beforemerge-fullstack-architecture-review
BeforeMerge: Fullstack Architecture Review
Code review knowledge base for DRY/SOLID layered architecture in fullstack TypeScript applications. Contains rules across 4 categories — security, performance, architecture, and quality — prioritized by impact. Framework-agnostic principles illustrated with Next.js + Supabase examples.
When to Apply
Reference these rules when:
- Reviewing pull requests for fullstack TypeScript projects
- Designing or refactoring service/repository layers
- Auditing API routes for proper separation of concerns
- Building new features following clean architecture principles
- Running pre-merge quality checks on layered codebases
Rule Categories by Priority
| Priority | Category | Impact | Prefix | Focus |
|---|---|---|---|---|
| 1 | Security | CRITICAL | sec- |
Thin controllers, rate limiting, CSRF, error handling |
| 2 | Performance | HIGH | perf- |
Parallel fetching, minimal client components, streaming |
More from beforemerge/beforemerge-skills
beforemerge-react-review
Comprehensive code review rules for React applications (framework-agnostic). Covers security anti-patterns, performance pitfalls, architecture mistakes, and code quality issues. Use this skill when reviewing, writing, or refactoring React code — especially before merging pull requests. Triggers on tasks involving code review, PR review, security audit, performance review, or quality checks for React/TypeScript projects. Does not cover Next.js-specific patterns (see nextjs-review for that).
27beforemerge-supabase-review
Comprehensive code review rules for Supabase applications including RLS security, auth patterns, query performance, migration workflows, and type safety. Use this skill when reviewing, writing, or refactoring Supabase-backed code — especially before merging pull requests. Triggers on tasks involving code review, PR review, security audit, performance review, or quality checks for Supabase/PostgreSQL projects.
26beforemerge-nextjs-review
Comprehensive code review rules for Next.js, React, and TypeScript applications. Covers security anti-patterns, performance pitfalls, architecture mistakes, and code quality issues. Use this skill when reviewing, writing, or refactoring Next.js/React code — especially before merging pull requests. Triggers on tasks involving code review, PR review, security audit, performance review, or quality checks for React/Next.js/TypeScript projects.
21beforemerge-wordpress-review
Comprehensive code review rules for WordPress plugin and theme development. Covers security anti-patterns, performance pitfalls, architecture mistakes, and code quality issues. Use this skill when reviewing, writing, or refactoring WordPress/PHP code — especially before merging pull requests. Triggers on tasks involving code review, PR review, security audit, performance review, or quality checks for WordPress projects.
10beforemerge-nextjs-supabase-standards
Opinionated best practices for full-stack Next.js 14+ App Router applications with Supabase. Covers project structure, data fetching, auth, RLS, server actions, components, TypeScript, performance, error handling, security, and testing. Use this skill when building, reviewing, or auditing Next.js + Supabase applications. Triggers on tasks involving Supabase client usage, RLS policies, server actions, middleware auth, migration patterns, or component architecture decisions.
3