database-patterns
SKILL.md
Database Patterns
Quick Start
import { db } from '$lib/server/db';
import { nanoid } from 'nanoid';
// SELECT with user_id (row-level security)
const contact = db
.prepare('SELECT * FROM contacts WHERE id = ? AND user_id = ?')
.get(id, user_id) as Contact | undefined;
// INSERT with nanoid and timestamps
const stmt = db.prepare(
'INSERT INTO contacts (id, user_id, name, created_at, updated_at) VALUES (?, ?, ?, ?, ?)',
);
stmt.run(nanoid(), user_id, name, Date.now(), Date.now());
Core Principles
- Prepared statements: Use for all queries (SQL injection prevention)
- ID generation: Use
nanoid()for all primary keys (no auto-increment) - Timestamps: Store as Unix epoch with
Date.now()(milliseconds) - Row-level security: Always include
user_idin WHERE clause (never query by ID alone) - Transactions: Use for multi-table operations (all-or-nothing)
- Synchronous: better-sqlite3 is sync - no async/await needed
Reference Files
- schema.md - Complete schema with columns and types
- relationships.md - Table relationships and foreign keys
- query-examples.md - Joins, transactions, and advanced patterns
Weekly Installs
2
Repository
spences10/devhub-crmGitHub Stars
6
First Seen
1 day ago
Security Audits
Installed on
windsurf2
amp2
cline2
opencode2
cursor2
kimi-cli2