All checks

220 reviewable best-practice checks. Browse by domain or by language.

Domains: APIReliabilityArchitectureOperationsTestingPerformanceDataSecurityDocumentation

Languages: C++C#Shared (all languages)GoJavaJavaScriptPHPPython (ML)PythonPyTorchRubyRustSwiftTypeScriptKotlin

By domain

API 24

Boundary validation, error contracts, compatibility and idempotent mutations.

• api-cpp-001 — C++ public interfaces express dispatch, ownership, and range contracts explicitly
• api-go-002 — Go APIs expose explicit error signals and callers do not branch on error text
• api-rust-001 — Rust public APIs return explicit recoverable errors and keep public error context
• api-001 — External API input is parsed, translated, and rejected at the boundary before side effects
• api-004 — Retried mutating operations are idempotent end-to-end
• api-007 — Mutable resources expose validators and honor preconditions
• api-008 — Machine-readable API contracts stay published and in sync with implementation
• api-009 — Published API contracts remain backward compatible within a version
• api-016 — Potentially large JSON identifiers are serialized as strings
• bp-api-001 — External APIs return machine-readable error contracts
• bp-api-002 — Collection reads are bounded
• api-002 — Public resource identifiers remain stable and independent of mutable business fields
• api-014 — In-repo protobuf consumers handle newly added enum values safely
• api-020 — Public APIs do not expose mutable internal representation or caller-owned mutable state unsafely
• csharp-api-001 — External inputs are validated at the boundary
• csharp-api-002 — HTTP APIs return consistent machine-readable errors
• csharp-api-003 — Collection endpoints bound response size
• api-go-001 — Go APIs accept per-call context and do not retain it on reusable objects
• api-go-003 — Go HTTP handlers stop after writing a terminal error response
• api-go-004 — Marshaled Go structs use explicit field tags
• api-go-005 — Go libraries do not register command-line flags outside main packages
• api-java-002 — Java enums do not use ordinal position for persisted or external semantics
• api-python-001 — Python public APIs signal failure with exceptions under a shared public error base
• api-python-002 — Python public APIs keep optional boolean controls keyword-only

Reliability 48

Timeouts, retries, idempotency, resource lifecycles and graceful failure.

• rel-cpp-001 — Resource ownership uses RAII with safe copy, move, and lifetime semantics
• rel-cpp-002 — Locks, waits, atomics, and threads preserve concurrency safety on every path
• csharp-rel-001 — Cancellation flows through async and long-running work
• csharp-rel-005 — Background services stop cleanly and do not spin on failure
• rel-csharp-001 — Async request and service code does not block on tasks or fake async
• rel-csharp-003 — Request-scoped context and services are not captured beyond the request
• go-rel-002 — Goroutines have explicit lifecycle ownership
• rel-go-001 — Context flows per call and detached work gets its own lifetime
• rel-go-002 — Goroutine coordination and shared state are synchronized explicitly
• java-rel-002 — Thread interrupts are not swallowed
• rel-java-004 — Startup-critical configuration properties are validated
• rel-javascript-001 — Request-path code does not block the event loop and preserves backpressure
• python-ml-003 — Training and serving share the same preprocessing contract
• rel-python-ml-003 — Automated actions are gated on model confidence or plausibility
• python-rel-002 — Async code does not block the event loop
• rel-python-001 — Coroutine and task lifecycles are explicitly owned
• pytorch-rel-001 — Training and evaluation use the correct module mode
• pytorch-rel-003 — Device placement is explicit and consistent
• rel-rust-001 — Async Rust does not block runtimes or hold blocking state across await
• rel-rust-004 — Destructors and unsafe mutation remain panic-safe and non-blocking
• bp-rel-001 — Outbound dependencies have explicit time budgets
• bp-rel-002 — Retries are bounded, deliberate, and safe for the operation
• rel-001 — Transient resources are released on every path
• rel-002 — Downstream work propagates cancellation/deadlines and stops when callers are done
• rel-006 — Retried or redelivered work is idempotent or deduplicated
• rel-008 — Overload-triggering work and resource consumption are bounded
• rel-014 — Read-your-writes paths avoid stale async replicas
• rel-017 — Side effects and downstream jobs run only after durable commit
• rel-021 — Security-sensitive multi-step operations fail closed on partial failure
• rel-swift-001 — SwiftUI state is mutated on the main thread
• rel-typescript-001 — Async boundary validation rejects invalid input before side effects
• rel-typescript-002 — Async APIs keep a consistent timing model
• rel-cpp-003 — Constructors, globals, and escaping lambdas avoid lifetime hazards
• go-rel-001 — HTTP clients and servers define explicit time budgets
• rel-go-004 — Package initialization is deterministic and side-effect free
• java-rel-001 — Outbound HTTP clients define explicit time budgets
• javascript-rel-001 — Outbound HTTP requests have explicit cancellation or timeout
• rel-javascript-002 — Processes crash-stop after uncaught exceptions and EventEmitter error paths are handled
• rel-php-004 — Logger context handling is safe for arbitrary values
• python-rel-001 — Outbound HTTP calls set explicit timeouts
• rel-python-002 — Event-loop ownership stays at application boundaries
• rel-python-006 — One-shot iterators are not reused as multi-pass inputs
• rel-python-007 — Attribute interception hooks avoid self-recursion
• pytorch-rel-002 — Evaluation and inference disable gradient tracking
• rel-003 — Services start ready and shut down gracefully
• rel-015 — Lease-based coordination uses fencing or epoch validation
• rel-018 — In-process caches and session state are bounded or recomputable
• rel-020 — Runtime code does not depend on ambient host tools

