Aller au contenu principal

Project Documentation Request - Generic Template

Context​

[Describe your project in 2-3 paragraphs: what problem it solves, who it's for, and the high-level vision]

Deliverables Requested​

Generate two complete documents:

  1. PRD (Product Requirements Document)
  2. Architecture Document

PART 1: PRD (Product Requirements Document)

1. Executive Summary​

  • Vision statement (1 paragraph)
  • Problem being solved
  • Target market and users
  • Unique value proposition

2. User Personas (2-4 personas)​

For each persona:

  • Name, role, demographics
  • Technical proficiency level
  • Goals and motivations
  • Pain points and frustrations
  • How our solution helps them
  • Devices and contexts of use

3. Scope Definition​

3.1 In Scope (MVP)​

  • Core features required for launch
  • Minimum viable functionality per module

3.2 In Scope (v1)​

  • Features for first major release post-MVP

3.3 Out of Scope​

  • Explicitly excluded features with reasoning

3.4 Future Considerations (v2+)​

  • Roadmap items for future releases

4. Functional Requirements​

Organized by module/area:

4.1 Authentication & Authorization​

  • Sign up methods (email, OAuth providers)
  • Sign in / Sign out
  • Password reset flow
  • Session management
  • Role-based access levels

4.2 Core Features​

For each feature:

  • Description
  • User story
  • Acceptance criteria
  • Priority (P0/P1/P2)
  • Dependencies

4.3 Admin / Back-office Features​

  • User management
  • Content management
  • Analytics dashboard
  • Configuration settings

4.4 Integrations​

  • Third-party services required
  • Data sync requirements
  • Webhook needs

4.5 Automation Workflows​

  • Triggered automations (events)
  • Scheduled automations (cron)
  • User-initiated automations
  • Integration automations

5. Non-Functional Requirements​

5.1 Performance​

  • Page load time targets (initial, subsequent)
  • Time to interactive
  • API response time targets
  • Concurrent user capacity
  • Database query performance

5.2 Availability​

  • Uptime target (99.9%, 99.99%)
  • Maintenance window policy
  • Disaster recovery requirements
  • Backup frequency

5.3 Scalability​

  • Expected growth trajectory
  • Peak load handling
  • Geographic distribution needs

6. Security Requirements​

6.1 Compliance​

  • Regulatory standards (GDPR, SOC2, HIPAA, PCI-DSS)
  • Data residency requirements
  • Audit requirements

6.2 Authentication & Access​

  • Password policy (length, complexity, rotation)
  • MFA requirements
  • Session timeout policy
  • Failed login handling

6.3 Data Protection​

  • Data classification levels
  • Encryption requirements
  • PII handling rules
  • Right to deletion (GDPR Article 17)
  • Data retention policy

6.4 Audit & Logging​

  • Actions requiring audit logs
  • Log retention period
  • Access to audit logs

7. SEO Requirements​

7.1 Search Strategy​

  • Target keywords and search intent
  • Competitor benchmarks
  • Content strategy alignment

7.2 Technical SEO​

  • URL structure requirements
  • Meta tags (title, description, OG, Twitter cards)
  • Structured data / Schema.org types needed
  • Canonical URL strategy
  • Hreflang for multi-language
  • Sitemap requirements (static, dynamic)
  • Robots.txt rules

7.3 Performance SEO​

  • Core Web Vitals targets:
    • LCP (Largest Contentful Paint): < 2.5s
    • FID (First Input Delay): < 100ms
    • CLS (Cumulative Layout Shift): < 0.1
  • Mobile-first indexing compliance
  • Page speed targets

8. UX Requirements​

8.1 User Journeys​

For each key flow, document:

  • Entry points
  • Steps to completion
  • Success criteria
  • Error handling
  • Edge cases

Key journeys to document:

  • First-time user onboarding
  • Core task completion
  • Error recovery
  • Account management

8.2 Information Architecture​

  • Site map / navigation structure
  • Content hierarchy
  • Search functionality requirements

8.3 Accessibility​

  • WCAG compliance level (2.1 AA or AAA)
  • Screen reader support
  • Keyboard navigation
  • Color contrast requirements
  • Focus management
  • ARIA requirements

