Skip to main content

Code Standards & Best Practices

Standards and conventions for Pet Service Management System across backend (NestJS) and frontend (Next.js/React).
TypeScript Strict Mode: All files use strict mode with no implicit any types and null/undefined checking enforced.

TypeScript Conventions

Naming Conventions

  • Use kebab-case for file names: auth.guard.ts, booking.service.ts
  • Feature directories in lowercase: auth/, bookings/, services/
  • Components in PascalCase: DashboardHeader.tsx, LanguageSwitcher.tsx

Type Annotations

Comments & Documentation

Common Type Patterns


Backend (NestJS) Standards

Module Organization

Controllers

Controller Patterns:
  • One controller per module
  • Use decorators: @Controller, @Get, @Post, @Put, @Delete, @Patch
  • Parameters: @Param, @Body, @Query
  • Guards for authentication/authorization
  • Error handling with appropriate HTTP status codes

Services

Service Patterns:
  • Inject PrismaService for database access
  • One responsibility per method
  • Throw appropriate exceptions
  • Return typed responses
  • Use async/await
  • Include relations in queries
  • Add business logic validation

Error Handling


Frontend (React/Next.js) Standards

Component Structure

Page Components

API Clients


Styling Guidelines

Design System Overview

Framework: Tailwind CSS 4 with custom design tokens

Color Palette

Component Patterns


Git & Version Control

Commit Conventions

Format: <type>: <subject> Types:
  • feat: New feature
  • fix: Bug fix
  • refactor: Code refactoring
  • style: Formatting changes
  • test: Testing additions
  • docs: Documentation updates
  • chore: Build or dependency updates
  • perf: Performance improvements
Examples:

Branch Naming

Format: <type>/<short-description> Examples:

Testing Standards

Unit Tests

Coverage Target: 80% minimum

Performance Standards

Backend

  • API response time: < 300ms (p95)
  • Database queries with proper indexing
  • Implement pagination for list endpoints
  • Use select to avoid unnecessary fields
  • Connection pooling configured

Frontend

  • Lazy load components and routes
  • Image optimization with Next.js Image component
  • CSS-in-JS: Minimal runtime overhead
  • Code splitting by route
  • Minimize bundle size

Security Standards

Backend

  • HTTPS/TLS enforced in production
  • CORS configured for specific origins
  • Rate limiting on auth endpoints
  • SQL injection prevention via ORM
  • Password hashing with bcrypt
  • Secure session management

Frontend

  • CSP headers
  • XSS prevention through React escaping
  • CSRF tokens for state-changing operations
  • No sensitive data in localStorage
  • Secure cookie attributes (HttpOnly, Secure)

Accessibility Standards

WCAG 2.1 AA Compliance

  • Semantic HTML elements
  • ARIA labels for interactive components
  • Color contrast ratios 4.5:1 minimum
  • Keyboard navigation support
  • Form labels and error messages
  • Screen reader compatibility

Design Guidelines

View design system

Codebase Summary

Explore project structure

Testing Guide

Learn about testing

Back to Home

Return to homepage