// library
Severity
Bucket
Dispose controllers, focus nodes, animations, timers, and cancel subscriptions in `dispose()`.
Validate HTTP status and safely access nested response data using `dig`/guards.
Wrap HTTP/SDK calls with timeouts and catch transport/errors; log context and map to domain failures.
Wrap file reads/writes (e.g., file_get_contents, file_put_contents, fopen) with checks and exceptions; never assume the filesystem is available.
Always check and handle errors from json.Marshal/json.Unmarshal (or Encoder/Decoder). Log context and return a safe, consistent error to callers.
Guard app startup with zone-level handlers and FlutterError hooks; surface fatal errors and report them.
Validate required runtime env vars at container start via an entrypoint script; exit with a clear message on missing values.
Enforce referential integrity with add_foreign_key and matching indexes.
Validate presence, format, and ranges for incoming parameters before processing.
Validate presence, type, and range of critical inputs at boundaries (API, CLI, jobs) and fail fast with clear messages.
When accessing properties that may be absent, use optional chaining and sensible defaults.
Guard all potentially-null references with null checks, null-coalescing, or pattern matching before dereferencing.
Log key operations with structured fields (actor/resource/operation) at appropriate levels; include exception info on failures.
Configure Sidekiq retries and dead-lettering; use backoff for transient failures and idempotent jobs.
Catch and handle only the exceptions you expect (e.g., KeyError, ValueError, TimeoutError); let unknown ones bubble.
Serve via rustls with TLS1.2+ and add middleware to log JSON audit events with user_id and request_id; never log raw tokens.
Wrap multi-record changes in a database transaction and use bang methods to ensure rollback on failure.
Wrap multi-statement DB operations in a transaction; commit on success and rollback on any exception.
Surround network and IPC calls with try/catch for IOException and timeouts; map to domain errors and log context.
Wrap network, file system, and other external calls in try/catch; add context and map to application-level errors.
Wrap network/filesystem/process calls; check status codes/results and add context to failures.
Enforce uniqueness at the database level (unique indexes/constraints) for identifiers and natural keys.
Check transport errors and HTTP status codes before parsing response bodies; treat 4xx/5xx as errors with context.
Ensure that all control structures (if, for, while) use braces `{}` even for single statements.
73–96 of 808