Skip to content

feat(template-generator): upgrade template deps to latest and harden docker templates#1098

Open
AmanVarshney01 wants to merge 2 commits into
mainfrom
feat/template-deps-docker-hardening
Open

feat(template-generator): upgrade template deps to latest and harden docker templates#1098
AmanVarshney01 wants to merge 2 commits into
mainfrom
feat/template-deps-docker-hardening

Conversation

@AmanVarshney01

@AmanVarshney01 AmanVarshney01 commented Jul 2, 2026

Copy link
Copy Markdown
Owner

Dependency upgrades

Majors (with required code migrations)

  • React Router v7 → v8.1 — all @react-router/* packages bumped; removed the v8_middleware future flag (default in v8). Template code needed no changes: imports already come from react-router only, and meta() doesn't use the removed data arg. react-router-devtools ^1 → ^6 and @clerk/react-router → ^3.5.4 (both RR8-compatible).
  • vite-plus 0.1.24 → 0.2.2 — 0.2 bundles vitest directly and discontinued @voidzero-dev/vite-plus-test (stopped at 0.1.24), so the vitest override alias is removed; the vitevite-plus-core alias stays. rolldown → 1.1.4.
  • @tanstack/svelte-query v5 → v6 — migrated svelte templates to the runes API: options are thunks (createQuery(() => opts)) and results drop the $ store prefix. QueryClientProvider/QueryClient usage unchanged.
  • @hono/node-server ^2 (only breaking: Node 18 drop + Vercel adapter removal; templates only use serve), stripe SDKs ^9/^6 (no template code touches them), shiki ^4, nx ^23 (generated nx.json schema unchanged).

Minors

~140 minor/patch bumps across dependencyVersionMap and hbs template pins (vite 8.1.3, heroui-native 1.0.5, uniwind 1.10, SvelteKit 2.69, @nuxt/ui 4.9, TanStack Router 1.170/Start 1.168, tRPC 11.18, hono 4.12, clerk, react-query unified at ^5.101.2, oxlint/oxfmt, wrangler, zod, …).

Deliberately untouched

All Expo/native pins — verified against Expo SDK 57's bundledNativeModules.json (incl. react-native-gesture-handler ~2.32.0; v3 is not supported by SDK 57). @babel/core stays on 7 for babel-preset-expo. Also removed an orphaned @types/three from the electrobun desktop template.

Docker template fixes (from a full combination audit)

  • Guard desktop addons + --web-deploy docker — tauri/electrobun switch next/svelte/astro to static export, which broke the SSR docker images at build time. New CLI validation rejects the combo (keeps the working next+electrobun+convex+better-auth case).
  • Next standalone runner now copies public/ when the pwa addon emits it (standalone output excludes it → manifest/icons 404'd in-container).
  • Root .env generated for compose build args${CONVEX_URL:-}/${CLERK_PUBLISHABLE_KEY:-} interpolate from the project root, but only apps/web/.env was scaffolded, so images were silently built with empty values.
  • Pinned DB images (postgres:18, mysql:8.4, mongo:8) in deploy + db-setup composes — postgres:18 also matches the /var/lib/postgresql volume layout the templates use. Pinned pnpm@11 in Dockerfiles to avoid lockfile-format drift.
  • Web service healthcheck added to generated docker-compose (wget for nginx-served SPAs, node fetch for node runners).

Verification

  • bun run generate-templates regenerated (506 templates)
  • bun run check clean
  • template-generator tsc --noEmit clean
  • CLI suite: 641 pass / 0 fail (updated hardcoded version expectations in 5 test files)

Not addressed (follow-up candidate): single-stage server/web images ship the full monorepo + dev deps (size/hygiene, not correctness).

