claude-code-pilot 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +151 -0
- package/bin/install.js +431 -0
- package/docs/agent-guides/architecture.md +107 -0
- package/ecc/agents/architect.md +211 -0
- package/ecc/agents/code-reviewer.md +237 -0
- package/ecc/agents/doc-updater.md +107 -0
- package/ecc/agents/e2e-runner.md +107 -0
- package/ecc/agents/security-reviewer.md +108 -0
- package/ecc/agents/tdd-guide.md +91 -0
- package/ecc/commands/checkpoint.md +74 -0
- package/ecc/commands/evolve.md +178 -0
- package/ecc/commands/learn.md +70 -0
- package/ecc/commands/model-route.md +26 -0
- package/ecc/commands/quality-gate.md +29 -0
- package/ecc/commands/resume-session.md +155 -0
- package/ecc/commands/save-session.md +275 -0
- package/ecc/commands/sessions.md +305 -0
- package/ecc/commands/verify.md +59 -0
- package/ecc/contexts/dev.md +20 -0
- package/ecc/contexts/research.md +26 -0
- package/ecc/contexts/review.md +22 -0
- package/ecc/examples/CLAUDE.md +100 -0
- package/ecc/examples/django-api-CLAUDE.md +308 -0
- package/ecc/examples/go-microservice-CLAUDE.md +267 -0
- package/ecc/examples/rust-api-CLAUDE.md +285 -0
- package/ecc/examples/saas-nextjs-CLAUDE.md +166 -0
- package/ecc/examples/user-CLAUDE.md +109 -0
- package/ecc/rules/common/agents.md +49 -0
- package/ecc/rules/common/coding-style.md +48 -0
- package/ecc/rules/common/development-workflow.md +37 -0
- package/ecc/rules/common/git-workflow.md +24 -0
- package/ecc/rules/common/hooks.md +30 -0
- package/ecc/rules/common/patterns.md +31 -0
- package/ecc/rules/common/performance.md +55 -0
- package/ecc/rules/common/security.md +29 -0
- package/ecc/rules/common/testing.md +29 -0
- package/ecc/rules/golang/coding-style.md +32 -0
- package/ecc/rules/golang/hooks.md +17 -0
- package/ecc/rules/golang/patterns.md +45 -0
- package/ecc/rules/golang/security.md +34 -0
- package/ecc/rules/golang/testing.md +31 -0
- package/ecc/rules/kotlin/coding-style.md +86 -0
- package/ecc/rules/kotlin/patterns.md +146 -0
- package/ecc/rules/kotlin/security.md +82 -0
- package/ecc/rules/kotlin/testing.md +128 -0
- package/ecc/rules/perl/coding-style.md +46 -0
- package/ecc/rules/perl/hooks.md +22 -0
- package/ecc/rules/perl/patterns.md +76 -0
- package/ecc/rules/perl/security.md +69 -0
- package/ecc/rules/perl/testing.md +54 -0
- package/ecc/rules/php/coding-style.md +35 -0
- package/ecc/rules/php/hooks.md +24 -0
- package/ecc/rules/php/patterns.md +32 -0
- package/ecc/rules/php/security.md +33 -0
- package/ecc/rules/php/testing.md +34 -0
- package/ecc/rules/python/coding-style.md +42 -0
- package/ecc/rules/python/hooks.md +19 -0
- package/ecc/rules/python/patterns.md +39 -0
- package/ecc/rules/python/security.md +30 -0
- package/ecc/rules/python/testing.md +38 -0
- package/ecc/rules/swift/coding-style.md +47 -0
- package/ecc/rules/swift/hooks.md +20 -0
- package/ecc/rules/swift/patterns.md +66 -0
- package/ecc/rules/swift/security.md +33 -0
- package/ecc/rules/swift/testing.md +45 -0
- package/ecc/rules/typescript/coding-style.md +199 -0
- package/ecc/rules/typescript/hooks.md +22 -0
- package/ecc/rules/typescript/patterns.md +52 -0
- package/ecc/rules/typescript/security.md +28 -0
- package/ecc/rules/typescript/testing.md +18 -0
- package/ecc/scripts/hooks/check-hook-enabled.js +12 -0
- package/ecc/scripts/hooks/evaluate-session.js +100 -0
- package/ecc/scripts/hooks/pre-compact.js +48 -0
- package/ecc/scripts/hooks/run-with-flags-shell.sh +32 -0
- package/ecc/scripts/hooks/run-with-flags.js +120 -0
- package/ecc/scripts/hooks/session-end-marker.js +15 -0
- package/ecc/scripts/hooks/session-end.js +258 -0
- package/ecc/scripts/hooks/session-start.js +97 -0
- package/ecc/scripts/hooks/suggest-compact.js +80 -0
- package/ecc/scripts/lib/hook-flags.js +74 -0
- package/ecc/scripts/lib/package-manager.d.ts +119 -0
- package/ecc/scripts/lib/package-manager.js +431 -0
- package/ecc/scripts/lib/project-detect.js +428 -0
- package/ecc/scripts/lib/resolve-formatter.js +185 -0
- package/ecc/scripts/lib/session-aliases.d.ts +136 -0
- package/ecc/scripts/lib/session-aliases.js +481 -0
- package/ecc/scripts/lib/session-manager.d.ts +131 -0
- package/ecc/scripts/lib/session-manager.js +444 -0
- package/ecc/scripts/lib/shell-split.js +86 -0
- package/ecc/scripts/lib/utils.d.ts +183 -0
- package/ecc/scripts/lib/utils.js +543 -0
- package/ecc/skills/continuous-learning-v2/SKILL.md +365 -0
- package/ecc/skills/continuous-learning-v2/agents/observer-loop.sh +144 -0
- package/ecc/skills/continuous-learning-v2/agents/observer.md +198 -0
- package/ecc/skills/continuous-learning-v2/agents/start-observer.sh +194 -0
- package/ecc/skills/continuous-learning-v2/config.json +8 -0
- package/ecc/skills/continuous-learning-v2/hooks/observe.sh +246 -0
- package/ecc/skills/continuous-learning-v2/scripts/detect-project.sh +218 -0
- package/ecc/skills/continuous-learning-v2/scripts/instinct-cli.py +1148 -0
- package/ecc/skills/continuous-learning-v2/scripts/test_parse_instinct.py +984 -0