Architecture 19

Boundaries, dependency direction, encapsulation and explicit entrypoints.

• csharp-arch-003 — Dependency injection is validated early
• clean-arch-002 — Application business rules live in explicit use cases
• clean-arch-003 — Boundary ports are owned by the inner policy layer
• vertical-slice-arch-001 — New use cases land inside an owning slice
• vertical-slice-arch-002 — Slice changes stay local to the use case
• vertical-slice-arch-004 — Shared abstractions are extracted only with real evidence
• arch-002 — Foreign models and third-party APIs are translated at the boundary
• arch-003 — Environment and configuration are read, modeled, and validated at the boundary
• arch-004 — Runtime work starts from explicit entrypoints instead of import/load side effects
• arch-005 — Module-owned mutable state and representations stay encapsulated
• bp-arch-001 — Modules depend through explicit, reviewable seams
• bp-arch-002 — Dependency direction follows the architecture instead of bypassing it
• clean-arch-004 — Boundary data is simple, isolated, and framework-free
• csharp-arch-005 — Application code does not use the service locator pattern
• go-arch-001 — Context propagates across request and I/O boundaries
• java-arch-001 — Runtime dependencies are explicit through constructors
• javascript-arch-001 — Module load paths avoid runtime side effects
• python-arch-001 — Import paths avoid runtime side effects
• typescript-arch-001 — External data is not cast directly into trusted types

Operations 22

Health signals, safe automation, telemetry and production defaults.

• csharp-ops-005 — Schema migrations are not applied unsafely on normal startup
• ops-javascript-001 — Variable-size async fan-out is bounded
• pytorch-ops-001 — Checkpoints store portable state rather than whole model objects
• bp-ops-001 — Services expose meaningful health signals
• bp-ops-005 — Deployment config is environment-agnostic
• ops-003 — Deployments are smoke-tested before success
• ops-017 — Per-unit production telemetry is structured and complete
• ops-018 — Cross-boundary work preserves correlation and dependency attribution
• ops-022 — Configuration is semantically validated before it is applied
• ops-024 — Automation that changes production state fails safe and verifies recovery before restoring traffic
• ops-028 — Production defaults disable debug, demo, and unnecessary admin surfaces
• ops-011 — Container runtime remains immutable after build
• ops-016 — Retries are bounded and poison messages are quarantined
• ops-019 — Telemetry exposes build, config, or rollout identity
• ops-020 — Paging alerts start from user-visible symptoms, not self-healed transients
• ops-021 — Reliability objectives use event-based SLIs and tail-aware latency measures
• ops-025 — Operational logs select explicit safe fields and exclude raw PII
• ops-027 — Security-relevant denials and anomalies are logged with investigation context
• ops-029 — Operational logs use the platform collection path or bounded file retention
• ops-030 — Service processes stay foreground and are externally supervised
• ops-python-ml-003 — Prediction telemetry records model identity
• ops-python-001 — Subprocess waits are bounded by timeouts

