npx skills add https://github.com/actionbook/rust-skills --skill m13-domain-error第 2 层:设计选择
谁需要处理这个错误,以及他们应该如何恢复?
在设计错误类型之前:
| 错误类型 | 受众 | 恢复方式 | 示例 |
|---|---|---|---|
| 面向用户 | 最终用户 | 引导操作 | InvalidEmail, NotFound |
| 内部错误 | 开发人员 | 调试信息 | DatabaseError, |
广告位招租
在这里展示您的产品或服务
触达数万 AI 开发者,精准高效
ParseError| 系统错误 | 运维/SRE | 监控/告警 | ConnectionTimeout, RateLimited |
| 暂时性错误 | 自动化系统 | 重试 | NetworkError, ServiceUnavailable |
| 永久性错误 | 人工处理 | 调查 | ConfigInvalid, DataCorrupted |
在设计错误类型之前:
谁会看到这个错误?
我们能恢复吗?
需要什么上下文?
到领域约束(第 3 层):
"我应该如何处理支付失败?"
↑ 提问:业务规则对于重试有何要求?
↑ 检查:domain-fintech(交易要求)
↑ 检查:SLA(可用性要求)
| 问题 | 追溯到 | 提问 |
|---|---|---|
| 重试策略 | domain-* | 可接受的重试延迟是多少? |
| 用户体验 | domain-* | 用户应该看到什么消息? |
| 合规性 | domain-* | 审计必须记录什么? |
到实现(第 1 层):
"需要类型化错误"
↓ m06-error-handling: 库使用 thiserror
↓ m04-zero-cost: 错误枚举设计
"需要错误上下文"
↓ m06-error-handling: anyhow::Context
↓ Logging: 使用字段的 tracing
"需要重试逻辑"
↓ m07-concurrency: 异步重试模式
↓ Crates: tokio-retry, backoff
| 恢复模式 | 适用场景 | 实现方式 |
|---|---|---|
| 重试 | 暂时性故障 | 指数退避 |
| 回退 | 降级模式 | 缓存值/默认值 |
| 熔断器 | 级联故障 | failsafe-rs |
| 超时 | 慢操作 | tokio::time::timeout |
| 舱壁隔离 | 隔离 | 独立的线程池 |
#[derive(thiserror::Error, Debug)]
pub enum AppError {
// 面向用户的错误
#[error("Invalid input: {0}")]
Validation(String),
// 暂时性错误(可重试)
#[error("Service temporarily unavailable")]
ServiceUnavailable(#[source] reqwest::Error),
// 内部错误(记录详细信息,显示通用信息)
#[error("Internal error")]
Internal(#[source] anyhow::Error),
}
impl AppError {
pub fn is_retryable(&self) -> bool {
matches!(self, Self::ServiceUnavailable(_))
}
}
use tokio_retry::{Retry, strategy::ExponentialBackoff};
async fn with_retry<F, T, E>(f: F) -> Result<T, E>
where
F: Fn() -> impl Future<Output = Result<T, E>>,
E: std::fmt::Debug,
{
let strategy = ExponentialBackoff::from_millis(100)
.max_delay(Duration::from_secs(10))
.take(5);
Retry::spawn(strategy, || f()).await
}
| 错误做法 | 为何错误 | 更好的做法 |
|---|---|---|
| 所有错误都一样 | 不可操作 | 按受众分类 |
| 重试所有错误 | 浪费资源 | 仅重试暂时性错误 |
| 无限重试 | 自我 DoS | 最大尝试次数 + 退避 |
| 暴露内部错误 | 安全风险 | 用户友好的消息 |
| 没有上下文 | 难以调试 | 处处使用 .context() |
| 反面模式 | 为何不好 | 更好的做法 |
|---|---|---|
| 字符串错误 | 无结构 | thiserror 类型 |
| 对可恢复错误使用 panic! | 糟糕的用户体验 | 带上下文的 Result |
| 忽略错误 | 静默失败 | 记录或传播 |
| 处处使用 Box | 丢失类型信息 | thiserror |
| 在正常路径中处理错误 | 性能问题 | 早期验证 |
| 何时使用 | 参见 |
|---|---|
| 错误处理基础 | m06-error-handling |
| 重试实现 | m07-concurrency |
| 领域建模 | m09-domain |
| 面向用户的 API | domain-* |
每周安装量
72
代码仓库
GitHub 星标数
911
首次出现
Jan 23, 2026
安全审计
安装于
opencode69
gemini-cli68
codex67
github-copilot64
cursor62
kimi-cli59
Layer 2: Design Choices
Who needs to handle this error, and how should they recover?
