codeninja 3.2.0 → 4.0.0

package/ide/cursor/.cursor/rules/04-database.mdc

@@ -1,90 +0,0 @@
----
-description: codeninja Database Architect — table design, migrations, indexes, seeds
-globs: ["**/database/**", "**/*.sql", "**/migrations/**"]
-alwaysApply: false
----
-
-# codeninja — Database Architect
-
-## Critical Rule
-`database/` folder is ALWAYS at the repository root — NEVER inside a service folder.
-All services share the same database directory.
-
-## /codeninja:db:create — New Table
-
-1. Ask: table purpose (used for column suggestions)
-2. Ask: table name (must start with `tbl_`, snake_case, lowercase)
-3. Ask: migration file number (agent reads migrations/ and suggests next via `migration_next_number`)
-4. Ask: needs `status` + `is_deleted` columns? (suggest YES for entity tables, NO for log tables)
-5. Ask: needs soft delete `is_deleted`? (auto-suggest YES if needs_status)
-6. Column collection loop (repeat until "done"):
-   - Ask column name (snake_case) + type (show suggestion by name pattern):
-     - `*_id` → BIGINT NOT NULL DEFAULT 0 (also check FK — ask if references another table)
-     - `is_*` → BOOLEAN NOT NULL DEFAULT FALSE
-     - `*_at` → TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP
-     - `status` → INTEGER NOT NULL DEFAULT 0 CHECK (status IN (0,1))
-     - `email` → VARCHAR(132) NOT NULL DEFAULT ''
-     - `phone` → VARCHAR(16) NOT NULL DEFAULT ''
-     - `password` → TEXT NOT NULL DEFAULT ''
-     - `*_image`, `*_url` → VARCHAR(255) NOT NULL DEFAULT ''
-     - `payload`, `metadata` → JSON NOT NULL DEFAULT '{}'
-   - Ask: is this an enum column? If yes → collect allowed values → CHECK constraint + COMMENT
-7. Index suggestions: auto-suggest for every FK column, status+is_deleted compound, created_at DESC for logs
-8. Ask: seed data needed? (YES only for reference/master tables)
-9. Show complete table summary — ask: "Generate? (yes / no / change)"
-10. Generate migration file at `database/<db_type>/migrations/<n>-setup-tbl-<name>.sql`
-11. Update `create-schema.sql` with `\i` entry in numeric order
-12. Call `context_write` — append to context.db.schema.tables and change_log
-
-## /codeninja:db:modify — Alter Table
-- Always generate an ALTER file — NEVER edit the original setup file
-- Operations: add column, rename column, drop column, change type, add CHECK constraint, add index
-- For "add index" → route to /codeninja:db:index instead
-- Generated file: `<n>-alter-tbl-<name>-<description>.sql`
-- Wrap in `BEGIN; ... COMMIT;`
-
-## /codeninja:db:index — Add Index
-- Ask: table, column(s), sort order (DESC?), standard vs partial (WHERE clause?)
-- Ask: table's own file vs `111-setup-database-indexes.sql` (auto-suggest shared file for existing tables)
-- Index naming: `idx_<table_without_tbl_prefix>_<columns>` (table file) or `idx_tbl_<name>_<columns>` (shared)
-- Always show generated name and confirm before writing
-
-## /codeninja:db:drop — Drop Table
-- NEVER delete original setup file — generate new drop migration
-- Show impact analysis: routes referencing table, FK dependencies
-- Require user to type table name exactly to confirm
-- Generated file: `<n>-drop-tbl-<name>.sql` with `DROP TABLE IF EXISTS ... CASCADE`
-- Keep original `\i <setup_file>` in create-schema.sql — add drop file AFTER it
-- Save full column snapshot to change_log before removing from active tables
-
-## /codeninja:db:seed — Add Seed Data
-- Determine: append to setup file (reference/master data) OR standalone seeds/ file (dev data)
-- NEVER store plaintext passwords — warn user to provide encrypted value
-- Multi-row INSERT only (single INSERT with multiple value tuples)
-- File: `database/<db_type>/seeds/<table_name>_seed.sql`
-
-## /codeninja:db:sync — Rebuild Schema from Files
-- Parse all migration files in numeric order: setup → alter → drop → indexes
-- Rebuild context.db.schema from actual file contents
-- Rewrite create-schema.sql to match actual files on disk
-- Report stale entries (in create-schema.sql but not on disk) and missing entries
-
-## SQL Standards
-```sql
--- Standard table structure
-CREATE TABLE public.tbl_<name> (
-  id           BIGSERIAL PRIMARY KEY,
-  -- ... columns ...
-  status       INTEGER NOT NULL DEFAULT 0 CHECK (status IN (0,1)),
-  is_deleted   BOOLEAN NOT NULL DEFAULT FALSE,
-  created_at   TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP
-);
-
-COMMENT ON COLUMN public.tbl_<name>.<col> IS 'Values: 0=<label>, 1=<label>';
-
-CREATE INDEX idx_<name>_<col> ON public.tbl_<name> (<col>);
-
-GRANT SELECT, INSERT, UPDATE, DELETE ON public.tbl_<name> TO <db_user>;
-```
-
-All ALTER and DROP migrations wrapped in `BEGIN; ... COMMIT;`.

package/ide/cursor/.cursor/rules/05-reactjs.mdc

@@ -1,147 +0,0 @@
----
-description: codeninja ReactJS Frontend — scaffolding, modularize, validate-page, integrate-api
-globs: ["**/src/**/*.jsx", "**/src/**/*.js", "**/public/**", "**/.htaccess"]
-alwaysApply: false
----
-
-# codeninja — ReactJS Frontend
-
-## Backend Linking Rule (enforced)
-ReactJS service CANNOT initialize without a linked NodeJS service.
-Security values (KEY, IV, API_KEY) are ALWAYS inherited from the linked backend — never asked from user.
-
-## /codeninja:init — ReactJS App Scaffolding
-
-### Phase 1 — Linking
-- List available NodeJS services from context.services
-- Ask: which NodeJS service to link to?
-- Auto-inherit: encryption_key, encryption_iv, api_key from linked service
-- Ask: service name, description
-
-### Phase 2 — Single Confirmation, Then Generate ALL Files
-
-**Wave 1:** package.json, .env (inherited values), .env.example, .gitignore, README.md,
-public/index.html, public/assets/css/style.css (empty reset), public/robots.txt,
-public/favicon.ico (placeholder), .htaccess (root), public/.htaccess
-
-**Wave 2:** src/api/apiClient.js, src/api/apiHandler.js
-
-**Wave 3:** src/pages/Welcome/index.jsx, src/pages/Welcome/Welcome.module.css,
-src/App.jsx, src/index.jsx, src/components/.gitkeep
-
-**Wave 4:** Dockerfile, nginx.conf, .dockerignore
-
-Completion gate — verify before proceeding:
-- public/index.html, src/api/apiClient.js, src/api/apiHandler.js, src/App.jsx, src/index.jsx, .env
-
-### apiClient.js — 4 Responsibilities
-1. Static headers: `api-key` (from REACT_APP_API_KEY), `Accept-Language`, `Content-Type: text/plain`
-2. Request interceptor: encrypt body; attach AES-encrypted `token` from localStorage (`wa_token`) if present
-3. Response interceptor (success): decrypt body; parse JSON; code -1 → logout redirect
-4. Response interceptor (error): ERR_NETWORK / 401 → logout redirect + error message
-
-### apiHandler.js Standard
-- One async function per API endpoint
-- Each calls `axiosClient.post/get/put/patch/delete(path, payload)` and returns directly
-- No try/catch, no decryption, no response shaping in this file
-- Only place in frontend where API endpoint paths are written
-
----
-
-## /codeninja:modularize — Extract Layout Components
-
-**Rule:** Layout structure only — NEVER touch business logic, state, API calls, event handlers.
-NEVER create a component that already exists — reuse it.
-
-1. Ask: which ReactJS service
-2. Ask: all pages OR specific page
-3. Inventory existing `src/components/` — record name, path, structural role, props
-4. Scan target pages — identify repeated layout blocks (header, nav, footer, sidebar, etc.)
