everything-claude-code

elias/everything-claude-code

Fork 0

mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-06-16 16:36:53 +08:00

Commit Graph

Author	SHA1	Message	Date
Bujidao	86e2a2061a	feat: add Vue ecosystem review support	2026-06-12 19:14:31 +08:00
Bujidao	ff8b1c4b37	feat(rules): add Vue architecture patterns and security rules Add rules/vue/patterns.md: - Presentational vs Container component design - Provide/Inject, Scoped Slots, Teleport (with 3.5+ defer prop) - State management decision tree and Pinia Setup Store patterns - Vue Router navigation guards, lazy loading, reactive route params - v-for/v-if patterns, v-model (Vue 3.4+ defineModel) - Scoped CSS (:deep, :slotted), KeepAlive with max, Dynamic Components - Vue 3.5+ new APIs: useId(), data-allow-mismatch, Suspense - Nuxt-specific patterns and Vue 2 migration notes Add rules/vue/security.md: - v-html XSS audit (DOMPurify sanitization checklist) - Unsafe URL binding validation (javascript:/data: scheme prevention) - Custom directive innerHTML injection - Secret exposure via VITE_ prefix and Nuxt runtimeConfig - Nuxt Nitro server API input validation with zod - localStorage/sessionStorage token risks, SSR browser API guards - target=_blank rel=noopener, CSP minimum policy - Prototype pollution, source maps in production - Vue 3.5+ SSR hydration mismatch security notes	2026-06-12 17:53:49 +08:00

Author

SHA1

Message

Date

Bujidao

86e2a2061a

feat: add Vue ecosystem review support

2026-06-12 19:14:31 +08:00

Bujidao

ff8b1c4b37

feat(rules): add Vue architecture patterns and security rules

Add rules/vue/patterns.md:
- Presentational vs Container component design
- Provide/Inject, Scoped Slots, Teleport (with 3.5+ defer prop)
- State management decision tree and Pinia Setup Store patterns
- Vue Router navigation guards, lazy loading, reactive route params
- v-for/v-if patterns, v-model (Vue 3.4+ defineModel)
- Scoped CSS (:deep, :slotted), KeepAlive with max, Dynamic Components
- Vue 3.5+ new APIs: useId(), data-allow-mismatch, Suspense
- Nuxt-specific patterns and Vue 2 migration notes

Add rules/vue/security.md:
- v-html XSS audit (DOMPurify sanitization checklist)
- Unsafe URL binding validation (javascript:/data: scheme prevention)
- Custom directive innerHTML injection
- Secret exposure via VITE_ prefix and Nuxt runtimeConfig
- Nuxt Nitro server API input validation with zod
- localStorage/sessionStorage token risks, SSR browser API guards
- target=_blank rel=noopener, CSP minimum policy
- Prototype pollution, source maps in production
- Vue 3.5+ SSR hydration mismatch security notes

2026-06-12 17:53:49 +08:00

2 Commits