Pinia状态管理技能：Vue.js应用状态管理最佳实践与TDD开发指南

pinia by martinholovsky/claude-skills-generator

77 周安装量

30 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/martinholovsky/claude-skills-generator --skill pinia

Vue 状态管理测试

🇨🇳中文介绍

Pinia 状态管理技能

文件组织：此技能采用拆分结构。高级模式和安全示例请参阅 references/ 目录。

1. 概述

此技能为 JARVIS AI 助手提供 Pinia 专业知识，用于管理应用程序状态，包括系统指标、用户偏好和 HUD 配置。

风险等级：中等 - 管理敏感状态，需考虑 SSR，存在潜在数据暴露风险

主要用例：

系统指标和状态跟踪
用户偏好和设置
HUD 配置状态
命令历史记录和队列
实时数据同步

2. 核心职责

2.1 核心原则

测试驱动开发优先：在实现之前编写存储测试
性能意识：优化订阅和计算值
类型安全：使用完整的 TypeScript 类型定义存储
SSR 安全性：防止请求间的状态泄漏
组合式 API：使用 setup 存储以获得更好的 TypeScript 支持
最小化状态：仅存储必要数据，其余通过派生获得
操作验证：在变更前验证操作输入
持久化安全：切勿将敏感数据持久化到 localStorage

3. 技术栈与版本

3.1 推荐版本

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

3.3 实现工作流（测试驱动开发）

为每个存储遵循此工作流：

步骤 1：首先编写失败的测试

// tests/stores/metrics.test.ts
import { describe, it, expect, beforeEach } from 'vitest'
import { setActivePinia, createPinia } from 'pinia'
import { useMetricsStore } from '~/stores/metrics'

describe('MetricsStore', () => {
  beforeEach(() => {
    setActivePinia(createPinia())
  })

  it('should initialize with default values', () => {
    const store = useMetricsStore()
    expect(store.cpu).toBe(0)
    expect(store.memory).toBe(0)
  })

  it('should clamp values within valid range', () => {
    const store = useMetricsStore()
    store.updateCpu(150)
    expect(store.cpu).toBe(100)
    store.updateCpu(-50)
    expect(store.cpu).toBe(0)
  })

  it('should compute health status correctly', () => {
    const store = useMetricsStore()
    store.updateCpu(95)
    store.updateMemory(90)
    expect(store.healthStatus).toBe('critical')
  })
})

步骤 2：实现最小化代码以通过测试

// stores/metrics.ts
export const useMetricsStore = defineStore('metrics', () => {
  const cpu = ref(0)
  const memory = ref(0)

  const healthStatus = computed(() => {
    const avg = (cpu.value + memory.value) / 2
    if (avg > 90) return 'critical'
    if (avg > 70) return 'warning'
    return 'healthy'
  })

  function updateCpu(value: number) {
    cpu.value = Math.max(0, Math.min(100, value))
  }

  function updateMemory(value: number) {
    memory.value = Math.max(0, Math.min(100, value))
  }

  return { cpu, memory, healthStatus, updateCpu, updateMemory }
})

步骤 3：遵循模式进行重构

提取验证逻辑
添加 TypeScript 接口
优化计算依赖项

步骤 4：运行完整验证

npm run test -- --filter=stores
npm run typecheck
npm run build

4.1 使用 TypeScript 的 Setup 存储

// stores/jarvis.ts
import { defineStore } from 'pinia'
import { ref, computed } from 'vue'

interface SystemMetrics {
  cpu: number
  memory: number
  network: number
  timestamp: number
}

interface JARVISState {
  status: 'idle' | 'listening' | 'processing' | 'responding'
  securityLevel: 'normal' | 'elevated' | 'lockdown'
}

export const useJarvisStore = defineStore('jarvis', () => {
  // 状态
  const state = ref<JARVISState>({
    status: 'idle',
    securityLevel: 'normal'
  })

  const metrics = ref<SystemMetrics>({
    cpu: 0,
    memory: 0,
    network: 0,
    timestamp: Date.now()
  })