Testing 25

Deterministic, isolated tests that assert outcomes through supported interfaces.

• csharp-test-002 — Time-dependent C# tests are deterministic
• python-ml-002 — Evaluation is separated from training data
• test-python-ml-004 — Feature extraction failures fail fast instead of degrading silently
• test-pytorch-004 — PyTorch tensors allocated with torch.empty are fully initialized before use
• bp-test-001 — Behavior changes are protected by automated tests
• bp-test-002 — Critical paths must have deterministic tests
• bp-test-003 — Default automated tests do not require live external dependencies
• test-001 — Boundary and compatibility changes have executable contract coverage
• test-003 — Tests isolate mutable state and clean up created resources
• test-008 — Tests assert behavior through supported interfaces, not internals
• test-009 — Prefer outcome assertions over interaction-only mock choreography
• test-010 — Tests verify outcomes with explicit, simple oracles
• python-ml-004 — Experiments are reproducible enough to explain results
• test-python-ml-002 — Reused shuffled scikit-learn CV splitters use integer seeds
• test-python-ml-003 — scikit-learn estimators do not share one mutable RandomState instance
• test-pytorch-001 — Reproducible PyTorch paths seed every RNG they use
• test-pytorch-002 — Deterministic CUDA paths disable cuDNN benchmarking
• test-pytorch-003 — Reproducible multi-worker DataLoaders seed worker processes
• test-002 — Existing compatibility tests are preserved when public behavior changes
• test-004 — Resource-dependent tests are explicitly gated outside default runs
• test-005 — Flaky-test mitigation does not hide failures
• test-007 — Cross-boundary behavior has at least one real boundary-level test
• test-016 — Fuzz drivers are deterministic and side-effect free
• test-017 — Risky codepaths keep sanitizer and race-detector coverage
• test-018 — Production code changes remain covered by commit-time automated test gates

Performance 19

Hot-path data access, quadratic work, async blocking and latency signals.

• perf-csharp-001 — Preload related data before iterating over navigation properties
• perf-csharp-003 — Avoid eager-loading multiple collection navigations in one query
• perf-rust-001 — Offload obvious CPU-bound work from async tasks
• perf-001 — Avoid N+1 data access in hot paths
• perf-002 — Avoid accidental quadratic work on input-scaled paths
• perf-003 — Fetch and serialize only the data a latency-sensitive path needs
• perf-004 — Async hot paths do not block runtime threads
• perf-006 — Version internal derived caches so upgrades rebuild them
• perf-010 — Expose latency distributions, not averages alone
• perf-cpp-001 — Release queue locks before processing dequeued work
• perf-005 — Keep interactive paths local and incremental
• perf-007 — Do not randomize large result sets with ORDER BY RAND()
• perf-011 — Parse benchmark output units and decimals explicitly
• perf-012 — Do not infer disk bottlenecks from iowait or utilization alone
• perf-014 — Specify workload shape in storage benchmarks
• perf-015 — Keep searched columns free of functions and expressions in predicates
• perf-php-001 — Strip loaded Eloquent relations before queue serialization
• perf-python-001 — Store descriptor state without leaking instances
• perf-swift-001 — Document non-constant computed property complexity

Data 27

Atomic mutations, schema evolution, provenance and validated upstream data.

