队列，异步批量写入数据库
+    r.lpush("queue:db_writes", json.dumps({"key": key, "value": value}))
+# 异步消费者（独立进程）
+def db_write_consumer():
+    while True:
+        item = r.brpop("queue:db_writes", timeout=5)
+        if item:
+            data = json.loads(item[1])
+            db.execute("UPSERT ...", (data["key"], data["value"]))
+```
+### TTL 策略
+```python
+# 分级 TTL 策略
+TTL_CONFIG = {
+    "hot_data": 300,          # 热点数据：5分钟
+    "warm_data": 3600,        # 温数据：1小时
+    "cold_data": 86400,       # 冷数据：1天
+    "static_data": 604800,    # 静态数据：7天
+}
+# 带随机偏移的 TTL（防止缓存雪崩）
+import random
+def set_with_jitter(key: str, value: str, base_ttl: int):
+    jitter = random.randint(0, int(base_ttl * 0.1))  # 10% 随机偏移
+    r.set(key, value, ex=base_ttl + jitter)
+```
+### 缓存穿透
+查询不存在的数据，请求直接打到数据库。
+```python
+# 方案1：缓存空值
+def get_with_null_cache(key: str):
+    cached = r.get(key)
+    if cached == "NULL":
+        return None
+    if cached:
+        return json.loads(cached)
+    result = db.query(key)
+    if result is None:
+        r.set(key, "NULL", ex=60)  # 短 TTL 缓存空值
+        return None
+    r.set(key, json.dumps(result), ex=3600)
+    return result
+# 方案2：布隆过滤器（Redis Stack / RedisBloom）
+# BF.RESERVE valid_ids 0.001 1000000
+# BF.ADD valid_ids "id_1001"
+# BF.EXISTS valid_ids "id_9999"  -> 0 (不存在，直接拒绝)
+```
+### 缓存雪崩
+大量 key 同时过期，请求同时打到数据库。
+```python
+# 方案1：TTL 随机化（见上方 set_with_jitter）
+# 方案2：互斥锁 + 异步刷新
+def get_with_mutex(key: str):
+    cached = r.get(key)
+    if cached:
+        return json.loads(cached)
+    lock_key = f"lock:{key}"
+    if r.set(lock_key, "1", nx=True, ex=10):
+        try:
+            result = db.query(key)
+            r.set(key, json.dumps(result), ex=3600)
+            return result
+        finally:
+            r.delete(lock_key)
+    else:
+        # 其他线程正在刷新，等待后重试
+        import time
+        time.sleep(0.1)
+        return get_with_mutex(key)
+```
+### 缓存击穿
+单个热点 key 过期，大量并发请求同时打到数据库。
+```python
+# 方案1：互斥锁（同上 get_with_mutex）
+# 方案2：逻辑过期（永不真正过期）
+import time
+def set_with_logical_expiry(key: str, value: str, ttl: int):
+    data = {"value": value, "expire_at": time.time() + ttl}
+    r.set(key, json.dumps(data))  # 不设 Redis TTL
+def get_with_logical_expiry(key: str):
+    cached = r.get(key)
+    if not cached:
+        return None
+    data = json.loads(cached)
+    if time.time() < data["expire_at"]:
+        return data["value"]
+    # 已逻辑过期，异步刷新
+    lock_key = f"lock:refresh:{key}"
+    if r.set(lock_key, "1", nx=True, ex=10):
+        # 触发异步刷新（线程池/消息队列）
+        import threading
+        threading.Thread(target=refresh_cache, args=(key,)).start()
+    # 返回过期数据（而非 None）
+    return data["value"]
+```
+---
+## 分布式锁
+### SET NX EX（单节点锁）
+```python
+import uuid
+import time
+def acquire_lock(lock_name: str, timeout: int = 10) -> str | None:
+    """获取分布式锁，返回 token 用于安全释放"""
