keisei/KeiSeiKit-1.0
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
KeiSeiKit-1.0/_blocks/stack-fastapi-postgres.md
denis 0b901cf2f9 feat: KeiSeiKit v0.1.0 — initial public release 
Generic Constructor-Pattern agent kit for Claude Code. Zero personal data,
fully English, MIT-licensed.

Contents:
- 34 reusable blocks (baseline, rules, stack/deploy/domain/api/scraper)
- 14 cross-project agent manifests (code/ml/infra/researcher/critic/...)
- 6 portable skills (/new-agent, /research, /test-gen, /debug-deep, /pr-review, /refactor)
- Rust assembler (single binary, ~500 KB)
- 3 hooks (auto-reassemble, pre-commit validate, no-hand-edit)
- install.sh (idempotent, cargo-builds on first run)
- MIT LICENSE

All 6 sanity greps pass: 0 Russian text, 0 specific project names,
0 incident numbers, 0 user paths, 0 hardcoded IPs, 0 API keys.

cargo check + assemble --validate: both pass on 14 manifests.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-20 23:58:34 +08:00

1.7 KiB
Raw Blame History

STACK — FastAPI + async SQLAlchemy 2.0 + PostgreSQL

Use when the project is Python-locked (existing codebase) or needs Python-exclusive bindings. Justify on first touch.

Core versions: FastAPI ≥ 0.110, SQLAlchemy 2.0 async style (AsyncSession, select(), await session.execute() — NOT the legacy Query API), Pydantic v2 (NOT v1), Alembic for migrations, pytest-asyncio for tests.

Session pattern:

async def get_db() -> AsyncIterator[AsyncSession]:
    async with async_session() as session:
        yield session        # FastAPI unwinds on response

@router.get("/x")
async def handler(db: Annotated[AsyncSession, Depends(get_db)]): ...

Dependency injection via Depends() — never thread a session through global state.

Commit rule: inside an @asynccontextmanager block, do NOT call session.commit() in the request path — let the context manager close the txn. Mixing the two causes the "RuntimeError: Session is already flushing" storm.

Migrations: Alembic only. No raw ALTER TABLE on prod. Migrations checked into git alongside the model change in the same commit.

Common security-debt checklist: on touch, fix the known issues — default SECRET_KEY, missing CSRF, rate-limit not applied, N+1 in paginated queries. Don't paper over.

Deploy: Docker + nginx reverse proxy (typical pattern: app container on internal port, nginx on public port). Shared-host coordination: check cross-project impact before apt/systemd/nginx changes.

Forbidden: session.commit() in request handler if get_db is contextmanager-based; raw SQL on prod; committing .env (DB credentials, API tokens); deprecated model aliases — pin the dated model string.