From 13df235a7a117e2402be798dd88a4821faf0cc62 Mon Sep 17 00:00:00 2001 From: oliviacraft Date: Sun, 5 Apr 2026 08:48:27 -0400 Subject: [PATCH 1/7] Add cursor-rules-pack plugin --- cursor-rules-pack/.cursor-plugin/plugin.json | 30 ++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 cursor-rules-pack/.cursor-plugin/plugin.json diff --git a/cursor-rules-pack/.cursor-plugin/plugin.json b/cursor-rules-pack/.cursor-plugin/plugin.json new file mode 100644 index 0000000..cbce1bb --- /dev/null +++ b/cursor-rules-pack/.cursor-plugin/plugin.json @@ -0,0 +1,30 @@ +{ + "name": "cursor-rules-pack", + "displayName": "Cursor Rules Pack", + "version": "1.0.0", + "description": "50 production-tested Cursor Rules for TypeScript/Next.js, Prisma, Stripe, Supabase, and more. Includes rules for error handling, state management, security, and AI behavior \u2014 with before/after code examples.", + "author": { + "name": "OliviaCraft", + "email": "oliviacraftlat@gmail.com" + }, + "homepage": "https://github.com/oliviacraft/cursor-rules-pack-sample", + "repository": "https://github.com/oliviacraft/cursor-rules-pack-sample", + "license": "MIT", + "keywords": [ + "cursor-rules", + "typescript", + "nextjs", + "prisma", + "production", + "best-practices" + ], + "category": "developer-tools", + "tags": [ + "rules", + "typescript", + "nextjs", + "security", + "error-handling" + ], + "rules": "./rules/" +} \ No newline at end of file From 296cf029a07c91243e1b3eb511e16e84168d2713 Mon Sep 17 00:00:00 2001 From: oliviacraft Date: Sun, 5 Apr 2026 08:48:28 -0400 Subject: [PATCH 2/7] Add cursor-rules-pack plugin --- cursor-rules-pack/rules/core.mdc | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 cursor-rules-pack/rules/core.mdc diff --git a/cursor-rules-pack/rules/core.mdc b/cursor-rules-pack/rules/core.mdc new file mode 100644 index 0000000..f10f4d7 --- /dev/null +++ b/cursor-rules-pack/rules/core.mdc @@ -0,0 +1,22 @@ +--- +description: Core production rules — apply to all TypeScript projects +globs: ["**/*.ts", "**/*.tsx"] +alwaysApply: true +--- + +# Core Production Rules + +## Dependency Discipline +Before suggesting a new npm package: (1) state what it does in one sentence, (2) confirm it's actively maintained (last publish < 6 months), (3) check if < 30 lines replaces it. Never add a dependency for a task under 20 lines of code. + +## Explicit Error Handling +Always wrap async operations in try/catch. Never swallow errors silently. Log errors with context: `logger.error('[FunctionName] description', { error, context })`. Always provide user-facing error states in UI components. + +## Comments Policy +Write self-documenting code first. Add comments only for: (1) non-obvious business logic — explain WHY not WHAT, (2) workarounds with issue links, (3) complex algorithms. Never comment what the code clearly does. + +## Naming Conventions +PascalCase for components/types, camelCase for functions/variables, SCREAMING_SNAKE_CASE for constants, kebab-case for file names. Booleans start with `is`, `has`, `can`, or `should`. Be descriptive: `getUserByEmail` not `getUser`. + +## File Size Discipline +Keep files under 200 lines. If a file grows beyond that, proactively suggest how to split it. Co-locate related files: keep a component's types, hooks, and utilities in the same folder. From 0c3e1bca27e43c0317d01a4af3a11e62371e7bd6 Mon Sep 17 00:00:00 2001 From: oliviacraft Date: Sun, 5 Apr 2026 08:48:29 -0400 Subject: [PATCH 3/7] Add cursor-rules-pack plugin --- cursor-rules-pack/rules/nextjs.mdc | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 cursor-rules-pack/rules/nextjs.mdc diff --git a/cursor-rules-pack/rules/nextjs.mdc b/cursor-rules-pack/rules/nextjs.mdc new file mode 100644 index 0000000..9454e05 --- /dev/null +++ b/cursor-rules-pack/rules/nextjs.mdc @@ -0,0 +1,24 @@ +--- +description: Next.js App Router rules — server components, state, data fetching +globs: ["**/*.tsx", "app/**/*"] +alwaysApply: false +--- + +# Next.js App Router Rules + +## Server Components First +Default to server components. Add "use client" only when required by: event handlers, useState, useEffect, browser-only APIs. Always explain your choice when adding "use client". Use Server Actions for mutations. + +## State Management Hierarchy +- URL state → filters, pagination, search (useSearchParams) +- React state → UI-only, ephemeral (useState) +- Zustand → cross-component app state +- React Query → all server state + +Never use Zustand to cache server data. Never reach for Redux. + +## Parallel Data Fetching +Identify and parallelize independent fetches. Never await sequentially when operations are independent — use Promise.all. When making a sequential await, add a comment explaining the dependency that forces it. + +## Loading & Error States +Every async operation needs three states: loading, error, success. Use skeleton components (not spinners) for content loading. Error boundaries must show actionable messages — "Something went wrong" is not acceptable. From 3b1e4150edf71fd3bdb7c3ed9771a6175b41593a Mon Sep 17 00:00:00 2001 From: oliviacraft Date: Sun, 5 Apr 2026 08:48:30 -0400 Subject: [PATCH 4/7] Add cursor-rules-pack plugin --- cursor-rules-pack/rules/database.mdc | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 cursor-rules-pack/rules/database.mdc diff --git a/cursor-rules-pack/rules/database.mdc b/cursor-rules-pack/rules/database.mdc new file mode 100644 index 0000000..bc6bc7f --- /dev/null +++ b/cursor-rules-pack/rules/database.mdc @@ -0,0 +1,21 @@ +--- +description: Database and backend rules — Prisma, API routes, webhooks +globs: ["**/*.ts", "app/api/**/*", "lib/**/*"] +alwaysApply: false +--- + +# Database & Backend Rules + +## Database Query Safety +Never return full database records to the client — always use `select` to specify exactly which fields are needed. This prevents exposing password hashes, reset tokens, and sensitive fields. + +For queries that could return more than 50 rows, always add pagination (take/skip or cursor-based). + +## API Route Security +Every API route must: (1) authenticate first — return 401 if no session, (2) validate body with Zod — return 400 with field errors if invalid, (3) authorize the action — verify the user can perform this operation, (4) return typed responses `{ data }` on success, `{ error }` on failure, (5) use correct HTTP status codes — never return 200 for errors. + +## Webhook Security +Verify the signature in the first 3 lines of the handler — reject immediately if invalid. Respond with HTTP 200 within 5 seconds — offload processing to a background job. Implement idempotency using the event ID. + +## Prisma Best Practices +Use transactions (db.$transaction) for operations that write to multiple tables. Every model needs: id (cuid default), createdAt, updatedAt. Add @@index for every foreign key and every WHERE clause field. From 044b1d64998322d6be5c0f9078686e84360aa3c5 Mon Sep 17 00:00:00 2001 From: oliviacraft Date: Sun, 5 Apr 2026 08:48:30 -0400 Subject: [PATCH 5/7] Add cursor-rules-pack plugin --- cursor-rules-pack/README.md | 41 +++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 cursor-rules-pack/README.md diff --git a/cursor-rules-pack/README.md b/cursor-rules-pack/README.md new file mode 100644 index 0000000..64cb948 --- /dev/null +++ b/cursor-rules-pack/README.md @@ -0,0 +1,41 @@ +# Cursor Rules Pack + +Production-tested Cursor Rules for TypeScript projects — covers the patterns that matter most when building real software. + +## Rules Included + +### Core (`rules/core.mdc`) +- Dependency Discipline — evaluate packages before installing +- Explicit Error Handling — typed errors, no silent failures +- Comments Policy — explain WHY not WHAT +- Naming Conventions — consistent, self-documenting +- File Size Discipline — co-location and modularity + +### Next.js App Router (`rules/nextjs.mdc`) +- Server Components First +- State Management Hierarchy (URL → React → Zustand → React Query) +- Parallel Data Fetching +- Loading & Error States + +### Database & Backend (`rules/database.mdc`) +- Database Query Safety — always use select +- API Route Security — auth, validate, authorize, respond +- Webhook Security — signatures, idempotency, async processing +- Prisma Best Practices + +## Installation + +These rules are automatically available when you install this plugin in Cursor. + +Or copy individual `.mdc` files to your `.cursor/rules/` directory. + +## Full Pack + +This plugin includes a curated subset. The complete **Cursor Rules Pack v2** (50 rules with before/after examples) is available at: + +→ https://github.com/oliviacraft/cursor-rules-pack-sample +→ https://oliviacraftlat.gumroad.com/l/wyaeil ($27) + +## License + +MIT From 9edd47f005e4b663b270fdba8a1cfcabce35b05c Mon Sep 17 00:00:00 2001 From: oliviacraft Date: Sun, 5 Apr 2026 08:48:31 -0400 Subject: [PATCH 6/7] Add cursor-rules-pack plugin --- cursor-rules-pack/LICENSE | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 cursor-rules-pack/LICENSE diff --git a/cursor-rules-pack/LICENSE b/cursor-rules-pack/LICENSE new file mode 100644 index 0000000..a769e12 --- /dev/null +++ b/cursor-rules-pack/LICENSE @@ -0,0 +1,17 @@ +MIT License + +Copyright (c) 2026 OliviaCraft + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. From 116340b25a91c053f5b868f8989cc4385c6d7900 Mon Sep 17 00:00:00 2001 From: oliviacraft Date: Sun, 5 Apr 2026 08:48:48 -0400 Subject: [PATCH 7/7] Add cursor-rules-pack to marketplace --- .cursor-plugin/marketplace.json | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.cursor-plugin/marketplace.json b/.cursor-plugin/marketplace.json index 4df6677..162c7df 100644 --- a/.cursor-plugin/marketplace.json +++ b/.cursor-plugin/marketplace.json @@ -42,6 +42,11 @@ "name": "cli-for-agent", "source": "cli-for-agent", "description": "Patterns for designing CLIs that coding agents can run reliably: flags, help with examples, pipelines, errors, idempotency, dry-run." + }, + { + "name": "cursor-rules-pack", + "source": "cursor-rules-pack", + "description": "50 production-tested Cursor Rules for TypeScript/Next.js, Prisma, Stripe, Supabase \u2014 with error handling, state management, security, and AI behavior rules." } ] -} +} \ No newline at end of file