oh-my-customcode 0.36.1 → 0.37.0

package/templates/.claude/skills/django-best-practices/SKILL.md

@@ -16,26 +16,7 @@ Apply Django patterns for building production-ready, secure, and maintainable Py
 ```yaml
 structure:
   settings_split: true
-  layout: |
-    project/
-    ├── config/
-    │   ├── settings/
-    │   │   ├── base.py
-    │   │   ├── development.py
-    │   │   └── production.py
-    │   ├── urls.py
-    │   └── wsgi.py
-    ├── apps/
-    │   ├── core/           # Shared utilities, base models
-    │   ├── users/          # Custom User model (ALWAYS create)
-    │   └── {feature}/      # Feature-specific apps
-    ├── templates/
-    ├── static/
-    ├── requirements/
-    │   ├── base.txt
-    │   ├── development.txt
-    │   └── production.txt
-    └── manage.py
+  layout: "config/{settings/{base,development,production}.py,urls.py,wsgi.py} + apps/{core/,users/,<feature>/} + templates/ + static/ + requirements/{base,development,production}.txt"
 
 app_module_contents:
   models.py: Database models
@@ -50,6 +31,8 @@ app_module_contents:
   tests/: Test suite (mirror app structure)
 ```
 
+Reference: guides/django-best-practices/README.md
+
 ### 2. Models Best Practices
 
 ```yaml
@@ -57,15 +40,7 @@ custom_user_model:
   rule: ALWAYS create a custom User model, even if identical to default
   location: apps/users/models.py
   reason: Impossible to swap default User model mid-project
-  example: |
-    # apps/users/models.py
-    from django.contrib.auth.models import AbstractUser
-
-    class User(AbstractUser):
-        pass  # Can extend later without migrations
-
-    # config/settings/base.py
-    AUTH_USER_MODEL = 'users.User'
+  pattern: "Extend AbstractUser, set AUTH_USER_MODEL in settings"
 
 primary_key:
   default: BigAutoField
@@ -77,18 +52,6 @@ model_meta:
     - Meta.ordering: consistent default ordering
     - Meta.verbose_name: singular display name
     - Meta.verbose_name_plural: plural display name
-  example: |
-    class Article(models.Model):
-        title = models.CharField(max_length=200)
-        created_at = models.DateTimeField(auto_now_add=True)
-
-        class Meta:
-            ordering = ['-created_at']
-            verbose_name = 'article'
-            verbose_name_plural = 'articles'
-
-        def __str__(self):
-            return self.title
 
 query_optimization:
   foreign_key: select_related()    # Single SQL JOIN
@@ -107,18 +70,7 @@ indexing:
 
 constraints:
   use: Meta.constraints for database-level enforcement
-  example: |
-    class Meta:
-        constraints = [
-            models.UniqueConstraint(
-                fields=['user', 'article'],
-                name='unique_user_article'
-            ),
-            models.CheckConstraint(
-                check=models.Q(price__gte=0),
-                name='price_non_negative'
-            )
-        ]
+  types: "UniqueConstraint, CheckConstraint"
 
 soft_delete:
   pattern: is_active = models.BooleanField(default=True)
@@ -126,16 +78,10 @@ soft_delete:
 
 custom_managers:
   rule: Use managers for reusable querysets
-  example: |
-    class PublishedManager(models.Manager):
-        def get_queryset(self):
-            return super().get_queryset().filter(status='published')
-
-    class Article(models.Model):
-        objects = models.Manager()     # Keep default
-        published = PublishedManager() # Add custom
 ```
 
+Reference: guides/django-best-practices/README.md
+
 ### 3. Views Best Practices
 
 ```yaml
@@ -145,15 +91,6 @@ cbv_vs_fbv:
 
 thin_views:
   rule: Keep views thin — delegate business logic to services/models
-  wrong: |
-    def create_order(request):
-        # 50 lines of business logic in view
-  correct: |
-    def create_order(request):
-        form = OrderForm(request.POST)
-        if form.is_valid():
-            order = order_service.create(request.user, form.cleaned_data)
-            return redirect('order-detail', pk=order.pk)
 
 shortcuts:
   - get_object_or_404(Model, pk=pk): Returns 404 instead of 500
@@ -179,7 +116,7 @@ status_codes:
 ```yaml
 namespacing:
   app_name: Required in every app's urls.py
-  usage: reverse('app_name:url_name') or {% url 'app_name:url_name' %}
+  usage: "reverse('app_name:url_name') or {% url 'app_name:url_name' %}"
 
 syntax:
   prefer: path() over re_path() for clarity
@@ -187,56 +124,29 @@ syntax:
 