• data-go-014 — Mutable slices and maps do not cross ownership or lock boundaries by alias
• data-java-011 — Java transactions declare rollback for checked failures
• data-php-007 — Laravel request input is validated before persistence or business logic uses it
• data-ruby-012 — Rails business invariants are enforced in the database as well as the model
• data-ruby-028 — Queued jobs pass stable identifiers instead of mutable record state
• data-001 — Keep training and evaluation data leakage-free
• data-002 — Validate and gate upstream data before downstream training or pipeline work
• data-009 — Evolve deployed schemas with forward-only, additive-first compatibility changes
• data-010 — Durable or cross-process data uses versionable formats and mixed-version-safe evolution
• data-011 — Durable-state mutations are atomic, rollback-safe, and concurrency-correct
• data-027 — Compute derived values from source fields instead of hand-maintaining them
• data-cpp-016 — Avoid map::operator[] for lookup-only reads
• data-003 — Preserve dataset lineage and feature provenance for production ML artifacts
• data-004 — Keep missing values distinguishable from real values
• data-005 — Handle unseen categorical values safely at inference
• data-007 — External data is validated at the boundary before downstream use
• data-020 — Database handles are pooled or deterministically released
• data-024 — Consent records preserve the disclosure version the user accepted
• data-javascript-011 — IndexedDB writes stay inside the active transaction callback stack
• data-kotlin-017 — Keep custom equality and hash codes contract-safe
• python-ml-001 — Prevent leakage in Python ML splitting and preprocessing
• data-python-018 — Python byte-oriented file work opens files in binary mode
• data-python-019 — Do not ignore text transcoding errors silently
• data-ruby-011 — Ruby file-backed durable state uses atomic replacement
• data-rust-033 — Initialize raw or vector storage before making elements visible
• data-rust-034 — Handle zero-sized types explicitly in unsafe generic storage
• data-typescript-007 — TypeScript boundaries parse unknown data before use

Security 26

Input validation, authn/z, injection, secrets and safe data handling.

• sec-rust-001 — Unsafe Rust keeps explicit soundness contracts and avoids unsound primitives
• bp-sec-001 — External input is validated at trust boundaries
• bp-sec-004 — Sensitive data is not emitted to logs or traces
• sec-001 — Untrusted input does not reach shell or process execution unsafely
• sec-002 — Untrusted data is not dynamically executed or unsafely deserialized
• sec-003 — SQL remains parameterized and structural query fragments are allowlisted
• sec-004 — Browser output encodes or sanitizes untrusted content in the correct context
• sec-006 — Protected operations enforce authentication, authorization, and principal scoping at the boundary
• sec-007 — Password storage and account recovery resist offline cracking and account takeover
• sec-008 — Client-facing errors, URLs, and public responses do not leak secrets or internals
• csharp-sec-002 — Process execution does not concatenate untrusted input
• csharp-sec-004 — Protected operations enforce authorization at the boundary
• csharp-sec-006 — Raw data access is parameterized
• csharp-sec-007 — Logs do not expose secrets or sensitive payloads
• go-sec-001 — External command execution validates input
• go-sec-002 — SQL remains parameterized
• java-sec-002 — Process execution validates executable and arguments
• java-sec-003 — SQL remains parameterized
• javascript-sec-001 — Child process execution avoids shell injection
• javascript-sec-002 — Dynamic code evaluation is not fed by untrusted input
• python-sec-001 — Subprocess execution avoids shell injection paths
• python-sec-002 — Unsafe deserialization and dynamic code execution are avoided
• python-sec-003 — Raw SQL remains parameterized
• sec-009 — Cryptography and transport use approved primitives, CSPRNGs, and full TLS verification
• sec-010 — Files, uploads, archives, and XML parsing constrain untrusted names and formats
• sec-typescript-001 — Parse external TypeScript boundary data before trusting its type

Documentation 10

Public APIs, behavior changes and release notes stay documented.

