# Website DI Rules (Inversify)

This repo uses Inversify DI under [apps/website/lib/di](apps/website/lib/di/index.ts:1).

Authoritative contract: [`WEBSITE_CONTRACT.md`](docs/architecture/website/WEBSITE_CONTRACT.md:1).

## 1) Non-negotiable safety rule

No stateful service instances may be shared across requests.

Reason: Next.js server execution is concurrent; shared state causes cross-request leakage.

## 2) Rules by module type

### 2.1 `page.tsx` (server)

- MUST NOT access the DI container directly.
- MUST call a PageQuery only.

### 2.2 Page Queries (server)

- SHOULD prefer explicit construction (manual wiring).
- MAY use DI only if all resolved services are stateless and safe for concurrent requests.

If DI is used on the server, it MUST be request-scoped (a new container per request) and MUST NOT reuse a shared singleton container.

### 2.3 Client modules

- MAY use DI via `ContainerProvider` and hooks (example: `useInject`).

## 3) Container singleton warning

[`ContainerManager`](apps/website/lib/di/container.ts:61) holds a singleton container. Treat it as **unsafe for server request scope** unless proven otherwise.

Strict rule:

- [`ContainerManager.getContainer()`](apps/website/lib/di/container.ts:74) is client-only.