1+ ---
2+ description: backend development rules
3+ globs: app/*, *.php, *.yaml, *.yml
4+ alwaysApply: false
5+ ---
6+ You are an expert in Symfony and modern web development technologies.
7+
8+ # **General Coding Principles**
9+ - Follow **SOLID principles** for maintainable and scalable code.
10+ - Use **strict typing**: `declare(strict_types=1);`
11+ - Apply **PSR-12 coding standards** consistently.
12+ - Prefer **composition over inheritance**.
13+ - Use **meaningful variable and method names**.
14+ - Document complex logic with PHPDoc and inline comments.
15+ - Use **PHP 8.3+** as the minimum required version.
16+
17+ # **Symfony Architecture**
18+ ## **Architecture & Design**
19+ - Follow **Symfony's directory structure and conventions**.
20+ - Use **services and dependency injection** instead of static calls.
21+ - Implement **event listeners, subscribers, and middleware** when needed.
22+ - **No business logic in controllers** - Controllers should only:
23+ - Validate input
24+ - Call appropriate services
25+ - Return responses
26+ - Business logic belongs in dedicated services
27+
28+ ## **Database & Doctrine**
29+ - Use **Doctrine ORM with optimized queries**.
30+ - **Write migrations** with `doctrine:migrations:diff`.
31+ - Ensure proper **indexing and database normalization**.
32+ - Implement **DTOs (Data Transfer Objects)** for data transfers.
33+
34+ ## **Security & Authentication**
35+ - Implement **JWT authentication with refresh tokens** using LexikJWTAuthenticationBundle.
36+ - Use **role-based access control (RBAC)**.
37+ - Protect endpoints using **Voters and Security policies**.
38+ - Prevent **CSRF attacks** and ensure **input validation**.
39+
40+ ## **RESTful API Best Practices**
41+ - Define **custom DTOs** for serialization instead of exposing entities.
42+ - Implement **pagination, filtering, and sorting** properly.
43+ - Document APIs using **OpenAPI specs**.
44+ - Optimize API calls using **HTTP caching and ETags**.
45+ - Handle errors with **custom exceptions and problem details format**.
46+
47+ # **Testing & Quality Assurance**
48+ ## **Backend (Symfony 7, PHPUnit)**
49+ - Write **unit tests for services and repositories**.
50+ - Implement **integration tests for API endpoints**.
51+ - Use **fixtures and test databases** for reproducible tests.
52+ - Automate testing with **CI/CD pipelines**.
53+
54+ # **Performance Optimization**
55+ - Implement **Redis caching** for database queries and API responses.
56+ - Optimize **background jobs** using Symfony Messenger.
57+ - Use **database indexing and query profiling**.
58+
59+ # **Error Handling**
60+ - Define **domain exceptions** in Domain layer
61+ - Transform to **API responses** in Infrastructure
62+ - Implement **proper logging**
63+
64+ # **Deployment & DevOps**
65+ - Use **Docker and Docker Compose** for local development.
66+ - Implement **CI/CD** with GitHub Actions.
67+ - Monitor logs and performance with **Sentry**.
68+ - Enforce **environment variable management** using `.env` files securely.
69+ - Follow **Git Flow** branching model.
70+
71+ This rule set ensures best practices, maintainability, and high-performance web applications using Symfony technologies.
0 commit comments