Skip to content

adjust firestore prompt to be more succinct #9222

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Oct 1, 2025
Merged

adjust firestore prompt to be more succinct #9222

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
dbabbb1
adjust firestore prompt to be more succinct
charlotteliang Oct 1, 2025
3fde768
clarify schema in firestore as well
charlotteliang Oct 1, 2025
3426938
show user the schema by default
charlotteliang Oct 1, 2025
bed2a02
fix based on reviews
charlotteliang Oct 1, 2025
3139f8e
Merge branch 'master' into firestore-prompt-trim
charlotteliang Oct 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 11 additions & 24 deletions src/mcp/resources/guides/init_firestore.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,40 +17,27 @@
text: `
### Setup Firestore Database
**Database Setup:**
- Configure Firebase Firestore as the primary database for the application
- Implement client code for basic CRUD operations using the Firestore SDK
- Write the default \`firestore.rules\` file (see below)
- Run \`firebase deploy --only firestore\` to provision the database automatically
- Configure Firestore as the application's primary database.
- Implement client-side CRUD using the Firebase SDK.
- Present the app's Firestore data model to the user. Do not confuse Firestore's document model (NoSQL) with Firebase Data Connect's schema.
- Write the default \`firestore.rules\` file (see below) explain what they do, and obtain the user's confirmation before deploying.
- Run \`firebase deploy --only firestore\` to create the database automatically Do not ask the user to create it in the console.
- Use production environment directly (avoid emulator for initial setup)

**Pre-Deployment Security Check:**
- **Important**: Before running \`firebase deploy --only firestore\`, check if the project has open security rules
- If open security rules are detected, show developers the current rule content
- Recommend keeping open rules for a maximum of 24 hours for development purposes only
- Explain that open rules are acceptable for development but must be restricted for production

**Deployment:**
- Run \`firebase deploy --only firestore\` to provision the database automatically

**Verification & Testing:**
**Verify and test:**
- Only proceed with verification after successfully running \`firebase deploy --only firestore\`
- Guide the user to visit \`https://console.firebase.google.com/u/0/project/{PROJECT_ID}/firestore\` where \`{PROJECT_ID}\` is the project they're currently using (or use \`_\` if project id is unknown).
- Guide the user to open \`https://console.firebase.google.com/u/0/project/{PROJECT_ID}/firestore\` where \`{PROJECT_ID}\` is the project they're currently using (or use \`_\` if project id is unknown) to confirm their database is created.
- Have developers test their application functionality and verify test data appears in the console. Using the shell, run a local version of their app for them so they can test it. To figure out how to run their app, investigate their environment.
- For web apps you can check their \`package.json\` for a "start" or "dev" script
- For Flutter apps, they can use \`flutter run\`
- For Android apps, ask the user to run the app from Android Studio
- For iOS / Apple apps, you can check their Package.swift, or read their Xcode project for the right target and use xcrun
- Only proceed to the next step after confirming successful database setup and data visibility

**Security Configuration:**
- Guide users to navigate to "Firestore Database" → "Rules" tab to configure security rules
- **Critical Warning**: Never make Firestore security rules public (allowing read/write without authentication)
- Ensure security rules are properly configured and tested before moving to production
- Proceed only after the user confirms the database exists and the data is visible in the Firestore console.

**Next Steps:**
- **Authentication**: Recommend implementing Firebase Authentication if the application handles sensitive user data or has open security rules
- **User Management**: Implement user sign-up and login features with Firebase Authentication to establish proper data validation and access controls
- **Security Rules**: Configure user-based security rules based on your application's specific requirements
- **Authentication**: Recommend implementing Firebase Authentication if the application handles sensitive user data or has open security rules.
- **User Management**: Implement sign-up and sign-in flows to support user-based access control and update security rules accordingly.
- **Security Rules**: Configure user-based security rules based on your application's specific requirements.

### Default \`firestore.rules\` file:

Expand All @@ -73,7 +60,7 @@
},
);

function getTomorrowDate() {

Check warning on line 63 in src/mcp/resources/guides/init_firestore.ts

View workflow job for this annotation

GitHub Actions / lint (20) 

Missing return type on function
const tomorrow = new Date();
tomorrow.setDate(tomorrow.getDate() + 1);
// Month is 0-indexed, so add 1
Expand Down
Loading