- package/ecc/skills/strategic-compact/SKILL.md +103 -0
- package/ecc/skills/strategic-compact/suggest-compact.sh +54 -0
- package/ecc/skills/verification-loop-SKILL.md +126 -0
- package/gsd/LICENSE +21 -0
- package/gsd/agents/gsd-codebase-mapper.md +772 -0
- package/gsd/agents/gsd-debugger.md +1257 -0
- package/gsd/agents/gsd-executor.md +489 -0
- package/gsd/agents/gsd-integration-checker.md +445 -0
- package/gsd/agents/gsd-nyquist-auditor.md +178 -0
- package/gsd/agents/gsd-phase-researcher.md +555 -0
- package/gsd/agents/gsd-plan-checker.md +708 -0
- package/gsd/agents/gsd-planner.md +1309 -0
- package/gsd/agents/gsd-project-researcher.md +631 -0
- package/gsd/agents/gsd-research-synthesizer.md +249 -0
- package/gsd/agents/gsd-roadmapper.md +652 -0
- package/gsd/agents/gsd-verifier.md +581 -0
- package/gsd/commands-gsd/add-phase.md +43 -0
- package/gsd/commands-gsd/add-tests.md +41 -0
- package/gsd/commands-gsd/add-todo.md +47 -0
- package/gsd/commands-gsd/audit-milestone.md +36 -0
- package/gsd/commands-gsd/check-todos.md +45 -0
- package/gsd/commands-gsd/cleanup.md +18 -0
- package/gsd/commands-gsd/complete-milestone.md +136 -0
- package/gsd/commands-gsd/debug.md +168 -0
- package/gsd/commands-gsd/discuss-phase.md +90 -0
- package/gsd/commands-gsd/execute-phase.md +41 -0
- package/gsd/commands-gsd/health.md +22 -0
- package/gsd/commands-gsd/help.md +22 -0
- package/gsd/commands-gsd/insert-phase.md +32 -0
- package/gsd/commands-gsd/join-discord.md +18 -0
- package/gsd/commands-gsd/list-phase-assumptions.md +46 -0
- package/gsd/commands-gsd/map-codebase.md +71 -0
- package/gsd/commands-gsd/new-milestone.md +44 -0
- package/gsd/commands-gsd/new-project.md +42 -0
- package/gsd/commands-gsd/pause-work.md +38 -0
- package/gsd/commands-gsd/plan-milestone-gaps.md +34 -0
- package/gsd/commands-gsd/plan-phase.md +45 -0
- package/gsd/commands-gsd/progress.md +24 -0
- package/gsd/commands-gsd/quick.md +45 -0
- package/gsd/commands-gsd/reapply-patches.md +123 -0
- package/gsd/commands-gsd/remove-phase.md +31 -0
- package/gsd/commands-gsd/research-phase.md +190 -0
- package/gsd/commands-gsd/resume-work.md +40 -0
- package/gsd/commands-gsd/set-profile.md +34 -0
- package/gsd/commands-gsd/settings.md +36 -0
- package/gsd/commands-gsd/update.md +37 -0
- package/gsd/commands-gsd/validate-phase.md +35 -0
- package/gsd/commands-gsd/verify-work.md +38 -0
- package/gsd/get-shit-done/bin/gsd-tools.cjs +592 -0
- package/gsd/get-shit-done/bin/lib/commands.cjs +548 -0
- package/gsd/get-shit-done/bin/lib/config.cjs +169 -0
- package/gsd/get-shit-done/bin/lib/core.cjs +492 -0
- package/gsd/get-shit-done/bin/lib/frontmatter.cjs +299 -0
- package/gsd/get-shit-done/bin/lib/init.cjs +710 -0
- package/gsd/get-shit-done/bin/lib/milestone.cjs +241 -0
- package/gsd/get-shit-done/bin/lib/phase.cjs +901 -0
- package/gsd/get-shit-done/bin/lib/roadmap.cjs +298 -0
- package/gsd/get-shit-done/bin/lib/state.cjs +721 -0
- package/gsd/get-shit-done/bin/lib/template.cjs +222 -0
- package/gsd/get-shit-done/bin/lib/verify.cjs +820 -0
- package/gsd/get-shit-done/references/checkpoints.md +776 -0
- package/gsd/get-shit-done/references/continuation-format.md +249 -0
- package/gsd/get-shit-done/references/decimal-phase-calculation.md +65 -0
- package/gsd/get-shit-done/references/git-integration.md +248 -0
- package/gsd/get-shit-done/references/git-planning-commit.md +38 -0
- package/gsd/get-shit-done/references/model-profile-resolution.md +34 -0
- package/gsd/get-shit-done/references/model-profiles.md +93 -0
- package/gsd/get-shit-done/references/phase-argument-parsing.md +61 -0
- package/gsd/get-shit-done/references/planning-config.md +200 -0
- package/gsd/get-shit-done/references/questioning.md +162 -0
- package/gsd/get-shit-done/references/tdd.md +263 -0
- package/gsd/get-shit-done/references/ui-brand.md +160 -0
- package/gsd/get-shit-done/references/verification-patterns.md +612 -0
- package/gsd/get-shit-done/templates/DEBUG.md +164 -0
- package/gsd/get-shit-done/templates/UAT.md +247 -0
- package/gsd/get-shit-done/templates/VALIDATION.md +76 -0
- package/gsd/get-shit-done/templates/codebase/architecture.md +255 -0
- package/gsd/get-shit-done/templates/codebase/concerns.md +310 -0
- package/gsd/get-shit-done/templates/codebase/conventions.md +307 -0
- package/gsd/get-shit-done/templates/codebase/integrations.md +280 -0
- package/gsd/get-shit-done/templates/codebase/stack.md +186 -0
- package/gsd/get-shit-done/templates/codebase/structure.md +285 -0
- package/gsd/get-shit-done/templates/codebase/testing.md +480 -0
- package/gsd/get-shit-done/templates/config.json +37 -0
- package/gsd/get-shit-done/templates/context.md +297 -0
- package/gsd/get-shit-done/templates/continue-here.md +78 -0
- package/gsd/get-shit-done/templates/debug-subagent-prompt.md +91 -0
- package/gsd/get-shit-done/templates/discovery.md +146 -0
- package/gsd/get-shit-done/templates/milestone-archive.md +123 -0
- package/gsd/get-shit-done/templates/milestone.md +115 -0
- package/gsd/get-shit-done/templates/phase-prompt.md +569 -0