Summary by CodeRabbit

  • New Features
    • Added additional configuration validation to prevent incompatible “Docker web deploy” setups with specific desktop addon combinations.
    • Docker-based deployments can now generate a root .env with build-arg values when applicable.
  • Bug Fixes
    • Improved Docker Compose health checks and pinned database container images to explicit version tags.
    • Updated scaffolds and templates to align with newer frontend behavior and dependency versions (including corrected template data access patterns).
  • Chores
    • Pinned pnpm to a consistent version in generated Docker builds.

…docker templates

Dependency upgrades:
- react-router v7 -> v8 (imports unchanged; drop v8_middleware future flag, now default)
- react-router-devtools ^1 -> ^6, @clerk/react-router ^3.5 (RR8-compatible)
- vite-plus 0.1.24 -> 0.2.2; drop discontinued vite-plus-test vitest override
- @tanstack/svelte-query v5 -> v6: thunk options + runes results in svelte templates
- @hono/node-server ^2, stripe SDKs (^9/^6), shiki ^4, nx ^23
- ~140 minor/patch bumps across dependencyVersionMap and template pins
- expo/native pins left untouched (verified against SDK 57 bundledNativeModules)
- remove unused @types/three from electrobun desktop template

Docker template fixes:
- block webDeploy=docker with tauri/electrobun on next/svelte/astro (desktop
  addons force static export, breaking the SSR docker images)
- copy public/ into next standalone runner when pwa addon emits it
- generate root .env for compose build-arg interpolation (CONVEX_URL,
  CLERK_PUBLISHABLE_KEY were silently baked empty)
- pin db images (postgres:18, mysql:8.4, mongo:8) and pnpm@11 in Dockerfiles
- add web service healthcheck to generated docker-compose
@vercel

vercel Bot commented Jul 2, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
create-better-t-stack-web Ready Ready Preview, Comment Jul 2, 2026 7:48pm

Request Review

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: cbd68da6ce

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment on lines +616 to +617
key: "CLERK_PUBLISHABLE_KEY",
value: "",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Use the documented Clerk env key for Docker builds

For Docker web deployments with Clerk, this new root .env entry is the only value consumed by the compose build arg (${CLERK_PUBLISHABLE_KEY:-}), but the generated setup instructions and apps/web/.env ask users to fill NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY or VITE_CLERK_PUBLISHABLE_KEY. If they follow those instructions, the Docker image is still built with an empty publishable key for Next/React Router/TanStack frontends, so Clerk auth fails only in the compose build.

Useful? React with 👍 / 👎.

@coderabbitai

coderabbitai Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4d0aa72d-2eae-4cbb-b66d-42a6a5831f44

📥 Commits

Reviewing files that changed from the base of the PR and between cbd68da and 1d21818.

📒 Files selected for processing (4)
  • packages/template-generator/src/processors/env-vars.ts
  • packages/template-generator/src/templates.generated.ts
  • packages/template-generator/templates/deploy/docker/compose/docker-compose.yml.hbs
  • packages/template-generator/templates/deploy/docker/web/react/next/Dockerfile.hbs
🚧 Files skipped from review as they are similar to previous changes (1)
  • packages/template-generator/src/processors/env-vars.ts

Walkthrough

This PR adds a Docker web-deploy compatibility check, updates template-generator dependency pins and tests, changes Docker template outputs, generates root .env values for Docker builds, and refactors Svelte template query usage to direct query and mutation instance access.

Changes

Docker Web Deploy Compatibility Validation

Layer / File(s) Summary
Validator implementation and wiring
apps/cli/src/utils/compatibility-rules.ts, apps/cli/src/utils/config-validation.ts
Adds validateDockerWebDeployDesktopAddons and calls it from validateFullConfig.

