Csharp Style Guide
Apply this checklist when writing or reviewing C# code.
Trigger Reference
- •Use
references/trigger-matrix.mdas the canonical trigger and co-activation matrix. - •Resolve skill activation from changed files with
python3 scripts/resolve_style_guides.py <changed-path>...when automation is available. - •Validate trigger matrix consistency with
python3 scripts/validate_trigger_matrix_sync.py.
Architecture and module boundaries
Quality Gate Reference
- •Use
references/quality-gate-command-matrix.mdfor CI check-only vs local autofix command mapping.
- •Keep dependency direction explicit: domain -> application -> infrastructure.
- •Isolate side effects (I/O, DB, network) behind interfaces.
- •Keep controllers/handlers thin; move business rules into services.
- •Avoid god classes; split by responsibility and bounded context.
Naming and code structure
- •Use PascalCase for types/methods/properties, camelCase for locals/parameters.
- •Use descriptive names that capture intent, not implementation detail.
- •Keep methods focused; extract private methods for complex branches.
- •Replace magic numbers with named constants including units (
RetryDelayMilliseconds).
Types and data modeling
- •Enable nullable reference types and treat warnings as actionable.
- •Prefer explicit DTO/value objects over
dynamicor loosely typed maps. - •Use
recordfor immutable data where semantics fit. - •Define clear request/response contracts at boundaries.
Error handling and async behavior
- •Throw specific exception types with actionable context.
- •Catch exceptions at boundaries to map behavior intentionally (retry/log/translate/rethrow).
- •Avoid blanket
catch (Exception)unless rethrowing after required logging/cleanup. - •Pass
CancellationTokenthrough async call chains. - •Avoid sync-over-async patterns (
.Result,.Wait()).
Configuration and environment
- •Bind configuration to typed options classes and validate on startup.
- •Fail application startup when required environment variables are missing.
- •Do not assign fallback defaults for required environment variables.
- •Keep secrets in secret stores; do not hardcode credentials.
Security and compliance
- •Validate and sanitize all external input.
- •Use parameterized queries/ORM bindings; never concatenate SQL.
- •Enforce auth/authz checks close to entry points.
- •Avoid logging sensitive data (tokens, passwords, PII).
Performance and resource usage
- •Avoid unnecessary allocations in hot paths; profile before micro-optimizing.
- •Use streaming/pagination for large datasets.
- •Reuse
HttpClientthrough factory patterns. - •Respect cancellation and timeouts for outbound I/O.
Testing and verification
- •Add unit tests for business logic and integration tests for external boundaries.
- •Cover edge cases: nullability, cancellation, timeout, invalid payloads, concurrency.
- •Add regression tests for each fixed bug.
- •Document manual verification when automation is not feasible.
Observability and operations
- •Use structured logs with correlation/request IDs.
- •Emit metrics for latency, errors, and dependency calls.
- •Map errors to stable operational signals (status codes, error codes).
- •Ensure logs and metrics are sufficient for incident triage.
CI required quality gates (check-only)
- •Run
dotnet format --verify-no-changes. - •Run
dotnet build -warnaserror. - •Run
dotnet test. - •Reject changes that hide failures with broad fallbacks.
Optional autofix commands (local)
- •Run
dotnet formatto apply style fixes.