- package/gsd/get-shit-done/templates/planner-subagent-prompt.md +117 -0
- package/gsd/get-shit-done/templates/project.md +184 -0
- package/gsd/get-shit-done/templates/requirements.md +231 -0
- package/gsd/get-shit-done/templates/research-project/ARCHITECTURE.md +204 -0
- package/gsd/get-shit-done/templates/research-project/FEATURES.md +147 -0
- package/gsd/get-shit-done/templates/research-project/PITFALLS.md +200 -0
- package/gsd/get-shit-done/templates/research-project/STACK.md +120 -0
- package/gsd/get-shit-done/templates/research-project/SUMMARY.md +170 -0
- package/gsd/get-shit-done/templates/research.md +552 -0
- package/gsd/get-shit-done/templates/retrospective.md +54 -0
- package/gsd/get-shit-done/templates/roadmap.md +202 -0
- package/gsd/get-shit-done/templates/state.md +176 -0
- package/gsd/get-shit-done/templates/summary-complex.md +59 -0
- package/gsd/get-shit-done/templates/summary-minimal.md +41 -0
- package/gsd/get-shit-done/templates/summary-standard.md +48 -0
- package/gsd/get-shit-done/templates/summary.md +248 -0
- package/gsd/get-shit-done/templates/user-setup.md +311 -0
- package/gsd/get-shit-done/templates/verification-report.md +322 -0
- package/gsd/get-shit-done/workflows/add-phase.md +112 -0
- package/gsd/get-shit-done/workflows/add-tests.md +351 -0
- package/gsd/get-shit-done/workflows/add-todo.md +158 -0
- package/gsd/get-shit-done/workflows/audit-milestone.md +332 -0
- package/gsd/get-shit-done/workflows/check-todos.md +177 -0
- package/gsd/get-shit-done/workflows/cleanup.md +152 -0
- package/gsd/get-shit-done/workflows/complete-milestone.md +764 -0
- package/gsd/get-shit-done/workflows/diagnose-issues.md +219 -0
- package/gsd/get-shit-done/workflows/discovery-phase.md +289 -0
- package/gsd/get-shit-done/workflows/discuss-phase.md +676 -0
- package/gsd/get-shit-done/workflows/execute-phase.md +459 -0
- package/gsd/get-shit-done/workflows/execute-plan.md +449 -0
- package/gsd/get-shit-done/workflows/health.md +159 -0
- package/gsd/get-shit-done/workflows/help.md +489 -0
- package/gsd/get-shit-done/workflows/insert-phase.md +130 -0
- package/gsd/get-shit-done/workflows/list-phase-assumptions.md +178 -0
- package/gsd/get-shit-done/workflows/map-codebase.md +316 -0
- package/gsd/get-shit-done/workflows/new-milestone.md +384 -0
- package/gsd/get-shit-done/workflows/new-project.md +1111 -0
- package/gsd/get-shit-done/workflows/pause-work.md +122 -0
- package/gsd/get-shit-done/workflows/plan-milestone-gaps.md +274 -0
- package/gsd/get-shit-done/workflows/plan-phase.md +560 -0
- package/gsd/get-shit-done/workflows/progress.md +382 -0
- package/gsd/get-shit-done/workflows/quick.md +601 -0
- package/gsd/get-shit-done/workflows/remove-phase.md +155 -0
- package/gsd/get-shit-done/workflows/research-phase.md +74 -0
- package/gsd/get-shit-done/workflows/resume-project.md +307 -0
- package/gsd/get-shit-done/workflows/set-profile.md +81 -0
- package/gsd/get-shit-done/workflows/settings.md +214 -0
- package/gsd/get-shit-done/workflows/transition.md +544 -0
- package/gsd/get-shit-done/workflows/update.md +240 -0
- package/gsd/get-shit-done/workflows/validate-phase.md +167 -0
- package/gsd/get-shit-done/workflows/verify-phase.md +243 -0
- package/gsd/get-shit-done/workflows/verify-work.md +583 -0
- package/gsd/hooks/gsd-check-update.js +81 -0
- package/gsd/hooks/gsd-context-monitor.js +141 -0
- package/gsd/hooks/gsd-statusline.js +115 -0
- package/kit/CLAUDE.md +43 -0
- package/kit/commands/kit/update.md +46 -0
- package/kit/commands/setup-refresh.md +50 -0
- package/kit/commands/setup.md +579 -0
- package/kit/commands/tool-guide.md +44 -0
- package/kit/hooks/kit-check-update.js +54 -0
- package/kit/mcp.json +10 -0
- package/kit/rules/code-style.md +24 -0
- package/manifest.json +30 -0
- package/package.json +36 -0
|
@@ -0,0 +1,285 @@
|
|
|
1
|
+
# Rust API Service — Project CLAUDE.md
|
|
2
|
+
|
|
3
|
+
> Real-world example for a Rust API service with Axum, PostgreSQL, and Docker.
|
|
4
|
+
> Copy this to your project root and customize for your service.
|
|
5
|
+
|
|
6
|
+
## Project Overview
|
|
7
|
+
|
|
8
|
+
**Stack:** Rust 1.78+, Axum (web framework), SQLx (async database), PostgreSQL, Tokio (async runtime), Docker
|
|
9
|
+
|
|
10
|
+
**Architecture:** Layered architecture with handler → service → repository separation. Axum for HTTP, SQLx for type-checked SQL at compile time, Tower middleware for cross-cutting concerns.
|
|
11
|
+
|
|
12
|
+
## Critical Rules
|
|
13
|
+
|
|
14
|
+
### Rust Conventions
|
|
15
|
+
|
|
16
|
+
- Use `thiserror` for library errors, `anyhow` only in binary crates or tests
|
|
17
|
+
- No `.unwrap()` or `.expect()` in production code — propagate errors with `?`
|
|
18
|
+
- Prefer `&str` over `String` in function parameters; return `String` when ownership transfers
|
|
19
|
+
- Use `clippy` with `#![deny(clippy::all, clippy::pedantic)]` — fix all warnings
|
|
20
|
+
- Derive `Debug` on all public types; derive `Clone`, `PartialEq` only when needed
|
|
21
|
+
