Every Mesrai rule, in one place

Check if lines exceed 80 characters (excluding comments and docstrings). Long lines reduce readability. Recommend breaking lines or using line continuations for better formatting.

Ensure that no line exceeds 100 characters in length to maintain readability.

Detect lines exceeding 120 characters and suggest breaking them into multiple lines for better readability.

Ensure that lines do not exceed 80 characters. Long lines reduce readability, especially on smaller screens or during code reviews.

When a PR implements or changes a decision, include 'ADR: docs/adr/NNNN-title.md' in the PR description and reference it in the merge commit body.

Reference at least one tracking ID (e.g., JIRA/GitHub issue) in the PR description using a consistent format (e.g., 'Refs: ABC-123').

Register a Monolog processor to mask emails/phones and attach pii_redacted:true; forbid direct logging of raw identifiers.

In when/else or default branches, log a warning with the unexpected value to surface silent failures.

Keep docs/adr/README.md updated with a table of ADRs (number, title, status, date). Update the index in the same PR that adds/changes an ADR.

Ensure that annotations are placed consistently before or after modifiers throughout the codebase.

Expose constant dicts as read-only via MappingProxyType (or frozen dataclasses) to prevent runtime mutation.

Default to private visibility; expose the minimal surface and prefer val with private set when mutation is needed.

Guard expensive debug log formatting behind level checks or lazy formatting.

Check if private or `file`-scoped classes that are never inherited are explicitly marked as `sealed` to indicate they are final.

Check if properties that are never reassigned are marked as readonly. This improves code clarity and prevents unintended reassignment.

Intercept Authorization headers and redact bearer/JWT values; attach requestId to every log line.

For pure functions called repeatedly with the same inputs, memoize results; avoid recreating identical callbacks in hot paths.

Cache expensive pure results using memoization (`||=`) or request-scoped caches.

For simple form submissions from RSC, use server actions with schema validation and then revalidate paths/tags. Avoid client fetch for trivial mutations.

Configure Monolog to add a processor that redacts emails, tokens, and SSNs before writing logs; include request_id.

Lift loop-invariant computations (regex, formatters, lookups) out of loops and reuse.

Place cross-controller view helpers in ApplicationHelper (or a shared module) for reuse.

Store long static templates/prompts in files and load them at runtime; avoid embedding huge multi-line strings in code.

Perform one-time configuration/dependency validation at process startup (init/bootstrap). Avoid doing it inside per-request middleware/interceptor factories.