8.4 Internationalization (i18n)​

  • Supported languages
  • RTL language support
  • Date/time/currency formatting
  • Translation workflow

8.5 Interaction Patterns​

  • Loading states and feedback
  • Empty states
  • Error messages (tone, format)
  • Success confirmations
  • Undo capabilities

9. UI Requirements​

9.1 Brand & Visual Identity​

  • Brand guidelines reference
  • Logo usage rules
  • Brand voice and tone

9.2 Design System​

  • Typography scale
  • Color system (primary, secondary, semantic)
  • Spacing system
  • Border radius, shadows
  • Light/dark mode requirements

9.3 Component Requirements​

  • Component library choice or custom
  • Key components needed
  • Responsive breakpoints
  • Touch target sizes (mobile)

9.4 Motion & Animation​

  • Animation philosophy (subtle, expressive)
  • Transition timing
  • Loading animations
  • Micro-interactions

10. Quality Requirements​

10.1 Test Coverage Targets​

Test TypeCoverage Target
Unit tests80%+
Integration testsCritical paths
E2E testsAll user journeys
Visual regressionUI components
AccessibilityWCAG compliance
PerformanceCore Web Vitals

10.2 Browser & Device Support​

BrowserVersions
ChromeLast 2
FirefoxLast 2
SafariLast 2
EdgeLast 2
Mobile SafariiOS 14+
Chrome AndroidLast 2

10.3 Critical Test Scenarios​

  • List user flows requiring mandatory e2e coverage
  • Regression scenarios
  • Edge cases to cover

11. User Stories​

Format: "As a [persona], I want to [action] so that [benefit]"

For each story include:

  • ID (US-001)
  • Priority (P0/P1/P2)
  • Persona
  • Story
  • Acceptance criteria
  • Dependencies
  • Notes

11.1 Authentication Stories​

[List stories]

11.2 Core Feature Stories​

[List stories]

11.3 Admin Stories​

[List stories]

11.4 Automation Stories​

[List stories]

12. Success Metrics​

12.1 Business KPIs​

MetricTargetMeasurement MethodTimeline
[e.g., User signups][e.g., 1000/month][e.g., Analytics][e.g., 3 months]

12.2 Product KPIs​

MetricTargetMeasurement Method
Task completion rate>90%Analytics
Time to complete core task<2 minAnalytics
User satisfaction (NPS)>50Surveys

12.3 Technical KPIs​

MetricTarget
Uptime99.9%
Error rate<0.1%
p95 latency<500ms
Core Web VitalsAll green

13. Risks & Mitigations​

IDRiskProbabilityImpactMitigationOwner
R1[Description]High/Med/LowHigh/Med/Low[Strategy][Role]

14. Dependencies​

14.1 External Dependencies​

  • Third-party services
  • APIs
  • Vendor contracts

14.2 Internal Dependencies​

  • Other teams/projects
  • Shared resources
  • Approvals needed

15. Timeline & Milestones​

MilestoneTarget DateDeliverablesSuccess Criteria
MVP[Date][List][Criteria]
Beta[Date][List][Criteria]
v1 Launch[Date][List][Criteria]

PART 2: Architecture Document

1. System Overview​

1.1 High-Level Architecture​

[Provide mermaid diagram]

graph TB
    subgraph Client
        Web[Web App]
        Mobile[Mobile Web]
    end

    subgraph Edge
        CDN[CDN]
        WAF[WAF]
    end

    subgraph Application
        FE[Frontend - Next.js]
        API[API Routes]
        Auth[Auth Service]
    end

    subgraph Data
        DB[(PostgreSQL)]
        Cache[(Redis)]
        Storage[Object Storage]
    end

    subgraph External
        Email[Email Service]
        Payment[Payment Provider]
        Analytics[Analytics]
    end

    subgraph Automation
        Workflows[n8n / Automation]
        Queue[Job Queue]
    end

    Web --> CDN --> FE
    FE --> API
    API --> Auth
    API --> DB
    API --> Cache
    API --> Workflows

