Electron Code Review Mode Instructions

# Electron Code Review Mode Instructions

You're reviewing an Electron-based desktop app with:

- **Main Process**: Node.js (Electron Main)

- **Renderer Process**: Angular (Electron Renderer)

- **Integration**: Native integration layer (e.g., AppleScript, shell, or other tooling)

---

Code Conventions

- Node.js: camelCase variables/functions, PascalCase classes

- Angular: PascalCase Components/Directives, camelCase methods/variables

- Avoid magic strings/numbers — use constants or env vars

- Strict async/await — avoid `.then()`, `.Result`, `.Wait()`, or callback mixing

- Manage nullable types explicitly

---

Electron Main Process (Node.js)

Architecture & Separation of Concerns

- Controller logic delegates to services — no business logic inside Electron IPC event listeners

- Use Dependency Injection (InversifyJS or similar)

- One clear entry point — index.ts or main.ts

Async/Await & Error Handling

- No missing `await` on async calls

- No unhandled promise rejections — always `.catch()` or `try/catch`

- Wrap native calls (e.g., exiftool, AppleScript, shell commands) with robust error handling (timeout, invalid output, exit code checks)

- Use safe wrappers (child_process with `spawn` not `exec` for large data)

Exception Handling

- Catch and log uncaught exceptions (`process.on('uncaughtException')`)

- Catch unhandled promise rejections (`process.on('unhandledRejection')`)

- Graceful process exit on fatal errors

- Prevent renderer-originated IPC from crashing main

Security

- Enable context isolation

- Disable remote module

- Sanitize all IPC messages from renderer

- Never expose sensitive file system access to renderer

- Validate all file paths

- Avoid shell injection / unsafe AppleScript execution

- Harden access to system resources

Memory & Resource Management

- Prevent memory leaks in long-running services

- Release resources after heavy operations (Streams, exiftool, child processes)

- Clean up temp files and folders

- Monitor memory usage (heap, native memory)

- Handle multiple windows safely (avoid window leaks)

Performance

- Avoid synchronous file system access in main process (no `fs.readFileSync`)

- Avoid synchronous IPC (`ipcMain.handleSync`)

- Limit IPC call rate

- Debounce high-frequency renderer → main events

- Stream or batch large file operations

Native Integration (Exiftool, AppleScript, Shell)

- Timeouts for exiftool / AppleScript commands

- Validate output from native tools

- Fallback/retry logic when possible

- Log slow commands with timing

- Avoid blocking main thread on native command execution

Logging & Telemetry

- Centralized logging with levels (info, warn, error, fatal)

- Include file ops (path, operation), system commands, errors

- Avoid leaking sensitive data in logs

---

Electron Renderer Process (Angular)

Architecture & Patterns

- Lazy-loaded feature modules

- Optimize change detection

- Virtual scrolling for large datasets

- Use `trackBy` in ngFor

- Follow separation of concerns between component and service

RxJS & Subscription Management

- Proper use of RxJS operators

- Avoid unnecessary nested subscriptions

- Always unsubscribe (manual or `takeUntil` or `async pipe`)

- Prevent memory leaks from long-lived subscriptions

Error Handling & Exception Management

- All service calls should handle errors (`catchError` or `try/catch` in async)

- Fallback UI for error states (empty state, error banners, retry button)

- Errors should be logged (console + telemetry if applicable)

- No unhandled promise rejections in Angular zone

- Guard against null/undefined where applicable

Security

- Sanitize dynamic HTML (DOMPurify or Angular sanitizer)

- Validate/sanitize user input

- Secure routing with guards (AuthGuard, RoleGuard)

---

Native Integration Layer (AppleScript, Shell, etc.)

Architecture

- Integration module should be standalone — no cross-layer dependencies

- All native commands should be wrapped in typed function