Use environment variables
hashicorp/terraformWhen working with configurations that require sensitive data (credentials, tokens, passwords), always use environment...
Prevent sensitive data exposure
bridgecrewio/checkovNever log or store sensitive information (passwords, tokens, secrets) in clear text. This common security vulnerabili...
Optimize allocation hotspots
netty/nettyIdentify and optimize object allocation in performance-critical paths by applying appropriate allocation strategies b...
Extract for clarity
elastic/elasticsearchExtract complex or reused logic into focused, well-named methods with single responsibilities. This improves code rea...
Protect sensitive data
bridgecrewio/checkovNever log, display, or store sensitive information like passwords, tokens, or secrets in clear text. This creates sig...
Comprehensive documentation standards
tokio-rs/axumCreate clear, well-structured API documentation following proper formatting, correct references, informative examples...
Use specific assertion methods
fastify/fastifyChoose the appropriate assertion method based on the data type being tested. This improves test readability and provi...
Consistent naming patterns
octokit/octokit.netFollow consistent naming conventions throughout the codebase to improve readability and maintainability: 1. **Client...
Handle async operation errors
elie222/inbox-zeroAlways wrap asynchronous operations in try-catch-finally blocks to prevent unhandled promise rejections and ensure pr...
Keep CI configurations minimal
laravel/frameworkWhen configuring CI workflows, include only the extensions, tools, and settings that are necessary for the specific t...
Spring code style
spring-projects/spring-frameworkFollow Spring Framework's code style guidelines to ensure consistency across the codebase. Key rules include: 1. **I...
Code for readability
opencv/opencvPrioritize human readability when writing code. Split complex expressions into steps with meaningful variable names. ...
Descriptive consistent naming
ghostty-org/ghosttyUse descriptive, consistent naming that follows language and platform conventions. Choose names that clearly communic...
Clean up your code
deeplearning4j/deeplearning4jMaintain clean, professional code by removing development artifacts and improving readability: 1. **Remove debug cod...
Design interfaces, not implementations
zed-industries/zedCreate intuitive API interfaces that abstract away implementation details while providing a consistent experience for...
Use testify assertion libraries
vitessio/vitessReplace manual if-error checks with `testify`'s `assert` and `require` packages to make tests more readable, maintain...
Eliminate redundant constructs
apache/mxnetRemove unnecessary coding patterns that add complexity without providing value. Focus on clarity and simplicity by: ...
Limit token permissions
chef/chefAlways specify the minimum required permissions for the GITHUB_TOKEN in GitHub Actions workflows to enhance security....
Eliminate code redundancy
vllm-project/vllmKeep your codebase maintainable by eliminating both unnecessary and duplicated code: 1. **Remove debugging artifacts...
Minimize allocation hotspots
spring-projects/spring-frameworkReduce object creation in performance-critical paths by carefully evaluating allocation patterns. For frequently inst...
Optimize for readability
dotnet/runtimeWrite code that clearly communicates intent by using appropriate naming and formatting techniques. Improve readabilit...
Device-agnostic acceleration code
pytorch/pytorchAvoid hardcoding specific device types like 'cuda' in AI code. Instead, use device-agnostic approaches such as device...
Craft actionable errors
opentofu/opentofuCreate error messages that provide precise context, avoid unnecessary details, and give users clear actions to take. ...
Names express clear intent
JetBrains/kotlinChoose names that clearly express intent and follow established conventions. Prefer explicit, descriptive names over ...
Sanitize all inputs
elie222/inbox-zeroProperly sanitize or escape all user-provided inputs before using them in sensitive contexts to prevent injection att...
Standardize platform-agnostic configuration
zed-industries/zedEnsure configuration handling is consistent and platform-agnostic by following these guidelines: 1. Use environment ...
Document code thoroughly
vllm-project/vllmAlways include comprehensive documentation for your code through both docstrings and explanatory comments. For clas...
Use proper types
tensorflow/tensorflowMaintain code clarity by using appropriate type declarations and parameter passing conventions: 1. **Prefer explicit...
Complete API documentation
spring-projects/spring-frameworkDocumentation should be complete, accurate, and follow Spring Framework conventions. Ensure your Javadocs include: 1...
Standardize configuration paths
quarkusio/quarkusFollow consistent patterns for storing and referencing configuration files across projects. Place custom configuratio...
Next.js directory structure
prowler-cloud/prowlerKeep the Next.js `/app` directory strictly for routing purposes as per framework conventions. Non-routing related cod...
Safe null handling
pola-rs/polarsAlways implement robust null handling patterns to prevent unexpected behavior and crashes. Consider all edge cases wh...
Extract duplicated code
pola-rs/polarsIdentify and extract duplicated code into reusable functions or move common fields to parent structures. This makes t...
Consistent descriptive naming
opencv/opencvUse clear, descriptive names that follow consistent patterns established in the codebase and broader programming stan...
TypeScript naming standards
langchain-ai/langchainjsFollow consistent naming conventions in TypeScript to improve code clarity, type safety, and developer experience: 1...
Handle errors with care
elie222/inbox-zeroAlways implement comprehensive error handling for asynchronous operations, external API calls, and database operation...
Optimize for code readability
laravel/frameworkPrioritize code readability over clever solutions by: 1. Using early returns to reduce nesting 2. Leveraging modern P...
Centralize dependency management
deeplearning4j/deeplearning4jManage dependencies at the top level using `
Restrict public access
bridgecrewio/checkovCloud resources should be configured to restrict public network access by default to minimize potential attack surfac...
Extract focused functions
bridgecrewio/checkovBreak down complex logic into small, well-named functions that each do one thing well. This improves code readability...
Consistent naming conventions
bridgecrewio/checkovMaintain consistent naming patterns throughout the codebase to improve readability and reduce confusion: 1. **Use de...
Type-safe flexible APIs
tokio-rs/axumDesign APIs that favor both type safety and flexibility. Use strongly typed wrappers instead of primitive types, but ...
Consistent semantic naming
vercel/aiUse clear, consistent, and semantic naming patterns across your codebase to improve readability and maintainability: ...
Prefer idiomatic Option handling
zed-industries/zedWhen handling null values in Rust, use idiomatic Option patterns instead of verbose nested conditionals. This improve...
Avoid magic numbers
vllm-project/vllmReplace hardcoded values and magic numbers in AI model code with named constants or configuration parameters. This im...
Propagate errors with context
vercel/turborepoProperly propagate errors to callers with sufficient context rather than handling them prematurely or hiding them. Le...
Release locks before waking
tokio-rs/tokioIn concurrent systems, it's critical to release locks before performing operations that might trigger reentrancy or b...
Use consistent error handling
tensorflow/tensorflowApply standardized error handling patterns across your codebase for improved reliability and debugging. For new code,...
Preserve API compatibility
spring-projects/spring-bootWhen evolving APIs, maintain backward compatibility to avoid breaking client code. Consider these guidelines: 1. **A...
Specific exceptions with context
dotnet/runtimeAlways throw the most specific exception type appropriate for the error condition and include contextual information ...
Optimize memory access
dotnet/runtimeWhen implementing performance-critical algorithms, carefully consider memory access patterns. Document alignment assu...
Follow naming patterns
dotnet/runtimeMaintain consistent naming patterns throughout your code to improve readability and maintainability. Follow these gui...
Self-documenting identifier names
rails/railsUse clear, self-documenting names for variables, methods, and classes that express intent without exposing unnecessar...
Layer security defenses
rails/railsImplement multiple layers of security throughout your application rather than relying on a single protection mechanis...
Verify token security level
quarkusio/quarkusWhen refreshing or updating authentication tokens, always verify the new token maintains or exceeds the original toke...
Appropriate error handling
pola-rs/polarsDistinguish between implementation errors (invariant violations) and expected failure cases. For implementation error...
Semantic over generic names
netty/nettyChoose specific, descriptive names that clearly convey purpose over generic or abbreviated identifiers. Names should ...
Document public APIs
netty/nettyAll public-facing APIs must be thoroughly documented with clear javadocs. This includes: 1. **Classes and interfaces...
Use transactions for consistency
elie222/inbox-zeroAlways wrap multiple related database operations in a transaction to ensure data consistency and prevent partial upda...
Remove commented code
elie222/inbox-zeroCommented-out code should be removed from the codebase rather than left as comments. Keeping commented code: 1. Clut...
Extract repeated code
grafana/grafanaIdentify and extract repeated code patterns into well-named functions to improve readability, maintainability, and te...
Code structure clarity
ghostty-org/ghosttyWrite code with clear structural organization that enhances readability and maintainability. Extract duplicated or co...
Explicit null handling
laravel/frameworkUse explicit identity comparisons for null checks and leverage modern PHP null-handling features to create more relia...
Documentation translation guidelines
fastapi/fastapiMaintain consistency and accuracy when translating documentation. Ensure technical terms and special formatting eleme...
Name reflects meaning
elastic/elasticsearchChoose names that clearly communicate the intent, behavior, and semantics of code elements. Names should be accurate,...
Remove debugging artifacts
deeplearning4j/deeplearning4jProduction code should be free from debugging artifacts that reduce readability and maintainability. Remove all debug...
Fail gracefully always
chef/chefEnsure code handles errors robustly by using protective patterns that prevent resource leaks, provide clear diagnosti...
Centralize environment variables
bridgecrewio/checkovAll environment variables should be defined in a centralized location (`checkov/common/util/env_vars_config.py`) rath...
Documentation quality standards
Azure/azure-sdk-for-netEnsure documentation is specific, complete, and actionable for developers: 1. **Provide meaningful content** - Avoid...
Axum Code Review: Interaction Patterns
tokio-rs/axumWhen implementing Axum-based applications, it is crucial to ensure that the interaction patterns between components a...
Vectorize over Python loops
vllm-project/vllmReplace Python loops and list comprehensions with vectorized operations when processing tensors or performing repeate...
Catch specific exception types
vllm-project/vllmAvoid using broad exception handlers like `except Exception:` or bare `except:`. Instead, catch specific exception ty...
Prevent concurrent access races
vitessio/vitessWhen sharing data across goroutines, always use proper synchronization mechanisms to prevent race conditions. Race co...
Meaningful consistent naming
vitessio/vitessUse descriptive, semantically clear names that follow consistent patterns throughout the codebase. Names should conve...
Names should be descriptive
astral-sh/uvUse clear, descriptive names while avoiding redundant qualifiers. Choose full words over abbreviations unless the abb...
Clear precise documentation
astral-sh/uvDocumentation should use direct, precise language that accurately describes components and their behavior. Maintain c...
Validate configurations comprehensively
vercel/turborepoWhen implementing configuration systems, ensure comprehensive validation, testing, and documentation. Key requirement...
Descriptive, unambiguous identifiers
vercel/turborepoChoose names that clearly express intent and behavior while avoiding ambiguity. Identifiers should communicate their ...
Write focused single-purpose tests
tokio-rs/tokioBreak down large test cases into smaller, focused tests that each verify a single feature or behavior. Each test shou...
Optimize algorithmic complexity
tokio-rs/tokioAlways consider the time and space complexity implications of your code. Choose data structures and algorithms that m...
Return results not panics
huggingface/tokenizersLibraries should never panic as this can crash applications using the library. Always return a `Result` type rather t...
Descriptive specific names
spring-projects/spring-frameworkChoose names that are specific, descriptive, and accurately reflect the purpose and domain of variables, methods, cla...
Optimize test case design
spring-projects/spring-bootWrite focused, efficient tests that validate core functionality without unnecessary complexity. Key principles: 1. T...
Follow consistent style conventions
spring-projects/spring-bootSpring Boot projects maintain specific coding style conventions for consistency and readability. When contributing co...
Explicit security configurations
spring-projects/spring-bootWhen configuring security-related features, always use the most specific configurer classes to make security decision...
Precise type narrowing
astral-sh/ruffImplement sound type narrowing algorithms that balance precision with correctness. When narrowing types: 1. For dire...
Organize tests for clarity
rails/railsStructure tests to maximize clarity and maintainability by: 1. Placing related tests together in appropriate test fil...
Optimize numerical precision
pytorch/pytorchWhen implementing AI operations that involve matrix multiplication or neural network components, explicitly support m...
Use configurable default values
prowler-cloud/prowlerMake configuration values flexible and robust by avoiding hardcoded values and providing sensible defaults. This ensu...
Specific exception handling
prowler-cloud/prowlerHandle exceptions with specificity rather than using broad catch-all blocks. Catch specific exception types, provide ...
Separate configuration lifecycles
opentofu/opentofuMaintain clear separation between different stages of configuration processing by creating dedicated structures for e...
Log effectively for debugging
opentofu/opentofuAlways include meaningful log messages at appropriate levels to aid in debugging and system monitoring. Follow these ...
Document intent and limitations
opentofu/opentofuClearly document the intended purpose, scope limitations, and design decisions in your code. For all exported types, ...
Follow GoDoc conventions
ollama/ollamaDocument code following Go's official documentation style guide (https://tip.golang.org/doc/comment). All exported fu...
Descriptive balanced naming
ollama/ollamaChoose identifier names that clearly communicate their purpose while maintaining an appropriate balance between brevi...
Use specific assertions
octokit/octokit.netAlways write assertions that verify specific, expected values rather than simple existence or boolean checks. This en...
Document public API elements
octokit/octokit.netEvery public API element (classes, methods, properties, constructors) must have XML documentation comments that clear...
Technical documentation precision
vercel/next.jsEnsure technical documentation is precise, accurate, and correctly formatted to prevent confusion and improve develop...
Secure Data Handling in Next.js Applications
vercel/next.jsWhen building Next.js applications that handle sensitive data, it's crucial to implement robust security measures to ...
Effective Cache Management in Next.js Applications
vercel/next.jsWhen implementing caching in Next.js applications, it is crucial to be intentional about the caching behavior for eac...
Design domain-specific error types
neondatabase/neonCreate and use domain-specific error types instead of generic errors or anyhow. This improves error handling clarity ...
Technical precision matters
apache/mxnetWhen documenting AI models, frameworks, and optimization techniques, precision in language is as important as precisi...
Effective API samples
JetBrains/kotlinCreate clear, comprehensive, and properly structured code samples to document API usage. Follow these principles: 1....
Use descriptive names
influxdata/influxdbNames in code should be self-documenting, accurately reflect purpose, and follow consistent conventions. Apply these ...
Promote code clarity
influxdata/influxdbWrite code that prioritizes clarity and maintainability over brevity. This involves several key practices: 1. **Extr...
Minimize critical path allocations
influxdata/influxdbAvoid unnecessary memory allocations in performance-critical code paths. These allocations not only consume memory bu...
Lock with defer unlock
influxdata/influxdbAlways follow the lock-defer-unlock pattern when protecting shared resources with mutexes. Acquire the lock, immediat...
Choose appropriate lock primitives
influxdata/influxdbSelect lock types based on access patterns - prefer RWLock over Mutex for read-heavy operations to enable concurrent ...
Documentation clarity and formatting
ghostty-org/ghosttyEnsure documentation is clear, precise, and consistently formatted. Key practices include: 1. **Be explicit and unam...
Use semantic exceptions
laravel/frameworkChoose exception types that accurately reflect the nature of the error. Use `LogicException` for developer errors lik...
Precise type annotations
laravel/frameworkAlways use the most specific and accurate type information possible in PHPDoc comments to improve static analysis, ID...
Write clear documentation
fastify/fastifyDocumentation should be clear, precise, and self-contained while following established style conventions. When writin...
Isolate configuration concerns
fastapi/fastapiKeep configuration settings separate from application code by using environment variables or dedicated configuration ...
Document all responses
fastapi/fastapiWhen designing APIs, thoroughly document all possible responses your endpoints can return, not just the "happy path" ...
Single source documentation
expressjs/expressMaintain documentation with a single source of truth to prevent inconsistencies and reduce maintenance burden. When i...
Enforce null safety patterns
expressjs/expressImplement comprehensive null safety patterns to prevent runtime errors and ensure predictable behavior. Follow these ...
Optimize before implementing
elastic/elasticsearchBefore implementing algorithms, evaluate their efficiency implications, especially for operations that may be execute...
Document API completely
deeplearning4j/deeplearning4jAll public APIs must have comprehensive and clear documentation that helps developers understand functionality withou...
Semantic naming patterns
crewaiinc/crewaiNames should clearly communicate purpose, relationships, and domain context. Choose identifiers that reveal intent an...
Prefer pythonic simplicity
crewaiinc/crewaiUse Python's expressive features to write cleaner, more maintainable code by reducing nesting and improving readabili...
Extract and organize methods
chef/chefBreak down large, complex methods into smaller, focused methods with clear names that describe their purpose. This im...
Write pythonic code
bridgecrewio/checkovEmbrace Python's idiomatic programming style to make your code more readable, concise, and maintainable. Follow these...
Safe dictionary access
bridgecrewio/checkovAlways use safe dictionary access patterns when handling potentially null or missing values. This prevents KeyError a...
Restrict public network
bridgecrewio/checkovAlways configure cloud resources to restrict or disable public network access unless explicitly required for the appl...
Choose optimal algorithms
bridgecrewio/checkovAlways select appropriate data structures and algorithms based on their performance characteristics and the specific ...
Write self-documenting tests
boto/boto3Tests should clearly communicate their purpose and expectations without requiring readers to analyze implementation d...
Use descriptive action names
apache/airflowNames should clearly indicate purpose and behavior using appropriate action verbs and descriptive terms. This applies...
Test through public APIs
zed-industries/zedWrite comprehensive tests that validate functionality through public interfaces rather than testing implementation de...
Follow logging best practices
vllm-project/vllmMaintain high-quality logging throughout the codebase by following these best practices: 1. **Use appropriate log le...
Check before access
vllm-project/vllmAlways verify that objects, attributes, and variables are not None before accessing their properties, calling their m...
Dynamic configuration needs validation
vitessio/vitessWhen implementing dynamic configuration options, validate that the system actually supports runtime changes for that ...
Descriptive consistent naming
vitejs/viteChoose variable, function, and class names that accurately reflect their purpose while maintaining consistency with e...
Structure for readability
astral-sh/uvOrganize code to maximize readability and maintainability. When code becomes complex, break it down into smaller, mor...
Redact URL credentials
astral-sh/uvAlways redact sensitive credentials in URLs before logging, displaying in error messages, or serializing to prevent a...
Organize tailwind classes
shadcn-ui/uiStructure your Tailwind CSS classes for readability and maintainability. Instead of long chains of conditional classe...
Structure conditional compilation
tokio-rs/tokioUse organized structural patterns for conditional compilation to improve code maintainability and readability. Avoid ...
Follow naming conventions
tokio-rs/tokioChoose names that follow established API conventions and guidelines to create a consistent, intuitive codebase: 1. F...
Meaningful consistent names
tensorflow/tensorflowChoose names that are both semantically precise and follow consistent conventions. Names should accurately reflect be...
Use AssertJ correctly
spring-projects/spring-frameworkSpring Framework tests must use AssertJ for assertions rather than JUnit's `Assertions`, Spring's `Assert` class, or ...
Maintain consistent naming patterns
spring-projects/spring-bootFollow established naming patterns and conventions throughout the codebase to ensure consistency and clarity. This in...
Consistent observability data
spring-projects/spring-bootWhen implementing observability features, always ensure consistency in your data model, especially with tags and attr...
Simplify code expressions
dotnet/runtimeStrive for clarity by simplifying code expressions and reducing unnecessary complexity. Complex or verbose expression...
Choose error strategies deliberately
astral-sh/ruffMake deliberate choices about error handling strategies based on the context. Decide between early returns with appro...
Database-specific query optimization
rails/railsLeverage database-specific features to optimize queries and improve performance. Different database engines have uniq...
Configure at proper scope
rails/railsPlace configuration options at their proper scope within the framework hierarchy. Avoid tight coupling between compon...
Meaningful error communication
quarkusio/quarkusError handling should be designed to provide clear, actionable information to developers while avoiding redundancy. F...
Document configuration comprehensively
quarkusio/quarkusConfiguration properties should be thoroughly documented with explicit details about constraints, units, default valu...
API evolution strategy
quarkusio/quarkusDesign APIs with future extensibility in mind by using parameter objects instead of direct method parameters. When an...
Document code rationale
pydantic/pydanticAdd clear comments that explain the "why" behind non-obvious code decisions, complex logic, or special-case handling....
Consistent term capitalization
pydantic/pydanticFollow consistent capitalization rules for technical terms, acronyms, and library names throughout your codebase and ...
Meaningful consistent naming
prowler-cloud/prowlerUse names that clearly describe the purpose and behavior of variables, methods, classes, and files, while maintaining...
Specify configuration behaviors
opentofu/opentofuWhen implementing configuration features (variables, flags, resources), thoroughly document their behavior in all sce...
Optimize code location scope
open-telemetry/opentelemetry-pythonPlace code in the most specific and appropriate location to improve findability and maintainability. Follow these pri...
Future-proof API design
open-telemetry/opentelemetry-pythonDesign APIs that can evolve without breaking existing code. Use keyword-only arguments (with `*,`) for optional param...
Use proper assertions
opencv/opencvWrite tests with proper assertions to ensure reliability and maintainability. Follow these guidelines: 1. **Check fo...
Use optimized functions
opencv/opencvWhen implementing algorithms, prefer using OpenCV's built-in optimized functions over writing custom implementations....
Maintain consistent style
octokit/octokit.netFollow established patterns consistently throughout the codebase to improve readability and maintainability: 1. **Us...
Simplify control flow
netty/nettyStreamline code by simplifying control flow structures to improve readability. Eliminate unnecessary nesting and verb...
Structure endpoints for REST
neondatabase/neonOrganize API endpoints hierarchically by resource type and use appropriate HTTP methods based on operation semantics....
Clear consistent identifier names
neondatabase/neonChoose clear, consistent, and non-redundant names for identifiers across the codebase. Follow these guidelines: 1. U...
Simplify for readability
apache/mxnetComplex expressions, especially nested ternary operations, reduce code readability and maintainability. Prefer simple...
Consistent naming patterns
apache/mxnetMaintain consistent naming conventions throughout the codebase to enhance readability and reduce confusion. This appl...
Use comprehensive JSDoc
langchain-ai/langchainjsAlways use JSDoc format (`/** */`) instead of regular comments (`//`) for documenting classes, functions, and interfa...
Preserve API backward compatibility
langchain-ai/langchainjsWhen modifying existing APIs, maintain backward compatibility by implementing changes in a non-breaking way. Use meth...
Simplify code structure
kubeflow/kubeflowStrive to simplify code structure by eliminating unnecessary complexity. This includes: 1. **Move conditions higher ...
Precise workflow triggers
kubeflow/kubeflowConfigure CI/CD workflows to trigger precisely based on relevant file path changes. This minimizes unnecessary builds...
Go export naming conventions
kubeflow/kubeflowIn Go, the first letter of an identifier (function, variable, struct field, etc.) determines its visibility outside t...
Use configuration property providers
JetBrains/kotlinAlways use Gradle's Provider API when accessing project, system, or Gradle properties in your build configuration. Th...
Test edge cases
JetBrains/kotlinEnsure tests verify both basic functionality and edge cases. Tests that only cover the happy path can miss critical b...
Minimize unnecessary work
JetBrains/kotlinOptimize performance by reducing the amount of computation performed, especially on data that won't appear in the fin...
Keep code clearly organized
JetBrains/kotlinMaintain code readability and organization by extracting focused, well-named functions and using appropriate scoping....
Design extensible stable APIs
JetBrains/kotlinWhen designing public APIs, prioritize extensibility while maintaining backward compatibility and implementation hidi...
Use testify assertions
influxdata/influxdbAlways use the testify package (require/assert) in tests instead of standard Go testing assertions. The testify libra...
Validate environment variables strictly
elie222/inbox-zeroEnforce strict validation of environment variables using Zod schemas with explicit environment-specific rules. Requir...
Safe concurrent programming
grafana/grafanaWhen working with concurrent code, carefully manage shared resources and synchronization to prevent race conditions, ...
Follow documentation conventions
grafana/grafanaEnsure documentation adheres to established style guidelines and technical standards: 1. **Use proper terminology an...
Use modern PHPUnit attributes
laravel/frameworkPrefer modern PHPUnit attributes over PHPDoc annotations for improved type safety, IDE support, and code readability ...
Technical term consistency
fastapi/fastapiWhen working with multilingual codebases or documentation, maintain consistent naming conventions for technical terms...
Sync versus async tests
fastapi/fastapiChoose the appropriate testing approach based on your test requirements. For standard API endpoint testing, use `Test...
Standardize dependency version notation
expressjs/expressWhen specifying dependencies in package.json, follow consistent version notation patterns that align with your projec...
Follow StandardJS when modifying
expressjs/expressWhen modifying existing code, update the touched lines to follow StandardJS conventions while preserving the style of...
Clear intention in names
expressjs/expressChoose names that clearly communicate intention and follow established conventions. This applies to variables, functi...
Document with examples
chef/chefAlways include comprehensive documentation with clear examples for properties, methods, and code patterns. Documentat...
