Symbolic link
32 lines
1.5 KiB
Markdown
Symbolic link
32 lines
1.5 KiB
Markdown
# Agent Instructions
|
|
|
|
Start by reading `CLAUDE.md`; it contains the upstream Modrinth monorepo rules.
|
|
This fork adds Modrinth Plus work on top of those rules.
|
|
|
|
## Repository Rules
|
|
|
|
- Preserve upstream Modrinth structure and style unless a Modrinth Plus feature requires a focused change.
|
|
- Keep desktop app work in the existing app boundaries: `apps/app-frontend`, `apps/app`, and `packages/app-lib`.
|
|
- Do not commit secrets, `.env` files with private values, private keys, certificates, or tokens.
|
|
- If `GITEA_TOKEN` is available locally, use it only for read-only Gitea API checks such as private repository metadata and Actions run status. Never print, commit, or store the token.
|
|
- After pushing commits that trigger a Gitea workflow, poll the workflow run until it succeeds. If it fails or is cancelled, inspect the failing job/logs, fix the issue when in scope, push again, and repeat the workflow check loop. Fixing and pushing a workflow failure is not a stopping point.
|
|
|
|
## Commands
|
|
|
|
Use upstream commands where possible:
|
|
|
|
```bash
|
|
pnpm install
|
|
pnpm --filter @modrinth/app-frontend run lint
|
|
cargo fmt --check
|
|
cargo clippy --package theseus
|
|
```
|
|
|
|
If local Node/Rust toolchains are unavailable, use the Gitea runner as the authoritative verification loop.
|
|
|
|
## Security Notes
|
|
|
|
- Connected Library supports public HTTPS raw manifest URLs only in v1.
|
|
- Keep private Git repository authentication out of Connected Library until token storage is designed.
|
|
- Document new external network calls in `docs/security-review.md`.
|