chore(lp-2026): restore custom-domain route (final cutover step)#12
Conversation
…lare Workers - Add the v0-generated Next.js 16 app-router LP (React 19, Tailwind v4, shadcn/ui, framer-motion; pnpm) under apps/hackathon-lp-2026, hosted like the other years on a Cloudflare Workers Static Assets Worker via Workers Builds. - next.config.mjs: output: 'export' (fully client-rendered, no server features) -> build emits ./out, served by the assets-only wrangler.toml (name nemtus-hackathon-lp-2026, custom domain hackathon-2026.nemtus.com; the aggregator already links there). - Fix the v0 lockfile's broken motion resolution: it pinned framer-motion@12.23.24 with motion-dom@12.42.2, which dropped the "activeAnimations" export framer-motion imports, breaking the build. Pin motion-dom to 12.23.23 via pnpm.overrides. - .npmrc ignore-scripts=false to override the inherited root hardening for this pnpm app. Verified: pnpm build succeeds; out/ has index.html/404.html/_next (215 files, max asset 1.78MiB < 25MiB limit); wrangler deploy --dry-run reads out/ cleanly. Build artifacts (node_modules/.next/out) are gitignored. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…it/e2e/audit/socket) Tooling for apps/hackathon-lp-2026 (pnpm, standalone): - ESLint 9 flat config (typescript-eslint + react + react-hooks + @next/next) — passes - Prettier (.prettierrc) + format / format:check — codebase formatted to a baseline - type:check (tsc --noEmit): fixed the 5 v0 type errors centrally in hooks/use-in-view (generic ref + amount->threshold), so they are caught rather than masked here - Vitest + Testing Library (jsdom) — 14 guardrail tests: constants invariants, cn(), useInView behavior, Entry CTA gating on IS_HACKATHON_ENDED (both states), FAQ accordion - Playwright e2e against the static export (out/) — 4 tests: title, key sections, entry inert while ended, FAQ interaction, no JS runtime errors Scripts: lint / format / format:check / type:check / test / e2e / preview. CI: .github/workflows/ci-hackathon-lp-2026.yml (path-filtered, pnpm) with jobs: - verify: audit (--audit-level=high) + frozen install + lint + format:check + type:check + build + unit - e2e: playwright (chromium) - socket: runs `socket ci` when SOCKET_SECURITY_API_KEY is set, else no-op Deployment stays with Cloudflare Workers Builds (Git integration) — CI is checks only. Security: bumped next 16.0.10 -> 16.2.10 (clears 9 Next SSR/middleware advisories that do not apply to a static export); allowlisted the remaining transitive lodash `_.template` advisory (GHSA-r5fr-rjxr-66jc via recharts, unreachable in this static LP) through pnpm.auditConfig.ignoreGhsas so audit stays green and still blocks NEW high vulns. Storybook deferred: the vitest component/interaction tests + playwright e2e already cover the interactive behavior; a full Storybook harness adds limited value for this LP. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…p secret job Mirror nemtus/symbol-rest-api-client's token-free Socket setup instead of the API-key-based `socket ci` job: - Socket Firewall Free (SocketDev/action@…, mode: firewall-free — no token) wraps the pnpm install in the verify and e2e jobs (`sfw pnpm install --frozen-lockfile`), blocking confirmed-malicious packages at fetch time. - Add repo-root socket.yml for the Socket GitHub App (PR dependency-risk comments), with monorepo trigger paths (npm workspace + standalone npm apps + the pnpm 2026 app). - Remove the socket job that required SOCKET_SECURITY_API_KEY. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…ydration) - app/globals.css: fix BlinkMacMacSystemFont -> BlinkMacSystemFont (font fallback typo) - footer: (c) 2025 -> 2026 - circuit-background: move Math.random() grid generation from module scope into a client-only useEffect/useState, avoiding a static-export hydration mismatch/flicker Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…loudflare cutover hackathon-2026.nemtus.com currently points at Vercel via an existing Cloudflare DNS record. Keeping the custom_domain route active would make the first Workers Builds deploy fail on a DNS conflict, so comment it out to deploy to *.workers.dev for safe verification. Restored by a follow-up PR once the Vercel DNS record is deleted.
…DNS cutover) Re-enable the hackathon-2026.nemtus.com custom_domain route disabled during the cutover. Merge this AFTER: (1) the Worker is verified on *.workers.dev, and (2) the old Vercel DNS record for hackathon-2026.nemtus.com has been deleted in Cloudflare. The next Workers Builds deploy then attaches the domain to this Worker and provisions the edge certificate.
|
Warning Review limit reached
Next review available in: 58 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (42)
📒 Files selected for processing (109)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
Summary
Re-enables the
hackathon-2026.nemtus.comcustom-domain route inapps/hackathon-lp-2026/wrangler.tomlthat PR #11 temporarily commented out for theVercel → Cloudflare cutover.
Merge order (important)
This is the final step of the cutover. Merge it only after:
routesre-enable once it is).nemtus-hackathon-lp-2026is set up in Workers Builds (Root directoryapps/hackathon-lp-2026, Build commandpnpm build) and verified on its*.workers.devURL.
hackathon-2026.nemtus.comhas been deleted in theCloudflare DNS tab (so there's no conflicting record).
Merging this then triggers a Workers Builds deploy that attaches
hackathon-2026.nemtus.comto the Worker and provisions the edge certificate.Verify after merge
Then remove the domain from the Vercel project and retire the Vercel deployment.
🤖 Generated with Claude Code