// Canonical Convex backend coding patterns — validators, function registration, queries, mutations, actions, schemas, pagination, cron jobs, file storage, and Better Auth integration. Use when writing or reviewing any Convex backend code.
A brief description of what this skill does
Iterativer Plan-Review-Loop mit OpenAI Codex als zweiter Meinung. Use when the user runs /pair-review, asks for cross-model verification of a plan file in ~/.claude/plans/, or — most importantly — before calling ExitPlanMode in plan mode to validate the proposed plan with adversarial review.
Fetch PR review comments, verify each against real code/docs, fix valid issues, commit and push
Skill for integrating Autumn - the billing and entitlements layer over Stripe.
This skill encodes Emil Kowalski's philosophy on UI polish, component design, animation decisions, and the invisible details that make software feel great.
Workflow for generating form JSON and using the Svelte Form Builder (svelte-form-builder.vercel.app) to scaffold SvelteKit remote function forms with Valibot validation. Use when creating forms via the form builder.
| name | convex-guidelines |
| description | Canonical Convex backend coding patterns — validators, function registration, queries, mutations, actions, schemas, pagination, cron jobs, file storage, and Better Auth integration. Use when writing or reviewing any Convex backend code. |
These guidelines must be followed when writing, reviewing, or modifying any Convex backend code.
convex/http.ts and require an httpAction decorator:import { httpRouter } from 'convex/server';
import { httpAction } from './_generated/server';
const http = httpRouter();
http.route({
path: '/echo',
method: 'POST',
handler: httpAction(async (ctx, req) => {
const body = await req.bytes();
return new Response(body, { status: 200 });
})
});
path field.pathPrefix instead of path: http.route({ pathPrefix: "/api/", method: "GET", handler: ... }). Do NOT use glob patterns like /api/*.v.array(validator) for arrays, v.union(...) for unions, and v.object({ ... }) for objects.v.literal("kind") inside v.union(v.object({ kind: v.literal("a"), ... }), ...).v.id(tableName), v.string(), v.number(), v.boolean(), v.int64() (not v.bigint()), v.record(keys, values) (not v.map/v.set).v.tuple() validator. Use v.array(v.union(...)) for mixed-type arrays.undefined is not a valid Convex value. Functions that return undefined or do not return will return null when called from a client. Use null instead.v.record(keys, values): keys must be ASCII characters, nonempty, and not start with $ or _.internalQuery, internalMutation, internalAction for private functions (from ./_generated/server). Use query, mutation, action for public API.api or internal objects.args validators for every function.returns validators for every function. If a function returns nothing, use returns: v.null().retryCount field to the relevant table and stop retrying after N attempts (typically 5). Log the final failure for observability.ctx.runQuery to call a query from a query, mutation, or action.ctx.runMutation to call a mutation from a mutation or action.ctx.runAction to call an action from an action.api.module.f). Do NOT pass the function directly.export const f = query({
args: { name: v.string() },
returns: v.string(),
handler: async (ctx, args) => {
return 'Hello ' + args.name;
}
});
export const g = query({
args: {},
returns: v.null(),
handler: async (ctx, args) => {
const result: string = await ctx.runQuery(api.example.f, { name: 'Bob' });
return null;
}
});
api object from convex/_generated/api.ts to reference public functions (query, mutation, action).internal object from convex/_generated/api.ts to reference private functions (internalQuery, internalMutation, internalAction).f in convex/example.ts → api.example.f.g in convex/example.ts → internal.example.g.convex/messages/access.ts → api.messages.access.h.paginationOptsValidator from convex/server and use args: { paginationOpts: paginationOptsValidator, ... }.page, isDone, and continueCursor (NOT results).import { query } from './_generated/server';
import { v } from 'convex/values';
import { paginationOptsValidator } from 'convex/server';
export const list = query({
args: { paginationOpts: paginationOptsValidator, author: v.string() },
handler: async (ctx, args) => {
return await ctx.db
.query('messages')
.withIndex('by_author', (q) => q.eq('author', args.author))
.order('desc')
.paginate(args.paginationOpts);
}
});
convex/schema.ts and import schema definition functions from convex/server._creationTime (v.number()) and _id (v.id(tableName)) are automatic — never define them manually.["field1", "field2"] → name by_field1_and_field2.This section applies to projects using @convex-dev/better-auth with a local install — NOT vanilla Convex JWT auth (auth.config.ts + ctx.auth.getUserIdentity()).