Template Generator Updates

Layer / File(s) Summary
Dependency pins and assertions
packages/template-generator/src/utils/add-deps.ts, packages/template-generator/templates/frontend/*/package.json.hbs, packages/template-generator/templates/packages/ui/package.json.hbs, apps/cli/test/*.test.ts, packages/template-generator/templates/addons/electrobun/apps/desktop/package.json.hbs, packages/template-generator/src/templates.generated.ts
Bumps many dependency versions in generator maps and templates, removes @types/three from electrobun desktop outputs, and updates matching test assertions.
Vite-plus overrides
packages/template-generator/src/post-process/package-configs.ts, apps/cli/test/addons.test.ts
Removes the vitest override for vite-plus and adjusts related test expectations.
Docker template outputs
packages/template-generator/templates/deploy/docker/**/Dockerfile.hbs, packages/template-generator/templates/deploy/docker/compose/docker-compose.yml.hbs, packages/template-generator/templates/db-setup/docker-compose/*/docker-compose.yml.hbs, packages/template-generator/src/processors/env-vars.ts, packages/template-generator/src/templates.generated.ts
Pins pnpm to 11, pins database images, adds web healthchecks, updates build args and root .env generation, and copies public into the Next.js runner image.
Svelte query access patterns
packages/template-generator/templates/auth/better-auth/web/svelte/.../+page.svelte.hbs, packages/template-generator/templates/frontend/svelte/src/routes/+page.svelte.hbs, packages/template-generator/templates/examples/todo/web/svelte/.../+page.svelte.hbs, packages/template-generator/src/templates.generated.ts
Switches Svelte templates from $store access to direct query/mutation instance properties and updates refetch, disabled-state, and error handling paths.

Possibly related PRs

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly matches the two main changes: dependency upgrades in template-generator and Docker template hardening.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint install failed. For unrecoverable errors, disable the tool in CodeRabbit configuration.


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🧹 Nitpick comments (1)
packages/template-generator/templates/deploy/docker/web/astro/Dockerfile.hbs (1)

6-6: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Consider pinning an exact pnpm patch version rather than just the major.

pnpm@11 floats to the latest 11.x release on every build, which can silently break reproducibility if a future 11.x patch introduces a behavior change (pnpm 11 already required config migrations from v10). Pinning an exact version (e.g. pnpm@11.9.0) would make builds fully reproducible while still getting the intended major-version behavior.


ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 66d8b9fb-965d-4076-a696-e7a8d785e434

📥 Commits

Reviewing files that changed from the base of the PR and between 0ca6f35 and cbd68da.

📒 Files selected for processing (39)
  • apps/cli/src/utils/compatibility-rules.ts
  • apps/cli/src/utils/config-validation.ts
  • apps/cli/test/addons.test.ts
  • apps/cli/test/auth.test.ts
  • apps/cli/test/clerk-matrix.test.ts
  • apps/cli/test/electrobun-addon.test.ts
  • apps/cli/test/external-commands.test.ts
  • packages/template-generator/src/post-process/package-configs.ts
  • packages/template-generator/src/processors/env-vars.ts
  • packages/template-generator/src/templates.generated.ts
  • packages/template-generator/src/utils/add-deps.ts
  • packages/template-generator/templates/addons/electrobun/apps/desktop/package.json.hbs
  • packages/template-generator/templates/auth/better-auth/web/svelte/src/routes/dashboard/+page.svelte.hbs
  • packages/template-generator/templates/db-setup/docker-compose/mongodb/docker-compose.yml.hbs
  • packages/template-generator/templates/db-setup/docker-compose/mysql/docker-compose.yml.hbs
  • packages/template-generator/templates/db-setup/docker-compose/postgres/docker-compose.yml.hbs
  • packages/template-generator/templates/deploy/docker/compose/docker-compose.yml.hbs
  • packages/template-generator/templates/deploy/docker/server/Dockerfile.hbs
  • packages/template-generator/templates/deploy/docker/web/astro/Dockerfile.hbs
  • packages/template-generator/templates/deploy/docker/web/nuxt/Dockerfile.hbs
  • packages/template-generator/templates/deploy/docker/web/react/next/Dockerfile.hbs
  • packages/template-generator/templates/deploy/docker/web/react/react-router/Dockerfile.hbs
  • packages/template-generator/templates/deploy/docker/web/react/tanstack-router/Dockerfile.hbs
  • packages/template-generator/templates/deploy/docker/web/react/tanstack-start/Dockerfile.hbs
  • packages/template-generator/templates/deploy/docker/web/solid/Dockerfile.hbs
  • packages/template-generator/templates/deploy/docker/web/svelte/Dockerfile.hbs
  • packages/template-generator/templates/examples/todo/web/svelte/src/routes/todos/+page.svelte.hbs
  • packages/template-generator/templates/frontend/astro/package.json.hbs
  • packages/template-generator/templates/frontend/native/uniwind/package.json.hbs
  • packages/template-generator/templates/frontend/nuxt/package.json.hbs
  • packages/template-generator/templates/frontend/react/next/package.json.hbs
  • packages/template-generator/templates/frontend/react/react-router/package.json.hbs
  • packages/template-generator/templates/frontend/react/react-router/react-router.config.ts
  • packages/template-generator/templates/frontend/react/tanstack-router/package.json.hbs
  • packages/template-generator/templates/frontend/react/tanstack-start/package.json.hbs
  • packages/template-generator/templates/frontend/solid/package.json.hbs
  • packages/template-generator/templates/frontend/svelte/package.json.hbs
  • packages/template-generator/templates/frontend/svelte/src/routes/+page.svelte.hbs
  • packages/template-generator/templates/packages/ui/package.json.hbs
💤 Files with no reviewable changes (3)
  • apps/cli/test/electrobun-addon.test.ts
  • packages/template-generator/templates/frontend/react/react-router/react-router.config.ts
  • packages/template-generator/templates/addons/electrobun/apps/desktop/package.json.hbs

