certifai/CLAUDE.md

Agent Guidelines for Rust Code Quality

This document provides guidelines for maintaining high-quality Rust code. These rules MUST be followed by all AI coding agents and contributors.

Your Core Principles

All code you write MUST be fully optimized.

"Fully optimized" includes:

• maximizing algorithmic big-O efficiency for memory and runtime
• using parallelization and SIMD where appropriate
• following proper style conventions for Rust (e.g. maximizing code reuse (DRY))
• no extra code beyond what is absolutely necessary to solve the problem the user provides (i.e. no technical debt)

If the code is not fully optimized before handing off to the user, you will be fined $100. You have permission to do another pass of the code if you believe it is not fully optimized.

Preferred Tools

• Use cargo for project management, building, and dependency management.
• Use indicatif to track long-running operations with progress bars. The message should be contextually sensitive.
• Use serde with serde_json for JSON serialization/deserialization.
• Use ratatui adnd crossterm for terminal applications/TUIs.
• Use axum for creating any web servers or HTTP APIs.
  • Keep request handlers async, returning Result<Response, AppError> to centralize error handling.
  • Use layered extractors and shared state structs instead of global mutable data.
  • Add tower middleware (timeouts, tracing, compression) for observability and resilience.
  • Offload CPU-bound work to tokio::task::spawn_blocking or background services to avoid blocking the reactor.
• When reporting errors to the console, use tracing::error! or log::error! instead of println!.
• If designing applications with a web-based front end interface, e.g. compiling to WASM or using dioxus:
  • All deep computation MUST occur within Rust processes (i.e. the WASM binary or the dioxus app Rust process). NEVER use JavaScript for deep computation.
  • The front-end MUST use Pico CSS and vanilla JavaScript. NEVER use jQuery or any component-based frameworks such as React.
  • The front-end should prioritize speed and common HID guidelines.
  • The app should use adaptive light/dark themes by default, with a toggle to switch the themes.
  • The typography/theming of the application MUST be modern and unique, similar to that of popular single-page web/mobile. ALWAYS add an appropriate font for headers and body text. You may reference fonts from Google Fonts.
  • NEVER use the Pico CSS defaults as-is: a separate CSS/SCSS file is encouraged. The design MUST logically complement the semantics of the application use case.
  • ALWAYS rebuild the WASM binary if any underlying Rust code that affects it is touched.
• For data processing:
  • ALWAYS use polars instead of other data frame libraries for tabular data manipulation.
  • If a polars dataframe will be printed, NEVER simultaneously print the number of entries in the dataframe nor the schema as it is redundant.
  • NEVER ingest more than 10 rows of a data frame at a time. Only analyze subsets of data to avoid overloading your memory context.
• If using Python to implement Rust code using PyO3/maturin:
  • Rebuild the Python package with maturin after finishing all Rust code changes.
  • ALWAYS use uv for Python package management and to create a .venv if it is not present. NEVER use the base system Python installation.
  • Ensure .venv is added to .gitignore.
  • Ensure ipykernel and ipywidgets is installed in .venv for Jupyter Notebook compatability. This should not be in package requirements.
  • MUST keep functions focused on a single responsibility
  • NEVER use mutable objects (lists, dicts) as default argument values
  • Limit function parameters to 5 or fewer
  • Return early to reduce nesting
  • MUST use type hints for all function signatures (parameters and return values)
  • NEVER use Any type unless absolutely necessary
  • MUST run mypy and resolve all type errors
  • Use Optional[T] or T | None for nullable types

Code Style and Formatting

• MUST use meaningful, descriptive variable and function names
• MUST follow Rust API Guidelines and idiomatic Rust conventions
• MUST use 4 spaces for indentation (never tabs)
• NEVER use emoji, or unicode that emulates emoji (e.g. ✓, ✗). The only exception is when writing tests and testing the impact of multibyte characters.
• Use snake_case for functions/variables/modules, PascalCase for types/traits, SCREAMING_SNAKE_CASE for constants
• Limit line length to 100 characters (rustfmt default)
• Assume the user is a Python expert, but a Rust novice. Include additional code comments around Rust-specific nuances that a Python developer may not recognize.

