backend-principle-eng-javascript-pro-max
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseBackend Principle Eng JavaScript Pro Max
JavaScript后端首席工程实践Pro Max
Principal-level guidance for JavaScript backend systems. Optimized for Bun runtime with Node 20 LTS compatibility.
面向JavaScript后端系统的首席级指导方案。针对Bun runtime优化,兼容Node 20 LTS。
When to Apply
适用场景
- Designing or refactoring JavaScript services, APIs, and distributed systems
- Reviewing code for correctness, reliability, performance, and security
- Planning migrations, scalability, or cost optimizations
- Incident follow-ups and systemic fixes
- 设计或重构JavaScript服务、API及分布式系统
- 评审代码的正确性、可靠性、性能与安全性
- 规划迁移、扩容或成本优化方案
- 事件复盘与系统性问题修复
Priority Model (highest to lowest)
优先级模型(从高到低)
| Priority | Category | Goal | Signals |
|---|---|---|---|
| 1 | Correctness & Contracts | No wrong answers | Strong validation, invariants, idempotency |
| 2 | Reliability & Resilience | Survive failures | Timeouts, retries, graceful degradation |
| 3 | Security & Privacy | Zero trust by default | Authz, secrets, minimal exposure |
| 4 | Performance & Efficiency | Predictable latency | Async I/O, bounded queues, caching |
| 5 | Observability & Operability | Fast triage | Tracing, metrics, runbooks |
| 6 | Data & Consistency | Integrity over time | Safe migrations, outbox, versioning |
| 7 | Scalability & Evolution | Safe growth | Statelessness, partitioning, backpressure |
| 8 | Developer Experience & Testing | Sustainable velocity | CI gates, deterministic tests, linting |
| 优先级 | 类别 | 目标 | 信号 |
|---|---|---|---|
| 1 | 正确性与契约 | 无错误输出 | 强验证、不变量、幂等性 |
| 2 | 可靠性与韧性 | 故障下持续运行 | 超时、重试、优雅降级 |
| 3 | 安全性与隐私 | 默认零信任 | 授权、密钥管理、最小暴露 |
| 4 | 性能与效率 | 可预测延迟 | 异步I/O、有限队列、缓存 |
| 5 | 可观测性与可运维性 | 快速问题排查 | 链路追踪、指标、运行手册 |
| 6 | 数据与一致性 | 长期数据完整性 | 安全迁移、事务箱、版本控制 |
| 7 | 可扩展性与演进 | 安全增长 | 无状态、分区、背压机制 |
| 8 | 开发者体验与测试 | 可持续交付速度 | CI门禁、确定性测试、代码检查 |
Quick Reference (Rules)
快速参考规则
1. Correctness & Contracts (CRITICAL)
1. 正确性与契约(CRITICAL)
- - Versioned schemas and explicit validation
api-contracts - - Validate at boundaries, reject unknowns
input-validation - - Safe retries with idempotency keys
idempotency - - Enforce domain rules in service and database
invariants - - Store UTC, use monotonic clocks for durations
time-utc
- - 版本化 schema 与显式验证
api-contracts - - 在边界处验证,拒绝未知输入
input-validation - - 使用幂等键实现安全重试
idempotency - - 在服务与数据库中强制执行领域规则
invariants - - 存储UTC时间,使用单调时钟计算时长
time-utc
2. Reliability & Resilience (CRITICAL)
2. 可靠性与韧性(CRITICAL)
- - Set per dependency; no unbounded waits
timeouts - - Bounded with jitter; avoid retry storms
retries - - Fail fast for degraded dependencies
circuit-breakers - - Isolate thread pools and queues
bulkheads - - Graceful degradation under load
load-shedding
- - 为每个依赖设置超时;禁止无限制等待
timeouts - - 带抖动的有限重试;避免重试风暴
retries - - 对降级依赖快速失败
circuit-breakers - - 隔离线程池与队列
bulkheads - - 高负载下优雅降级
load-shedding
3. Security & Privacy (CRITICAL)
3. 安全性与隐私(CRITICAL)
- - Enforce at every service boundary
authz - - Use vault/KMS; never in code or logs