Before designing error types:
| Error Type | Audience | Recovery | Example |
|---|---|---|---|
| User-facing | End users | Guide action | InvalidEmail, NotFound |
| Internal | Developers | Debug info | DatabaseError, ParseError |
| System | Ops/SRE | Monitor/alert | ConnectionTimeout, RateLimited |
| Transient | Automation | Retry | NetworkError, ServiceUnavailable |
| Permanent | Human | Investigate | ConfigInvalid, DataCorrupted |
Before designing error types:
Who sees this error?
Can we recover?
What context is needed?
To domain constraints (Layer 3):
"How should I handle payment failures?"
↑ Ask: What are the business rules for retries?
↑ Check: domain-fintech (transaction requirements)
↑ Check: SLA (availability requirements)
| Question | Trace To | Ask |
|---|---|---|
| Retry policy | domain-* | What's acceptable latency for retry? |
| User experience | domain-* | What message should users see? |
| Compliance | domain-* | What must be logged for audit? |
To implementation (Layer 1):
"Need typed errors"
↓ m06-error-handling: thiserror for library
↓ m04-zero-cost: Error enum design
"Need error context"
↓ m06-error-handling: anyhow::Context
↓ Logging: tracing with fields
"Need retry logic"
↓ m07-concurrency: async retry patterns
↓ Crates: tokio-retry, backoff
| Recovery Pattern | When | Implementation |
|---|---|---|
| Retry | Transient failures | exponential backoff |
| Fallback | Degraded mode | cached/default value |
| Circuit Breaker | Cascading failures | failsafe-rs |
| Timeout | Slow operations | tokio::time::timeout |
| Bulkhead | Isolation | separate thread pools |
#[derive(thiserror::Error, Debug)]
pub enum AppError {
// User-facing
#[error("Invalid input: {0}")]
Validation(String),
// Transient (retryable)
#[error("Service temporarily unavailable")]
ServiceUnavailable(#[source] reqwest::Error),
// Internal (log details, show generic)
#[error("Internal error")]
Internal(#[source] anyhow::Error),
}
impl AppError {
pub fn is_retryable(&self) -> bool {
matches!(self, Self::ServiceUnavailable(_))
}
}
use tokio_retry::{Retry, strategy::ExponentialBackoff};
async fn with_retry<F, T, E>(f: F) -> Result<T, E>
where
F: Fn() -> impl Future<Output = Result<T, E>>,
E: std::fmt::Debug,
{
let strategy = ExponentialBackoff::from_millis(100)
.max_delay(Duration::from_secs(10))
.take(5);
Retry::spawn(strategy, || f()).await
}
| Mistake | Why Wrong | Better |
|---|---|---|
| Same error for all | No actionability | Categorize by audience |
| Retry everything | Wasted resources | Only transient errors |
| Infinite retry | DoS self | Max attempts + backoff |
| Expose internal errors | Security risk | User-friendly messages |
| No context | Hard to debug | .context() everywhere |
| Anti-Pattern | Why Bad | Better |
|---|---|---|
| String errors | No structure | thiserror types |
| panic! for recoverable | Bad UX | Result with context |
| Ignore errors | Silent failures | Log or propagate |
| Box everywhere | Lost type info | thiserror |
| Error in happy path | Performance | Early validation |
| When | See |
|---|---|
| Error handling basics | m06-error-handling |
| Retry implementation | m07-concurrency |
| Domain modeling | m09-domain |
| User-facing APIs | domain-* |
Weekly Installs
72
Repository
GitHub Stars
911
First Seen
Jan 23, 2026
Security Audits
Gen Agent Trust HubPassSocketPassSnykPass
Installed on
opencode69
gemini-cli68
codex67
github-copilot64
cursor62
kimi-cli59
代码库搜索技能指南:精准查找函数、追踪依赖、理解架构与定位错误
10,900 周安装