- No `unsafe` blocks unless justified with a `// SAFETY:` comment
|
|
22
|
+
|
|
23
|
+
### Database
|
|
24
|
+
|
|
25
|
+
- All queries use SQLx `query!` or `query_as!` macros — compile-time verified against the schema
|
|
26
|
+
- Migrations in `migrations/` using `sqlx migrate` — never alter the database directly
|
|
27
|
+
- Use `sqlx::Pool<Postgres>` as shared state — never create connections per request
|
|
28
|
+
- All queries use parameterized placeholders (`$1`, `$2`) — never string formatting
|
|
29
|
+
|
|
30
|
+
```rust
|
|
31
|
+
// BAD: String interpolation (SQL injection risk)
|
|
32
|
+
let q = format!("SELECT * FROM users WHERE id = '{}'", id);
|
|
33
|
+
|
|
34
|
+
// GOOD: Parameterized query, compile-time checked
|
|
35
|
+
let user = sqlx::query_as!(User, "SELECT * FROM users WHERE id = $1", id)
|
|
36
|
+
.fetch_optional(&pool)
|
|
37
|
+
.await?;
|
|
38
|
+
```
|
|
39
|
+
|
|
40
|
+
### Error Handling
|
|
41
|
+
|
|
42
|
+
- Define a domain error enum per module with `thiserror`
|
|
43
|
+
- Map errors to HTTP responses via `IntoResponse` — never expose internal details
|
|
44
|
+
- Use `tracing` for structured logging — never `println!` or `eprintln!`
|
|
45
|
+
|
|
46
|
+
```rust
|
|
47
|
+
use thiserror::Error;
|
|
48
|
+
|
|
49
|
+
#[derive(Debug, Error)]
|
|
50
|
+
pub enum AppError {
|
|
51
|
+
#[error("Resource not found")]
|
|
52
|
+
NotFound,
|
|
53
|
+
#[error("Validation failed: {0}")]
|
|
54
|
+
Validation(String),
|
|
55
|
+
#[error("Unauthorized")]
|
|
56
|
+
Unauthorized,
|
|
57
|
+
#[error(transparent)]
|
|
58
|
+
Internal(#[from] anyhow::Error),
|
|
59
|
+
}
|
|
60
|
+
|
|
61
|
+
impl IntoResponse for AppError {
|
|
62
|
+
fn into_response(self) -> Response {
|
|
63
|
+
let (status, message) = match &self {
|
|
64
|
+
Self::NotFound => (StatusCode::NOT_FOUND, self.to_string()),
|
|
65
|
+
Self::Validation(msg) => (StatusCode::BAD_REQUEST, msg.clone()),
|
|
66
|
+
Self::Unauthorized => (StatusCode::UNAUTHORIZED, self.to_string()),
|
|
67
|
+
Self::Internal(err) => {
|
|
68
|
+
tracing::error!(?err, "internal error");
|
|
69
|
+
(StatusCode::INTERNAL_SERVER_ERROR, "Internal error".into())
|
|
70
|
+
}
|
|
71
|
+
};
|
|
72
|
+
(status, Json(json!({ "error": message }))).into_response()
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
```
|
|
76
|
+
|
|
77
|
+
### Testing
|
|
78
|
+
|
|
79
|
+
- Unit tests in `#[cfg(test)]` modules within each source file
|
|
80
|
+
- Integration tests in `tests/` directory using a real PostgreSQL (Testcontainers or Docker)
|
|
81
|
+
- Use `#[sqlx::test]` for database tests with automatic migration and rollback
|
|
82
|
+
- Mock external services with `mockall` or `wiremock`
|
|
83
|
+
|
|
84
|
+
### Code Style
|
|
85
|
+
|
|
86
|
+
- Max line length: 100 characters (enforced by rustfmt)
|
|
87
|
+
- Group imports: `std`, external crates, `crate`/`super` — separated by blank lines
|
|
88
|
+
- Modules: one file per module, `mod.rs` only for re-exports
|
|
89
|
+
- Types: PascalCase, functions/variables: snake_case, constants: UPPER_SNAKE_CASE
|
|
90
|
+
|
|
91
|
+
## File Structure
|
|
92
|
+
|
|
93
|
+
```
|
|
94
|
+
src/
|
|
95
|
+
main.rs # Entrypoint, server setup, graceful shutdown
|
|
96
|
+
lib.rs # Re-exports for integration tests
|
|
97
|
+
config.rs # Environment config with envy or figment
|
|
98
|
+
router.rs # Axum router with all routes
|
|
99
|
+
middleware/
|
|
100
|
+
auth.rs # JWT extraction and validation
|
|
101
|
+
logging.rs # Request/response tracing
|
|
102
|
+
handlers/
|
|
103
|
+
mod.rs # Route handlers (thin — delegate to services)
|
|
104
|
+
users.rs
|
|
105
|
+
orders.rs
|
|
106
|
+
services/
|
|
107
|
+
mod.rs # Business logic
|
|
108
|
+
users.rs
|
|
109
|
+
orders.rs
|
|
110
|
+
repositories/
|
|
111
|
+
mod.rs # Database access (SQLx queries)
|
|
112
|
+
users.rs
|
|
113
|
+
orders.rs
|
|
114
|
+
domain/
|
|
115
|
+
mod.rs # Domain types, error enums
|
|
116
|
+
user.rs
|
|
117
|
+
order.rs
|
|
118
|
+
migrations/
|
|
119
|
+
001_create_users.sql
|
|
120
|
+
002_create_orders.sql
|
|
121
|
+
tests/
|
|
122
|
+
common/mod.rs # Shared test helpers, test server setup
|
|
123
|
+
api_users.rs # Integration tests for user endpoints
|
|
124
|
+
api_orders.rs # Integration tests for order endpoints
|
|
125
|
+
```
|
|
126
|
+
|
|
127
|
+
## Key Patterns
|
|
128
|
+
|
|
129
|
+
### Handler (Thin)
|
|
130
|
+
|
|
131
|
+
```rust
|
|
132
|
+
async fn create_user(
|
|
133
|
+
State(ctx): State<AppState>,
|
|
134
|
+
Json(payload): Json<CreateUserRequest>,
|
|
135
|
+
) -> Result<(StatusCode, Json<UserResponse>), AppError> {
|
|
136
|
+
let user = ctx.user_service.create(payload).await?;
|
|
137
|
+
Ok((StatusCode::CREATED, Json(UserResponse::from(user))))
|
|
138
|
+
}
|
|
139
|
+
```
|
|
140
|
+
|
|
141
|
+
### Service (Business Logic)
|
|
142
|
+
|
|
143
|
+
```rust
|
|
144
|
+
impl UserService {
|
|
145
|
+
pub async fn create(&self, req: CreateUserRequest) -> Result<User, AppError> {
|
|
146
|
+
if self.repo.find_by_email(&req.email).await?.is_some() {