• doc-001 — Externally consumed public APIs are documented
• doc-002 — Public and operator-facing docs stay in sync with behavior changes
• doc-007 — Public releases and breaking changes are documented in release notes or changelogs
• csharp-doc-001 — Externally consumed public C# APIs are documented
• csharp-doc-002 — Public breaking changes in C# packages are called out in release notes
• doc-008 — Opaque regexes and complex algorithms are explained inline
• doc-kotlin-001 — Public Kotlin library members are documented with KDoc
• doc-rust-001 — Public Rust APIs document errors, panics, and safety requirements
• doc-swift-001 — Exported Swift API declarations are documented
• doc-typescript-001 — Exported TypeScript APIs are documented with TSDoc

By language

C++ 6

• api-cpp-001 — C++ public interfaces express dispatch, ownership, and range contracts explicitly
• rel-cpp-001 — Resource ownership uses RAII with safe copy, move, and lifetime semantics
• rel-cpp-002 — Locks, waits, atomics, and threads preserve concurrency safety on every path
• data-cpp-016 — Avoid map::operator[] for lookup-only reads
• perf-cpp-001 — Release queue locks before processing dequeued work
• rel-cpp-003 — Constructors, globals, and escaping lambdas avoid lifetime hazards

C# 19

• csharp-arch-003 — Dependency injection is validated early
• csharp-ops-005 — Schema migrations are not applied unsafely on normal startup
• csharp-rel-001 — Cancellation flows through async and long-running work
• csharp-rel-005 — Background services stop cleanly and do not spin on failure
• csharp-test-002 — Time-dependent C# tests are deterministic
• perf-csharp-001 — Preload related data before iterating over navigation properties
• perf-csharp-003 — Avoid eager-loading multiple collection navigations in one query
• rel-csharp-001 — Async request and service code does not block on tasks or fake async
• rel-csharp-003 — Request-scoped context and services are not captured beyond the request
• csharp-api-001 — External inputs are validated at the boundary
• csharp-api-002 — HTTP APIs return consistent machine-readable errors
• csharp-api-003 — Collection endpoints bound response size
• csharp-arch-005 — Application code does not use the service locator pattern
• csharp-doc-001 — Externally consumed public C# APIs are documented
• csharp-doc-002 — Public breaking changes in C# packages are called out in release notes
• csharp-sec-002 — Process execution does not concatenate untrusted input
• csharp-sec-004 — Protected operations enforce authorization at the boundary
• csharp-sec-006 — Raw data access is parameterized
• csharp-sec-007 — Logs do not expose secrets or sensitive payloads

