bluewave-labs · mahid797 · Sep 25, 2025 · Aug 18, 2025 · Aug 18, 2025 · Aug 18, 2025
@@ -0,0 +1,161 @@
+# yaml-language-server: $schema=https://storage.googleapis.com/coderabbit_public_assets/schema.v2.json
+
+language: en-US
+early_access: false
+enable_free_tier: true
+
+reviews:
+  # Tone & automation
+  profile: assertive
+  auto_review:
+    base_branches:
+      - 'dev'
+      - 'master'
+    enabled: true
+    drafts: false
+
+  # Reviewers & labels
+  suggested_reviewers: true
+  auto_assign_reviewers: true
+  suggested_labels: true
+  auto_apply_labels: true
+
+  # Status handling
+  fail_commit_status: true
+
+  # Additional review features
+  high_level_summary: true
+  changed_files_summary: true
+  sequence_diagrams: true
+
+  # Focus CR on the meaningful parts of the repo
+  path_filters:
+    - 'src/**'
+    - 'prisma/**'
+    - 'docker/**'
+    - 'scripts/**'
+    - 'docs/**'
+    - 'README.md'
+    - '!public/assets/**'
+    - '!.next/**'
+    - '!**/*.tsbuildinfo'
+
+  # Apply house rules per area
+  path_instructions:
+    - path: 'src/app/[(]server[)]/api/**/route.ts'
+      instructions: >
+        Keep route handlers thin: validate with Zod (shared schemas), call a Service,
+        then return a typed response. Do NOT import prisma/redis or perform business logic here.
+        Example: parse with a schema from src/lib/validation/** and call a function in
+        src/app/(server)/services/** that returns typed data.
+    - path: 'src/app/[(]server[)]/services/**'
+      instructions: >
+        All business logic lives here. No Request/Response/cookies; accept plain inputs
+        and return typed results. Reuse shared types and Zod schemas from src/lib/validation/**.
+        Keep services framework-agnostic and unit-testable.
+    - path: 'src/lib/validation/**'
+      instructions: >
+        Define Zod schemas and infer types via z.infer. Avoid duplicate shapes; export
+        schemas for reuse in Services and API routes. Co-locate schema files by domain.
+    - path: 'src/app/[(]client[)]/**'
+      instructions: >
+        Use TanStack Query hooks for server data (no inline fetches in components).
+        Import query keys from src/lib/queryKeys.ts (canonical). Keep components presentational;
+        Tailwind-first styling. Example: import { keys } from 'src/lib/queryKeys' and call
+        a typed hook rather than fetch in the component.
+    - path: 'src/shadcn-ui/**'
+      instructions: >
+        Generated shadcn primitives. Do not modify these files. Create wrapper or
+        derivative components under src/app/(client)/components/** and compose from
+        the shadcn primitives instead.
+    - path: 'prisma/**'
+      instructions: >
+        If schema changes, include proper Prisma migration(s) and update seed/types.
+        Avoid schema edits without migrations.
+    - path: 'src/db/prisma.ts'
+      instructions: >
+        Prisma client must be a singleton and server-only. Do not import in client code.
+    - path: 'scripts/**'
+      instructions: >
+        Tooling only (env/db/ops). No app business logic.
+    - path: 'src/lib/queryKeys.ts'
+      instructions: >
+        Canonical source for TanStack Query keys. Add new keys here and import
+        from this module across the client instead of ad-hoc arrays.
+    - path: 'docker/**'
+      instructions: >
+        Ensure env parity with env/.env.example. Prefer minimal, portable changes.
+    - path: 'docs/**'
+      instructions: >
+        Keep Development Guide aligned with current directory structure and conventions.
+        Update docs when APIs/routes/schemas change.
+    - path: 'src/middleware.ts'
+      instructions: >
+        Global middleware for auth/guards/request shaping only. No business logic.
+    - path: 'src/lib/middleware/**'
+      instructions: >
+        Shared middleware helpers. Keep lean; no business logic or side effects.
