Main commands
| Command | Purpose |
|---|
npm run dev | Start the dev server |
npm run build | Build for production |
npm run start | Run the production build |
npm run lint | Run ESLint |
npm run typecheck | Run TypeScript without emitting files |
npm test | Run the full Vitest suite once |
npm run test:watch | Run tests in watch mode |
npm run e2e | Run Playwright smoke tests |
npm run e2e:headed | Run Playwright with a visible browser |
npm run env:check | Audit environment variable readiness |
What the repository already tests
Unit and route tests
Vitest covers:
- payment providers,
- webhook handlers,
- AI middleware,
- rate limits,
- MDX helpers,
- auth-related hooks,
- key route handlers.
DOM tests
Testing Library is used for certain components and hooks such as auth forms, the contact form, the payment hook, and the subscription hook.
End-to-end smoke tests
Playwright is used to verify core public routes.
GitHub Actions CI
The current CI workflow runs on push and pull_request to main, then executes:
npm cinpm run lintnpm run typechecknpm testnpm run buildnpx playwright install --with-deps chromiumnpm run e2e
The build and E2E stages use placeholder env values for services that are not always active in CI.
Pre-deploy checklist
npm run env:checknpm run lintnpm run typechecknpm testnpm run build- check
GET /api/health
- verify auth callbacks and webhook URLs with the production domain
Production deployment checklist
| Check | Why it matters |
|---|
NEXT_PUBLIC_APP_URL is correct | It is used for callbacks and order URLs |
| Supabase redirect URLs are correct | Auth and password reset flows will fail without them |
| Midtrans or Doku webhook URLs are correct | Payments will not finalize subscriptions without working webhooks |
SUPABASE_SERVICE_ROLE_KEY is present | Billing, admin, audit, avatar, and persistent rate limits need it |
EMAIL_FROM is valid | Email will not send correctly if the sender domain is not verified |
Deployment target
This repository fits Vercel naturally because it uses Next.js App Router, but it is not locked to Vercel. Whatever platform you choose, you still need:
- the correct env values,
- the correct domain,
- the correct auth redirects,
- the correct webhook endpoints.
Lightweight post-deploy checks
After deployment, check at least:
- the landing page,
- login and signup,
- the dashboard,
- the billing flow,
- one webhook test,
GET /api/health.
If you intentionally enable only part of the boilerplate, your testing and health checks should focus on the features that actually remain active.