Shared (all languages) 107

• clean-arch-002 — Application business rules live in explicit use cases
• clean-arch-003 — Boundary ports are owned by the inner policy layer
• vertical-slice-arch-001 — New use cases land inside an owning slice
• vertical-slice-arch-002 — Slice changes stay local to the use case
• vertical-slice-arch-004 — Shared abstractions are extracted only with real evidence
• api-001 — External API input is parsed, translated, and rejected at the boundary before side effects
• api-004 — Retried mutating operations are idempotent end-to-end
• api-007 — Mutable resources expose validators and honor preconditions
• api-008 — Machine-readable API contracts stay published and in sync with implementation
• api-009 — Published API contracts remain backward compatible within a version
• api-016 — Potentially large JSON identifiers are serialized as strings
• bp-api-001 — External APIs return machine-readable error contracts
• bp-api-002 — Collection reads are bounded
• arch-002 — Foreign models and third-party APIs are translated at the boundary
• arch-003 — Environment and configuration are read, modeled, and validated at the boundary
• arch-004 — Runtime work starts from explicit entrypoints instead of import/load side effects
• arch-005 — Module-owned mutable state and representations stay encapsulated
• bp-arch-001 — Modules depend through explicit, reviewable seams
• bp-arch-002 — Dependency direction follows the architecture instead of bypassing it
• data-001 — Keep training and evaluation data leakage-free
• data-002 — Validate and gate upstream data before downstream training or pipeline work
• data-009 — Evolve deployed schemas with forward-only, additive-first compatibility changes
• data-010 — Durable or cross-process data uses versionable formats and mixed-version-safe evolution
• data-011 — Durable-state mutations are atomic, rollback-safe, and concurrency-correct
• data-027 — Compute derived values from source fields instead of hand-maintaining them
• doc-001 — Externally consumed public APIs are documented
• doc-002 — Public and operator-facing docs stay in sync with behavior changes
• doc-007 — Public releases and breaking changes are documented in release notes or changelogs
• bp-ops-001 — Services expose meaningful health signals
• bp-ops-005 — Deployment config is environment-agnostic
• ops-003 — Deployments are smoke-tested before success
• ops-017 — Per-unit production telemetry is structured and complete
• ops-018 — Cross-boundary work preserves correlation and dependency attribution
• ops-022 — Configuration is semantically validated before it is applied
• ops-024 — Automation that changes production state fails safe and verifies recovery before restoring traffic
• ops-028 — Production defaults disable debug, demo, and unnecessary admin surfaces
• perf-001 — Avoid N+1 data access in hot paths
• perf-002 — Avoid accidental quadratic work on input-scaled paths
• perf-003 — Fetch and serialize only the data a latency-sensitive path needs
• perf-004 — Async hot paths do not block runtime threads
• perf-006 — Version internal derived caches so upgrades rebuild them
• perf-010 — Expose latency distributions, not averages alone
• bp-rel-001 — Outbound dependencies have explicit time budgets
• bp-rel-002 — Retries are bounded, deliberate, and safe for the operation
• rel-001 — Transient resources are released on every path
• rel-002 — Downstream work propagates cancellation/deadlines and stops when callers are done
• rel-006 — Retried or redelivered work is idempotent or deduplicated
• rel-008 — Overload-triggering work and resource consumption are bounded
• rel-014 — Read-your-writes paths avoid stale async replicas
• rel-017 — Side effects and downstream jobs run only after durable commit
• rel-021 — Security-sensitive multi-step operations fail closed on partial failure
• bp-sec-001 — External input is validated at trust boundaries
• bp-sec-004 — Sensitive data is not emitted to logs or traces
• sec-001 — Untrusted input does not reach shell or process execution unsafely
• sec-002 — Untrusted data is not dynamically executed or unsafely deserialized
• sec-003 — SQL remains parameterized and structural query fragments are allowlisted
• sec-004 — Browser output encodes or sanitizes untrusted content in the correct context
• sec-006 — Protected operations enforce authentication, authorization, and principal scoping at the boundary
• sec-007 — Password storage and account recovery resist offline cracking and account takeover
• sec-008 — Client-facing errors, URLs, and public responses do not leak secrets or internals
• bp-test-001 — Behavior changes are protected by automated tests
• bp-test-002 — Critical paths must have deterministic tests
• bp-test-003 — Default automated tests do not require live external dependencies
• test-001 — Boundary and compatibility changes have executable contract coverage
• test-003 — Tests isolate mutable state and clean up created resources
• test-008 — Tests assert behavior through supported interfaces, not internals
• test-009 — Prefer outcome assertions over interaction-only mock choreography
• test-010 — Tests verify outcomes with explicit, simple oracles
• api-002 — Public resource identifiers remain stable and independent of mutable business fields
• api-014 — In-repo protobuf consumers handle newly added enum values safely
• api-020 — Public APIs do not expose mutable internal representation or caller-owned mutable state unsafely
• clean-arch-004 — Boundary data is simple, isolated, and framework-free
• data-003 — Preserve dataset lineage and feature provenance for production ML artifacts
• data-004 — Keep missing values distinguishable from real values
• data-005 — Handle unseen categorical values safely at inference
• data-007 — External data is validated at the boundary before downstream use
• data-020 — Database handles are pooled or deterministically released
• data-024 — Consent records preserve the disclosure version the user accepted
• doc-008 — Opaque regexes and complex algorithms are explained inline
• ops-011 — Container runtime remains immutable after build
• ops-016 — Retries are bounded and poison messages are quarantined
• ops-019 — Telemetry exposes build, config, or rollout identity
• ops-020 — Paging alerts start from user-visible symptoms, not self-healed transients
• ops-021 — Reliability objectives use event-based SLIs and tail-aware latency measures
• ops-025 — Operational logs select explicit safe fields and exclude raw PII
• ops-027 — Security-relevant denials and anomalies are logged with investigation context
• ops-029 — Operational logs use the platform collection path or bounded file retention
• ops-030 — Service processes stay foreground and are externally supervised
• perf-005 — Keep interactive paths local and incremental
• perf-007 — Do not randomize large result sets with ORDER BY RAND()
• perf-011 — Parse benchmark output units and decimals explicitly
• perf-012 — Do not infer disk bottlenecks from iowait or utilization alone
• perf-014 — Specify workload shape in storage benchmarks
• perf-015 — Keep searched columns free of functions and expressions in predicates
• rel-003 — Services start ready and shut down gracefully
• rel-015 — Lease-based coordination uses fencing or epoch validation
• rel-018 — In-process caches and session state are bounded or recomputable
• rel-020 — Runtime code does not depend on ambient host tools
• sec-009 — Cryptography and transport use approved primitives, CSPRNGs, and full TLS verification
• sec-010 — Files, uploads, archives, and XML parsing constrain untrusted names and formats
• test-002 — Existing compatibility tests are preserved when public behavior changes
• test-004 — Resource-dependent tests are explicitly gated outside default runs
• test-005 — Flaky-test mitigation does not hide failures
• test-007 — Cross-boundary behavior has at least one real boundary-level test
• test-016 — Fuzz drivers are deterministic and side-effect free
• test-017 — Risky codepaths keep sanitizer and race-detector coverage
• test-018 — Production code changes remain covered by commit-time automated test gates

