cursor_rules_revised

Below is a ready-to-paste “compiled” bundle of fresh Cursor rules. Copy the blocks you need into their respective files (or keep them all in one for review). If a directory path is marked <TBD> just tell me the real path later and we’ll tweak the glob.

---

# ───────────────────────────── 1. GLOBAL STYLE GUIDE ─────────────────────────────
# ↳ save as .cursor/rules/global-style-guide.mdc
---
description: Coding & commit etiquette for every project
alwaysApply: true
---

### Code conventions
• **TypeScript** – prefer `const enum`, strictNullChecks ON
• **Imports** – absolute via `@/*` alias, no relative `../../` hell
• **Logging** – use `@libs/core/logger`, never `console.*` in production

### Commit messages
`<type>(scope): short message`

| type         | purpose                      |
|--------------|-----------------------------|
| feat         | new user-facing feature     |
| fix          | bug fix                     |
| chore        | tooling / deps              |
| refactor     | internal change, no feature |
| perf         | performance improvement     |

### Pull-request checklist
1. `pnpm nx affected:test` passes
2. All TODOs link to a linear issue
3. At least one screenshot/GIF for UI changes

# ───────────────────────────── 2. DANGEROUS DEFAULTS ─────────────────────────────
# ↳ save as .cursor/rules/dangerous-defaults.mdc
---
description: Block hard-coded credentials & ports
alwaysApply: true
---

**NEVER** commit any of the following:

| Offence                    | Instead                  |
|--------------------------- |--------------------------|
| `process.env == undefined` | Use `@libs/core/config`  |
| Port `6379` hard-coded     | Read from `REDIS_URL`    |
| `postgres://user:pass@`    | Use Pg connection string in env |

> Cursor: If you detect literal strings matching `redis://`, `amqp://`, or `postgres://` **block apply** and ask to refactor.

# ───────────────────────────── 3. MERCURY DOMAIN RULES ───────────────────────────
# ↳ save as domains/mercury/.cursor/rules/mercury-core.mdc
---
description: Mythology-driven trading system constraints
globs: ["domains/mercury/**"]
alwaysApply: false            # auto-attached by path
---

🔥 **CRITICAL IMPORT POLICY**

| Instead of …          | Always use …            |
|-----------------------|-------------------------|
| `mercury-ta` (Python) | `@libs/domain/kaido-talib` (TS)

### Naming doctrine
Modules follow Greek/Roman gods: **APOLLO**, **DIKE**, **TYCHE**, **KAIROS**, **MINERVA**, **MORPHEUS**.

### Background jobs
All long-running tasks **must** enqueue via `RedisQueueService`.
Inline `await …` loops are forbidden – wrap them.

### Ports & URLs
No literal ports; pull from `ConfigService`.

### Tests
`nx test domains-mercury-*` **MUST pass before apply**.

# ───────────────────────────── 4. MERCURY METRICS RULES ──────────────────────────
# ↳ save as domains/mercury/.cursor/rules/mercury-metrics.mdc
---
description: Contract-driven Grafana enforcement
globs: ["domains/mercury/**", "libs/core/monitoring/**"]
alwaysApply: false
---

When you touch Mercury code:

1. All Prometheus metrics **MUST** be declared in
   `libs/core/monitoring/mercury-metrics.contract.ts`.
2. Dashboards live in `platform/grafana/dashboards/**`.
3. New metric? → extend contract **first**, then code.

> Cursor Lint: reject any `registerMetric(` call with a label not in the contract.

# ───────────────────────────── 5. ARCANA DOMAIN RULES ────────────────────────────
# ↳ save as domains/arcana/.cursor/rules/arcana-core.mdc
---
description: Tarot AI domain guard-rails
globs: ["domains/arcana/**"]
---

• Use Major-Arcana-based filenames (`the-moon.service.ts`)
• All spreads export `TarotSpread` interface from `@libs/arcana/spreads`
• LLM prompts live in `prompts/**/*.mdx` – **no inline strings**
• Any user data stored **encrypted at rest** via `cryptoUtils.encrypt()`
• Tests must seed RNG with tarot seed `42` for determinism

# ───────────────────────────── 6. ANYTRACKER RULES ───────────────────────────────
# ↳ save as domains/anytracker/.cursor/rules/anytracker-core.mdc
---
description: Tracking & anonymisation rules
globs: ["domains/anytracker/**"]
---

### Anonymisation
User identifiers become `anon_<hash>` via `@libs/core/anon` before DB insert.

### Data retention
• Raw events kept **30 days** in S3 → then summarised → raw deleted.

### GDPR panic switch
If env `GDPR_ERASE=1` → disable **all** event ingestion endpoints; show 503.

# ───────────────────────────── 7. MASCHINE RULES ────────────────────────────────
# ↳ save as domains/maschine/.cursor/rules/maschine-core.mdc
---
description: AI-assistant orchestration rules
globs: ["domains/maschine/**"]
---

• Orchestrator services reside under `core/**`, never import UI code
• All OpenAI calls use `@libs/integrations/openai-utils` for retry logic
• Background Agent PR titles start with `🤖 MASCHINE:`
• Conversation logs older than **90 days** auto-purged

# ───────────────────────────── 8. SHARED LIBS RULE ──────────────────────────────
# ↳ save as libs/core/.cursor/rules/core-utils.mdc
---
description: Core utilities stability pledge
globs: ["libs/core/**"]
---

Core utils are **stable**; breaking changes require semver major bump and
migration guide in `libs/core/CHANGELOG.md`.

> Cursor: on breaking change detection (`export` removed or signature changed) – prompt to update changelog & bump version.

# ───────────────────────────── 9. DEPRECATED CODE FENCE ──────────────────────────
# ↳ save as archive/.cursor/rules/archive-fence.mdc
---
description: Block accidental resurrection of archived code
globs: ["archive/**"]
alwaysApply: false
---

**Everything under `archive/**` is dead code**.
Cursor should refuse edits unless the commit message begins with
`REVIVE:` and contains a ticket reference.

# ──────────────────────────── 10. TEST-FIRST SCAFFOLD RULE ──────────────────────
# ↳ path <TBD> (.cursor/rules/test-first.mdc)
---
description: Enforce red-green-refactor for new modules
alwaysApply: false
globs: ["domains/**", "libs/**"]
---

Before adding *production* code in any new file:

1. Create failing Jest test alongside (`*.spec.ts`).
2. Run `nx test --watch` to see it fail.
3. Only then write implementation.

> Cursor: if a new `.ts` file has **no sibling `*.spec.ts`**, alert the user.

---

How to deploy quickly

# example: create root rules directory & drop two globals
mkdir -p .cursor/rules
echo "<paste block 1 here>" > .cursor/rules/global-style-guide.mdc
echo "<paste block 2 here>" > .cursor/rules/dangerous-defaults.mdc

# domain example
mkdir -p domains/mercury/.cursor/rules
echo "<paste block 3>" > domains/mercury/.cursor/rules/mercury-core.mdc

---

Next steps

1. Swap <TBD> placeholders with the real paths if my guesses are off.
2. Fire up Cursor, open a Mercury file → confirm it auto-attaches the new rule.
3. Run /Generate Cursor Rules after a few chats to let Cursor propose extras; merge manually.

Ping me once you’ve tested the new layout or if you want more granular splitting / additional domains!