Feat/improve v 6#158
Merged
Merged
Conversation
…prove code formatting
…curity headers; update API route configurations
…line session creation and validation logic
…xy request handling
…rvices, projects, and privacy
…meContent ID for clarity
… loading logic; update dependencies and formatting
Co-authored-by: Copilot <copilot@github.com>
…ecking, and portfolio architecture exploration
- Changed author and copyright details to include © ColdByDefault. - Added license information to all relevant files. - Updated version number to 6.x.x in all affected files.
ColdByDefault
added
bug
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
Dependency ReviewThe following issues were found:
License Issues.github/workflows/bump-version.yml
OpenSSF Scorecard
Scanned Files
|
Contributor
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
This PR appears to standardize file headers across the codebase (author/license/version), adjust admin session handling to stateless HMAC tokens in proxy.ts, update security/cache headers for API routes, expand sitemap/robots entries, and remove several leaf loading.tsx files + some unused hooks/components.
Changes:
- Standardized header blocks across TS/TSX/CSS files (license + version metadata)
- Reworked admin session handling in
proxy.tsto stateless HMAC-signed cookie tokens - Updated
next.config.tsheaders + routing rules; expanded sitemap/robots; removed multiple per-page loading files and some hooks/components
Reviewed changes
Copilot reviewed 214 out of 219 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| types/main/capabilities.ts | Header metadata standardization |
| types/main/admin.ts | Header metadata standardization |
| types/live-tools/live-tools.ts | Header metadata standardization |
| types/live-tools/email-rewriter.ts | Header metadata standardization |
| types/hubs/use-cases.ts | Header metadata standardization |
| types/hubs/services.ts | Header metadata standardization |
| types/hubs/projects.ts | Header metadata standardization |
| types/hubs/portfolio-section.types.ts | Header metadata standardization |
| types/hubs/library.ts | Header metadata standardization |
| types/hubs/blogs.ts | Header metadata standardization |
| types/hubs/aboutPorto.ts | Header metadata standardization |
| types/global.d.ts | Header metadata standardization |
| types/configs/speed-insight.ts | Header metadata standardization |
| types/configs/seo.ts | Header metadata standardization |
| types/configs/metadata.ts | Header metadata standardization |
| types/configs/i18n.ts | Header metadata standardization |
| types/configs/github.ts | Header metadata standardization |
| types/configs/chatbot.ts | Header metadata standardization |
| types/configs/api.ts | Header metadata standardization |
| styles/glitchEffect.css | Header metadata standardization |
| styles/company-banner.css | Header metadata standardization |
| proxy.ts | Stateless admin session tokens + removed chatbot UA/referer checks |
| prisma/seed.ts | Header metadata standardization |
| next.config.ts | Adjust output tracing + API headers rules |
| lib/security.ts | Header metadata standardization |
| lib/live-tools/security.ts | Header metadata standardization |
| lib/live-tools/rewriter-rate-limit.ts | Header metadata standardization |
| lib/hubs/blogs.ts | Ensure getBlogBySlug only returns published; minor formatting |
| lib/configs/seo.ts | Header metadata standardization |
| lib/configs/prisma.ts | Header metadata standardization |
| lib/chatbot-logging.ts | Header metadata standardization |
| lib/blog-admin/index.ts | Header metadata standardization |
| lib/blog-admin/blog-admin.ts | Header metadata standardization |
| lib/blog-admin/BlogValidationService.ts | Header metadata standardization |
| lib/blog-admin/BlogUtilityService.ts | Header metadata standardization |
| lib/blog-admin/BlogQueryService.ts | Header metadata standardization |
| lib/blog-admin/BlogAdminService.ts | Header metadata standardization |
| i18n/request.ts | Header metadata standardization |
| hooks/use-loading.ts | Removed hook implementation |
| hooks/use-language.ts | Removed hook implementation |
| hooks/use-client.ts | Header metadata standardization |
| hooks/use-chatbot.ts | Header metadata standardization |
| data/main/tech.ts | Header metadata standardization |
| data/main/footerLinks.ts | Header metadata standardization |
| data/main/companiesData.ts | Header metadata standardization |
| data/main/chatbot-system-prompt.ts | Header metadata standardization |
| data/main/certificationsData.ts | Header metadata standardization |