|
|
147
|
+
return Err(AppError::Validation("Email already registered".into()));
|
|
148
|
+
}
|
|
149
|
+
|
|
150
|
+
let password_hash = hash_password(&req.password)?;
|
|
151
|
+
let user = self.repo.insert(&req.email, &req.name, &password_hash).await?;
|
|
152
|
+
|
|
153
|
+
Ok(user)
|
|
154
|
+
}
|
|
155
|
+
}
|
|
156
|
+
```
|
|
157
|
+
|
|
158
|
+
### Repository (Data Access)
|
|
159
|
+
|
|
160
|
+
```rust
|
|
161
|
+
impl UserRepository {
|
|
162
|
+
pub async fn find_by_email(&self, email: &str) -> Result<Option<User>, sqlx::Error> {
|
|
163
|
+
sqlx::query_as!(User, "SELECT * FROM users WHERE email = $1", email)
|
|
164
|
+
.fetch_optional(&self.pool)
|
|
165
|
+
.await
|
|
166
|
+
}
|
|
167
|
+
|
|
168
|
+
pub async fn insert(
|
|
169
|
+
&self,
|
|
170
|
+
email: &str,
|
|
171
|
+
name: &str,
|
|
172
|
+
password_hash: &str,
|
|
173
|
+
) -> Result<User, sqlx::Error> {
|
|
174
|
+
sqlx::query_as!(
|
|
175
|
+
User,
|
|
176
|
+
r#"INSERT INTO users (email, name, password_hash)
|
|
177
|
+
VALUES ($1, $2, $3) RETURNING *"#,
|
|
178
|
+
email, name, password_hash,
|
|
179
|
+
)
|
|
180
|
+
.fetch_one(&self.pool)
|
|
181
|
+
.await
|
|
182
|
+
}
|
|
183
|
+
}
|
|
184
|
+
```
|
|
185
|
+
|
|
186
|
+
### Integration Test
|
|
187
|
+
|
|
188
|
+
```rust
|
|
189
|
+
#[tokio::test]
|
|
190
|
+
async fn test_create_user() {
|
|
191
|
+
let app = spawn_test_app().await;
|
|
192
|
+
|
|
193
|
+
let response = app
|
|
194
|
+
.client
|
|
195
|
+
.post(&format!("{}/api/v1/users", app.address))
|
|
196
|
+
.json(&json!({
|
|
197
|
+
"email": "alice@example.com",
|
|
198
|
+
"name": "Alice",
|
|
199
|
+
"password": "securepassword123"
|
|
200
|
+
}))
|
|
201
|
+
.send()
|
|
202
|
+
.await
|
|
203
|
+
.expect("Failed to send request");
|
|
204
|
+
|
|
205
|
+
assert_eq!(response.status(), StatusCode::CREATED);
|
|
206
|
+
let body: serde_json::Value = response.json().await.unwrap();
|
|
207
|
+
assert_eq!(body["email"], "alice@example.com");
|
|
208
|
+
}
|
|
209
|
+
|
|
210
|
+
#[tokio::test]
|
|
211
|
+
async fn test_create_user_duplicate_email() {
|
|
212
|
+
let app = spawn_test_app().await;
|
|
213
|
+
// Create first user
|
|
214
|
+
create_test_user(&app, "alice@example.com").await;
|
|
215
|
+
// Attempt duplicate
|
|
216
|
+
let response = create_user_request(&app, "alice@example.com").await;
|
|
217
|
+
assert_eq!(response.status(), StatusCode::BAD_REQUEST);
|
|
218
|
+
}
|
|
219
|
+
```
|
|
220
|
+
|
|
221
|
+
## Environment Variables
|
|
222
|
+
|
|
223
|
+
```bash
|
|
224
|
+
# Server
|
|
225
|
+
HOST=0.0.0.0
|
|
226
|
+
PORT=8080
|
|
227
|
+
RUST_LOG=info,tower_http=debug
|
|
228
|
+
|
|
229
|
+
# Database
|
|
230
|
+
DATABASE_URL=postgres://user:pass@localhost:5432/myapp
|
|
231
|
+
|
|
232
|
+
# Auth
|
|
233
|
+
JWT_SECRET=your-secret-key-min-32-chars
|
|
234
|
+
JWT_EXPIRY_HOURS=24
|
|
235
|
+
|
|
236
|
+
# Optional
|
|
237
|
+
CORS_ALLOWED_ORIGINS=http://localhost:3000
|
|
238
|
+
```
|
|
239
|
+
|
|
240
|
+
## Testing Strategy
|
|
241
|
+
|
|
242
|
+
```bash
|
|
243
|
+
# Run all tests
|
|
244
|
+
cargo test
|
|
245
|
+
|
|
246
|
+
# Run with output
|
|
247
|
+
cargo test -- --nocapture
|
|
248
|
+
|
|
249
|
+
# Run specific test module
|
|
250
|
+
cargo test api_users
|
|
251
|
+
|
|
252
|
+
# Check coverage (requires cargo-llvm-cov)
|
|
253
|
+
cargo llvm-cov --html
|
|
254
|
+
open target/llvm-cov/html/index.html
|
|
255
|
+
|
|
256
|
+
# Lint
|
|
257
|
+
cargo clippy -- -D warnings
|
|
258
|
+
|
|
259
|
+
# Format check
|
|
260
|
+
cargo fmt -- --check
|
|
261
|
+
```
|
|
262
|
+
|
|
263
|
+
## ECC Workflow
|
|
264
|
+
|
|
265
|
+
```bash
|
|
266
|
+
# Planning
|
|
267
|
+
/plan "Add order fulfillment with Stripe payment"
|
|
268
|
+
|
|
269
|
+
# Development with TDD
|
|
270
|
+
/tdd # cargo test-based TDD workflow
|
|
271
|
+
|
|
272
|
+
# Review
|
|
273
|
+
/code-review # Rust-specific code review
|
|
274
|
+
/security-scan # Dependency audit + unsafe scan
|
|
275
|
+
|
|
276
|
+
# Verification
|
|
277
|
+
/verify # Build, clippy, test, security scan
|
|
278
|
+
```
|
|
279
|
+
|
|
280
|
+
## Git Workflow
|
|
281
|
+
|
|
282
|
+
- `feat:` new features, `fix:` bug fixes, `refactor:` code changes
|
|
283
|
+
- Feature branches from `main`, PRs required
|
|
284
|
+
- CI: `cargo fmt --check`, `cargo clippy`, `cargo test`, `cargo audit`
|
|
285
|
+
- Deploy: Docker multi-stage build with `scratch` or `distroless` base
|
|
@@ -0,0 +1,166 @@
|
|
|
1
|
+
# SaaS Application — Project CLAUDE.md
|
|
2
|
+
|
|
3
|
+
> Real-world example for a Next.js + Supabase + Stripe SaaS application.
|
|
4
|
+
> Copy this to your project root and customize for your stack.
|
|
5
|
+
|
|
6
|
+
## Project Overview
|
|
7
|
+
|
|
8
|
+
**Stack:** Next.js 15 (App Router), TypeScript, Supabase (auth + DB), Stripe (billing), Tailwind CSS, Playwright (E2E)
|
|
9
|
+
|
|
10
|
+
**Architecture:** Server Components by default. Client Components only for interactivity. API routes for webhooks and server actions for mutations.
