-
Notifications
You must be signed in to change notification settings - Fork 297
Expand file tree
/
Copy path.cursorrules
More file actions
18 lines (15 loc) · 1.16 KB
/
.cursorrules
File metadata and controls
18 lines (15 loc) · 1.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
# Project Rules
Read CLAUDE.md at the repo root and apps/api/CLAUDE.md for comprehensive project rules.
## Quick Reference
- **Package manager**: `bun` (never npm/yarn/pnpm)
- **No `as any`** casts. No `@ts-ignore`. Fix the types instead.
- **Max 300 lines** per file.
- **Session auth only** — no JWT. Use `credentials: 'include'` for API calls.
- **RBAC**: `@RequirePermission('resource', 'action')` on every API endpoint. Gate UI with `hasPermission()`.
- **Design system**: Always `@trycompai/design-system` first, `@trycompai/ui` only as fallback. Icons from `@trycompai/design-system/icons`.
- **Data fetching**: Server components use `serverApi`. Client components use SWR hooks with `apiClient`.
- **No server actions** for new features. Call NestJS API directly.
- **Tests required** for every new feature. TDD preferred.
- **Conventional commits**: `<type>(<scope>): <description>`
- **Controller format**: `@Controller({ path: 'name', version: '1' })`, NOT `@Controller('v1/name')`
- **Permission resources**: organization, member, control, evidence, policy, risk, vendor, task, framework, audit, finding, questionnaire, integration, apiKey, trust, pentest, app, compliance