npm - @umacloud/knowledge - Versions diffs - 1.0.1 - Mend

@umacloud/knowledge 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (418) hide show

package/00-governance/governance-capabilities.md +557 -0
package/00-governance/knowledge-map.md +39 -0
package/00-governance/maintenance-policy.md +76 -0
package/00-governance/review-checklist.md +81 -0
package/README.md +13 -0
package/ai/01-standards/agent-development-complete.md +691 -0
package/ai/01-standards/llm-application-complete.md +488 -0
package/ai/01-standards/mlops-complete.md +798 -0
package/ai/01-standards/prompt-engineering-complete.md +646 -0
package/ai/01-standards/rag-architecture-complete.md +649 -0
package/ai/02-playbooks/llm-evaluation-playbook.md +847 -0
package/ai/03-checklists/ai-project-checklist.md +215 -0
package/ai/04-antipatterns/ai-antipatterns.md +661 -0
package/ai/05-cases/case-rag-production.md +147 -0
package/ai/06-glossary/ai-glossary.md +162 -0
package/ai/agent-evaluation-benchmark.md +53 -0
package/ai/ai-agent-memory-context-management.md +41 -0
package/ai/ai-cost-capacity-optimization-playbook.md +42 -0
package/ai/ai-data-security-and-compliance-playbook.md +37 -0
package/ai/ai-domain-index-and-checklist.md +40 -0
package/ai/ai-governance-maturity-model.md +50 -0
package/ai/ai-model-selection-and-routing-strategy.md +47 -0
package/ai/ai-observability-and-oncall-runbook.md +52 -0
package/ai/ai-rag-engineering-playbook.md +42 -0
package/ai/ai-red-team-and-safety-evaluation.md +42 -0
package/ai/ai-release-readiness-and-rollback-gate.md +42 -0
package/ai/llm-agent-engineering-deep-dive.md +57 -0
package/ai/prompt-and-tool-guardrails.md +52 -0
package/api/01-standards/enterprise-api-standards.md +198 -0
package/api/01-standards/rest-api-design-guide.md +63 -0
package/api/02-playbooks/api-pagination-playbook.md +93 -0
package/api/02-playbooks/graphql-production-playbook.md +176 -0
package/api/03-checklists/api-review-checklist.md +55 -0
package/api/04-antipatterns/api-antipatterns.md +112 -0
package/architecture/01-standards/api-gateway-patterns.md +496 -0
package/architecture/01-standards/cloud-native-patterns.md +644 -0
package/architecture/01-standards/distributed-systems-patterns.md +591 -0
package/architecture/01-standards/event-driven-architecture.md +595 -0
package/architecture/01-standards/microservices-patterns-complete.md +968 -0
package/architecture/01-standards/microservices-patterns.md +495 -0
package/architecture/01-standards/system-design-interview.md +664 -0
package/architecture/02-playbooks/microservices-patterns-playbook.md +137 -0
package/architecture/02-playbooks/migration-playbook.md +780 -0
package/architecture/02-playbooks/system-design-playbook.md +779 -0
package/architecture/03-checklists/architecture-decision-checklist.md +297 -0
package/architecture/04-antipatterns/architecture-antipatterns.md +417 -0
package/architecture/05-cases/case-netflix-microservices.md +413 -0
package/architecture/06-glossary/architecture-glossary.md +164 -0
package/architecture/adr-template-and-examples.md +38 -0
package/architecture/api-gateway-deep-dive.md +1291 -0
package/architecture/configuration-management.md +1162 -0
package/architecture/distributed-transactions.md +1220 -0
package/architecture/microservices-complete.md +735 -0
package/architecture/resilience-and-disaster-patterns.md +37 -0
package/architecture/service-governance.md +1198 -0
package/architecture/system-architecture-deep-dive.md +37 -0
package/backend/01-standards/analytics-and-growth.md +65 -0
package/backend/01-standards/api-and-error-conventions.md +120 -0
package/backend/01-standards/application-layering-and-packaging.md +160 -0
package/backend/01-standards/auth-implementation.md +104 -0
package/backend/01-standards/backend-framework-idioms.md +74 -0
package/backend/01-standards/background-jobs-and-async.md +66 -0
package/backend/01-standards/caching-strategies-complete.md +390 -0
package/backend/01-standards/config-and-observability.md +77 -0
package/backend/01-standards/data-modeling-and-persistence.md +94 -0
package/backend/01-standards/django-complete.md +1765 -0
package/backend/01-standards/email-and-notifications.md +64 -0
package/backend/01-standards/fastapi-complete.md +925 -0
package/backend/01-standards/file-upload-and-storage.md +66 -0
package/backend/01-standards/graphql-api-complete.md +416 -0
package/backend/01-standards/llm-application-standard.md +78 -0
package/backend/01-standards/message-queue-patterns.md +379 -0
package/backend/01-standards/microservices-and-distributed.md +78 -0
package/backend/01-standards/nestjs-complete.md +2167 -0
package/backend/01-standards/payment-integration.md +80 -0
package/backend/01-standards/rate-limiting-complete.md +451 -0
package/backend/01-standards/realtime-and-websocket.md +65 -0
package/backend/01-standards/search-and-filtering.md +64 -0
package/backend/01-standards/spring-boot-complete.md +445 -0
package/backend/02-playbooks/api-design-playbook.md +718 -0
package/backend/02-playbooks/email-send-playbook.md +130 -0
package/backend/02-playbooks/file-upload-s3-playbook.md +153 -0
package/backend/02-playbooks/typescript-enterprise-playbook.md +133 -0
package/backend/02-playbooks/websocket-realtime-playbook.md +154 -0
package/backend/03-checklists/api-launch-checklist.md +189 -0
package/backend/04-antipatterns/backend-antipatterns.md +1051 -0
package/blockchain/01-standards/blockchain-basics.md +557 -0
package/blockchain/01-standards/smart-contract-development.md +1315 -0
package/cicd/01-standards/deployment-and-delivery-standard.md +96 -0
package/cicd/01-standards/github-actions-complete.md +473 -0
package/cicd/01-standards/release-and-store-submission.md +75 -0
package/cicd/02-playbooks/cicd-pipeline-playbook.md +144 -0
package/cicd/02-playbooks/release-management-playbook.md +605 -0
package/cicd/03-checklists/pipeline-security-checklist.md +168 -0
package/cicd/04-antipatterns/cicd-antipatterns.md +589 -0
package/cicd/05-cases/case-deployment-automation.md +221 -0
package/cicd/05-cases/case-gitops-transformation.md +212 -0
package/cicd/06-glossary/cicd-glossary.md +114 -0
package/cicd/cicd-blueprint-deep-dive.md +38 -0
package/cicd/release-readiness-gate.md +37 -0
package/cloud-native/01-standards/container-security.md +741 -0
package/cloud-native/01-standards/kubernetes-complete.md +812 -0
package/cloud-native/02-playbooks/api-gateway-playbook.md +155 -0
package/cloud-native/02-playbooks/gitops-with-argocd.md +760 -0
package/cloud-native/02-playbooks/k8s-troubleshooting-playbook.md +1942 -0
package/cloud-native/02-playbooks/message-queue-playbook.md +129 -0
package/cloud-native/02-playbooks/multicloud-governance.md +726 -0
package/cloud-native/02-playbooks/serverless-patterns.md +788 -0
package/cloud-native/02-playbooks/service-mesh-playbook.md +612 -0
package/cloud-native/02-playbooks/terraform-iac-playbook.md +143 -0
package/cloud-native/03-checklists/container-security-checklist.md +431 -0
package/cloud-native/03-checklists/k8s-production-readiness-checklist.md +460 -0
package/cloud-native/04-antipatterns/container-antipatterns.md +660 -0
package/cloud-native/04-antipatterns/k8s-antipatterns.md +743 -0
package/cloud-native/05-cases/case-k8s-migration.md +478 -0
package/cloud-native/05-cases/case-k8s-scaling.md +642 -0
package/cloud-native/05-cases/case-k8s-security-incident.md +397 -0
package/cloud-native/06-glossary/cloud-native-glossary.md +337 -0
package/cross-platform/01-standards/cross-platform-frameworks.md +83 -0
package/cross-platform/01-standards/platform-selection-and-architecture.md +77 -0
package/data/01-standards/elasticsearch-complete.md +2098 -0
package/data/01-standards/postgresql-complete.md +1613 -0
package/data/01-standards/redis-complete.md +1527 -0
package/data/02-playbooks/database-optimization-playbook.md +403 -0