+    token = str(uuid.uuid4())
+    acquired = r.set(f"lock:{lock_name}", token, nx=True, ex=timeout)
+    return token if acquired else None
+# Lua 脚本安全释放（原子操作，防止误删他人的锁）
+RELEASE_LOCK_SCRIPT = """
+if redis.call('get', KEYS[1]) == ARGV[1] then
+    return redis.call('del', KEYS[1])
+else
+    return 0
+end
+"""
+def release_lock(lock_name: str, token: str) -> bool:
+    result = r.eval(RELEASE_LOCK_SCRIPT, 1, f"lock:{lock_name}", token)
+    return result == 1
+# 使用示例
+token = acquire_lock("order:5001", timeout=30)
+if token:
+    try:
+        # 业务逻辑
+        process_order(5001)
+    finally:
+        release_lock("order:5001", token)
+```
+### Redlock（多节点锁，Martin Kleppmann 有争议但广泛使用）
+```python
+# pip install redis
+# 需要至少5个独立 Redis 实例（非集群节点）
+import time
+import uuid
+REDIS_INSTANCES = [
+    redis.Redis(host=f"redis{i}", port=6379) for i in range(1, 6)
+]
+QUORUM = len(REDIS_INSTANCES) // 2 + 1  # 3
+def redlock_acquire(resource: str, ttl_ms: int = 10000) -> str | None:
+    token = str(uuid.uuid4())
+    start_time = time.monotonic()
+    acquired_count = 0
+    for instance in REDIS_INSTANCES:
+        try:
+            if instance.set(f"lock:{resource}", token, nx=True, px=ttl_ms):
+                acquired_count += 1
+        except redis.exceptions.ConnectionError:
+            continue
+    elapsed_ms = (time.monotonic() - start_time) * 1000
+    # 检查：多数节点获取成功 且 耗时未超过 TTL
+    if acquired_count >= QUORUM and elapsed_ms < ttl_ms:
+        return token
+    # 获取失败，释放所有已获取的锁
+    for instance in REDIS_INSTANCES:
+        try:
+            instance.eval(RELEASE_LOCK_SCRIPT, 1, f"lock:{resource}", token)
+        except redis.exceptions.ConnectionError:
+            continue
+    return None
+def redlock_release(resource: str, token: str):
+    for instance in REDIS_INSTANCES:
+        try:
+            instance.eval(RELEASE_LOCK_SCRIPT, 1, f"lock:{resource}", token)
+        except redis.exceptions.ConnectionError:
+            continue
+```
+> **注意**: 生产环境建议使用 `python-redis-lock` 或 `pottery` 库的 Redlock 实现，而非自行编写。
+---
+## 消息队列
+### Stream（推荐，Redis 5.0+）
+见上方 Stream 数据结构部分。Stream 提供：
+- 消费者组（Consumer Group）
+- 消息确认（ACK）
+- 待处理消息列表（PEL）
+- 消息回溯与重放
+### Pub/Sub（发布/订阅）
+适合实时通知，不保证消息持久化。
+```bash
+# 订阅（消费者终端）
+SUBSCRIBE channel:notifications
+PSUBSCRIBE channel:*           # 模式订阅
+# 发布（生产者终端）
+PUBLISH channel:notifications "order:5001 created"
+# Redis 7.0+ Sharded Pub/Sub（集群环境推荐）
+SSUBSCRIBE channel:notifications
+SPUBLISH channel:notifications "order:5001 created"
+```
+**Python redis-py 示例:**
+```python
+# 发布者
+r.publish("channel:notifications", "order:5001 created")
+# 订阅者（独立线程/进程）
+pubsub = r.pubsub()
+pubsub.subscribe("channel:notifications")
+for message in pubsub.listen():
+    if message["type"] == "message":
+        print(f"Received: {message['data']}")
+```
+**Stream vs Pub/Sub 对比:**