Consistent descriptive naming patterns
chef/chefUse clear, descriptive names that follow consistent patterns across the codebase. For methods and properties: 1. Use...
Meaningful identifier names
bridgecrewio/checkovChoose descriptive and semantic identifiers that clearly convey purpose, role, and behavior. Avoid vague, generic nam...
Prevent algorithmic pitfalls
boto/boto3Avoid common algorithmic errors that lead to incorrect results or inefficient code by following these practices: 1. ...
Follow naming conventions
boto/boto3Use consistent and appropriate naming conventions based on the context in Python code: 1. **Classes**: Use `CamelCas...
Defensive null value handling
boto/boto3Always handle potential null/None values defensively by: 1. Using `.get()` for dictionary access instead of direct ke...
Design stable APIs
Azure/azure-sdk-for-netWhen creating or modifying APIs, carefully consider what becomes part of your public API surface to ensure backward c...
Check before dereferencing
Azure/azure-sdk-for-netAlways verify objects are not null before dereferencing them, particularly when using methods that might return null ...
Defensive null checking
aws/aws-sdk-jsAlways perform explicit null/undefined checks before accessing properties or using values that could be null or undef...
Prefer Rust structural patterns
zed-industries/zedUse Rust's structural patterns to write more idiomatic and maintainable code. This includes: 1. Use early returns to...
Consider algorithmic complexity
zed-industries/zedWhen implementing algorithms, be mindful of their computational complexity and choose appropriate data structures for...
Use self-documenting names
vllm-project/vllmVariable, function, and parameter names should accurately reflect their purpose, behavior, and content. Choosing desc...
Stable documentation links
vllm-project/vllmEnsure all documentation links are stable, consistent, and correctly targeted to improve navigation and long-term mai...
Process configurations consistently
vllm-project/vllmEnsure that configuration data is processed consistently and correctly throughout the codebase. This includes: 1. **...
Optimize data structures
vitessio/vitessChoose and implement data structures with careful consideration of algorithmic complexity, memory usage, and Go's spe...
Ensure documentation accuracy
vitejs/viteDocumentation must precisely reflect the current codebase implementation. When documenting features, options, or APIs...
Make errors user actionable
astral-sh/uvError messages should provide clear, actionable information that helps users understand and resolve the problem. Each...
Know your implicit configurations
vercel/turborepoWhen working with Turborepo, be aware of implicit configurations and special files that affect behavior even when not...
Eliminate code duplication
vercel/turborepoAvoid duplicating logic, patterns, or data across the codebase. When similar code appears in multiple places, extract...
Use Option methods idiomatically
tokio-rs/tokioWhen dealing with Optional values, prefer Rust's built-in Option methods over manual null checks. This makes code mor...
Structural configuration approaches
tokio-rs/tokioWhen working with feature flags and conditional compilation, prefer structural approaches over scattered configuratio...
Prefer explicit over concise
tokio-rs/tokioChoose explicit and unambiguous names over concise but unclear ones. When a method, type, or variable has a specific ...
Organize code logically
tokio-rs/tokioGroup related code elements together with a consistent and logical structure. Place stable fields and functionality f...
Optimize memory allocation
tokio-rs/tokioBe deliberate about memory allocation patterns to improve performance. Implement these practices: 1. **Pre-allocate ...
Network API design consistency
tokio-rs/tokioWhen designing networking APIs, maintain consistency with existing interfaces while ensuring proper cross-platform co...
Follow import style
tokio-rs/tokioTokio projects follow specific import conventions for consistency and readability. Adhere to these guidelines: 1. Us...
Flexible consistent API patterns
tokio-rs/tokioDesign APIs with flexibility and consistency by leveraging established patterns and avoiding unnecessary constraints....
Design error handling carefully
tokio-rs/tokioWhen implementing error handling, balance between propagation and recovery. Design error types to preserve context wh...
Simplify for readability
huggingface/tokenizersPrioritize code readability by using simpler and more direct expressions. When possible, return values directly inste...
Descriptive purpose-driven naming
hashicorp/terraformChoose identifiers that accurately describe their purpose and behavior, not just their type or how they're used. Name...
Contextual null checks
hashicorp/terraformUse type-appropriate null checking strategies based on the context of your data. For primitive values, ensure they ex...
Choose efficient implementations
tensorflow/tensorflowWhen implementing algorithms, prioritize both correctness and performance by selecting appropriate data structures, o...
Use appropriate collections
spring-projects/spring-frameworkChoose the right collection implementation for each algorithmic task to optimize both performance and readability. Us...
Meaningful exception design
spring-projects/spring-bootDesign exceptions to provide clear context, preserve stack traces, and propagate correctly through your system. Key p...
Documentation clarity principles
spring-projects/spring-bootWhen writing technical documentation, adhere to these core principles to ensure clarity and effectiveness: 1. **Use ...
Document configuration properties completely
spring-projects/spring-bootConfiguration properties should be fully documented with clear descriptions, explicit default values, and proper meta...
Concrete bean return types
spring-projects/spring-bootWhen defining `@Bean` methods in Spring configurations, use concrete return types rather than interfaces while using ...
Alphabetical ordering requirement
spring-projects/spring-bootAlways maintain alphabetical ordering for lists of elements including dependencies, modules, configuration entries, a...
Optimize common paths
dotnet/runtimeDesign algorithms that optimize for the most common execution paths by prioritizing frequent scenarios in conditional...
Model actual hardware costs
dotnet/runtimeBase optimization decisions on accurate hardware cost models rather than outdated assumptions. Modern architectures h...
Document configuration intent
dotnet/runtimeConfiguration settings should be self-documenting with clear intent. When adding temporary workarounds, conditional f...
Handle nulls with Option
astral-sh/ruffUse Rust's Option type and its methods effectively to handle nullable values. This improves code clarity and safety b...
Prefer simpler expressions
rails/railsAlways choose the simplest, most readable way to express your code logic. Unnecessary complexity makes code harder to...
Minimize unnecessary object allocations
rails/railsAvoid creating unnecessary objects, especially in frequently executed code paths. This includes being mindful of impl...
Minimize public API surface
rails/railsDesign APIs with a minimal public surface area by carefully controlling which methods and properties are exposed. Sta...
Follow documentation conventions
rails/railsMaintain consistent formatting and style in all documentation to improve readability and professionalism: 1. **Use p...
Document APIs clearly
rails/railsWhen designing and documenting APIs, prioritize clarity and completeness through concrete examples and accurate param...
Thread-safe state management
quarkusio/quarkusWhen managing state accessed by multiple threads, ensure thread safety through appropriate synchronization mechanisms...
Graceful API evolution
pytorch/pytorchWhen modifying, deprecating, or replacing APIs, ensure a smooth transition experience for developers by following the...
Standardize dependency management
pydantic/pydanticMaintain consistent dependency management practices across CI workflows to ensure reliable builds and tests. Use the ...
Maintain code consistency
pydantic/pydanticEnsure code follows consistent patterns throughout the codebase, even when duplicating code is necessary. When simila...
Least privilege principle
prowler-cloud/prowlerAlways follow the principle of least privilege by granting the minimum permissions necessary for functionality. This ...
Optimize memory allocation patterns
pola-rs/polarsMinimize memory allocations and optimize allocation patterns to improve performance. Key practices: 1. Pre-allocate ...
Names reveal clear intent
pola-rs/polarsChoose names that clearly communicate intent and context, avoiding ambiguity or confusion. Variable and function name...
Explicit null handling
pola-rs/polarsAlways be explicit and consistent about how null values are handled in operations and documentation. This clarity pre...
Structure tests thoroughly
opentofu/opentofuCreate well-structured tests with thorough coverage of both expected success and error conditions. Name test cases de...
Safe lock patterns
opentofu/opentofuWhen implementing concurrent operations, ensure locks are acquired and released properly in all execution paths. Alwa...
Reduce code nesting
opentofu/opentofuMinimize nesting levels and complexity in your code to improve readability and maintainability. Use early returns ins...
Write purposeful comments
open-telemetry/opentelemetry-pythonComments should explain "why" and "how" rather than restating what is already obvious from the code. Focus on providi...
Sanitize observability data exports
open-telemetry/opentelemetry-pythonWhen exporting observability data (metrics, traces, logs) to external systems, properly sanitize all data fields to e...
Use OpenCV error mechanisms
opencv/opencvAlways use OpenCV's built-in error handling mechanisms instead of C++ exceptions or custom error handling. This ensur...
Prevent null vulnerabilities
opencv/opencvUse container classes and smart pointers instead of manual memory allocation to prevent null pointer dereferences and...
Cross-platform API design rules
opencv/opencvDesign public APIs to work seamlessly across different programming languages and platforms. Follow these key principl...
Clear API contracts
opencv/opencvDesign APIs with clear contracts that behave exactly as their names and signatures suggest. Functions should do preci...
Optimize with standard library
ollama/ollamaWhen implementing algorithms, prefer using Go's standard library over custom implementations or external dependencies...
Use nullable for optionals
octokit/octokit.netWhen a property or parameter represents an optional value that might be absent in requests or responses, use nullable...
Handling Dynamic Content in Next.js Components
vercel/next.jsWhen implementing Next.js components that rely on dynamic content (e.g. random values, current time), it is crucial t...
Use null validation utilities
netty/nettyConsistently use utility methods like `ObjectUtil.checkNotNull()` or `Objects.requireNonNull()` to validate that para...
Memory ordering needs barriers
netty/nettyEnsure proper memory ordering in concurrent code by using appropriate memory barriers and atomic operations based on ...
Optimize cargo dependencies
neondatabase/neonMaintain clean and efficient dependency configurations in Cargo.toml files by following these practices: 1. **Use wo...
Minimize unnecessary allocations
neondatabase/neonAvoid allocations and cloning when they don't provide sufficient benefit relative to their performance cost. Balance ...
Log level appropriately
neondatabase/neonSelect the appropriate log level based on operational significance and ensure messages are clear, accurate, and forma...
Keep files focused small
neondatabase/neonMaintain code organization by keeping files focused on a single responsibility and splitting large files into smaller...
Optimize iteration patterns
apache/mxnetWhen iterating through collections, choose the most efficient iteration pattern based on what information you actuall...
Prefer nullish coalescing
langchain-ai/langchainjsWhen handling null or undefined values, use modern JavaScript patterns to write more robust and maintainable code: 1...
Prefer descriptive errors
JetBrains/kotlinWhen handling errors in your code, always provide detailed context in error messages to aid debugging. Use Kotlin's s...
Wrap errors with context
influxdata/influxdbAlways wrap errors with meaningful context using fmt.Errorf and %w verb. Include relevant identifiers (filenames, IDs...
Follow API conventions
influxdata/influxdbDesign APIs following modern conventions and best practices to improve usability, maintainability, and consistency ac...
Choose optimal data structures
influxdata/influxdbSelect data structures based on specific access patterns and performance requirements. When both fast lookup and pred...
Minimize redundant operations
elie222/inbox-zeroOptimize application performance by preventing unnecessary renders, calculations, and network operations. Implement p...
Handle nulls with types
elie222/inbox-zeroEnforce type safety by properly handling null and undefined values through TypeScript types and explicit checks. Avoi...
Enforce atomic database operations
elie222/inbox-zeroReplace check-then-act patterns with atomic database operations to prevent race conditions in concurrent environments...
Explicit null validation
grafana/grafanaAlways validate objects for null/nil before accessing their properties, and establish consistent patterns for handlin...
Descriptive semantic names
grafana/grafanaAlways use descriptive variable, parameter, function, and constant names that clearly convey their purpose and behavi...
Document code behavior
gin-gonic/ginDocument the "why" and "how" of your code, not just what it does. Add clear comments to explain: 1. Non-obvious beha...
Robust SSH integration
ghostty-org/ghosttyWhen implementing SSH integration in your application, follow these practices to ensure reliability across different ...
Document configs comprehensively
ghostty-org/ghosttyConfiguration options must be documented comprehensively with: 1. Clear, descriptive name using appropriate platform...
Organize code logically
fatedier/frpMaintain a clean and logical code structure by properly organizing code according to its functionality and purpose: ...
Name indicates clear purpose
laravel/frameworkNames should clearly indicate their purpose, type, and behavior. This applies to methods, variables, and parameters. ...
Cache expensive operations
laravel/frameworkIdentify and cache results of expensive operations that may be called repeatedly during a request lifecycle, especial...
Consistent test code style
fastify/fastifyMaintain consistent and clear testing patterns by following these guidelines: use strict equality assertions, prefer ...
Concurrent operations completion management
fastify/fastifyWhen running concurrent operations in tests, ensure all operations complete before concluding the test. Race conditio...
Use configuration access methods
elastic/elasticsearchWhen accessing configuration settings, always use the appropriate type-safe accessor methods provided by the configur...
Robust test assertions
elastic/elasticsearchUse precise, informative assertions in tests to provide clear feedback when tests fail and verify the correct behavio...
Prefer callbacks over blocking
elastic/elasticsearchAlways structure concurrent code to use asynchronous callbacks instead of blocking operations. Blocking calls like Co...
Measure before optimizing performance
elastic/elasticsearchBefore implementing performance optimizations, measure and validate the impact through benchmarks. This applies espec...
Validate and document nulls
deeplearning4j/deeplearning4jAlways handle null values explicitly and consistently throughout your codebase to prevent null pointer exceptions. Fo...
Structure errors with intent
crewaiinc/crewaiImplement error handling with clear intent and proper propagation. Follow these principles: 1. Use structured try/ca...
Write comprehensive test cases
vuejs/coreTests should thoroughly cover all code paths and edge cases. Each test case should: 1. Test distinct scenarios in sep...
Strict props event handling
vuejs/coreEnforce strict typing and consistent handling of component props and events to ensure type safety, runtime validation...
Evolve APIs gracefully
vuejs/coreWhen modifying or extending APIs, prioritize backward compatibility while providing clear migration paths for future ...
Choose semantic descriptive names
vuejs/coreNames should be clear, descriptive and follow consistent patterns. Choose names that accurately reflect the purpose a...
Avoid redundant computations
vuejs/coreIdentify and eliminate redundant operations that cause performance bottlenecks by caching expensive function results,...
Never commit secrets
chef/chefPrivate cryptographic keys, certificates with private keys, and other secrets must never be committed to source code ...
Memoize expensive operations
chef/chefCache results of expensive operations, especially shell commands and external queries, to avoid redundant executions....
Keep actions versions current
chef/chefAlways use the latest stable versions of GitHub Actions components in CI/CD workflows to avoid deprecated features, s...
Externalize configuration values
chef/chefAvoid hardcoding configuration values directly in scripts, especially for values that might change between environmen...
Choose semantic algorithms
chef/chefSelect algorithms and data operations that match the semantic intent of your code rather than using convenient but po...
Document configuration consistently
bridgecrewio/checkovEnsure all configuration options are clearly documented and follow consistent naming and syntax conventions. This inc...
Comprehensive API documentation
boto/boto3Always provide comprehensive API documentation that includes accurate examples, complete parameter descriptions, and ...
Use domain-specific type names
Azure/azure-sdk-for-netTypes should be named with clear domain context rather than generic terms. Avoid single-word or overly generic names ...
Minimize memory allocations
Azure/azure-sdk-for-netReduce garbage collection pressure and improve application performance by avoiding unnecessary memory allocations. Th...
Document code reasoning
Azure/azure-sdk-for-netAdd clear, concise comments that explain the "why" behind complex logic, non-obvious decisions, and implicit behavior...
Prefer simpler code constructs
tokio-rs/axumAlways opt for simpler, more idiomatic code constructs over complex or verbose alternatives. This includes using buil...
Semantic naming conventions
aws/aws-sdk-jsUse descriptive, semantic names for all code elements that clearly indicate their purpose and behavior. Follow consis...
Early return after errors
aws/aws-sdk-jsWhen handling errors in asynchronous functions, always return immediately after invoking a callback with an error to ...
Document APIs thoroughly
aws/aws-sdk-jsAll public API elements must be thoroughly documented with JSDoc annotations that clearly explain their purpose, para...
Validate user-controlled paths
apache/airflowAlways validate and sanitize user-provided inputs used in file path operations to prevent path traversal attacks. Pat...
Standardize API parameter handling
apache/airflowUse consistent parameter handling patterns across API endpoints to ensure maintainability and predictable behavior. F...
Avoid code duplication
apache/airflowExtract repeated code patterns into reusable functions, variables, or constants to improve maintainability and reduce...
Verify AI model capabilities
vercel/aiAlways verify and accurately document AI model capabilities, supported formats, and limitations before implementation...
Type-safe null handling
vercel/aiUse TypeScript's type system and modern JavaScript features to prevent null reference errors. **TypeScript type saf...
Keep tests simple
vercel/aiTests should be straightforward, explicit, and free from complex logic or indirection. Avoid "magic" in tests that ma...
Use structured model metadata
zed-industries/zedRepresent AI model information using structured data rather than hardcoded enumerations or conditionals. Store capabi...
Scope dependencies appropriately
zed-industries/zedConfigure dependencies with their minimum necessary scope to maintain clean architecture and improve build times. Key...
Document configuration constraints clearly
zed-industries/zedWhen defining configuration options, always clearly document parameter constraints, valid ranges, and behaviors. For ...
Choose domain-specific semantic names
zed-industries/zedNames should clearly reflect their domain-specific meaning and purpose, avoiding generic or ambiguous terms. This app...
Validate algorithmic operations carefully
vllm-project/vllmMathematical and logical operations require careful validation to ensure correctness. Common issues include: 1. Oper...
Remove unnecessary code elements
vllm-project/vllmKeep code clean and maintainable by removing unnecessary elements that add complexity without value: 1. Remove unuse...
Preserve API compatibility
vllm-project/vllmWhen modifying API interfaces, parameters, or argument behavior, ensure backward compatibility is maintained to preve...
Optimize memory allocation
vitessio/vitessAlways allocate data structures with appropriate initial capacity and use memory-efficient data types to reduce memor...
Runtime-agnostic API design
vitejs/viteWhen designing APIs for systems that support multiple JavaScript runtimes, prioritize decoupling server state from us...
Propagate errors with context
vitejs/viteAlways propagate errors with proper context and recovery strategy. Use try-catch blocks for both synchronous and asyn...
Environment variable management
vitejs/viteWhen working with environment variables in Vite applications, be explicit about variable loading behavior and precede...
Secure configuration defaults
astral-sh/uvEstablish secure default configurations in project metadata files to prevent accidental publishing and ensure proper ...
Optimize CI/CD commands
astral-sh/uvDesign CI/CD workflows to be efficient, consistent, and purposeful across all environments. When writing or modifying...
Environment variable best practices
astral-sh/uvWhen implementing environment variable configuration: 1. Follow standard environment variable conventions: - Use upp...
Meaningful consistent identifiers
shadcn-ui/uiChoose descriptive, semantically accurate names for variables, types, and components that clearly communicate their p...
Validate performance impact first
vercel/turborepoAlways validate performance changes through profiling or benchmarking before implementation, and favor memory-efficie...
Design ergonomic APIs
vercel/turborepoCreate APIs that are both easy to use correctly and hard to use incorrectly. Focus on: 1. **Use pattern matching for...
Structure feature flags strategically
tokio-rs/tokioDesign feature flags to minimize dependency bloat while maximizing flexibility for users. Each optional dependency sh...
Structure API doc blocks
tokio-rs/tokioEach public API documentation block should follow a consistent structure: 1. Start with a single-line summary that c...
Socket configuration guidance
tokio-rs/tokioWhen implementing networking APIs, always clearly document socket modes, configuration options, and platform-specific...
Optimize hot paths
tokio-rs/tokioIdentify and optimize frequently executed code paths to improve performance. Hot paths have a significant impact on o...
Graceful error handling
tokio-rs/tokioPrioritize graceful error handling over panicking by providing fallbacks and propagating rich context. When operation...
Fast deterministic tests
tokio-rs/tokioAvoid using real sleeps or delays in tests as they significantly slow down the test suite and can introduce flakiness...
Design flexible APIs
tokio-rs/tokioWhen designing APIs, prioritize flexibility, ergonomics, and intuitiveness to create better user experiences. APIs sh...
Minimize memory allocations
huggingface/tokenizersAvoid unnecessary memory allocations to improve performance. Each allocation has both CPU and memory overhead that ca...
Handle nullable types idiomatically
huggingface/tokenizersUse Rust's idiomatic patterns when working with Option and Result types to prevent panics and improve code clarity. ...
Use precise semantic names
hashicorp/terraformChoose names that accurately reflect the purpose and semantics of the entity being named. Avoid overloaded or ambiguo...
Prefer modern authentication
hashicorp/terraformAlways use modern identity-based authentication methods instead of static credentials when accessing external systems...
Include descriptive documentation
hashicorp/terraformProvide complete, clear descriptions for all configuration elements in documentation. Every output, variable, argumen...
Document function behavior completely
hashicorp/terraformFunction and method documentation should accurately describe behavior, parameters, and any non-obvious aspects of the...
Validate quantization parameters carefully
tensorflow/tensorflowWhen implementing quantized operations in ML models, thoroughly validate quantization parameters to ensure correctnes...
Validate before dereference
tensorflow/tensorflowAlways check that pointers, optional values, and results of type casts are valid before dereferencing or using them. ...
Optimize loop operations
tensorflow/tensorflowMinimize expensive operations within inner loops to improve performance. Key practices include: 1. Extract loop-inva...
Informative error messages
tensorflow/tensorflowError messages should be informative, actionable, and concise to help users quickly understand and fix issues. Follow...
Handle dynamic shapes
tensorflow/tensorflowWhen implementing tensor-based algorithms, avoid assumptions about fixed tensor shapes by not relying on direct shape...
Teach by example
tensorflow/swiftPresent concepts through clear, focused examples that demonstrate features positively rather than through comparisons...
Respect annotation processing order
spring-projects/spring-frameworkWhen designing Spring components, pay careful attention to the order in which annotations are processed, especially f...
Design for API extension
spring-projects/spring-frameworkWhen designing APIs, prioritize extensibility by providing clear extension points and avoiding direct exposure of imp...
Cleanup error handling
spring-projects/spring-frameworkWhen handling resources that require cleanup (like streams, connections, or transactions), ensure that errors during ...
API boundary null handling
spring-projects/spring-frameworkEstablish consistent null handling patterns at API boundaries to prevent null pointer exceptions and improve code cla...
Property description conventions
spring-projects/spring-bootWhen documenting configuration properties in Spring Boot applications, follow these conventions for clarity and consi...
Prevent null references
dotnet/runtimeUse defensive coding practices to prevent null reference exceptions by properly handling potentially null values thro...
Maintainable test structure
dotnet/runtimeWrite tests that are maintainable, self-documenting, and that promote good testing practices: 1. **Use proper assert...
Document code meaningfully
dotnet/runtimeProvide meaningful documentation that enhances code maintainability and understanding. Follow these practices: 1. **...
Cache expensive computations
dotnet/runtimeAvoid recomputing expensive operations by caching results when they will be used multiple times. This applies to meth...
Avoid busy waiting
dotnet/runtimeWhen implementing concurrent code that waits for conditions to be met, avoid busy-wait loops that continuously consum...
Abstract traversal patterns
dotnet/runtimeWhen implementing algorithms that operate on complex data structures (trees, graphs, dominator structures), abstract ...
Use descriptive identifiers
astral-sh/ruffAvoid abbreviations in variable, parameter, and method names to improve code readability and maintainability. Use des...
Profile allocations before optimization
astral-sh/ruffBefore implementing data structures or algorithms, analyze allocation patterns and optimize for common cases. Key str...
Document component behavior comprehensively
astral-sh/ruffDocumentation should clearly explain the purpose, behavior, and relationships between code components using accessibl...
Consider algorithmic complexity tradeoffs
astral-sh/ruffWhen implementing algorithms or data structures, carefully evaluate the tradeoffs between computational complexity, m...
Write complete API examples
rails/railsAlways provide complete, context-rich code examples in API documentation. Examples should show the full usage context...
Place configurations appropriately
rails/railsChoose the right location and scope for your Rails configuration options to improve maintainability and clarity: 1. ...
Initialize nil-prone variables
rails/railsAlways initialize variables that might be nil to appropriate default values to prevent unexpected behavior. For boole...
Prefer Optional over nulls
quarkusio/quarkusUse Java's Optional API instead of null checks to improve code readability, safety, and maintainability. When dealing...
Optimize algorithmic operations
quarkusio/quarkusBefore implementing or modifying algorithms, carefully evaluate data structure properties and operation costs. Always...
Name for meaning first
quarkusio/quarkusChoose names that prioritize domain meaning and clarity over implementation details. This applies to methods, variabl...
Document public APIs
quarkusio/quarkusAll public APIs, interfaces, and methods should include comprehensive JavaDoc that clearly explains their purpose, pa...
Clear database configuration examples
quarkusio/quarkusDatabase configuration examples in documentation should be correct, minimal, and include proper context. Provide only...
Use higher-level iterations
pytorch/pytorchWhen working with multiple sequences that need to be combined, prefer higher-level iteration abstractions over nested...
