Rules Hub

Coding Rules Library

← Back to all rules

Rule priority, scope & exceptions

Use this to align rules with the senior-level structure (P0/P1/P2, scope, exceptions/tradeoffs).

PriorityP1 — maintainability, architecture, long-term qualityScopeUniversal — language-agnostic, broadly applicable

Exceptions / tradeoffs (EN)Iznimke / tradeoffi (HR)

backend ruleP1universalStack: sql

searchsanitizationcorrectnesssql

Do not strip characters that are part of legitimate search input

Sanitizing a search string by removing all non-alphanumerics breaks valid queries (e.g. names with slashes); only escape what the query layer requires.

PR: vinify-backend · org-mining-deep-2026-06Created: Jun 17, 2026

Bad example

Old codetypescript

1	`const term = input.replace(/[^a-z0-9]/gi, ''); // drops '/', accents`

Explanation (EN)

Objašnjenje (HR)

Good example

New codetypescript

1	replacements.searchString = `%${input.toLowerCase()}%`; // parameterized

Explanation (EN)

Objašnjenje (HR)

Login required