AgentSkillsCN

nestjs-best-practices

NestJS最佳实践与架构模式,助力构建生产就绪的应用程序。在编写、审查或重构NestJS代码时,应使用此技能,以确保模块、依赖注入、安全性和性能等方面遵循恰当的模式。

SKILL.md
--- frontmatter
name: nestjs-best-practices
description: NestJS best practices and architecture patterns for building production-ready applications. This skill should be used when writing, reviewing, or refactoring NestJS code to ensure proper patterns for modules, dependency injection, security, and performance.
license: MIT
metadata:
  author: Kadajett
  version: "1.1.0"

NestJS Best Practices

Comprehensive best practices guide for NestJS applications. Contains 40 rules across 10 categories, prioritized by impact to guide automated refactoring and code generation.

When to Apply

Reference these guidelines when:

  • Writing new NestJS modules, controllers, or services
  • Implementing authentication and authorization
  • Reviewing code for architecture and security issues
  • Refactoring existing NestJS codebases
  • Optimizing performance or database queries
  • Building microservices architectures

Rule Categories by Priority

PriorityCategoryImpactPrefix
1ArchitectureCRITICALarch-
2Dependency InjectionCRITICALdi-
3Error HandlingHIGHerror-
4SecurityHIGHsecurity-
5PerformanceHIGHperf-
6TestingMEDIUM-HIGHtest-
7Database & ORMMEDIUM-HIGHdb-
8API DesignMEDIUMapi-
9MicroservicesMEDIUMmicro-
10DevOps & DeploymentLOW-MEDIUMdevops-

Quick Reference

1. Architecture (CRITICAL)

  • arch-avoid-circular-deps - Avoid circular module dependencies
  • arch-feature-modules - Organize by feature, not technical layer
  • arch-module-sharing - Proper module exports/imports, avoid duplicate providers
  • arch-single-responsibility - Focused services over "god services"
  • arch-use-repository-pattern - Abstract database logic for testability
  • arch-use-events - Event-driven architecture for decoupling

2. Dependency Injection (CRITICAL)

  • di-avoid-service-locator - Avoid service locator anti-pattern
  • di-interface-segregation - Interface Segregation Principle (ISP)
  • di-liskov-substitution - Liskov Substitution Principle (LSP)
  • di-prefer-constructor-injection - Constructor over property injection
  • di-scope-awareness - Understand singleton/request/transient scopes
  • di-use-interfaces-tokens - Use injection tokens for interfaces

3. Error Handling (HIGH)

  • error-use-exception-filters - Centralized exception handling
  • error-throw-http-exceptions - Use NestJS HTTP exceptions
  • error-handle-async-errors - Handle async errors properly

4. Security (HIGH)

  • security-auth-jwt - Secure JWT authentication
  • security-validate-all-input - Validate with class-validator
  • security-use-guards - Authentication and authorization guards
  • security-sanitize-output - Prevent XSS attacks
  • security-rate-limiting - Implement rate limiting

5. Performance (HIGH)

  • perf-async-hooks - Proper async lifecycle hooks
  • perf-use-caching - Implement caching strategies
  • perf-optimize-database - Optimize database queries
  • perf-lazy-loading - Lazy load modules for faster startup

6. Testing (MEDIUM-HIGH)

  • test-use-testing-module - Use NestJS testing utilities
  • test-e2e-supertest - E2E testing with Supertest
  • test-mock-external-services - Mock external dependencies

7. Database & ORM (MEDIUM-HIGH)

  • db-use-transactions - Transaction management
  • db-avoid-n-plus-one - Avoid N+1 query problems
  • db-use-migrations - Use migrations for schema changes

8. API Design (MEDIUM)

  • api-use-dto-serialization - DTO and response serialization
  • api-use-interceptors - Cross-cutting concerns
  • api-versioning - API versioning strategies
  • api-use-pipes - Input transformation with pipes

9. Microservices (MEDIUM)

  • micro-use-patterns - Message and event patterns
  • micro-use-health-checks - Health checks for orchestration
  • micro-use-queues - Background job processing

10. DevOps & Deployment (LOW-MEDIUM)

  • devops-use-config-module - Environment configuration
  • devops-use-logging - Structured logging
  • devops-graceful-shutdown - Zero-downtime deployments

How to Use

Read individual rule files for detailed explanations and code examples:

code
rules/arch-avoid-circular-deps.md
rules/security-validate-all-input.md
rules/_sections.md

Each rule file contains:

  • Brief explanation of why it matters
  • Incorrect code example with explanation
  • Correct code example with explanation
  • Additional context and references

Stack

This skill is tailored for the project's actual stack: Mongoose/MongoDB (not TypeORM), Vitest (not Jest), and @nestjs/mongoose patterns. All code examples use @InjectModel, Model<T>, getModelToken, vi.fn(), and Mongoose aggregation pipelines.