chore: bump deps, modernise Claude Code config, and spring-clean docs#39
Merged
Conversation
…e resolve Dependencies: - Bump next 16.2.1→16.2.2, tailwindcss 4.1.18→4.2.2, playwright 1.58.2→1.59.1, biome 2.4.9→2.4.10 - Bump baseline-browser-mapping, lefthook, @types/node - Remove vite-tsconfig-paths in favour of Vite's built-in tsconfigPaths resolve option Dropping vite-tsconfig-paths simplifies the Vitest plugin chain with no behaviour change — Vite now supports this natively. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Directory rename: - Move all docs from x_docs/ to .xdocs/ (hidden directory) - Remove unused images (github-social-thin.jpg, old rough-notes.png) New documents: - HeroUI v3 evaluation report comparing against shadcn/ui - Vercel AGENTS.md vs skills eval comparison Hidden directory keeps project docs out of the file explorer while remaining version-controlled. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Markdownlint: - Replace .markdownlint.yaml with .markdownlint-cli2.yaml (adds ignores support and node_modules exclusion) - Add MD028 and MD032 rule disables for blockquotes and template lists VS Code: - Hide .ruff_cache directory in file explorer Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Permissions (.claude/settings.json): - Add $schema for validation - Update Bash permission syntax from colon to space separators - Sort allow list alphabetically - Remove extra marketplace registration for playwright-skill Commands: - Expand coderabbit command with structured output, thread resolution, and cleanup steps - Update commit template docs glob to include .xdocs/ Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Dependency updates: - next 16.2.2 → 16.2.4, react/react-dom 19.2.4 → 19.2.5 - @biomejs/biome 2.4.10 → 2.4.13, typescript 6.0.2 → 6.0.3 - vitest 4.1.2 → 4.1.5, jsdom 29.0.1 → 29.0.2 - @tailwindcss/postcss 4.2.2 → 4.2.4, @types/node 25.5.2 → 25.6.0 - lefthook 2.1.5 → 2.1.6, markdownlint-cli2 0.22.0 → 0.22.1 - @rolldown/plugin-babel 0.2.2 → 0.2.3, baseline-browser-mapping 2.10.16 → 2.10.23 Config: - Bump biome.json $schema URL to match installed CLI (2.4.13) All updates are patch or minor bumps within existing semver ranges. Verified with full pre-commit (biome, tsc, vitest) and pre-push (next build, Playwright) lefthook runs — all green. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Plugin setup: - Register michellepace/my-claude-marketplace in extraKnownMarketplaces - Enable git-utils@my-claude-marketplace at project scope so collaborators inherit the same workflow commands Removed local commands (now provided by the plugin): - .claude/commands/coderabbit.md - .claude/commands/commit.md - .claude/commands/merge-cleanup.md Settings tidy: - Reorder permissions block (allow, deny, ask) for consistency Docs: - Bump README Next.js version reference to 16.2.4 Centralises commit, merge-cleanup, and CodeRabbit workflows in the shared marketplace plugin, removing local copies that would drift over time.
Tailwind v4 preflight applies `height: auto` to all <img>, which conflicts
with the explicit `width={16} height={16}` on the homepage Vercel logomark
and trips next/image's aspect-ratio console warning. Add explicit
`h-4 w-4` classes so the rendered size matches the intrinsic ratio.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
Warning Rate limit exceeded
Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 16 minutes and 8 seconds. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (3)
WalkthroughThis PR pins and bumps tooling versions, replaces markdownlint config, revises Claude settings and permissions, removes three AI command templates, adds documentation pages, tweaks Vitest config, updates package and Biome schema, and makes a small UI Tailwind sizing change. (50 words) Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
README.md (1)
257-258:⚠️ Potential issue | 🟡 MinorUpdate stale alias documentation to match current Vite config
Line 257 still points to
vite-tsconfig-paths, but this PR removes it. Please update the note to reflect native Vite alias/tsconfig path resolution.Proposed doc fix
-4. The `@/`* import alias works in tests thanks to `vite-tsconfig-paths` +4. The `@/`* import alias works in tests via Vite config (`resolve.alias`/tsconfig paths)🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@README.md` around lines 257 - 258, The README's note about test alias resolution is stale: replace the reference to `vite-tsconfig-paths` with the now-correct description that Vite (and tsconfig paths) are resolved natively, e.g., change the bullet mentioning "`vite-tsconfig-paths`" and the line referring to the "@/* import alias" to state that the `@/`* alias works in tests via Vite's native alias/tsconfig path resolution; update any adjacent wording to remove mention of the removed plugin and ensure consistency with the current Vite config and tsconfig paths.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.xdocs/own/agentmd-over-skills.md:
- Around line 1-15: Fix the heading and published date: in the top heading line
that currently reads "# Vercel: `Agents.md`outperforms skills in our agent
evals" add a space after the closing backtick and normalize casing to match the
body (change `Agents.md` to `AGENTS.md`) so it reads "# Vercel: `AGENTS.md`
outperforms skills in our agent evals"; also correct the SOURCE published date
string "2026-17-01" to a valid ISO date "2026-01-17".