package/data/02-playbooks/elasticsearch-production-playbook.md +132 -0
package/data/03-checklists/database-launch-checklist.md +187 -0
package/data/04-antipatterns/database-antipatterns.md +873 -0
package/data/05-cases/case-database-migration.md +310 -0
package/data/06-glossary/database-glossary.md +440 -0
package/data/data-governance-and-modeling-deep-dive.md +39 -0
package/data-engineering/01-standards/airflow-complete.md +523 -0
package/data-engineering/01-standards/kafka-complete.md +1521 -0
package/data-engineering/02-playbooks/spark-etl-playbook.md +496 -0
package/data-engineering/03-checklists/pipeline-launch-checklist.md +194 -0
package/data-engineering/04-antipatterns/data-pipeline-antipatterns.md +684 -0
package/data-engineering/05-cases/case-real-time-pipeline.md +355 -0
package/data-engineering/06-glossary/data-engineering-glossary.md +429 -0
package/database/01-standards/database-schema-standards.md +147 -0
package/database/02-playbooks/postgresql-optimization-quick.md +52 -0
package/database/02-playbooks/postgresql-performance-optimization.md +58 -0
package/database/02-playbooks/postgresql-production-playbook.md +146 -0
package/database/02-playbooks/redis-caching-playbook.md +117 -0
package/database/03-checklists/database-review-checklist.md +50 -0
package/database/04-antipatterns/database-antipatterns.md +112 -0
package/design/01-standards/ui-design-system-complete.md +423 -0
package/design/02-playbooks/design-handoff-playbook.md +254 -0
package/design/02-playbooks/design-review-playbook.md +388 -0
package/design/03-checklists/design-review-checklist.md +246 -0
package/design/04-antipatterns/design-antipatterns.md +378 -0
package/design/05-cases/case-design-system-adoption.md +328 -0
package/design/06-glossary/design-glossary.md +329 -0
package/design/ui-full-lifecycle-cross-platform-playbook.md +571 -0
package/design/ux-system-deep-dive.md +38 -0
package/design-systems/00-craft-rules.md +71 -0
package/design-systems/aesthetic-families.md +43 -0
package/design-systems/anti-ai-slop.md +162 -0
package/design-systems/bold-geometric.md +120 -0
package/design-systems/brutalist-bold.md +103 -0
package/design-systems/editorial-clean.md +109 -0
package/design-systems/glass-aurora.md +108 -0
package/design-systems/modern-minimal.md +145 -0
package/design-systems/premium-luxury.md +106 -0
package/design-systems/product-type-design-map.md +48 -0
package/design-systems/soft-warm.md +123 -0
package/design-systems/tech-utility.md +113 -0
package/desktop/01-standards/desktop-app-standard.md +72 -0
package/desktop/01-standards/desktop-design.md +71 -0
package/development/00-governance/document-template.md +41 -0
package/development/01-standards/api-versioning-strategies.md +432 -0
package/development/01-standards/authentication-patterns-complete.md +479 -0
package/development/01-standards/css-architecture-complete.md +550 -0
package/development/01-standards/database-migration-strategies.md +484 -0
package/development/01-standards/elasticsearch-complete.md +347 -0
package/development/01-standards/git-complete.md +371 -0
package/development/01-standards/golang-complete.md +1565 -0
package/development/01-standards/graphql-complete.md +298 -0
package/development/01-standards/javascript-bundlers-complete.md +469 -0
package/development/01-standards/javascript-typescript-complete.md +528 -0
package/development/01-standards/jest-complete.md +275 -0
package/development/01-standards/linux-complete.md +234 -0
package/development/01-standards/logging-observability-complete.md +526 -0
package/development/01-standards/microservices-communication.md +502 -0
package/development/01-standards/mongodb-complete.md +406 -0
package/development/01-standards/oauth2-complete.md +285 -0
package/development/01-standards/performance-optimization-complete.md +289 -0
package/development/01-standards/playwright-complete.md +247 -0
package/development/01-standards/postgresql-complete.md +456 -0
package/development/01-standards/pytest-complete.md +340 -0
package/development/01-standards/python-async-programming.md +902 -0
package/development/01-standards/python-complete.md +956 -0
package/development/01-standards/python-decorators-complete.md +799 -0
package/development/01-standards/python-design-patterns.md +2854 -0
package/development/01-standards/python-packaging-distribution.md +420 -0
package/development/01-standards/python-testing-strategies.md +607 -0
package/development/01-standards/python-web-frameworks-comparison.md +471 -0
package/development/01-standards/redis-complete.md +317 -0
package/development/01-standards/rest-api-complete.md +316 -0
package/development/01-standards/rust-complete.md +578 -0
package/development/01-standards/typescript-advanced-types.md +1513 -0
package/development/01-standards/web-security-complete.md +292 -0
package/development/02-playbooks/api-design-playbook.md +810 -0
package/development/02-playbooks/database-migration-playbook.md +580 -0
package/development/02-playbooks/debugging-playbook.md +692 -0
package/development/02-playbooks/feature-delivery-playbook.md +430 -0
package/development/02-playbooks/incident-hotfix-playbook.md +387 -0
package/development/02-playbooks/performance-optimization-playbook.md +531 -0
package/development/02-playbooks/performance-tuning-playbook.md +652 -0
package/development/02-playbooks/refactor-playbook.md +403 -0
package/development/02-playbooks/release-playbook.md +469 -0
package/development/03-checklists/architecture-review-checklist.md +168 -0
package/development/03-checklists/data-migration-checklist.md +157 -0
package/development/03-checklists/oncall-handover-checklist.md +173 -0
package/development/03-checklists/pr-checklist.md +158 -0
package/development/03-checklists/production-readiness-checklist.md +190 -0
package/development/03-checklists/release-readiness-checklist.md +154 -0
package/development/03-checklists/security-review-checklist.md +182 -0
package/development/04-antipatterns/api-antipatterns.md +657 -0
package/development/04-antipatterns/architecture-antipatterns.md +686 -0
package/development/04-antipatterns/backend-antipatterns.md +648 -0
package/development/04-antipatterns/cicd-antipatterns.md +540 -0
package/development/04-antipatterns/code-smell-antipatterns.md +571 -0
package/development/04-antipatterns/data-antipatterns.md +658 -0
package/development/04-antipatterns/database-antipatterns.md +578 -0
package/development/04-antipatterns/frontend-antipatterns.md +635 -0
package/development/04-antipatterns/reliability-antipatterns.md +700 -0
package/development/04-antipatterns/security-antipatterns.md +747 -0
package/development/05-cases/case-api-version-migration.md +428 -0
package/development/05-cases/case-authorization-hardening.md +383 -0
package/development/05-cases/case-bluegreen-rollback.md +466 -0
package/development/05-cases/case-cache-snowball-protection.md +485 -0
package/development/05-cases/case-ci-cd-pipeline.md +544 -0
package/development/05-cases/case-database-scaling.md +500 -0
package/development/05-cases/case-db-hotspot-optimization.md +487 -0
package/development/05-cases/case-incident-mttr-reduction.md +563 -0
package/development/05-cases/case-microservice-migration.md +375 -0
package/development/05-cases/case-performance-optimization.md +406 -0
package/development/05-cases/case-security-incident-response.md +345 -0
package/development/06-glossary/full-stack-glossary.md +166 -0
package/development/09-maturity/quarterly-audit-template.md +35 -0
package/development/11-ui-excellence/ui-aesthetic-system.md +41 -0
package/development/11-ui-excellence/ui-engineering-excellence.md +435 -0
package/development/12-scenarios/development-scenarios-guide.md +565 -0
package/development/13-implementation-assets/implementation-toolkit.md +282 -0
package/development/13-implementation-assets/knowledge-gates-execution.md +43 -0