| data/main/capabilitiesData.ts | Header metadata standardization |
| data/main/aboutData.ts | Header metadata standardization |
| data/live-tools/email-rewriter.ts | Header metadata standardization |
| data/hubs/use-cases.ts | Header metadata standardization |
| data/hubs/servicesData.ts | Header metadata standardization |
| data/hubs/projectsData.ts | Header metadata standardization |
| data/hubs/portfolio-section.data.ts | Header metadata standardization |
| data/configs/seo.ts | Header metadata standardization |
| data/configs/githubAchievements.ts | Header metadata standardization (removed descriptive doc header text) |
| components/visuals/motion-background.tsx | Header metadata standardization |
| components/visuals/index.ts | Removed LoadingScreen export |
| components/visuals/card-animations.ts | Header metadata standardization |
| components/visuals/LoadingSkeleton.tsx | Header metadata standardization |
| components/visuals/LoadingScreen.tsx | Removed component implementation |
| components/visuals/ClientBackground.tsx | Header metadata standardization |
| components/visuals/CentralizedLoading.tsx | Header metadata + import formatting change |
| components/use-cases/tech-stack-grid.tsx | Header metadata standardization |
| components/use-cases/showcase-section.tsx | Header metadata standardization |
| components/use-cases/screenshot-gallery.tsx | Header metadata standardization |
| components/use-cases/project-links.tsx | Header metadata standardization |
| components/use-cases/project-card.tsx | Header metadata standardization |
| components/use-cases/index.ts | Header metadata standardization |
| components/use-cases/implementation-areas.tsx | Header metadata standardization |
| components/theme/viewport-renderer.tsx | Header metadata standardization |
| components/theme/theme-config-validator.tsx | Header metadata standardization |
| components/theme/theme-config-initializer.tsx | Header metadata standardization |
| components/tech/index.ts | Header metadata standardization |
| components/tech/Technologies.logic.ts | Header metadata standardization |
| components/tech/Capabilities.tsx | Header metadata standardization |
| components/speed-insight/index.ts | Header metadata standardization |
| components/speed-insight/SpeedInsight.tsx | Header metadata standardization |
| components/speed-insight/SpeedInsight.logic.ts | Header metadata standardization |
| components/speed-insight/SpeedInsight.constants.ts | Header metadata standardization |
| components/services/index.ts | Header metadata standardization |
| components/services/PackageCard.tsx | Header metadata standardization |
| components/projects/projects-showcase.utils.ts | Header metadata standardization |
| components/projects/index.ts | Header metadata standardization |
| components/projects/ProjectsShowcase.tsx | Header metadata standardization |
| components/projects/ProjectsHomeShowcase.tsx | Header metadata standardization |
| components/projects/ProjectsFilter.tsx | Header metadata standardization |
| components/projects/ProjectCard.tsx | Header metadata standardization |
| components/nav/navbarItems.tsx | Header metadata standardization |
| components/nav/index.ts | Header metadata standardization |
| components/nav/Navbar.tsx | Header metadata standardization |
| components/live-tools/rio/index.ts | Header metadata standardization |
| components/live-tools/rio/calculator.tsx | Header metadata standardization |
| components/live-tools/rio/calculator-logic.ts | Header metadata standardization |
| components/live-tools/polite-email/tone-selector.tsx | Header metadata standardization |
| components/live-tools/polite-email/mode-selector.tsx | Header metadata standardization |
| components/live-tools/polite-email/index.ts | Header metadata standardization |
| components/live-tools/polite-email/email-rewriter.tsx | Header metadata standardization |
| components/live-tools/polite-email/email-result.tsx | Header metadata standardization |
| components/live-tools/polite-email/context-input.tsx | Header metadata standardization |
| components/live-tools/polite-email/analysis-result.tsx | Header metadata standardization |
| components/languages/locale-auto-detect.tsx | Header metadata standardization |
| components/languages/language-switcher.tsx | Header metadata standardization |
| components/languages/index.ts | Header metadata standardization |
| components/hero/index.ts | Header metadata standardization |
| components/hero/HomeTranslatedSections.tsx | Header metadata standardization |
| components/hero/HomeContent.tsx | Header metadata + changed DOM id |
