# 📋 CONSTITUTION - desk-moloni

## 🎯 CORE PRINCIPLES

### 1. **INTEGRATION-FIRST APPROACH**
- All features must serve the primary goal of seamless DeskCRM ↔ Moloni integration
- Data consistency between systems is paramount
- API reliability and error handling are critical success factors

### 2. **ROBUST ERROR HANDLING**
- Every API call must have comprehensive error handling
- Retry mechanisms for transient failures
- Detailed logging for debugging and audit trails
- Graceful degradation when services are unavailable

### 3. **DATA INTEGRITY STANDARDS**
- All data transformations must be reversible and auditable
- Field mappings must be documented and configurable
- Validation at every step of the data pipeline
- No silent data loss or corruption allowed

### 4. **PERFORMANCE REQUIREMENTS**
- Sync operations must complete within 2 seconds average
- Batch processing for large datasets
- Memory-efficient processing for high-volume operations
- Configurable rate limiting to respect API limits

### 5. **SECURITY BY DESIGN**
- All API credentials stored securely
- Input validation and sanitization mandatory
- HTTPS only for all external communications
- Audit logs for all data access and modifications

### 6. **MAINTAINABILITY FOCUS**
- PSR-12 coding standards strictly enforced
- Comprehensive PHPDoc documentation
- Modular architecture for easy testing and updates
- Clear separation of concerns between components

## 🚫 ANTI-PATTERNS TO AVOID

### ❌ Data Inconsistency
- Never allow systems to be out of sync without clear notification
- No manual data fixes that bypass the sync engine
- Avoid hardcoded field mappings that can't be configured

### ❌ Silent Failures
- Never suppress errors without proper handling
- No background failures without user notification
- Avoid incomplete operations that appear successful

### ❌ Performance Issues
- No synchronous operations for large datasets
- Avoid N+1 query problems in batch operations
- No unlimited memory usage for processing

### ❌ Security Gaps
- Never log sensitive data (passwords, tokens)
- No plaintext storage of API credentials
- Avoid SQL injection vulnerabilities

## 🎯 SUCCESS METRICS
- **Sync Accuracy**: >99.5% successful operations
- **Performance**: <2s average response time
- **Reliability**: 99.9% uptime
- **Error Recovery**: <5 minute resolution time
- **User Satisfaction**: Intuitive interface and clear feedback

## 🔄 EVOLUTION GUIDELINES
- All changes must maintain backward compatibility
- New features require comprehensive testing
- API changes need migration strategies
- Performance improvements must be measurable

---
**Project**: desk-moloni | **Template**: Descomplicar® v2.0 | **Updated**: 2025-09-12