package/development/14-full-lifecycle/software-lifecycle-gates.md +511 -0
package/development/15-lifecycle-templates/project-templates-collection.md +791 -0
package/development/api-contract-and-versioning-guide.md +36 -0
package/development/api-governance-complete.md +43 -0
package/development/backend-engineering-complete.md +43 -0
package/development/code-review-quality-complete.md +43 -0
package/development/concurrency-reliability-complete.md +43 -0
package/development/database-engineering-complete.md +43 -0
package/development/engineering-effectiveness-complete.md +43 -0
package/development/engineering-standards-deep-dive.md +38 -0
package/development/frontend-engineering-complete.md +43 -0
package/development/performance-capacity-complete.md +43 -0
package/development/refactor-migration-complete.md +42 -0
package/development/refactoring-and-techdebt-playbook.md +37 -0
package/development/security-in-development-complete.md +43 -0
package/devops/01-standards/cicd-pipeline-complete.md +262 -0
package/devops/01-standards/docker-complete.md +1490 -0
package/devops/01-standards/github-actions-complete.md +337 -0
package/devops/01-standards/kubernetes-complete.md +638 -0
package/devops/01-standards/terraform-complete.md +2117 -0
package/devops/02-playbooks/docker-compose-playbook.md +233 -0
package/devops/02-playbooks/docker-k8s-production-playbook.md +186 -0
package/devops/02-playbooks/docker-production-playbook.md +952 -0
package/edge-iot/01-standards/edge-iot-complete.md +473 -0
package/experts/architect/api-design.md +178 -0
package/experts/architect/methodology.md +124 -0
package/experts/architect/security.md +75 -0
package/experts/backend-lead/methodology.md +216 -0
package/experts/devops/methodology.md +160 -0
package/experts/frontend-lead/methodology.md +178 -0
package/experts/product-manager/industry/ecommerce.md +43 -0
package/experts/product-manager/industry/saas.md +40 -0
package/experts/product-manager/methodology.md +97 -0
package/experts/qa-lead/methodology.md +123 -0
package/experts/qa-lead/test-strategy.md +128 -0
package/experts/uiux-designer/methodology.md +125 -0
package/frontend/01-standards/accessibility-complete.md +532 -0
package/frontend/01-standards/accessibility-standard.md +74 -0
package/frontend/01-standards/admin-dashboard-and-crud.md +72 -0
package/frontend/01-standards/design-tokens-complete.md +444 -0
package/frontend/01-standards/forms-and-validation.md +77 -0
package/frontend/01-standards/frontend-architecture-and-layering.md +119 -0
package/frontend/01-standards/i18n-and-localization.md +65 -0
package/frontend/01-standards/nextjs-complete.md +451 -0
package/frontend/01-standards/react-complete.md +713 -0
package/frontend/01-standards/react-hooks-complete-guide.md +1100 -0
package/frontend/01-standards/react-hooks-complete.md +1171 -0
package/frontend/01-standards/seo-and-web-vitals.md +77 -0
package/frontend/01-standards/state-management-complete.md +444 -0
package/frontend/01-standards/vue-complete.md +499 -0
package/frontend/01-standards/vue3-complete.md +2002 -0
package/frontend/01-standards/web-framework-best-practices.md +64 -0
package/frontend/01-standards/web-performance-complete.md +495 -0
package/frontend/02-playbooks/accessibility-a11y-playbook.md +161 -0
package/frontend/02-playbooks/frontend-performance-playbook.md +707 -0
package/frontend/02-playbooks/i18n-internationalization-playbook.md +120 -0
package/frontend/02-playbooks/performance-optimization-playbook.md +163 -0
package/frontend/02-playbooks/react-nextjs-production-playbook.md +167 -0
package/frontend/02-playbooks/react-state-management-playbook.md +173 -0
package/frontend/03-checklists/component-quality-checklist.md +166 -0
package/frontend/03-checklists/frontend-launch-checklist.md +299 -0
package/frontend/04-antipatterns/frontend-antipatterns.md +886 -0
package/frontend/05-cases/case-performance-optimization.md +274 -0
package/harmony/01-standards/harmonyos-arkts-standard.md +75 -0
package/harmony/01-standards/harmonyos-design.md +65 -0
package/high-quality-engineering-playbook.md +54 -0
package/incident/01-standards/incident-response-complete.md +303 -0
package/incident/02-playbooks/chaos-engineering-playbook.md +883 -0
package/incident/02-playbooks/postmortem-playbook.md +398 -0
package/incident/03-checklists/incident-readiness-checklist.md +181 -0
package/incident/04-antipatterns/incident-antipatterns.md +490 -0
package/incident/05-cases/case-cascade-failure.md +176 -0
package/incident/06-glossary/incident-glossary.md +114 -0
package/incident/postmortem-and-response-deep-dive.md +39 -0
package/industries/ecommerce/ecommerce-complete.md +631 -0
package/industries/education/education-complete.md +555 -0
package/industries/fintech/fintech-complete.md +501 -0
package/industries/gaming/gaming-complete.md +587 -0
package/industries/healthcare/healthcare-complete.md +452 -0
package/low-code/01-standards/low-code-complete.md +944 -0
package/miniprogram/01-standards/ai-common-mistakes.md +61 -0
package/miniprogram/01-standards/miniprogram-custom-navbar-capsule.md +77 -0
package/miniprogram/01-standards/miniprogram-design.md +61 -0
package/miniprogram/01-standards/miniprogram-standard.md +81 -0
package/mobile/01-standards/android-material-design.md +70 -0
package/mobile/01-standards/flutter-complete.md +384 -0
package/mobile/01-standards/ios-design-hig.md +78 -0
package/mobile/01-standards/mobile-app-standard.md +85 -0
package/mobile/01-standards/react-native-complete.md +352 -0
package/mobile/02-playbooks/mobile-cross-platform-playbook.md +175 -0
package/mobile/02-playbooks/mobile-performance.md +473 -0
package/mobile/03-checklists/mobile-release-checklist.md +234 -0
package/mobile/04-antipatterns/mobile-antipatterns.md +798 -0
package/mobile/05-cases/case-app-performance.md +500 -0
package/mobile/05-cases/case-app-startup-optimization.md +218 -0
package/mobile/06-glossary/mobile-glossary.md +484 -0
package/observability/01-standards/observability-standards.md +103 -0
package/observability/02-playbooks/prometheus-grafana-playbook.md +135 -0
package/observability/02-playbooks/structured-logging-playbook.md +73 -0
package/observability/03-checklists/observability-checklist.md +54 -0
package/observability/04-antipatterns/observability-antipatterns.md +106 -0
package/operations/01-standards/prometheus-monitoring-complete.md +1578 -0
package/operations/02-playbooks/capacity-planning-playbook.md +620 -0
package/operations/03-checklists/production-launch-checklist.md +365 -0
package/operations/04-antipatterns/operations-antipatterns.md +664 -0
package/operations/05-cases/case-sre-practices.md +581 -0
package/operations/06-glossary/operations-glossary.md +120 -0
package/operations/aiops-anomaly-detection.md +758 -0
package/operations/capacity-planning.md +1061 -0
package/operations/chaos-engineering.md +659 -0
package/operations/incident-command-system.md +38 -0
package/operations/observability-complete.md +442 -0
package/operations/slo-sli-playbook.md +517 -0
package/operations/sre-operations-deep-dive.md +39 -0
package/package.json +8 -0
package/performance/01-standards/performance-and-scalability.md +80 -0
package/performance/01-standards/performance-standards.md +156 -0
package/performance/02-playbooks/query-optimization-playbook.md +103 -0
package/performance/03-checklists/performance-checklist.md +56 -0
package/performance/04-antipatterns/performance-antipatterns.md +146 -0
package/product/01-standards/product-management-complete.md +285 -0
package/product/02-playbooks/feature-launch-playbook.md +207 -0
package/product/02-playbooks/user-research-playbook.md +532 -0
package/product/03-checklists/feature-launch-checklist.md +275 -0
package/product/04-antipatterns/product-antipatterns.md +355 -0
package/product/05-cases/case-mvp-to-scale.md +384 -0