| components/hero/Hero.tsx | Header metadata + changed <main> to <section> |
| components/github/index.ts | Header metadata standardization |
| components/github/GitHubShowcase.tsx | Header metadata standardization |
| components/github/GitHubRepositories.tsx | Header metadata standardization |
| components/github/GitHubProfile.tsx | Header metadata standardization |
| components/footer/index.ts | Header metadata standardization |
| components/footer/Links.tsx | Header metadata standardization |
| components/footer/Footer.tsx | Header metadata standardization |
| components/cookies/index.ts | Header metadata standardization |
| components/cookies/cookies-banner.tsx | Header metadata standardization |
| components/contact/index.ts | Header metadata standardization |
| components/contact/ContactSheet.tsx | Header metadata standardization |
| components/companies/index.ts | Header metadata standardization |
| components/companies/CompanyBanner.tsx | Header metadata standardization |
| components/chatbot/index.ts | Header metadata standardization |
| components/chatbot/TypingIndicator.tsx | Header metadata standardization |
| components/chatbot/ChatMessage.tsx | Header metadata standardization |
| components/chatbot/ChatInput.tsx | Header metadata standardization |
| components/chatbot/ChatHeader.tsx | Header metadata standardization |
| components/chatbot/ChatBot.tsx | Header metadata standardization |
| components/chatbot/ChatBot.constants.ts | Header metadata standardization |
| components/cer/index.ts | Header metadata standardization |
| components/cer/CertificationShowcaseMobile.tsx | Header metadata standardization |
| components/cer/CertificationShowcaseDesktop.tsx | Header metadata standardization |
| components/cer/CertificationShowcase.logic.ts | Header metadata standardization |
| components/cer/CertificationShowCase.tsx | Header metadata standardization |
| components/blog/index.ts | Header metadata standardization |
| components/blog/dashboard/useBlogAdmin.ts | Adjust auth flow; reorganize data-load effects; formatting |
| components/blog/dashboard/index.ts | Header metadata standardization |
| components/blog/dashboard/StatsOverview.tsx | Header metadata standardization |
| components/blog/dashboard/BlogsList.tsx | Header metadata standardization |
| components/blog/dashboard/BlogFormDialog.tsx | Header metadata standardization |
| components/blog/dashboard/BlogFilters.tsx | Header metadata standardization |
| components/blog/dashboard/Authentication.tsx | Header metadata standardization |
| components/blog/LanguageFilter.tsx | Header metadata standardization |
| components/blog/LanguageBadge.tsx | Header metadata standardization |
| components/blog/BlogsList.tsx | Header metadata standardization |
| components/blog/BlogView.tsx | Header metadata standardization |
| components/blog/BlogPageClient.tsx | Header metadata standardization |
| components/blog/BlogBreadcrumb.tsx | Header metadata standardization |
| components/aboutPortoPage/portfolio-workflow.tsx | Header metadata standardization |
| components/aboutPortoPage/portfolio-tech.tsx | Header metadata standardization |
| components/aboutPortoPage/portfolio-showcase.tsx | Header metadata standardization |
| components/aboutPortoPage/portfolio-performance.tsx | Header metadata standardization |
| components/aboutPortoPage/portfolio-features.tsx | Header metadata standardization |
| components/aboutPortoPage/portfolio-architecture.tsx | Header metadata standardization |
| components/aboutPortoPage/index.ts | Header metadata standardization |
| components/VersionDisplay.tsx | Header metadata standardization |
| components/NoSSR.tsx | Header metadata standardization |
| app/sitemap.ts | Added more static routes; formatting |
| app/robots.ts | Expanded allow list; formatting |
| app/page.tsx | Header metadata standardization |
| app/not-found.tsx | Header metadata standardization |
| app/loading.tsx | Header metadata standardization |
| app/layout.tsx | Header metadata update in docblock |
| app/globals.css | Header metadata standardization |
| app/global-error.tsx | Header metadata standardization |
| app/booking-confirmed/page.tsx | Header metadata + formatting |
| app/booking-confirmed/loading.tsx | Header metadata standardization |
| app/api/speed-insight/route.ts | Header metadata standardization |
| app/api/github/route.ts | Header metadata standardization |
| app/api/email-rewrite/rewriter/route.ts | Header metadata standardization |
| app/api/email-rewrite/remaining/route.ts | Header metadata standardization |