+| 特性 | Stream | Pub/Sub |
+|------|--------|---------|
+| 消息持久化 | 是 | 否 |
+| 消费者组 | 是 | 否 |
+| 消息确认 | 是 | 否 |
+| 历史回溯 | 是 | 否 |
+| 延迟 | 较低 | 极低 |
+| 适用场景 | 可靠消息队列 | 实时通知广播 |
+---
+## Lua 脚本
+Redis 保证 Lua 脚本的原子执行，适合需要多步原子操作的场景。
+```bash
+# 内联执行
+EVAL "return redis.call('get', KEYS[1])" 1 mykey
+# 条件自增（库存扣减示例）
+EVAL "
+local stock = tonumber(redis.call('get', KEYS[1]))
+if stock and stock >= tonumber(ARGV[1]) then
+    redis.call('decrby', KEYS[1], ARGV[1])
+    return 1
+end
+return 0
+" 1 stock:product:1001 2
+```
+**Python redis-py 示例:**
+```python
+# 注册 Lua 脚本（推荐，避免重复传输脚本体）
+deduct_stock_script = r.register_script("""
+local stock = tonumber(redis.call('get', KEYS[1]))
+if stock and stock >= tonumber(ARGV[1]) then
+    redis.call('decrby', KEYS[1], ARGV[1])
+    return 1
+end
+return 0
+""")
+# 使用
+r.set("stock:product:1001", 100)
+result = deduct_stock_script(keys=["stock:product:1001"], args=[2])
+# result == 1 表示扣减成功
+# 限流器（滑动窗口）
+rate_limit_script = r.register_script("""
+local key = KEYS[1]
+local limit = tonumber(ARGV[1])
+local window = tonumber(ARGV[2])
+local now = tonumber(ARGV[3])
+redis.call('zremrangebyscore', key, 0, now - window)
+local count = redis.call('zcard', key)
+if count < limit then
+    redis.call('zadd', key, now, now .. ':' .. math.random(100000))
+    redis.call('expire', key, window)
+    return 1
+end
+return 0
+""")
+import time
+allowed = rate_limit_script(
+    keys=["ratelimit:api:user:1001"],
+    args=[100, 60, int(time.time())]  # 100次/60秒
+)
+```
+---
+## Pipeline 与事务
+### Pipeline（批量命令，减少网络往返）
+```python
+# 不使用 Pipeline：N 次命令 = N 次网络往返
+# 使用 Pipeline：N 次命令 = 1 次网络往返
+pipe = r.pipeline(transaction=False)  # 非事务 Pipeline
+for i in range(1000):
+    pipe.set(f"key:{i}", f"value:{i}")
+results = pipe.execute()  # 批量执行
+# 带读取的 Pipeline
+pipe = r.pipeline(transaction=False)
+for i in range(100):
+    pipe.get(f"key:{i}")
+values = pipe.execute()  # 返回100个值
+```
+### 事务（MULTI/EXEC）
+```python
+# Redis 事务：原子执行一组命令（但不支持回滚）
+pipe = r.pipeline(transaction=True)  # 默认就是 True
+pipe.multi()
+pipe.set("account:A:balance", 800)
+pipe.set("account:B:balance", 1200)
+pipe.execute()  # 原子执行
+# WATCH 乐观锁
+def transfer(from_account: str, to_account: str, amount: int) -> bool:
+    with r.pipeline() as pipe:
+        while True:
+            try:
+                pipe.watch(from_account, to_account)
+                balance_from = int(pipe.get(from_account) or 0)
+                balance_to = int(pipe.get(to_account) or 0)
+                if balance_from < amount:
+                    pipe.unwatch()
+                    return False
+                pipe.multi()
+                pipe.set(from_account, balance_from - amount)
+                pipe.set(to_account, balance_to + amount)
+                pipe.execute()
+                return True
+            except redis.WatchError:
+                continue  # 被其他客户端修改，重试
+```
+---
+## 内存优化
+### 编码优化
+Redis 自动选择紧凑编码以节省内存：
+| 数据结构 | 紧凑编码 | 条件 | 普通编码 |
+|----------|----------|------|----------|
+| Hash | listpack (ziplist) | field 数 <= hash-max-listpack-entries (128) 且值 <= hash-max-listpack-value (64B) | hashtable |
+| List | listpack | 元素数 <= list-max-listpack-size (128) | quicklist |
+| Set | intset | 全部为整数且数量 <= set-max-intset-entries (512) | hashtable |
+| Set | listpack | 元素数 <= set-max-listpack-entries (128) | hashtable |
+| ZSet | listpack | 元素数 <= zset-max-listpack-entries (128) 且值 <= zset-max-listpack-value (64B) | skiplist + hashtable |
+```bash
+# 查看 key 的编码方式
+OBJECT ENCODING mykey
+# 调整阈值（redis.conf）
+hash-max-listpack-entries 128
+hash-max-listpack-value 64
+list-max-listpack-size 128
+set-max-intset-entries 512
+zset-max-listpack-entries 128
+zset-max-listpack-value 64
+```
+### 内存策略
+```bash
+# 最大内存限制
+maxmemory 4gb
+# 淘汰策略
+maxmemory-policy allkeys-lru       # 推荐：所有 key 中淘汰最近最少使用
+# 可选策略:
+# noeviction        - 不淘汰，写入报错（默认）
+# allkeys-lru       - 所有 key LRU 淘汰
+# allkeys-lfu       - 所有 key LFU 淘汰（Redis 4.0+）
+# volatile-lru      - 仅带 TTL 的 key LRU 淘汰
+# volatile-lfu      - 仅带 TTL 的 key LFU 淘汰
+# volatile-ttl      - 淘汰 TTL 最短的 key
+# allkeys-random    - 随机淘汰
+# volatile-random   - 随机淘汰（仅带 TTL 的 key）
+```
+### 内存碎片整理
+```bash
+# 查看内存碎片率
+INFO memory
+# mem_fragmentation_ratio > 1.5 表示碎片严重
+# 在线碎片整理（Redis 4.0+）
+CONFIG SET activedefrag yes
+CONFIG SET active-defrag-threshold-lower 10     # 碎片率 > 10% 开始
+CONFIG SET active-defrag-threshold-upper 100    # 碎片率 > 100% 全力整理
+CONFIG SET active-defrag-cycle-min 1            # CPU 占用最小 1%
+CONFIG SET active-defrag-cycle-max 25           # CPU 占用最大 25%
+```
+**Python 内存分析:**
+```python
+info = r.info("memory")
+print(f"已使用内存: {info['used_memory_human']}")
+print(f"峰值内存: {info['used_memory_peak_human']}")
+print(f"碎片率: {info['mem_fragmentation_ratio']}")
+print(f"淘汰策略: {info['maxmemory_policy']}")
+# 大 key 分析
+# redis-cli --bigkeys         # 扫描大 key
+# redis-cli --memkeys         # 按内存排序
+```
+---
+## 监控
+### INFO 命令
+```bash
+INFO                     # 全部信息
+INFO server              # 服务器信息
+INFO clients             # 客户端连接
+INFO memory              # 内存使用
+INFO stats               # 统计信息
+INFO replication         # 复制状态
+INFO keyspace            # 数据库 key 统计
+INFO commandstats        # 命令执行统计
+```
+**Python 监控脚本:**
+```python
+def redis_health_check():
+    info = r.info()
+    metrics = {
+        "connected_clients": info["connected_clients"],
+        "used_memory_human": info["used_memory_human"],
+        "mem_fragmentation_ratio": info["mem_fragmentation_ratio"],
+        "instantaneous_ops_per_sec": info["instantaneous_ops_per_sec"],
+        "hit_rate": (
+            info["keyspace_hits"]
+            / max(info["keyspace_hits"] + info["keyspace_misses"], 1)