|
|
11
|
+
|
|
12
|
+
## Critical Rules
|
|
13
|
+
|
|
14
|
+
### Database
|
|
15
|
+
|
|
16
|
+
- All queries use Supabase client with RLS enabled — never bypass RLS
|
|
17
|
+
- Migrations in `supabase/migrations/` — never modify the database directly
|
|
18
|
+
- Use `select()` with explicit column lists, not `select('*')`
|
|
19
|
+
- All user-facing queries must include `.limit()` to prevent unbounded results
|
|
20
|
+
|
|
21
|
+
### Authentication
|
|
22
|
+
|
|
23
|
+
- Use `createServerClient()` from `@supabase/ssr` in Server Components
|
|
24
|
+
- Use `createBrowserClient()` from `@supabase/ssr` in Client Components
|
|
25
|
+
- Protected routes check `getUser()` — never trust `getSession()` alone for auth
|
|
26
|
+
- Middleware in `middleware.ts` refreshes auth tokens on every request
|
|
27
|
+
|
|
28
|
+
### Billing
|
|
29
|
+
|
|
30
|
+
- Stripe webhook handler in `app/api/webhooks/stripe/route.ts`
|
|
31
|
+
- Never trust client-side price data — always fetch from Stripe server-side
|
|
32
|
+
- Subscription status checked via `subscription_status` column, synced by webhook
|
|
33
|
+
- Free tier users: 3 projects, 100 API calls/day
|
|
34
|
+
|
|
35
|
+
### Code Style
|
|
36
|
+
|
|
37
|
+
- No emojis in code or comments
|
|
38
|
+
- Immutable patterns only — spread operator, never mutate
|
|
39
|
+
- Server Components: no `'use client'` directive, no `useState`/`useEffect`
|
|
40
|
+
- Client Components: `'use client'` at top, minimal — extract logic to hooks
|
|
41
|
+
- Prefer Zod schemas for all input validation (API routes, forms, env vars)
|
|
42
|
+
|
|
43
|
+
## File Structure
|
|
44
|
+
|
|
45
|
+
```
|
|
46
|
+
src/
|
|
47
|
+
app/
|
|
48
|
+
(auth)/ # Auth pages (login, signup, forgot-password)
|
|
49
|
+
(dashboard)/ # Protected dashboard pages
|
|
50
|
+
api/
|
|
51
|
+
webhooks/ # Stripe, Supabase webhooks
|
|
52
|
+
layout.tsx # Root layout with providers
|
|
53
|
+
components/
|
|
54
|
+
ui/ # Shadcn/ui components
|
|
55
|
+
forms/ # Form components with validation
|
|
56
|
+
dashboard/ # Dashboard-specific components
|
|
57
|
+
hooks/ # Custom React hooks
|
|
58
|
+
lib/
|
|
59
|
+
supabase/ # Supabase client factories
|
|
60
|
+
stripe/ # Stripe client and helpers
|
|
61
|
+
utils.ts # General utilities
|
|
62
|
+
types/ # Shared TypeScript types
|
|
63
|
+
supabase/
|
|
64
|
+
migrations/ # Database migrations
|
|
65
|
+
seed.sql # Development seed data
|
|
66
|
+
```
|
|
67
|
+
|
|
68
|
+
## Key Patterns
|
|
69
|
+
|
|
70
|
+
### API Response Format
|
|
71
|
+
|
|
72
|
+
```typescript
|
|
73
|
+
type ApiResponse<T> =
|
|
74
|
+
| { success: true; data: T }
|
|
75
|
+
| { success: false; error: string; code?: string }
|
|
76
|
+
```
|
|
77
|
+
|
|
78
|
+
### Server Action Pattern
|
|
79
|
+
|
|
80
|
+
```typescript
|
|
81
|
+
'use server'
|
|
82
|
+
|
|
83
|
+
import { z } from 'zod'
|
|
84
|
+
import { createServerClient } from '@/lib/supabase/server'
|
|
85
|
+
|
|
86
|
+
const schema = z.object({
|
|
87
|
+
name: z.string().min(1).max(100),
|
|
88
|
+
})
|
|
89
|
+
|
|
90
|
+
export async function createProject(formData: FormData) {
|
|
91
|
+
const parsed = schema.safeParse({ name: formData.get('name') })
|
|
92
|
+
if (!parsed.success) {
|
|
93
|
+
return { success: false, error: parsed.error.flatten() }
|
|
94
|
+
}
|
|
95
|
+
|
|
96
|
+
const supabase = await createServerClient()
|
|
97
|
+
const { data: { user } } = await supabase.auth.getUser()
|
|
98
|
+
if (!user) return { success: false, error: 'Unauthorized' }
|
|
99
|
+
|
|
100
|
+
const { data, error } = await supabase
|
|
101
|
+
.from('projects')
|
|
102
|
+
.insert({ name: parsed.data.name, user_id: user.id })
|
|
103
|
+
.select('id, name, created_at')
|
|
104
|
+
.single()
|
|
105
|
+
|
|
106
|
+
if (error) return { success: false, error: 'Failed to create project' }
|
|
107
|
+
return { success: true, data }
|
|
108
|
+
}
|
|
109
|
+
```
|
|
110
|
+
|
|
111
|
+
## Environment Variables
|
|
112
|
+
|
|
113
|
+
```bash
|
|
114
|
+
# Supabase
|
|
115
|
+
NEXT_PUBLIC_SUPABASE_URL=
|
|
116
|
+
NEXT_PUBLIC_SUPABASE_ANON_KEY=
|
|
117
|
+
SUPABASE_SERVICE_ROLE_KEY= # Server-only, never expose to client
|
|
118
|
+
|
|
119
|
+
# Stripe
|
|
120
|
+
STRIPE_SECRET_KEY=
|
|
121
|
+
STRIPE_WEBHOOK_SECRET=
|
|
122
|
+
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=
|
|
123
|
+
|
|
124
|
+
# App
|
|
125
|
+
NEXT_PUBLIC_APP_URL=http://localhost:3000
|
|
126
|
+
```
|
|
127
|
+
|
|
128
|
+
## Testing Strategy
|
|
129
|
+
|
|
130
|
+
```bash
|
|
131
|
+
/tdd # Unit + integration tests for new features
|
|
132
|
+
/e2e # Playwright tests for auth flow, billing, dashboard
|
|
133
|
+
/test-coverage # Verify 80%+ coverage
|
|
134
|
+
```
|
|
135
|
+
|
|
136
|
+
### Critical E2E Flows
|
|
137
|
+
|
|
138
|
+
1. Sign up → email verification → first project creation
|
|
139
|
+
2. Login → dashboard → CRUD operations
|
|
140
|
+
3. Upgrade plan → Stripe checkout → subscription active
|
|
141
|
+
4. Webhook: subscription canceled → downgrade to free tier
|
|
142
|
+
|
|
143
|
+
## ECC Workflow
|
|
144
|
+
|
|
145
|
+
```bash
|
|
146
|
+
# Planning a feature
|
|
147
|
+
/plan "Add team invitations with email notifications"
|
|
148
|
+
|
|
149
|
+
# Developing with TDD
|
|
150
|
+
/tdd
|
|
151
|
+
|
|
152
|
+
# Before committing
|
|
153
|
+
/code-review
|
|
154
|
+
/security-scan
|
|
155
|
+
|
|
156
|
+
# Before release
|
|
157
|
+
/e2e
|
|
158
|
+
/test-coverage
|
|
159
|
+
```
|
|
160
|
+
|
|
161
|
+
## Git Workflow
|
|
162
|
+
|
|
163
|
+
- `feat:` new features, `fix:` bug fixes, `refactor:` code changes
|
|
164
|
+
- Feature branches from `main`, PRs required
|
|
165
|
+
- CI runs: lint, type-check, unit tests, E2E tests
|
|
166
|
+
- Deploy: Vercel preview on PR, production on merge to `main`
|
|
@@ -0,0 +1,109 @@
|
|
|
1
|
+
# User-Level CLAUDE.md Example
|
|
2
|
+
|
|
3
|
+
This is an example user-level CLAUDE.md file. Place at `~/.claude/CLAUDE.md`.