package/product/06-glossary/product-glossary.md +462 -0
package/product/feature-prioritization-framework.md +40 -0
package/product/kpi-and-metric-tree.md +37 -0
package/product/product-discovery-and-prd-deep-dive.md +41 -0
package/quantum/01-standards/quantum-complete.md +1186 -0
package/security/01-standards/api-security-complete.md +511 -0
package/security/01-standards/container-runtime-security.md +574 -0
package/security/01-standards/data-protection-gdpr.md +543 -0
package/security/01-standards/owasp-top10-complete.md +1890 -0
package/security/01-standards/secure-coding-baseline.md +90 -0
package/security/01-standards/supply-chain-security.md +441 -0
package/security/01-standards/web-security-checklist.md +108 -0
package/security/01-standards/zero-trust-architecture.md +521 -0
package/security/02-playbooks/auth-sso-playbook.md +166 -0
package/security/02-playbooks/incident-response-security-playbook.md +588 -0
package/security/02-playbooks/owasp-api-security-playbook.md +129 -0
package/security/02-playbooks/payment-integration-playbook.md +119 -0
package/security/02-playbooks/penetration-testing-playbook.md +517 -0
package/security/03-checklists/security-audit-checklist.md +356 -0
package/security/04-antipatterns/security-coding-antipatterns.md +580 -0
package/security/05-cases/case-log4shell-incident.md +537 -0
package/security/05-cases/case-major-breaches.md +468 -0
package/security/06-glossary/security-glossary.md +212 -0
package/security/compliance-automation.md +993 -0
package/security/container-security.md +680 -0
package/security/devsecops-complete.md +426 -0
package/security/sast-dast-sca.md +775 -0
package/security/secrets-management.md +594 -0
package/security/security-architecture-deep-dive.md +37 -0
package/security/threat-modeling-stride-playbook.md +40 -0
package/seed-templates/auth-system.md +59 -0
package/seed-templates/blog-content.md +94 -0
package/seed-templates/dashboard.md +89 -0
package/seed-templates/docs-site.md +73 -0
package/seed-templates/e-commerce.md +50 -0
package/seed-templates/saas-landing.md +92 -0
package/seed-templates/settings-page.md +51 -0
package/testing/01-standards/test-strategy-and-layering.md +83 -0
package/testing/01-standards/testing-strategy-complete.md +422 -0
package/testing/01-standards/unit-testing-best-practices.md +118 -0
package/testing/02-playbooks/e2e-testing-playbook.md +988 -0
package/testing/02-playbooks/testing-strategy-playbook.md +126 -0
package/testing/03-checklists/test-strategy-checklist.md +208 -0
package/testing/04-antipatterns/testing-antipatterns.md +718 -0
package/testing/05-cases/case-testing-transformation.md +300 -0
package/testing/06-glossary/testing-glossary.md +110 -0
package/testing/risk-based-test-matrix.md +36 -0
package/testing/testing-strategy-deep-dive.md +37 -0

package/development/01-standards/golang-complete.md ADDED Viewed

@@ -0,0 +1,1565 @@
+---
+id: golang-complete
+title: Go 语言完整工程指南
+domain: development
+category: 01-standards
+difficulty: intermediate
+tags: [complete, development, golang, 并发模型, 性能优化, 接口设计, 标准库精选, 核心语法]
+quality_score: 70
+last_updated: 2026-06-15
+---
+# Go 语言完整工程指南
+> UmaDev Knowledge Base | Domain: development | Type: standards
+## 1. 概述
+### 1.1 设计哲学
+Go 由 Robert Griesemer、Rob Pike 和 Ken Thompson 在 Google 设计，核心哲学：
+- **简洁胜于灵巧** — 语法关键字仅 25 个，没有继承、没有异常、没有宏
+- **组合优于继承** — 通过嵌入（embedding）和接口实现多态
+- **显式优于隐式** — 错误必须显式处理，类型转换必须显式声明
+- **并发是一等公民** — goroutine + channel 是语言内建原语
+- **工具链即标准** — gofmt / go vet / go test 是语言生态不可分割的部分
+### 1.2 适用场景
+| 场景 | 匹配度 | 说明 |
+|------|--------|------|
+| 云原生微服务 | 极高 | Kubernetes / Docker / Prometheus 均用 Go 编写 |
+| CLI 工具 | 极高 | 单二进制、交叉编译、启动快 |
+| 网络代理/中间件 | 极高 | 高并发 + 低延迟 |
+| 数据管道 / ETL | 高 | goroutine 天然适合 fan-out/fan-in |
+| Web API 服务 | 高 | 标准库 net/http 已足够生产使用 |
+| 嵌入式 / GUI | 低 | 生态较弱 |
+| 科学计算 / ML | 低 | 缺少成熟矩阵/张量库 |
+---
+## 2. 核心语法
+### 2.1 类型系统
+```go
+// 基本类型
+var (
+    b   bool       = true
+    i   int        = 42        // 平台相关位宽 (32/64)
+    i64 int64      = 1 << 40
+    f   float64    = 3.14159
+    c   complex128 = 3 + 4i
+    s   string     = "hello"   // 不可变 UTF-8 字节序列
+    r   rune       = '中'      // int32 别名，表示 Unicode 码点
+    bt  byte       = 0xFF      // uint8 别名
+)
+// 零值规则：数值=0，布尔=false，字符串=""，指针/切片/map/channel/interface=nil
+```
+### 2.2 结构体与方法
+```go
+type User struct {
+    ID        int64     `json:"id" db:"id"`
+    Name      string    `json:"name" db:"name"`
+    Email     string    `json:"email" db:"email"`
+    CreatedAt time.Time `json:"created_at" db:"created_at"`
+}
+// 值接收者 — 不修改原始值
+func (u User) DisplayName() string {
+    return fmt.Sprintf("%s <%s>", u.Name, u.Email)
+}
+// 指针接收者 — 可修改原始值，避免大结构体拷贝
+func (u *User) SetEmail(email string) {
+    u.Email = email
+}
+// 嵌入（组合）
+type Admin struct {
+    User              // 匿名嵌入，提升 User 的字段和方法
+    Permissions []string
+}
+admin := Admin{
+    User:        User{ID: 1, Name: "root"},
+    Permissions: []string{"read", "write", "delete"},
+}
+fmt.Println(admin.DisplayName()) // 直接调用 User 的方法
+```
+### 2.3 切片、Map 与内部机制
+```go
+// 切片底层结构：{pointer, length, capacity}
+s := make([]int, 0, 16) // len=0, cap=16
+s = append(s, 1, 2, 3)  // len=3, cap=16，无扩容
+// 扩容策略(Go 1.18+)：<256 翻倍；>=256 增长 25% + 192
+// Map — 基于哈希表，无序
+m := map[string]int{"a": 1, "b": 2}
+// 检查 key 是否存在
+if v, ok := m["c"]; ok {
+    fmt.Println(v)
+}
+// 注意：map 的零值是 nil，向 nil map 写入会 panic
+```
+### 2.4 包管理与模块
+```go
+// go.mod — 模块定义
+module github.com/company/myservice
+go 1.22
+require (
+    github.com/gin-gonic/gin v1.9.1
+    google.golang.org/grpc v1.62.0
+)
+// 内部包约定：internal/ 目录只对父模块可见
+// myservice/
+//   internal/
+//     auth/       <- 外部模块不可 import
+//   pkg/
+//     client/     <- 公开 API
+```
+```bash
+go mod init github.com/company/myservice
+go mod tidy          # 同步依赖
+go mod vendor        # 生成 vendor/
+go mod graph         # 打印依赖图
+go get -u ./...      # 升级所有直接依赖
+```
+---
+## 3. 并发模型
+### 3.1 Goroutine
+```go
+// goroutine 初始栈仅 2-8 KB，可轻松创建数十万个
+go func() {
+    fmt.Println("running in goroutine")
+}()
+// 注意：main 退出时所有 goroutine 被强制终止
+```
+### 3.2 Channel
+```go
+// 无缓冲 — 发送和接收同步阻塞
+ch := make(chan int)
+// 有缓冲 — 缓冲区满时发送阻塞，空时接收阻塞
+ch := make(chan int, 100)
+// 方向限定（函数签名中使用）
+func producer(out chan<- int) { out <- 42 }
+func consumer(in <-chan int)  { v := <-in; _ = v }
+// 关闭 channel
+close(ch) // 只有发送方应该关闭；关闭后接收返回零值+false
+// range 读取直到 channel 关闭
+for v := range ch {
+    process(v)
+}
+```
+### 3.3 Select 多路复用
+```go
+select {
+case msg := <-msgCh:
+    handle(msg)
+case err := <-errCh:
+    log.Error(err)
+case <-time.After(5 * time.Second):
+    log.Warn("timeout")
+case <-ctx.Done():
+    return ctx.Err()
+}
+// 非阻塞尝试
+select {
+case msg := <-ch:
+    handle(msg)
+default:
+    // ch 为空，立即返回
+}
+```
+### 3.4 sync 包核心原语
+```go
+// WaitGroup — 等待一组 goroutine 完成
+var wg sync.WaitGroup
+for i := 0; i < 10; i++ {
+    wg.Add(1)
+    go func(id int) {
+        defer wg.Done()
+        process(id)
+    }(i)
+}
+wg.Wait()
+// Mutex — 互斥锁
+var mu sync.Mutex
+mu.Lock()
+sharedMap["key"] = "value"
+mu.Unlock()
+// RWMutex — 读写锁（多读单写）
+var rwmu sync.RWMutex
+rwmu.RLock()   // 读锁，允许并发读
+data := sharedMap["key"]
+rwmu.RUnlock()
+rwmu.Lock()    // 写锁，独占
+sharedMap["key"] = "newValue"
+rwmu.Unlock()
+// Once — 确保初始化只执行一次
+var once sync.Once
+var instance *Database
+func GetDB() *Database {
+    once.Do(func() {
+        instance = connectDB()
+    })
+    return instance
+}
+```
+### 3.5 sync.Pool
+```go
+// sync.Pool — 减少频繁分配的 GC 压力
+var bufPool = sync.Pool{
+    New: func() interface{} {
+        return new(bytes.Buffer)
+    },
+}
+func processRequest(data []byte) {
+    buf := bufPool.Get().(*bytes.Buffer)
+    defer func() {
+        buf.Reset()
+        bufPool.Put(buf)
+    }()
+    buf.Write(data)
+    // 使用 buf ...