1.2 Component Inventory​

ComponentPurposeTechnology
[Name][Purpose][Tech]

1.3 Data Flow Overview​

[Describe how data flows through the system]

2. Technology Stack​

For each decision, provide:

  • Technology selected
  • Alternatives considered
  • Rationale
  • Trade-offs accepted

2.1 Frontend​

LayerTechnologyRationale
FrameworkNext.js 15SSR, App Router, React Server Components
StylingTailwind CSSUtility-first, design tokens
Componentsshadcn/uiAccessible, customizable
StateZustand / React QueryLightweight, server state
FormsReact Hook Form + ZodValidation, performance

2.2 Backend​

LayerTechnologyRationale
RuntimeNode.jsEcosystem, team expertise
APINext.js API RoutesColocation, serverless
ValidationZodType-safe, runtime validation
ORMPrisma / DrizzleType safety, migrations

2.3 Database​

TypeTechnologyRationale
PrimaryPostgreSQL (Supabase)ACID, JSON support, managed
CacheRedis (Upstash)Session, rate limiting
Search[if needed][rationale]

2.4 Authentication​

AspectTechnologyRationale
ProviderSupabase Auth / NextAuthOAuth, JWT, session management
SessionJWT + HTTP-only cookiesSecurity, stateless

2.5 Infrastructure​

AspectTechnologyRationale
HostingVercelEdge, preview deployments
CDNVercel Edge NetworkGlobal, automatic
StorageS3 / Supabase StorageScalable, cheap
DNSCloudflareDDoS protection

2.6 Automation​

AspectTechnologyRationale
Workflowsn8n (self-hosted) / InngestVisual, extensible
SchedulingVercel Cron / n8nServerless-friendly
QueuesInngest / BullMQRetries, observability

2.7 Monitoring & Observability​

AspectTechnologyRationale
Error TrackingSentryStack traces, context
AnalyticsPostHogProduct analytics, self-host option
LoggingAxiom / DatadogStructured, searchable
UptimeBetter UptimeAlerting, status page

2.8 CI/CD​

AspectTechnologyRationale
CIGitHub ActionsNative, free for public
CDVercelAutomatic, preview
Code QualityESLint, Prettier, HuskyConsistency

3. Component Architecture​

3.1 Frontend Components​

src/
β”œβ”€β”€ app/                    # Next.js App Router
β”‚   β”œβ”€β”€ (auth)/            # Auth routes group
β”‚   β”œβ”€β”€ (dashboard)/       # Dashboard routes group
β”‚   β”œβ”€β”€ (marketing)/       # Public pages
β”‚   β”œβ”€β”€ api/               # API routes
β”‚   └── layout.tsx         # Root layout
β”œβ”€β”€ components/
β”‚   β”œβ”€β”€ ui/                # Base UI components (shadcn)
β”‚   β”œβ”€β”€ features/          # Feature-specific components
β”‚   β”œβ”€β”€ layouts/           # Layout components
β”‚   └── providers/         # Context providers
β”œβ”€β”€ lib/
β”‚   β”œβ”€β”€ api/               # API client functions
β”‚   β”œβ”€β”€ hooks/             # Custom React hooks
β”‚   β”œβ”€β”€ utils/             # Utility functions
β”‚   └── validations/       # Zod schemas
β”œβ”€β”€ types/                 # TypeScript types
└── styles/                # Global styles

3.2 API Structure​

src/app/api/
β”œβ”€β”€ auth/
β”‚   β”œβ”€β”€ login/route.ts
β”‚   β”œβ”€β”€ logout/route.ts
β”‚   └── register/route.ts
β”œβ”€β”€ users/
β”‚   β”œβ”€β”€ route.ts           # GET (list), POST (create)
β”‚   └── [id]/route.ts      # GET, PATCH, DELETE
β”œβ”€β”€ [resource]/
β”‚   └── ...
└── webhooks/
    β”œβ”€β”€ stripe/route.ts
    └── [provider]/route.ts

3.3 Component Specifications​

For each major component:

ComponentResponsibilityInputsOutputsDependencies
AuthProviderManage auth statechildrenuser contextSupabase
DataTableDisplay paginated datadata, columnsselection, actionsReact Query
[Component][Responsibility][Inputs][Outputs][Deps]

