Rules Hub
Coding Rules Library
← Back to all rules
Rule priority, scope & exceptions
Use this to align rules with the senior-level structure (P0/P1/P2, scope, exceptions/tradeoffs).
backend ruleP0universalStack: Node
securitysecretslogging
Do not embed credentials in a connection URL string
Pass username/password via dedicated client options instead of interpolating them into a connection URL, which can leak into logs and error messages.
PR: hegnar-ws · org-mining-hist-2026-06Created: Jun 18, 2026
Bad example
Old codetypescript
| 1 | createClient({ url: `redis://${user}:${pass}@${host}:${port}` }); |
Explanation (EN)
Objašnjenje (HR)
Good example
New codetypescript
| 1 | createClient({ |
| 2 | socket: { host, port }, |
| 3 | username: user, |
| 4 | password: pass, |
| 5 | }); |
Explanation (EN)
Objašnjenje (HR)