Loading source
Pulling the file list, source metadata, and syntax-aware rendering for this listing.
Source from repo
40 prioritized NestJS best practices across architecture, DI, security, performance, testing, and microservices.
Files
Skill
Size
Entrypoint
Format
Open file
Syntax-highlighted preview of this file as included in the skill package.
SKILL.md
1---2name: nestjs-best-practices3description: NestJS best practices and architecture patterns for building production-ready applications. This skill should be used when writing, reviewing, or refactoring NestJS code to ensure proper patterns for modules, dependency injection, security, and performance.4license: MIT5metadata:6author: Kadajett7version: "1.1.0"8---9# NestJS Best Practices11Comprehensive best practices guide for NestJS applications. Contains 40 rules across 10 categories, prioritized by impact to guide automated refactoring and code generation.13## When to Apply15Reference these guidelines when:17- Writing new NestJS modules, controllers, or services19- Implementing authentication and authorization20- Reviewing code for architecture and security issues21- Refactoring existing NestJS codebases22- Optimizing performance or database queries23- Building microservices architectures24## Rule Categories by Priority26| Priority | Category | Impact | Prefix |28|----------|----------|--------|--------|29| 1 | Architecture | CRITICAL | `arch-` |30| 2 | Dependency Injection | CRITICAL | `di-` |31| 3 | Error Handling | HIGH | `error-` |32| 4 | Security | HIGH | `security-` |33| 5 | Performance | HIGH | `perf-` |34| 6 | Testing | MEDIUM-HIGH | `test-` |35| 7 | Database & ORM | MEDIUM-HIGH | `db-` |36| 8 | API Design | MEDIUM | `api-` |37| 9 | Microservices | MEDIUM | `micro-` |38| 10 | DevOps & Deployment | LOW-MEDIUM | `devops-` |39## Quick Reference41### 1. Architecture (CRITICAL)43- `arch-avoid-circular-deps` - Avoid circular module dependencies45- `arch-feature-modules` - Organize by feature, not technical layer46- `arch-module-sharing` - Proper module exports/imports, avoid duplicate providers47- `arch-single-responsibility` - Focused services over "god services"48- `arch-use-repository-pattern` - Abstract database logic for testability49- `arch-use-events` - Event-driven architecture for decoupling50### 2. Dependency Injection (CRITICAL)52- `di-avoid-service-locator` - Avoid service locator anti-pattern54- `di-interface-segregation` - Interface Segregation Principle (ISP)55- `di-liskov-substitution` - Liskov Substitution Principle (LSP)56- `di-prefer-constructor-injection` - Constructor over property injection57- `di-scope-awareness` - Understand singleton/request/transient scopes58- `di-use-interfaces-tokens` - Use injection tokens for interfaces59### 3. Error Handling (HIGH)61- `error-use-exception-filters` - Centralized exception handling63- `error-throw-http-exceptions` - Use NestJS HTTP exceptions64- `error-handle-async-errors` - Handle async errors properly65### 4. Security (HIGH)67- `security-auth-jwt` - Secure JWT authentication69- `security-validate-all-input` - Validate with class-validator70- `security-use-guards` - Authentication and authorization guards71- `security-sanitize-output` - Prevent XSS attacks72- `security-rate-limiting` - Implement rate limiting73### 5. Performance (HIGH)75- `perf-async-hooks` - Proper async lifecycle hooks77- `perf-use-caching` - Implement caching strategies78- `perf-optimize-database` - Optimize database queries79- `perf-lazy-loading` - Lazy load modules for faster startup80### 6. Testing (MEDIUM-HIGH)82- `test-use-testing-module` - Use NestJS testing utilities84- `test-e2e-supertest` - E2E testing with Supertest85- `test-mock-external-services` - Mock external dependencies86### 7. Database & ORM (MEDIUM-HIGH)88- `db-use-transactions` - Transaction management90- `db-avoid-n-plus-one` - Avoid N+1 query problems91- `db-use-migrations` - Use migrations for schema changes92### 8. API Design (MEDIUM)94- `api-use-dto-serialization` - DTO and response serialization96- `api-use-interceptors` - Cross-cutting concerns97- `api-versioning` - API versioning strategies98- `api-use-pipes` - Input transformation with pipes99### 9. Microservices (MEDIUM)101- `micro-use-patterns` - Message and event patterns103- `micro-use-health-checks` - Health checks for orchestration104- `micro-use-queues` - Background job processing105### 10. DevOps & Deployment (LOW-MEDIUM)107- `devops-use-config-module` - Environment configuration109- `devops-use-logging` - Structured logging110- `devops-graceful-shutdown` - Zero-downtime deployments111## How to Use113Read individual rule files for detailed explanations and code examples:115```117rules/arch-avoid-circular-deps.md118rules/security-validate-all-input.md119rules/_sections.md120```121Each rule file contains:123- Brief explanation of why it matters124- Incorrect code example with explanation125- Correct code example with explanation126- Additional context and references127## Full Compiled Document129For the complete guide with all rules expanded: `AGENTS.md`131