Prevent null pollution
pytorch/pytorchDesign your code to minimize the unexpected introduction of None values into data structures and APIs. Use immutable ...
Handle errors specifically
pytorch/pytorchAlways be explicit and specific when handling errors rather than using catch-all approaches or implicit conventions. ...
Robust error messaging
pydantic/pydanticCreate clear, specific, and actionable error messages that help users understand and resolve issues, while implementi...
Eliminate redundant computation
pydantic/pydanticIdentify and eliminate redundant or duplicate computation paths in your code, especially for expensive operations lik...
Cache expensive computations
pydantic/pydanticImplement strategic caching and memoization for expensive or frequently repeated computations to avoid redundant work...
Secure authentication flows
prowler-cloud/prowlerImplement authentication flows that protect sensitive information and follow secure credential management practices: ...
Safe attribute access patterns
prowler-cloud/prowlerImplement consistent patterns for safely accessing potentially null or undefined attributes and dictionary values. Th...
Prioritize code readability
prowler-cloud/prowlerWrite code that optimizes for human readability and understanding. Complex expressions, while technically correct, ca...
Consistent naming patterns
prowler-cloud/prowlerFollow systematic naming conventions for types, interfaces, and functions to enhance code readability and navigabilit...
Hide implementation details
pola-rs/polarsDesign public APIs to hide implementation details and focus on the user's mental model of the system. Avoid exposing ...
Explicit configuration precedence
pola-rs/polarsImplement a clear configuration resolution chain that follows a consistent precedence pattern: explicit parameters fi...
Evaluate algorithmic complexity tradeoffs
pola-rs/polarsWhen implementing algorithms, carefully evaluate tradeoffs between performance optimizations and code maintainability...
Document with examples
opentofu/opentofuAlways include clear, contextual examples when documenting APIs, interfaces, or command-line functionality. Examples ...
Defensive null handling
opentofu/opentofuAlways initialize data structures before use, particularly before accessing them in loops or conditional blocks. Chec...
Clear concise documentation
opentofu/opentofuWrite documentation that is direct, consistent, and appropriately detailed. Follow these principles: 1. **Use direct...
Optimize configuration structure
open-telemetry/opentelemetry-pythonStructure configuration files like tox.ini to maximize maintainability and efficiency. Use factor prefixes (e.g., "te...
Handle exceptions appropriately
open-telemetry/opentelemetry-pythonWhen implementing error handling logic, be deliberate about which exception types you catch and where you handle them...
Follow Python naming conventions
open-telemetry/opentelemetry-pythonUse consistent Python naming conventions to improve code readability and maintainability: 1. Use snake_case for func...
Configuration source precedence
open-telemetry/opentelemetry-pythonDefine and document a clear precedence order when configurations come from multiple sources (code parameters, environ...
Optimize memory allocation patterns
opencv/opencvPrefer efficient memory allocation patterns to improve performance. Key practices: 1. Use RAII containers (like Mat)...
Optimize container access
opencv/opencvChoose efficient container types and optimize access patterns in performance-critical code. Avoid operations that cau...
Maintain code consistency
opencv/opencvKeep code clean and consistent with established project conventions. This includes: 1. Follow existing formatting st...
Guard optional dependencies
opencv/opencvConfiguration management requires careful handling of optional dependencies in both build scripts and source code. Al...
Use idiomatic Go flow
ollama/ollamaFollow Go's idiomatic control flow patterns to improve code readability and maintainability. Key practices include: ...
Use environment variables
ollama/ollamaUse environment variables instead of hardcoding configuration values such as file paths, port numbers, or system-spec...
Guard against nil
ollama/ollamaAlways check for nil values and successful type assertions before accessing or dereferencing objects, especially when...
Document synchronization intent
ollama/ollamaAlways clearly document the purpose and scope of synchronization primitives (mutexes, read-write locks) by: 1. Placi...
Comprehensive test coverage
ollama/ollamaTest functions should provide comprehensive coverage of both expected and edge cases. Include tests for: 1. **Bounda...
Clear recoverable error messages
ollama/ollamaError messages should be clear, actionable, and indicate whether recovery is possible. When designing error handling:...
Abstract model operations cleanly
ollama/ollamaWhen implementing AI model operations, create clean abstractions through interfaces that separate core mathematical o...
Design intuitive API methods
octokit/octokit.netWhen designing API methods, prioritize intuitive usage patterns and backwards compatibility. Follow these guidelines:...
Write robust assertions
vercel/next.jsWhen writing tests, ensure assertions can handle non-deterministic content while providing clear failure context: use...
Optimize Next.js Resource Utilization
vercel/next.jsAs a code reviewer, I recommend the following practices to optimize resource utilization when implementing Next.js ap...
Release resources consistently
netty/nettyAlways ensure resources are properly released, especially in exception paths. Use try-finally blocks to guarantee cle...
Use descriptive identifiers
neondatabase/neonChoose clear, meaningful names for variables, parameters, and constants that convey their purpose without requiring a...
Stage configuration changes gradually
neondatabase/neonWhen introducing configuration changes that affect multiple system components, implement them in stages to ensure smo...
Hierarchical semantic naming
neondatabase/neonUse hierarchical prefixes and clear descriptive names to indicate the domain, source, and purpose of code elements. T...
Flexible documented configurations
neondatabase/neonCreate configuration interfaces that are flexible, well-documented, and future-proof. When designing configuration pa...
Document concurrency design decisions
neondatabase/neonAlways document key concurrency design decisions in code, including: 1. Locking protocols and ordering between multip...
Design metrics for insights
neondatabase/neonDesign metrics that provide actionable insights while maintaining system efficiency. Follow these key principles: 1....
Comprehensive code documentation
neondatabase/neonProperly document code with clear, accurate, and useful comments using the correct syntax based on context: 1. Use `...
Use intent-revealing names
apache/mxnetChoose names that clearly reveal the purpose, behavior, or type of the code elements they represent. A good name shou...
Hybridization compatible operations
apache/mxnetWhen implementing neural network models that will be hybridized for performance optimization, use operations that are...
Explain optimization mechanisms
apache/mxnetWhen implementing or documenting performance optimizations, clearly explain the mechanism and expected performance be...
Document all parameters
apache/mxnetAlways provide complete and accurate documentation for all function parameters, especially when adding new ones. Each...
Validate untrusted input
langchain-ai/langchainjsAlways validate and sanitize user-provided inputs before using them in sensitive contexts like SQL queries, file path...
Throw meaningful errors
langchain-ai/langchainjsAlways throw specific, actionable errors instead of returning unexpected values or simply logging issues. Error messa...
Optimize model token usage
langchain-ai/langchainjsImplement token-efficient patterns when working with AI models to optimize costs and performance. Key practices inclu...
Follow documentation standards
langchain-ai/langchainjsEnsure all documentation follows established templates and includes required sections. When referencing components, a...
Use modern JavaScript idioms
kubeflow/kubeflowFavor modern JavaScript syntax and clean code practices to improve readability and maintainability. This includes: 1...
Structured documentation with examples
kubeflow/kubeflowCreate comprehensive documentation with clear structure and practical examples. Documentation should include: 1. **S...
Standardize makefile patterns
kubeflow/kubeflowMaintain consistent Makefile patterns across all components to improve build reliability and developer experience in ...
Environment variable management
kubeflow/kubeflowManage environment variables in Docker configurations with appropriate scope, placement, and documentation: 1. **Set...
Centralize configuration values
kubeflow/kubeflowStore all configuration values in dedicated configuration files rather than hardcoding them throughout the applicatio...
Consider operation time complexity
JetBrains/kotlinWhen implementing operations that manipulate collections or perform repeated actions, carefully consider the time com...
Structured logging best practices
influxdata/influxdbUse structured logging with appropriate field types and context to make logs more useful for troubleshooting. Choose ...
Stable schema identifiers
influxdata/influxdbUse persistent identifiers for schema elements rather than relying on positional information or enumeration, which ca...
Prefer explicit nullability
influxdata/influxdbAlways make nullable states explicit in your code by leveraging Rust's type system. Use `Option
Manage complete cache lifecycle
influxdata/influxdbImplement comprehensive cache lifecycle management focusing on three key aspects: 1. Idempotent Creation: Make cache...
Maintain code readability
influxdata/influxdbEnsure code remains readable and maintainable by following these practices: 1. **Combine case statements with identi...
Handle errors by criticality
influxdata/influxdbChoose error handling strategies based on operation criticality: 1. For critical operations that could corrupt data ...
Descriptive semantic naming
influxdata/influxdbCreate identifiers that clearly convey meaning through descriptive names and appropriate types. Two key practices imp...
Clear configuration parameters
influxdata/influxdbConfiguration parameters should be descriptively named, well documented, and have sensible defaults that are visible ...
Transactional verified migrations
elie222/inbox-zeroEnhance database migration reliability by wrapping changes in transactions with pre-check and post-verification steps...
Time precision matters
elie222/inbox-zeroWhen implementing algorithms involving date and time calculations, maintain precise control over time components to a...
Prevent async race conditions
elie222/inbox-zeroAlways guard against race conditions when working with asynchronous code. Implement these patterns to avoid unpredict...
Names reflect semantic purpose
elie222/inbox-zeroChoose names that reflect the semantic purpose rather than implementation details or temporal characteristics. Names ...
Standardize observability semantic conventions
grafana/grafanaWhen implementing observability features (logs, metrics, traces), use consistent semantic conventions to ensure data ...
Proper shell quoting
grafana/grafanaAlways use proper quoting in shell scripts (especially GitHub Actions workflows) to prevent word splitting, globbing,...
Function design principles
grafana/grafanaDesign functions for maximum reusability, clarity, and maintainability. Follow these principles: 1. **Pass complete ...
Close resources with errors
grafana/grafanaAlways close resources (files, streams, connections) and properly handle their Close() errors. For read operations, C...
Use if-unwrap with optionals
ghostty-org/ghosttyAlways use Zig's if-unwrap pattern (`if (optional) |value| {...}`) when working with optional values instead of force...
Handle errors completely
fatedier/frpAlways handle errors comprehensively by checking return values, implementing proper error propagation, and ensuring r...
Connection lifecycle management
fatedier/frpImplement comprehensive lifecycle management for network connections. Ensure proper initialization, authentication, m...
Manage dependencies wisely
laravel/frameworkWhen configuring dependencies in composer.json files, follow these guidelines to ensure maintainable and reliable con...
Escape column names properly
laravel/frameworkAlways use the appropriate wrapping/escaping mechanism when generating SQL to prevent syntax errors and SQL injection...
Design flexible APIs
laravel/frameworkWhen designing APIs, prioritize flexibility and developer experience by: 1. **Accept broader parameter types** - Use...
Type-safe API designs
fastify/fastifyDesign APIs with strong type safety to improve developer experience and catch errors at compile time. Avoid using any...
Properly Handle Errors in Fastify Applications
fastify/fastifyWhen implementing error handling in Fastify applications, it is important to always throw instances of the Error clas...
Preserve error context
fastify/fastifyWhen handling errors, always ensure the original error context is preserved and properly surfaced. Error information ...
Null safe patterns
fastify/fastifyUse concise null checking patterns to prevent runtime errors and improve code readability when handling potentially u...
Explicit Configuration Usage in Fastify
fastify/fastifyWhen using the Fastify framework in Typescript, ensure that all configuration options are explicitly declared and pro...
Consistent JSDoc standards
fastify/fastifyDocument all public APIs and significant internal functions with comprehensive JSDoc comments that include accurate d...
Adhere to Fastify Coding Conventions
fastify/fastifyWhen implementing code that uses the Fastify package in Typescript, ensure the following conventions are followed: av...
Protocol-specific error handling
fastapi/fastapiHandle errors and responses appropriately based on the network protocol being used. Different protocols have differen...
Consistent code examples
fastapi/fastapiMaintain consistent formatting and styling in code examples throughout your NestJS application documentation. This en...
REST principles first
expressjs/expressWhen designing APIs with Express, prioritize proper REST principles and HTTP semantics over convenience. This ensures...
Propagate errors properly
expressjs/expressAlways forward errors to the framework's error handling pipeline instead of swallowing them or handling them inconsis...
Handle streams properly
expressjs/expressWhen transferring data over HTTP, properly implement streaming mechanisms to prevent memory exhaustion and potential ...
Ensure test completion
expressjs/expressTests must properly terminate by following appropriate asynchronous patterns. For asynchronous tests, always invoke t...
Prevent redundant operations
elastic/elasticsearchIn distributed database systems, prevent redundant operations that can overload cluster resources. When implementing ...
User-friendly documentation examples
deeplearning4j/deeplearning4jDocumentation should guide users toward best practices through clear examples. Begin with positive patterns before co...
Use logging best practices
deeplearning4j/deeplearning4jAdopt these logging best practices to ensure consistent, efficient, and meaningful logs: 1. **Use Lombok's `@Slf4j` ...
Numerical stability practices
deeplearning4j/deeplearning4jWhen implementing machine learning algorithms, ensure numerical correctness and stability by following these practice...
Descriptive error context
deeplearning4j/deeplearning4jError messages should be specific, descriptive, and include context to help with debugging. Avoid generic messages li...
Model-agnostic AI code
crewaiinc/crewaiWhen building applications that interact with AI models, avoid hardcoding model-specific behavior and instead design ...
Maintain consistent code style
vuejs/coreFollow project-wide code style conventions to ensure consistency and readability. Key practices include: 1. Use cons...
Explicit nullish checks
vuejs/coreWhen checking for the absence of values, use explicit nullish checks rather than relying on JavaScript's falsy behavi...
Secure credential management
chef/chefWhen handling passwords, certificates, or keys in your code, implement secure encryption and storage mechanisms to pr...
Prefer guard clauses
chef/chefUse guard clauses with early returns for null checking instead of wrapping code in conditional blocks. This improves ...
Explicit configuration over implicit
chef/chefAlways define explicit configuration defaults rather than relying on implicit behavior or autovivification. Configura...
Use appropriate logging levels
bridgecrewio/checkovSelect the correct logging level based on the importance and visibility requirements of the information. Choose WARNI...
Thorough test assertions
bridgecrewio/checkovEnsure tests thoroughly validate functionality through comprehensive assertions. When writing tests: 1. Assert all r...
Strategic exception management
bridgecrewio/checkovChoose the appropriate error handling strategy based on the context and severity of potential failures. Use exception...
Strategic error handling
bridgecrewio/checkovChoose appropriate error handling strategies based on the nature of the error and recovery potential: 1. **Raise exc...
Document configuration options
bridgecrewio/checkovAlways provide comprehensive documentation for all configuration options, including environment variables, feature fl...
Choose optimal data structures
bridgecrewio/checkovSelect the most appropriate data structure based on the specific operations your algorithm needs to perform. This cho...
Write clear examples
boto/boto3Create comprehensive code examples in documentation that demonstrate common operations and use proper formatting. Use...
Consistent method interfaces
boto/boto3Design APIs with consistent method interfaces across related resources to improve usability and reduce learning curve...
Configure proxies with schemes
boto/boto3When configuring proxies in AWS SDK clients, always include the complete URL scheme in proxy definitions. Match the s...
Specific exceptions for clarity
Azure/azure-sdk-for-netUse specific exception types with meaningful error messages rather than generic exceptions to improve error handling,...
Preserve API compatibility
Azure/azure-sdk-for-netWhen evolving APIs, maintain backward compatibility to prevent breaking changes for existing consumers. Key approac...
Maintain clean code structure
Azure/azure-sdk-for-netKeep code clean and well-organized by: 1. Removing unnecessary elements: - Delete commented-out code that is no lo...
Centralize configuration values
Azure/azure-sdk-for-netConfiguration values should be defined once and referenced throughout your project to ensure consistency and simplify...
Prefer descriptive over brief
tokio-rs/axumChoose clear, descriptive names over abbreviated or shortened versions. Names should be self-documenting and follow R...
Documentation consistency standards
tokio-rs/axumMaintain consistent documentation formatting standards across all project files, especially in changelogs, code examp...
Consistent axum Usage in Typescript
tokio-rs/axumWhen implementing Typescript code that uses the axum package, maintain consistent and idiomatic usage: always use low...
Type-safe API interfaces design
axios/axiosDesign API interfaces with strong type safety while maintaining excellent developer experience. Prefer explicit types...
Standardize null value checks
axios/axiosAlways use consistent patterns and utility functions for handling null and undefined values. This improves code relia...
Specific test assertions
axios/axiosWhen writing tests, explicitly assert specific conditions and expected values rather than relying on general success/...
Proxy protocol handling
axios/axiosWhen implementing HTTP clients with proxy support, ensure the connection to the proxy uses the protocol specified in ...
Documentation reflects reality
axios/axiosAlways ensure documentation accurately represents the actual code behavior and implementation details. Include import...
Consistent method behaviors
axios/axiosDesign API methods with predictable behavior patterns that follow common conventions. Methods that modify objects dir...
Complete error handling chain
axios/axiosImplement comprehensive error handling throughout the codebase by ensuring all error scenarios are properly caught, t...
Structured test resource management
aws/aws-sdk-jsOrganize tests with proper resource lifecycle management to ensure reliability and maintainability. Create test resou...
Content integrity verification
aws/aws-sdk-jsWhen handling HTTP responses, especially with streaming data, properly verify content integrity and length to prevent...
Validate nulls explicitly
apache/airflowAlways check for null values before using them, and use Python's idiomatic patterns to make these checks concise and ...
Use system configuration defaults
apache/airflowAlways use the configuration system's default values instead of hardcoding defaults in the code. This ensures consist...
Maintain code consistency
apache/airflowEnsure consistency throughout the codebase by following established patterns for both UI components and code structur...
Internationalize ui text
apache/airflowAll user interface text must be internationalized using the appropriate i18n module instead of hardcoded strings. Thi...
Handle exceptions with specificity
apache/airflowUse specific exception types and avoid masking errors through overly broad exception handling or default values. This...
Documentation best practices
apache/airflowDocumentation should follow established best practices to ensure clarity, consistency, and usefulness: 1. **Use prop...
Verify properties before logging
vercel/aiWhen logging object properties, always verify that the property names exactly match the actual structure of the objec...
Maintain API naming consistency
vercel/aiWhen working with AI model interfaces and result objects, ensure consistent property naming across related components...
Document API schemas
vercel/aiAdd comprehensive JSDoc comments to all API interfaces, types, and schema definitions. This documentation should: 1....
Consistent provider options
vercel/aiWhen designing APIs that support multiple providers or service integrations, implement consistent patterns for handli...
Protect render loop performance
zed-industries/zedEnsure render loop operations stay within frame time budget (typically 16.67ms for 60fps). Avoid expensive computatio...
Contextualize don't panic
zed-industries/zedAlways provide meaningful context for errors and avoid code that can panic in production. Use `.context()` or `.with_...
Background process blocking operations
zed-industries/zedAlways move potentially blocking operations to background threads to maintain UI responsiveness. Use appropriate spaw...
Document AI model capabilities
vllm-project/vllmProvide clear, comprehensive documentation for AI model capabilities, especially for multimodal features and deployme...
Use parameterized queries
vitessio/vitessAlways use parameterized queries with bind variables instead of string concatenation or formatting when constructing ...
Standardize error wrapping patterns
vitessio/vitessUse consistent error wrapping patterns to preserve error context and ensure proper error code propagation. Always: 1....
Metric design best practices
vitessio/vitessDesign metrics to be reliable and maintainable by following these key principles: 1. Initialize metrics with zero va...
Log levels and clarity
vitessio/vitessChoose appropriate log levels and write clear, meaningful log messages that provide necessary context without creatin...
Explicit nil handling
vitessio/vitessAlways handle nil values explicitly in your code to improve clarity and prevent subtle bugs. When a function needs to...
Environment-portable configuration management
vitessio/vitessEnsure all configurations are environment-portable and follow current best practices for the target platforms. This i...
Use optional patterns
vitejs/viteChoose the most appropriate pattern for handling potentially undefined or null values. When designing types, prefer o...
Optimize glob operations
vitejs/viteWhen using glob patterns for file system operations, ensure optimal performance and consistent behavior by configurin...
Minimize memory allocations
vitejs/viteChoose methods and patterns that reduce unnecessary memory allocations and object creation to improve performance. Wh...
Manage configuration inheritance carefully
vitejs/viteWhen designing configuration systems, establish clear default values and inheritance patterns. Follow these principle...
Leverage native tooling
vitejs/vitePrioritize native or Rust-based implementations of build tools over their JavaScript counterparts to significantly im...
Evolve APIs with compatibility
vitejs/viteWhen evolving APIs, maintain backwards compatibility while introducing new features by following a staged deprecation...
Document code purposefully
vitejs/viteHigh-quality code documentation improves maintainability and helps other developers understand your intentions. Follo...
Clean configuration organization
vitejs/viteOrganize configuration settings logically and avoid redundancy in project configuration files. Group related options ...
Break down complex functions
vitejs/viteImprove code readability and maintainability by decomposing large, complex functions into smaller, focused ones. When...
Use direct documentation style
astral-sh/uvWrite documentation using direct, clear language that addresses the reader directly. Follow these style guidelines: ...
Respect connectivity state
astral-sh/uvApplications should gracefully handle different network connectivity states and provide appropriate feedback to users...
Consistent authentication patterns
astral-sh/uvDesign API authentication mechanisms with consistent patterns, clear documentation, and helpful error messages. When ...
Balance test performance considerations
astral-sh/uvWhen writing tests, consider both thoroughness and execution time. For operations with significant overhead (like Pyt...
React rendering safeguards
shadcn-ui/uiThis standard ensures your React components render correctly and efficiently, preventing common pitfalls that cause e...
Keep build tooling updated
vercel/turborepoMaintain up-to-date build and CI/CD tooling to leverage the latest features, performance improvements, and security p...
Define API boundaries
vercel/turborepoClearly specify what constitutes your public API contract to manage versioning expectations and documentation require...
Configuration precision matters
vercel/turborepoEnsure configuration files are precise and stable to prevent unexpected build failures and runtime issues. This inclu...
Choose logging levels wisely
vercel/turborepoSelect appropriate logging levels based on the frequency and importance of the logged operation. Use `trace` for high...
Boundary case handling
vercel/turborepoAlways handle boundary conditions explicitly in algorithms to prevent unexpected behavior. When implementing algorith...
Secure unsafe code
tokio-rs/tokioWhen working with unsafe code, follow these practices to minimize security vulnerabilities: 1. **Minimize scope**: L...
Optimize algorithmic efficiency
tokio-rs/tokioPay careful attention to operations inside loops and recursive functions to avoid unexpected algorithmic complexity. ...
Memory ordering needs justification
tokio-rs/tokioWhen using atomic operations, explicitly justify the choice of memory ordering. Each use of a memory ordering should ...
Granular feature flags
tokio-rs/tokioFeature flags should be designed with granularity to ensure dependencies are only required when absolutely necessary....
Document null safety assumptions
tokio-rs/tokioWhen writing code that handles potentially null, undefined, or uninitialized values, always document safety assumptio...
Code block formatting standards
tokio-rs/tokioWhen documenting code examples and shell commands in project documentation, follow these formatting standards to ensu...
Prefer explicit API design
huggingface/tokenizersWhen designing APIs, favor simple and explicit interfaces over flexible but complex ones. This reduces cognitive load...
Choose semantically clear identifiers
huggingface/tokenizersSelect parameter and method names that accurately describe their purpose and behavior, avoiding ambiguous terms that ...
Choose optimal data structures
huggingface/tokenizersSelect data structures based on their algorithmic complexity and usage patterns. Consider the tradeoffs between diffe...
Resource cleanup on errors
hashicorp/terraformAlways ensure proper resource cleanup in error paths to prevent leaks. Use defer functions with explicit error checki...
Explicit protocol interfaces
hashicorp/terraformDesign protocol interfaces with explicit behavior definitions rather than relying on implicit conventions. Clearly sp...
Ensure test isolation
hashicorp/terraformTests should be completely isolated from each other and clean up after themselves to prevent interference. 1. **Use...
Consistent documentation formatting
hashicorp/terraformMaintain consistent style in documentation files to improve readability and professionalism. Specifically: 1. **Comm...
Configuration override precedence
hashicorp/terraformWhen designing systems with configurations that can be specified at multiple levels (global vs local, environment vs ...
Clarify test documentation
hashicorp/terraformEnsure all testing-related documentation is clear, accurate, and user-focused. Use precise terminology when describin...
Choose appropriate API types
hashicorp/terraformSelect the simplest data types that satisfy requirements when designing API signatures. Avoid using complex types (li...
Tensor-aware control flow
tensorflow/tensorflowWhen working with TensorFlow tensors, avoid using Python comparison operators (`<`, `>=`, `==`) or conditional checks...
Complete docstring structure
tensorflow/tensorflowFunction documentation should follow a consistent structure that includes all necessary components to be complete and...
Centralize configuration settings
tensorflow/tensorflowPlace configuration settings in centralized, appropriate locations rather than duplicating them across multiple files...
Mathematical precision matters
tensorflow/swiftWhen implementing mathematical algorithms, ensure precise terminology and correct implementation of mathematical conc...