4. Data Architecture​

4.1 Entity-Relationship Diagram​

erDiagram
    User ||--o{ Account : has
    User ||--o{ Session : has
    User ||--o{ Order : places
    User {
        uuid id PK
        string email UK
        string name
        enum role
        timestamp created_at
        timestamp updated_at
    }

    Account {
        uuid id PK
        uuid user_id FK
        string provider
        string provider_account_id
    }

    Session {
        uuid id PK
        uuid user_id FK
        string token
        timestamp expires_at
    }

    Order ||--|{ OrderItem : contains
    Order {
        uuid id PK
        uuid user_id FK
        enum status
        decimal total
        timestamp created_at
    }

    OrderItem {
        uuid id PK
        uuid order_id FK
        uuid product_id FK
        int quantity
        decimal price
    }

    Product {
        uuid id PK
        string name
        text description
        decimal price
        boolean active
    }

4.2 Database Schema​

[Provide complete schema with types, constraints, indexes]

4.3 Data Validation Rules​

EntityFieldValidation
UseremailValid email, unique
UserpasswordMin 8 chars, complexity
OrdertotalPositive decimal

4.4 Migration Strategy​

  • Use Prisma/Drizzle migrations
  • Version control all migrations
  • Test migrations on staging before production
  • Rollback procedures for each migration

5. API Design​

5.1 API Conventions​

AspectConvention
FormatREST with JSON
VersioningURL prefix (/api/v1) or none for internal
AuthenticationBearer token in Authorization header
PaginationCursor-based (?cursor=xxx&limit=20)
FilteringQuery params (?status=active)
Sorting?sort=created_at&order=desc
ErrorsRFC 7807 Problem Details

5.2 Endpoint Inventory​

MethodEndpointPurposeAuth Required
POST/api/auth/loginUser loginNo
POST/api/auth/registerUser registrationNo
GET/api/users/meGet current userYes
GET/api/[resource]List resourcesYes
POST/api/[resource]Create resourceYes
GET/api/[resource]/[id]Get resourceYes
PATCH/api/[resource]/[id]Update resourceYes
DELETE/api/[resource]/[id]Delete resourceYes (Admin)

5.3 Error Response Format​

{
  "type": "https://api.example.com/errors/validation",
  "title": "Validation Error",
  "status": 400,
  "detail": "The request body contains invalid fields",
  "instance": "/api/users",
  "errors": [
    {
      "field": "email",
      "message": "Invalid email format"
    }
  ]
}

5.4 Rate Limiting​

Endpoint TypeLimitWindow
Public (auth)10 requests1 minute
Authenticated100 requests1 minute
Admin500 requests1 minute
Webhooks1000 requests1 minute

6. Security Architecture​

6.1 Authentication Flow​

sequenceDiagram
    participant U as User
    participant F as Frontend
    participant A as API
    participant D as Database
    participant E as Email

    U->>F: Enter credentials
    F->>A: POST /auth/login
    A->>D: Validate credentials
    D-->>A: User data
    A->>A: Generate JWT
    A-->>F: Set HTTP-only cookie
    F-->>U: Redirect to dashboard

6.2 Authorization Model​

RolePermissions
GuestView public content
UserCRUD own resources
AdminFull access
Super AdminSystem configuration

6.3 Security Measures​

ThreatMitigation
XSSCSP headers, output encoding, React's built-in escaping
CSRFSameSite cookies, CSRF tokens for mutations
SQL InjectionParameterized queries (ORM), input validation
Auth attacksRate limiting, bcrypt, secure session handling
Data exposureField-level authorization, response filtering
ClickjackingX-Frame-Options, CSP frame-ancestors

6.4 Security Headers​

const securityHeaders = {
  'Content-Security-Policy': "default-src 'self'; ...",
  'X-Frame-Options': 'DENY',
  'X-Content-Type-Options': 'nosniff',
  'Referrer-Policy': 'strict-origin-when-cross-origin',
  'Permissions-Policy': 'camera=(), microphone=(), geolocation=()',
  'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
};