secrets - - Redact PII by default
data-min - - TLS everywhere; strong defaults
crypto - - Pin deps; scan CVEs
supply-chain
- - 在每个服务边界强制执行授权
authz - - 使用密钥管理系统/密钥服务;绝不在代码或日志中明文存储
secrets - - 默认脱敏个人可识别信息(PII)
data-min - - 全链路TLS;使用强安全默认配置
crypto - - 锁定依赖版本;扫描常见漏洞与暴露(CVE)
supply-chain
4. Performance & Efficiency (HIGH)
4. 性能与效率(HIGH)
- - Use async for I/O bound paths; avoid blocking
async-io - - Right-size DB/HTTP pools; avoid starvation
pooling - - TTL and stampede protection for hot reads
cache - - Batch I/O and DB operations where safe
batching - - Measure before optimizing
profiling
- - 对I/O密集型路径使用异步;避免阻塞
async-io - - 合理配置数据库/HTTP连接池;避免资源饥饿
pooling - - 热点读使用TTL与缓存击穿保护
cache - - 在安全前提下批量处理I/O与数据库操作
batching - - 先测量再优化
profiling
5. Observability & Operability (HIGH)
5. 可观测性与可运维性(HIGH)
- - JSON logs with trace ids
structured-logs - - RED/USE metrics plus business KPIs
metrics - - Propagate context end-to-end
tracing - - SLO-based with runbooks
alerts - - Safe rollouts and rapid rollback
deploys
- - 带追踪ID的JSON格式日志
structured-logs - - RED/USE指标加上业务关键绩效指标(KPI)
metrics - - 端到端传播上下文
tracing - - 基于服务水平目标(SLO)的告警并附带运行手册
alerts - - 安全发布与快速回滚
deploys
6. Data & Consistency (HIGH)
6. 数据与一致性(HIGH)
- - Clear boundaries; avoid cross-service tx
transactions - - Backward compatible migrations
schema-evolution - - Reliable event publishing
outbox - - Globally unique IDs
id-generation - - Use CQRS when complexity is justified
read-models
- - 明确边界;避免跨服务事务
transactions - - 向后兼容的迁移
schema-evolution - - 可靠的事件发布
outbox - - 全局唯一ID
id-generation - - 复杂度合理时使用命令查询职责分离(CQRS)
read-models
7. Scalability & Evolution (MEDIUM)
7. 可扩展性与演进(MEDIUM)
- - Externalize state, scale horizontally
stateless - - Shard by stable keys
partitioning - - API and event versioning
versioning - - Bounded queues, explicit limits
backpressure - - Dynamic config with validation
config
- - 外部化状态,支持水平扩容
stateless - - 按稳定键分片
partitioning - - API与事件版本控制
versioning - - 有限队列、显式限制
backpressure - - 带验证的动态配置
config
8. Developer Experience & Testing (MEDIUM)
8. 开发者体验与测试(MEDIUM)
- - Unit, integration, contract, load tests
tests - - Hermetic tests, fixed seeds, stable time
determinism - - ESLint + Prettier for consistency
lint
- - 单元测试、集成测试、契约测试、负载测试
tests - - 封闭环境测试、固定种子、稳定时间
determinism - - 使用ESLint + Prettier保证一致性
lint
Execution Workflow
执行流程
- Clarify product goals, SLOs, latency and cost budgets
- Map data flow, dependencies, and failure modes
- Choose storage and consistency model (document tradeoffs)
- Define contracts: API schemas, events, and idempotency
- Implement with safe defaults, observability, and resilience
- Validate with tests, load, and failure scenarios
- Review risks and publish runbooks
- 明确产品目标、服务水平目标(SLO)、延迟与成本预算
- 梳理数据流、依赖关系与故障模式
- 选择存储与一致性模型(记录权衡点)
- 定义契约:API schema、事件与幂等规则
- 基于安全默认配置、可观测性与韧性实现功能
- 通过测试、负载与故障场景验证
- 评审风险并发布运行手册
Language-Specific Guidance
语言专属指导
See for Bun-first stack defaults and JS-specific linting/testing.
references/javascript-core.md请查看获取Bun优先的技术栈默认配置及JavaScript专属的代码检查/测试规范。
references/javascript-core.md