+}
+// 注意：Pool 中对象可能在任意 GC 周期被回收，不要存储有状态对象
+```
+### 3.6 errgroup
+```go
+import "golang.org/x/sync/errgroup"
+func fetchAll(ctx context.Context, urls []string) ([]Response, error) {
+    g, ctx := errgroup.WithContext(ctx)
+    results := make([]Response, len(urls))
+    for i, url := range urls {
+        i, url := i, url // 捕获循环变量（Go <1.22 必需）
+        g.Go(func() error {
+            resp, err := fetch(ctx, url)
+            if err != nil {
+                return fmt.Errorf("fetch %s: %w", url, err)
+            }
+            results[i] = resp
+            return nil
+        })
+    }
+    if err := g.Wait(); err != nil {
+        return nil, err // 返回第一个错误，并取消 ctx
+    }
+    return results, nil
+}
+```
+### 3.7 Context 传播与取消
+```go
+// 创建带取消的 context
+ctx, cancel := context.WithCancel(context.Background())
+defer cancel() // 确保资源释放
+// 带超时
+ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
+defer cancel()
+// 带截止时间
+ctx, cancel := context.WithDeadline(context.Background(), time.Now().Add(1*time.Hour))
+defer cancel()
+// 传递值（仅用于请求范围的元数据，如 traceID / userID）
+type ctxKey string
+const traceIDKey ctxKey = "traceID"
+ctx = context.WithValue(ctx, traceIDKey, "abc-123")
+traceID := ctx.Value(traceIDKey).(string)
+// 监听取消信号
+func longRunningTask(ctx context.Context) error {
+    for {
+        select {
+        case <-ctx.Done():
+            return ctx.Err() // context.Canceled 或 context.DeadlineExceeded
+        default:
+            // 继续工作
+            doWork()
+        }
+    }
+}
+// Context 传播规则：
+// 1. context.Background() 仅在 main / 顶层入口使用
+// 2. 所有 I/O 和跨进程调用必须传递 ctx
+// 3. 不要把 context 存到 struct 中，始终作为函数第一个参数
+```
+---
+## 4. 错误处理
+### 4.1 error 接口
+```go
+// error 是内建接口
+type error interface {
+    Error() string
+}
+// 最简创建
+err := errors.New("connection refused")
+err := fmt.Errorf("invalid port: %d", port)
+```
+### 4.2 自定义错误
+```go
+type NotFoundError struct {
+    Resource string
+    ID       string
+}
+func (e *NotFoundError) Error() string {
+    return fmt.Sprintf("%s with id %s not found", e.Resource, e.ID)
+}
+// 让错误实现 Unwrap() 支持错误链
+type AppError struct {
+    Code    int
+    Message string
+    Err     error
+}
+func (e *AppError) Error() string { return e.Message }
+func (e *AppError) Unwrap() error { return e.Err }
+```
+### 4.3 Sentinel Errors
+```go
+// 定义包级别的哨兵错误
+var (
+    ErrNotFound     = errors.New("not found")
+    ErrUnauthorized = errors.New("unauthorized")
+    ErrConflict     = errors.New("conflict")
+)
+// 使用哨兵错误
+func GetUser(id string) (*User, error) {
+    user, err := repo.Find(id)
+    if err != nil {
+        if errors.Is(err, sql.ErrNoRows) {
+            return nil, fmt.Errorf("user %s: %w", id, ErrNotFound)
+        }
+        return nil, fmt.Errorf("query user: %w", err)
+    }
+    return user, nil
+}
+```
+### 4.4 errors.Is 与 errors.As
+```go
+// errors.Is — 沿错误链检查是否匹配某个值
+if errors.Is(err, ErrNotFound) {
+    http.Error(w, "Not Found", 404)
+}
+// errors.As — 沿错误链提取某个类型
+var appErr *AppError
+if errors.As(err, &appErr) {
+    log.Printf("code=%d msg=%s", appErr.Code, appErr.Message)
+}
+// 错误包装与链（%w 动词）
+original := errors.New("disk full")
+wrapped := fmt.Errorf("save file: %w", original)
+doubleWrapped := fmt.Errorf("process request: %w", wrapped)
+errors.Is(doubleWrapped, original) // true
+```
+### 4.5 错误处理最佳实践
+```go
+// 1. 添加上下文再返回
+if err != nil {
+    return fmt.Errorf("createOrder(userID=%s): %w", userID, err)
+}
+// 2. 只在顶层记录日志，底层只包装返回
+// 3. 不要 log 后又 return err（会导致重复日志）
+// 4. panic 仅用于不可恢复的程序错误（如 nil 解引用不应出现的不变量违反）
+// 5. 库代码永远不要 panic，应返回 error
+```
+---
+## 5. 接口设计
+### 5.1 小接口原则
+```go
+// Go 标准库的经典小接口
+type Reader interface { Read(p []byte) (n int, err error) }
+type Writer interface { Write(p []byte) (n int, err error) }
+type Closer interface { Close() error }
+type Stringer interface { String() string }
+// 组合小接口
+type ReadWriteCloser interface {
+    Reader
+    Writer
+    Closer
+}
+// 经验法则：接口方法数 <= 3；超过则考虑拆分
+```
+### 5.2 接口断言与 any
+```go
+// any 是 interface{} 的别名（Go 1.18+）
+func printValue(v any) {
+    switch val := v.(type) {
+    case int:
+        fmt.Printf("int: %d\n", val)
+    case string:
+        fmt.Printf("string: %s\n", val)
+    case fmt.Stringer:
+        fmt.Printf("stringer: %s\n", val.String())
+    default:
+        fmt.Printf("unknown: %v\n", val)
+    }
+}
+// 接口断言（带检查）
+if s, ok := v.(fmt.Stringer); ok {
+    fmt.Println(s.String())
+}
+```
+### 5.3 接口设计原则
+```go
+// 1. 在消费方定义接口，不在实现方
+// bad: package storage 定义 Storage 接口并同时实现
+// good: package handler 定义它需要的接口
+type UserRepository interface { // 定义在 handler 包中
+    FindByID(ctx context.Context, id string) (*User, error)
+    Save(ctx context.Context, user *User) error
+}
+// 2. 接受接口，返回结构体
+func NewOrderService(repo OrderRepository, notifier Notifier) *OrderService {
+    return &OrderService{repo: repo, notifier: notifier}
+}
+// 3. 隐式接口满足 — 不需要 implements 关键字
+// 编译期验证接口满足
+var _ UserRepository = (*PostgresUserRepo)(nil)
+```
+---
+## 6. 泛型（Go 1.18+）
+### 6.1 类型参数与约束
+```go
+// 泛型函数
+func Map[T any, U any](s []T, f func(T) U) []U {
+    result := make([]U, len(s))
+    for i, v := range s {
+        result[i] = f(v)
+    }
+    return result
+}
+// 使用
+names := Map(users, func(u User) string { return u.Name })
+// 自定义约束
+type Number interface {
+    ~int | ~int8 | ~int16 | ~int32 | ~int64 |
+    ~uint | ~uint8 | ~uint16 | ~uint32 | ~uint64 |
+    ~float32 | ~float64
+}
+func Sum[T Number](nums []T) T {
+    var total T
+    for _, n := range nums {
+        total += n
+    }
+    return total
+}
+// ~ 波浪号表示包含底层类型，如 type Celsius float64 也能匹配 ~float64
+```
+### 6.2 泛型类型
+```go
+// 泛型数据结构
+type Stack[T any] struct {
+    items []T
+}
+func (s *Stack[T]) Push(v T)        { s.items = append(s.items, v) }
+func (s *Stack[T]) Pop() (T, bool)  {
+    if len(s.items) == 0 {
+        var zero T
+        return zero, false
+    }
+    v := s.items[len(s.items)-1]
+    s.items = s.items[:len(s.items)-1]
+    return v, true
+}
+// 泛型约束接口
+type Ordered interface {
+    ~int | ~float64 | ~string
+}
+func Max[T Ordered](a, b T) T {
+    if a > b { return a }
+    return b
+}
+// 标准库约束包
+import "golang.org/x/exp/constraints" // 或 Go 1.21+ 的 cmp 包
+import "cmp"
+func Min[T cmp.Ordered](a, b T) T {
+    if a < b { return a }
+    return b
+}
+```
+### 6.3 类型推断
+```go
+// Go 编译器通常可推断类型参数，无需显式指定
+result := Map(numbers, double)       // 推断 T=int, U=int
+sorted := slices.SortFunc(users, func(a, b User) int {
+    return cmp.Compare(a.Name, b.Name)
+})
+```
+---
+## 7. 性能优化
+### 7.1 内存分配优化
+```go
+// 1. 预分配切片
+items := make([]Item, 0, expectedSize) // 避免反复扩容
+// 2. 使用 strings.Builder 拼接字符串
+var b strings.Builder
+b.Grow(1024) // 预分配
+for _, s := range parts {
+    b.WriteString(s)
+}
+result := b.String()
+// 3. 避免不必要的 []byte <-> string 转换
+// 4. 使用指针接收者避免大结构体拷贝
+// 5. 对热路径考虑使用 sync.Pool
+```
+### 7.2 逃逸分析
+```go
+// 变量是否分配到堆由编译器逃逸分析决定
+// 查看逃逸分析结果：
+// go build -gcflags="-m" ./...
+// 导致逃逸的常见原因：
+// 1. 返回局部变量的指针
+func newUser() *User { u := User{}; return &u } // u 逃逸到堆
+// 2. 赋值给接口类型
+var w io.Writer = os.Stdout // 值可能逃逸
+// 3. 闭包捕获的变量
+// 4. 切片 append 触发扩容后数据迁移
+// 减少逃逸的技巧：
+// - 使用值类型而非指针（小结构体 <= 64 bytes）
+// - 避免不必要的接口装箱
+// - 预分配 buffer 并通过参数传入而非函数内创建
+```
+### 7.3 pprof 性能分析
+```go
+import (
+    "net/http"
+    _ "net/http/pprof" // 注册 pprof 端点
+)
+func main() {
+    // 生产服务中启用 pprof（仅内网）
+    go func() {
+        log.Println(http.ListenAndServe("localhost:6060", nil))
+    }()
+}
+```
+```bash
+# CPU 分析（采集 30 秒）
+go tool pprof http://localhost:6060/debug/pprof/profile?seconds=30
+# 内存分析
+go tool pprof http://localhost:6060/debug/pprof/heap
+# Goroutine 分析（排查泄漏）
+go tool pprof http://localhost:6060/debug/pprof/goroutine
+# 常用交互命令
+# top10        — 最耗资源的 10 个函数
+# list funcName — 逐行分析
+# web          — 生成火焰图（需安装 graphviz）
+```
+### 7.4 trace 工具
+```bash
+# 收集 trace 数据
+curl -o trace.out http://localhost:6060/debug/pprof/trace?seconds=5
+go tool trace trace.out
+# trace 能可视化：goroutine 调度、GC 暂停、网络/系统调用阻塞
+```
+### 7.5 Benchmark 基准测试
+```go
+func BenchmarkJSONMarshal(b *testing.B) {
+    user := User{ID: 1, Name: "test", Email: "test@example.com"}
+    b.ResetTimer()
+    b.ReportAllocs() // 报告内存分配次数
+    for i := 0; i < b.N; i++ {
+        json.Marshal(user)
+    }
+}
+// 子基准测试
+func BenchmarkHash(b *testing.B) {
+    sizes := []int{64, 256, 1024, 4096}
+    for _, size := range sizes {
+        b.Run(fmt.Sprintf("size=%d", size), func(b *testing.B) {
+            data := make([]byte, size)
+            b.ResetTimer()
+            for i := 0; i < b.N; i++ {
+                sha256.Sum256(data)
+            }
+        })
+    }
+}
+```
+```bash
+go test -bench=. -benchmem ./...