+            * 100
+        ),
+        "connected_slaves": info.get("connected_slaves", 0),
+        "rejected_connections": info["rejected_connections"],
+        "evicted_keys": info["evicted_keys"],
+        "expired_keys": info["expired_keys"],
+    }
+    # 告警阈值
+    if metrics["mem_fragmentation_ratio"] > 1.5:
+        alert("内存碎片率过高", metrics["mem_fragmentation_ratio"])
+    if metrics["hit_rate"] < 90:
+        alert("缓存命中率低", metrics["hit_rate"])
+    if metrics["connected_clients"] > 9000:
+        alert("连接数接近上限", metrics["connected_clients"])
+    return metrics
+```
+### SLOWLOG
+```bash
+# 配置慢查询阈值（微秒）
+CONFIG SET slowlog-log-slower-than 10000    # 10ms
+CONFIG SET slowlog-max-len 128              # 保留最近128条
+# 查看慢查询
+SLOWLOG GET 10          # 最近10条
+SLOWLOG LEN             # 慢查询数量
+SLOWLOG RESET           # 清空
+```
+### 延迟监控
+```bash
+# 实时延迟检测
+redis-cli --latency                  # 持续检测
+redis-cli --latency-history          # 每15秒一组
+redis-cli --latency-dist             # 延迟分布图
+# 内部延迟监控
+CONFIG SET latency-monitor-threshold 100    # 超过100ms记录
+LATENCY LATEST                               # 最近事件
+LATENCY HISTORY event_name                   # 历史记录
+LATENCY RESET                                # 清空
+```
+### CLIENT LIST
+```bash
+# 查看所有客户端连接
+CLIENT LIST
+CLIENT LIST TYPE normal     # 仅普通连接
+# 关键字段
+# id=5 addr=127.0.0.1:50000 fd=8 name= db=0 cmd=get age=100 idle=0
+# age: 连接时长  idle: 空闲时长  cmd: 最近命令
+# 关闭空闲连接
+CLIENT KILL ID 5
+CONFIG SET timeout 300      # 300秒空闲自动断开
+```
+---
+## 安全
+### ACL（Redis 6.0+）
+```bash
+# 查看当前用户
+ACL WHOAMI
+# 创建用户
+ACL SETUSER analyst on >strong_password ~report:* &* +get +mget +hgetall +info -@dangerous
+# 语法说明:
+# on/off         - 启用/禁用
+# >password      - 设置密码
+# ~key_pattern   - 允许的 key 模式
+# &channel       - 允许的 Pub/Sub channel
+# +command       - 允许的命令
+# -command       - 禁止的命令
+# +@category     - 允许整个命令类别
+# -@dangerous    - 禁止危险命令
+# 查看所有用户
+ACL LIST
+ACL GETUSER analyst
+# 持久化 ACL 规则
+ACL SAVE                    # 保存到 aclfile
+ACL LOAD                    # 从 aclfile 加载
+# 常用命令类别
+ACL CAT                     # 列出所有类别
+# @read, @write, @set, @hash, @list, @sortedset, @string
+# @admin, @dangerous, @slow, @fast, @keyspace, @pubsub
+```
+### TLS 加密
+```bash
+# redis.conf
+tls-port 6380
+port 0                          # 禁用非 TLS 端口
+tls-cert-file /path/to/redis.crt
+tls-key-file /path/to/redis.key
+tls-ca-cert-file /path/to/ca.crt
+tls-auth-clients optional       # 客户端证书验证
+# 客户端连接
+redis-cli --tls --cert /path/to/client.crt --key /path/to/client.key --cacert /path/to/ca.crt -h host -p 6380
+```
+**Python TLS 连接:**
+```python
+import ssl
+ssl_context = ssl.create_default_context(cafile="/path/to/ca.crt")
+ssl_context.load_cert_chain(
+    certfile="/path/to/client.crt",
+    keyfile="/path/to/client.key",
+)
+r = redis.Redis(