In `@README.md`:
- Line 29: Update the README's "(4) Housekeeping" paragraph to stop directing
users to local command files that were removed; replace the current wording that
references .xdocs/, CLAUDE.md, .mcp.json and .claude/commands with a short note
explaining that local commands were replaced by a marketplace plugin and either
point to the marketplace installation/configuration instructions or remove the
path-specific guidance entirely, and ensure the README no longer instructs users
to modify a non-existent .claude/commands directory.
In `@vitest.config.ts`:
- Around line 6-7: Vitest cannot resolve tsconfig path aliases via Vite 8's
resolve.tsconfigPaths, so update the Vite/Vitest config: import and add the
vite-tsconfig-paths plugin into the existing plugins array (alongside react()
and babel(...))—e.g., add viteTsconfigPaths() as a plugin entry so tests can
resolve "@/..." imports; you can keep resolve: { tsconfigPaths: true } but
ensure vite-tsconfig-paths is present in the plugins list in vitest.config.ts.
---
Outside diff comments:
In `@README.md`:
- Around line 257-258: The README's note about test alias resolution is stale:
replace the reference to `vite-tsconfig-paths` with the now-correct description
that Vite (and tsconfig paths) are resolved natively, e.g., change the bullet
mentioning "`vite-tsconfig-paths`" and the line referring to the "@/* import
alias" to state that the `@/`* alias works in tests via Vite's native
alias/tsconfig path resolution; update any adjacent wording to remove mention of
the removed plugin and ensure consistency with the current Vite config and
tsconfig paths.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: 865f6b58-0617-4fad-9bac-ba6775fa987c
⛔ Files ignored due to path filters (7)
.xdocs/images/app_screenshot.jpgis excluded by!**/*.jpg.xdocs/images/nextjs-hero.pngis excluded by!**/*.png.xdocs/images/rough-notes.pngis excluded by!**/*.png.xdocs/images/template-explained.pngis excluded by!**/*.pngpackage-lock.jsonis excluded by!**/package-lock.jsonx_docs/images/github-social-thin.jpgis excluded by!**/*.jpgx_docs/images/rough-notes.pngis excluded by!**/*.png
📒 Files selected for processing (23)
.claude/CLAUDE.md.claude/commands/coderabbit.md.claude/commands/commit.md.claude/commands/merge-cleanup.md.claude/settings.json.markdownlint-cli2.yaml.markdownlint.yaml.vscode/settings.json.xdocs/own/WORDS.md.xdocs/own/agentmd-over-skills.md.xdocs/own/hero-ui.md.xdocs/own/quick_notes.md.xdocs/own/theme_resources.md.xdocs/own/zustand.md.xdocs/project-setup.md.xdocs/reference/README.md.xdocs/reference/default.theme.css.xdocs/reference/preflight.cssREADME.mdapp/page.tsxbiome.jsonpackage.jsonvitest.config.ts
💤 Files with no reviewable changes (4)
- .claude/commands/commit.md
- .claude/commands/coderabbit.md
- .claude/commands/merge-cleanup.md
- .markdownlint.yaml
Settings: - Register anthropics/claude-plugins-official as a known marketplace - Enable typescript-lsp@claude-plugins-official for semantic code intelligence (go-to-definition, find-references, live diagnostics) during Claude edits - Declare frontend-design and feature-dev as known but disabled, kept off by default to avoid context bloat and toggled on when needed README: - Document npm install -g typescript-language-server typescript as a clone-time prerequisite, since Claude Code does not auto-install LSP server binaries Complements the existing pre-commit and pre-push gates: hooks remain the safety net, while LSP gives Claude semantic understanding during the edit loop, which should reduce iteration before commits. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Removed (destructive or arbitrary execution risk): - Bash(npx vercel *) — wildcard authorised production deploys, env rm, deployment rm; specific safe vercel subcommand allows already cover read-only operations - Bash(xargs *) — effectively allowed arbitrary command execution via piped input - Bash(sed *) — in-place file edits superseded by safer Edit tool Consolidated: - 10 individual Bash(npm run X) entries replaced with Bash(npm run *), since npm run is bounded to scripts defined in package.json - 13 explicit mcp__playwright__browser_* entries replaced with the wildcard, restoring access to type, fill_form, press_key, select_option, hover, drag, file_upload and handle_dialog which were previously prompting on every use; browser_run_code kept explicitly as a visible reminder that arbitrary in-page JS execution is allowed Net: 26 lines removed, 3 added. Same effective surface for everyday work, smaller blast radius, future-proofed for new npm scripts. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
michellepace
changed the title
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
agentmd-over-skills.md (PR #39 thread r3144154014): - Add missing space and normalise casing: `Agents.md` → `AGENTS.md` - Correct invalid ISO date `2026-17-01` → `2026-01-17` README.md (PR #39 thread r3144154017): - Drop housekeeping step's reference to removed `.claude/commands/` - Remove `.claude/commands/` row from Config Files table The commands directory was deleted earlier in this branch in favour of the `git-utils` marketplace plugin, leaving the README with two dead links. Title and date fixes correct rendering and metadata in a working notes doc. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
There was a problem hiding this comment.
Actionable comments posted: 3
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
README.md (1)
257-257:⚠️ Potential issue | 🟡 MinorUpdate stale Vitest alias documentation
Line 257 of README.md incorrectly attributes alias support to
vite-tsconfig-paths, but the PR uses Vitest's nativetsconfigPathsresolution instead.Suggested documentation edit
-4. The `@/`* import alias works in tests thanks to `vite-tsconfig-paths` +4. The `@/`* import alias works in tests via Vitest's native tsconfig-path resolution🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@README.md` at line 257, Update the README: change the claim that the `@/`* import alias in tests works because of `vite-tsconfig-paths` to state it uses Vitest's native `tsconfigPaths` resolution; edit the sentence referencing `vite-tsconfig-paths` to instead reference `tsconfigPaths` (Vitest) and optionally add a brief note that Vitest handles the alias resolution natively so readers know to configure `tsconfigPaths` in the Vitest config rather than installing `vite-tsconfig-paths`.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.claude/settings.json:
- Around line 35-36: Remove the redundant explicit entry
"mcp__playwright__browser_run_code" because the wildcard
"mcp__playwright__browser_*" already covers it; either delete the explicit line
from the .claude/settings.json allow list or, if you want to keep it for
documentation, replace the explicit entry with a clear inline comment explaining
the intent (e.g., "kept explicit for clarity") so the file no longer contains a
no-op duplicate.
- Line 38: Update the deny pattern in the "deny" array of .claude/settings.json
so it blocks all dotenv variants; replace the current Read(**/.env) entry with a
glob that matches .env*, e.g., Read(**/.env*), to cover .env, .env.local,
.env.production.local, etc., ensuring the string remains quoted in the "deny"
array.
In @.xdocs/own/agentmd-over-skills.md:
- Around line 194-196: The doc currently shows two different codemod channels:
the command `npx `@next/codemod`@canary agents-md` and an earlier recommendation
of `@latest`; choose one as the guide's default and make the other explicitly
optional/experimental. Update the `npx `@next/codemod`@canary agents-md` line (or
the earlier `@latest` mention) so both references match the chosen default, and
add one short clarifying note that the alternate channel (e.g., `@canary` if you
pick `@latest`, or `@latest` if you pick `@canary`) is experimental/optional for
users who want bleeding-edge behavior.