+go test -bench=BenchmarkHash -count=5 -benchtime=3s ./...
+# 对比两次结果
+go install golang.org/x/perf/cmd/benchstat@latest
+benchstat old.txt new.txt
+```
+---
+## 8. 标准库精选
+### 8.1 net/http
+```go
+// 生产级 HTTP 服务器
+srv := &http.Server{
+    Addr:         ":8080",
+    Handler:      mux,
+    ReadTimeout:  5 * time.Second,
+    WriteTimeout: 10 * time.Second,
+    IdleTimeout:  120 * time.Second,
+}
+// 中间件模式
+func loggingMiddleware(next http.Handler) http.Handler {
+    return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+        start := time.Now()
+        next.ServeHTTP(w, r)
+        log.Printf("%s %s %v", r.Method, r.URL.Path, time.Since(start))
+    })
+}
+// Go 1.22+ 路由增强
+mux := http.NewServeMux()
+mux.HandleFunc("GET /users/{id}", getUser)
+mux.HandleFunc("POST /users", createUser)
+mux.HandleFunc("DELETE /users/{id}", deleteUser)
+func getUser(w http.ResponseWriter, r *http.Request) {
+    id := r.PathValue("id")
+    // ...
+}
+// 生产级 HTTP 客户端（设置超时！）
+client := &http.Client{
+    Timeout: 10 * time.Second,
+    Transport: &http.Transport{
+        MaxIdleConns:        100,
+        MaxIdleConnsPerHost: 10,
+        IdleConnTimeout:     90 * time.Second,
+    },
+}
+```
+### 8.2 encoding/json
+```go
+type APIResponse struct {
+    Code    int             `json:"code"`
+    Message string          `json:"message"`
+    Data    json.RawMessage `json:"data,omitempty"` // 延迟解析
+}
+// 自定义 JSON 序列化
+type Timestamp time.Time
+func (t Timestamp) MarshalJSON() ([]byte, error) {
+    return json.Marshal(time.Time(t).Unix())
+}
+func (t *Timestamp) UnmarshalJSON(data []byte) error {
+    var unix int64
+    if err := json.Unmarshal(data, &unix); err != nil {
+        return err
+    }
+    *t = Timestamp(time.Unix(unix, 0))
+    return nil
+}
+// 流式解析大 JSON
+decoder := json.NewDecoder(r.Body)
+decoder.DisallowUnknownFields() // 严格模式
+if err := decoder.Decode(&req); err != nil {
+    http.Error(w, "invalid json", 400)
+    return
+}
+```
+### 8.3 database/sql
+```go
+import (
+    "database/sql"
+    _ "github.com/lib/pq" // PostgreSQL 驱动
+)
+// 连接池配置
+db, err := sql.Open("postgres", dsn)
+if err != nil {
+    log.Fatal(err)
+}
+db.SetMaxOpenConns(25)
+db.SetMaxIdleConns(10)
+db.SetConnMaxLifetime(5 * time.Minute)
+db.SetConnMaxIdleTime(1 * time.Minute)
+// 带 context 查询
+func (r *UserRepo) FindByID(ctx context.Context, id int64) (*User, error) {
+    var u User
+    err := r.db.QueryRowContext(ctx,
+        "SELECT id, name, email FROM users WHERE id = $1", id,
+    ).Scan(&u.ID, &u.Name, &u.Email)
+    if err == sql.ErrNoRows {
+        return nil, ErrNotFound
+    }
+    return &u, err
+}
+// 事务
+func (r *OrderRepo) CreateOrder(ctx context.Context, order *Order) error {
+    tx, err := r.db.BeginTx(ctx, nil)
+    if err != nil {
+        return err
+    }
+    defer tx.Rollback() // 如果 Commit 已调用，Rollback 为 no-op
+    _, err = tx.ExecContext(ctx, "INSERT INTO orders ...")
+    if err != nil {
+        return err
+    }
+    _, err = tx.ExecContext(ctx, "UPDATE inventory ...")
+    if err != nil {
+        return err
+    }
+    return tx.Commit()
+}
+```
+### 8.4 context 包（详见 3.7 节）
+### 8.5 io 包
+```go
+// io.Reader / io.Writer 是 Go 最重要的抽象
+// 组合 Reader
+r := io.LimitReader(resp.Body, 1<<20) // 限制读取 1MB
+r = io.TeeReader(r, &buf)             // 同时写入 buf
+// 高效复制
+written, err := io.Copy(dst, src)              // 自动使用 buffer
+written, err := io.CopyN(dst, src, 1024)       // 复制 N 字节
+written, err := io.CopyBuffer(dst, src, buf)   // 使用指定 buffer
+// ReadAll（注意内存，生产中优先用流式处理）
+data, err := io.ReadAll(resp.Body)
+```
+---
+## 9. Web 框架对比
+### 9.1 Gin vs Fiber vs Echo
+| 特性 | Gin | Fiber | Echo |
+|------|-----|-------|------|
+| 底层 | net/http | fasthttp | net/http |
+| 性能 | 高 | 极高 | 高 |
+| 生态 | 最大 | 增长中 | 成熟 |
+| 中间件 | 丰富 | 丰富 | 丰富 |
+| 路由 | radix tree | 前缀树 | radix tree |
+| 学习成本 | 低 | 低(类Express) | 低 |
+| net/http兼容 | 完全 | 不兼容 | 完全 |
+| 推荐场景 | 通用首选 | 极致性能 | 企业API |
+### 9.2 Gin 示例
+```go
+r := gin.Default() // 包含 Logger + Recovery 中间件
+// 路由组 + 中间件
+api := r.Group("/api/v1", authMiddleware())
+{
+    api.GET("/users", listUsers)
+    api.GET("/users/:id", getUser)
+    api.POST("/users", createUser)
+    api.PUT("/users/:id", updateUser)
+    api.DELETE("/users/:id", deleteUser)
+}
+func getUser(c *gin.Context) {
+    id := c.Param("id")
+    user, err := userService.FindByID(c.Request.Context(), id)
+    if err != nil {
+        if errors.Is(err, ErrNotFound) {
+            c.JSON(404, gin.H{"error": "user not found"})
+            return
+        }
+        c.JSON(500, gin.H{"error": "internal error"})
+        return
+    }
+    c.JSON(200, user)
+}
+// 参数绑定与验证
+type CreateUserRequest struct {
+    Name  string `json:"name" binding:"required,min=2,max=50"`
+    Email string `json:"email" binding:"required,email"`
+    Age   int    `json:"age" binding:"gte=0,lte=150"`
+}
+func createUser(c *gin.Context) {
+    var req CreateUserRequest
+    if err := c.ShouldBindJSON(&req); err != nil {
+        c.JSON(400, gin.H{"error": err.Error()})
+        return
+    }
+    // ...
