Rules Hub
Coding Rules Library
Rule priority, scope & exceptions
Use this to align rules with the senior-level structure (P0/P1/P2, scope, exceptions/tradeoffs).
Store config in environment variables
Anything that varies per deployment (DB URLs, secrets, external services) must live in env, not code.
Bad example
| 1 | // config.ts |
| 2 | export const config = { |
| 3 | databaseUrl: "postgres://admin:secret@localhost:5432/app", |
| 4 | jwtSecret: "hardcoded-secret", |
| 5 | s3Bucket: "my-prod-bucket" |
| 6 | }; |
Explanation (EN)
Hardcoding secrets and environment-specific values leaks sensitive data and makes deployments painful and error-prone.
Objašnjenje (HR)
Hardkodiranje tajni i vrijednosti specifičnih za okruženje je sigurnosni rizik i otežava deploy (i povećava šansu greške).
Good example
| 1 | // config.ts |
| 2 | function requireEnv(name: string): string { |
| 3 | const value = process.env[name]; |
| 4 | if (!value) throw new Error(`Missing env var: ${name}`); |
| 5 | return value; |
| 6 | } |
| 7 |
|
| 8 | export const config = { |
| 9 | databaseUrl: requireEnv("DATABASE_URL"), |
| 10 | jwtSecret: requireEnv("JWT_SECRET"), |
| 11 | s3Bucket: process.env.S3_BUCKET ?? null |
| 12 | }; |
Explanation (EN)
Keeping config in env makes the same codebase deployable to dev/staging/prod with only configuration changes.
Objašnjenje (HR)
Držanje configa u env varijablama omogućuje da isti codebase ide u dev/staging/prod uz samo promjenu konfiguracije.
Exceptions / Tradeoffs (EN)
A config file is OK only if you can switch it per deployment without changing code (e.g., env points to a file path).
Iznimke / Tradeoffi (HR)
Config datoteka je OK samo ako se može mijenjati po deploymentu bez promjene koda (npr. env pokazuje na putanju datoteke).