createAuth() and createAuthOptions().authComponent.getAuthUser(ctx) to get the current authenticated user in any query, mutation, or action. Returns null if unauthenticated.userId or any user identifier as a function argument for authorization. Always derive identity server-side via authComponent.getAuthUser(ctx).authComponent.registerRoutes(http, createAuth) in convex/http.ts.user, session, account, verification, jwks, passkey) are managed by the Better Auth component.createAuthClient() with plugins: convexClient(), passkeyClient(), adminClient().useAuth() for reactive auth state (isAuthenticated, session, user).hooks.server.ts: JWT extracted from cookies, /app/** requires auth, /admin/** requires role === 'admin'.authClient.signIn.email(), authClient.signUp.email(), authClient.signIn.social(), authClient.signIn.passkey().Id<"tableName"> from ./_generated/dataModel for document IDs. Be strict — prefer Id<"users"> over string.Doc<"tableName"> from ./_generated/dataModel for full document types.QueryCtx, MutationCtx, ActionCtx from ./_generated/server for typing function contexts. NEVER use any for ctx parameters.Record key/value types to the validator: v.record(v.id('users'), v.string()) → Record<Id<'users'>, string>.filter in queries. Define an index in the schema and use withIndex instead..delete(). Instead, .collect() the results, iterate, and call ctx.db.delete(row._id) on each..unique() to get a single document. Throws if multiple documents match..collect(), .take(n), or .iter(). Use for await (const row of query) directly._creationTime order..order('asc') or .order('desc') to set order. Defaults to ascending.Use .withSearchIndex() for text search queries:
const messages = await ctx.db
.query('messages')
.withSearchIndex('search_body', (q) => q.search('body', 'hello hi').eq('channel', '#general'))
.take(10);
ctx.db.replace to fully replace an existing document. Throws if the document does not exist.ctx.db.patch to shallow merge updates into an existing document. Throws if the document does not exist."use node"; to the top of files containing actions that use Node.js built-in modules."use node"; to a file that also exports queries or mutations. Only actions can run in the Node.js runtime; queries and mutations must stay in the default Convex runtime. If you need Node.js built-ins alongside queries or mutations, put the action in a separate file.fetch() is available in the default Convex runtime. You do NOT need "use node"; just to use fetch().ctx.db inside of an action. Actions don't have access to the database. Use ctx.runQuery or ctx.runMutation instead.crons.interval or crons.cron methods. Do NOT use crons.hourly, crons.daily, or crons.weekly helpers.crons object, calling methods on it, and exporting it as default:import { cronJobs } from 'convex/server';
import { internal } from './_generated/api';
import { internalAction } from './_generated/server';
const empty = internalAction({
args: {},
handler: async (ctx, args) => {
console.log('empty');
}
});
const crons = cronJobs();
crons.interval('delete inactive users', { hours: 2 }, internal.crons.empty, {});
export default crons;
crons.ts just like any other file.internal from _generated/api, even if the function is registered in the same file.ctx.storage.getUrl() returns a signed URL for a given file. Returns null if the file doesn't exist.ctx.storage.getMetadata. Query the _storage system table instead:import { query } from './_generated/server';
import { v } from 'convex/values';
export const getFileMetadata = query({
args: { fileId: v.id('_storage') },
returns: v.any(),
handler: async (ctx, args) => {
return await ctx.db.system.get(args.fileId);
// Returns: { _id, _creationTime, contentType?, sha256, size }
}
});
Blob objects. Convert all items to/from a Blob when using storage.new Blob([data]) to store and await blob.text() to read. Do NOT use TextEncoder or TextDecoder with Convex storage blobs.