 naming:
   rule: Name ALL URL patterns
-  convention: "{resource}-{action}" (e.g., article-list, article-detail)
+  convention: "{resource}-{action} (e.g., article-list, article-detail)"
 
 inclusion:
   root_urls: Use include() for app-level URLs
-  example: |
-    # config/urls.py
-    urlpatterns = [
-        path('admin/', admin.site.urls),
-        path('api/', include('apps.api.urls', namespace='api')),
-        path('articles/', include('apps.articles.urls', namespace='articles')),
-    ]
-
-    # apps/articles/urls.py
-    app_name = 'articles'
-    urlpatterns = [
-        path('', ArticleListView.as_view(), name='list'),
-        path('<int:pk>/', ArticleDetailView.as_view(), name='detail'),
-    ]
 ```
 
+Reference: guides/django-best-practices/README.md
+
 ### 5. Forms & Validation
 
 ```yaml
 model_forms:
   rule: Use ModelForm when form maps to a model
-  fields: Explicitly list fields (never use fields = '__all__')
+  fields: "Explicitly list fields (never use fields = '__all__')"
 
 validation:
   field_level: clean_<field>() method
   cross_field: clean() method
   built_in: Use Django validators (MaxValueValidator, RegexValidator, etc.)
-
-example: |
-  class ArticleForm(forms.ModelForm):
-      class Meta:
-          model = Article
-          fields = ['title', 'body', 'status']
-
-      def clean_title(self):
-          title = self.cleaned_data['title']
-          if len(title) < 5:
-              raise forms.ValidationError('Title too short.')
-          return title
-
-      def clean(self):
-          cleaned = super().clean()
-          # Cross-field validation here
-          return cleaned
 ```
 
+Reference: guides/django-best-practices/README.md
+
 ### 6. Security
 
 ```yaml
@@ -287,22 +197,13 @@ test_classes:
 test_data:
   preferred: factory_boy or model_bakery
   avoid: fixtures (hard to maintain, slow)
-  example: |
-    import factory
-    from apps.users.models import User
-
-    class UserFactory(factory.django.DjangoModelFactory):
-        class Meta:
-            model = User
-        username = factory.Sequence(lambda n: f'user{n}')
-        email = factory.LazyAttribute(lambda o: f'{o.username}@example.com')
 
 request_testing:
   Client: Full request/response cycle (preferred for views)
   RequestFactory: Faster, no middleware (for unit testing views)
 
 settings_override:
-  decorator: '@override_settings(EMAIL_BACKEND="django.core.mail.backends.locmem.EmailBackend")'
+  decorator: '@override_settings(...)'
 
 coverage:
   target: 80%+
@@ -312,6 +213,8 @@ structure:
   mirror_app: tests/test_models.py, tests/test_views.py, tests/test_forms.py
 ```
 
+Reference: guides/django-best-practices/README.md
+
 ### 8. Performance
 
 ```yaml
@@ -322,15 +225,15 @@ n_plus_1_prevention:
   complex: Prefetch object with custom queryset
 
 partial_loading:
-  only: only('id', 'title', 'created_at')  # Load only these fields
-  defer: defer('body', 'metadata')          # Load all except these
-  values: values('id', 'title')             # Returns dicts (no ORM overhead)
-  values_list: values_list('id', flat=True) # Returns flat list
+  only: "only('id', 'title', 'created_at') — Load only these fields"
+  defer: "defer('body', 'metadata') — Load all except these"
+  values: "values('id', 'title') — Returns dicts (no ORM overhead)"
+  values_list: "values_list('id', flat=True) — Returns flat list"
 
 caching:
   backend: Redis (preferred), Memcached
-  view_cache: '@cache_page(60 * 15)' decorator
-  template_cache: '{% cache 500 sidebar %}' template tag
+  view_cache: "'@cache_page(60 * 15)' decorator"
+  template_cache: "'{% cache 500 sidebar %}' template tag"
   low_level: cache.get/set/delete for fine-grained control
 
 pagination:
@@ -339,8 +242,8 @@ pagination:
   drf: PageNumberPagination or CursorPagination
 
