env-schema used

TypeBox schema for config

dotenv option used

No config files

No per-env object

No NODE_ENV conditionals

Config as fastify-plugin

Config decorated on instance

TypeScript declaration merging

Fail-fast on missing vars

No process.env in routes/handlers

@fastify/jwt used

jwtVerify for auth

@node-rs/argon2 used

Argon2 parameters set

Rate limiting on auth routes

Redis backend for rate limit

Redis rationale documented

close-with-grace used

app.close() in shutdown

fp() for auth plugin

Argon2 rationale documented

node:test imported

node --test in package.json

inject() used for requests

t.assert.* used

app.ready() awaited

app.close() in teardown

200 routes tested

404 route tested

Validation error tested

Warehouse filter tested

TypeBox imported

Static type extraction

TypeBoxTypeProvider wired

Response schema on GET /

Response schema on POST /

Response schema on GET /:id

Internal fields stripped

Body validation schema

Enum for category

Schemas in dedicated file

No tech stack summaries

No directory structure

No generic best practices

No tooling-enforced rules

Non-discoverable commands present

Landmines section present

Instructions are actionable

Hierarchical recommendation

Uses recommended sections

Short and high-signal

@fastify/error imported

Custom error types created

@fastify/sensible registered

Sensible helper methods used

Global setErrorHandler registered

Error handler logs with request.log

Structured error response shape

Plugin-scoped error handler

setNotFoundHandler configured

5xx details hidden in prod

@fastify/cors registered

No wildcard CORS origin

CORS credentials enabled

CORS maxAge configured

@fastify/helmet registered

HSTS configured

Content-Security-Policy configured

Frame protection configured

Security documented

No manual security headers

Four doc types present

Tutorial title starts with verb

How-to title is task-framed

Reference entry format

Explanation title is concept-framed

Single type per document

Tutorial has numbered steps

How-to skips background theory

Cross-links between types

Reference avoids instructions

@fastify/oauth2 used

PKCE S256 configured

fastify-plugin wrapper used

JWT validates exp claim

JWT validates iss claim

JWT validates aud claim

Asymmetric signing used

Tokens not in localStorage

No implicit flow

Refresh token rotation

State validation present

gh CLI only

--body-file flag

Explicit --base and --head

CI check wait command

No AI co-authorship

No signing config changes

Structured PR body content

Shell script artifact

Rebase validation step

Temp file cleanup

@fastify/under-pressure registered

maxEventLoopDelay set

pressureHandler sends 503

Additional pressure threshold

async-cache-dedupe imported

cache.define() used

Cache TTL configured

Cache storage type set

Response schemas on all routes

Cached function called in handler

neostandard installed

standard uninstalled

Flat config file

neostandard in config

lint script uses eslint

lint:fix script present

CI uses non-fix run

standard config removed

lint-staged uses eslint

migrate command used

eslint@9 installed

Subsystem prefix

Imperative subject line

No AI co-authorship

core-validate-commit used

Validation passed

Fixes/Refs footer format

No generic signatures

Structured log calls

redact option present

Authorization header redacted

Password/token fields redacted

Censor value set

LOG_LEVEL from env

request.log in handlers

Child logger with context

No console.log usage

No pino-pretty in production logger

@fastify/postgres used

No raw pg in routes

Database plugin uses fp()