Documentation

• MUST include doc comments for all public functions, structs, enums, and methods
• MUST document function parameters, return values, and errors
• Keep comments up-to-date with code changes
• Include examples in doc comments for complex functions

Example doc comment:

/// Calculate the total cost of items including tax.
///
/// # Arguments
///
/// * `items` - Slice of item structs with price fields
/// * `tax_rate` - Tax rate as decimal (e.g., 0.08 for 8%)
///
/// # Returns
///
/// Total cost including tax
///
/// # Errors
///
/// Returns `CalculationError::EmptyItems` if items is empty
/// Returns `CalculationError::InvalidTaxRate` if tax_rate is negative
///
/// # Examples
///
/// ```
/// let items = vec![Item { price: 10.0 }, Item { price: 20.0 }];
/// let total = calculate_total(&items, 0.08)?;
/// assert_eq!(total, 32.40);
/// ```
pub fn calculate_total(items: &[Item], tax_rate: f64) -> Result<f64, CalculationError> {

Type System

• MUST leverage Rust's type system to prevent bugs at compile time
• NEVER use .unwrap() in library code; use .expect() only for invariant violations with a descriptive message
• MUST use meaningful custom error types with thiserror
• Use newtypes to distinguish semantically different values of the same underlying type
• Prefer Option<T> over sentinel values

Error Handling

• NEVER use .unwrap() in production code paths
• MUST use Result<T, E> for fallible operations
• MUST use thiserror for defining error types and anyhow for application-level errors
• MUST propagate errors with ? operator where appropriate
• Provide meaningful error messages with context using .context() from anyhow

Function Design

• MUST keep functions focused on a single responsibility
• MUST prefer borrowing (&T, &mut T) over ownership when possible
• Limit function parameters to 5 or fewer; use a config struct for more
• Return early to reduce nesting
• Use iterators and combinators over explicit loops where clearer

Struct and Enum Design

• MUST keep types focused on a single responsibility
• MUST derive common traits: Debug, Clone, PartialEq where appropriate
• Use #[derive(Default)] when a sensible default exists
• Prefer composition over inheritance-like patterns
• Use builder pattern for complex struct construction
• Make fields private by default; provide accessor methods when needed

Testing

• MUST write unit tests for all new functions and types
• MUST mock external dependencies (APIs, databases, file systems)
• MUST use the built-in #[test] attribute and cargo test
• Follow the Arrange-Act-Assert pattern
• Do not commit commented-out tests
• Use #[cfg(test)] modules for test code

Imports and Dependencies

• MUST avoid wildcard imports (use module::*) except for preludes, test modules (use super::*), and prelude re-exports
• MUST document dependencies in Cargo.toml with version constraints
• Use cargo for dependency management
• Organize imports: standard library, external crates, local modules
• Use rustfmt to automate import formatting

Rust Best Practices

• NEVER use unsafe unless absolutely necessary; document safety invariants when used
• MUST call .clone() explicitly on non-Copy types; avoid hidden clones in closures and iterators
• MUST use pattern matching exhaustively; avoid catch-all _ patterns when possible
• MUST use format! macro for string formatting
• Use iterators and iterator adapters over manual loops
• Use enumerate() instead of manual counter variables
• Prefer if let and while let for single-pattern matching

Memory and Performance

• MUST avoid unnecessary allocations; prefer &str over String when possible
• MUST use Cow<'_, str> when ownership is conditionally needed
• Use Vec::with_capacity() when the size is known
• Prefer stack allocation over heap when appropriate
• Use Arc and Rc judiciously; prefer borrowing

