> nestjs-api-standards
Create standardized API response envelopes, paginated endpoints, and error interceptors in NestJS. Use when implementing response wrappers, pagination DTOs, or global error formats. (triggers: **/*.controller.ts, **/*.dto.ts, ApiResponse, Pagination, TransformInterceptor)
curl "https://skillshub.wtf/HoangNguyen0403/agent-skills-standard/nestjs-api-standards?format=md"NestJS API Standards & Common Patterns
Priority: P1 (OPERATIONAL)
Standardized API response patterns and common NestJS conventions.
Workflow: Standardize an API Endpoint
- Create Response DTO — Define a dedicated DTO for every endpoint return type.
- Map entity to DTO — Use
plainToInstance(UserResponseDto, user)in the service or controller. - Apply TransformInterceptor — Bind globally to wrap all responses in
{ statusCode, data, meta }. - Add nested validation — Decorate nested DTO properties with
@ValidateNested()+@Type(). - Document with Swagger — Apply
@ApiResponse({ status, type })with exact types per endpoint.
Response Wrapper Example
Entity-to-DTO Mapping Example
Deep Validation (Critical)
- [Rule] Nested Validation: When a DTO property is an object or array of objects, you MUST use
@ValidateNested()along with@Type(() => TargetDto)fromclass-transformerto ensure deep validation.
Pagination Standards
- DTOs: Use strict
PageOptionsDto(page/take/order) andPageDto<T>(data/meta). - Swagger Logic: Generics require
ApiExtraModelsand schema path resolution. - Reference: See Pagination Wrapper Implementation for the complete
ApiPaginatedResponsedecorator code.
Custom Error Response
- Standard Error Object: Define
ApiErrorResponsewithstatusCode,message,error,timestamp,path. See Error Response Class. - Docs: Apply
@ApiBadRequestResponse({ type: ApiErrorResponse })globally or per controller.
Anti-Patterns
- No raw entity returns: Always map to a Response DTO; raw entities leak internal fields.
- No unvalidated nested DTOs: Use
@ValidateNested()+@Type()for all nested object properties. - No generic 200 docs: Apply
@ApiResponse({ status, type })with exact types per endpoint.
References
> related_skills --same-repo
> common-store-changelog
Generate user-facing release notes for the Apple App Store and Google Play Store by collecting git history, triaging user-impacting changes, and drafting store-compliant changelogs. Enforces character limits (App Store ≤4000, Google Play ≤500), tone, and bullet format. Use when generating release notes, app store changelog, play store release, what's new, or version release notes for any mobile app. (triggers: generate changelog, app store notes, play store release, what's new, release notes, ve
> golang-tooling
Go developer toolchain — gopls LSP diagnostics, linting, formatting, and vet. Use when setting up Go tooling, running linters, or integrating gopls with Claude Code. (triggers: gopls, golangci-lint, golangci.yml, go vet, goimports, staticcheck, go tooling, go lint)
> common-ui-design
Design distinctive, production-grade frontend UI with bold aesthetic choices. Use when building web components, pages, interfaces, dashboards, or applications in any framework (React, Next.js, Angular, Vue, HTML/CSS). (triggers: build a page, create a component, design a dashboard, landing page, UI for, build a layout, make it look good, improve the design, build UI, create interface, design screen)
> common-owasp
OWASP Top 10 audit checklist for Web Applications (2021) and APIs (2023). Load during any security review, PR review, or codebase audit touching web, mobile backend, or API code. (triggers: security review, OWASP, broken access control, IDOR, BOLA, injection, broken auth, API review, authorization, access control)