 bulk_operations:
-  create: Article.objects.bulk_create(articles, batch_size=1000)
-  update: Article.objects.bulk_update(articles, ['status'], batch_size=1000)
+  create: "bulk_create(articles, batch_size=1000)"
+  update: "bulk_update(articles, ['status'], batch_size=1000)"
   avoid: Loops calling .save() on many objects
 ```
 
@@ -351,17 +254,6 @@ serializers:
   standard_crud: ModelSerializer
   read_only: Use SerializerMethodField for computed values
   write_validation: validate_<field>() and validate() methods
-  example: |
-    class ArticleSerializer(serializers.ModelSerializer):
-        author_name = serializers.SerializerMethodField()
-
-        class Meta:
-            model = Article
-            fields = ['id', 'title', 'body', 'author_name', 'created_at']
-            read_only_fields = ['id', 'created_at']
-
-        def get_author_name(self, obj):
-            return obj.author.get_full_name()
 
 viewsets:
   standard: ModelViewSet for full CRUD
@@ -380,7 +272,6 @@ permissions:
 
 versioning:
   method: NamespaceVersioning or URLPathVersioning
-  example: "/api/v1/articles/" vs "/api/v2/articles/"
 
 throttling:
   anonymous: AnonRateThrottle
@@ -392,6 +283,8 @@ pagination:
   types: PageNumberPagination (simple), CursorPagination (large datasets)
 ```
 
+Reference: guides/django-best-practices/README.md
+
 ### 10. Deployment
 
 ```yaml

package/templates/.claude/skills/flutter-best-practices/SKILL.md

@@ -46,15 +46,7 @@ state_choice:
 
 build_context:
   rule: "Never store BuildContext across async gaps"
-  pattern: |
-    // BAD
-    final ctx = context;
-    await Future.delayed(Duration(seconds: 1));
-    Navigator.of(ctx).push(...); // context may be invalid
-
-    // GOOD
-    if (!mounted) return;
-    Navigator.of(context).push(...);
+  pattern: "Check mounted before using context after await"
 
 keys:
   ValueKey: "When items have unique business identity"
@@ -83,6 +75,8 @@ slivers:
   avoid: "Nested ListView in ListView"
 ```
 
+Reference: guides/flutter/fundamentals.md
+
 ### 2. State Management
 
 ```yaml
@@ -99,51 +93,26 @@ riverpod_patterns:
   async_state: "AsyncNotifier + AsyncValue (loading/data/error)"
   family: "family modifier for parameterized providers"
   keep_alive: "Only when justified (expensive computations)"
-  invalidate_vs_refresh: |
-    ref.invalidate(provider)  // reset to loading, lazy re-fetch
-    ref.refresh(provider)     // immediate re-fetch, return new value
+  invalidate_vs_refresh: "ref.invalidate() resets to loading (lazy); ref.refresh() immediate re-fetch"
 
 bloc_patterns:
   one_event_per_action: "One UI action = one event class"
-  cubit_vs_bloc: |
-    Cubit: direct emit(state) — for simple state changes
-    Bloc: event → state mapping — when audit trail needed
+  cubit_vs_bloc: "Cubit for simple state changes; Bloc when audit trail needed"
   never: "Emit state in constructor body"
-  listener_vs_consumer: |
-    BlocListener: side effects (navigation, snackbar)
-    BlocConsumer: rebuild UI + side effects
-    BlocBuilder: rebuild UI only (most common)
+  listener_vs_consumer: "BlocListener for side effects; BlocConsumer for UI + effects; BlocBuilder for UI only"
   stream_management: "Cancel subscriptions in close()"
 
 state_immutability:
   rule: "All state objects must be immutable"
   tool: "freezed package for copyWith/==/hashCode generation"
-  pattern: |
-    @freezed
-    class UserState with _$UserState {
-      const factory UserState({
-        required String name,
-        required int age,
-        @Default(false) bool isLoading,
-      }) = _UserState;
-    }
 
 result_type:
   rule: "Return Result<T> from repositories, never throw"
-  pattern: |
-    sealed class Result<T> {
-      const Result();
-    }
-    final class Ok<T> extends Result<T> {
-      const Ok(this.value);
-      final T value;
-    }
-    final class Error<T> extends Result<T> {
-      const Error(this.error);
-      final Exception error;
-    }
+  pattern: "sealed class Result<T> with Ok<T> and Error<T> subclasses"
 ```
 
+Reference: guides/flutter/state-management.md
+
 ### 3. Performance
 
 ```yaml
@@ -151,16 +120,7 @@ build_optimization:
   const_widgets: "Mark immutable widgets const — zero rebuild"
   localize_setState: "Call setState on smallest possible subtree"
   extract_widgets: "StatelessWidget class > helper method"
-  child_parameter: |
-    // GOOD: static child passed through
-    AnimatedBuilder(
-      animation: controller,
-      builder: (context, child) => Transform.rotate(
-        angle: controller.value,
-        child: child, // not rebuilt
-      ),
-      child: const ExpensiveWidget(), // built once
-    )
+  child_parameter: "Pass static child through AnimatedBuilder to avoid rebuild"
 
 rebuild_avoidance:
   consumer_placement: "Place Consumer/ListenableBuilder as deep as possible"
@@ -183,6 +143,8 @@ frame_budget:
   tool: "DevTools Performance view for jank detection"
 ```
 