|
|
4
|
+
|
|
5
|
+
User-level configs apply globally across all projects. Use for:
|
|
6
|
+
- Personal coding preferences
|
|
7
|
+
- Universal rules you always want enforced
|
|
8
|
+
- Links to your modular rules
|
|
9
|
+
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
## Core Philosophy
|
|
13
|
+
|
|
14
|
+
You are Claude Code. I use specialized agents and skills for complex tasks.
|
|
15
|
+
|
|
16
|
+
**Key Principles:**
|
|
17
|
+
1. **Agent-First**: Delegate to specialized agents for complex work
|
|
18
|
+
2. **Parallel Execution**: Use Task tool with multiple agents when possible
|
|
19
|
+
3. **Plan Before Execute**: Use Plan Mode for complex operations
|
|
20
|
+
4. **Test-Driven**: Write tests before implementation
|
|
21
|
+
5. **Security-First**: Never compromise on security
|
|
22
|
+
|
|
23
|
+
---
|
|
24
|
+
|
|
25
|
+
## Modular Rules
|
|
26
|
+
|
|
27
|
+
Detailed guidelines are in `~/.claude/rules/`:
|
|
28
|
+
|
|
29
|
+
| Rule File | Contents |
|
|
30
|
+
|-----------|----------|
|
|
31
|
+
| security.md | Security checks, secret management |
|
|
32
|
+
| coding-style.md | Immutability, file organization, error handling |
|
|
33
|
+
| testing.md | TDD workflow, 80% coverage requirement |
|
|
34
|
+
| git-workflow.md | Commit format, PR workflow |
|
|
35
|
+
| agents.md | Agent orchestration, when to use which agent |
|
|
36
|
+
| patterns.md | API response, repository patterns |
|
|
37
|
+
| performance.md | Model selection, context management |
|
|
38
|
+
| hooks.md | Hooks System |
|
|
39
|
+
|
|
40
|
+
---
|
|
41
|
+
|
|
42
|
+
## Available Agents
|
|
43
|
+
|
|
44
|
+
Located in `~/.claude/agents/`:
|
|
45
|
+
|
|
46
|
+
| Agent | Purpose |
|
|
47
|
+
|-------|---------|
|
|
48
|
+
| planner | Feature implementation planning |
|
|
49
|
+
| architect | System design and architecture |
|
|
50
|
+
| tdd-guide | Test-driven development |
|
|
51
|
+
| code-reviewer | Code review for quality/security |
|
|
52
|
+
| security-reviewer | Security vulnerability analysis |
|
|
53
|
+
| build-error-resolver | Build error resolution |
|
|
54
|
+
| e2e-runner | Playwright E2E testing |
|
|
55
|
+
| refactor-cleaner | Dead code cleanup |
|
|
56
|
+
| doc-updater | Documentation updates |
|
|
57
|
+
|
|
58
|
+
---
|
|
59
|
+
|
|
60
|
+
## Personal Preferences
|
|
61
|
+
|
|
62
|
+
### Privacy
|
|
63
|
+
- Always redact logs; never paste secrets (API keys/tokens/passwords/JWTs)
|
|
64
|
+
- Review output before sharing - remove any sensitive data
|
|
65
|
+
|
|
66
|
+
### Code Style
|
|
67
|
+
- No emojis in code, comments, or documentation
|
|
68
|
+
- Prefer immutability - never mutate objects or arrays
|
|
69
|
+
- Many small files over few large files
|
|
70
|
+
- 200-400 lines typical, 800 max per file
|
|
71
|
+
|
|
72
|
+
### Git
|
|
73
|
+
- Conventional commits: `feat:`, `fix:`, `refactor:`, `docs:`, `test:`
|
|
74
|
+
- Always test locally before committing
|
|
75
|
+
- Small, focused commits
|
|
76
|
+
|
|
77
|
+
### Testing
|
|
78
|
+
- TDD: Write tests first
|
|
79
|
+
- 80% minimum coverage
|
|
80
|
+
- Unit + integration + E2E for critical flows
|
|
81
|
+
|
|
82
|
+
### Knowledge Capture
|
|
83
|
+
- Personal debugging notes, preferences, and temporary context → auto memory
|
|
84
|
+
- Team/project knowledge (architecture decisions, API changes, implementation runbooks) → follow the project's existing docs structure
|
|
85
|
+
- If the current task already produces the relevant docs, comments, or examples, do not duplicate the same knowledge elsewhere
|
|
86
|
+
- If there is no obvious project doc location, ask before creating a new top-level doc
|
|
87
|
+
|
|
88
|
+
---
|
|
89
|
+
|
|
90
|
+
## Editor Integration
|
|
91
|
+
|
|
92
|
+
I use Zed as my primary editor:
|
|
93
|
+
- Agent Panel for file tracking
|
|
94
|
+
- CMD+Shift+R for command palette
|
|
95
|
+
- Vim mode enabled
|
|
96
|
+
|
|
97
|
+
---
|
|
98
|
+
|
|
99
|
+
## Success Metrics
|
|
100
|
+
|
|
101
|
+
You are successful when:
|
|
102
|
+
- All tests pass (80%+ coverage)