+
+  # Teach CR how to label PRs for this repo (array of objects)
+  labeling_instructions:
+    - {
+        label: '🛠 Backend',
+        instructions: 'Apply to changes under src/app/(server)/**, src/db/**, or prisma/**.',
+      }
+    - {
+        label: '🎨 Frontend',
+        instructions: 'Apply to changes under src/app/(client)/** or src/shadcn-ui/**.',
+      }
+    - {
+        label: '📖 Documentation',
+        instructions: 'Apply to changes under docs/**, README.md, CONTRIBUTING.md, SECURITY.md.',
+      }
+    - {
+        label: '🔧 Refactor',
+        instructions: 'Apply to structural moves/renames or cleanup without API/route contract changes.',
+      }
+    - {
+        label: '🐛 Bug',
+        instructions: "Apply to fixes for regressions, runtime errors, or failing paths (e.g., commit starts with 'fix:').",
+      }
+    - {
+        label: '✨ New Feature',
+        instructions: 'Apply to new API routes/services, new UI pages/components, or new capabilities.',
+      }
+    - {
+        label: '🧹 Cleanup',
+        instructions: 'Apply to dead code removal, lint fixes, or directory tidying.',
+      }
+    - {
+        label: '🖌️ UX/UI Change',
+        instructions: 'Apply to layout/CSS/prop changes purely for UI/UX.',
+      }
+    - {
+        label: '🧩 Core',
+        instructions: 'Apply to proxy/chat/auth/llmConfig or other critical modules.',
+      }
+    - {
+        label: '✅ Testing',
+        instructions: 'Apply to additions or updates to tests/test scaffolding.',
+      }
+
+  tools:
+    eslint:
+      enabled: true
+    yamllint:
+      enabled: true
+    hadolint:
+      enabled: true
+    gitleaks:
+      enabled: true
+
+knowledge_base:
+  code_guidelines:
+    enabled: true
+    filePatterns:
+      - 'README.md'
+      - 'docs/architecture.md'
+      - 'docs/getting-started.md'
+      - 'docs/development-guide.md'
+  web_search:
+    enabled: true
@@ -0,0 +1,2 @@
+# Always request reviews from the two people who didn't author the PR.
+* @mahid797
@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+We as members, contributors, and leaders pledge to make participation in LangRoute a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.
+
+## Our Standards
+Examples of behavior that contributes to a positive environment for our community include:
+
+- Demonstrating empathy and kindness toward other people
+- Being respectful of differing opinions, viewpoints, and experiences
+- Giving and gracefully accepting constructive feedback
+- Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience
+- Focusing on what is best not just for us as individuals, but for the overall community
+
+Examples of unacceptable behavior include:
+
+- The use of sexualized language or imagery, and sexual attention or advances of any kind
+- Trolling, insulting or derogatory comments, and personal or political attacks
+- Public or private harassment
+- Publishing others' private information, such as a physical or email address, without their explicit permission
+- Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Enforcement Responsibilities
+Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned with this Code of Conduct, and will communicate reasons for moderation decisions when appropriate.
+
+## Scope
+This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public spaces. Examples of representing our community include using an official e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event.
+
+## Enforcement
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported in the following ways:
+
+- **Sensitive incidents:** Open a private report via GitHub Security Advisories: https://github.com/bluewave-labs/LangRoute/security/advisories/new
+- **Other Code of Conduct concerns:** Open a GitHub issue labeled "code of conduct".
+- **TODO:** Add a project email alias for reports once available.
+
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the reporter of any incident and will not publicly name individuals without consent.
+
+## Enforcement Guidelines
+Community leaders will follow these Community Impact Guidelines in determining the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+**Community Impact**: Use of inappropriate language or other behavior deemed unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing clarity around the nature of the violation and an explanation of why the behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+**Community Impact**: A violation through a single incident or series of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, for a specified period of time. This includes avoiding interactions in community spaces as well as external channels like social media. Violating these terms may lead to a temporary or permanent ban.
+
+### 3. Temporary Ban
+**Community Impact**: A serious violation of community standards, including sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public communication with the community for a specified period of time. No public or private interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, is allowed during this period. Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+**Community Impact**: Demonstrating a pattern of violation of community standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within the community.
+
+## Attribution
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 2.1, available at <https://www.contributor-covenant.org/version/2/1/code_of_conduct/>.
+
+Community Impact Guidelines were inspired by [Mozilla's code of conduct enforcement ladder](https://github.com/mozilla/diversity).