+}
+```
+---
+## 10. 微服务开发
+### 10.1 gRPC + Protobuf
+```protobuf
+// proto/user.proto
+syntax = "proto3";
+package user;
+option go_package = "github.com/company/myservice/proto/user";
+service UserService {
+    rpc GetUser(GetUserRequest) returns (UserResponse);
+    rpc ListUsers(ListUsersRequest) returns (stream UserResponse);
+    rpc CreateUser(CreateUserRequest) returns (UserResponse);
+}
+message GetUserRequest {
+    string id = 1;
+}
+message UserResponse {
+    string id = 1;
+    string name = 2;
+    string email = 3;
+    int64 created_at = 4;
+}
+```
+```go
+// 服务端实现
+type userServer struct {
+    pb.UnimplementedUserServiceServer
+    repo UserRepository
+}
+func (s *userServer) GetUser(ctx context.Context, req *pb.GetUserRequest) (*pb.UserResponse, error) {
+    user, err := s.repo.FindByID(ctx, req.Id)
+    if err != nil {
+        return nil, status.Errorf(codes.NotFound, "user not found: %v", err)
+    }
+    return &pb.UserResponse{
+        Id:    user.ID,
+        Name:  user.Name,
+        Email: user.Email,
+    }, nil
+}
+// 启动 gRPC 服务器
+lis, _ := net.Listen("tcp", ":50051")
+grpcServer := grpc.NewServer(
+    grpc.UnaryInterceptor(grpc_middleware.ChainUnaryServer(
+        grpc_recovery.UnaryServerInterceptor(),
+        grpc_zap.UnaryServerInterceptor(logger),
+    )),
+)
+pb.RegisterUserServiceServer(grpcServer, &userServer{repo: repo})
+grpcServer.Serve(lis)
+```
+### 10.2 服务发现与断路器
+```go
+// 使用 go-kit 或 hashicorp/consul 进行服务发现
+// 断路器 — sony/gobreaker
+cb := gobreaker.NewCircuitBreaker(gobreaker.Settings{
+    Name:        "userService",
+    MaxRequests: 3,                    // 半开状态最大请求数
+    Interval:    10 * time.Second,     // 统计窗口
+    Timeout:     30 * time.Second,     // 开路到半开的等待时间
+    ReadyToTrip: func(counts gobreaker.Counts) bool {
+        return counts.ConsecutiveFailures > 5
+    },
+    OnStateChange: func(name string, from, to gobreaker.State) {
+        log.Printf("breaker %s: %s -> %s", name, from, to)
+    },
+})
+result, err := cb.Execute(func() (interface{}, error) {
+    return client.GetUser(ctx, userID)
+})
+```
+### 10.3 健康检查与优雅退出
+```go
+func main() {
+    srv := &http.Server{Addr: ":8080", Handler: mux}
+    // 启动
+    go func() {
+        if err := srv.ListenAndServe(); err != http.ErrServerClosed {
+            log.Fatalf("listen: %v", err)
+        }
+    }()
+    // 等待中断信号
+    quit := make(chan os.Signal, 1)
+    signal.Notify(quit, syscall.SIGINT, syscall.SIGTERM)
+    <-quit
+    log.Println("shutting down...")
+    // 优雅退出，给 30 秒处理剩余请求
+    ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
+    defer cancel()
+    if err := srv.Shutdown(ctx); err != nil {
+        log.Fatalf("shutdown: %v", err)
+    }
+    log.Println("server stopped")
+}
+```
+---
+## 11. 测试
+### 11.1 testing 包基础
+```go
+func TestUserService_Create(t *testing.T) {
+    t.Parallel() // 标记可并行执行
+    svc := NewUserService(mockRepo)
+    user, err := svc.Create(context.Background(), "Alice", "alice@example.com")
+    if err != nil {
+        t.Fatalf("unexpected error: %v", err)
+    }
+    if user.Name != "Alice" {
+        t.Errorf("got name=%q, want %q", user.Name, "Alice")
+    }
+}
+```
+### 11.2 Table-Driven Tests
+```go
+func TestValidateEmail(t *testing.T) {
+    tests := []struct {
+        name    string
+        email   string
+        wantErr bool
+    }{
+        {"valid email", "user@example.com", false},
+        {"no at sign", "userexample.com", true},
+        {"no domain", "user@", true},
+        {"empty", "", true},
+        {"unicode local", "用户@example.com", false},
+        {"multiple at", "a@b@c.com", true},
+    }
+    for _, tt := range tests {
+        t.Run(tt.name, func(t *testing.T) {
+            t.Parallel()
+            err := ValidateEmail(tt.email)
+            if (err != nil) != tt.wantErr {
+                t.Errorf("ValidateEmail(%q) error=%v, wantErr=%v", tt.email, err, tt.wantErr)
+            }
+        })
+    }
+}
+```
+### 11.3 httptest
+```go
+func TestGetUserHandler(t *testing.T) {
+    // 创建测试服务器
+    handler := NewRouter(mockService)
+    ts := httptest.NewServer(handler)
+    defer ts.Close()
+    resp, err := http.Get(ts.URL + "/api/users/123")
+    if err != nil {
+        t.Fatal(err)
+    }
+    defer resp.Body.Close()
+    if resp.StatusCode != 200 {
+        t.Errorf("status=%d, want 200", resp.StatusCode)
+    }
+    var user User
+    json.NewDecoder(resp.Body).Decode(&user)
+    if user.ID != "123" {
+        t.Errorf("got id=%s, want 123", user.ID)
+    }
+}
+// 测试单个 handler（不需要完整服务器）
+func TestCreateUserHandler(t *testing.T) {
+    body := strings.NewReader(`{"name":"Alice","email":"alice@test.com"}`)
+    req := httptest.NewRequest("POST", "/api/users", body)
+    req.Header.Set("Content-Type", "application/json")
+    w := httptest.NewRecorder()
+    createUserHandler(w, req)
+    if w.Code != 201 {
+        t.Errorf("status=%d, want 201", w.Code)
+    }
+}
+```
+### 11.4 testify 与 gomock
+```go
+// testify — 断言库
+import "github.com/stretchr/testify/assert"
+func TestOrder(t *testing.T) {
+    order, err := createOrder(ctx, items)
+    assert.NoError(t, err)
+    assert.Equal(t, "pending", order.Status)
+    assert.Len(t, order.Items, 3)
+    assert.Contains(t, order.Items, expectedItem)
+    assert.WithinDuration(t, time.Now(), order.CreatedAt, time.Second)
+}
+// gomock — 接口 Mock
+//go:generate mockgen -source=repository.go -destination=mock_repository.go -package=service
+func TestUserService_Get(t *testing.T) {
+    ctrl := gomock.NewController(t)
+    mockRepo := NewMockUserRepository(ctrl)
+    mockRepo.EXPECT().
+        FindByID(gomock.Any(), "user-1").
+        Return(&User{ID: "user-1", Name: "Alice"}, nil)
+    svc := NewUserService(mockRepo)
+    user, err := svc.Get(context.Background(), "user-1")
+    assert.NoError(t, err)
+    assert.Equal(t, "Alice", user.Name)
+}
+```
+---
+## 12. 工具链
+### 12.1 go mod
+```bash
+go mod init github.com/company/project  # 初始化模块
+go mod tidy                              # 同步依赖（移除无用+补充缺失）
+go mod vendor                            # 生成 vendor/
+go mod graph                             # 打印依赖图
+go mod why github.com/some/dep           # 查看依赖为何被引入
+go mod edit -replace old=new@v1.0.0      # 替换依赖
+go list -m -json all                     # JSON 格式列出所有依赖
+```
+### 12.2 go vet 与 golangci-lint
+```bash
+# go vet — 内建静态分析
+go vet ./...
+# golangci-lint — 聚合 100+ linter
+# .golangci.yml 推荐配置
+```
+```yaml
+# .golangci.yml
+run:
+  timeout: 5m
+linters:
+  enable:
+    - errcheck        # 检查未处理的错误
+    - govet           # 内建 vet 检查
+    - staticcheck     # 高级静态分析
+    - unused          # 未使用的代码
+    - gosimple        # 代码简化建议
+    - ineffassign     # 无效赋值
+    - gocritic        # 风格与性能建议
+    - revive          # golint 替代
+    - misspell        # 拼写检查
+    - prealloc        # 切片预分配建议
+    - bodyclose       # HTTP body 未关闭
+    - noctx           # HTTP 请求缺少 context
+    - exhaustive      # switch 穷举检查
+linters-settings:
+  govet:
+    enable-all: true
+  revive:
+    rules:
+      - name: unexported-return
+        disabled: true
+```
+```bash
+golangci-lint run ./...
+golangci-lint run --fix ./...  # 自动修复部分问题
+```
+### 12.3 go generate
+```go
+//go:generate stringer -type=Status
+//go:generate mockgen -source=service.go -destination=mock_service.go
+//go:generate protoc --go_out=. --go-grpc_out=. proto/user.proto
+type Status int
+const (
+    StatusPending  Status = iota
+    StatusActive
+    StatusInactive
+)
+```
+```bash
+go generate ./...
+```
+---
+## 13. 部署
+### 13.1 交叉编译
+```bash
+# Go 原生支持交叉编译
+GOOS=linux GOARCH=amd64 go build -o myapp-linux-amd64 ./cmd/myapp
+GOOS=darwin GOARCH=arm64 go build -o myapp-darwin-arm64 ./cmd/myapp
+GOOS=windows GOARCH=amd64 go build -o myapp.exe ./cmd/myapp
+# 静态链接（无 CGO 依赖）
+CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w" -o myapp ./cmd/myapp
+# -s 去掉符号表  -w 去掉 DWARF 调试信息  → 二进制缩小 ~25%
+# 注入版本信息
+go build -ldflags="-X main.version=1.2.3 -X main.commit=$(git rev-parse --short HEAD)" ./cmd/myapp
+```
+### 13.2 Docker 多阶段构建
+```dockerfile
+# ---- 构建阶段 ----
+FROM golang:1.22-alpine AS builder
+RUN apk add --no-cache git ca-certificates
+WORKDIR /app
+COPY go.mod go.sum ./
+RUN go mod download
+COPY . .