  // 计算属性
  const isActive = computed(() =>
    state.value.status !== 'idle'
  )

  const systemHealth = computed(() => {
    const avg = (metrics.value.cpu + metrics.value.memory) / 2
    if (avg > 90) return 'critical'
    if (avg > 70) return 'warning'
    return 'healthy'
  })

  // 操作
  function updateMetrics(newMetrics: Partial<SystemMetrics>) {
    // ✅ 验证输入
    if (newMetrics.cpu !== undefined) {
      metrics.value.cpu = Math.max(0, Math.min(100, newMetrics.cpu))
    }
    if (newMetrics.memory !== undefined) {
      metrics.value.memory = Math.max(0, Math.min(100, newMetrics.memory))
    }
    if (newMetrics.network !== undefined) {
      metrics.value.network = Math.max(0, newMetrics.network)
    }
    metrics.value.timestamp = Date.now()
  }

  function setStatus(newStatus: JARVISState['status']) {
    state.value.status = newStatus
  }

  function setSecurityLevel(level: JARVISState['securityLevel']) {
    state.value.securityLevel = level

    // ✅ 审计安全变更
    console.info(`Security level changed to: ${level}`)
  }

  return {
    state,
    metrics,
    isActive,
    systemHealth,
    updateMetrics,
    setStatus,
    setSecurityLevel
  }
})

4.2 用户偏好存储（带持久化）

// stores/preferences.ts
export const usePreferencesStore = defineStore('preferences', () => {
  const preferences = ref({
    theme: 'dark' as 'dark' | 'light',
    hudOpacity: 0.8,
    soundEnabled: true
  })

  function updatePreference<K extends keyof typeof preferences.value>(
    key: K, value: typeof preferences.value[K]
  ) {
    if (key === 'hudOpacity' && (value < 0 || value > 1)) return
    preferences.value[key] = value
  }

  return { preferences, updatePreference }
}, {
  persist: {
    key: 'jarvis-preferences',
    paths: ['preferences.theme', 'preferences.hudOpacity']
    // ❌ 切勿持久化：令牌、密码、API 密钥
  }
})

4.3 命令队列存储

// stores/commands.ts
interface Command {
  id: string
  action: string
  status: 'pending' | 'executing' | 'completed' | 'failed'
}

export const useCommandStore = defineStore('commands', () => {
  const queue = ref<Command[]>([])
  const history = ref<Command[]>([])
  const MAX_HISTORY = 100

  const pendingCommands = computed(() =>
    queue.value.filter(cmd => cmd.status === 'pending')
  )

  function addCommand(action: string) {
    const cmd: Command = { id: crypto.randomUUID(), action, status: 'pending' }
    queue.value.push(cmd)
    return cmd.id
  }

  function completeCommand(id: string, status: 'completed' | 'failed') {
    const idx = queue.value.findIndex(cmd => cmd.id === id)
    if (idx !== -1) {
      const [cmd] = queue.value.splice(idx, 1)
      cmd.status = status
      history.value = [cmd, ...history.value].slice(0, MAX_HISTORY)
    }
  }

  return { queue, history, pendingCommands, addCommand, completeCommand }
})

4.4 SSR 安全的存储使用

<script setup lang="ts">
// ✅ SSR 安全 - 存储按请求初始化
const jarvisStore = useJarvisStore()

// ✅ 在服务器上获取数据
const { data } = await useFetch('/api/metrics')

// 使用获取的数据更新存储
if (data.value) {
  jarvisStore.updateMetrics(data.value)
}
</script>

// stores/dashboard.ts
export const useDashboardStore = defineStore('dashboard', () => {
  // ✅ 从其他存储组合
  const jarvisStore = useJarvisStore()
  const commandStore = useCommandStore()

  const dashboardStatus = computed(() => ({
    systemHealth: jarvisStore.systemHealth,
    pendingCommands: commandStore.pendingCommands.length,
    isActive: jarvisStore.isActive
  }))

  return {
    dashboardStatus
  }
})

5.1 OWASP 覆盖范围

OWASP 类别	风险	缓解措施
A01 访问控制失效	中等	验证操作，检查权限
A04 不安全的设计	中等	SSR 状态隔离
A07 身份验证和授权失败	中等	切勿持久化令牌