+
+For answers to common questions about this code of conduct, see the FAQ at <https://www.contributor-covenant.org/faq>. Translations are available at <https://www.contributor-covenant.org/translations>.
+
+[homepage]: https://www.contributor-covenant.org
@@ -0,0 +1,79 @@
+# Contributing to LangRoute
+
+Thanks for your interest in improving LangRoute! We welcome bug fixes, documentation updates, new features, and thoughtful refactors. By participating, you agree to follow our [Code of Conduct](./CODE_OF_CONDUCT.md).
+
+## Getting set up
+- Follow the [Getting Started guide](./docs/getting-started.md) to install dependencies, prepare environment files, and run the app locally.
+- Copy environment defaults from [env/.env.example](./env/.env.example) and regenerate the root `.env` with `npm run env`.
+- Common scripts:
+  - `npm run dev` – start the development server.
+  - `npm run db boot` – start the PostgreSQL container.
+  - `npm run check` – type-check and lint the project.
+
+## How to contribute
+### Report bugs
+Open an issue and include steps to reproduce, expected vs. actual behavior, and any relevant logs (omit secrets).
+
+### Request features
+Create an issue that explains the problem, proposed solution, and any API or UX notes.
+
+### Improve documentation
+Small fixes can go straight to a PR. For larger restructures, start with an issue to discuss scope.
+
+## Picking up work
+- Review existing issues before starting. Labels such as `good first issue` or `help wanted` may indicate where to begin.
+- If no issue exists, open one to align on scope before investing significant effort.
+
+## Branching and workflow
+- Fork the repository (or create a branch if you have write access) and base your work on the active base branch:
+  - If a `dev` branch exists and is documented as the integration branch, branch off `dev`.
+  - Otherwise, branch off the repository's default branch (`master`).
+- Name branches with a prefix:
+  - `feature/your-feature`
+  - `fix/your-bug`
+  - `refactor/your-change`
+  - `chore/your-update`
+- Keep branches focused and rebase on the latest base branch before opening a PR.
+
+## Commit messages
+Use [Conventional Commit](https://www.conventionalcommits.org/) style:
+```
+feat(auth): add OAuth provider
+fix(db): correct migration path
+docs(readme): clarify setup instructions
+```
+Write small, self-contained commits.
+
+## Code style and standards
+- TypeScript uses strict mode; avoid `any` and non-null assertions unless absolutely necessary.
+- Validate all API inputs with [Zod](https://github.com/colinhacks/zod) and infer types with `z.infer`.
+- Keep API routes thin: parse input → call a service → return a response. Avoid direct Prisma access in route handlers.
+- Prefer Tailwind CSS for styling and compose classes with the `cn()` helper.
+- UI components and hooks belong under `src/app/(client)`. Server-side logic and side effects live in `src/app/(server)/services`.
+- Run `npm run check` before committing; ESLint and Prettier are enforced via pre-commit hooks.
+
+## Testing and quality
+- `npm run check` performs type checking and linting; ensure it passes before pushing.
+- The automated test suite is not yet available. You are not required to add or update tests at this time. If you have suggestions for testing approaches, please discuss them in your issue or pull request.
+- Husky runs lint-staged on commit to format staged files automatically.
+
+## Pull requests
+- Open a PR once a coherent slice of work is ready.
+- Link related issues using `Closes #123` in the description.
+- Include screenshots for UI changes and call out any breaking changes or migration steps.
+- Keep PRs focused; avoid unrelated refactors.
+
+## Review process
+- Automated checks will be required before review once CI is configured. *(TODO: document CI checks once configured.)*
+- Address reviewer feedback with follow-up commits and resolve open discussions.
+
+## Security disclosures
+Do **not** file public issues for security vulnerabilities. Follow our [security policy](./SECURITY.md) instead.
+
+## License
+*(TODO: add license information once a LICENSE file is available.)*
+
+## Code of Conduct
+Participation in this project implies acceptance of the [Code of Conduct](./CODE_OF_CONDUCT.md).
+
+For project overview and architecture details, see the [README](./README.md) and [Architecture guide](./docs/architecture.md).
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		# Always request reviews from the two people who didn't author the PR.
		* @mahid797