---
Outside diff comments:
In `@README.md`:
- Line 257: Update the README: change the claim that the `@/`* import alias in
tests works because of `vite-tsconfig-paths` to state it uses Vitest's native
`tsconfigPaths` resolution; edit the sentence referencing `vite-tsconfig-paths`
to instead reference `tsconfigPaths` (Vitest) and optionally add a brief note
that Vitest handles the alias resolution natively so readers know to configure
`tsconfigPaths` in the Vitest config rather than installing
`vite-tsconfig-paths`.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: 746e48ff-579f-4bec-bd61-d5214f94ff80
📒 Files selected for processing (3)
.claude/settings.json.xdocs/own/agentmd-over-skills.mdREADME.md
.claude/settings.json (PR #39 thread r3144232338): - Widen dotenv deny glob `Read(**/.env)` → `Read(**/.env*)` to cover `.env.local`, `.env.production.local` and other Next.js variants - Remove `Bash(cat *)` from the allow list to close the bypass path (Read tool already covers legitimate file reads and respects deny) agentmd-over-skills.md (PR #39 thread r3144232341): - Align codemod channel guidance: `@next/codemod@canary` → `@latest` on lines 194 and 224 to match the recommendation earlier in the doc `agents-md` ships in stable `@next/codemod@16.2.4`, so the original blog's `@canary` recommendation is no longer needed. The settings change is defence-in-depth: blocking the Read tool path for all dotenv variants and dropping the broad `cat` allow that could read them via Bash. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Supersedes Dependabot PR #40. Script body uses only the injected `github.rest.*` and `context` globals, none of which v9 changed. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This was referenced Apr 26, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
A no-behaviour-change spring clean with five themes:
next16.2.1→16.2.4,react/react-dom19.2.4→19.2.5,@biomejs/biome2.4.9→2.4.13,@playwright/test1.58.2→1.59.1,tailwindcss4.1.18→4.2.2,typescript6.0.2→6.0.3,vitest4.1.2→4.1.5, plus minor bumps to@types/node,@rolldown/plugin-babel,baseline-browser-mapping,jsdom,lefthook,markdownlint-cli2. README and.claude/CLAUDE.mdTech-Stack tables updated to match.vite-tsconfig-pathsin favour of Vitest's built-inresolve: { tsconfigPaths: true }..markdownlint.yaml→.markdownlint-cli2.yaml, with newignores:block (node_modules/**) and two extra disabled rules (MD028,MD032).x_docs/→.xdocs/(all seven existing files moved verbatim). Removed unused images (github-social-thin.jpg, oldrough-notes.png); addednextjs-hero.png(now the README hero), a freshrough-notes.png, and two new working notes (agentmd-over-skills.md,hero-ui.md). All README links updated..claude/settings.json: added$schema; alphabetised permissions; switched syntax fromBash(cmd:*)toBash(cmd *); collapsed several entries into wildcards (Bash(npm run *),mcp__playwright__browser_*).enabledPluginsblock:git-utils@my-claude-marketplaceandtypescript-lsp@claude-plugins-officialenabled;frontend-designandfeature-devdeclared but disabled.extraKnownMarketplacesswapped: removedplaywright-skill; addedmy-claude-marketplaceandclaude-plugins-official..claude/commands/coderabbit.md,commit.md,merge-cleanup.md.Other small bits
app/page.tsx: addedh-4 w-4to the Vercel logomark<Image>to silence the next/image aspect-ratio warning on Vercel.npm install -g typescript-language-server typescriptfor the newtypescript-lspplugin..vscode/settings.json: hides**/.ruff_cachein the file explorer.Heads-up for consumers cloning the template
x_docs/need updating to.xdocs/..markdownlint.yamlshould point at.markdownlint-cli2.yaml.Test plan
lefthook run pre-commit --all-files(biome-check, npm-install, type-check, unit-tests)lefthook run pre-push --all-files(build, Playwright E2E on chromium + Mobile Safari)🤖 Generated with Claude Code