Comment on lines +336 to +341
// Frontends whose docker image needs server output, which desktop addons replace with a static export
const DOCKER_SERVER_OUTPUT_FRONTENDS = [
"next",
"svelte",
"astro",
] as const satisfies readonly Frontend[];

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check whether nuxt is compatible with tauri/electrobun addons and whether those addons
# force a static export for nuxt (similar to next/svelte/astro).
rg -n "nuxt" packages/template-generator/templates/addons/tauri -r 2>/dev/null
rg -nP "nuxt" apps/cli/src/utils/compatibility-rules.ts -C3
rg -nP "static" packages/template-generator/templates/addons/electrobun -r 2>/dev/null

Repository: AmanVarshney01/create-better-t-stack

Length of output: 3652


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Inspect the server-output frontend list and nearby compatibility logic.
sed -n '320,360p' apps/cli/src/utils/compatibility-rules.ts

# Map addon template files.
find packages/template-generator/templates/addons/tauri -type f | sort
find packages/template-generator/templates/addons/electrobun -type f | sort

# Search for nuxt/static-export related handling in addon templates.
rg -n --hidden --no-messages -S "nuxt|static export|staticExport|prerender|output:\\s*'static'|output:\\s*\"static\"|export default" \
  packages/template-generator/templates/addons/tauri \
  packages/template-generator/templates/addons/electrobun

Repository: AmanVarshney01/create-better-t-stack

Length of output: 1760


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Locate the actual addon/template directories in this repo snapshot.
find . -type d \( -path '*/addons/*' -o -path '*/templates/*' -o -path '*/web/*' \) | sort | sed -n '1,250p'

# Search for Nuxt/docker/static-export handling across the repo.
rg -n --hidden --no-messages -S "nuxt|NUXT_SERVER_URL|static export|prerender|output:\\s*['\"]static['\"]|export default.*static|standalone output" .