6.5 Secret Management​

  • Environment variables via Vercel/hosting provider
  • No secrets in code or version control
  • Rotation policy for API keys
  • Separate secrets per environment

6.6 Dependency Security​

  • Dependabot / Renovate for updates
  • npm audit in CI pipeline
  • Lock file integrity checks
  • SBOM generation

7. SEO Architecture​

7.1 Rendering Strategy​

Page TypeRenderingCachingRationale
Marketing pagesSSGCDN, revalidate dailyStatic content, max performance
Blog postsSSG + ISRCDN, revalidate on publishContent updates periodically
DashboardCSRNonePrivate, dynamic
Product pagesSSRCDN, stale-while-revalidateSEO + fresh data

7.2 Meta Tag Strategy​

// Dynamic meta generation
export async function generateMetadata({ params }): Promise<Metadata> {
  const page = await getPage(params.slug);
  return {
    title: page.seoTitle || page.title,
    description: page.seoDescription,
    openGraph: {
      title: page.ogTitle,
      description: page.ogDescription,
      images: [page.ogImage],
    },
    twitter: {
      card: 'summary_large_image',
    },
  };
}

7.3 Structured Data​

Page TypeSchema Types
HomepageOrganization, WebSite
ProductProduct, Offer, Review
BlogArticle, BreadcrumbList
FAQFAQPage

7.4 Technical SEO Implementation​

AspectImplementation
SitemapDynamic generation at /sitemap.xml
Robots.txtStatic at /robots.txt
Canonical URLsAutomatic via Next.js metadata
Image optimizationNext.js Image component, WebP/AVIF
Core Web VitalsLighthouse CI in pipeline

8. Frontend Architecture​

8.1 Design System Implementation​

// tailwind.config.ts
const config = {
  theme: {
    extend: {
      colors: {
        primary: { /* scale */ },
        secondary: { /* scale */ },
        destructive: { /* scale */ },
        // semantic tokens
      },
      fontFamily: {
        sans: ['Inter', 'sans-serif'],
        mono: ['JetBrains Mono', 'monospace'],
      },
      spacing: { /* custom scale */ },
      borderRadius: {
        DEFAULT: '0.5rem',
        // ...
      },
    },
  },
};

8.2 Theme System​

// Light/dark mode with CSS variables
:root {
  --background: 0 0% 100%;
  --foreground: 222.2 84% 4.9%;
  // ...
}

.dark {
  --background: 222.2 84% 4.9%;
  --foreground: 210 40% 98%;
  // ...
}

8.3 Accessibility Implementation​

RequirementImplementation
Keyboard navigationFocus visible, skip links, focus trap in modals
Screen readersSemantic HTML, ARIA labels, live regions
Color contrastWCAG AA minimum (4.5:1 text, 3:1 UI)
Reduced motionprefers-reduced-motion media query
Form accessibilityLabels, error messages, field descriptions

8.4 Performance Optimization​

TechniqueImplementation
Code splittingNext.js automatic + dynamic imports
Image optimizationnext/image with blur placeholders
Font optimizationnext/font with preload
Bundle analysis@next/bundle-analyzer
PrefetchingLink prefetch, route prefetch

9. Testing Architecture​

9.1 Test Pyramid​

         /\
        /  \        E2E Tests (Playwright)
       /----\       - Critical user journeys
      /      \      - 10-20 tests
     /--------\
    /          \    Integration Tests (Vitest + Testing Library)
   /------------\   - API routes, component integration
  /              \  - 50-100 tests
 /----------------\
/                  \ Unit Tests (Vitest)
                    - Utility functions, hooks, validation
                    - 200+ tests

9.2 Testing Stack​

Test TypeToolLocation
UnitVitest*.test.ts alongside source
ComponentVitest + Testing Library*.test.tsx
IntegrationVitest + MSWsrc/test/integration/
E2EPlaywrighte2e/
VisualChromatic / PercyCI only
Accessibilityaxe-core + PlaywrightE2E suite
PerformanceLighthouse CICI only