Document environment variables
tensorflow/swiftWhen using configurable components, clearly document all relevant environment variables and their effects. Include ex...
Use environment-independent defaults
spring-projects/spring-frameworkWhen designing configuration options, avoid relying on environment-specific defaults such as system character encodin...
Spring annotation best practices
spring-projects/spring-frameworkWhen working with Spring annotations, follow these guidelines to avoid common issues: 1. **Use interface types for d...
Minimize lock contention
spring-projects/spring-frameworkWhen implementing thread-safe code, minimize the scope and duration of locks to reduce contention and improve perform...
Consistent style conventions
spring-projects/spring-frameworkApply consistent formatting and organization conventions throughout the codebase to enhance readability and maintaina...
Explicit security documentation
spring-projects/spring-bootAlways provide explicit and accurate documentation for security-related configurations, including: 1. Use proper con...
Structure configuration options
dotnet/runtimeDesign and document configuration options (feature flags, environment variables, conditional compilation) to be clear...
Maintain consistent formatting
dotnet/runtimeEnsure consistent formatting and organization throughout the codebase to improve readability and maintainability. Thi...
Decompose complex algorithms
dotnet/runtimeWhen implementing algorithms, break down complex methods that handle multiple concerns into smaller, more focused met...
Choose appropriate error mechanisms
dotnet/runtimeUse the right error handling mechanism for each scenario: exceptions for recoverable situations, assertions only for ...
Support configuration extension patterns
astral-sh/ruffWhen designing configuration systems, provide both replacement and extension options for list-based settings to give ...
Maintain focused module structure
astral-sh/ruffKeep modules focused and well-organized by grouping related functionality together and splitting large files into log...
Leverage existing API utilities
astral-sh/ruffWhen implementing or consuming APIs, always prefer using existing utility methods and abstractions over manual implem...
Optimize hot paths
facebook/reactIn performance-critical code paths that execute frequently, optimize to reduce unnecessary operations that can impact...
Balance constraints with flexibility
facebook/reactWhen designing APIs, carefully evaluate constraints imposed on consumers. Each limitation should serve a clear purpos...
Understand query method behavior
rails/railsWhen working with database queries in Active Record, it's essential to understand the precise behavior of query metho...
Optimize cache headers
rails/railsUse appropriate HTTP cache headers based on content mutability. For immutable assets (like digest-stamped files), app...
Human-readable configuration values
rails/railsWhen writing configuration files, prioritize human readability and maintainability by using descriptive expressions i...
Efficient data processing
rails/railsWhen implementing algorithms that process large data streams or collections, use a chunking approach rather than proc...
Contextual error messages
rails/railsError messages should provide sufficient context to understand and debug the problem efficiently. Include both the ex...
Content security policy configuration
rails/railsImplement Content Security Policy (CSP) configurations appropriately for your application's context. Use report-only ...
Validate database connections explicitly
quarkusio/quarkusAlways implement explicit database connection validation strategies to ensure robust application behavior during star...
Secure authentication defaults
quarkusio/quarkusConfigure authentication mechanisms with secure default settings to prevent security vulnerabilities. When implementi...
Documentation style consistency
quarkusio/quarkusMaintain consistent documentation style to improve readability and user experience: 1. **Use precise terminology**: ...
Avoid wildcard imports
quarkusio/quarkusWildcard (star) imports like `import java.util.*;` are prohibited in the codebase as they reduce code readability and...
Avoid unnecessary allocations
quarkusio/quarkusMinimize object creation and memory allocations, especially in frequently called methods and hot code paths, to reduc...
Automate style enforcement
quarkusio/quarkusImplement automated code style enforcement using complementary tools rather than relying on manual reviews. Configure...
Optimize memory usage
pytorch/pytorchLimit memory consumption in performance-critical paths by conditionally creating large data structures or deferring a...
Normalize configuration parameters
pytorch/pytorchAlways normalize configuration inputs (especially environment variables) by removing whitespace and applying consiste...
Eliminate redundant operations
pytorch/pytorchAvoid unnecessary operations that can impact performance. This includes: 1. Redundant data transformations: - Loa...
Design for compatibility
pytorch/pytorchWhen evolving APIs, prioritize backward compatibility to minimize disruption for existing users. Add new functionalit...
Choose appropriate exceptions
pytorch/pytorchSelect the proper exception type based on the error scenario to provide clearer error handling and better debugging e...
Write targeted, specific tests
pydantic/pydanticTests should validate specific, well-defined behaviors with clear assertions that directly relate to what's being tes...
Simple defaults, flexible overrides
pydantic/pydanticDesign APIs with intuitive defaults for common use cases while providing specialized options for edge cases. This app...
Semantic over syntactic
pydantic/pydanticChoose names that clearly communicate the purpose and behavior of your code elements, focusing on semantic meaning ra...
Safe attribute access pattern
pydantic/pydanticAlways use safe attribute access patterns to handle potentially null or undefined attributes. Instead of direct attri...
Document configuration relationships
pydantic/pydanticWhen designing configuration options that interact with each other, clearly document these relationships and consider...
Consistent configuration patterns
pydantic/pydanticWhen working with configurations in Pydantic models, maintain consistency by using `ConfigDict()` instead of plain di...
Balance documentation thoroughness
pydantic/pydanticDocumentation should balance completeness with avoiding redundancy. When documenting complex features: 1. Centralize...
Service layer abstraction
prowler-cloud/prowlerSeparate business logic and external service interactions from API views by using dedicated service layers. This impr...
Parameterize security commands
prowler-cloud/prowlerWhen writing security-related CLI commands or remediation steps, always use standardized parameter placeholders (e.g....
Memory usage optimization
prowler-cloud/prowlerOptimize memory usage in high-performance applications by implementing explicit memory management techniques. This in...
Maintain component consistency
prowler-cloud/prowlerUse a consistent approach when working with components to improve code maintainability and ensure visual coherence th...
Ensure migration compatibility
prowler-cloud/prowlerWhen modifying database schemas through migrations, ensure compatibility with existing data. For new required fields,...
Document configuration variables
prowler-cloud/prowlerAlways provide complete documentation for configuration variables, including their exact format, purpose, and behavio...
Document authentication requirements
prowler-cloud/prowlerWhen creating or modifying APIs, always provide comprehensive documentation for authentication methods and prerequisi...
Prevent deadlock conditions
pola-rs/polarsCarefully manage resource acquisition and release to prevent deadlocks in concurrent code. Deadlocks typically occur ...
Prevent cryptic errors
pola-rs/polarsAlways implement proper validation and type checking to prevent cryptic error messages. When errors do occur, provide...
Organize tests efficiently
pola-rs/polarsWrite maintainable, well-structured tests that are easy to understand and extend. Tests should remain simple and focu...
Optimize data transformations
pola-rs/polarsWhen implementing data processing operations, avoid unnecessary data transformations, copies, and conversions that ca...
Design for operation flexibility
pola-rs/polarsWhen implementing algorithms that operate on data structures (particularly arrays, lists, or collections), design the...
Defer expensive operations
pola-rs/polarsAvoid triggering expensive computations prematurely in your code. Operations like `collect()`, intensive IO operation...
Choose appropriate abstractions
pola-rs/polarsWhen designing APIs, select data types and patterns that match how they will be consumed while facilitating long-term...
Proper span lifecycle
opentofu/opentofuAlways ensure trace spans are properly closed in all code execution paths to prevent trace leaks that can distort obs...
Prevent backing array surprises
opentofu/opentofuWhen modifying slices in Go, be aware that appending to a slice with available capacity will modify the backing array...
Minimize API surface
opentofu/opentofuDesign APIs with minimal exposed surface by encapsulating implementation details within packages. When designing APIs...
Write reliable test cases
open-telemetry/opentelemetry-pythonCreate deterministic and reliable test cases by following these guidelines: 1. Use hardcoded values instead of rando...
Return collections not None
open-telemetry/opentelemetry-pythonReturn empty collections (lists, dicts, sets) instead of None when representing empty states. This reduces null check...
Prevent recursive logging calls
open-telemetry/opentelemetry-pythonAvoid implementing logging calls that could trigger recursive logging patterns, which can lead to infinite loops and ...
Precise configuration specifications
open-telemetry/opentelemetry-pythonEnsure configuration files use tool-specific syntax and conventions while leveraging appropriate defaults. Be intenti...
Place attributes correctly
open-telemetry/opentelemetry-pythonWhen implementing observability with OpenTelemetry, place attributes at the appropriate level in the telemetry hierar...
Pin dependency versions
open-telemetry/opentelemetry-pythonAlways use exact version pinning (==) for dependencies in requirements files rather than version ranges. This ensures...
Choose data structures wisely
open-telemetry/opentelemetry-pythonSelect data structures based on your specific access patterns and performance requirements. Using the right data stru...
Optimize for common cases
opencv/opencvWhen implementing algorithms, create specialized versions for common cases to improve performance, while maintaining ...
Framework synchronization practices
opencv/opencvWhen implementing concurrent code, always use the framework's provided synchronization primitives rather than direct ...
Document properly with references
opencv/opencvAlways separate code from documentation and use proper referencing techniques. Documentation should be in markdown fi...
Reuse buffers strategically
ollama/ollamaFor frequently called methods or hot code paths, reuse allocations instead of creating new buffers on each call. This...
Platform-aware configuration documentation
ollama/ollamaAlways document platform-specific configuration differences and requirements thoroughly. When writing documentation o...
Loose API coupling
ollama/ollamaMaintain a clear separation between API definitions and their implementations by avoiding direct passing of API struc...
Use async/await pattern
octokit/octokit.netWhen designing or documenting API clients, always use the async/await pattern rather than blocking calls. Replace cod...
Catch specific exceptions
octokit/octokit.netAlways catch specific exception types rather than using general catch blocks. This improves error handling precision,...
Verify documentation references
vercel/next.jsWhen writing or updating documentation, ensure all code examples, installation commands, and project references accur...
Proper Use of Suspense in Next.js Components
vercel/next.jsWhen building Next.js applications that leverage server-side rendering (SSR) or Partial Prerendering (PPR), it is ess...
Proper Error Handling in Next.js API Routes
vercel/next.jsThis review focuses on ensuring proper error handling in Next.js API routes. Key principles include validating incomi...
Maintain Consistent Naming Conventions in Next.js Code
vercel/next.jsAs a code reviewer for Next.js projects, ensure that all code artifacts, including component names, file names, and c...
Protect network buffer lifecycle
netty/nettyWhen handling network buffers in protocol implementations, ensure proper lifecycle management to prevent memory leaks...
Preserve backward compatibility
netty/nettyWhen evolving APIs in minor versions, always maintain backward compatibility to avoid breaking client code. Follow th...
Optimize search operations
netty/nettyEnhance search algorithm performance by prioritizing common cases, using appropriate data structures, and avoiding un...
Configurable over hardcoded
netty/nettyMake configuration parameters configurable rather than hardcoding values, especially for limits, sizes, and threshold...
Scope JWT authentication tokens
neondatabase/neonAlways include tenant, timeline, and endpoint identifiers in JWT tokens used for service authentication. This ensures...
Proper Option type usage
neondatabase/neonUse Option
Proactive cache warming
neondatabase/neonImplement proactive cache warming strategies to minimize performance degradation after system restarts or during cold...
Pin GitHub action versions
neondatabase/neonAlways pin GitHub Actions to specific commit hashes instead of using major/minor version tags (like @v4). This ensure...
Ensure algorithm robustness
neondatabase/neonWhen implementing algorithms, ensure they handle all edge cases correctly and robustly. Code should gracefully manage...
Connection pooling with pipelining
neondatabase/neonImplement connection pooling with request pipelining for network services to optimize resource usage and improve thro...
Graph traversal optimization
apache/mxnetWhen working with graph structures, avoid performing redundant depth-first search (DFS) traversals as each traversal ...
Explicit null checks
apache/mxnetAlways use explicit null checks (`value is None` or `value is not None`) rather than implicit truthiness evaluations ...
Comprehensive API documentation
apache/mxnetEnsure all API elements are thoroughly documented following a consistent format. This includes: 1. **All function pa...
Avoid redundant calculations
apache/mxnetEliminate redundant calculations by identifying and caching frequently used values to improve performance. Consider t...
Use database-native types
langchain-ai/langchainjsAlways leverage database-native data types and appropriate schema design to maximize performance and query capabiliti...
Eliminate redundant code
langchain-ai/langchainjsSimplify code by eliminating redundancy and unnecessary complexity. This improves readability, reduces potential bugs...
Dependency classification standards
langchain-ai/langchainjsProperly classify dependencies in package.json according to their usage pattern and project guidelines. This ensures ...
Comprehensive AI documentation
langchain-ai/langchainjsWhen documenting AI integrations, provide comprehensive examples that showcase all common initialization and usage pa...
Avoid hardcoded configurations
langchain-ai/langchainjsAlways parameterize values that might vary across different environments or users instead of hardcoding them in your ...
Standardize network tools
kubeflow/kubeflowWhen performing network operations in build scripts or containers, prefer `curl` over `wget` for HTTP requests to sta...
Prioritize readability over brevity
kubeflow/kubeflowWhen writing code, favor readability and maintainability over clever or compact solutions. Break down complex logic i...
Pin version dependencies
kubeflow/kubeflowExplicitly pin version dependencies in configuration files to ensure reproducible builds and prevent breaking changes...
Load configurations efficiently
kubeflow/kubeflowWhen designing components that require configuration, follow these practices to enhance performance, maintainability,...
Follow API conventions
kubeflow/kubeflowWhen designing APIs, adhere to established API conventions, particularly Kubernetes API conventions when working with...
Externalize configuration parameters
kubeflow/kubeflowCreate configurations that can be easily managed outside your application code. Design configuration parameters to be...
Document code thoroughly
kubeflow/kubeflowAlways include appropriate documentation in your code to improve readability, maintainability, and usability: 1. **D...
Contextualize and classify errors
kubeflow/kubeflowAlways provide meaningful context when handling errors, and classify them appropriately based on their source. This i...
Centralize configuration constants
kubeflow/kubeflowStore configuration constants, defaults, and environment variable mappings in dedicated configuration files rather th...
Use defensive null checks
JetBrains/kotlinWhen working with properties or methods that could potentially be null, use Kotlin's null safety features defensively...
Use structured logging fields
influxdata/influxdbAlways use structured logging with descriptive field names rather than string interpolation. Include relevant context...
Prevent nil dereferences
influxdata/influxdbAlways verify that pointers, slices, or arrays are non-nil and have sufficient elements before attempting to access t...
Prefer configurable values
influxdata/influxdbAlways use configurable values instead of hardcoded defaults when available. This ensures that user preferences are r...
Performance-conscious metrics implementation
influxdata/influxdbImplement metrics collection that is both comprehensive and minimally impactful on system performance. Design your me...
Include explanatory examples
influxdata/influxdbAlways enhance documentation with concrete, illustrative examples that demonstrate expected inputs, formats, or outpu...
Avoid unnecessary work
influxdata/influxdbWhen optimizing performance-critical code paths, eliminate redundant operations and unnecessary processing: 1. **Exi...
Avoid flaky test patterns
influxdata/influxdbWrite reliable tests by avoiding common patterns that can lead to flaky behavior. Specifically: 1. Avoid arbitrary t...
Test all code paths
elie222/inbox-zeroWrite comprehensive tests that cover all code paths including edge cases, error conditions, and different parameter c...
Prevent workflow recursion
elie222/inbox-zeroControl GitHub Actions workflow execution to avoid infinite loops and unnecessary builds. Implement these practices: ...
Normalize API responses
elie222/inbox-zeroDesign APIs to return consistent response structures across different data sources or providers. Normalize responses ...
Handle AI operation failures
elie222/inbox-zeroAlways implement proper error handling for AI service operations. AI services can fail due to rate limiting, network ...
Ensure API contract integrity
elie222/inbox-zeroMaintain strict consistency between API implementation and contract by ensuring: 1. Request/response schemas match ex...
Define schema relations correctly
elie222/inbox-zeroWhen designing database schemas, ensure relations and constraints are explicitly and correctly defined: 1. Every mod...
Complete hook dependency arrays
elie222/inbox-zeroEnsure all hooks (useEffect, useCallback, useMemo) explicitly list every dependency used within their callback functi...
Cache invariant computations
elie222/inbox-zeroAvoid repeatedly computing values that don't change frequently. For data structures, maps, or validation schemas used...
Safe property access patterns
grafana/grafanaUse appropriate null/undefined handling techniques based on the context to prevent runtime errors. Be mindful of the ...
Prefer null-safe access
grafana/grafanaAlways use null-safe access patterns when dealing with potentially undefined values to prevent runtime errors and imp...
Optimize performance patterns
grafana/grafanaChoose efficient implementation patterns that improve performance. Apply these optimizations throughout your code: 1...
Name for purpose first
grafana/grafanaChoose names that lead with their primary purpose or category, followed by specific details. This makes code more dis...
Minimize database joins
grafana/grafanaPrefer direct filtering or specialized service methods over complex JOIN operations, especially when maintaining or r...
Maintain configuration documentation accuracy
grafana/grafanaAlways ensure configuration documentation accurately reflects the current system capabilities, limitations, and featu...
Judicious configuration management
grafana/grafanaCarefully manage configuration options, including feature flags, to balance flexibility with maintainability: 1. **U...
Fail-safe security defaults
grafana/grafanaAlways implement security features with fail-safe defaults that deny access or disable insecure functionality unless ...
Consistent semantic naming
grafana/grafanaUse consistent, specific, and semantically appropriate naming conventions throughout the codebase. When creating new ...
Consistent API versioning approach
grafana/grafanaAdopt and document a consistent approach to API versioning across your services. The chosen format should be clearly ...
Component architecture principles
grafana/grafanaExtract logic that doesn't render JSX into custom hooks instead of components. Components that don't return markup cr...
Descriptive idiomatic identifiers
gin-gonic/ginUse descriptive names for variables, types, and interfaces that follow Go language idioms. Avoid single-letter variab...
Consistent error patterns
gin-gonic/ginImplement consistent error handling patterns throughout your codebase to improve readability and maintainability. **...
Structure user documentation
ghostty-org/ghosttyWhen documenting complex features or configuration options, structure your documentation with these four key elements...
Semantic name clarity
ghostty-org/ghosttyNames should clearly and accurately reflect the purpose of variables, methods, and other identifiers. Follow these pr...
Prevent unnecessary memory operations
ghostty-org/ghosttyAvoid redundant memory allocations and copies when simpler alternatives exist. This includes: 1. Use in-place compar...
Optimize comparison patterns efficiently
ghostty-org/ghosttyChoose efficient comparison patterns and algorithms based on the data type and use case. Key guidelines: 1. For stri...
In-tree build configurations
ghostty-org/ghosttyKeep all build configuration files (Snapcraft, Flatpak manifests, etc.) in the repository alongside your code to ensu...
Validate with sensible defaults
fatedier/frpImplement a comprehensive configuration validation strategy that combines centralized validation functions with appro...
Follow Go naming conventions
fatedier/frpAdhere to Go's standard naming conventions for identifiers: 1. **Control visibility with capitalization**: - Use ...
Optimize migration code
laravel/frameworkWhen writing database migration code, prioritize clarity and efficiency to ensure migrations are reliable and maintai...
Optimize loop operations
laravel/frameworkWhen writing loops, optimize for both readability and performance by following these key principles: 1. **Exit early...
Disable coverage in workflows
laravel/frameworkKeep code coverage tools disabled in CI/CD workflows unless they're specifically needed for generating coverage repor...
Descriptive configuration keys
laravel/frameworkConfiguration keys should clearly indicate their value type, units, or expected format to prevent misunderstandings a...
Proper Handling of Promises in Fastify Implementations
fastify/fastifyWhen implementing Fastify applications in TypeScript, it is important to follow consistent patterns for handling prom...
Content negotiation design
fastify/fastifyWhen building APIs, implement proper content negotiation to handle various media types in both requests and responses...
Consistent descriptive naming
fastify/fastifyUse precise, consistent, and descriptive naming conventions throughout your code to enhance readability and maintaina...
Benchmark before choosing methods
fastify/fastifyAlways benchmark different implementation approaches for performance-critical operations before selecting a method. D...
Use pytest fixtures effectively
fastapi/fastapiTests should use pytest fixtures to improve organization, promote test isolation, and avoid code duplication. Fixture...
Use early returns
fastapi/fastapiDecrease indentation levels in your code by using early returns for edge cases and guard conditions. This approach im...
Respect async execution order
fastapi/fastapiWhen working with asynchronous code, always be mindful of the execution order of operations, particularly with regard...
Proper HTTP status codes
fastapi/fastapiWhen implementing authentication and authorization systems, use semantically correct HTTP status codes to accurately ...
Optimize hot paths
expressjs/expressWhen writing code that will be executed frequently (hot paths), prioritize performance optimizations that reduce over...
Optimize dependency automation
expressjs/expressConfigure automated dependency update tools (like Dependabot) to balance security needs against developer cognitive l...
Access settings properly
expressjs/expressAlways use the provided settings accessor methods (`app.get()`, `app.set()`, `app.enabled()`, `app.disabled()`) to ac...
Parallel branch traceability
elastic/elasticsearchWhen implementing algorithms with parallel processing branches, ensure proper traceability and data consistency acros...
Exceptions for critical errors
elastic/elasticsearchUse exceptions rather than assertions for handling critical error conditions that need to be caught in production. As...
Defensive null handling
elastic/elasticsearchAlways handle null references and values defensively to prevent NullPointerExceptions and unexpected behavior. Follow...
Configure type serialization
elastic/elasticsearchWhen working with databases that exchange data with other systems, ensure proper serialization and deserialization of...
Clarity over uncertainty
elastic/elasticsearchTechnical documentation should use precise language that clearly differentiates between product behavior and user con...
Use modern API methods
deeplearning4j/deeplearning4jWhen implementing algorithms with numerical libraries like ND4J, always prefer the most direct and type-safe API meth...
Minimize object allocations
deeplearning4j/deeplearning4jAvoid creating unnecessary temporary objects or arrays which can impact performance through increased garbage collect...
Keep configurations current
deeplearning4j/deeplearning4jEnsure all configuration elements (dependencies, build settings, preprocessor flags) are up-to-date, documented, and ...
Fail fast clearly
deeplearning4j/deeplearning4jDetect and report errors as early as possible with detailed context to prevent silent failures and aid debugging. Val...
Document AI APIs completely
deeplearning4j/deeplearning4jWhen developing AI libraries and tools, provide comprehensive and accurate API documentation that helps users navigat...
Cross-platform algorithm optimization
deeplearning4j/deeplearning4jWhen implementing algorithms that need to execute efficiently across different platforms, consider both compile-time ...
Configurable resource locations
deeplearning4j/deeplearning4jAlways make file paths, temporary directories, and resource locations configurable with reasonable defaults instead o...
Compare floating-point safely
deeplearning4j/deeplearning4jWhen implementing numerical algorithms, never compare floating-point values directly for equality due to precision er...
Default None not empty
crewaiinc/crewaiAlways use `None` as the default value for optional parameters and class attributes instead of empty collections (`[]...
Pause tracking during side-effects
vuejs/coreWhen executing side-effects in reactive systems (like event handlers, cleanup functions, or async operations), always...
Optimize common search paths
vuejs/coreImplement dedicated fast paths for common search patterns while maintaining a complete fallback path for edge cases. ...
Guarantee cleanup execution
vuejs/coreWhen implementing features that require cleanup or state restoration, always use try-finally blocks to ensure cleanup...
Use strict test doubles
chef/chefAlways use strict test doubles (instance_double, class_double) instead of basic doubles or OpenStruct in tests. Stric...
Standardize installation directory paths
chef/chefMaintain consistent and separate installation paths for different build types to prevent conflicts and improve system...
Secure network operations
chef/chefWhen performing network operations, prioritize security and configurability to ensure robustness across different env...
Document configuration decisions
chef/chefAdd clear comments explaining the rationale behind configuration decisions, especially for workarounds, compatibility...
Document configuration completely
chef/chefAlways provide complete documentation for configuration options, including defaults, override methods, and security i...
Use pytest best practices
bridgecrewio/checkovAdopt modern pytest features to create maintainable, isolated, and comprehensive tests. This includes: 1. **Prefer p...
Preserve API compatibility
bridgecrewio/checkovWhen modifying existing APIs, function signatures, or return structures, always maintain backward compatibility to pr...
Precise configuration validation
bridgecrewio/checkovEnsure configuration validation logic accurately reflects security intentions and best practices. When writing valida...
Structure for readability
boto/boto3Prioritize code readability by structuring code in a way that makes it easy to understand at a glance. This includes:...
Isolate concurrent resources
boto/boto3Create separate instances of non-thread-safe resources for each thread or process in concurrent applications rather t...
Consistent region configuration
boto/boto3Always maintain consistency in region configurations throughout your application. Instead of hardcoding endpoints, us...
Write deterministic tests
Azure/azure-sdk-for-netTests should be deterministic, reliable, and isolated from external dependencies to ensure consistent results across ...
