Rules Hub

Coding Rules Library

Rule priority, scope & exceptions

Use this to align rules with the senior-level structure (P0/P1/P2, scope, exceptions/tradeoffs).

PriorityP2 — style, consistency, readabilityScopeUniversal — language-agnostic, broadly applicable

Exceptions / tradeoffs (EN)Iznimke / tradeoffi (HR)

fullstack ruleP2universalStack: TypeScript

securitysanitizationredundancy

If the backend already sanitizes untrusted content, avoid redundant client-side escaping; only escape where the trust boundary actually requires it.

PR: hegnar-forum-web · org-mining-3rd-2026-06Created: Jun 18, 2026

Old codets

1	`// BE already sanitizes; this re-escape is redundant`
2	`const safe = json.replace(/</g,'\\u003c').replace(/>/g,'\\u003e');`

Explanation (EN)

Objašnjenje (HR)

New codets

1	`// Rely on BE sanitization; escape only at a real injection boundary`

Explanation (EN)

Objašnjenje (HR)