5.3 敏感数据处理

// ❌ 切勿持久化：令牌、API 密钥、密码
// ✅ 仅将敏感数据存储在内存中（无持久化选项）
const authStore = defineStore('auth', () => {
  const token = ref<string | null>(null)
  return { token }
})

模式 1：选择性订阅

// 错误 - 订阅整个存储
const store = useJarvisStore()
watch(() => store.state, () => { /* ... */ }, { deep: true })

// 正确 - 订阅特定属性
const store = useJarvisStore()
watch(() => store.state.status, (newStatus) => {
  console.log('Status changed:', newStatus)
})

模式 2：计算属性（记忆化）

// 错误 - 每次访问都重新计算
function getFilteredItems() {
  return items.value.filter(i => i.active)
}

// 正确 - 缓存直到依赖项改变
const filteredItems = computed(() =>
  items.value.filter(i => i.active)
)

模式 3：批量更新

// 错误 - 多次响应式触发
function updateAll(data: MetricsData) {
  metrics.value.cpu = data.cpu
  metrics.value.memory = data.memory
  metrics.value.network = data.network
}

// 正确 - 单次响应式触发
function updateAll(data: MetricsData) {
  metrics.value = { ...metrics.value, ...data, timestamp: Date.now() }
}

模式 4：延迟存储初始化

// 错误 - 存储立即初始化
const heavyStore = useHeavyDataStore()

// 正确 - 仅在需要时初始化
const heavyStore = ref<ReturnType<typeof useHeavyDataStore> | null>(null)

function loadHeavyData() {
  if (!heavyStore.value) {
    heavyStore.value = useHeavyDataStore()
  }
  return heavyStore.value
}

模式 5：乐观更新

// 错误 - 等待服务器响应
async function deleteItem(id: string) {
  await api.delete(`/items/${id}`)
  items.value = items.value.filter(i => i.id !== id)
}

// 正确 - 立即更新，出错时回滚
async function deleteItem(id: string) {
  const backup = [...items.value]
  items.value = items.value.filter(i => i.id !== id)

  try {
    await api.delete(`/items/${id}`)
  } catch (error) {
    items.value = backup  // 回滚
    throw error
  }
}

完整的测试驱动开发工作流及 vitest 示例，请参阅 第 3.3 节。

// ❌ 全局状态在 SSR 用户间泄漏
const state = reactive({ user: null })

// ✅ Pinia 按请求隔离
export const useUserStore = defineStore('user', () => {
  const user = ref(null)
  return { user }
})

// ❌ 切勿持久化身份验证令牌（XSS 风险）
persist: { paths: ['authToken'] }

// ✅ 对身份验证使用 httpOnly cookies

带有正确/错误示例的详细性能模式，请参阅 第 5.5 节。

13. 实施前检查清单

阶段 1：编写代码前

使用 TypeScript 类型设计了存储接口
创建了包含失败测试的测试文件
确定了安全要求（持久化、SSR）
为用例选择了性能模式

阶段 2：实施期间

添加每个功能后测试通过
操作验证所有输入
计算值使用最小依赖项
持久化状态中无敏感数据
SSR 状态正确隔离

阶段 3：提交前

所有存储测试通过：npm run test -- --filter=stores
类型检查通过：npm run typecheck
构建成功：npm run build
Pinia 外无全局状态
状态结构已在类型中记录

Pinia 为 JARVIS 提供类型安全的状态管理：

测试驱动开发优先：在实现之前编写存储测试
性能：优化订阅和计算值
安全：切勿持久化敏感数据，隔离 SSR 状态
类型安全：使用带有完整 TypeScript 的 setup 存储

参考资料：高级模式和安全示例请参阅 references/ 目录。

2026 年 1 月 20 日

🇺🇸English

Pinia State Management Skill

File Organization : This skill uses split structure. See references/ for advanced patterns and security examples.

1. Overview

This skill provides Pinia expertise for managing application state in the JARVIS AI Assistant, including system metrics, user preferences, and HUD configuration.