User-friendly configuration values
Azure/azure-sdk-for-netPrefer intuitive, user-friendly values for configuration options over technical "magic strings" or codes that require...
Standardize environment variables
Azure/azure-sdk-for-netEnsure environment variable names are consistently spelled, properly referenced, and follow established naming conven...
Externalize configuration values
Azure/azure-sdk-for-netStore configuration values (URLs, demands, pool names) in centralized variables rather than hardcoding them inline. T...
Use Option combinators
tokio-rs/axumInstead of verbose conditional logic, prefer Rust's Option combinators like map, and_then, and filter for handling po...
Structure errors for safety
tokio-rs/axumCreate specific error types with appropriate status codes while ensuring sensitive details are logged but not exposed...
Minimize memory allocation overhead
tokio-rs/axumOptimize performance by minimizing unnecessary memory allocations and using allocation-efficient APIs. Key practices ...
Lock carefully in async
tokio-rs/axumWhen using locks in async code, follow critical guidelines to avoid deadlocks. Never hold std::sync::Mutex locks acro...
Handle protocol headers properly
tokio-rs/axumWhen implementing network services, especially proxies and protocol handlers, proper HTTP header management is critic...
Validate security-critical inputs
axios/axiosAlways validate and sanitize user-supplied inputs before using them in security-sensitive operations. This helps prev...
Robust Axios Usage in Typescript
axios/axiosThis review focuses on ensuring robust and type-safe usage of the Axios library in Typescript codebases. Key recommen...
Proper Error Handling in Axios Typescript Code
axios/axiosAs a code reviewer, it is important to ensure that Axios-based Typescript code properly handles and propagates errors...
Extract for better readability
axios/axiosComplex expressions and repeated code should be extracted into well-named variables to improve readability and mainta...
Maintain consistent formatting
aws/aws-sdk-jsEnhance code readability and maintainability by applying consistent formatting practices throughout your codebase: 1...
Safe constraint modification sequence
apache/airflowWhen modifying constraints in database migrations, follow a safe sequence of operations to prevent integrity errors: ...
Parameterize similar tests
apache/airflowWrite parameterized tests instead of using for loops or duplicating test code for similar test cases. Using pytest's ...
Optimize collection processing patterns
apache/airflowUse Python's built-in efficient collection processing methods instead of manual implementations. This reduces code co...
Leverage backend API capabilities
apache/airflowWhen consuming APIs in frontend applications, utilize the backend capabilities rather than reimplementing equivalent ...
Explicit version constraints
apache/airflowAlways specify explicit version constraints for dependencies in configuration files (like pyproject.toml), particular...
Explicit over implicit configuration
apache/airflowAlways prefer explicit configuration parameters over inferring behavior from indirect sources like image tags, naming...
Ensure deterministic queries
apache/airflowBuild SQLAlchemy queries that are both efficient and deterministic to prevent unpredictable results and improve perfo...
Document public API boundaries
apache/airflowClearly define and document the boundaries between public and internal APIs to guide developers on proper interface u...
Context-rich log messages
apache/airflowEnsure log messages provide clear context about what happened, potential consequences, and actionable information for...
Consistent technical term translation
apache/airflowWhen localizing an application, maintain consistent conventions for technical terms while respecting language-specifi...
Component reuse first
apache/airflowAlways prioritize reusing existing components before creating new ones. This practice improves codebase consistency, ...
Place configurations appropriately
vercel/aiConfiguration options should be organized based on their nature and scope of use. Place model-specific configurations...
Explicit code organization patterns
vercel/aiMaintain clear and explicit code organization patterns by following these guidelines: 1. Use explicit property visib...
Self-explanatory identifier names
zed-industries/zedChoose identifier names that clearly convey their purpose without requiring users to understand implementation detail...
Respect language-specific conventions
zed-industries/zedAlways adhere to the established formatting and syntax conventions of each programming language while maintaining con...
Maintain style consistency
zed-industries/zedEnsure consistent styling is maintained across related elements in the codebase. This applies to: 1. **Visual assets...
Maintain consistent naming
zed-industries/zedEnsure naming follows consistent patterns throughout the codebase in both style and structure: 1. Use agreed-upon ca...
Hierarchical configuration organization
zed-industries/zedOrganize configuration settings hierarchically by grouping related settings under meaningful namespaces rather than c...
Secure before deployment
vllm-project/vllmRemove or secure development-specific code before deploying to production environments. Development artifacts like de...
Structured configuration management
vitessio/vitessAvoid using global configuration singletons that rely on string-based lookups, as they lead to brittle code that's ha...
Robust network handling
vitessio/vitessAlways implement proper network timeout handling and address formatting to ensure robust connectivity across differen...
Secure workflow permissions
vitejs/viteDefine explicit and minimal permissions in GitHub Actions workflows to ensure proper operation while maintaining secu...
Restrict server access
vitejs/viteAlways configure server security settings with explicit allowed lists rather than permissive values. Using `true` for...
Short-circuit evaluation strategies
astral-sh/uvWhen implementing search or traversal algorithms, use short-circuit evaluation strategically to avoid unnecessary com...
Optimize cache sharing strategies
astral-sh/uvSelect the appropriate cache sharing approach based on your execution environment to maximize performance and efficie...
Follow established naming conventions
astral-sh/uvAdhere to established naming conventions for files, variables, functions, and configuration options to maintain consi...
Enforce strong optional types
astral-sh/uvUse strong typing and early validation to handle optional values and prevent null-related issues. Prefer enums and sp...
Declarative constraints over runtime
astral-sh/uvDesign APIs that enforce constraints through type systems and declarative mechanisms rather than runtime checks. This...
Prevent object recreations
shadcn-ui/uiAvoid creating new objects and functions repeatedly during renders to reduce memory pressure and improve performance....
Leverage framework defaults
shadcn-ui/uiAvoid redundant or unnecessary configuration by understanding and utilizing default behaviors provided by frameworks ...
Complete optional chaining
shadcn-ui/uiWhen using optional chaining (`?.`), ensure that **all subsequent operations** in the chain are also protected from n...
Complete configuration paths
shadcn-ui/uiAlways verify that configuration files include all necessary file paths and extensions, particularly for framework-sp...
Validate configuration structures
vercel/turborepoEnsure configuration files and schemas adhere to their expected structure, location, and uniqueness constraints. When...
Use functional null handling
vercel/turborepoLeverage Rust's functional operators for handling nullable and optional values. Instead of using unwrap() or explicit...
Use affected mode
vercel/turborepoOptimize CI pipelines by running tasks only on packages affected by code changes. Use the `--affected` flag in Turbor...
Standardize package manager commands
vercel/turborepoEnsure all package manager commands in documentation and CI/CD scripts follow the correct syntax for the specific pac...
Semantic naming conventions
vercel/turborepoUse names that clearly convey the purpose and content of variables, parameters, and properties. When working with obj...
Minimize lock duration
vercel/turborepoWhen using locks in asynchronous code, minimize the scope and duration for which locks are held, especially across `....
Document configuration alternatives
vercel/turborepoWhen documenting commands or tools that can be executed in different ways based on configuration settings (like globa...
Document cache strategies
vercel/turborepoAlways provide clear documentation and implementation for caching strategies, including key generation, invalidation ...
Optimize job structure
tokio-rs/tokioStructure CI jobs for clarity, parallelism, and efficiency. Each job should have a single, well-defined purpose to pr...
Optimize CI job structure
tokio-rs/tokioStructure your CI workflows to maximize performance and clarity. Each job should have a single, clear responsibility ...
Minimize unsafe code
tokio-rs/tokioWhen writing code that requires unsafe operations, follow these critical security practices: 1. Minimize the scope o...
Clear command documentation
tokio-rs/tokioWhen documenting shell commands in technical documentation, use the `shell` language identifier instead of `bash` as ...
Thread-safe resource sharing
huggingface/tokenizersWhen sharing mutable data between threads, use the `Arc
Pythonic API design
huggingface/tokenizersDesign APIs that follow Python language conventions and idioms rather than blindly mirroring the underlying implement...
Purpose-indicating descriptive names
huggingface/tokenizersChoose names for variables, methods, parameters, and fixtures that clearly communicate their purpose, content, and be...
Optimize workflow triggers
huggingface/tokenizersConfigure CI workflows with targeted triggers and path filters to balance thoroughness with efficiency. Run critical ...
Modular model components
huggingface/tokenizersDesign machine learning model code with clear component boundaries and proper separation of concerns. Each component ...
Manage version constraints
huggingface/tokenizersWhen configuring dependency version constraints in project files, follow these principles: 1. Be explicit about vers...
Technical precision matters
hashicorp/terraformWhen documenting algorithms, data structures, and computational processes, use precise and objective language rather ...
Validate tensor inputs safely
tensorflow/tensorflowWhen handling tensor inputs that may contain invalid values, use transformational approaches rather than conditional ...
Separate test data
tensorflow/tensorflowLarge test data should be separated from test logic to improve readability and maintainability. Move test data into s...
Training-aware ML APIs
tensorflow/swiftDesign machine learning APIs with explicit parameters for distinguishing between training and inference phases rather...
Swift idiomatic naming
tensorflow/swiftFollow Swift's naming conventions to write more readable, maintainable code. The Swift language emphasizes clarity an...
Provide comprehensive examples
tensorflow/swiftAPI documentation should include complete examples that demonstrate all key usage patterns. When documenting related ...
Generic algorithm design
tensorflow/swiftWhen implementing generic algorithms in Swift, follow these best practices to improve code clarity and performance: ...
Format for readability
tensorflow/swiftCode should be formatted to optimize readability. Apply these key practices: 1. **Maintain reasonable line length** ...
Follow Swift naming conventions
tensorflow/swiftEnsure code follows established Swift naming conventions and remains consistent with domain terminology: 1. Use stan...
Document API stability
tensorflow/swiftWhen working with AI frameworks and machine learning libraries, clearly document the stability state of APIs being us...
Standardize configuration formats
spring-projects/spring-frameworkUse consistent, explicit, and well-documented formats in all configuration files to improve readability and prevent m...
Package null-safety annotations
spring-projects/spring-frameworkAll package-info.java files must include both @NonNullApi and @NonNullFields annotations to establish null-safety at ...
Optimize CI environment configuration
spring-projects/spring-frameworkWhen configuring CI environments, carefully evaluate whether default dependency versions are sufficient for your proj...
Leverage Kotlin null-safety
spring-projects/spring-frameworkUtilize Kotlin's null-safety features effectively to create cleaner, more robust code: 1. For class properties that ...
Database-agnostic SQL syntax
spring-projects/spring-frameworkWrite SQL statements that conform to standard SQL rather than relying on vendor-specific dialects to ensure portabili...
Clone network headers carefully
spring-projects/spring-frameworkWhen working with HTTP or WebSocket headers in networking code, be cautious about header manipulation, cloning, and l...
Validate nulls properly
spring-projects/spring-bootAlways use appropriate null validation mechanisms to prevent NullPointerExceptions and ensure code robustness. For s...
Reference existing configurations
spring-projects/spring-bootWhen setting up configuration files, reference existing configuration sources rather than duplicating values or logic...
Validate before access
dotnet/runtimeAlways validate parameters and initialize variables before access to prevent null dereference and undefined behavior....
Preserve pointer authentication
dotnet/runtimeWhen implementing Pointer Authentication (PAC) for security, maintain signed pointers throughout their entire lifecyc...
Platform-agnostic network APIs
dotnet/runtimeWhen implementing networking functionality, ensure code uses platform-agnostic APIs and appropriate abstraction layer...
Parameterize configuration values
dotnet/runtimeExtract hard-coded configuration values into variables, parameters, or templates to improve reusability and simplify ...
Optimize build dependency chains
dotnet/runtimeWhen configuring build and test processes in CI/CD pipelines, ensure proper dependency chains with clear inputs and o...
Memory ordering matters
dotnet/runtimeWhen working with shared data in multithreaded environments, memory ordering is critical to prevent race conditions a...
Choose descriptive names
dotnet/runtimeNames should clearly convey purpose and meaning. Parameter, variable, and method names should be self-explanatory and...
Verify union attribute access
astral-sh/ruffWhen working with union types in Python, always verify that all components of the union have the attributes you're tr...
Structure documentation effectively
astral-sh/ruffDocumentation should follow a consistent structure where explanations precede code examples, preferably ending with a...
Ensure algorithmic determinism
astral-sh/ruffWhen implementing algorithms for code analysis, type checking, or pattern matching, ensure they produce consistent an...
Assert exact expectations
astral-sh/ruffAlways assert exact expected values in tests rather than using loose assertions. When testing the presence of element...
Verify performance empirically
facebook/reactAlways validate performance optimizations through measurement rather than assumptions. Run multiple iterations of per...
Use appropriate testing methods
facebook/reactWhen writing tests, use the appropriate testing utilities and ensure proper test isolation. For testing warning behav...
Separate conditional paths
facebook/reactWhen working with concurrent operations, separate conditional logic from potentially expensive or suspenseful executi...
Optimize React Component Dependencies
facebook/reactWhen implementing React components, ensure that dependencies between component state, props, and side effects are acc...
Match errors to context
facebook/reactChoose error handling mechanisms based on the error's severity and context. For critical issues that should prevent f...
Complete hook dependencies
facebook/reactAlways specify complete dependency arrays in React hooks to prevent bugs from stale closures and avoid unnecessary re...
Check property existence first
facebook/reactAlways verify that an object and its properties exist before accessing them to prevent 'cannot read property of undef...
Wrap threaded code properly
rails/railsWhen working with threads in Rails applications, always wrap application code with `Rails.application.executor.wrap` ...
Semantic HTML usage
rails/railsUse HTML elements according to their semantic purpose to ensure proper accessibility and code organization. Choose el...
Environment-specific logger configuration
rails/railsConfigure loggers in environment-specific files rather than in application.rb or initializers. Different environments...
Document performance implications
rails/railsClearly document the performance implications of features and configurations to help users make informed decisions. A...
Consistent terminology usage
rails/railsAlways use consistent terminology for the same concept throughout your codebase, documentation, and user interfaces. ...
Reuse test patterns
quarkusio/quarkusMinimize duplication and improve test maintainability by reusing existing test patterns and leveraging parameterizati...
Document deployment strategy constraints
quarkusio/quarkusAlways document and enforce appropriate deployment strategies for different application types in your CI/CD pipeline ...
Document dependency versions
quarkusio/quarkusWhen managing dependency versions in configuration files, provide clear documentation to help maintainers understand ...
Descriptive consistent naming
quarkusio/quarkusUse clear, descriptive names instead of cryptic abbreviations, and follow consistent naming patterns across your code...
Avoid request-path blocking
quarkusio/quarkusMinimize blocking operations in request-handling paths to ensure responsive application performance. Implement cachin...
Thread context management
pytorch/pytorchAlways explicitly set required thread context and state rather than assuming inheritance from parent threads or other...
Structure for readability
pytorch/pytorchStructure code to maximize readability by reducing unnecessary complexity. Use early returns to minimize nesting leve...
Reusable workflow design
pytorch/pytorchDesign CI/CD workflows with reusability and clear naming conventions from the start. Use meaningful prefixes that ref...
Reduce code duplication
pytorch/pytorchEliminate repeated code patterns by using appropriate abstraction techniques. This improves readability, reduces main...
Purpose-revealing identifier names
pytorch/pytorchChoose identifier names that clearly reveal their purpose and behavior. Names should be specific, descriptive, and se...
Prefer HINTS in CMake
pytorch/pytorchWhen configuring library searches in CMake, use `HINTS` instead of `PATHS` when you want to prioritize specific locat...
Parameterize similar test cases
pytorch/pytorchInstead of duplicating test code or using nested loops, use test parameterization to handle multiple test cases effic...
Modular configuration design
pytorch/pytorchConfiguration systems should be designed with modularity and clarity in mind. When creating configuration classes or ...
Document configuration decisions
pytorch/pytorchAlways document configuration decisions in package metadata files like `pyproject.toml` with clear comments, especial...
Consistent code organization
pytorch/pytorchFollow consistent code organization patterns: 1. Place static definitions in .cpp files rather than headers to preve...
Check CUDA availability first
pytorch/pytorchAlways verify CUDA availability before performing CUDA-specific operations to prevent runtime errors when code runs o...
Structured configuration management
pydantic/pydanticConfiguration files should follow official standards, have up-to-date tool settings, and appropriate dependency const...
Preserve language conventions
pydantic/pydanticWhen designing APIs that bridge between programming languages and external data formats (like JSON, XML, etc.), maint...
Explicit over implicit
pydantic/pydanticAlways prefer explicit configuration settings over relying on implicit defaults or environmental behaviors in CI work...
Documentation formatting standards
pydantic/pydanticMaintain consistent documentation formatting to ensure proper rendering and readability. Follow these key practices: ...
Categorize error types
pydantic/pydanticDistinguish between different categories of errors and handle each appropriately. Specifically: 1. **Validation erro...
Use configuration placeholders
prowler-cloud/prowlerAvoid hardcoding specific values like regions, timeframes, or identifiers in configuration commands, examples, or set...
Tenant-aware query optimization
prowler-cloud/prowlerAlways include tenant_id filters in database queries for multi-tenant systems to maintain data isolation and improve ...
Pin GitHub Actions dependencies
prowler-cloud/prowlerAlways pin GitHub Actions to specific commit SHAs rather than using major version references to prevent supply chain ...
Parameterize similar tests
prowler-cloud/prowlerWrite maintainable tests by using pytest parametrization for similar test cases instead of duplicating test logic. Th...
Document dependency versioning
prowler-cloud/prowlerUse consistent patterns for specifying dependency versions in configuration files and document reasoning behind versi...
Feature flag compatibility
pola-rs/polarsDesign code to work correctly with any combination of feature flags. When implementing conditional compilation with f...
Favor clarity over brevity
pola-rs/polarsAlways prioritize code readability and maintainability over concise but cryptic implementations. Extract repeated log...
Database API abstraction
pola-rs/polarsWhen designing database interaction layers, carefully consider when to create wrapper methods versus allowing direct ...
Create demonstrative examples
pola-rs/polarsInclude clear, concise examples in documentation that effectively demonstrate functionality. Follow these principles ...
Consistent naming standards
pola-rs/polarsMaintain consistent and standardized naming throughout the codebase: 1. **Use snake_case for multi-word identifiers*...
CI workflow configuration best
pola-rs/polarsConfigure GitHub Actions workflows to maximize reliability and maintainability. Follow these key practices: 1. **Alw...
Optimize CI/CD workflows
opentofu/opentofuConfigure CI/CD workflows to maximize efficiency and improve developer experience. Consider these key optimization pr...
Names preserve cognitive context
opentofu/opentofuChoose variable, function, and type names that preserve cognitive context by clearly indicating their purpose and rel...
Explicit versus dynamic configurations
opentofu/opentofuPrefer explicit hardcoded configurations over dynamic ones when the configuration changes infrequently and control is...
Document reference standards
opentofu/opentofuMaintain consistent and accurate reference practices throughout project documentation to enhance usability and mainta...
Structured changelog documentation
open-telemetry/opentelemetry-pythonMaintain consistent and informative changelog documentation by following these practices: 1. Structure changelogs wi...
Maintain consistent naming
open-telemetry/opentelemetry-pythonEnsure naming conventions are consistent across your codebase and related repositories. When naming commands, functio...
Explicit CI configurations
open-telemetry/opentelemetry-pythonAlways use explicit, specific configurations in CI/CD pipelines to prevent ambiguity and conflicts. This includes: 1...
Validate tensor dimensions
opencv/opencvWhen implementing AI model inference code, always validate tensor dimensions and shapes before manipulating them. Neu...
Meaningful semantic naming
opencv/opencvChoose names that clearly communicate purpose and follow consistent patterns across the codebase: 1. Use generic fun...
Feature flag convention
opencv/opencvEstablish a consistent pattern for feature flags and dependency management in configuration files: 1. Use `WITH_*` o...
Cleanup before errors
opencv/opencvAlways ensure all resources are properly released before raising errors to prevent resource leaks. This practice is e...
Use portable path configurations
ollama/ollamaBuild and configuration scripts should use portable path handling techniques to ensure they work correctly across dif...
Optimize AI implementation patterns
ollama/ollamaWhen implementing AI systems, prioritize established patterns and optimizations rather than creating new implementati...
Complete null checks
ollama/ollamaAlways perform thorough null checks before dereferencing pointers, and ensure all operations on potentially null obje...
AI memory management
ollama/ollamaDocument and implement proper memory management strategies for AI model inference to prevent out-of-memory errors and...
Abstract configuration access
octokit/octokit.netUse abstraction layers to access configuration settings rather than accessing environment variables, feature flags, o...
Write concise idiomatic code
vercel/next.jsFavor concise and idiomatic expressions in your Rust code to improve readability and maintainability.
Verify workflow configuration integrity
vercel/next.jsCarefully review GitHub Actions workflow configurations to prevent subtle errors that can cause CI/CD pipeline failur...
Prefer Existence Checks in Next.js Components
vercel/next.jsWhen working with props, state, or other values in Next.js components that may be null, undefined, or contain error s...
Optimize data structure selection
vercel/next.jsChoose data structures that match your specific access patterns and performance requirements. The right data structur...
Consistent variable style patterns
vercel/next.jsMaintain consistent patterns for variable declarations and naming conventions: use const by default for variable decl...
Prevent test resource leaks
netty/nettyAlways ensure proper cleanup of resources in tests to prevent memory leaks. When using EmbeddedChannel, call readOutb...
Consistent dependency declarations
netty/nettyEnsure dependency declarations in build configuration files use concrete values rather than variables that may not re...
Secure authentication handling
neondatabase/neonAlways implement proper authentication checks and protect sensitive credentials throughout your codebase. This includ...
Precise algorithm terminology
neondatabase/neonWhen implementing and documenting algorithms, use precise terminology and be explicit about metrics, operations, and ...
Performance test pragmatism
neondatabase/neonWhen designing performance tests, focus on efficiency and meaningful insights rather than exhaustive combinations. Co...
Optimize data structures
neondatabase/neonWhen implementing algorithms, prioritize data structure choices that minimize resource usage while maintaining functi...
Handle all error paths
neondatabase/neonEnsure comprehensive error handling throughout the codebase by implementing proper error handling blocks, defensive v...
Guard against race conditions
neondatabase/neonWhen working with concurrent operations, always implement proper guards to prevent race conditions between processes....
Extract and reuse
neondatabase/neonCreate focused utility functions for repeated or complex operations instead of duplicating logic across the codebase....
Environment-specific config defaults
neondatabase/neonDefine appropriate configuration defaults for different environments (development, testing, production) using dedicat...
Document API specs completely
neondatabase/neonWhen designing and implementing APIs, always provide comprehensive specifications that clearly document all endpoints...
Database before memory
neondatabase/neonWhen working with database systems that also maintain in-memory state, always update the persistent database state be...
Configuration context alignment
neondatabase/neonChoose the appropriate configuration context based on how changes will be handled by the system. When defining custom...
Configurable cache parameters
neondatabase/neonCache configurations should be runtime-configurable rather than hardcoded, with support for dynamic resizing when con...
Cache performance preservation
neondatabase/neonWhen implementing database failover or restart mechanisms, ensure performance consistency by preserving and prewarmin...
Avoid flaky tests
neondatabase/neonTests should be designed to be deterministic and reliable to prevent wasted developer time and false confidence. Tw...
Adaptive cache expiration strategy
neondatabase/neonDesign cache expiration policies that align with actual workload patterns rather than arbitrary timeframes. For syste...
Use explicit optional types
apache/mxnetWhen dealing with values that may be absent or null, always use explicit optional type wrappers instead of implicit n...
Documentation clarity and formatting
apache/mxnetWhen writing documentation (README files, tutorials, API docs), ensure clarity and proper formatting: 1. **Define te...
Document environment variables
apache/mxnetAll environment variables must be documented in the central env_var.md file with clear descriptions of their purpose,...
Document API completely
apache/mxnetAlways provide comprehensive API documentation that clearly specifies: 1. **Parameter types** - Document all accepta...
Consistent logging format
apache/mxnetUse consistent string formatting in logging statements throughout the codebase. Prefer `%` style placeholders over f-...
Centralize synchronization logic
apache/mxnetWhen implementing concurrent operations, especially in heterogeneous computing environments (CPU/GPU), centralize syn...
Centralize configuration parameters
apache/mxnetAvoid hardcoded paths and duplicated configuration values throughout the code. Instead: 1. Use dedicated configurati...
Documentation completeness check
langchain-ai/langchainjsEnsure all documentation is complete, well-formatted, and maximally useful for developers. This includes: 1. **Use p...
Constructor over setter
langchain-ai/langchainjsPrefer passing configuration through constructor parameters rather than setting properties after instantiation. This ...
Consistent naming conventions
langchain-ai/langchainjsMaintain consistent and explicit naming conventions across your codebase that reflect: 1. **Component dependencies**...
Consistent AI naming
langchain-ai/langchainjsUse specific and consistent naming conventions when referencing AI services, models, and their parameters throughout ...
