language policy 69 checks includes: shared-foundation

TypeScript Language Policy

lang-typescript

Merged TypeScript policy. It inlines the baseline shared-foundation checks and adds TypeScript-specific checks, including the language checks that previously lived in separate extended outputs. Enable for repositories with substantial TypeScript code. This policy already contains the shared foundation checks; add other lang-* policies only when the repo has another substantial implementation language.

Language-Specific Checks

Any app type

• rel-typescript-001 — Async boundary validation rejects invalid input before side effects.
• rel-typescript-002 — Async APIs keep a consistent timing model.
• sec-typescript-001 — Parse external TypeScript boundary data before trusting its type.
• typescript-arch-001 — External data is not cast directly into trusted types.
• data-typescript-007 — TypeScript boundaries parse unknown data before use.

Library

• doc-typescript-001 — Exported TypeScript APIs are documented with TSDoc.

Shared Foundation Checks

Security

• sec-006 — Protected operations enforce authentication, authorization, and principal scoping at the boundary.
• sec-003 — SQL remains parameterized and structural query fragments are allowlisted.
• bp-sec-001 — External input is validated at trust boundaries.
• sec-004 — Browser output encodes or sanitizes untrusted content in the correct context.
• sec-001 — Untrusted input does not reach shell or process execution unsafely.
• sec-002 — Untrusted data is not dynamically executed or unsafely deserialized.
• sec-007 — Password storage and account recovery resist offline cracking and account takeover.
• bp-sec-004 — Sensitive data is not emitted to logs or traces.
• sec-008 — Client-facing errors, URLs, and public responses do not leak secrets or internals.

Reliability

• bp-rel-001 — Outbound dependencies have explicit time budgets.
• bp-rel-002 — Retries are bounded, deliberate, and safe for the operation.
• rel-017 — Side effects and downstream jobs run only after durable commit.
• rel-006 — Retried or redelivered work is idempotent or deduplicated.
• rel-002 — Downstream work propagates cancellation/deadlines and stops when callers are done.
• rel-021 — Security-sensitive multi-step operations fail closed on partial failure.
• rel-008 — Overload-triggering work and resource consumption are bounded.
• rel-014 — Read-your-writes paths avoid stale async replicas.
• rel-001 — Transient resources are released on every path.

Architecture Core

• arch-005 — Module-owned mutable state and representations stay encapsulated.
• bp-arch-002 — Dependency direction follows the architecture instead of bypassing it.
• arch-004 — Runtime work starts from explicit entrypoints instead of import/load side effects.
• arch-002 — Foreign models and third-party APIs are translated at the boundary.
• bp-arch-001 — Modules depend through explicit, reviewable seams.
• arch-003 — Environment and configuration are read, modeled, and validated at the boundary.

Testing

• bp-test-001 — Behavior changes are protected by automated tests.
• test-010 — Tests verify outcomes with explicit, simple oracles.
• test-009 — Prefer outcome assertions over interaction-only mock choreography.
• test-001 — Boundary and compatibility changes have executable contract coverage.
• bp-test-002 — Critical paths must have deterministic tests.
• bp-test-003 — Default automated tests do not require live external dependencies.
• test-008 — Tests assert behavior through supported interfaces, not internals.
• test-003 — Tests isolate mutable state and clean up created resources.

Application Programming Interface

• api-004 — Retried mutating operations are idempotent end-to-end.
• api-001 — External API input is parsed, translated, and rejected at the boundary before side effects.
• api-009 — Published API contracts remain backward compatible within a version.
• bp-api-002 — Collection reads are bounded.
• api-007 — Mutable resources expose validators and honor preconditions.
• api-008 — Machine-readable API contracts stay published and in sync with implementation.
• api-016 — Potentially large JSON identifiers are serialized as strings.
• bp-api-001 — External APIs return machine-readable error contracts.

Data

• data-011 — Durable-state mutations are atomic, rollback-safe, and concurrency-correct.
• data-027 — Compute derived values from source fields instead of hand-maintaining them.
• data-010 — Durable or cross-process data uses versionable formats and mixed-version-safe evolution.
• data-009 — Evolve deployed schemas with forward-only, additive-first compatibility changes.
• data-001 — Keep training and evaluation data leakage-free.
• data-002 — Validate and gate upstream data before downstream training or pipeline work.

Operations

• ops-022 — Configuration is semantically validated before it is applied.
• bp-ops-001 — Services expose meaningful health signals.
• ops-024 — Automation that changes production state fails safe and verifies recovery before restoring traffic.
• ops-028 — Production defaults disable debug, demo, and unnecessary admin surfaces.
• ops-003 — Deployments are smoke-tested before success.
• ops-018 — Cross-boundary work preserves correlation and dependency attribution.
• bp-ops-005 — Deployment config is environment-agnostic.
• ops-017 — Per-unit production telemetry is structured and complete.

Performance

• perf-004 — Async hot paths do not block runtime threads.
• perf-001 — Avoid N+1 data access in hot paths.
• perf-002 — Avoid accidental quadratic work on input-scaled paths.
• perf-003 — Fetch and serialize only the data a latency-sensitive path needs.
• perf-010 — Expose latency distributions, not averages alone.
• perf-006 — Version internal derived caches so upgrades rebuild them.

Documentation

• doc-002 — Public and operator-facing docs stay in sync with behavior changes.
• doc-001 — Externally consumed public APIs are documented.
• doc-007 — Public releases and breaking changes are documented in release notes or changelogs.