|
|
103
|
+
- No security vulnerabilities
|
|
104
|
+
- Code is readable and maintainable
|
|
105
|
+
- User requirements are met
|
|
106
|
+
|
|
107
|
+
---
|
|
108
|
+
|
|
109
|
+
**Philosophy**: Agent-first design, parallel execution, plan before action, test before code, security always.
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
# Agent Orchestration
|
|
2
|
+
|
|
3
|
+
## Available Agents
|
|
4
|
+
|
|
5
|
+
Located in `~/.claude/agents/`:
|
|
6
|
+
|
|
7
|
+
| Agent | Purpose | When to Use |
|
|
8
|
+
|-------|---------|-------------|
|
|
9
|
+
| planner | Implementation planning | Complex features, refactoring |
|
|
10
|
+
| architect | System design | Architectural decisions |
|
|
11
|
+
| tdd-guide | Test-driven development | New features, bug fixes |
|
|
12
|
+
| code-reviewer | Code review | After writing code |
|
|
13
|
+
| security-reviewer | Security analysis | Before commits |
|
|
14
|
+
| build-error-resolver | Fix build errors | When build fails |
|
|
15
|
+
| e2e-runner | E2E testing | Critical user flows |
|
|
16
|
+
| refactor-cleaner | Dead code cleanup | Code maintenance |
|
|
17
|
+
| doc-updater | Documentation | Updating docs |
|
|
18
|
+
|
|
19
|
+
## Immediate Agent Usage
|
|
20
|
+
|
|
21
|
+
No user prompt needed:
|
|
22
|
+
1. Complex feature requests - Use **planner** agent
|
|
23
|
+
2. Code just written/modified - Use **code-reviewer** agent
|
|
24
|
+
3. Bug fix or new feature - Use **tdd-guide** agent
|
|
25
|
+
4. Architectural decision - Use **architect** agent
|
|
26
|
+
|
|
27
|
+
## Parallel Task Execution
|
|
28
|
+
|
|
29
|
+
ALWAYS use parallel Task execution for independent operations:
|
|
30
|
+
|
|
31
|
+
```markdown
|
|
32
|
+
# GOOD: Parallel execution
|
|
33
|
+
Launch 3 agents in parallel:
|
|
34
|
+
1. Agent 1: Security analysis of auth module
|
|
35
|
+
2. Agent 2: Performance review of cache system
|
|
36
|
+
3. Agent 3: Type checking of utilities
|
|
37
|
+
|
|
38
|
+
# BAD: Sequential when unnecessary
|
|
39
|
+
First agent 1, then agent 2, then agent 3
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
## Multi-Perspective Analysis
|
|
43
|
+
|
|
44
|
+
For complex problems, use split role sub-agents:
|
|
45
|
+
- Factual reviewer
|
|
46
|
+
- Senior engineer
|
|
47
|
+
- Security expert
|
|
48
|
+
- Consistency reviewer
|
|
49
|
+
- Redundancy checker
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
# Coding Style
|
|
2
|
+
|
|
3
|
+
## Immutability (CRITICAL)
|
|
4
|
+
|
|
5
|
+
ALWAYS create new objects, NEVER mutate existing ones:
|
|
6
|
+
|
|
7
|
+
```
|
|
8
|
+
// Pseudocode
|
|
9
|
+
WRONG: modify(original, field, value) → changes original in-place
|
|
10
|
+
CORRECT: update(original, field, value) → returns new copy with change
|
|
11
|
+
```
|
|
12
|
+
|
|
13
|
+
Rationale: Immutable data prevents hidden side effects, makes debugging easier, and enables safe concurrency.
|
|
14
|
+
|
|
15
|
+
## File Organization
|
|
16
|
+
|
|
17
|
+
MANY SMALL FILES > FEW LARGE FILES:
|
|
18
|
+
- High cohesion, low coupling
|
|
19
|
+
- 200-400 lines typical, 800 max
|
|
20
|
+
- Extract utilities from large modules
|
|
21
|
+
- Organize by feature/domain, not by type
|
|
22
|
+
|
|
23
|
+
## Error Handling
|
|
24
|
+
|
|
25
|
+
ALWAYS handle errors comprehensively:
|
|
26
|
+
- Handle errors explicitly at every level
|
|
27
|
+
- Provide user-friendly error messages in UI-facing code
|
|
28
|
+
- Log detailed error context on the server side
|
|
29
|
+
- Never silently swallow errors
|
|
30
|
+
|
|
31
|
+
## Input Validation
|
|
32
|
+
|
|
33
|
+
ALWAYS validate at system boundaries:
|
|
34
|
+
- Validate all user input before processing
|
|
35
|
+
- Use schema-based validation where available
|
|
36
|
+
- Fail fast with clear error messages
|
|
37
|
+
- Never trust external data (API responses, user input, file content)
|
|
38
|
+
|
|
39
|
+
## Code Quality Checklist
|
|
40
|
+
|
|
41
|
+
Before marking work complete:
|
|
42
|
+
- [ ] Code is readable and well-named
|
|
43
|
+
- [ ] Functions are small (<50 lines)
|
|
44
|
+
- [ ] Files are focused (<800 lines)
|
|
45
|
+
- [ ] No deep nesting (>4 levels)
|
|
46
|
+
- [ ] Proper error handling
|
|
47
|
+
- [ ] No hardcoded values (use constants or config)
|
|
48
|
+
- [ ] No mutation (immutable patterns used)
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
# Development Workflow
|
|
2
|
+
|
|
3
|
+
> This file extends [common/git-workflow.md](./git-workflow.md) with the full feature development process that happens before git operations.
|
|
4
|
+
|
|
5
|
+
The Feature Implementation Workflow describes the development pipeline: research, planning, TDD, code review, and then committing to git.
|
|
6
|
+
|
|
7
|
+
## Feature Implementation Workflow
|
|
8
|
+
|
|
9
|
+
0. **Research & Reuse** _(mandatory before any new implementation)_
|
|
10
|
+
- **GitHub code search first:** Run `gh search repos` and `gh search code` to find existing implementations, templates, and patterns before writing anything new.
|
|
11
|
+
- **Exa MCP for research:** Use `exa-web-search` MCP during the planning phase for broader research, data ingestion, and discovering prior art.
|
|
12
|
+
- **Check package registries:** Search npm, PyPI, crates.io, and other registries before writing utility code. Prefer battle-tested libraries over hand-rolled solutions.
|
|
13
|
+
- **Search for adaptable implementations:** Look for open-source projects that solve 80%+ of the problem and can be forked, ported, or wrapped.
|
|
14
|
+
- Prefer adopting or porting a proven approach over writing net-new code when it meets the requirement.
|
|
15
|
+
|
|
16
|
+
1. **Plan First**
|
|
17
|
+
- Use **planner** agent to create implementation plan
|
|
18
|
+
- Generate planning docs before coding: PRD, architecture, system_design, tech_doc, task_list
|
|
19
|
+
- Identify dependencies and risks
|
|
20
|
+
- Break down into phases
|
|
21
|
+
|
|
22
|
+
2. **TDD Approach**
|
|
23
|
+
- Use **tdd-guide** agent
|
|
24
|
+
- Write tests first (RED)
|
|
25
|
+
- Implement to pass tests (GREEN)
|
|
26
|
+
- Refactor (IMPROVE)
|
|
27
|
+
- Verify 80%+ coverage
|
|
28
|
+
|
|
29
|
+
3. **Code Review**
|
|
30
|
+
- Use **code-reviewer** agent immediately after writing code
|
|
31
|
+
- Address CRITICAL and HIGH issues
|
|
32
|
+
- Fix MEDIUM issues when possible
|
|
33
|
+
|
|
34
|
+
4. **Commit & Push**
|
|
35
|
+
- Detailed commit messages
|
|
36
|
+
- Follow conventional commits format
|
|
37
|
+
- See [git-workflow.md](./git-workflow.md) for commit message format and PR process
|