9.3 Test Configuration​

// vitest.config.ts
export default defineConfig({
  test: {
    environment: 'jsdom',
    globals: true,
    setupFiles: ['./src/test/setup.ts'],
    coverage: {
      provider: 'v8',
      reporter: ['text', 'html', 'lcov'],
      threshold: {
        global: { lines: 80, branches: 80, functions: 80 },
      },
    },
  },
});

9.4 E2E Test Strategy​

// e2e/user-journey.spec.ts
test.describe('User signup and onboarding', () => {
  test('new user can sign up and complete onboarding', async ({ page }) => {
    await page.goto('/signup');
    await page.fill('[name="email"]', 'test@example.com');
    await page.fill('[name="password"]', 'SecurePass123!');
    await page.click('button[type="submit"]');
    await expect(page).toHaveURL('/onboarding');
    // ... complete onboarding steps
    await expect(page).toHaveURL('/dashboard');
  });
});

9.5 Test Data Management​

  • Factory functions for test data
  • Database seeding scripts
  • Isolated test databases
  • Cleanup between tests

9.6 CI Test Pipeline​

# .github/workflows/test.yml
jobs:
  test:
    steps:
      - Checkout
      - Install dependencies
      - Lint (ESLint, TypeScript)
      - Unit & Integration tests (Vitest)
      - Build
      - E2E tests (Playwright)
      - Coverage report
      - Performance audit (Lighthouse)

10. Monitoring & Observability​

10.1 Observability Stack​

graph LR
    App[Application] --> Sentry[Sentry - Errors]
    App --> PostHog[PostHog - Analytics]
    App --> Axiom[Axiom - Logs]
    App --> Vercel[Vercel - Web Vitals]

    Sentry --> Slack[Slack Alerts]
    Axiom --> Slack
    BetterUptime[Better Uptime] --> PagerDuty[PagerDuty]

10.2 Error Tracking (Sentry)​

// sentry.client.config.ts
Sentry.init({
  dsn: process.env.NEXT_PUBLIC_SENTRY_DSN,
  tracesSampleRate: 0.1,
  replaysSessionSampleRate: 0.1,
  replaysOnErrorSampleRate: 1.0,
  integrations: [
    Sentry.replayIntegration(),
    Sentry.browserTracingIntegration(),
  ],
});

10.3 Logging Strategy​

// Structured logging format
const log = {
  level: 'info',
  message: 'User action completed',
  timestamp: '2024-01-15T10:30:00Z',
  context: {
    userId: 'user_123',
    action: 'order_created',
    orderId: 'order_456',
    duration_ms: 234,
  },
  request: {
    method: 'POST',
    path: '/api/orders',
    ip: 'xxx.xxx.xxx.xxx',
  },
};

10.4 Metrics Collection​

MetricTypePurpose
Request durationHistogramAPI performance
Error countCounterError rate
Active usersGaugeCapacity planning
Queue depthGaugeAutomation health
Cache hit ratioGaugeCache effectiveness

10.5 Alerting Strategy​

AlertConditionSeverityChannelAction
High error rate>1% errors in 5minWarningSlackInvestigate
Critical error rate>5% errors in 5minCriticalPagerDutyImmediate
API latencyp99 >2s for 5minWarningSlackInvestigate
DowntimeNo response 30sCriticalPagerDutyImmediate
Workflow failure3 consecutive failuresWarningSlackCheck automation

10.6 Dashboard Requirements​

DashboardMetrics Displayed
OverviewUptime, error rate, active users, response times
API HealthEndpoint latencies, error rates by route
User ActivitySignups, logins, feature usage
AutomationWorkflow runs, success rate, duration
InfrastructureCPU, memory, database connections

10.7 Real User Monitoring (RUM)​

MetricTargetAlert Threshold
LCP<2.5s>4s
FID<100ms>300ms
CLS<0.1>0.25
TTFB<600ms>1.5s

11. Automation Architecture​

11.1 Automation Platform​

AspectChoiceRationale
Platformn8n (self-hosted) or InngestVisual workflows, code fallback
HostingDocker on Railway/RenderCost-effective, easy deploy
TriggersWebhooks, cron, eventsFlexible activation