Go 14

• api-go-002 — Go APIs expose explicit error signals and callers do not branch on error text
• data-go-014 — Mutable slices and maps do not cross ownership or lock boundaries by alias
• go-rel-002 — Goroutines have explicit lifecycle ownership
• rel-go-001 — Context flows per call and detached work gets its own lifetime
• rel-go-002 — Goroutine coordination and shared state are synchronized explicitly
• api-go-001 — Go APIs accept per-call context and do not retain it on reusable objects
• api-go-003 — Go HTTP handlers stop after writing a terminal error response
• api-go-004 — Marshaled Go structs use explicit field tags
• api-go-005 — Go libraries do not register command-line flags outside main packages
• go-arch-001 — Context propagates across request and I/O boundaries
• go-rel-001 — HTTP clients and servers define explicit time budgets
• go-sec-001 — External command execution validates input
• go-sec-002 — SQL remains parameterized
• rel-go-004 — Package initialization is deterministic and side-effect free

Java 8

• data-java-011 — Java transactions declare rollback for checked failures
• java-rel-002 — Thread interrupts are not swallowed
• rel-java-004 — Startup-critical configuration properties are validated
• api-java-002 — Java enums do not use ordinal position for persisted or external semantics
• java-arch-001 — Runtime dependencies are explicit through constructors
• java-rel-001 — Outbound HTTP clients define explicit time budgets
• java-sec-002 — Process execution validates executable and arguments
• java-sec-003 — SQL remains parameterized

JavaScript 8

• ops-javascript-001 — Variable-size async fan-out is bounded
• rel-javascript-001 — Request-path code does not block the event loop and preserves backpressure
• data-javascript-011 — IndexedDB writes stay inside the active transaction callback stack
• javascript-arch-001 — Module load paths avoid runtime side effects
• javascript-rel-001 — Outbound HTTP requests have explicit cancellation or timeout
• javascript-sec-001 — Child process execution avoids shell injection
• javascript-sec-002 — Dynamic code evaluation is not fed by untrusted input
• rel-javascript-002 — Processes crash-stop after uncaught exceptions and EventEmitter error paths are handled

PHP 3

• data-php-007 — Laravel request input is validated before persistence or business logic uses it
• perf-php-001 — Strip loaded Eloquent relations before queue serialization
• rel-php-004 — Logger context handling is safe for arbitrary values

