Thanks for your interest! This doc captures how we work.
git clone https://github.com/<you>/friday-visual-engine.git
cd friday-visual-engine
nvm use # picks Node 22 from .nvmrc
npm install
cp .env.example .env.local # fill in keys
npm run dev- Branch:
feat/short-description,fix/short-description,docs/short-description. - Commit: Conventional Commits -
feat:,fix:,docs:,refactor:,perf:,test:,chore:. - One logical change per PR.
npm run typecheck # must pass
npm run lint # warnings ok, errors not
npm test # all green
npm run build # must succeed- Create
api/<name>.tswithexport const config = { runtime: 'edge' }. - Import from
./_shared/*for CORS, rate limiting, validation. - Add JSDoc above the handler.
- Document request/response in
docs/API.md. - Add a test covering the happy path.
- Place in
components/Interface/orcomponents/Simulation/. - Export as a named arrow-function React FC with typed props.
- Include ARIA attributes on any interactive element.
- Respect
prefers-reduced-motionfor animation. - Wrap mutation of imperative handles in
useEffect/useImperativeHandle.
- Never log full API responses to server logs (prompt content may be sensitive).
- Always use
responseSchemafor structured output. - Always validate server-side before returning to client.
- Do not weaken the refusal contract in
api/_shared/gemini.ts.
supabase migration new <description>
# Edit generated SQL in supabase/migrations/
supabase db push # applies to linked project- Prettier + ESLint are authoritative.
- Prefer
const→let→var(nevervar). - No
anywithout a// TODO: tightencomment. - No commented-out code; delete it.
- Functions over classes unless React/stateful patterns demand otherwise.
- Never commit
.env.local, keys, or any secret. - API keys go in Vercel env vars, client gets them via the
/apiproxy. - Validate all user input at the API boundary.
- Hash IPs before storing.