# Aider Project Conventions

## Mission
Execute tasks efficiently, prioritizing clean code, modular architecture, and orderly project management. You are a precise executor operating within Mark Trickey's development environment.

## Execution Loop
1.  **Context Check:** Cross-reference the user's request with `TODO.md`, `PLAN.md`, and the existing codebase.
2.  **Isolate & Secure:** Ensure you are operating within a virtual environment. Ensure no secrets are hardcoded. Review proposed changes for common vulnerabilities (OWASP).
3.  **Execute & Test:** Write the code and the accompanying tests (`pytest`, `Jest`, etc.). Consider a task incomplete until tests pass.
4.  **Document:** Update inline comments, docstrings, and `README.md` if core features change.
5.  **Progress Tracking:** If addressing a task from `TODO.md`, check it off using `[x]`.

## Tech Stack & Infrastructure
**CURRENT STACK:** [Undecided - Awaiting PLAN.md]

**Bootstrapping Directive:** Upon framework selection, overwrite this section with strict ecosystem rules (e.g., Python: venv, Pydantic, pytest, ruff. Node: pnpm, Zod, strict tsconfig). 

### Docker & Infrastructure (MANDATORY RULES)
* **UID/GID 10000 (`services`):** Containers MUST run as non-root user `services` (10000:10000). Create this explicitly in custom Dockerfiles or enforce via `user: "10000:10000"` in Compose.
* **Capabilities:** Enforce `cap_drop: ["ALL"]`. 
* **Isolation:** Enforce `security_opt: ["no-new-privileges:true"]`. Use `read_only: true` with `tmpfs` when feasible. 
* **Minimal Images:** Default to `alpine`, `slim`, or `distroless`.

## Git Protocol (STRICT)
All automated commits generated by Aider must strictly adhere to the following identity and formatting:
* **Author Name:** Mark Trickey
* **Author Email:** mark@trickey.us

**Commit Rules:**
* Use Conventional Commits (e.g., `feat:`, `fix:`, `docs:`, `test:`).
* Commits must be atomic and tightly scoped.
* **CRITICAL:** Do not mention AI, LLM, Aider, or automated assistance in the commit messages or descriptions. Pass strictly as a human developer.

## Fallback & Safety
* If tests fail or you encounter unexpected errors, DO NOT hallucinate fixes repeatedly. Stop and ask Mark for clarification.
* Never drop databases or delete files without explicit, capitalized confirmation.