bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-15 07:43:54 +00:00
Code Issues Releases Wiki Activity

Enhance Claude instructions (#6378)

Browse Source 
* Enhance Claude instructions

* Further simplify language
This commit is contained in:
Matt Bishop
2025-09-25 12:37:29 -04:00
committed by GitHub
parent 179684a9e6
commit 222436589c
1 changed files with 43 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
CLAUDE.md
View File

@@ -2,38 +2,30 @@
## Critical Rules ## Critical Rules
- **NEVER** edit: `/bin/`, `/obj/`, `/.git/`, `/.vs/`, `/packages/`, generated migration files - **NEVER** edit: `/bin/`, `/obj/`, `/.git/`, `/.vs/`, `/packages/` which are generated files
- **Security First**: All code changes must prioritize cryptographic integrity and data protection - **NEVER** use code regions: If complexity suggests regions, refactor for better readability
- **Test Coverage**: New features require xUnit unit tests with NSubstitute mocking - **NEVER** compromise zero-knowledge principles: User vault data must remain encrypted and inaccessible to Bitwarden
- **Check CODEOWNERS requirements**: The repo has a `.github/CODEOWNERS` file to define team ownership for different parts of the codebase. Respect that code owners have final authority over their designated areas - **NEVER** log or expose sensitive data: No PII, passwords, keys, or vault data in logs or error messages
- **ALWAYS** use secure communication channels: Enforce confidentiality, integrity, and authenticity
- **ALWAYS** encrypt sensitive data: All vault data must be encrypted at rest, in transit, and in use
- **ALWAYS** prioritize cryptographic integrity and data protection
- **ALWAYS** add unit tests (with mocking) for any new feature development
## Project Context ## Project Context
**Architecture**: CQRS pattern with feature-based organization - **Architecture**: Feature and team-based organization
**Framework**: .NET 8.0, ASP.NET Core - **Framework**: .NET 8.0, ASP.NET Core
**Database**: SQL Server primary, EF Core supports PostgreSQL, MySQL/MariaDB, SQLite - **Database**: SQL Server primary, EF Core supports PostgreSQL, MySQL/MariaDB, SQLite
**Testing**: xUnit, NSubstitute - **Testing**: xUnit, NSubstitute
**Container**: Docker, Docker Compose, Kubernetes/Helm deployable - **Container**: Docker, Docker Compose, Kubernetes/Helm deployable
## Development Standards ## Project Structure
### CQRS Pattern - **Source Code**: `/src/` - Services and core infrastructure
- **Tests**: `/test/` - Test logic aligning with the source structure, albeit with a `.Test` suffix
- Commands: `/src/Core/[Feature]/Commands/` - **Utilities**: `/util/` - Migration tools, seeders, and setup scripts
- Queries: `/src/Core/[Feature]/Queries/` - **Dev Tools**: `/dev/` - Local development helpers
- Handlers implement `ICommandHandler<T>` or `IQueryHandler<T>` - **Configuration**: `appsettings.{Environment}.json`, `/dev/secrets.json` for local development
### API Conventions
- RESTful endpoints with standard HTTP status codes
- Consistent error response: `{ "error": { "message": "..." } }`
- Pagination: `?skip=0&take=25`
- API versioning: `/api/v1/`
### Database Migrations
- **SQL Server**: Manual scripts in `/util/Migrator/DbScripts/`
- **Other DBs**: EF Core migrations via `pwsh ef_migrate.ps1`
## Security Requirements ## Security Requirements
@@ -42,20 +34,39 @@
- **Validation**: Input sanitization, parameterized queries, rate limiting - **Validation**: Input sanitization, parameterized queries, rate limiting
- **Logging**: Structured logs, no PII/sensitive data in logs - **Logging**: Structured logs, no PII/sensitive data in logs
## Common Commands
- **Build**: `dotnet build`
- **Test**: `dotnet test`
- **Run locally**: `dotnet run --project src/Api`
- **Database update**: `pwsh dev/migrate.ps1`
- **Generate OpenAPI**: `pwsh dev/generate_openapi_files.ps1`
## Code Review Checklist ## Code Review Checklist
- Security impact assessed - Security impact assessed
- xUnit tests added/updated - xUnit tests added / updated
- Performance impact considered - Performance impact considered
- Error handling implemented - Error handling implemented
- Breaking changes documented - Breaking changes documented
- CI passes: build, test, lint - CI passes: build, test, lint
- Feature flags considered for new features
- CODEOWNERS file respected
### Key Architectural Decisions
- Use .NET nullable reference types (ADR 0024)
- TryAdd dependency injection pattern (ADR 0026)
- Authorization patterns (ADR 0022)
- OpenTelemetry for observability (ADR 0020)
- Log to standard output (ADR 0021)
## References ## References
- [Architecture](https://contributing.bitwarden.com/architecture/server/) - [Server architecture](https://contributing.bitwarden.com/architecture/server/)
- [Contributing Guidelines](https://contributing.bitwarden.com/contributing/) - [Architectural Decision Records (ADRs)](https://contributing.bitwarden.com/architecture/adr/)
- [Setup Guide](https://contributing.bitwarden.com/getting-started/server/guide/) - [Contributing guidelines](https://contributing.bitwarden.com/contributing/)
- [Code Style](https://contributing.bitwarden.com/contributing/code-style/) - [Setup guide](https://contributing.bitwarden.com/getting-started/server/guide/)
- [Code style](https://contributing.bitwarden.com/contributing/code-style/)
- [Bitwarden security whitepaper](https://bitwarden.com/help/bitwarden-security-white-paper/) - [Bitwarden security whitepaper](https://bitwarden.com/help/bitwarden-security-white-paper/)
- [Bitwarden security definitions](https://contributing.bitwarden.com/architecture/security/definitions) - [Bitwarden security definitions](https://contributing.bitwarden.com/architecture/security/definitions)