+    host="redis-host",
+    port=6380,
+    ssl=True,
+    ssl_ca_certs="/path/to/ca.crt",
+    ssl_certfile="/path/to/client.crt",
+    ssl_keyfile="/path/to/client.key",
+    decode_responses=True,
+)
+```
+### 密码认证
+```bash
+# redis.conf
+requirepass "your_strong_password_here"
+# 客户端认证
+AUTH "your_strong_password_here"
+redis-cli -a "your_strong_password_here"     # 不推荐（密码出现在进程列表）
+redis-cli --askpass                           # 推荐（交互式输入）
+```
+### 安全加固清单
+```bash
+# 1. 绑定地址
+bind 127.0.0.1 192.168.1.100    # 不要 bind 0.0.0.0
+# 2. 禁用危险命令
+rename-command FLUSHALL ""
+rename-command FLUSHDB ""
+rename-command CONFIG ""         # 或重命名为随机字符串
+rename-command DEBUG ""
+rename-command KEYS ""           # 用 SCAN 替代
+# 3. 禁用 Lua 调试
+enable-debug-command no
+# 4. 连接限制
+maxclients 10000
+timeout 300                      # 空闲超时
+# 5. 保护模式
+protected-mode yes               # 默认开启
+```
+---
+## 常见陷阱
+### 大 Key（Big Key）
+大 Key 导致：阻塞其他命令、网络拥塞、内存倾斜、主从同步延迟。
+```bash
+# 检测大 Key
+redis-cli --bigkeys
+redis-cli --memkeys --memkeys-samples 100
+# 查看单个 key 内存
+MEMORY USAGE mykey SAMPLES 0
+OBJECT ENCODING mykey
+DEBUG OBJECT mykey              # 生产慎用
+```
+**治理方案:**
+```python
+# 拆分大 Hash（>= 5000 fields 应拆分）
+def split_large_hash(key: str, data: dict, bucket_size: int = 500):
+    for field, value in data.items():
+        bucket = hash(field) % (len(data) // bucket_size + 1)
+        r.hset(f"{key}:bucket:{bucket}", field, value)
+def get_from_split_hash(key: str, field: str, total_buckets: int):
+    bucket = hash(field) % total_buckets
+    return r.hget(f"{key}:bucket:{bucket}", field)
+# 异步删除大 Key（Redis 4.0+）
+r.unlink("large_key")   # 异步删除，不阻塞主线程
+# 避免使用 DEL 删除大 Key
+```
+**大 Key 阈值参考:**
+| 数据类型 | 危险阈值 |
+|----------|----------|
+| String | > 10KB |
+| Hash | > 5000 fields 或 value > 10KB |
+| List | > 10000 元素 |
+| Set | > 10000 成员 |
+| ZSet | > 10000 成员 |
+### 热 Key（Hot Key）
+单个 key 被高并发访问，导致单节点成为瓶颈。
+```python
+# 方案1：本地缓存 + Redis（两级缓存）
+from functools import lru_cache
+import time
+LOCAL_CACHE = {}
+LOCAL_TTL = 5  # 本地缓存5秒
+def get_hot_key(key: str):
+    now = time.time()
+    if key in LOCAL_CACHE and now < LOCAL_CACHE[key]["expire"]:
+        return LOCAL_CACHE[key]["value"]
+    value = r.get(key)
+    LOCAL_CACHE[key] = {"value": value, "expire": now + LOCAL_TTL}
+    return value
+# 方案2：读副本分散（key 加后缀）
+import random
+def set_hot_key(key: str, value: str, replicas: int = 3):
+    pipe = r.pipeline(transaction=False)
+    for i in range(replicas):
+        pipe.set(f"{key}:r{i}", value, ex=3600)
+    pipe.execute()
+def get_hot_key_replica(key: str, replicas: int = 3):
+    replica = random.randint(0, replicas - 1)
+    return r.get(f"{key}:r{replica}")
+```
+### 内存碎片
+长时间运行后频繁的创建/删除操作会产生内存碎片。
+```python
+def check_fragmentation():
+    info = r.info("memory")
+    ratio = info["mem_fragmentation_ratio"]