Risk Level : MEDIUM - Manages sensitive state, SSR considerations, potential data exposure

Primary Use Cases :

System metrics and status tracking
User preferences and settings
HUD configuration state
Command history and queue
Real-time data synchronization

2. Core Responsibilities

2.1 Core Principles

TDD First : Write store tests before implementation
Performance Aware : Optimize subscriptions and computed values
Type Safety : Define stores with full TypeScript typing
SSR Security : Prevent state leakage between requests
Composition API : Use setup stores for better TypeScript support
Minimal State : Store only necessary data, derive the rest
Action Validation : Validate inputs in actions before mutations
Persistence Security : Never persist sensitive data to localStorage

3. Technology Stack & Versions

3.1 Recommended Versions

Package	Version	Notes
pinia	^2.1.0	Latest stable
@pinia/nuxt	^0.5.0	Nuxt integration
pinia-plugin-persistedstate	^3.0.0	Optional persistence

3.2 Nuxt Configuration

// nuxt.config.ts
export default defineNuxtConfig({
  modules: ['@pinia/nuxt'],
  pinia: {
    storesDirs: ['./stores/**']
  }
})

3.3 Implementation Workflow (TDD)

Follow this workflow for every store:

Step 1: Write Failing Test First

// tests/stores/metrics.test.ts
import { describe, it, expect, beforeEach } from 'vitest'
import { setActivePinia, createPinia } from 'pinia'
import { useMetricsStore } from '~/stores/metrics'

describe('MetricsStore', () => {
  beforeEach(() => {
    setActivePinia(createPinia())
  })

  it('should initialize with default values', () => {
    const store = useMetricsStore()
    expect(store.cpu).toBe(0)
    expect(store.memory).toBe(0)
  })

  it('should clamp values within valid range', () => {
    const store = useMetricsStore()
    store.updateCpu(150)
    expect(store.cpu).toBe(100)
    store.updateCpu(-50)
    expect(store.cpu).toBe(0)
  })

  it('should compute health status correctly', () => {
    const store = useMetricsStore()
    store.updateCpu(95)
    store.updateMemory(90)
    expect(store.healthStatus).toBe('critical')
  })
})

Step 2: Implement Minimum to Pass

// stores/metrics.ts
export const useMetricsStore = defineStore('metrics', () => {
  const cpu = ref(0)
  const memory = ref(0)

  const healthStatus = computed(() => {
    const avg = (cpu.value + memory.value) / 2
    if (avg > 90) return 'critical'
    if (avg > 70) return 'warning'
    return 'healthy'
  })

  function updateCpu(value: number) {
    cpu.value = Math.max(0, Math.min(100, value))
  }

  function updateMemory(value: number) {
    memory.value = Math.max(0, Math.min(100, value))
  }

  return { cpu, memory, healthStatus, updateCpu, updateMemory }
})

Step 3: Refactor Following Patterns

Extract validation logic
Add TypeScript interfaces
Optimize computed dependencies

Step 4: Run Full Verification

npm run test -- --filter=stores
npm run typecheck
npm run build

4. Implementation Patterns

4.1 Setup Store with TypeScript

// stores/jarvis.ts
import { defineStore } from 'pinia'
import { ref, computed } from 'vue'

interface SystemMetrics {
  cpu: number
  memory: number
  network: number
  timestamp: number
}

interface JARVISState {
  status: 'idle' | 'listening' | 'processing' | 'responding'
  securityLevel: 'normal' | 'elevated' | 'lockdown'
}

export const useJarvisStore = defineStore('jarvis', () => {
  // State
  const state = ref<JARVISState>({
    status: 'idle',
    securityLevel: 'normal'
  })

  const metrics = ref<SystemMetrics>({
    cpu: 0,
    memory: 0,
    network: 0,
    timestamp: Date.now()
  })

  // Getters
  const isActive = computed(() =>
    state.value.status !== 'idle'
  )

  const systemHealth = computed(() => {
    const avg = (metrics.value.cpu + metrics.value.memory) / 2
    if (avg > 90) return 'critical'
    if (avg > 70) return 'warning'
    return 'healthy'
  })