Plugin name declared

Repository object per entity

Repositories decorated on instance

Pool max configured

onClose cleanup hook

DATABASE_URL from config/env

Parameterised queries only

snipgrapher init first

Named profile usage

Profile defined in config

Output verification step

Explicit output path and extension

Batch --out-dir flag

Batch --concurrency flag

npx fallback pattern

doctor validation step

Env var override documented

Shell script artifact

dns.resolve* used

No dns.lookup

UV_THREADPOOL_SIZE via env

No process.env assignment

DNS result caching

Cache expiry

Thread pool monitoring

No any types remain

tsc workflow logged

Generics used for containers

Type guards present

Assertion functions use function keyword

Type tests file present

unknown used for external data

No enums introduced

Utility types used appropriately

Call sites still compile

Type stripping usage

import type for type imports

No enums

No namespaces

No constructor parameter properties

.ts import extensions

tsconfig noEmit

tsconfig verbatimModuleSyntax

tsconfig isolatedModules

package.json type module

Node engines field

uv over pip documented

Custom test flags documented

Legacy module landmine documented

Hierarchical AGENTS recommendation

No tech stack summary

No directory overview

Recommended section headings

No generic best practices

Source file evidence

Actionable instructions

No CI-enforced rules

async-cache-dedupe usage

Cache TTL configured

p-limit or p-map usage

Factory function pattern

Named exports

Env-schema or Zod validation

No NODE_ENV branching

No swallowed errors

Error cause chain

@fastify/oauth2 package

fastify-plugin wrapping

PKCE S256 method

State generation uses randomUUID

State validation in checkStateFunction

getAccessTokenFromAuthorizationCodeFlow

HTTPS callbackUri

Tokens stored in session

No raw token logging

No implicit flow

Opaque/branded type definition

Assertion function keyword

Type predicate function

No raw cast without validation

unknown for unvalidated input

Discriminated union

Exhaustiveness check

Before/after illustration

No any in validators

CI lint step present

No --fix in CI

CI lint is required

lint-staged used

lint-staged uses eslint

lint-staged file globs

Node version aligned

lint script in package.json

Flat config file

Fix reserved for local

Batch command used

Glob pattern in batch

Out-dir flag used

Concurrency or manifest flag

Env var for CI defaults

CLI flag for override

Output verification step

Commands and paths documented

SNIPGRAPHER_THEME env var

SNIPGRAPHER_FORMAT env var

SNIPGRAPHER_PROFILE env var

Additional env vars

CLI flag override

Precedence documented

Explicit output path

Output size verification

Npx --yes syntax

Commands logged

Verbose on failure

Config-first pattern

Tech stack removed

Directory overview removed

Generic advice removed

Linter-enforced rule removed

DB-wipe landmine retained

Non-standard tooling retained

Integration test caveat retained

Recommended sections used

No architecture narrative

Result is shorter

No boilerplate header

eslint devDependency

neostandard devDependency

Flat config file

No legacy rc file

neostandard as base

lint script uses eslint

lint:fix script present

ts:true for TypeScript

resolveIgnoresFromGitignore

TS rules scoped to TS files

No duplicate JS/TS rules

close-with-grace usage

Health returns 503 on shutdown

No manual unhandledRejection

pino for logging

pino redact config

Child logger per request

No NODE_ENV

import type usage

.ts import extensions

Hierarchical structure

Scope routing section

No tech stack in root

No directory structure

Recommended section name

CI quirk captured

No generic advice

Source files checked

CLI landmine retained

@fastify/jwt package

Asymmetric algorithm used

exp claim validated

iss claim validated

aud claim validated

onRequest hook pattern

401 with error field

Refresh token rotation

sub claim used

UV_THREADPOOL_SIZE in env

No runtime process.env set

UV_THREADPOOL_SIZE within limit

dns.resolve* replaces lookup

dns.lookup not used in hot path

DNS result caching

Thread pool monitoring

File streaming used

Pool size formula applied

Worker threads for CPU work

--migrate flag used

standard uninstalled

standard config key removed

lint script updated

lint:fix script updated

Flat config file present

No legacy rc file

neostandard devDependency

eslint devDependency

Migration steps separated

Lint runner is eslint

subsystem prefix format

Imperative description

Fixes: footer with full URL

core-validate-commit used

Validation passes

No AI co-authorship lines

No trailing AI attribution

@fastify/oauth2 package

fastify-plugin wrapper

PKCE S256 method

State generation

State validation

Authorization code exchange method

No raw token logging

Session token storage

Correct dependency set

Correct OAuth package

fastify-plugin wrapper

PKCE method S256

State generation with randomUUID

State stored in session

State validated on callback

No token logging

Tokens stored in session

Authorization code flow only