Python (ML) 9

• python-ml-002 — Evaluation is separated from training data
• python-ml-003 — Training and serving share the same preprocessing contract
• rel-python-ml-003 — Automated actions are gated on model confidence or plausibility
• test-python-ml-004 — Feature extraction failures fail fast instead of degrading silently
• ops-python-ml-003 — Prediction telemetry records model identity
• python-ml-001 — Prevent leakage in Python ML splitting and preprocessing
• python-ml-004 — Experiments are reproducible enough to explain results
• test-python-ml-002 — Reused shuffled scikit-learn CV splitters use integer seeds
• test-python-ml-003 — scikit-learn estimators do not share one mutable RandomState instance

Python 16

• python-rel-002 — Async code does not block the event loop
• rel-python-001 — Coroutine and task lifecycles are explicitly owned
• api-python-001 — Python public APIs signal failure with exceptions under a shared public error base
• api-python-002 — Python public APIs keep optional boolean controls keyword-only
• data-python-018 — Python byte-oriented file work opens files in binary mode
• data-python-019 — Do not ignore text transcoding errors silently
• ops-python-001 — Subprocess waits are bounded by timeouts
• perf-python-001 — Store descriptor state without leaking instances
• python-arch-001 — Import paths avoid runtime side effects
• python-rel-001 — Outbound HTTP calls set explicit timeouts
• python-sec-001 — Subprocess execution avoids shell injection paths
• python-sec-002 — Unsafe deserialization and dynamic code execution are avoided
• python-sec-003 — Raw SQL remains parameterized
• rel-python-002 — Event-loop ownership stays at application boundaries
• rel-python-006 — One-shot iterators are not reused as multi-pass inputs
• rel-python-007 — Attribute interception hooks avoid self-recursion

PyTorch 8

• pytorch-ops-001 — Checkpoints store portable state rather than whole model objects
• pytorch-rel-001 — Training and evaluation use the correct module mode
• pytorch-rel-003 — Device placement is explicit and consistent
• test-pytorch-004 — PyTorch tensors allocated with torch.empty are fully initialized before use
• pytorch-rel-002 — Evaluation and inference disable gradient tracking
• test-pytorch-001 — Reproducible PyTorch paths seed every RNG they use
• test-pytorch-002 — Deterministic CUDA paths disable cuDNN benchmarking
• test-pytorch-003 — Reproducible multi-worker DataLoaders seed worker processes

Ruby 3

• data-ruby-012 — Rails business invariants are enforced in the database as well as the model
• data-ruby-028 — Queued jobs pass stable identifiers instead of mutable record state
• data-ruby-011 — Ruby file-backed durable state uses atomic replacement

Rust 8

• api-rust-001 — Rust public APIs return explicit recoverable errors and keep public error context
• perf-rust-001 — Offload obvious CPU-bound work from async tasks
• rel-rust-001 — Async Rust does not block runtimes or hold blocking state across await
• rel-rust-004 — Destructors and unsafe mutation remain panic-safe and non-blocking
• sec-rust-001 — Unsafe Rust keeps explicit soundness contracts and avoids unsound primitives
• data-rust-033 — Initialize raw or vector storage before making elements visible
• data-rust-034 — Handle zero-sized types explicitly in unsafe generic storage
• doc-rust-001 — Public Rust APIs document errors, panics, and safety requirements

Swift 3

• rel-swift-001 — SwiftUI state is mutated on the main thread
• doc-swift-001 — Exported Swift API declarations are documented
• perf-swift-001 — Document non-constant computed property complexity

TypeScript 6

• rel-typescript-001 — Async boundary validation rejects invalid input before side effects
• rel-typescript-002 — Async APIs keep a consistent timing model
• data-typescript-007 — TypeScript boundaries parse unknown data before use
• doc-typescript-001 — Exported TypeScript APIs are documented with TSDoc
• sec-typescript-001 — Parse external TypeScript boundary data before trusting its type
• typescript-arch-001 — External data is not cast directly into trusted types

Kotlin 2

• data-kotlin-017 — Keep custom equality and hash codes contract-safe
• doc-kotlin-001 — Public Kotlin library members are documented with KDoc