11.2 Workflow Categories​

CategoryExamplesTrigger
User lifecycleWelcome email, onboarding nudgesEvent
NotificationsOrder updates, remindersEvent
Data syncCRM updates, analytics exportScheduled
MaintenanceCleanup, reportsScheduled
IntegrationsThird-party syncWebhook

11.3 Workflow Design Patterns​

graph LR
    Trigger[Trigger] --> Validate[Validate Input]
    Validate --> Process[Process]
    Process --> Success{Success?}
    Success -->|Yes| Complete[Complete]
    Success -->|No| Retry[Retry Logic]
    Retry --> DLQ[Dead Letter Queue]

11.4 Error Handling​

ScenarioStrategy
Transient failureExponential backoff retry (3 attempts)
Persistent failureMove to dead letter queue, alert
Partial failureTransaction rollback, compensating action
TimeoutCancel, log, alert

11.5 Automation Monitoring​

MetricAlert Condition
Workflow success rate<95% in 1 hour
Execution duration>2x expected
Queue depth>100 pending
Dead letter queueAny items

12. Infrastructure & Deployment​

12.1 Environment Strategy​

EnvironmentPurposeURLData
LocalDevelopmentlocalhost:3000Seed data
PreviewPR reviewpr-123.vercel.appSeed data
StagingPre-productionstaging.example.comAnonymized prod
ProductionLiveexample.comReal data

12.2 Deployment Pipeline​

graph LR
    Push[Git Push] --> CI[CI Checks]
    CI --> Preview[Preview Deploy]
    Preview --> Review[Code Review]
    Review --> Merge[Merge to main]
    Merge --> Staging[Staging Deploy]
    Staging --> Smoke[Smoke Tests]
    Smoke --> Prod[Production Deploy]
    Prod --> Monitor[Monitor]

12.3 Infrastructure as Code​

ResourceTool
Vercel configvercel.json
DatabaseSupabase migrations
DNSTerraform (optional)
SecretsVercel Environment Variables

12.4 Rollback Procedures​

ScenarioAction
Bad deploymentInstant rollback via Vercel UI
Database migration issueRun down migration
Configuration errorRevert environment variable
Third-party outageFeature flag disable

12.5 Backup Strategy​

DataFrequencyRetentionLocation
DatabaseDaily30 daysSupabase automatic
User uploadsReal-timeIndefiniteS3 versioning
Logs-90 daysAxiom
SecretsOn changeVersion historyVercel

13. Development Guidelines​

13.1 Code Organization​

Follow the component/feature colocation pattern:

  • Keep related files together
  • Export public API from index files
  • Use barrel exports sparingly

13.2 Naming Conventions​

TypeConventionExample
ComponentsPascalCaseUserProfile.tsx
UtilitiescamelCaseformatDate.ts
ConstantsSCREAMING_SNAKEMAX_FILE_SIZE
TypesPascalCasetype UserProfile
API routeskebab-caseuser-profile/route.ts
CSS classeskebab-caseuser-profile-card

13.3 Git Workflow​

BranchPurposeNaming
mainProduction-
feature/*New featuresfeature/add-user-profile
fix/*Bug fixesfix/login-redirect
chore/*Maintenancechore/update-deps

13.4 PR Requirements​

  • Descriptive title and description
  • Tests added/updated
  • No TypeScript errors
  • Lint passes
  • Preview deployment works
  • Self-review completed

13.5 Code Review Guidelines​

  • Review within 24 hours
  • Focus on logic, security, performance
  • Use conventional comments (nit:, question:, suggestion:)
  • Approve with minor comments when appropriate

Constraints & Context​

  • Budget range: [specify]
  • Team size: [specify]
  • Timeline: [specify]
  • Existing systems: [list any to integrate]
  • Compliance: [GDPR, SOC2, etc.]
  • Geographic scope: [regions, data residency]

Output Format​

  1. Use markdown with clear hierarchical headers
  2. Include mermaid diagrams for architecture and flows
  3. Use tables for structured information
  4. Provide rationale for all major decisions
  5. Flag assumptions that need validation with [ASSUMPTION]
  6. Mark areas needing user input with [USER INPUT NEEDED]