# Show the surrounding compatibility logic around the desktop-addon docker check.
sed -n '336,390p' apps/cli/src/utils/compatibility-rules.ts

Repository: AmanVarshney01/create-better-t-stack

Length of output: 50392


🏁 Script executed:

#!/bin/bash
set -euo pipefail

sed -n '360,430p' packages/template-generator/src/post-process/package-configs.ts
sed -n '110,190p' apps/cli/test/electrobun-addon.test.ts

# Show the Nuxt docker/static-export area from the generated templates.
python3 - <<'PY'
from pathlib import Path
p = Path("packages/template-generator/src/templates.generated.ts")
lines = p.read_text().splitlines()
for start in (15940, 25370, 29520):
    print(f"\n=== {start} ===")
    for i in range(start-1, min(start+45, len(lines))):
        print(f"{i+1}:{lines[i]}")
PY

Repository: AmanVarshney01/create-better-t-stack

Length of output: 9991


Add nuxt to DOCKER_SERVER_OUTPUT_FRONTENDS nuxt is already handled as a static-export desktop frontend (generate for electrobun, .output/public output), so this validator should include it with next, svelte, and astro to catch incompatible docker/desktop combinations.

Comment on lines 775 to 779
const packageJson = JSON.parse(
await fs.readFile(path.join(result.projectDir, "package.json"), "utf8"),
);
expect(packageJson.workspaces.catalog["better-auth"]).toBe("1.6.22");
expect(packageJson.workspaces.catalog["better-auth"]).toBe("1.6.23");
});

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Keep the Better Auth catalog expectation consistent.

This update only fixes the later check at Line 778; the earlier packageJson.workspaces.catalog["better-auth"] assertion at Line 301 still expects 1.6.15, so this file will still fail against the new template version.

Suggested fix
-      expect(packageJson.workspaces.catalog["better-auth"]).toBe("1.6.15");
+      expect(packageJson.workspaces.catalog["better-auth"]).toBe("1.6.23");
🧰 Tools
🪛 ast-grep (0.44.0)

[warning] 775-775: Filesystem path is not a string literal; a request-/variable-derived path can enable path traversal. Validate and normalize the path before use.
Context: fs.readFile(path.join(result.projectDir, "package.json"), "utf8")
Note: [CWE-22] Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal').

(detect-non-literal-fs-filename-typescript)

Comment on lines +47 to +52
COPY --from=builder /app/apps/web/.next/standalone ./
COPY --from=builder /app/apps/web/.next/static ./apps/web/.next/static
{{#if (includes addons "pwa")}}
# standalone output excludes public/; the pwa addon serves its manifest and icons from there
COPY --from=builder /app/apps/web/public ./apps/web/public
{{/if}}

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== target file =="
cat -n packages/template-generator/templates/deploy/docker/web/react/next/Dockerfile.hbs | sed -n '1,120p'

echo
echo "== search for public copy patterns =="
rg -n --glob '**/Dockerfile.hbs' 'COPY .*public' packages/template-generator/templates || true

echo
echo "== search for pwa addon condition in relevant templates =="
rg -n 'includes addons "pwa"|pwa' packages/template-generator/templates/deploy/docker/web -g '*.hbs' || true

Repository: AmanVarshney01/create-better-t-stack

Length of output: 3268


🏁 Script executed:

#!/bin/bash
set -euo pipefail

python3 - <<'PY'
import requests, sys
urls = [
    "https://nextjs.org/docs/app/building-your-application/deploying#output-standalone",
    "https://nextjs.org/docs/pages/building-your-application/deploying#output-standalone",
]
for u in urls:
    try:
        r = requests.get(u, timeout=20)
        print("URL:", u, "status:", r.status_code)
        print(r.text[:1000].replace("\n"," ")[:1000])
        print("---")
    except Exception as e:
        print("URL:", u, "ERR:", e)
PY

Repository: AmanVarshney01/create-better-t-stack

Length of output: 958


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Inspect the target template and surrounding package context
sed -n '1,140p' packages/template-generator/templates/deploy/docker/web/react/next/Dockerfile.hbs

echo
echo "== nearby template helpers / conditions =="
rg -n 'includes addons "pwa"|COPY .*public|output: "standalone"|standalone' packages/template-generator -g '*.hbs' -g '*.ts' || true