+Reference: guides/flutter/performance.md
+
 ### 4. Testing
 
 ```yaml
@@ -192,36 +154,16 @@ test_pyramid:
   integration: "Full app on device — slow, high confidence"
   golden: "Visual regression via matchesGoldenFile()"
 
-widget_test_pattern: |
-  testWidgets('shows loading then content', (tester) async {
-    await tester.pumpWidget(
-      ProviderScope(
-        overrides: [productsProvider.overrideWith((_) => fakeProducts)],
-        child: const MaterialApp(home: ProductListScreen()),
-      ),
-    );
-    expect(find.byType(CircularProgressIndicator), findsOneWidget);
-    await tester.pumpAndSettle();
-    expect(find.byType(ProductCard), findsNWidgets(3));
-  });
+widget_test_pattern:
+  rule: "Use pumpWidget with ProviderScope overrides, then pump/pumpAndSettle for async"
 
 mocking:
   prefer: "mocktail (null-safe, no codegen)"
   avoid: "Legacy mockito with build_runner"
   fakes: "Use Fake implementations for deterministic tests"
-  pattern: |
-    class FakeProductRepository extends Fake implements ProductRepository {
-      @override
-      Future<Result<List<Product>>> getAll() async => Ok(testProducts);
-    }
-
-bloc_testing: |
-  blocTest<AuthBloc, AuthState>(
-    'emits [loading, success] when login succeeds',
-    build: () => AuthBloc(FakeAuthRepository()),
-    act: (bloc) => bloc.add(LoginRequested('user', 'pass')),
-    expect: () => [AuthLoading(), isA<AuthSuccess>()],
-  );
+
+bloc_testing:
+  rule: "Use blocTest<Bloc, State> with build/act/expect pattern"
 
 coverage_target:
   widget_tests: "80%+ for UI logic"
@@ -229,6 +171,8 @@ coverage_target:
   integration: "Critical user flows only"
 ```
 
+Reference: guides/flutter/testing.md
+
 ### 5. Security
 
 ```yaml
@@ -236,14 +180,14 @@ secrets:
   never: "Hardcode API keys, tokens, or credentials in source"
   best: "Backend proxy for all sensitive API calls"
   use: "--dart-define-from-file=.env for NON-SECRET build config only (feature flags, environment URLs)"
-  warning: "dart-define values are embedded in compiled binary and extractable via static analysis. Use only for non-secret build configuration (feature flags, environment URLs)."
+  warning: "dart-define values are embedded in compiled binary and extractable via static analysis"
 
 storage:
   sensitive_data: "flutter_secure_storage v10+ (Keychain/Keystore)"
   never: "SharedPreferences for tokens, PII, or credentials"
   ios: "AppleOptions(useSecureEnclave: true) for high-value"
   android: "AndroidOptions(encryptedSharedPreferences: true)"
-  web_warning: "flutter_secure_storage on Web uses localStorage by default, which is accessible to any JavaScript on the page (XSS vulnerable). For Web targets, use HttpOnly cookies managed by backend or in-memory-only storage for sensitive data."
+  web_warning: "flutter_secure_storage on Web uses localStorage by default (XSS vulnerable). Use HttpOnly cookies or in-memory-only for sensitive data."
 
 network:
   tls: "Certificate pinning (SPKI) for financial/health apps"
@@ -267,54 +211,35 @@ logging:
   never: "Log PII, tokens, or credentials"
 ```
 
