Marketplace

Encrypt or hash sensitive data: - Passwords: Use bcrypt (has_secure_password in Rails) - API keys: Encrypt with application-level encryption - PII:...

When adding or updating dependencies, always use the latest stable version: - Check the official registry before adding (rubygems.org, npmjs.com, p...

Prohibited excuses: "pre-existing", "unrelated errors", "would require refactoring", "tedious", "for now", "at this point", "tired", "frustrating",...

You are the only coder. Every line was written by you (this or previous sessions). There are no "pre-existing issues" - only issues you created and...

You do not define success. The user and the test suite do. Do not redefine scope, declare victory on your terms, or summarize partial progress as c...

Use `uv` as the default Python package manager - it's the preferred choice: - 10-100x faster than pip/poetry - Built-in virtual environment managem...

Use Rails built-in authentication (has_secure_password, authenticate_by) for all authentication logic. Never use Devise, Sorcery, Clearance, or sim...

Always use Strong Parameters to whitelist attributes: - Define permitted params in a private method - Never use `.permit!` which allows all attribu...

Separate authentication (who are you?) from authorization (what can you do?): Authentication: - Use secure password hashing (bcrypt) - Implement r...

Force HTTPS for all traffic: - Configure SSL/TLS in production - Redirect HTTP to HTTPS - Use secure cookies (Secure, HttpOnly, SameSite) - Set HST...

Never trust user input - validate and sanitize everything: - Use allowlists, not denylists - Validate type, length, format, and range - Sanitize HT...

If you encounter a test failure, do not ignore it or mark it as skipped. - Investigate the root cause immediately - If it's a real bug, fix it befo...

When writing unit tests, never mock the class you are testing. You should test the real instance of the class to ensure it behaves correctly. Mocki...

Ensure your changes work on your local machine before pushing: - Run the application and manually verify changes - Run the full test suite - Check ...

Follow REST conventions for predictable APIs: - GET /resources - List all - GET /resources/:id - Show one - POST /resources - Create - PUT/PATCH /r...

Follow 12-factor app principles for configuration: - Store config in environment variables, not in code - Use .env files for local development (nev...

Always add database indexes for: - Foreign keys (Rails doesn't add these automatically) - Columns used in WHERE clauses - Columns used in ORDER BY ...

Wrap multi-step database operations in transactions: - Ensures all-or-nothing execution - Prevents partial updates on failure - Maintains data cons...

Use async database drivers with FastAPI: - asyncpg for PostgreSQL - SQLAlchemy 2.0 async mode - databases package for simple queries ```python fro...

Use FastAPI's Depends() for dependency injection: - Database sessions - Authentication - Configuration - External services ```python from fastapi ...

Define explicit Pydantic models for all API inputs and outputs: - Automatic validation and documentation - Type safety with IDE support - Clear API...

Prefer async/await for asynchronous code: - More readable than callbacks or .then() chains - Easier error handling with try/catch - Works naturally...

Always use `const` by default, `let` when reassignment is needed: - `const`: Block-scoped, cannot be reassigned - `let`: Block-scoped, can be reass...

Always use TypeScript instead of plain JavaScript: - Catch errors at compile time - Better IDE support and refactoring - Self-documenting code - Sa...

Use async/await for I/O-bound operations: - HTTP requests (use httpx or aiohttp) - Database queries (use asyncpg, databases) - File operations (use...

Add type hints to all function signatures and class attributes: - Enables static analysis with mypy/pyright - Improves IDE autocompletion - Documen...

Standard uv project structure: ``` myproject/ ├── pyproject.toml # Project config and dependencies ├── uv.lock # Locked dependencies ...

Use eager loading to prevent N+1 queries: - `includes`: For associations you'll access - `preload`: Force separate queries (useful for complex cond...

Keep controllers thin - they should only: - Authenticate and authorize - Parse params and set instance variables - Call model/service methods - Ren...

Move slow operations to background jobs: - Email sending - File processing - External API calls - Report generation - Data imports/exports Use Sol...

Don't rely solely on ActiveRecord validations - add database constraints: - NOT NULL for required fields - UNIQUE indexes for unique fields - Forei...

For Rails 7+ applications, prefer Hotwire (Turbo + Stimulus) over React/Vue: - Turbo Drive: Automatic AJAX page transitions - Turbo Frames: Partial...

Use Minitest for all tests. Do not add RSpec to the project. Minitest is: - Rails default, zero configuration - Faster boot time - Simpler syntax,...

Always use functional components with hooks, not class components: - Simpler, less boilerplate - Better TypeScript support - Easier to test - Hooks...

Use a data fetching library instead of useEffect + fetch: - Automatic caching and revalidation - Loading and error states - Optimistic updates - Re...

In Ruby, favor composition and modules over deep inheritance hierarchies: - Use modules for shared behavior (concerns in Rails) - Inject dependenci...

Avoid mocking internal code or private methods. Mocks should be used only at system boundaries: - External HTTP APIs (use WebMock, VCR, or similar)...

Follow Test-Driven Development for new features and bug fixes: 1. RED: Write a failing test that defines the expected behavior 2. GREEN: Write the ...

Write tests that verify behavior, not internal implementation: - Test public interfaces, not private methods - Focus on inputs and outputs - Tests ...

Before every commit, run the full quality pipeline: 1. Format code (prettier, black, rubocop --autocorrect, etc.) 2. Run linter (eslint, pylint, ru...

Add `# frozen_string_literal: true` to the top of Ruby files: - Prevents accidental string mutation - Improves memory usage and performance - Catch...

Use a consistent error response format across all endpoints: ```json { "error": { "code": "validation_error", "message": "Validation fai...

Include version in your API URLs or headers: - URL versioning: `/api/v1/users` - Header versioning: `Accept: application/vnd.api+json; version=1` ...

Make small, focused commits that do one thing well. Use Conventional Commits: - feat: new feature - fix: bug fix - refactor: code restructuring wit...

Configure ESLint with recommended rules: ```json { "extends": [ "eslint:recommended", "plugin:@typescript-eslint/recommended", "plugi...

Use Black for formatting and Ruff for linting: - Black: Uncompromising code formatter (no configuration debates) - Ruff: Extremely fast linter (rep...

Use dataclasses for simple data containers, Pydantic for validation: ```python from dataclasses import dataclass from pydantic import BaseModel #...

Use pytest as your testing framework: - Simple assert statements - Powerful fixtures for setup/teardown - Parametrized tests for multiple inputs - ...

Define scripts in pyproject.toml for common commands: ```toml [project.scripts] myapp = "myproject.main:main" [tool.uv.scripts] dev = "fastapi de...

Use uv workspaces for multi-package Python projects: ```toml # Root pyproject.toml [tool.uv.workspace] members = ["packages/*"] [tool.uv.sources]...

Always use `has_many :through` instead of `has_and_belongs_to_many`: - Allows adding attributes to the join model - Provides a model for the join t...

Define scopes for frequently used query conditions: - Makes code more readable - Enables method chaining - Centralizes query logic - Easier to test...

When props need to pass through multiple levels, use Context or state management: - React Context for static/rarely changing data - Zustand/Jotai f...

Be intentional about method return values: - Methods that perform actions should return meaningful results or self - Query methods should return th...

Leverage modern Ruby features for cleaner code: - Pattern matching: `case obj in { name:, age: } then ...` - Endless methods: `def square(x) = x * ...

For web applications, prefer integration/request tests over isolated unit tests: - Test the full request/response cycle - Catch issues with middlew...

Each test should verify one logical concept: - Multiple assertions are fine if they test the same thing - Separate tests for separate behaviors - C...

Use fixtures for consistent test data. Fixtures are: - Fast: loaded at database level, not through ActiveRecord - Simple: YAML files, no DSL to lea...