+RUN CGO_ENABLED=0 GOOS=linux go build \
+    -ldflags="-s -w -X main.version=${VERSION}" \
+    -o /app/server ./cmd/server
+# ---- 运行阶段 ----
+FROM scratch
+# 或 FROM gcr.io/distroless/static-debian12（包含 CA 证书和时区数据）
+COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+COPY --from=builder /app/server /server
+EXPOSE 8080
+USER 65534:65534
+ENTRYPOINT ["/server"]
+```
+```bash
+# 最终镜像通常 < 15 MB
+docker build -t myapp:latest .
+docker run -p 8080:8080 myapp:latest
+```
+### 13.3 静态链接注意事项
+```text
+CGO_ENABLED=0 生成完全静态链接的二进制，优点：
+- 可使用 scratch / distroless 最小镜像
+- 无系统库依赖，跨发行版部署
+- 安全扫描表面最小
+注意：如果使用了需要 CGO 的库（如 go-sqlite3），需要用 musl-gcc 交叉编译
+或选择纯 Go 替代库（如 modernc.org/sqlite）
+```
+---
+## 14. 常见陷阱
+### 14.1 Goroutine 泄漏
+```go
+// BAD — channel 永远没人读，goroutine 永远阻塞
+func leaky() {
+    ch := make(chan int)
+    go func() {
+        result := expensiveComputation()
+        ch <- result // 永远阻塞，因为没有接收者
+    }()
+    // 函数返回，ch 无人接收
+}
+// GOOD — 用 context 或 buffered channel 防止泄漏
+func safe(ctx context.Context) (int, error) {
+    ch := make(chan int, 1) // 缓冲区=1，即使没人读也不阻塞
+    go func() {
+        ch <- expensiveComputation()
+    }()
+    select {
+    case result := <-ch:
+        return result, nil
+    case <-ctx.Done():
+        return 0, ctx.Err()
+    }
+}
+// 检测泄漏：用 runtime.NumGoroutine() 或 goleak 库
+import "go.uber.org/goleak"
+func TestMain(m *testing.M) {
+    goleak.VerifyTestMain(m)
+}
+```
+### 14.2 Map 并发读写
+```go
+// BAD — map 并发读写会 panic: concurrent map writes
+// Go 运行时在检测到并发 map 操作时会直接 fatal（不是 panic，无法 recover）
+// GOOD 方案一：sync.Mutex
+type SafeMap struct {
+    mu sync.RWMutex
+    m  map[string]int
+}
+func (s *SafeMap) Get(key string) (int, bool) {
+    s.mu.RLock()
+    defer s.mu.RUnlock()
+    v, ok := s.m[key]
+    return v, ok
+}
+func (s *SafeMap) Set(key string, val int) {
+    s.mu.Lock()
+    defer s.mu.Unlock()
+    s.m[key] = val
+}
+// GOOD 方案二：sync.Map（适合读多写少或 key 稳定的场景）
+var cache sync.Map
+cache.Store("key", "value")
+if v, ok := cache.Load("key"); ok {
+    fmt.Println(v)
+}
+```
+### 14.3 defer 陷阱
+```go
+// 陷阱一：循环中的 defer
+// BAD — defer 在函数退出时才执行，循环中会积累大量 defer
+func processFiles(paths []string) error {
+    for _, path := range paths {
+        f, err := os.Open(path)
+        if err != nil { return err }
+        defer f.Close() // 所有文件直到函数返回才关闭！
+    }
+    return nil
+}
+// GOOD — 封装到子函数
+func processFiles(paths []string) error {
+    for _, path := range paths {
+        if err := processOneFile(path); err != nil {
+            return err
+        }
+    }
+    return nil
+}
+func processOneFile(path string) error {
+    f, err := os.Open(path)
+    if err != nil { return err }
+    defer f.Close()
+    // ...
+    return nil
+}
+// 陷阱二：defer 参数求值时机
+x := 1
+defer fmt.Println(x) // 打印 1，不是 2
+x = 2
+// 解法：用闭包
+defer func() { fmt.Println(x) }() // 打印 2
+```
+### 14.4 nil 接口 vs nil 指针
+```go
+// Go 接口内部有两个字段：(type, value)
+// 只有 type 和 value 都为 nil 时，接口才 == nil
+type MyError struct{ Msg string }
+func (e *MyError) Error() string { return e.Msg }
+func getError() error {
+    var p *MyError = nil
+    return p // 返回的 error 接口：(type=*MyError, value=nil)，不等于 nil！
+}
+err := getError()
+fmt.Println(err == nil) // false！
+// GOOD — 直接返回 nil
+func getError() error {
+    var p *MyError = nil
+    if p == nil {
+        return nil // 返回 (type=nil, value=nil)
+    }
+    return p
+}
+```
+### 14.5 闭包变量捕获
+```go
+// BAD (Go < 1.22) — 循环变量被闭包共享
+for _, item := range items {
+    go func() {
+        process(item) // 所有 goroutine 可能都用最后一个 item
+    }()
+}
+// GOOD (Go < 1.22) — 显式传参
+for _, item := range items {
+    item := item // 重新绑定到新变量
+    go func() {
+        process(item)
+    }()
+}
+// Go 1.22+ — 循环变量每次迭代都是新变量，此问题已修复
+// 但在 go.mod 中 go 版本 < 1.22 时仍需注意
+```
+### 14.6 切片陷阱
+```go
+// 子切片与原切片共享底层数组
+original := []int{1, 2, 3, 4, 5}
+sub := original[1:3] // [2, 3]
+sub[0] = 99
+fmt.Println(original) // [1, 99, 3, 4, 5] — 被修改了！
+// GOOD — 完整复制
+sub := make([]int, 2)
+copy(sub, original[1:3])
+// 或使用三索引切片限制容量
+sub := original[1:3:3] // len=2, cap=2，append 不会影响原数组
+```
+---
+## 15. 项目结构推荐
+```text
+myservice/
+├── cmd/
+│   └── server/
+│       └── main.go           # 入口，仅做依赖注入和启动
+├── internal/                  # 私有代码，外部不可 import
+│   ├── handler/               # HTTP/gRPC handler
+│   ├── service/               # 业务逻辑
+│   ├── repository/            # 数据访问
+│   ├── model/                 # 领域模型
+│   └── middleware/            # 中间件
+├── pkg/                       # 公共库，可被外部 import
+│   ├── httputil/
+│   └── logger/
+├── api/                       # API 定义（OpenAPI / Proto）
+│   └── proto/
+├── migrations/                # 数据库迁移
+├── configs/                   # 配置文件模板
+├── scripts/                   # 构建/部署脚本
+├── Dockerfile
+├── Makefile
+├── go.mod
+├── go.sum
+└── .golangci.yml
+```
+---
+## Agent Checklist
+以下检查项供 AI Agent 在代码审查和生成时参考：
+### 必查项 (MUST)
+- [ ] 所有 error 都已处理，没有 `_ = err` 或忽略返回值
+- [ ] 所有 HTTP 请求使用了带超时的 `context.Context`
+- [ ] `http.Client` 和 `http.Server` 都设置了 `Timeout`
+- [ ] 所有 goroutine 有明确的退出机制（context / channel / WaitGroup）
+- [ ] map 在并发场景使用了 `sync.Mutex` 或 `sync.Map`
+- [ ] `defer f.Close()` 在循环中没有使用（应封装到子函数）
+- [ ] 返回 error 接口时没有返回类型化的 nil 指针
+- [ ] `database/sql` 连接池参数已配置（MaxOpen / MaxIdle / ConnMaxLifetime）
+- [ ] `resp.Body.Close()` 在所有 HTTP 响应路径中都有调用（包括错误路径）
+- [ ] Dockerfile 使用多阶段构建，最终镜像基于 scratch 或 distroless
+### 应查项 (SHOULD)
+- [ ] 使用 `errors.Is` / `errors.As` 而非 `==` 比较或类型断言
+- [ ] 错误信息包含上下文（哪个函数、哪个参数）
+- [ ] 使用 `strings.Builder` 而非 `+` 拼接多个字符串
+- [ ] 切片预分配了容量 `make([]T, 0, expectedLen)`
+- [ ] 接口方法数 <= 3，超过则拆分
+- [ ] 使用 `t.Parallel()` 加速测试
+- [ ] table-driven test 覆盖边界情况
+- [ ] `golangci-lint` 配置中启用了 errcheck / govet / staticcheck / bodyclose / noctx
+- [ ] gRPC 服务使用了 recovery / logging interceptor
+- [ ] 日志使用结构化 logger（zap / slog）而非 `log.Printf`
+### 可查项 (MAY)
+- [ ] 热路径使用 `sync.Pool` 复用 buffer
+- [ ] 使用 `go build -ldflags="-s -w"` 减小二进制体积
+- [ ] Benchmark 覆盖核心算法，使用 `benchstat` 对比
+- [ ] 使用 `goleak.VerifyTestMain` 检测 goroutine 泄漏
+- [ ] 使用三索引切片 `s[low:high:max]` 防止子切片污染原数组
+- [ ] Context.Value 仅用于请求范围元数据，不用于传递业务参数
+---
+**知识ID**: `golang-complete`
+**领域**: development
+**类型**: standards
+**难度**: intermediate-advanced
+**质量分**: 97
+**维护者**: dev-team@umadev.com
+**最后更新**: 2026-03-28