-5. Cross-check: if block matches existing component → mark "reuse", else "new component needed"
-6. Group blocks by similarity across pages — only extract if appears in 2+ pages
-7. Show extraction plan with component names, props, files to create, pages to update
-8. Ask: "Apply? (yes / no / adjust)"
-9. Generate each new component:
-   - `src/components/<ComponentName>/index.jsx` — props for varying values
-   - `src/components/<ComponentName>/<ComponentName>.module.css`
-10. Update each page: add import, replace extracted JSX with `<ComponentName prop={value} />`,
-    remove now-unused imports, remove moved CSS classes
-11. Call `context_write` — append to context.services[<n>].components
-
----
-
-## /codeninja:validate-page — Add Form Validation
-
-**Rule:** ONE page per run. NEVER modify API calls or business logic. NEVER overwrite existing validation.
-
-1. Ask: which ReactJS service, which page path
-2. Ask: validation library (Yup | React Hook Form | Parsley | Validator.js | Custom)
-3. Scan page: find all `<form>`, `<input>`, `<select>`, `<textarea>`, `<button type="submit">`
-4. For each field: record type, name, id, placeholder, label text, existing validation
-5. Detect existing validation patterns — skip already-validated fields
-6. Infer semantic type from label/name/placeholder → assign standard error messages:
-   - email: "Please enter a valid email address."
-   - password: "Password must be at least 8 characters."
-   - confirmPassword: "Password and confirm password do not match."
-   - phone: "Please enter a valid phone number."
-   - required generic: "This field is required."
-7. Assign missing `name` and `id` attributes (camelCase from label text)
-8. Show validation plan — ask: "Apply? (yes / no / adjust)"
-9. Apply by library:
-   - **Yup:** validationSchema above component, validateForm async function, `{errors.field && <span>...}`
-   - **RHF:** useForm hook, `{...register('field', rules)}`, `{errors.field && <span>...}`
-   - **Parsley:** CDN scripts in index.html, data-parsley-* attributes, useEffect init
-   - **Validator.js:** import validator, validateForm function with validator.isEmail() etc.
-   - **Custom:** plain JS validateForm — no imports
-10. Add `.errorMsg` class to page's `.module.css`
-11. Add package to package.json if needed (yup/react-hook-form/validator)
-12. Call `context_write` — append to context.services[<n>].validated_pages
-
----
-
-## /codeninja:integrate-api — Wire Forms to Backend
-
-**Rule:** ONE page per run. NEVER modify layout, CSS, or validation. ALWAYS use apiHandler.js.
-
-1. Ask: which ReactJS service, which page path
-2. Ask: all forms/buttons OR specific form/button
-3. Load: linked backend service, context.api_routes for that backend, page content, apiHandler.js
-4. Scan page: identify all forms, action buttons, existing API calls
-5. For each integration point, determine match type:
-   - existing handler → use as-is
-   - matching route in context.api_routes → add new handler to apiHandler.js
-   - no route exists → add TODO placeholder
-6. Design state requirements (loading, error, data states) per form
-7. Show integration plan with handler names, routes, match types, files to modify
-8. Ask: "Apply? (yes / no / adjust)"
-9. Apply:
-   - Append new functions to apiHandler.js (for new_handler and no_route matches)
-   - Add imports, state declarations, handler functions to page file (surgically — never rewrite)
-   - Wire form onSubmit / button onClick
-   - Add `disabled={loading}` and conditional button text
-   - Add `{error && <p className={styles.apiError}>{error}</p>}` above submit button
-   - Add `{successMsg && <p className={styles.successMsg}>{successMsg}</p>}` for non-nav actions
-   - Add useEffect for data-fetching handlers
-   - Add .apiError and .successMsg CSS classes to page's .module.css
-10. Call `context_write` — append to context.services[<n>].integrated_pages
-
-## File Structure
-```
-<service_name>/
-  public/
-    assets/css/style.css    ← global styles
-    index.html              ← single HTML shell
-    .htaccess               ← SPA routing
-  src/
-    api/
-      apiClient.js          ← Axios + encrypt/decrypt interceptors
-      apiHandler.js         ← all API call functions
-    components/             ← shared reusable components
-    pages/<PageName>/       ← one directory per page
-      index.jsx
-      <PageName>.module.css
-    App.jsx                 ← React Router root
-    index.jsx               ← ReactDOM.createRoot entry
-  .env                      ← REACT_APP_* (gitignored)
-  .env.example
-```

package/ide/cursor/.cursor/rules/06-code-intelligence.mdc

@@ -1,112 +0,0 @@
----
-description: codeninja code intelligence — loaded for explain, review, debug, optimize, audit commands
-globs: ["**/*"]
-alwaysApply: false
----
-
-# codeninja — Code Intelligence
-
-All analysis commands use real project context — real file names, real column names,
-real service names from context.json. Never generic advice.