Chunked data processing
langchain-ai/langchainjsWhen processing large arrays or data structures, implement chunked processing to avoid stack size limitations and opt...
AI dependency management
langchain-ai/langchainjsWhen integrating AI models and language processing libraries, follow these dependency management best practices: 1. ...
Use table-driven tests
kubeflow/kubeflowIn Go, prefer table-driven tests over multiple separate test functions. Table tests allow for concise testing of mult...
Use snake_case in Python
kubeflow/kubeflowFollow Python's PEP 8 naming convention by using snake_case for variables, functions, and methods rather than camelCa...
Use appropriate log levels
kubeflow/kubeflowAlways match logging levels to the message's purpose and severity. Use log.Info for general information, log.Warn for...
Structured OWNERS files
kubeflow/kubeflowOWNERS files must follow project documentation standards to properly reflect component ownership and maintainership. ...
Standardize build configurations
kubeflow/kubeflowAll components should use consistent build configurations and patterns in their CI/CD setup. This includes standardiz...
Specific network access documentation
kubeflow/kubeflowWhen documenting network access methods or service connections, always provide specific commands with explicit ports ...
Normalize URL paths
kubeflow/kubeflowWhen handling URLs in web applications, consistently normalize path formats to prevent routing and service communicat...
Mark UI text i18n
kubeflow/kubeflowAll user-facing text in HTML templates should be marked for internationalization using the i18n directive. This inclu...
Manage configuration changes
kubeflow/kubeflowCarefully manage configuration file changes to ensure consistency and minimize unintended impacts across your project...
Environment-aware configuration design
kubeflow/kubeflowDesign configurations that work consistently across different environments without requiring environment-specific mod...
Document with precision
kubeflow/kubeflowWrite informative, consistent, and precise code comments throughout your codebase. When documenting code: 1. **Be sp...
Check before use
kubeflow/kubeflowAlways validate that objects, maps, and other reference types are non-nil before attempting to use them. Use early ni...
Standardize build configurations
JetBrains/kotlinMaintain consistent and standardized build configurations across the project to improve maintainability and reduce er...
Type over primitives
influxdata/influxdbUse domain-specific types instead of primitives (like strings, []byte, or generic maps) to represent domain concepts ...
Secure token lifecycle
influxdata/influxdbImplement comprehensive lifecycle controls for authentication tokens to maintain security throughout token creation, ...
Explicit security parameters
influxdata/influxdbSecurity-critical features should be implemented as required parameters rather than optional parameters or option fun...
Document complete data flows
influxdata/influxdbWhen documenting database systems, ensure all documentation includes complete end-to-end data flows. Both diagrams an...
Complete schema management
influxdata/influxdbWhen working with database systems that have flexible schemas (like InfluxDB), ensure complete schema discovery and p...
Sanitize external content
elie222/inbox-zeroAlways sanitize and validate external content before processing or rendering it to prevent security vulnerabilities l...
Remove commented out code
elie222/inbox-zeroDelete commented-out code instead of retaining it in the codebase. Commented code creates confusion, adds maintenance...
Next.js async behavior
elie222/inbox-zeroUnderstand and correctly implement the asynchronous behavior of Next.js APIs and components. Follow these guidelines:...
Guard against null chains
elie222/inbox-zeroPrevent null pointer exceptions by validating object chains before accessing nested properties. Use early returns wit...
Externalize configuration values
elie222/inbox-zeroConfiguration files should not contain hardcoded values for usernames, credentials, hostnames, or environment-specifi...
Database type best practices
elie222/inbox-zeroSelect appropriate data types and defaults for database columns to ensure data integrity and simplify application cod...
Proper mocking techniques
grafana/grafanaUse appropriate mocking approaches for different dependencies in tests to ensure accurate test results and prevent fa...
Optimize hot paths
grafana/grafanaIdentify and optimize frequently executed code paths by moving invariant calculations and conditional logic outside o...
Measure before optimizing
grafana/grafanaPerformance optimizations should be validated with measurements rather than assumptions. When implementing performanc...
Maintain API version compatibility
grafana/grafanaWhen implementing or modifying APIs, ensure backward compatibility across versions and client interfaces. Carefully e...
Graceful feature availability
grafana/grafanaWhen implementing configurable features, ensure they degrade gracefully based on environment conditions like feature ...
Feature toggle lifecycle
grafana/grafanaWhen working with feature toggles and configuration flags, manage their entire lifecycle carefully to prevent breakin...
Design token value consistency
grafana/grafanaWhen implementing design tokens in code, ensure values accurately represent the intended visual outcome, even if desi...
Complete configuration fields
grafana/grafanaEnsure all plugin configuration files include the complete set of required fields specific to their plugin type. Miss...
Write resilient tests
gin-gonic/ginTests should be designed to validate behavior without being brittle or sensitive to implementation details. Avoid dir...
Use standard API constants
gin-gonic/ginAlways use standard library constants for HTTP methods and status codes rather than string literals or numeric values...
Precompute over recalculate
gin-gonic/ginPerform expensive calculations during initialization rather than on each request, and avoid unnecessary operations in...
Early return pattern
gin-gonic/ginPrefer returning early from functions rather than nesting conditions. When a condition can lead to an early exit, han...
Configuration file precision
gin-gonic/ginEnsure configuration files are precisely maintained with correct syntax and compatible version declarations. This inc...
Prefer safe optional handling
ghostty-org/ghosttyAlways use Swift's built-in mechanisms for safely handling optional values instead of force unwrapping or manual nil ...
Encapsulate implementation details
ghostty-org/ghosttyWhen designing APIs, create appropriate abstractions that hide platform-specific or low-level implementation details ...
Define explicit error sets
ghostty-org/ghosttyAlways define explicit error sets for functions that can fail, rather than using inferred error sets. This makes erro...
Centralize configuration values
ghostty-org/ghosttyHardcoded configuration values scattered throughout codebases create maintenance burdens and increase the risk of inc...
Centralize configuration management
ghostty-org/ghosttyAvoid hardcoded or duplicated configuration values by centralizing them in a dedicated location. When configurations ...
Consistent Fastify Integration Patterns
fastify/fastifyWhen implementing integrations and plugins using the Fastify framework, maintain consistent coding patterns and conve...
Standardize version transitions
fastapi/fastapiWhen supporting multiple library versions or preparing for version deprecation in configuration-dependent code, use s...
Secure JWT authentication
fastapi/fastapiImplement secure authentication using JWT tokens by following these best practices: 1. **Use secure libraries**: Pre...
Proper response handling
fastapi/fastapiWhen designing APIs, ensure responses adhere to HTTP semantics by: 1. Using semantic status code constants instead o...
Preserve unset field values
fastapi/fastapiWhen implementing partial updates in FastAPI, use the `exclude_unset` parameter in Pydantic's `.dict()` or `.model_du...
Explicit exception propagation
fastapi/fastapiAlways be explicit about how exceptions are handled, propagated, and recovered from in your code. When catching excep...
Structured release workflows
expressjs/expressImplement a clearly defined release strategy that distinguishes between different types of changes. Create separate w...
Purposeful style changes
expressjs/expressCode style modifications should accompany functional improvements rather than being submitted as standalone changes. ...
Implement least privilege
expressjs/expressApply the principle of least privilege for all repository and system access to enhance security. Each role should be ...
Stage intensive operations carefully
elastic/elasticsearchWhen implementing operations that consume significant system resources (CPU, memory, I/O), introduce changes graduall...
Scope and document configurations
elastic/elasticsearchWhen designing and implementing configuration options, carefully consider two key aspects: 1. **Choose appropriate c...
Design for evolution
elastic/elasticsearchWhen designing APIs, prioritize flexibility and independent evolution of components. Avoid tightly coupling related s...
Use appropriate logging levels
deeplearning4j/deeplearning4jReserve logging statements for their appropriate purposes and levels. Use debugging-level logs (`sd_debug`) for devel...
Parameterize configuration scripts
deeplearning4j/deeplearning4jConfiguration scripts should use variables for values that might change or are used in multiple places, such as paths...
Eliminate redundant code
deeplearning4j/deeplearning4jKeep code clean by removing all forms of redundancy that affect readability and maintainability. This includes: 1. A...
Clear descriptive identifiers
deeplearning4j/deeplearning4jChoose clear, self-descriptive names for all code identifiers that accurately reflect their purpose and behavior. Met...
Avoid environment-specific paths
deeplearning4j/deeplearning4jAlways use environment variables or configuration mechanisms instead of hardcoding paths to compilers, tools, or dire...
Always secure your locks
deeplearning4j/deeplearning4jWhen using locks or other synchronization mechanisms in concurrent code, always release locks in a finally block to e...
Validate configurations up front
crewaiinc/crewaiAlways validate configuration parameters and environment variables at initialization time, providing clear error mess...
Typed API client abstractions
crewaiinc/crewaiWhen designing API clients, encapsulate responses in typed objects rather than passing raw JSON throughout your codeb...
Thread safety first
crewaiinc/crewaiWhen implementing features that may run concurrently, always ensure thread safety using appropriate synchronization m...
Test behavior not calls
crewaiinc/crewaiTests should validate actual system behavior rather than just verifying method calls. When writing tests, focus on as...
Explicit over implicit
crewaiinc/crewaiAlways explicitly configure important system components rather than relying on implicit defaults or environment varia...
Clear AI component interfaces
crewaiinc/crewaiWhen designing AI components and tools, use domain-specific terminology and provide clear interface documentation to ...
Vue component type safety
vuejs/coreWhen defining Vue components with TypeScript, use appropriate component definition patterns to ensure proper type inf...
Use environment flags consistently
vuejs/coreFeature flags like `__DEV__` and `__COMPAT__` are critical configuration mechanisms that control environment-specific...
Lifecycle effects management
vuejs/coreProperly manage component lifecycle effects and cleanup in React components to prevent memory leaks and performance i...
Standardize shell flags
chef/chefAlways use `set -eou pipefail` at the beginning of shell scripts to ensure consistent error handling and behavior acr...
Remove commented code
chef/chefAvoid leaving commented-out code in the codebase. Version control systems already track the history of changes, makin...
Fail fast principle
chef/chefDesign CI/CD pipelines to fail quickly and visibly rather than masking errors through excessive retries or complex co...
Clear abstraction boundaries
chef/chefDesign APIs with clear and consistent abstraction boundaries to maintain code quality and prevent interface leakage b...
Validate configurations correctly
bridgecrewio/checkovWhen writing validation logic for configurations, ensure you're using the appropriate operators that correctly test f...
Support all target environments
bridgecrewio/checkovWhen managing dependency configurations (Pipfiles, requirements.txt, lock files), ensure compatibility with all suppo...
Comprehensive security scanning
bridgecrewio/checkovAlways configure security scanning tools with comprehensive coverage and readable output to maximize vulnerability de...
Backward compatible parameters
bridgecrewio/checkovWhen evolving API function signatures, maintain backward compatibility by making new parameters optional with sensibl...
Manage test environments
boto/boto3When writing tests that interact with environment variables or configuration settings, always (1) preserve the origin...
Demonstrate canonical API patterns
boto/boto3Always provide examples that demonstrate the recommended and most current API usage patterns. This includes: 1. Usin...
Consistent naming standards
boto/boto3Follow standard Python naming conventions consistently throughout code and documentation. Use underscores instead of ...
Surface errors appropriately
Azure/azure-sdk-for-netEnsure errors are visible and properly handled rather than silently processed or hidden. Provide mechanisms for devel...
Prefer identity-based authentication
Azure/azure-sdk-for-netAlways prioritize modern identity-based authentication methods over traditional username/password credentials. This i...
Follow formatting standards
Azure/azure-sdk-for-netMaintain consistent code formatting by adhering to the defined standards in the .editorconfig file and Azure SDK impl...
Descriptive consistent identifiers
Azure/azure-sdk-for-netUse clear, descriptive identifiers that accurately reflect their purpose, and maintain consistent naming patterns thr...
Centralize pipeline configurations
Azure/azure-sdk-for-netUse centralized templates and variables for pipeline configurations instead of duplicating or hardcoding values. This...
Document feature flags
tokio-rs/axumWhen configuring feature flags in Cargo.toml, ensure they are properly structured and documented. Chain feature depen...
Proper Axios Configuration and Usage
axios/axiosWhen implementing code that uses the Axios library in TypeScript, it is important to follow best practices for config...
Consistent Naming Conventions for Axios Requests and Responses
axios/axiosWhen using the Axios library in Typescript, it is important to follow consistent naming conventions to improve code r...
Configuration property standards
axios/axiosAlways define configuration properties with sensible defaults and consistent naming conventions. When adding new conf...
Validate configurations with clarity
aws/aws-sdk-jsConfiguration validation should use explicit checks and clear conditional logic to improve code readability and preve...
Test configuration precedence
aws/aws-sdk-jsWhen implementing systems that load configuration from multiple sources, always test the precedence rules explicitly ...
Limit cache size
aws/aws-sdk-jsAlways implement size constraints on caches to prevent memory leaks and performance degradation. Unbounded caches can...
Follow established testing patterns
aws/aws-sdk-jsWhen writing tests, use existing patterns and infrastructure already established in the codebase rather than creating...
Explicit verified configurations
aws/aws-sdk-jsAlways specify configuration values explicitly and verify their accuracy against official documentation or tests. Thi...
Document APIs completely
aws/aws-sdk-jsAlways provide complete, clear, and contextually rich documentation for all public APIs. Documentation should: 1. Us...
Follow naming conventions
apache/airflowUse proper naming conventions to make code more readable and maintainable: 1. **Functions should start with verbs** ...
Enforce authentication boundaries
apache/airflowImplement strict authentication boundaries and access controls to prevent security vulnerabilities: 1. When multiple...
Document intentional choices
apache/airflowAdd explanatory comments for non-obvious code decisions that might appear incorrect, unusual, or suboptimal to future...
Validate pattern matching
vercel/aiWhen implementing algorithms that involve pattern matching or data parsing, ensure robustness across all edge cases a...
Test before documenting
vercel/aiAlways thoroughly test API features and endpoints before documenting them, especially when integrating with third-par...
Provide actionable examples
vercel/aiDocumentation should include concrete, executable code examples rather than vague instructions. Make your examples co...
Document configuration decisions
vercel/aiWhen modifying configuration files (package.json, tsconfig.json, etc.), document the reasoning behind significant cha...
Async error callbacks
vercel/aiWhen handling asynchronous operations, especially those that might continue running in the background after the main ...
Proper documentation linking
zed-industries/zedDocumentation should use appropriate linking strategies to ensure content remains accessible and navigable across all...
Precise test pattern matching
zed-industries/zedWhen identifying test patterns in code, use specific equality predicates (`#eq?`) instead of list inclusion predicate...
Minimize credential exposure lifetime
zed-industries/zedCredentials and secrets should never be stored persistently in memory or written to files. Instead, use ephemeral pat...
Explicit over implicit
zed-industries/zedWhen designing APIs, prioritize explicit parameter identification over implicit context. APIs with clear, unambiguous...
Document configuration clearly
zed-industries/zedWhen adding or modifying configuration parameters, especially in JSON settings files, ensure they are clearly documen...
Optimize tensor memory operations
vllm-project/vllmWhen working with PyTorch tensors, use memory-efficient operations that avoid unnecessary copies. Specify memory form...
Optimize GPU execution
vllm-project/vllmEnsure GPU code is optimized for both proper thread utilization and correct architecture dispatching: 1. **Maximize ...
Match reference names
vllm-project/vllmEnsure that filenames and paths referenced in scripts, commands, or configuration files exactly match the actual name...
Environment-aware configuration values
vllm-project/vllmWhen creating configuration files or defining configuration constants, ensure they properly adapt to different enviro...
Combine identical CSS
vllm-project/vllmWhen multiple CSS selectors share identical styling properties, combine them using comma separation rather than dupli...
AI model persistence
vllm-project/vllmWhen containerizing AI applications, ensure proper model persistence by mounting volumes to the default cache locatio...
Validate environment configurations
vitessio/vitessEnsure that all environment-specific configurations work properly across all target environments, particularly when m...
Size fields appropriately
vitessio/vitessWhen designing database schemas, choose field types and sizes that accommodate both current and anticipated future da...
Pin environment versions
vitessio/vitessAlways use explicit version tags for CI/CD environments (runners, containers, images, tool versions) instead of float...
Manage workflow state transitions
vitessio/vitessWhen working with temporal workflows, always implement explicit state transitions rather than abrupt deletions. Workf...
Justify CI resource additions
vitessio/vitessBefore adding new resources (Dockerfiles, jobs, images) to CI/CD pipelines, provide clear justification for their nec...
Document configuration precedence
vitessio/vitessWhen implementing multiple configuration methods (e.g., config files, command-line flags, environment variables), cle...
Database configuration best practices
vitessio/vitessWhen implementing or modifying database-related configurations, follow these principles: 1. Use semantically appropr...
Consistent database APIs
vitessio/vitessDesign database APIs with consistent patterns for response structures and error handling. Follow established conventi...
Clear metric documentation
vitessio/vitessWhen adding, modifying, or deprecating metrics, ensure comprehensive and clear documentation. Include: 1. Descriptiv...
Avoid skipping e2e tests
vitessio/vitessDo not use the `skip_e2e` flag to bypass end-to-end tests that fail. Instead, fix the test implementation by providin...
Vue component import handling
vitejs/viteWhen working with Vue single-file components, pay special attention to how imports are processed, particularly with q...
Targeted yet comprehensive
vitejs/viteWrite focused tests that verify specific functionality without unnecessary setup, while still ensuring complete cover...
Separate configuration responsibilities
vitejs/viteDesign configuration files with clear separation of responsibilities and maintain flexibility for future changes. Avo...
Self-referential worker URLs
vitejs/viteWhen creating Web Workers for network communication, use self-referential URL patterns that are resilient to file ren...
React transformation tool clarity
vitejs/viteWhen working with React in Vite projects, be precise about which transformation tools (Babel, SWC, Oxc, esbuild) hand...
Precise documentation language
vitejs/viteUse specific and clear language in all documentation to improve user understanding and avoid ambiguity. Favor precise...
Explicit version requirements
vitejs/viteAlways specify explicit Node.js version requirements in configuration files to ensure compatibility with language fea...
Document protocol configurations clearly
vitejs/viteWhen documenting network protocol configurations (TLS, HTTP/2, CORS), provide specific details about required options...
Configure SSR environments
vitejs/viteWhen implementing server-side rendering in Next.js projects that use Vite as a bundler, ensure proper environment sep...
Complete deployment commands
vitejs/viteAlways ensure build commands in CI/CD configurations include all necessary steps for successful deployment, particula...
Code example consistency
vitejs/viteEnsure code examples in documentation and comments are syntactically correct and properly marked with the appropriate...
Clean network resources
vitejs/viteAlways properly close and clean up network connections to prevent memory leaks and resource exhaustion. When establis...
Test deployment edge cases
astral-sh/uvEnsure that code paths handling different deployment environments (installation prefixes, target directories, etc.) h...
Optimize docker build caching
astral-sh/uvLeverage Docker BuildKit's cache and bind mount capabilities to dramatically improve CI build times and reduce image ...
Document build configurations
astral-sh/uvWhen setting Rust build configurations, especially in CI/Docker environments, explicitly document optimization choice...
Cache sharing strategy
astral-sh/uvWhen implementing caching in build systems, carefully configure cache sharing behavior based on your concurrency requ...
Avoid unnecessary constraints
astral-sh/uvWhen specifying dependencies and version requirements in project configuration files, avoid adding unnecessary constr...
Use concise methods
shadcn-ui/uiPrefer built-in methods and properties that achieve the same result with less code. This improves readability, reduce...
Preprocess data early
shadcn-ui/uiTransform and prepare data structures at their source rather than during consumption. This includes flattening nested...
Optimize documentation for usability
shadcn-ui/uiWhen creating component documentation, prioritize the developer experience by providing clear, usable examples and co...
Consistent import paths
shadcn-ui/uiEstablish and follow consistent import path conventions throughout the codebase. Prefer aliased imports using the pro...
Verify test commands
vercel/turborepoAlways verify that test commands documented in project guides work exactly as written. Test commands should be copy-p...
Use workspace dependencies consistently
vercel/turborepoAlways use workspace-level dependency declarations (`workspace = true`) rather than specifying exact versions in indi...
Use JSDoc deprecation standards
vercel/turborepoWhen marking code as deprecated, use JSDoc standards to provide clear guidance for developers. Always use the `@depre...
Use environment-aware configurations
vercel/turborepoConfigure paths and system references dynamically to ensure they work across all environments (development, testing, ...
Link terms, provide examples
vercel/turborepoWhen writing technical documentation, link to related concepts the first time they are mentioned, and include concret...
Hybrid monorepo testing
vercel/turborepoWhen working with tests in a monorepo, implement a hybrid testing approach that balances local development experience...
Handle errors appropriately
vercel/turborepoImplement appropriate error handling strategies based on the criticality of operations. For non-critical operations t...
Graceful error recovery
vercel/turborepoImplement error handling that accumulates diagnostics rather than failing immediately, especially for operations that...
Framework-specific entrypoints organization
vercel/turborepoWhen creating libraries that integrate with Next.js or other frameworks, organize your code with separate entrypoints...
Design for testability
vercel/turborepoExtract complex logic into separate, pure functions to improve testability. Functions with clear inputs and outputs a...
Consider config generation methods
vercel/turborepoWhen implementing code to handle configuration files like lockfiles or environment settings, carefully consider the t...
Test production configurations too
tokio-rs/tokioInclude testing configurations that mirror production environments to catch issues that might only manifest in releas...
Test diverse configurations
tokio-rs/tokioConfigure test suites to run under multiple specialized environments to catch issues that might not appear in standar...
Simplify configuration flags
tokio-rs/tokioKeep configuration flags, feature toggles, and build settings concise and well-organized. Use simpler names where app...
Version AI dependencies appropriately
huggingface/tokenizersWhen adding or updating dependencies for AI/ML libraries in your project, follow these two key practices: 1. **Set a...
Use explicit assertions
huggingface/tokenizersTests should assert specific expected values rather than just verifying general functionality. This practice makes te...
Test algorithmic behavior
huggingface/tokenizersWhen testing algorithms, verify their actual functionality rather than just checking for proper instantiation or prop...
Smart configuration defaults
huggingface/tokenizersPrefer smart configuration defaults that auto-detect the environment instead of requiring explicit configuration flag...
Robust workflow configurations
huggingface/tokenizersEnsure CI/CD workflow configuration files follow best practices for maintainability and correctness: 1. Use centrali...
Prioritize tokenizer simplicity
huggingface/tokenizersWhen implementing AI model components like tokenizers, favor simplicity over rarely-used features that significantly ...
Flexible tokenizer implementation
huggingface/tokenizersWhen implementing tokenizers for AI models, ensure flexibility and robust behavior across different contexts: 1. Ini...
Document for comprehension
huggingface/tokenizersAdd comprehensive documentation that helps others understand both the interface and implementation of your code. This...
Consistent API design
huggingface/tokenizersWhen designing and modifying APIs, ensure consistency in parameter naming, default values, and which functionality is...
Secure checkout configurations
hashicorp/terraformWhen configuring GitHub Actions workflows, pay special attention to the checkout action's configuration to ensure bot...
Explicit dependency graph
hashicorp/terraformWhen implementing algorithms involving dependencies between components or operations, model the dependency graph expl...
Descriptive migration functions
hashicorp/terraformName migration-related functions descriptively to convey their exact purpose and context of use. Include detailed doc...
Verify platform compatibility first
tensorflow/tensorflowWhen writing networking code that interacts with platform-specific features, always check for the existence of platfo...
Use modern assertions
tensorflow/tensorflowAlways use current assertion methods in test code to ensure clarity and future compatibility. Specifically, replace d...
Secure infrastructure maintenance
tensorflow/tensorflowMaintain CI/CD infrastructure with security and currency as top priorities. This includes: 1. **Keep build tools upd...
Parameterize ci/cd scripts
tensorflow/tensorflowAvoid duplicating CI/CD scripts by leveraging configuration files and parameterization instead of creating multiple s...
Framework migration instructions
tensorflow/tensorflowWhen documenting AI framework migrations (like TensorFlow/Keras version changes), provide complete instructions cover...
Format lines and comments
tensorflow/tensorflowEnsure all code follows formatting guidelines for readability and consistency. Keep lines under 80 characters, splitt...
Document non-obvious code
tensorflow/tensorflowAdd clarifying comments to improve code readability and maintainability when code behavior isn't immediately obvious....
Consistent variable naming
tensorflow/tensorflowUse ALL_CAPS for constants and environment variables in shell scripts, and reference these variables consistently thr...
Build dependency synchronization
tensorflow/tensorflowWhen adding new imports to code files, always synchronize by updating the corresponding dependencies in BUILD files. ...
Be explicit in references
tensorflow/tensorflowWhen writing documentation, always be specific and explicit when referring to files, tools, configurations, or other ...
Swift style consistency
tensorflow/swiftMaintain consistent Swift style conventions throughout all code, including examples in documentation and comments. Fo...
Minimize cross-device transfers
tensorflow/swiftData transfers between different compute devices (CPU/host to GPU/accelerator and back) can significantly impact perf...
Follow Swift conventions
tensorflow/swiftWhen designing and documenting APIs in Swift, adhere to Swift's established naming conventions and documentation prac...
Verify operation semantics
spring-projects/spring-frameworkWhen implementing algorithms that process collections or use conditional logic, always verify the exact semantics of ...
Use documentation features properly
spring-projects/spring-frameworkUtilize Asciidoc features correctly when writing or updating Spring Framework documentation. Instead of hardcoded lin...
Structured log message quality
spring-projects/spring-bootDesign log messages to be clear, concise, and properly structured to maximize their utility for debugging and monitor...
Stable observability components
spring-projects/spring-bootAlways use stable, production-ready versions of observability components (libraries, dependencies, and documentation ...
Include database-specific migration dependencies
spring-projects/spring-bootWhen implementing database migrations with tools like Flyway, ensure you include the appropriate database-specific de...
Environment variables best practices
spring-projects/spring-bootWhen working with environment variables in configuration files, follow these practices to ensure reliability and test...
Consistent terminology usage
spring-projects/spring-bootWhen referring to technical concepts in documentation and code comments, use proper full names and consistent termino...
Clear structured logging documentation
spring-projects/spring-bootDocument structured logging implementations with clarity, explicitly noting precedence rules and interactions with ot...
Bean lifecycle management
spring-projects/spring-bootWhen using containers and external services in Spring applications (especially with Testcontainers), declare them as ...
Use utility macros
dotnet/runtimeUse predefined utility macros for common operations instead of repeating manual calculations throughout your code. Th...
Platform-aware algorithm optimization
dotnet/runtimeWhen implementing performance-critical algorithms, design your code to detect and utilize platform-specific hardware ...
Optimize aligned SIMD operations
dotnet/runtimeAlways use proper memory alignment for SIMD (Single Instruction, Multiple Data) operations to maximize performance. W...
Names reflect actual purpose
dotnet/runtimeName variables, properties, and functions to accurately reflect their purpose and actual usage in code, not just thei...
Memory barrier pairing
dotnet/runtimeWhen implementing low-level synchronization mechanisms in multi-threaded code, ensure that memory barriers are correc...
Maintain configuration compatibility
dotnet/runtimeWhen modifying configuration systems, prioritize backward compatibility unless there's an explicit breaking change pl...
Honor API contracts
dotnet/runtimeWhen implementing or modifying APIs, carefully preserve the historical behavior and semantic contracts of existing in...
Feature flag implementation
dotnet/runtimeWhen implementing feature flags, ensure consistency between runtime and compiled scenarios. Feature switches marked w...
Explicit API versioning
dotnet/runtimeWhen extending interfaces with new methods or functionality, always implement proper versioning to ensure compatibili...
Enable configurable instrumentation
dotnet/runtimeAlways provide configurable options for performance instrumentation and hardware acceleration in your codebase. These...
Document non-obvious logic
dotnet/runtimeAdd clear comments explaining the purpose and reasoning behind complex or non-obvious code logic. Comments should exp...
Document function contracts
dotnet/runtimeAlways document function contracts completely, even when surrounding code lacks documentation. Include header comment...
Centralize platform configurations
dotnet/runtimePlatform-specific code and API usage should be centralized in designated configuration files rather than scattered th...
Test edge cases
astral-sh/ruffWhen writing tests, prioritize coverage of edge cases and non-standard code patterns to ensure robust functionality. ...
Single yield algorithm
astral-sh/ruffContext managers must follow a crucial algorithmic constraint: each execution path must yield exactly once. Multiple ...
Logical content organization
astral-sh/ruffOrganize code and documentation logically based on functionality and dependencies. Place files in directories that re...
Clear and relevant comments
astral-sh/ruffEnsure all comments in the codebase provide value and clarity rather than creating confusion. Remove comments that ar...
Write readable conditionals
facebook/reactStructure conditionals for maximum clarity and comprehension. Avoid unnecessary negation in boolean expressions, use ...
Standardize URL handling
facebook/reactWhen working with URLs in networking code, always use the standard `URL` constructor to properly resolve relative URL...
Proper Usage of React Hooks
facebook/reactWhen using the React library in Typescript, ensure that you are correctly implementing the recommended React hooks ba...
Proper Scoping and Usage of React Variables
facebook/reactWhen implementing React components, it is important to ensure that variables are properly scoped and used throughout ...
Multi-stack config settings
facebook/reactWhen creating configuration files for development environments that use multiple technology stacks, ensure settings a...
Explicit CSP nonce management
facebook/reactWhen implementing Content Security Policy (CSP) protections, always explicitly pass nonce values to components rather...
Dry configuration patterns
facebook/reactApply DRY (Don't Repeat Yourself) principles to all configuration files to improve maintainability. Extract shared co...
Document code intent
facebook/reactAdd clear comments that explain the intent and behavior of code that might not be immediately obvious to other develo...
Defensive Handling of Nullable React Components
facebook/reactWhen working with React components that may return null or undefined values, implement defensive coding patterns to p...
Test helpers for maintainability
rails/railsCreate reusable helper methods for common testing operations to improve test maintainability and consistency. Design ...
Spring DI precedence rules
quarkusio/quarkusWhen developing Quarkus extensions that interact with classes containing Spring annotations (like `@Service`, `@Compo...
Prevent metrics cardinality explosion
quarkusio/quarkusWhen implementing metrics and telemetry in your application, avoid using dynamic values like path parameters or user ...
Optimize elimination paths
quarkusio/quarkusWhen implementing algorithms that process large data structures or complex computational paths, prioritize opportunit...
Keep configurations current
quarkusio/quarkusAlways use the latest stable and supported versions in configuration files. This applies to runtime environments, bui...
Document observability context flows
quarkusio/quarkusWhen implementing observability features like OpenTelemetry exporters, metrics collection, or distributed tracing, cl...
Design fluent HTTP APIs
quarkusio/quarkusWhen designing HTTP-related APIs, prioritize readability and intuitiveness through well-crafted fluent interfaces. AP...
Consolidate duplicate configurations
quarkusio/quarkusMaintain a single source of truth for configuration files instead of duplicating them across the codebase. Duplicated...
Type-appropriate null representation
pytorch/pytorchAlways use type-appropriate mechanisms to represent the absence of a value. For objects, use default constructors rat...
Reuse existing algorithms
pytorch/pytorchBefore implementing common algorithms or utilities, check if the codebase already contains an appropriate implementat...
Preserve API compatibility
pytorch/pytorchWhen modifying existing APIs, always prioritize backward compatibility to avoid breaking client code. Before changing...
Optimize container operations
pytorch/pytorchMinimize CPU overhead in container operations by using efficient data structure patterns: 1. **Use static containers...
Hardware acceleration considerations
pytorch/pytorchWhen implementing hardware-accelerated operations for AI models, ensure support for the latest architectures while co...
Descriptive unambiguous names
pytorch/pytorchAlways use descriptive variable names that clearly indicate their purpose without requiring readers to check call sit...
Choose data structures wisely
pytorch/pytorchWhen designing algorithms, select data structures that accommodate all possible scenarios, not just the common case. ...
Choose appropriate pointer types
pytorch/pytorchSelect the right pointer type based on ownership semantics to prevent null reference issues and memory leaks. Follow ...
Centralize configuration detection
pytorch/pytorchAlways use centralized configuration detection mechanisms (like CMake finder modules) instead of hardcoding paths or ...
Actionable error messages
pytorch/pytorchWhen writing error messages in PyTorch code, include not only what went wrong but also clear guidance on how to fix t...
Specific types for performance
pydantic/pydanticUsing concrete types instead of abstract container classes in data models improves validation performance. More speci...
Enforce style with linters
pydantic/pydanticUse automated linting tools to enforce consistent code style across the project, but be deliberate about which rules ...
Data structure correctness
pydantic/pydanticEnsure data structures are accurately represented with their proper constraints and valid implementations, particular...
Avoid unnecessary operations
pydantic/pydanticCheck conditions early to skip unnecessary processing and reuse computed values where possible to optimize performanc...
Write objectively
prowler-cloud/prowlerUse an impersonal, objective tone in technical documentation. Avoid using second-person pronouns ("you") and subjecti...
Task signature methods
prowler-cloud/prowlerWhen chaining Celery tasks, choose the correct signature method: - Use `.s()` when a task needs the output from the p...
Prefer server components
prowler-cloud/prowlerDefault to server components in Next.js applications to maximize the benefits of server-side rendering. Avoid adding ...
Parameterize configuration values
prowler-cloud/prowlerAlways extract configuration values (like versions, paths, or other changeable settings) into parameters rather than ...
Log exceptions with context
prowler-cloud/prowlerWhen handling exceptions in your code, ensure they are properly logged with sufficient context to aid debugging. For ...
Format AI code identifiers
prowler-cloud/prowlerWhen documenting AI systems, always format code identifiers, function names, agent names, model names, and other tech...
Flexible AI model versions
prowler-cloud/prowlerWhen integrating LLM or AI models into your application, implement model selection in a way that accommodates the rap...
Environment variables for configurations
prowler-cloud/prowlerStore all configurable values such as URLs, API endpoints, and external service locations in environment variables ra...
Endpoints for evolving data
prowler-cloud/prowlerDesign dedicated API endpoints for data that changes frequently or grows over time, rather than hardcoding such infor...
Enable database resilience
prowler-cloud/prowlerAlways configure appropriate resilience features for database services to ensure data durability and high availabilit...
Consistent environment variable naming
prowler-cloud/prowlerWhen naming environment variables, ensure that names are both technically accurate and follow established project con...
Configure observability variables
prowler-cloud/prowlerAlways define all necessary environment variables for observability tools in configuration files, even if using defau...
Use consistent temporal types
pola-rs/polarsWhen implementing or modifying temporal operations, maintain consistent data types that align with existing temporal ...
Edge case algorithm handling
pola-rs/polarsWhen implementing algorithms, pay special attention to edge cases, particularly empty collections. Define and documen...
Cross-platform feature flags
pola-rs/polarsWhen documenting package installation commands with feature flags, ensure compatibility across different operating sy...
Use relative documentation links
opentofu/opentofuWhen documenting error handling mechanisms, always use relative path references (`../path/to/file.mdx`) instead of ab...
Review consistency assumptions
opentofu/opentofuPeriodically reassess your database operations based on updated consistency guarantees offered by storage technologie...
Provider instance management
opentofu/opentofuEnsure proper configuration of provider instances when using environment-specific settings. When using `for_each` wit...
Protect infrastructure secrets
opentofu/opentofuInfrastructure-as-code tools like OpenTofu may store sensitive information in plaintext state files, creating securit...
Document phased migration paths
opentofu/opentofuWhen replacing an existing system feature with a new implementation, provide a clear and well-documented phased migra...
Contextualize security findings
opentofu/opentofuWhen reporting security vulnerabilities, include sufficient context beyond just vulnerability IDs or codes. Always pr...
Clear relationship descriptions
opentofu/opentofuWhen documenting algorithms or data structures with graph-like relationships, use precise terminology to describe con...
Use proper testing frameworks
open-telemetry/opentelemetry-pythonAlways leverage established testing frameworks and APIs over custom bash scripts or direct Python execution for test ...
Track observability API changes
open-telemetry/opentelemetry-pythonStay informed about API changes in observability libraries like OpenTelemetry, especially during their active develop...
Telemetry version pinning
open-telemetry/opentelemetry-pythonWhen specifying observability frameworks like OpenTelemetry in requirements files, use the compatible release operato...
Adapt for linter compatibility
open-telemetry/opentelemetry-pythonWhen writing or modifying code, design patterns and templates to be compatible with linting tools. This is especially...
Thread-safe resource cleanup
opencv/opencvWhen implementing resource cleanup in concurrent applications, avoid using deprecated finalizers and instead use Phan...
Maintain build compatibility
opencv/opencvWhen modifying build scripts or configurations, ensure compatibility across all supported environments and properly t...
Document configuration version requirements
opencv/opencvMake build configuration options explicit and document their version dependencies. When introducing configuration par...
Check nulls directly
opencv/opencvCheck objects directly for null/empty state instead of using separate tracking variables. Always perform null checks ...
Purpose-reflecting file names
ollama/ollamaFile names should clearly communicate their purpose and functionality. Avoid generic, ambiguous, or numbered names (l...
Path traversal prevention
ollama/ollamaImplement multiple validation layers to prevent path traversal attacks. File paths provided by users or external syst...
Optimize memory allocations
ollama/ollamaBe strategic about memory allocations to improve performance in your C++ code. Consider two key optimization patterns...
Model precision matters
ollama/ollamaWhen deploying AI models on specialized hardware accelerators (GPUs, NPUs), ensure you're using compatible model prec...
Keep container images current
ollama/ollamaAlways use up-to-date and supported container images in Dockerfiles and configuration files. Before specifying a base...
Extract duplicated code
ollama/ollamaIdentify repeated code segments and extract them into reusable functions or variables. This improves maintainability,...
Complete HTTP protocol handling
ollama/ollamaWhen implementing HTTP client functionality, ensure comprehensive support for all standard HTTP status codes and secu...
Complete documentation coverage
ollama/ollamaDocumentation should comprehensively cover all supported options, variations, and potential future use cases. When cr...
AI dependency decoupling strategy
ollama/ollamaImplement clear boundaries between your core AI system and external machine learning libraries through abstraction la...
Verify documentation links
octokit/octokit.netAlways ensure external links in documentation are valid, secure, and point to authoritative sources. This includes: ...
Use appropriate framework targets
octokit/octokit.netWhen configuring .NET projects, always use the correct target framework elements and versions: 1. Use the singular `...
Secure permission modeling
octokit/octokit.netWhen implementing security-related models such as permissions, carefully design the properties to prevent unauthorize...
Precise and consistent naming
octokit/octokit.netNames should clearly indicate their specific purpose and context, while maintaining correct capitalization of brand n...
File-specific indentation standards
octokit/octokit.netMaintain consistent indentation based on file type to ensure code readability and prevent unwanted whitespace changes...
Validate Next.js Configuration Usage
vercel/next.jsWhen implementing Next.js in your application, ensure that you are correctly using the framework's documented configu...
Robust Error Handling in Next.js Components
vercel/next.jsWhen building Next.js components, it is crucial to implement robust error handling to ensure the stability and predic...
Proper panic chains
vercel/next.jsWhen implementing panic handlers, follow these critical practices to ensure robust error handling: register panic han...
Non-blocking observability mechanisms
vercel/next.jsWhen implementing observability mechanisms like telemetry or status monitoring, ensure they don't block or interfere ...
Document configuration sources
vercel/next.jsWhen providing configuration instructions, document the exact location and method to obtain required values. Include ...
Dependency conscious APIs
vercel/next.jsDesign APIs with dependency implications in mind. Carefully consider how your API design choices might force dependen...
Complete error handling flows
vercel/next.jsImplement robust error handling patterns that ensure both proper resource cleanup and error context preservation.
Complete data structures
vercel/next.jsWhen implementing data structures such as tries, trees, or graphs, ensure all critical operations (insertion, deletio...
Choose optimal data structures
vercel/next.jsSelect data structures based on their performance characteristics and actual usage patterns. When implementing algori...
Enable header validation
netty/nettyAlways enable HTTP header validation to prevent request/response splitting vulnerabilities. These attacks can occur w...
Check feature compatibility
netty/nettyWhen using kernel-specific networking features like io_uring, always implement runtime detection of feature support b...
Reliable concurrency synchronization
neondatabase/neonWhen handling concurrent operations, prefer completion signals and proper thread management over arbitrary timeouts. ...
Proper metrics design
neondatabase/neonWhen designing metrics for observability systems like Prometheus, follow established best practices to ensure your me...
Optimize what matters
neondatabase/neonFocus optimization efforts on performance-critical paths rather than applying micro-optimizations everywhere. Balance...
Modern shell syntax
neondatabase/neonPrefer double brackets (`[[ ]]`) over single brackets (`[ ]`) in shell scripts for improved functionality and consist...
Mind transaction boundaries
neondatabase/neonBe conscious of implicit transaction boundaries when working with databases. Programming constructs can create unexpe...
Limit concurrent access slots
neondatabase/neonDesign concurrency mechanisms based on actual usage patterns rather than theoretical maximum connections. When implem...
Handle network interrupts safely
neondatabase/neonNetwork code must properly handle interrupts and maintain consistent connection state at all potential interruption p...
Feature flag implementation clarity
neondatabase/neonWhen implementing feature flags in the system, clearly document both the evaluation strategy and its performance impl...
Document parameter choices
neondatabase/neonAlways add explanatory comments for parameters or configuration options that aren't self-explanatory from their names...
Document connection transitions
neondatabase/neonWhen implementing systems that involve network connection state changes (such as during failovers, restarts, or compo...
Database replica promotion safeguards
neondatabase/neonWhen implementing database replica promotion logic, avoid temporary workarounds that bypass validation checks. Instea...
Balance flexibility with performance
neondatabase/neonWhen designing APIs, carefully balance flexibility against performance constraints. More flexible APIs often come wit...
Use pytest parameterization
apache/mxnetStructure unit tests using pytest's parameterize decorator instead of manual loops or wrapper functions. This approac...
Use named constants
apache/mxnetIn AI model implementations, avoid using magic numbers directly in code as they reduce readability and make maintenan...
Pre-compute reused data
apache/mxnetWhen data will be accessed multiple times during processing, avoid redundant calculations by pre-computing values upf...
Consistent API documentation
apache/mxnetMaintain high-quality, consistent documentation as a critical component of API design. Documentation should feature: ...
Update documentation configuration
langchain-ai/langchainjsWhen adding new files or components to the project, ensure that documentation configuration is updated accordingly. T...
Simplify code organization
langchain-ai/langchainjsMaintain clean code organization by eliminating unnecessary abstractions and preventing codebase fragmentation. This ...
Platform-appropriate environment variables
langchain-ai/langchainjsAlways use the correct syntax for accessing environment variables based on the target platform. In JavaScript/Node.js...
Match configuration documentation
langchain-ai/langchainjsConfiguration documentation must accurately reflect implementation details and behavior. Ensure that: 1. Code exampl...
Follow standard naming
langchain-ai/langchainjsUse established naming patterns and correct capitalization throughout the codebase and documentation. For test fixt...
Validate model optimization
kubeflow/kubeflowWhen implementing AI model optimization techniques such as early stopping algorithms or hyperparameter tuning, includ...
Validate inputs explicitly
kubeflow/kubeflowAlways validate input parameters and respond with appropriate HTTP status codes when invalid values are detected, eve...
Use enums for state
kubeflow/kubeflowWhen handling nullable or undefined states, use enumerations instead of primitive types like boolean or null/undefine...
Use CSS classes properly
kubeflow/kubeflowAvoid inline styles and `!important` declarations in your HTML templates. Instead, define and use CSS classes that en...
Unique workflow step names
kubeflow/kubeflowWhen defining CI/CD workflows, always ensure task/step names are unique to prevent execution failures. Workflow engin...
Type-appropriate default values
kubeflow/kubeflowInitialize variables with type-appropriate default values to prevent type errors and null reference exceptions during...
Standardize style scripts
kubeflow/kubeflowMaintain consistent code style enforcement scripts across all projects by standardizing linting and formatting config...
Standardize metrics collection
kubeflow/kubeflowUse the appropriate metric types for the data being collected and consider centralizing monitoring code to ensure con...
Stable configuration management
kubeflow/kubeflowAlways ensure configuration values are managed consistently and sourced from stable locations. 1. Use defined const...
Safe URL operations
kubeflow/kubeflowWhen handling URLs for API interactions and navigation, use precise methods for both comparison and construction to a...
Reduce nesting depth
kubeflow/kubeflowImprove code readability by reducing nesting depth with early returns and functional approaches. Use early returns to...
Private variable naming convention
kubeflow/kubeflowUse the 'prv' prefix for private class members and ensure they're explicitly declared with the 'private' access modif...
Prefer external configuration
kubeflow/kubeflowDesign applications to use external configuration sources rather than hardcoding values directly in source code. This...
Optimize container build configurations
kubeflow/kubeflowConfigure containerized application builds to be efficient and flexible by avoiding hardcoded architecture decisions ...
Match algorithms to purpose
kubeflow/kubeflowSelect algorithmic constructs and control structures that are appropriate for the specific task. Common issues includ...
Isolate test cases
kubeflow/kubeflowCreate separate test functions for distinct functionality to improve test clarity and make failure points more obviou...
Enforce least privilege
kubeflow/kubeflowConfigure all systems with the minimum permissions required to function. For Kubernetes deployments, use security con...
Document networking annotations
kubeflow/kubeflowWhen using Istio or other networking-related annotations in configuration files, always include detailed comments exp...
Document migration paths
kubeflow/kubeflowWhen implementing version changes or migrations, provide comprehensive documentation and tools to support users throu...
Descriptive consistent naming
kubeflow/kubeflowUse descriptive and consistent names throughout the codebase. Prefer full, meaningful names over acronyms or abbrevia...
Consistent separator conventions
kubeflow/kubeflowUse appropriate separators in compound identifiers to improve readability and ensure naming consistency across the co...
Consistent descriptive naming
kubeflow/kubeflowMaintain consistency in naming patterns across related resources while ensuring names accurately reflect their purpos...
Component-agnostic styling principles
kubeflow/kubeflowCreate reusable components with styles that don't make assumptions about parent contexts or affect their positioning ...
Centralize dependency configurations
kubeflow/kubeflowWhen adding or updating package dependencies, place them in centralized configuration files rather than duplicating t...
Automate style enforcement
kubeflow/kubeflowConfigure your development environment to automatically enforce code style standards rather than relying on manual ch...
API structure balance
kubeflow/kubeflowMaintain a clear separation between resource-specific API handlers and common utilities. Resource-specific handlers s...
Use modern test infrastructure
JetBrains/kotlinAlways add new tests to the current recommended test infrastructure rather than legacy systems that are being phased ...
Minimize not-null assertions
JetBrains/kotlinAvoid using not-null assertions (`!!`) when safer alternatives exist. Instead: 1. Use safe calls (`?.`) when accessin...
Dependency verification configuration
JetBrains/kotlinWhen adding new dependencies to build.gradle.kts files, always update the corresponding verification metadata to prev...
Copy external string inputs
JetBrains/kotlinWhen storing string pointers from external sources (like command-line arguments), always validate the input and creat...
Document versioning strategies
influxdata/influxdbEstablish and clearly document versioning strategies in configuration files, both for your application and its depend...
Document function signatures
influxdata/influxdbAlways document function parameters and return values in the function header comment or interface definition. This is...
Centralize workspace configurations
influxdata/influxdbCentralize configuration settings like dependency versions and feature flags at the workspace level rather than dupli...
Semantic naming consistency
elie222/inbox-zeroEnsure all model and field names semantically reflect their actual purpose and maintain consistency with their usage ...
Ensure schema-migration consistency
elie222/inbox-zeroWhen modifying database schemas, ensure complete alignment between schema definitions and SQL migration scripts. Ever...
Eliminate documentation redundancy
elie222/inbox-zeroDocumentation should be concise and avoid repeating the same information in multiple places. Redundant content confus...
Consistent code organization
elie222/inbox-zeroMaintain consistent patterns when organizing code elements within schema files. Place standard fields (like IDs and t...
Collections use plural names
elie222/inbox-zeroAlways use plural names for properties representing collections (arrays/lists) in interfaces, types, and destructurin...
Workflow permission boundaries
grafana/grafanaAlways define explicit and minimal permission boundaries in GitHub Actions workflows to adhere to the principle of le...
Use dynamic port allocation
grafana/grafanaWhen writing tests that require network services (HTTP, gRPC, or custom protocols), use port 0 to let the operating s...
Stable test assertions
grafana/grafanaWrite tests that focus on behavior rather than implementation details to create more stable and maintainable test sui...
Sort with clarity
grafana/grafanaEnsure sorting functions are named to accurately reflect their behavior and implement consistent sorting approaches t...
Opt-in configurable caching
grafana/grafanaImplement caching mechanisms as opt-in features with explicit configuration options rather than as defaults. This app...
Object parameters for readability
grafana/grafanaWhen a function has 3 or more parameters, use object destructuring instead of positional arguments. This improves cod...
Document translatable UI text
grafana/grafanaAll user-facing text in UI components should be properly documented for translation using the application's internati...
Defense in depth
grafana/grafanaAlways implement multiple layers of security controls, even when they might seem redundant. This strategy ensures pro...
Contextual structured logging
grafana/grafanaLog messages should provide sufficient context to be meaningful and actionable while following structured logging pat...
Check before calculating
grafana/grafanaImplement preliminary validation checks before executing expensive operations to avoid unnecessary processing. When h...
Balance flexibility with simplicity
grafana/grafanaWhen designing component APIs, strive to find the optimal balance between providing flexible configuration options an...
Assert with precision
grafana/grafanaTests should verify actual behavior rather than just successful execution. When writing assertions, favor precise equ...
Use standard HTTP constants
gin-gonic/ginAlways use the standard HTTP status constants from the `http` package instead of raw numeric values in your networkin...
Select algorithms by complexity
gin-gonic/ginChoose appropriate algorithms based on computational complexity requirements and context. When implementing lookups, ...
Preserve security configurations
gin-gonic/ginAlways respect explicitly set security attributes and properly sanitize user inputs to prevent security vulnerabiliti...
Pin dependency versions
gin-gonic/ginAlways specify exact versions of tools and dependencies in CI/CD workflows rather than using 'latest' or floating ver...
Minimize configuration complexity
gin-gonic/ginKeep configuration files clean and maintainable by regularly reviewing and removing unnecessary settings and outdated...
Initialize before null-checking
gin-gonic/ginWhen handling potentially nil values, ensure proper initialization order to prevent race conditions and null referenc...
Document API behavior
gin-gonic/ginThoroughly document how your API endpoints handle data binding and processing, especially non-obvious behaviors that ...
Declare .PHONY targets
gin-gonic/ginAlways explicitly declare all Makefile targets that don't create files as `.PHONY`. This prevents conflicts with pote...
Close resource handles properly
gin-gonic/ginAlways close file resources and other system handles after use to prevent resource leaks. Resource leaks can cause sy...
Prefer flat control flow
ghostty-org/ghosttyMinimize code nesting by using Swift features like `guard` statements and early returns instead of deeply nested if-e...
Pipeline-friendly script design
ghostty-org/ghosttyDesign scripts to be easily integrated into build pipelines and CI/CD workflows by using standard I/O streams instead...
Generate dynamic configurations
ghostty-org/ghosttyAlways generate configuration files programmatically when they contain dynamic content that changes frequently or nee...
Format for readability
ghostty-org/ghosttyDocumentation should be formatted to optimize readability and information retention. Apply these principles to make d...
Validate security-critical inputs
fatedier/frpAlways implement thorough validation for user-controllable inputs that could pose security risks. Particularly: 1. *...
Focus documentation content
fatedier/frpMaintain streamlined primary documentation (like README files) that focuses only on currently supported functionality...
Document code decisions
fatedier/frpAlways include clear documentation for important code decisions and metadata. This includes preserving copyright noti...
Check context cancellation
fatedier/frpAlways implement proper cancellation mechanisms in concurrent code to prevent goroutine leaks and enable timely shutd...
Precise testing dependency versioning
laravel/frameworkWhen specifying testing library dependencies, always use explicit minimum patch versions rather than development bran...
Mark sensitive parameters
laravel/frameworkAlways use the `#[\SensitiveParameter]` attribute for parameters containing sensitive information such as passwords, ...
Verify types in tests
fastify/fastifyUse explicit type assertions in TypeScript tests to verify that types behave as expected across various scenarios. In...
Use bot identity
fastify/fastifyWhen configuring Git operations in GitHub Actions workflows, especially for automated commits, use the GitHub Actions...
Support flexible logging
fastify/fastifyWhen designing logging interfaces, create flexible APIs that accommodate both standard and custom logging needs. This...
Secure Fastify Code Implementation
fastify/fastifyThis review focuses on secure implementation patterns when using the Fastify web framework in Typescript: prevent Pro...
Proper IPv6 address formatting
fastify/fastifyWhen constructing URLs with IP addresses, ensure IPv6 addresses are properly formatted according to RFC standards by ...
Ensure Proper Null Handling When Using Fastify Decorators
fastify/fastifyWhen working with Fastify decorators, always perform explicit null checks before accessing potentially undefined prop...
Consistent Fastify Package Naming and References
fastify/fastifyWhen implementing code using the Fastify package in Typescript, it is important to use consistent and accurate naming...
Use universally understandable identifiers
fastapi/fastapiWhen naming variables, functions, routes, and other code elements, use clear, neutral terminology that will be unders...
Use streaming generators
fastapi/fastapiWhen processing large files or datasets, implement generator functions that yield data incrementally rather than load...
Use appropriate documentation formats
fastapi/fastapiChoose the most suitable documentation format based on context to maximize readability and information value. For P...
Optimize IO with async
fastapi/fastapiFastAPI's performance advantage comes from its asynchronous foundation built on Starlette and Uvicorn, using `uvloop`...
Environment-specific database configuration
fastapi/fastapiConfigure database connections differently based on the environment. Use lightweight file-based databases like SQLite...
Consistent dependency versioning
fastapi/fastapiWhen updating dependency version constraints in requirements files, ensure consistency with versions pinned by other ...
Clear informative errors
fastapi/fastapiError messages should be clear, specific, and provide enough context to understand the issue without exposing unneces...
Avoid blocking in async
fastapi/fastapiWhen working with asynchronous code, ensure that I/O operations (like file reads/writes) don't block the event loop. ...
Modern TypeScript style
expressjs/expressUse modern TypeScript syntax and conventions throughout the codebase. This includes: - Using `const` instead of `var`...
Method chaining for clarity
expressjs/expressDesign API methods that favor chaining over multiple parameters to improve readability and maintainability. When impl...
Maintain API types
expressjs/expressEnsure API type definitions accurately reflect current implementations. When maintaining TypeScript definitions for A...
Exclude sensitive configurations
expressjs/expressDo not commit sensitive, time-limited, or environment-specific configuration files to version control. Instead: 1. F...
Clear array operations
expressjs/expressWhen working with arrays, prioritize clarity and explicitness over terse or clever constructs. For array membership c...
Accurate JSDoc documentation
expressjs/expressAlways ensure JSDoc comments accurately reflect the actual code implementation. Parameter types, optionality, and fun...
Use current configuration patterns
elastic/elasticsearchAlways use the current recommended configuration patterns for your project, avoiding deprecated approaches. When conf...
Specify explicit REST formats
elastic/elasticsearchAlways specify explicit request formats in REST API tests rather than relying on default behaviors. This includes: 1...
Document security requirements explicitly
elastic/elasticsearchAlways document security-related configurations, permissions, and behaviors explicitly and comprehensively. When docu...
Document performance tradeoffs
elastic/elasticsearchAlways explicitly document the performance implications of API parameters, limit changes, and features that could sig...
Complete API parameter documentation
elastic/elasticsearchAPI endpoints must include comprehensive documentation for all parameters. For each parameter, clearly specify: 1. W...
Avoid flaky tests
elastic/elasticsearchDesign tests to be deterministic and reliable across different environments. Tests that occasionally fail due to timi...
Type-safe numerical algorithms
deeplearning4j/deeplearning4jWhen implementing numerical algorithms, always use appropriate data types to prevent overflow and preserve precision:...
Prevent memory leaks
deeplearning4j/deeplearning4jAlways ensure proper memory management when using dynamic allocation. Memory leaks are a critical performance issue t...
Preserve API compatibility
deeplearning4j/deeplearning4jWhen evolving APIs, prioritize backward compatibility to protect existing client code. Make new parameters optional w...
Optimize validation checks
deeplearning4j/deeplearning4jWhen implementing validation and requirement checks, balance thoroughness with performance considerations. Critical v...
Optimize hardware acceleration
deeplearning4j/deeplearning4jAI systems should use the most performant hardware acceleration libraries and carefully manage hardware-specific depe...
Modular adaptive configurations
deeplearning4j/deeplearning4jStructure configuration scripts with modularity and adaptability in mind. Extract repeated parameters into variables,...
Maintain proper capitalization
deeplearning4j/deeplearning4jAlways use correct and consistent capitalization for product names, class names, and method names throughout code and...
Ensure test determinism
deeplearning4j/deeplearning4jCreate reliable and reproducible tests by explicitly controlling test inputs and verifying function behavior doesn't ...
Document in-code decisions
deeplearning4j/deeplearning4jAlways include explanations for implementation decisions, non-obvious constructs, and specialized functions directly ...
Document AI implementation references
deeplearning4j/deeplearning4jWhen implementing AI algorithms or neural network operations, document the sources of specific implementation choices...
Functional code examples
crewaiinc/crewaiEnsure all code examples in documentation are complete, accurate, and ready to run without modification. Since develo...
Fail securely by default
crewaiinc/crewaiWhen designing systems that handle sensitive operations, always default to the most secure behavior rather than prior...
Consistent configuration declarations
crewaiinc/crewaiEnsure configuration specifications (such as version requirements, environment settings, and tool declarations) are c...
Prefer safe DOM manipulations
vuejs/coreWhen manipulating DOM content, prefer safer alternatives to innerHTML when possible to prevent Cross-Site Scripting (...
Optimize build scripts
vuejs/coreImprove CI/CD pipeline efficiency by optimizing package.json scripts. Run compatible tasks in parallel using pattern ...
Align configurations with usage
vuejs/coreConfiguration files should accurately reflect the actual requirements and characteristics of your codebase. When sett...
Configure loggers consistently
salesforce/cloudsplainingAlways configure module-level loggers with a consistent pattern across the codebase. Use `logging.getLogger(__name__)...
Verify automated documentation
chef/chefWhen using automated tools to generate documentation, always verify the output for accuracy and document any addition...
Structure CI/CD scripts
chef/chefImprove CI/CD shell scripts' readability and maintainability by using appropriate shell script patterns. Use heredocs...
Standardize bash error-handling
chef/chefAlways use `set -eou pipefail` at the beginning of bash scripts to ensure consistent and robust error handling. This ...
Log message quality
chef/chefEnsure all log messages are consistent in formatting and clear in purpose. Complete sentences in logs should end with...
Use correct encryption properties
bridgecrewio/checkovWhen configuring security features in Azure ARM templates, always use the correct property names as specified in the ...
Target core resources
bridgecrewio/checkovWhen implementing network security checks for serverless functions like AWS Lambda, ensure you target the core functi...
Secure API endpoints
bridgecrewio/checkovAlways configure proper authorization for API endpoints to prevent unauthorized access to back-end resources. Avoid c...
Minimize workflow complexity
bridgecrewio/checkovKeep GitHub Actions workflows efficient and maintainable by eliminating redundant configurations and ensuring compreh...
Lambda CORS protection
bridgecrewio/checkovWhen implementing network security checks for AWS Lambda functions, ensure that CORS (Cross-Origin Resource Sharing) ...
Implement pre-commit hooks
bridgecrewio/checkovAutomate quality and security checks by implementing pre-commit hooks in your Git repositories to catch issues early ...
Ensure dependency compatibility
bridgecrewio/checkovWhen adding or updating dependencies in configuration files (Pipfile, requirements.txt), ensure compatibility with al...
Configure security scanners completely
bridgecrewio/checkovSecurity scanning tools must be fully configured to maximize detection capabilities. When implementing tools like Che...
Azure encryption property names
bridgecrewio/checkovWhen configuring encryption settings for Azure resources in ARM templates, always use the correct property names as d...
Use appropriate comment syntax
boto/boto3Choose the correct comment syntax based on the file type and processing system to ensure documentation serves its int...
Keep CI configurations updated
boto/boto3Regularly review and update CI configuration files to remove obsolete settings and use appropriate version specificat...
Function-focused code organization
boto/boto3Files should contain only code related to their named purpose, with proper organization and formatting. When adding f...
Follow flake8 style guidelines
boto/boto3Adhere to the project's established flake8 style guidelines as defined in setup.cfg. This includes: 1. Maintain line...
Avoid identifier name stuttering
boto/boto3Do not repeat the resource name in identifier names. This form of stuttering makes code less readable and inconsisten...
Use higher-level telemetry
Azure/azure-sdk-for-netWhen implementing observability for Azure services, prefer higher-level telemetry packages and configuration methods ...
Preserve protocol data integrity
Azure/azure-sdk-for-netWhen working with network protocols (like AMQP, NFS, or SMB), maintain the integrity of the original protocol data st...
Match CI commands locally
Azure/azure-sdk-for-netAlways use the same build and test commands locally that are used in your CI pipeline to ensure consistency between e...
Handle external process errors
Azure/azure-sdk-for-netWhen calling external processes (like dotnet, msbuild, etc.), always implement proper error handling and output manag...
Eliminate repeated code
Azure/azure-sdk-for-netReduce code duplication by extracting repeated patterns into variables, loops, or helper functions. When you find you...
Document non-obvious code
Azure/azure-sdk-for-netAdd clarifying comments to code elements whose purpose or behavior may not be immediately apparent to other developer...
Document maintenance decisions
Azure/azure-sdk-for-netAdd clear documentation for any decisions that affect future code maintenance. This includes: 1. Providing explanato...
Document AI changes thoroughly
Azure/azure-sdk-for-netWhen updating AI libraries and SDKs, ensure all changes are thoroughly documented in changelogs with clear categoriza...
Complete pipeline configurations
Azure/azure-sdk-for-netEnsure all CI/CD configuration files have their required fields properly populated with specific values rather than e...
Approve AI dependencies conditionally
Azure/azure-sdk-for-netAll AI-related dependencies (Microsoft.Extensions.AI.*, etc.) require explicit approval before inclusion and must be ...
Address not mask
Azure/azure-sdk-for-netAlways address the root cause of CI/CD pipeline issues rather than masking them with quick fixes. This applies to enc...
Use Appropriate Concurrency Patterns with Axum
tokio-rs/axumWhen building asynchronous Axum applications that share mutable state, it's important to select the right concurrency...
Implement Distributed Tracing in Axum Applications
tokio-rs/axumAs an Axum code reviewer, I recommend implementing proper distributed tracing in your Axum-based web applications to ...
User-friendly error messages
axios/axiosError messages should be concise and clearly communicate what went wrong without unnecessary verbosity. When implemen...
Flexible configuration design
axios/axiosDesign configuration interfaces to be flexible and extensible rather than overly specific. When creating configuratio...
Consistent semicolon usage
axios/axiosAlways terminate statements with explicit semicolons to maintain consistency with the existing codebase style. Avoid ...
Consistent Axios Usage Patterns
axios/axiosMaintain consistent usage of the Axios library throughout your Typescript codebase. Pay special attention to consiste...
Standardize API promise patterns
aws/aws-sdk-jsWhen adding promise support to API methods, implement a consistent pattern that handles both callback-style and multi...
Semantic type organization
aws/aws-sdk-jsOrganize types and interfaces in intuitive namespace hierarchies and use specific types instead of generic ones. Type...
Organize type declarations
aws/aws-sdk-jsStructure TypeScript declarations to improve maintainability and developer experience. Organize related types into ap...
Example documentation standards
aws/aws-sdk-jsOrganize API documentation examples for maximum clarity and usefulness. Place hand-written examples before generated ...
Document sdk version requirements
aws/aws-sdk-jsAlways explicitly document AWS SDK version requirements in your project, and include configuration instructions for d...
Complete configuration type definitions
aws/aws-sdk-jsEnsure configuration type definitions are complete and consistent between global and service-specific settings. When ...
Accurate type signatures
aws/aws-sdk-jsWhen defining API interfaces in TypeScript, ensure that method signatures accurately reflect the actual behavior and ...
Validate configuration source changes
apache/airflowWhen switching between different configuration sources (like APIs or configuration values), ensure data structure com...
Use proper access patterns
apache/airflowAccess configurations through documented abstraction layers rather than bypassing them with direct database or low-le...
Use guards over assertions
apache/airflowPrefer explicit type guards and null checks over TypeScript's type assertions (`as`) when handling potentially null o...
Quote shell variables
apache/airflowAlways quote shell script variable expansions using double quotes to prevent word splitting issues and ensure consist...
Optimize CI configurations
apache/airflowWhen designing CI/CD workflows, prioritize both resource efficiency and clear documentation. Incorporate dynamic conf...
Natural language translations
apache/airflowWhen providing translations for user interface elements and documentation, prioritize natural and idiomatic expressio...
Versioning for migrations
vercel/aiUse appropriate version bumps to signal migration requirements and maintain clear upgrade paths. Flag breaking change...
Optimize CI type checking
vercel/aiConfigure separate TypeScript type-checking strategies for CI environments and local development. CI pipelines should...
Format for rendering compatibility
vercel/aiDocumentation should be formatted appropriately for its intended rendering context and ensure discoverability. Consid...
Flexible API inputs
vercel/aiDesign APIs to accept flexible input formats and schema structures, ensuring a better developer experience while main...
Consistent camelCase naming
vercel/aiUse camelCase consistently for all property names, method names, and configuration options, even when interacting wit...
Consistent AI interfaces
vercel/aiMaintain consistent naming patterns and parameter structures across AI provider implementations. This makes the SDK m...
Warn against sudo
zed-industries/zedApplications that may need elevated privileges should explicitly warn against running the entire application with sud...
Verify dependency integrity
vitessio/vitessAlways verify the integrity of external dependencies, especially those downloaded from non-official or personal repos...
Permission hierarchy awareness
vitejs/viteWhen implementing permission checks, understand the hierarchical nature of permissions and avoid redundant checks. Hi...
Escape HTML content properly
vitejs/viteAlways use specialized HTML escaping functions when outputting dynamic content to prevent Cross-Site Scripting (XSS) ...
Mask sensitive tokens
astral-sh/uvAlways mask sensitive tokens, credentials, and secrets in CI/CD workflows to prevent accidental exposure in logs or b...
Add interactive element roles
shadcn-ui/uiWhen adding event handlers like `onClick` to non-interactive elements such as `div`, always include appropriate ARIA ...
Accessible security indicators
shadcn-ui/uiEnsure all security-related UI elements such as warnings, error messages, and destructive action buttons meet WCAG co...
Precise documentation links
vercel/turborepoWhen creating error messages related to security, permissions, or access controls, always provide specific links to r...
Avoid unsafe code
huggingface/tokenizersPrioritize memory safety and security over performance optimizations by avoiding unsafe code blocks, especially in li...
Sanitize command inputs
hashicorp/terraformWhen constructing commands that will be executed, always sanitize input values to prevent command injection vulnerabi...
Least privilege for tokens
hashicorp/terraformAlways apply the principle of least privilege when configuring access tokens for CI/CD workflows and other automated ...
Maintain package verification
tensorflow/tensorflowAlways keep signature verification enabled in package managers, even in development environments, Docker containers, ...
Validate security-sensitive inputs
spring-projects/spring-frameworkAlways use appropriate validation mechanisms for security-sensitive inputs to prevent vulnerabilities. When implement...
Inherit organization security policies
spring-projects/spring-bootBefore implementing custom security documentation or procedures, check if your organization already provides standard...
Constant-time cryptographic validation
dotnet/runtimeAlways use constant-time comparison methods when validating cryptographic values to prevent timing side-channel attac...
Use explicit permission notations
astral-sh/ruffWhen setting file permissions through system calls like `chmod`, always use explicit octal notation (with the `0o` pr...
Prefer modern security
quarkusio/quarkusWhen implementing security features (such as artifact signing), use current best practices and prefer pure-Java secur...
Test authentication dependencies
prowler-cloud/prowlerWhen updating authentication-related dependencies or adding new authentication capabilities (like SAML, OAuth, etc.),...
Precise CSP configuration
prowler-cloud/prowlerWhen integrating third-party services into your web application, carefully configure Content Security Policy (CSP) he...
Fix dependency vulnerabilities
prowler-cloud/prowlerSecurity vulnerabilities in dependencies must be addressed immediately rather than bypassed with flags like `--no-ver...
Avoid localStorage for credentials
prowler-cloud/prowlerDo not store user profiles, authentication tokens, or other sensitive user information in client-side storage mechani...
Redact sensitive credentials
pola-rs/polarsWhen implementing authentication or handling credentials, always redact sensitive information (keys, tokens, password...
Secure encryption key backups
opentofu/opentofuAlways implement proper encryption key management procedures, including secure backups of encryption keys before enab...
Preserve sensitive data marks
opentofu/opentofuCarefully handle data marked as sensitive throughout the codebase to maintain security properties. Ensure that sensit...
Document security attributes
vercel/next.jsWhen handling security-related attributes (like nonces, integrity hashes, or CSP directives), always document the log...
Decode before validation
vercel/next.jsAlways decode URL paths before performing security validations to prevent bypass attacks using URL encoding. Security...
Prefer opt-in security
neondatabase/neonWhen implementing security features that modify data presentation or alter normal data access patterns (like anonymiz...
Harden CI/CD runners
neondatabase/neonAll CI/CD workflow jobs must implement security controls for network traffic, particularly using the step-security/ha...
Escape SQL parameters
neondatabase/neonAlways escape parameters in database connection strings to prevent SQL injection attacks. Direct string concatenation...
Avoid eval function
apache/mxnetNever use the `eval()` function in Python code as it creates serious security vulnerabilities by executing arbitrary ...
Private vulnerability reporting
kubeflow/kubeflowNever expose security vulnerabilities in public issue trackers. Security issues require confidential handling to prev...
Prevent XSS vulnerabilities
kubeflow/kubeflowNever directly concatenate untrusted data (like user inputs or API responses) into HTML strings, as this creates cros...
Harden container security
kubeflow/kubeflowWhen building container images, ensure they're compatible with restricted Kubernetes security contexts. Use numeric U...
Enforce HTTPS protocol
kubeflow/kubeflowAlways validate that URLs use the HTTPS protocol in both implementation code and validation error messages. Even if y...
Control header modification
kubeflow/kubeflowWhen allowing user-configurable HTTP headers in your application, implement strict validation to prevent security byp...
Configurable security with defaults
kubeflow/kubeflowMake security features configurable through environment variables or configuration files, but always implement secure...
Document security implementations
JetBrains/kotlinAlways document non-obvious security implementations, especially authentication mechanisms, with explanatory comments...
Vet security-critical dependencies
influxdata/influxdbWhen introducing new dependencies, especially those handling sensitive operations like language interpreters, perform...
Secure dependency management
elie222/inbox-zeroAlways maintain secure dependencies by following these two critical security practices: 1. **Keep dependencies updat...
Quote shell substitutions
elie222/inbox-zeroAlways enclose command substitutions in double quotes when assigning to variables or using in shell scripts to preven...
Enforce user scoping
elie222/inbox-zeroAll database queries must include appropriate user scoping to prevent unauthorized data access and Insecure Direct Ob...
Use appropriate permission checks
grafana/grafanaWhen implementing role-based access control (RBAC), ensure you use the correct permission verification method based o...
Update vulnerable dependencies
grafana/grafanaAlways update dependencies with known security vulnerabilities to their patched versions. Dependencies with security ...
Avoid plaintext credentials
grafana/grafanaNever include plaintext passwords or credentials in connection strings, configuration files, or documentation example...
Secure temporary files
ghostty-org/ghosttyAlways use `mktemp` instead of manually constructing temporary file paths with random values. Manually constructed pa...
Sanitize debug output
ghostty-org/ghosttyNever print or log sensitive information such as tokens, passwords, or secrets that might be present in environment v...
Non-root container users
fatedier/frpAlways run containers with a non-root user to reduce the security attack surface. Modern Docker allows non-root users...
Secure Content-Type validation
fastify/fastifyWhen implementing Content-Type validation, ensure regular expressions start with '^' or include ';?' to properly dete...
Use unique password salts
expressjs/expressWhen implementing password hashing, always use unique, randomly generated salts for each user. Using constant or shar...
Pin action commit hashes
expressjs/expressAlways pin third-party GitHub Actions to specific commit hashes rather than semantic version tags (like `@v1`). This ...
Enforce least privilege
elastic/elasticsearchAlways assign the minimum permissions necessary for functionality when implementing role-based access controls. This ...
Update security-critical dependencies
chef/chefRegularly audit and update third-party libraries and dependencies to address known security vulnerabilities. Pay spec...
Expand IAM wildcards
bridgecrewio/checkovAlways expand IAM wildcard permissions (`*`) to specific actions for thorough security analysis. Wildcard permissions...
Avoid wildcard permissions
bridgecrewio/checkovImplement the principle of least privilege by avoiding wildcard permissions (e.g., '*') in access control policies. A...
Avoid hardcoded secrets
bridgecrewio/checkovNever include hardcoded secrets or credentials in your infrastructure as code files. Secrets in configuration files p...
Use standard example credentials
boto/boto3When including API keys, access tokens, or other credentials in documentation, examples, or test code, always use cle...
Redact sensitive information
Azure/azure-sdk-for-netAlways sanitize configuration data or any potentially sensitive information before logging or displaying it. When log...
Externalize sensitive credentials
Azure/azure-sdk-for-netNever hardcode sensitive values such as client identifiers, API keys, connection strings, or passwords directly in co...
Complete authentication testing
Azure/azure-sdk-for-netAlways verify both positive and negative authentication scenarios in your security tests. For each authentication mec...
Secure cookie configuration
tokio-rs/axumAlways set appropriate security flags on cookies, especially those used for authentication or session management. At ...
Isolate sensitive buffer data
aws/aws-sdk-jsWhen handling sensitive data in Node.js, protect against data leakage by isolating sensitive content in dedicated buf...
Prioritize secure token storage
apache/airflowWhen implementing authentication token handling, prioritize more secure storage mechanisms over less secure ones. Spe...
Document security exceptions
apache/airflowWhen disabling security-related linter rules or bypassing security best practices, always include comments that expla...