+    if ratio > 1.5:
+        print(f"WARNING: 内存碎片率 {ratio:.2f}，建议启用在线碎片整理")
+        r.config_set("activedefrag", "yes")
+    elif ratio < 1.0:
+        print(f"WARNING: 碎片率 < 1.0 ({ratio:.2f})，可能存在 swap，检查系统内存")
+    else:
+        print(f"OK: 内存碎片率 {ratio:.2f}")
+```
+### 其他常见陷阱
+```python
+# 1. KEYS 命令（生产禁用，用 SCAN 替代）
+# ❌ KEYS user:*           # O(N) 全量扫描，阻塞
+# ✅ SCAN 0 MATCH user:* COUNT 100
+def scan_keys(pattern: str, count: int = 100):
+    """安全扫描 key"""
+    cursor = 0
+    keys = []
+    while True:
+        cursor, batch = r.scan(cursor=cursor, match=pattern, count=count)
+        keys.extend(batch)
+        if cursor == 0:
+            break
+    return keys
+# 2. 连接泄漏（务必使用连接池）
+# ❌
+r = redis.Redis(host="localhost")  # 每次新建连接
+# ✅
+pool = redis.ConnectionPool(host="localhost", port=6379, max_connections=50)
+r = redis.Redis(connection_pool=pool)
+# 3. 序列化选择
+import json
+import pickle
+# ❌ pickle（安全风险 + 不可跨语言）
+r.set("data", pickle.dumps(obj))
+# ✅ JSON（安全 + 可跨语言）
+r.set("data", json.dumps(obj))
+# ✅ msgpack（更紧凑）
+import msgpack
+r.set("data", msgpack.packb(obj))
+# 4. 过期时间丢失
+r.set("key", "value", ex=3600)
+r.set("key", "new_value")       # ⚠️ TTL 被清除！
+r.set("key", "new_value", keepttl=True)  # ✅ 保留 TTL (Redis 6.0+)
+```
+---
+## Agent Checklist
+开发和运维 Redis 相关任务时，按以下清单检查：
+### 数据模型设计
+- [ ] 选择了最合适的数据结构（不是所有场景都用 String）
+- [ ] Hash/List/Set/ZSet 的元素数量在紧凑编码阈值内（或已评估超出的影响）
+- [ ] Key 命名规范统一（`业务:对象类型:ID:属性`，使用冒号分隔）
+- [ ] 已评估大 Key 风险（单个 value < 10KB，集合类 < 10000 元素）
+- [ ] 热 Key 已识别并有应对方案（本地缓存 / 读副本）
+### 缓存策略
+- [ ] 明确选择了缓存模式（Cache-Aside / Write-Through / Write-Behind）
+- [ ] 所有缓存 key 设置了合理的 TTL
+- [ ] TTL 添加了随机偏移（防止缓存雪崩）
+- [ ] 缓存穿透防护已就位（空值缓存 / 布隆过滤器）
+- [ ] 热点 key 击穿防护已就位（互斥锁 / 逻辑过期）
+### 高可用与持久化
+- [ ] 持久化策略已配置（推荐混合持久化）
+- [ ] 主从复制已验证 `INFO replication`
+- [ ] Sentinel / Cluster 故障转移已测试
+- [ ] 客户端使用 Sentinel/Cluster 感知的连接方式
+- [ ] `min-replicas-to-write` 和 `min-replicas-max-lag` 已配置
+### 性能与内存
+- [ ] 使用 Pipeline 批量执行命令（减少网络往返）
+- [ ] 生产环境禁用 KEYS 命令，使用 SCAN 替代
+- [ ] `maxmemory` 和 `maxmemory-policy` 已配置
+- [ ] 内存碎片率定期检查（`mem_fragmentation_ratio`）
+- [ ] 大 Key 删除使用 `UNLINK` 而非 `DEL`
+- [ ] 连接使用连接池，max_connections 已合理设置
+### 分布式锁
+- [ ] 锁有 token（UUID），释放时校验 token（Lua 原子操作）
+- [ ] 锁设置了合理的过期时间（防止死锁）
+- [ ] 已考虑锁续期场景（长任务需 watchdog 机制）
+- [ ] 跨数据中心场景评估了 Redlock 的适用性
+### 安全
+- [ ] 启用了 ACL（Redis 6.0+），最小权限原则
+- [ ] 危险命令已禁用或重命名（FLUSHALL / FLUSHDB / CONFIG / KEYS / DEBUG）
+- [ ] 绑定了具体 IP（非 0.0.0.0）
+- [ ] TLS 加密已启用（公网 / 跨网段必须）
+- [ ] `protected-mode yes` 已确认
+### 监控与运维
+- [ ] SLOWLOG 已配置（阈值 10ms）
+- [ ] 缓存命中率持续监控（`keyspace_hits / (hits + misses)`）
+- [ ] 连接数、内存、OPS 有告警
+- [ ] 定期执行 `redis-cli --bigkeys` 巡检
+- [ ] AOF 重写和 RDB 快照的资源影响已评估
+---
+**知识ID**: `redis-complete`
+**领域**: data
+**类型**: standards
+**难度**: intermediate-advanced
+**质量分**: 95
+**维护者**: data-team@umadev.com
+**最后更新**: 2026-03-28