| app/api/email-rewrite/analyze/route.ts | Header metadata standardization |
| app/api/chatbot/route.ts | Header metadata standardization |
| app/api/blog/route.ts | Header metadata standardization |
| app/api/blog/[slug]/route.ts | Header metadata standardization |
| app/api/admin/chatbot/logs/route.ts | Header metadata standardization |
| app/api/admin/blog/route.ts | Switch admin session cookie setter to stateless token |
| app/api/about/route.ts | Header metadata standardization |
| app/admin/loading.tsx | Header metadata standardization |
| app/admin/chatbot/page.tsx | Header metadata standardization |
| app/admin/blog/page.tsx | Header metadata + formatting |
| app/admin/blog/loading.tsx | Removed leaf loading UI |
| app/admin/blog/layout.tsx | Header metadata + formatting |
| app/admin/blocked/page.tsx | Header metadata standardization |
| app/(media)/services/page.tsx | Header metadata standardization |
| app/(media)/services/loading.tsx | Removed leaf loading UI |
| app/(media)/projects/page.tsx | Header metadata standardization |
| app/(media)/projects/loading.tsx | Removed leaf loading UI |
| app/(media)/loading.tsx | Header metadata standardization |
| app/(media)/layout.tsx | Header metadata standardization |
| app/(media)/blog/page.tsx | Only fetch published blogs |
| app/(media)/blog/loading.tsx | Removed leaf loading UI |
| app/(media)/blog/[slug]/page.tsx | Header metadata standardization |
| app/(media)/about/page.tsx | Header metadata + removed commented-out blocks |
| app/(media)/about/loading.tsx | Removed leaf loading UI |
| app/(media)/about-portfolio/page.tsx | Header metadata + formatting cleanup |
| app/(media)/about-portfolio/loading.tsx | Removed leaf loading UI |
| app/(live-tools)/rio-calculator/page.tsx | Header metadata standardization |
| app/(live-tools)/rio-calculator/loading.tsx | Removed leaf loading UI |
| app/(live-tools)/polite-email/page.tsx | Header metadata standardization |
| app/(live-tools)/polite-email/loading.tsx | Removed leaf loading UI |
| app/(live-tools)/loading.tsx | Header metadata standardization |
| app/(live-tools)/layout.tsx | Header metadata standardization |
| app/(legals)/privacy/page.tsx | Header metadata standardization |
| app/(legals)/privacy/loading.tsx | Removed leaf loading UI |
| app/(legals)/loading.tsx | Header metadata standardization |
| app/(legals)/layout.tsx | Header metadata standardization |
| app/(legals)/impressum/page.tsx | Header metadata + formatting cleanup |
| app/(legals)/impressum/loading.tsx | Removed leaf loading UI |
| AGENTS.md | Added repo-wide agent instructions and conventions |
| .gitignore | Ignored TODO.md |
| .github/workflows/bump-version.yml | Added new workflow to bump patch version on push to main |
| .github/skills/portfolio-architecture/SKILL.md | Added skill doc for architecture exploration |
| .github/skills/i18n-checker/SKILL.md | Added skill doc for i18n checking |
| .github/copilot-instructions.md | Added Copilot repo instructions |
| .github/agents/security-audit.agent.md | Added security-audit agent recipe |
| .github/agents/code-review.agent.md | Added code-review agent recipe |
Comments suppressed due to low confidence (11)
proxy.ts:1
proxy.tsis effectively acting like middleware/proxy code; using Node's"crypto"module APIs (createHmac,timingSafeEqual) andBufferis not supported in the Edge runtime and will typically break at build/runtime. Use Web Crypto (crypto.subtle) for HMAC signing/verification (and compare using constant-time logic over Uint8Array), or ensure this file is executed in a Node.js runtime (note: middleware-style files are generally Edge-only in Next.js).
proxy.ts:1proxy.tsis effectively acting like middleware/proxy code; using Node's"crypto"module APIs (createHmac,timingSafeEqual) andBufferis not supported in the Edge runtime and will typically break at build/runtime. Use Web Crypto (crypto.subtle) for HMAC signing/verification (and compare using constant-time logic over Uint8Array), or ensure this file is executed in a Node.js runtime (note: middleware-style files are generally Edge-only in Next.js).
proxy.ts:1proxy.tsis effectively acting like middleware/proxy code; using Node's"crypto"module APIs (createHmac,timingSafeEqual) andBufferis not supported in the Edge runtime and will typically break at build/runtime. Use Web Crypto (crypto.subtle) for HMAC signing/verification (and compare using constant-time logic over Uint8Array), or ensure this file is executed in a Node.js runtime (note: middleware-style files are generally Edge-only in Next.js).