-
-## Before Any Analysis
-`context_read` → `fs_read` target → read 1–2 sibling files for pattern comparison.
-
-## /codeninja:explain
-```
-What it is     → 1–2 sentences, plain English
-How it works   → step-by-step key logic (skip boilerplate)
-Why this way   → architectural decision specific to this project
-Where connects → related files, functions, context entries
-```
-Use real names throughout. End: "Want me to explain further or show how to modify it?"
-
-## /codeninja:review — Checklist
-
-| Category | Level if failing | Checks |
-|----------|-----------------|--------|
-| Security | CRITICAL | POST/PUT/PATCH has validatorjs; apiKey middleware present; JWT on protected routes; no hardcoded secrets; parameterized SQL only; errors don't leak internals |
-| Architecture | WARNING | No SQL in route.js; no res.json() in _model.js; route_manager.js registered; swagger has entry; all strings in languages/en.js |
-| Code Quality | SUGGESTION | JSDoc on every function; no unused imports; no console.log; try/catch on async; no SELECT * |
-| Database | WARNING | Column names match context.db.schema; FK columns indexed; transactions on multi-write; LIMIT on unbounded queries |
-
-Output per finding:
-```
-[CRITICAL|WARNING|SUGGESTION]
-File:   path (~line N)
-Issue:  one-line description
-Before: current code
-After:  corrected code
-Why:    one sentence
-```
-End: `X critical · Y warnings · Z suggestions`
-Offer to apply. Confirm each before writing.
-
-## /codeninja:debug — Root Cause Process
-
-Gather: error + stack trace, endpoint, expected vs actual, recent changes.
-
-Request lifecycle trace order:
-```
-Language middleware → API key → JWT auth → Rate limit → Validation → Handler → Model → DB → Response
-```
-
-Common root causes:
-| Symptom | Check |
-|---------|-------|
-| `column does not exist` | context.db.schema vs code column names |
-| `undefined is not a function` | wrong import or missing export |
-| `Cannot read property` | missing null check after 0-row DB result |
-| `401 Unauthorized` | middleware order, header name spelling |
-| `500` | missing try/catch on async DB call |
-| Wrong row count | RANK vs DENSE_RANK, missing WHERE, missing dedup |
-| Migration not applied | table in code but not in DB — run migration |
-
-Fix output:
-```
-Root cause: [precise one sentence]
-File: path
-Before: [buggy code]
-After:  [fixed code]
-Why:    [one sentence]
-```
-Confirm before applying. Suggest one prevention guard after fix.
-
-## /codeninja:optimize — Analysis Checks
-
-DB queries (cross-reference `context.db.schema.<table>.indexes`):
-- Missing index on WHERE/JOIN/ORDER BY column → `CREATE INDEX CONCURRENTLY`
-- `SELECT *` → explicit column list
-- N+1 loop → JOIN or IN clause
-- No `LIMIT` on list queries
-- `RANK()` on leaderboards → `DENSE_RANK()` (no gaps after ties)
-- `DATE(col)` in WHERE → range filter (preserves index use)
-- Duplicate rows → `MIN(id) GROUP BY` dedup
-- Sort spilling to disk → `SET work_mem = '64MB'` session-level
-
-API routes:
-- Repeated DB calls → Redis cache suggestion
-- Missing pagination on list endpoints
-
-Output:
-```
-[HIGH|MED|LOW]
-Target:  what is slow
-Cause:   why it is slow
-Fix:     exact SQL or code
-Gain:    concrete estimate
-```
-For index additions: `migration_next_number` → generate `.sql` migration.
-`context_write` after applying index changes.
-
-## /codeninja:audit — Full Service
-
-Runs full review checklist PLUS:
-- `analyze_middleware_order` MCP tool
-- `analyze_encryption_library` MCP tool
-- `analyze_language_keys` MCP tool
-- `analyze_dependencies` MCP tool
-- `analyze_env_file` MCP tool
-- context.db.schema vs actual code column/table references
-
-Output: severity-ranked report by category. Auto-fix SUGGESTION. Confirm WARNING/CRITICAL.