  // Actions
  function updateMetrics(newMetrics: Partial<SystemMetrics>) {
    // ✅ Validate input
    if (newMetrics.cpu !== undefined) {
      metrics.value.cpu = Math.max(0, Math.min(100, newMetrics.cpu))
    }
    if (newMetrics.memory !== undefined) {
      metrics.value.memory = Math.max(0, Math.min(100, newMetrics.memory))
    }
    if (newMetrics.network !== undefined) {
      metrics.value.network = Math.max(0, newMetrics.network)
    }
    metrics.value.timestamp = Date.now()
  }

  function setStatus(newStatus: JARVISState['status']) {
    state.value.status = newStatus
  }

  function setSecurityLevel(level: JARVISState['securityLevel']) {
    state.value.securityLevel = level

    // ✅ Audit security changes
    console.info(`Security level changed to: ${level}`)
  }

  return {
    state,
    metrics,
    isActive,
    systemHealth,
    updateMetrics,
    setStatus,
    setSecurityLevel
  }
})

4.2 User Preferences Store (with Persistence)

// stores/preferences.ts
export const usePreferencesStore = defineStore('preferences', () => {
  const preferences = ref({
    theme: 'dark' as 'dark' | 'light',
    hudOpacity: 0.8,
    soundEnabled: true
  })

  function updatePreference<K extends keyof typeof preferences.value>(
    key: K, value: typeof preferences.value[K]
  ) {
    if (key === 'hudOpacity' && (value < 0 || value > 1)) return
    preferences.value[key] = value
  }

  return { preferences, updatePreference }
}, {
  persist: {
    key: 'jarvis-preferences',
    paths: ['preferences.theme', 'preferences.hudOpacity']
    // ❌ Never persist: tokens, passwords, API keys
  }
})

4.3 Command Queue Store

// stores/commands.ts
interface Command {
  id: string
  action: string
  status: 'pending' | 'executing' | 'completed' | 'failed'
}

export const useCommandStore = defineStore('commands', () => {
  const queue = ref<Command[]>([])
  const history = ref<Command[]>([])
  const MAX_HISTORY = 100

  const pendingCommands = computed(() =>
    queue.value.filter(cmd => cmd.status === 'pending')
  )

  function addCommand(action: string) {
    const cmd: Command = { id: crypto.randomUUID(), action, status: 'pending' }
    queue.value.push(cmd)
    return cmd.id
  }

  function completeCommand(id: string, status: 'completed' | 'failed') {
    const idx = queue.value.findIndex(cmd => cmd.id === id)
    if (idx !== -1) {
      const [cmd] = queue.value.splice(idx, 1)
      cmd.status = status
      history.value = [cmd, ...history.value].slice(0, MAX_HISTORY)
    }
  }

  return { queue, history, pendingCommands, addCommand, completeCommand }
})

4.4 SSR-Safe Store Usage

<script setup lang="ts">
// ✅ Safe for SSR - store initialized per-request
const jarvisStore = useJarvisStore()

// ✅ Fetch data on server
const { data } = await useFetch('/api/metrics')

// Update store with fetched data
if (data.value) {
  jarvisStore.updateMetrics(data.value)
}
</script>

4.5 Store Composition

// stores/dashboard.ts
export const useDashboardStore = defineStore('dashboard', () => {
  // ✅ Compose from other stores
  const jarvisStore = useJarvisStore()
  const commandStore = useCommandStore()

  const dashboardStatus = computed(() => ({
    systemHealth: jarvisStore.systemHealth,
    pendingCommands: commandStore.pendingCommands.length,
    isActive: jarvisStore.isActive
  }))

  return {
    dashboardStatus
  }
})

5. Security Standards

5.1 OWASP Coverage

OWASP Category	Risk	Mitigation
A01 Broken Access Control	MEDIUM	Validate actions, check permissions
A04 Insecure Design	MEDIUM	SSR state isolation
A07 Auth Failures	MEDIUM	Never persist tokens

5.3 Sensitive Data Handling

// ❌ NEVER persist: tokens, API keys, passwords
// ✅ Store sensitive data in memory only (no persist option)
const authStore = defineStore('auth', () => {
  const token = ref<string | null>(null)
  return { token }
})

