elias/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-06-14 07:13:35 +08:00
Code Issues Packages Projects Releases Wiki Activity
everything-claude-code/.kiro/skills/nestjs-patterns/SKILL.md
Vu Thanh Tai 4ad5756899
feat: expand Kiro adapter to full language coverage (#2101) 
* feat: expand Kiro adapter to full language coverage

- Add 17 new agents (typescript, rust, kotlin, java, cpp, django, swift,
  fsharp, pytorch, mle, performance-optimizer) in both .md and .json formats
- Add 25 new skills (rust, kotlin, java/spring, django, fastapi, nestjs,
  react, nextjs, cpp, swift, mle/pytorch, deep-research, strategic-compact,
  autonomous-loops, content-hash-cache-pattern)
- Add 6 new language-specific steering files (rust, kotlin, java, cpp, php, ruby)
- Add 3 new hooks (rust-check-on-edit, python-lint-on-edit, security-check-on-create)
- Update README with expanded component inventory and documentation
- Fix install.sh line endings for macOS compatibility

Total Kiro components: 33 agents, 43 skills, 22 steering files, 13 hooks

* fix: resolve P1/P2 violations in Kiro agents, skills, and steering

- java-patterns.md: remove reference to non-existent quarkus-patterns skill
- kotlin-patterns.md: fix insecure BuildConfig recommendation for secrets
- swift-actor-persistence: fix Swift version claim (5.9+) and Dictionary crash
- java-reviewer.md: add recursive framework detection + robust diff chain
- kotlin-reviewer.md: replace unreliable diff detection with fallback chain
- rust-reviewer.md: add diff fallback + make CI gating mandatory
- jpa-patterns: add DISTINCT to fetch-join query to prevent duplicates
- django-reviewer.md: add migration safety check, narrow save() rule,
  fix pytest-django behavior description

* fix: resolve remaining violations in Kiro agents, skills, and docs

Agents:
- java-build-resolver.md: remove quarkus-patterns ref, fix 'Initialise' spelling
- java-reviewer.json: remove quarkus-patterns ref from prompt
- mle-reviewer.md, cpp-build-resolver.md, java-build-resolver.md,
  performance-optimizer.md: fix allowedTools 'read' -> 'fs_read'

Hooks:
- rust-check-on-edit: fix description to match askAgent behavior

Skills:
- content-hash-cache-pattern: hyphenate 'Content-Hash-Based'
- cpp-testing: hyphenate 'real-time'
- django-security: use placeholder secrets, fix CSRF_COOKIE_HTTPONLY=False
- nestjs-patterns: add Logger to HttpExceptionFilter for non-Http errors
- react-patterns: add React 19 compatibility note for useActionState
- rust-patterns: remove edition-specific 'Rust 2024+' reference
- springboot-patterns: cap exponential backoff, recommend Resilience4j
- springboot-security: fix invalid @Query SQL injection example
- swift-protocol-di-testing: add thread-safety doc comment to mock

Docs:
- README.md: fix Project Structure counts (33/43/22/13)

* fix: sync README tree with counts, restore local diff in kotlin-reviewer, correct django FK index guidance

- README.md: Project Structure tree now lists all 33 agents, 43 skills,
  22 steering files, and 13 hooks (was showing old subset)
- kotlin-reviewer.md: restore git diff --staged / git diff for local
  pre-commit review before falling back to HEAD~1
- django-reviewer.md: clarify that ForeignKey fields are indexed by
  default; only flag missing db_index on non-FK filter columns
2026-06-07 13:26:37 +08:00