+Reference: guides/flutter/security.md
+
 ### 6. Dart Language Patterns
 
 ```yaml
 naming:
-  types: "UpperCamelCase for classes, enums, typedefs, extensions, mixins (e.g., HttpClient, JsonParser)"
-  variables: "lowerCamelCase for variables, parameters, named constants (e.g., itemCount, defaultTimeout)"
-  libraries: "lowercase_with_underscores for libraries, packages, directories, source files (e.g., my_package, slider_menu.dart)"
-  constants: "lowerCamelCase for const (e.g., const defaultTimeout = 30), NOT SCREAMING_CAPS"
-  private: "Prefix with underscore for library-private (e.g., _internalCache, _helper())"
-  boolean: "Prefix with is/has/can/should for booleans (e.g., isEnabled, hasData, canScroll)"
-  avoid: "Hungarian notation, type prefixes (strName, lstItems), abbreviations unless universally known (e.g., ok: http, url, id; avoid: mgr, ctx, btn)"
+  types: "UpperCamelCase for classes, enums, typedefs, extensions, mixins"
+  variables: "lowerCamelCase for variables, parameters, named constants"
+  libraries: "lowercase_with_underscores for libraries, packages, directories, source files"
+  constants: "lowerCamelCase for const (NOT SCREAMING_CAPS)"
+  private: "Prefix with underscore for library-private"
+  boolean: "Prefix with is/has/can/should"
+  avoid: "Hungarian notation, type prefixes, abbreviations unless universally known"
 
 null_safety:
   default: "Non-nullable types — use ? only when null is meaningful"
   avoid_bang: "Minimize ! operator — use only when null is logically impossible"
   late: "Only when initialization is guaranteed before use"
-  pattern: |
-    // GOOD
-    final name = user?.name ?? 'Anonymous';
-
-    // AVOID
-    final name = user!.name; // crashes if null
 
 sealed_classes:
   use_for: "Exhaustive pattern matching on state/result types"
-  pattern: |
-    sealed class AuthState {}
-    class AuthInitial extends AuthState {}
-    class AuthLoading extends AuthState {}
-    class AuthSuccess extends AuthState { final User user; AuthSuccess(this.user); }
-    class AuthError extends AuthState { final String message; AuthError(this.message); }
-
-    // Exhaustive switch — compiler enforces all cases
-    return switch (state) {
-      AuthInitial() => LoginScreen(),
-      AuthLoading() => CircularProgressIndicator(),
-      AuthSuccess(:final user) => HomeScreen(user: user),
-      AuthError(:final message) => ErrorWidget(message),
-    };
+  pattern: "sealed class with subclass per state, exhaustive switch expression"
 
 records:
   use_for: "Lightweight multi-value returns without class boilerplate"
-  pattern: "(String name, int age) getUserInfo() => ('Alice', 30);"
   avoid: "Records for complex data — use freezed classes instead"
 
 extension_types:
   use_for: "Zero-cost type wrappers for primitive IDs"
-  pattern: "extension type UserId(int id) implements int {}"
 
 immutability:
   prefer: "final variables, const constructors"
@@ -331,48 +256,19 @@ dynamic:
   reason: "No compile-time type checking, reduces IDE support"
 ```
 
+Reference: guides/flutter/fundamentals.md
+
 ### 7. Architecture & Project Structure
 
 ```yaml
 default_structure:
-  small_app: |
-    lib/
-      models/
-      services/
-      screens/
-      widgets/
-  medium_app: |
-    lib/
-      ui/
-        core/themes/, core/widgets/
-        <feature>/<feature>_screen.dart
-        <feature>/<feature>_viewmodel.dart
-      data/
-        repositories/<entity>_repository.dart
-        services/<source>_service.dart
-      domain/ (optional)
-        use_cases/
-  large_app: |
-    lib/
-      core/ (shared)
-      features/<feature>/
-        data/datasources/, data/repositories/
-        domain/entities/, domain/usecases/
-        presentation/bloc/, presentation/pages/
+  small_app: "lib/{models,services,screens,widgets}/"
+  medium_app: "lib/{ui/{core/,<feature>/},data/{repositories/,services/},domain/}"
+  large_app: "lib/{core/,features/<feature>/{data/,domain/,presentation/}}"
 
 navigation:
   default: "go_router (official recommendation)"
-  pattern: |
-    GoRoute(
-      path: '/product/:id',
-      builder: (context, state) {
-        final id = state.pathParameters['id']!;
-        return ProductDetailScreen(id: id);
-      },
-    )
-  go_vs_push: |
-    context.go('/path')   // replaces stack (navigation reset)
-    context.push('/path') // adds to stack (back button works)
+  go_vs_push: "context.go() replaces stack; context.push() adds to stack"
 
 dependency_injection:
   riverpod: "Built-in — providers as DI (default)"
@@ -381,13 +277,12 @@ dependency_injection:
 
 environments:
   pattern: "Flavors + --dart-define for multi-environment builds"
-  command: "flutter run --flavor development --target lib/main/main_development.dart"
   rule: "Separate bundle IDs, API URLs, and Firebase config per flavor"
 ```
 
-## Default Stack
+Reference: guides/flutter/architecture.md
 
-When starting a new Flutter project, recommend this stack:
+## Default Stack
 
 ```yaml
 state_management: Riverpod 3.0
@@ -402,8 +297,6 @@ structure: Official MVVM (lib/{ui,data}/)
 
 ## Enterprise Stack
 
-For regulated or large-team projects:
-
 ```yaml
 state_management: BLoC 9.0 + Cubit
 navigation: go_router or auto_route