5.5 Performance Patterns

Pattern 1: Selective Subscriptions

// BAD - Subscribes to entire store
const store = useJarvisStore()
watch(() => store.state, () => { /* ... */ }, { deep: true })

// GOOD - Subscribe to specific properties
const store = useJarvisStore()
watch(() => store.state.status, (newStatus) => {
  console.log('Status changed:', newStatus)
})

Pattern 2: Computed Getters (Memoization)

// BAD - Recalculates on every access
function getFilteredItems() {
  return items.value.filter(i => i.active)
}

// GOOD - Cached until dependencies change
const filteredItems = computed(() =>
  items.value.filter(i => i.active)
)

Pattern 3: Batch Updates

// BAD - Multiple reactive triggers
function updateAll(data: MetricsData) {
  metrics.value.cpu = data.cpu
  metrics.value.memory = data.memory
  metrics.value.network = data.network
}

// GOOD - Single reactive trigger
function updateAll(data: MetricsData) {
  metrics.value = { ...metrics.value, ...data, timestamp: Date.now() }
}

Pattern 4: Lazy Store Initialization

// BAD - Store initializes immediately
const heavyStore = useHeavyDataStore()

// GOOD - Initialize only when needed
const heavyStore = ref<ReturnType<typeof useHeavyDataStore> | null>(null)

function loadHeavyData() {
  if (!heavyStore.value) {
    heavyStore.value = useHeavyDataStore()
  }
  return heavyStore.value
}

Pattern 5: Optimistic Updates

// BAD - Wait for server response
async function deleteItem(id: string) {
  await api.delete(`/items/${id}`)
  items.value = items.value.filter(i => i.id !== id)
}

// GOOD - Update immediately, rollback on error
async function deleteItem(id: string) {
  const backup = [...items.value]
  items.value = items.value.filter(i => i.id !== id)

  try {
    await api.delete(`/items/${id}`)
  } catch (error) {
    items.value = backup  // Rollback
    throw error
  }
}

6. Testing & Quality

See Section 3.3 for complete TDD workflow with vitest examples.

8. Common Anti-Patterns

Security Anti-Patterns

// ❌ Global state leaks between SSR users
const state = reactive({ user: null })

// ✅ Pinia isolates per-request
export const useUserStore = defineStore('user', () => {
  const user = ref(null)
  return { user }
})

// ❌ Never persist auth tokens (XSS risk)
persist: { paths: ['authToken'] }

// ✅ Use httpOnly cookies for auth

Performance Anti-Patterns

See Section 5.5 for detailed performance patterns with Good/Bad examples.

13. Pre-Implementation Checklist

Phase 1: Before Writing Code

Store interface designed with TypeScript types
Test file created with failing tests
Security requirements identified (persistence, SSR)
Performance patterns selected for use case

Phase 2: During Implementation

Tests passing after each feature added
Actions validate all inputs
Computed values use minimal dependencies
No sensitive data in persisted state
SSR state properly isolated

Phase 3: Before Committing

All store tests passing: npm run test -- --filter=stores
Type check passing: npm run typecheck
Build succeeds: npm run build
No global state outside Pinia
State shape documented in types

14. Summary

Pinia provides type-safe state management for JARVIS:

TDD First : Write store tests before implementation
Performance : Optimize subscriptions and computed values
Security : Never persist sensitive data, isolate SSR state
Type Safety : Use setup stores with full TypeScript

References : See references/ for advanced patterns and security examples.

Weekly Installs

Repository

martinholovsky/…enerator

GitHub Stars

First Seen

Jan 20, 2026

Security Audits

Gen Agent Trust HubPass SocketPass SnykPass

Installed on

gemini-cli62

codex59

opencode59

github-copilot56

cursor55

claude-code51

测试策略完整指南：单元/集成/E2E测试金字塔与自动化实践

11,200 周安装

pinia	^2.1.0	最新稳定版
@pinia/nuxt	^0.5.0	Nuxt 集成
pinia-plugin-persistedstate	^3.0.0	可选持久化