238 lines
6.5 KiB
Markdown
Raw Blame History

---
name: nestjs-patterns
description: NestJS architecture patterns for modules, controllers, providers, DTO validation, guards, interceptors, config, and production-grade TypeScript backends.
origin: ECC
---
# NestJS Development Patterns
Production-grade NestJS patterns for modular TypeScript backends.
## When to Activate
- Building NestJS APIs or services
- Structuring modules, controllers, and providers
- Adding DTO validation, guards, interceptors, or exception filters
- Configuring environment-aware settings and database integrations
- Testing NestJS units or HTTP endpoints
## Project Structure
```text
src/
├── app.module.ts
├── main.ts
├── common/
│ ├── filters/
│ ├── guards/
│ ├── interceptors/
│ └── pipes/
├── config/
│ ├── configuration.ts
│ └── validation.ts
├── modules/
│ ├── auth/
│ │ ├── auth.controller.ts
│ │ ├── auth.module.ts
│ │ ├── auth.service.ts
│ │ ├── dto/
│ │ ├── guards/
│ │ └── strategies/
│ └── users/
│ ├── dto/
│ ├── entities/
│ ├── users.controller.ts
│ ├── users.module.ts
│ └── users.service.ts
└── prisma/ or database/
```
- Keep domain code inside feature modules.
- Put cross-cutting filters, decorators, guards, and interceptors in `common/`.
- Keep DTOs close to the module that owns them.
## Bootstrap and Global Validation
```ts
async function bootstrap() {
const app = await NestFactory.create(AppModule, { bufferLogs: true });
app.useGlobalPipes(
new ValidationPipe({
whitelist: true,
forbidNonWhitelisted: true,
transform: true,
transformOptions: { enableImplicitConversion: true },
}),
);
app.useGlobalInterceptors(new ClassSerializerInterceptor(app.get(Reflector)));
app.useGlobalFilters(new HttpExceptionFilter());
await app.listen(process.env.PORT ?? 3000);
}
bootstrap();
```
- Always enable `whitelist` and `forbidNonWhitelisted` on public APIs.
- Prefer one global validation pipe instead of repeating validation config per route.
## Modules, Controllers, and Providers
```ts
@Module({
controllers: [UsersController],
providers: [UsersService],
exports: [UsersService],
})
export class UsersModule {}
@Controller('users')
export class UsersController {
constructor(private readonly usersService: UsersService) {}
@Get(':id')
getById(@Param('id', ParseUUIDPipe) id: string) {
return this.usersService.getById(id);
}
@Post()
create(@Body() dto: CreateUserDto) {
return this.usersService.create(dto);
}
}
@Injectable()
export class UsersService {
constructor(private readonly usersRepo: UsersRepository) {}
async create(dto: CreateUserDto) {
return this.usersRepo.create(dto);
}
}
```
- Controllers should stay thin: parse HTTP input, call a provider, return response DTOs.
- Put business logic in injectable services, not controllers.
- Export only the providers other modules genuinely need.
## DTOs and Validation
```ts
export class CreateUserDto {
@IsEmail()
email!: string;
@IsString()
@Length(2, 80)
name!: string;
@IsOptional()
@IsEnum(UserRole)
role?: UserRole;
}
```
- Validate every request DTO with `class-validator`.
- Use dedicated response DTOs or serializers instead of returning ORM entities directly.
- Avoid leaking internal fields such as password hashes, tokens, or audit columns.
## Auth, Guards, and Request Context
```ts
@UseGuards(JwtAuthGuard, RolesGuard)
@Roles('admin')
@Get('admin/report')
getAdminReport(@Req() req: AuthenticatedRequest) {
return this.reportService.getForUser(req.user.id);
}
```
- Keep auth strategies and guards module-local unless they are truly shared.
- Encode coarse access rules in guards, then do resource-specific authorization in services.
- Prefer explicit request types for authenticated request objects.
## Exception Filters and Error Shape
```ts
@Catch()
export class HttpExceptionFilter implements ExceptionFilter {
private readonly logger = new Logger(HttpExceptionFilter.name);
catch(exception: unknown, host: ArgumentsHost) {
const response = host.switchToHttp().getResponse<Response>();
const request = host.switchToHttp().getRequest<Request>();
if (exception instanceof HttpException) {
return response.status(exception.getStatus()).json({
path: request.url,
error: exception.getResponse(),
});
}
this.logger.error(
`Unhandled exception at ${request.url}: ${exception instanceof Error ? exception.message : exception}`,
exception instanceof Error ? exception.stack : undefined,
);
return response.status(500).json({
path: request.url,
error: 'Internal server error',
});
}
}
```
- Keep one consistent error envelope across the API.
- Throw framework exceptions for expected client errors; log and wrap unexpected failures centrally.
## Config and Environment Validation
```ts
ConfigModule.forRoot({
isGlobal: true,
load: [configuration],
validate: validateEnv,
});
```
- Validate env at boot, not lazily at first request.
- Keep config access behind typed helpers or config services.
- Split dev/staging/prod concerns in config factories instead of branching throughout feature code.
## Persistence and Transactions
- Keep repository / ORM code behind providers that speak domain language.
- For Prisma or TypeORM, isolate transactional workflows in services that own the unit of work.
- Do not let controllers coordinate multi-step writes directly.
## Testing
```ts
describe('UsersController', () => {
let app: INestApplication;
beforeAll(async () => {
const moduleRef = await Test.createTestingModule({
imports: [UsersModule],
}).compile();
app = moduleRef.createNestApplication();
app.useGlobalPipes(new ValidationPipe({ whitelist: true, transform: true }));
await app.init();
});
});
```
- Unit test providers in isolation with mocked dependencies.
- Add request-level tests for guards, validation pipes, and exception filters.
- Reuse the same global pipes/filters in tests that you use in production.
## Production Defaults
- Enable structured logging and request correlation ids.
- Terminate on invalid env/config instead of booting partially.
- Prefer async provider initialization for DB/cache clients with explicit health checks.
- Keep background jobs and event consumers in their own modules, not inside HTTP controllers.
- Make rate limiting, auth, and audit logging explicit for public endpoints.
Reference in New Issue View Git Blame Copy Permalink