Repository: AmanVarshney01/create-better-t-stack

Length of output: 6060


🌐 Web query:

Next.js standalone output public folder must be copied manually favicon robots.txt docs

💡 Result:

When using the Next.js standalone output mode, the public folder (which contains assets like favicon.ico and robots.txt) and the.next/static folder are not copied into the standalone directory by default [1][2]. This design choice exists because these files are ideally served by a CDN or a reverse proxy in production environments [1][2]. However, if you are running the application using the generated server.js file and need it to serve these files automatically, you must copy them into the standalone folder manually after the build process completes [1][2]. To include these assets in your standalone deployment, you can use the following command after running next build [1][2]: cp -r public.next/standalone/ && cp -r.next/static.next/standalone/.next/ Once these files are copied to.next/standalone/public and.next/standalone/.next/static respectively, the server.js file will automatically detect and serve them [1][2].

Citations:


Copy public/ for every standalone Next.js build.
output: "standalone" leaves public/ out of the bundle, so gating this copy behind pwa will break non-PWA apps at runtime (favicon, robots.txt, and other static assets will 404).

Proposed fix
 COPY --from=builder /app/apps/web/.next/standalone ./
 COPY --from=builder /app/apps/web/.next/static ./apps/web/.next/static
-{{`#if` (includes addons "pwa")}}
-# standalone output excludes public/; the pwa addon serves its manifest and icons from there
-COPY --from=builder /app/apps/web/public ./apps/web/public
-{{/if}}
+# standalone output excludes public/; must always be copied for favicon, robots.txt, and other static assets
+COPY --from=builder /app/apps/web/public ./apps/web/public
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
COPY --from=builder /app/apps/web/.next/standalone ./
COPY --from=builder /app/apps/web/.next/static ./apps/web/.next/static
{{#if (includes addons "pwa")}}
# standalone output excludes public/; the pwa addon serves its manifest and icons from there
COPY --from=builder /app/apps/web/public ./apps/web/public
{{/if}}
COPY --from=builder /app/apps/web/.next/standalone ./
COPY --from=builder /app/apps/web/.next/static ./apps/web/.next/static
# standalone output excludes public/; must always be copied for favicon, robots.txt, and other static assets
COPY --from=builder /app/apps/web/public ./apps/web/public

…t public dir

- compose build args now interpolate the same frontend-prefixed env names
  users fill in apps/web/.env (NEXT_PUBLIC_/VITE_/PUBLIC_ variants), and the
  generated root .env mirrors those names
- next docker runner always copies public/ (user-added static assets), with
  mkdir -p in the builder so the copy never fails when the dir is absent
@AmanVarshney01

Copy link
Copy Markdown
Owner Author

Addressed review comments in 1d21818:

  • Codex (Clerk env key) — valid. Compose build args now interpolate the same frontend-prefixed names users are told to fill (NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY/VITE_CLERK_PUBLISHABLE_KEY, same for the Convex URL), and the generated root .env mirrors those names.
  • CodeRabbit (next public/) — right concern, but the committable suggestion would break every non-PWA build: the base next template has no public/ dir and COPY from a nonexistent path fails. Implemented as RUN mkdir -p apps/web/public in the builder + unconditional copy in the runner, so PWA assets and any user-added static files are always included.
  • CodeRabbit (add nuxt to DOCKER_SERVER_OUTPUT_FRONTENDS) — not applied. Unlike next/svelte/astro, the desktop addons don't switch nuxt.config.ts to a static preset; the desktop bundle uses the separate generate script while the docker image still runs build and gets a full .output server. The combo works.
  • CodeRabbit (auth.test.ts 1.6.15) — not applied. That assertion covers the Convex Better Auth path, which intentionally pins better-auth to 1.6.15 (CONVEX_BETTER_AUTH_VERSION in auth-deps.ts — the version @convex-dev/better-auth is tested against), separate from the main dependencyVersionMap entry. The test passes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant