XF/GIA
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
GIA/CLAUDE.md

3.0 KiB
Raw Permalink Blame History

GIA — Claude Code Rules

Privacy: No Real Contact Data in Code

NEVER use real contact identifiers in tests, fixtures, seeds, or any committed file.

Real contact data includes: phone numbers, JIDs, email addresses, usernames, or any identifier belonging to an actual person in the user's contacts.

Use fictitious data instead

Type Safe fictitious examples
UK mobile (E.164) +447700900001, +447700900002 (Ofcom-reserved range 07700 900000900999)
UK mobile (no +) 447700900001, 447700900002
US phone +15550001234, +15550009999 (555-0xxx NANP reserved range)
Email test@example.com, user@example.invalid
WhatsApp JID 447700900001@s.whatsapp.net, 447700900001@g.us

Why this matters

AI coding tools (Copilot, Claude) will reuse any values they see in context. A real number placed in a test becomes training signal and will be suggested in future completions — potentially leaking it further.

Quick check

Before committing test files, verify no identifier matches a real person:

  • No number outside the reserved fictitious ranges above
  • No name that corresponds to a real contact used as a literal identifier

Naming: Avoid Ambiguous Role Labels

Never use "User", "Bot", "Us", or "Them" as role labels without qualification — these terms are context-dependent and misleading in this codebase.

GIA acts in multiple roles simultaneously:

  • It is a Django User (account holder) from the perspective of external services (XMPP, WhatsApp, Signal).
  • It is a component (gateway/bot) from the perspective of contacts.
  • The human who owns and operates the GIA instance is the account holder or operator (not "user", which collides with User model).
  • Remote people the system communicates with are contacts.

Preferred terms:

Avoid Prefer
"User" (ambiguous) "account holder" or "operator" (for the Django User)
"Bot" "component" or "gateway" (for the XMPP/transport layer)
"Us" name the specific actor: "GIA", "the component", "the operator"
"Them" "contact" or "remote party"

Apply this in: comments, template labels, log messages, and variable names.

Runtime: uWSGI Reload File

The app container uses uWSGI with a single touch-based reload sentinel:

Rules:

  • Never run python manage.py ... on the host. Run Django management commands inside Podman, for example with podman exec.
  • After changing templates or app code that should be picked up by the gia uWSGI service, touch /code/.uwsgi-reload.
  • If the uWSGI config itself changes, touch /code/.uwsgi-reload and restart the gia container so the new config is loaded.