Concurrency

• MUST use Send and Sync bounds appropriately
• MUST prefer tokio for async runtime in async applications
• MUST use rayon for CPU-bound parallelism
• Avoid Mutex when RwLock or lock-free alternatives are appropriate
• Use channels (mpsc, crossbeam) for message passing

Security

• NEVER store secrets, API keys, or passwords in code. Only store them in .env.
  • Ensure .env is declared in .gitignore.
• MUST use environment variables for sensitive configuration via dotenvy or std::env
• NEVER log sensitive information (passwords, tokens, PII)
• Use secrecy crate for sensitive data types

Version Control

• MUST write clear, descriptive commit messages
• NEVER commit commented-out code; delete it
• NEVER commit debug println! statements or dbg! macros
• NEVER commit credentials or sensitive data

Tools

• MUST use rustfmt for code formatting
• MUST use clippy for linting and follow its suggestions
• MUST ensure code compiles with no warnings (use -D warnings flag in CI, not #![deny(warnings)] in source)
• Use cargo for building, testing, and dependency management
• Use cargo test for running tests
• Use cargo doc for generating documentation
• NEVER build with cargo build --features python: this will always fail. Instead, ALWAYS use maturin.

Before Committing

• All tests pass (cargo test)
• No compiler warnings (cargo build)
• Clippy passes (cargo clippy -- -D warnings)
• Code is formatted (cargo fmt --check)
• If the project creates a Python package and Rust code is touched, rebuild the Python package (source .venv/bin/activate && maturin develop --release --features python)
• If the project creates a WASM package and Rust code is touched, rebuild the WASM package (wasm-pack build --target web --out-dir web/pkg)
• All public items have doc comments
• No commented-out code or debug statements
• No hardcoded credentials

---

Remember: Prioritize clarity and maintainability over cleverness.

CERTifAI

This project is a SaaS application dashboard for administation of self-hosted private GenAI (generative AI) toolbox for companies and individuals. The purpose of the dashboard is to manage LLMs, Agents, MCP Servers and other GenAI related features.

The purpose of CERTifAIis to provide self-hosted or GDPR-Conform GenAI infrastructure to companies who do not wish to subscribe to non-EU cloud providers to protect their intellectual property from being used as training data.

Overview

The SaaS application dashboard is the landing page for the company admin to view, edit and manage the company internal GenAI tools. The following tasks can be performed by the administrator:

• User management: Can add, remove, set roles, permissions and add restrictions for other users.
• SSO/Oauth/LDAP: Can connect to company internal SSO/LDAP or other identity provider to load users and their respective permissions.
• Turn features on/off: Turn off/on different GenAI features
• Billing: View the current seats being used and token usage per seat for any given billing cycle
• Request support: Request support or new features using feedback form
• GenAI: View currently running LLMs, Agents, MCP Servers. Modify or add more resources, switch to a different model, launch tools like Langchain + Langfuse for creating new agents,tavily for internet search or more complex tools for use with GenAI. View endpoints and generate API Keys for integrations in other applications.

Development environment

This project is written in dioxus with fullstack and router features. MongoDB is used as a database for maintaining user state. Keycloak is used as identity provider for user management.

Code structure

The following folder structure is maintained for separation of concerns:

• src/components/*.rs : All components that are required to be rendered are placed here. These are frontend only, reusable components that are specific for the application.
• src/infrastructure/*.rs : All backend related functions from the dioxus fullstack are placed here. This entire module is behind the feature "server".
• src/models/*.rs : All data models for use by the frontend pages and components.
• src/pages/*.rs : All view pages for the website, which utilize components, models to render the entire page. The pages are more towards the user as they group user-centered functions together in one view.

Git Workflow

We follow feature branch workflow for Git and bringing in new features. The main branch is the default and protected branch. Conventional commits MUST be used for writing commit messages. We follow semantic versioning as per SemVer

CI

The CI is run on gitea actions with runner tags docker.