Merging new codebase with original #35
Conversation
…f overview page and implemented sidebar hiding at smaller viewports
…more resources, added cybersec domain
- Implemented ParticipantManagement component for viewing and managing event participants. - Added filtering and searching capabilities for participants. - Included modals for viewing and editing participant details. - Created CSV export functionality for participant data. - Developed UI components for dialogs and text areas. - Defined types for events and participants to ensure type safety. - Updated next-auth types to include user admin status.
…t-related components
…ers and improving data parsing
CP Club Page
… for ESLint settings
…ntsCarousel and DevCore components style: Update SectionHero for improved responsiveness and spacing fix: Modify AnimatedList to cycle through items and show a fixed window size style: Adjust Lamp component for better responsiveness and visual appeal chore: Add new images for Senate members Mohammed and Priyank
Removed unused import of Link from next/link.
Updated team member roles and adjusted layout for improved presentation.
…event filtering and display
- Implemented a new Select component with various subcomponents (SelectTrigger, SelectContent, SelectItem, etc.) for better UI control. - Integrated icons for dropdown functionality using lucide-react. - Added styling utilities for consistent design. - Updated package.json and package-lock.json to include @radix-ui/react-select dependency. feat: define project types for better type safety - Created types/projects.ts to define ProjectCategory, ProjectStatus, TeamMember, Project, ProjectWithLikeStatus, ProjectSubmission, and ProjectReviewData interfaces. - Enhanced type safety for project management features.
Fixed some small bugs
Updated dependencies to fix Next.js and React CVE vulnerabilities. The fix-react2shell-next tool automatically updated the following packages to their secure versions: - next - react-server-dom-webpack - react-server-dom-parcel - react-server-dom-turbopack All package.json files have been scanned and vulnerable versions have been patched to the correct fixed versions based on the official React advisory. Co-authored-by: Vercel <vercel[bot]@users.noreply.github.com>
…u-72uq6c Fix React Server Components CVE vulnerabilities
…nt variable syntax
There was a problem hiding this comment.
Pull request overview
This pull request merges significant new functionality into the original codebase, adding Events, Projects, and Dashboard features to create a comprehensive community platform for VJTI students.
Changes:
- Adds complete event management system with registration, team support, and admin dashboard
- Implements project showcase functionality with approval workflow
- Introduces authentication enhancements with admin role support and Supabase integration
- Adds new UI components and improves mobile responsiveness
Reviewed changes
Copilot reviewed 82 out of 121 changed files in this pull request and generated 34 comments.
Show a summary per file
| File | Description |
|---|---|
| wrangler.toml | Updates Node.js version to 22, adds Cloudflare Workers configuration with secrets |
| types/*.ts | Adds TypeScript type definitions for events, projects, and NextAuth extensions |
| schema.sql | Defines database schema for events, participants, and users tables |
| middleware.ts | Enhances authentication middleware with admin checks and email validation |
| lib/auth.ts | Implements user synchronization with Supabase and admin role management |
| app/actions/*.ts | Adds server actions for events, projects, teams, and user management |
| components/* | Introduces numerous UI components for events, projects, dashboards, and club pages |
| app/**/page.tsx | Updates pages with new hero sections, team displays, and club-specific content |
| package.json | Adds dependencies for Supabase, Radix UI components, and markdown rendering |
| next.config.mjs | Configures webpack fallbacks, image patterns, and build optimizations |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| <div className={`p-3 rounded-lg bg-${stat.color}-500/10`}> | ||
| <stat.icon className={`w-6 h-6 text-${stat.color}-400`} /> | ||
| </div> |
There was a problem hiding this comment.
Hardcoded dynamic Tailwind classes in the template string will not work correctly. The classes 'bg-emerald-500/10', 'bg-blue-500/10', etc. need to be included in the safelist in tailwind.config or use a different approach. Tailwind's JIT compiler cannot detect dynamically constructed class names, so these colors won't be generated in the final CSS.
| if (token.email && !token.email.endsWith('.vjti.ac.in')) { | ||
| return NextResponse.redirect(new URL("/auth/error", request.url)); |
There was a problem hiding this comment.
The email domain check is too restrictive and only allows '.vjti.ac.in' emails. This excludes valid VJTI email addresses that might use different subdomains (e.g., faculty emails or other department-specific domains). Consider using a more flexible pattern like 'vjti.ac.in' to allow for subdomains.
| const supabase = createClient( | ||
| process.env.NEXT_PUBLIC_SUPABASE_URL!, | ||
| process.env.SUPABASE_SERVICE_ROLE_KEY!, | ||
| { | ||
| auth: { | ||
| autoRefreshToken: false, | ||
| persistSession: false | ||
| } | ||
| } | ||
| ); |
There was a problem hiding this comment.
Creating a new Supabase client instance on every middleware request is inefficient and can lead to connection pool exhaustion under high load. Consider creating a singleton instance or caching the client to reuse across requests.
| const { data: userData, error } = await supabase | ||
| .from('users') | ||
| .select('is_admin') | ||
| .eq('email', token.email) | ||
| .single(); | ||
|
|
||
| const isAdmin = userData?.is_admin === 1; | ||
|
|
||
| if (token && !token.email?.endsWith('.vjti.ac.in')) { | ||
| return NextResponse.redirect(new URL("/auth/error", request.url)); | ||
| // Admin-only routes protection | ||
| if (isAdminRoute) { | ||
| if (!isAdmin) { | ||
| // Non-admin users trying to access admin dashboard - redirect to regular dashboard | ||
| return NextResponse.redirect(new URL("/dashboard", request.url)); | ||
| } | ||
| } |
There was a problem hiding this comment.
The admin status is being fetched on every request to protected routes, which adds latency and database load. Consider caching the admin status in the JWT token during sign-in, or implementing a caching layer to reduce database queries.
| | 'other'; | ||
|
|
||
| export type EventStatus = 'upcoming' | 'ongoing' | 'completed' | 'cancelled'; | ||
| export type registrationstatus = 'open' | 'closed' | 'upcoming'; |
There was a problem hiding this comment.
The type name 'registrationstatus' should use PascalCase to match the naming convention used for other types in this file (e.g., 'EventStatus', 'EventCategory'). Consider renaming to 'RegistrationStatus'.
| @@ -1,11 +1,13 @@ | |||
| "use client"; | |||
| import React from "react"; | |||
| import React, { useState } from "react"; | |||
There was a problem hiding this comment.
Unused import useState.
| import React, { useState } from "react"; | ||
| import { cn } from "@/lib/utils"; | ||
| import { motion } from "framer-motion"; | ||
| import { motion, AnimatePresence } from "framer-motion"; |
There was a problem hiding this comment.
Unused import AnimatePresence.
| import { | ||
| Book, Brain, Code2, GraduationCap | ||
| , Blocks | ||
| , Smartphone | ||
| , Laptop, | ||
| Shield, | ||
| Briefcase | ||
| } from "lucide-react"; |
There was a problem hiding this comment.
Unused import GraduationCap.
| @@ -1,8 +1,51 @@ | |||
| /** @type {import('next').NextConfig} */ | |||
| import { createRequire } from 'module'; | |||
| const require = createRequire(import.meta.url); | |||
There was a problem hiding this comment.
Unused variable require.
| } | ||
| ); | ||
|
|
||
| const { data: userData, error } = await supabase |
There was a problem hiding this comment.
Unused variable error.
4 participants
Added Events, Projects, Dashboards.