mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-03-30 21:53:28 +08:00

Files

Maksim Dimitrov 6792e91735 feat: add Swift language-specific rules

Add 5 rule files for Swift following the established pattern used by
TypeScript, Python, and Go rule sets. Covers Swift 6 strict concurrency,
Swift Testing framework, protocol-oriented patterns, Keychain-based
secret management, and SwiftFormat/SwiftLint hooks.

2026-02-17 15:43:14 +02:00

1020 B

Raw Permalink Blame History

paths

**/*.swift

**/Package.swift

Swift Security

This file extends common/security.md with Swift specific content.

Secret Management

Use Keychain Services for sensitive data (tokens, passwords, keys) — never UserDefaults
Use environment variables or .xcconfig files for build-time secrets
Never hardcode secrets in source — decompilation tools extract them trivially

let apiKey = ProcessInfo.processInfo.environment["API_KEY"]
guard let apiKey, !apiKey.isEmpty else {
    fatalError("API_KEY not configured")
}

Transport Security

App Transport Security (ATS) is enforced by default — do not disable it
Use certificate pinning for critical endpoints
Validate all server certificates

Input Validation

Sanitize all user input before display to prevent injection
Use URL(string:) with validation rather than force-unwrapping
Validate data from external sources (APIs, deep links, pasteboard) before processing

1020 B Raw Permalink Blame History

Swift Security

Secret Management

Transport Security

Input Validation

1020 B

Raw Permalink Blame History