proxy.ts:1hasValidAdminSession()hard-fails whenADMIN_TOKENis missing, butcreateAdminSession()still happily creates and returns a token signed with an empty secret (ADMIN_TOKEN || ""). This can lead to “successful login” code paths that set a cookie which will never validate later if the env var is not set. MakecreateAdminSession()(andsignToken) fail fast whenADMIN_TOKENis unset (e.g., throw or return an explicit error) and remove the empty-string secret fallback.
proxy.ts:1hasValidAdminSession()hard-fails whenADMIN_TOKENis missing, butcreateAdminSession()still happily creates and returns a token signed with an empty secret (ADMIN_TOKEN || ""). This can lead to “successful login” code paths that set a cookie which will never validate later if the env var is not set. MakecreateAdminSession()(andsignToken) fail fast whenADMIN_TOKENis unset (e.g., throw or return an explicit error) and remove the empty-string secret fallback.
proxy.ts:1hasValidAdminSession()hard-fails whenADMIN_TOKENis missing, butcreateAdminSession()still happily creates and returns a token signed with an empty secret (ADMIN_TOKEN || ""). This can lead to “successful login” code paths that set a cookie which will never validate later if the env var is not set. MakecreateAdminSession()(andsignToken) fail fast whenADMIN_TOKENis unset (e.g., throw or return an explicit error) and remove the empty-string secret fallback.
proxy.ts:1- Switching to stateless session tokens makes mid-session revocation impossible (e.g., if a token is stolen, it remains valid until expiry). If revocation is a requirement for admin sessions, consider adding a server-side denylist keyed by token id/jti (with TTL), shortening
SESSION_DURATION, and/or rotating the signing secret at logout/security events.
next.config.ts:1 - This change removes
X-Content-Type-Options: nosniffandX-Frame-Options: DENYthat were previously applied to/api/chatbotin this rule. If these headers are not set globally elsewhere, re-add them here (or add a global headers rule) to avoid a security regression.
components/hero/Hero.tsx:1 - Changing the hero wrapper from
<main role="main">to<section>removes a “main” landmark from this component. If there isn’t another<main>element on the page/layout, this degrades accessibility (screen readers rely on landmarks). Ensure the page still contains exactly one main landmark (either revert to<main>here, or add<main>/role="main"at the appropriate top-level container).
next.config.ts:1 - Adding
"/**"tooutputFileTracingIncludescan significantly expand tracing and deployment output (potentially increasing build/deploy size and cold start time). If the Prisma client is only needed for server routes/components, consider scoping the include to the minimal set of routes (e.g., API routes and any server components that actually query Prisma) rather than all paths.
components/visuals/CentralizedLoading.tsx:1 - This import formatting is inconsistent with typical code style / lint rules (missing spaces inside braces). Update to the standard spaced form to avoid lint noise and keep consistency.
Comment on lines
+3
to
+6
| on: | ||
| push: | ||
| branches: | ||
| - main |
Comment on lines
+33
to
+36
| - name: Bump patch version | ||
| id: bump | ||
| run: | | ||
| NEW_VERSION=$(npm version patch --no-git-tag-version) |
Comment on lines
+45
to
+50
| - name: Commit and tag | ||
| run: | | ||
| git add package.json package-lock.json README.md | ||
| git commit -m "chore: bump version to ${{ steps.bump.outputs.new_version }} [skip ci]" | ||
| git tag "${{ steps.bump.outputs.new_version }}" | ||
| git push origin main --tags |
| | i18n | next-intl 4.11.0 · 5 locales: `en`, `de`, `es`, `fr`, `sv` | | ||
| | Database | Prisma 7.8.0, WASM query engine, `@prisma/adapter-pg`, Neon PostgreSQL | | ||
| | Auth | Stateless HMAC-SHA256 tokens — no NextAuth, no server-side session state | | ||
| | Proxy | `proxy.ts` (root) — Next.js 16 renamed `middleware.ts` to `proxy.ts` | |
Comment on lines
+72
to
+76
| ## Authentication | ||
|
|
||
| - Cookie name: `PORTFOLIO_ADMIN_SESSION` | ||
| - Format: `{randomId}.{expiresAt}.{hmacSig}` | ||
| - Functions: `createAdminSession()` and `hasValidAdminSession(request)` in `proxy.ts` |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.