陌讯skills聚合平台

nestjs-best-practices

📁 xirothedev/agent-skills 📅 Jan 20, 2026
25
总安装量
25
周安装量
#7926
全站排名
安装命令
npx skills add https://github.com/xirothedev/agent-skills --skill nestjs-best-practices

Agent 安装分布

gemini-cli 18
opencode 17
claude-code 17
codex 16
cursor 16

Skill 文档

NestJS Best Practices

Comprehensive guide for building production-ready NestJS applications. Contains 26 rules across 13 categories, covering security, architecture, performance, validation, database operations, authentication, and advanced patterns.

When to Apply

Reference these guidelines when:

  • Writing new NestJS modules, controllers, or services
  • Implementing authentication and authorization
  • Setting up Prisma database operations
  • Creating DTOs and validation pipes
  • Adding middleware or guards
  • Implementing error handling and logging
  • Reviewing NestJS code for best practices
  • Refactoring existing NestJS applications

Rule Categories by Priority

Priority Category Impact Prefix
1 Security CRITICAL security-
2 Performance HIGH performance-
3 Architecture HIGH architecture-
4 Error Handling HIGH error-handling-
5 Validation CRITICAL validation-
6 Database CRITICAL database-
7 Authentication CRITICAL auth-
8 API MEDIUM api-
9 Configuration CRITICAL config-
10 Testing MEDIUM testing-
11 Deployment MEDIUM deployment-
12 Middleware MEDIUM middleware-
13 Advanced HIGH advanced-

Quick Reference

1. Security (CRITICAL)

  • security-cors-whitelist – Enable CORS with whitelist origins only
  • security-dependency-audit – Regular dependency security audits with bun
  • security-helmet-headers – Use Helmet middleware for security headers

2. Performance (HIGH)

  • performance-redis-caching – Cache frequently used data with Redis

3. Architecture (HIGH)

  • architecture-short-functions – Keep functions short and single purpose
  • architecture-feature-modules – Organize code by feature modules
  • architecture-no-dead-code – Remove unused code and dependencies
  • architecture-thin-controllers – Single responsibility – separate controller and service
  • architecture-naming-conventions – Use consistent naming conventions
  • architecture-event-driven – Use event-driven architecture for loose coupling

4. Error Handling (HIGH)

  • error-handling-exception-filter – Enable global exception filter
  • error-handling-structured-logging – Implement proper logging strategy

5. Validation (CRITICAL)

  • validation-custom-pipes – Create custom pipes for query parameter transformation
  • validation-dto-validation – Validate all inputs with DTOs and ValidationPipe

6. Database (CRITICAL)

  • database-parameterized-queries – Use parameterized queries to prevent SQL injection (Prisma v7)

7. Authentication (CRITICAL)

  • auth-password-hashing – Use Bun’s built-in Crypto for secure password hashing (argon2/bcrypt)
  • auth-route-guards – Use guards for route protection

8. API (MEDIUM)

  • api-cursor-pagination – Use cursor-based pagination for large datasets
  • api-swagger-docs – Generate Swagger/OpenAPI documentation

9. Configuration (CRITICAL)

  • config-no-secrets – Never hardcode secrets – use environment variables

10. Testing (MEDIUM)

  • testing-unit-tests – Write comprehensive unit tests

11. Deployment (MEDIUM)

  • deployment-health-checks – Implement health check endpoints

12. Middleware (MEDIUM)

  • middleware-compression – Enable compression middleware for responses
  • middleware-rate-limiting – Implement rate limiting for all routes

13. Advanced (HIGH)

  • advanced-lazy-loading – Lazy load non-critical modules
  • advanced-scheduled-tasks – Use @nestjs/schedule for cron jobs and scheduled tasks

How to Use

Read individual rule files for detailed explanations and code examples:

rules/security-cors-whitelist.md
rules/auth-route-guards.md
rules/validation-dto-validation.md
rules/_sections.md

Each rule file contains:

  • “For AI Agents” section with step-by-step implementation instructions
  • Quick Reference Checklist for code review
  • ❌ WRONG vs ✅ CORRECT patterns with file locations
  • Installation commands using bun add
  • Comprehensive code examples for NestJS + Prisma
  • Security and performance considerations

Key Patterns

Agent-Friendly Format

All rules are optimized for AI agents with:

  • Explicit file locations (e.g., src/users/users.service.ts)
  • Step-by-step “For AI Agents” sections
  • ✅ CORRECT vs ❌ WRONG pattern comparisons
  • Quick Reference Checklists
  • Clear installation instructions

Technology Stack

  • Framework: NestJS with Express/Fastify adapter
  • Runtime: Bun (native crypto, scheduling)
  • Database: Prisma v7 (sql template tag, interactive transactions)
  • Validation: class-validator + class-transformer
  • Security: Helmet, CORS whitelisting, rate limiting
  • Scheduling: @nestjs/schedule with cron/interval decorators
  • Events: EventEmitter2 for loose coupling

Full Compiled Document

For the complete guide with all rules expanded: AGENTS.md

Build Commands

cd packages/nestjs-best-practices-build
bun install
bun run build      # Generate AGENTS.md
bun run validate   # Validate rule files
bun run dev        # Build and validate

Statistics

  • 13 sections covering all aspects of NestJS development
  • 26 rules prioritized by impact (CRITICAL, HIGH, MEDIUM)
  • Prisma v7 compatible database patterns
  • Bun runtime native features (Crypto.hashPassword, @nestjs/schedule)
  • Agent-optimized for automated code generation and review
GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台
本页面由 陌讯 Skills 聚合平台 收录整理,数据定期更新。