@salesforce/webapp-template-feature-react-authentication-experimental 1.105.0 → 1.106.0

package/dist/.a4drules/skills/salesforce-graphql-read-query/SKILL.md

@@ -0,0 +1,253 @@
+---
+name: salesforce-graphql-read-query
+description: Generate Salesforce GraphQL read queries. Use when the query to generate is a read query. Schema exploration must complete first — invoke salesforce-graphql-explore-schema first.
+paths:
+  - "**/*.ts"
+  - "**/*.tsx"
+  - "**/*.graphql"
+---
+
+# Salesforce GraphQL Read Query Generation
+
+**Triggering conditions**
+
+1. Only if the schema exploration phase completed successfully (invoke `salesforce-graphql-explore-schema` first)
+2. Only if the query to generate is a read query
+
+## Schema Access Policy
+
+> ⚠️ **GREP ONLY** — During query generation you may need to verify field names, types, or relationships. All schema lookups **MUST** use the grep-only commands defined in the `salesforce-graphql-explore-schema` skill. Do NOT open, read, stream, or parse `./schema.graphql` with any tool other than grep.
+
+## Field-Level Security and @optional
+
+Field-level security (FLS) restricts which fields different users can see. Use the `@optional` directive on Salesforce record fields when possible. The server omits the field when the user lacks access, allowing the query to succeed instead of failing. Apply `@optional` to scalar fields, value-type fields (e.g. `Name { value }`), parent relationships, and child relationships. Available in API v65.0+.
+
+**Consuming code must defend against missing fields.** When a field is omitted due to FLS, it will be `undefined` (or absent) in the response. Use optional chaining (`?.`), nullish coalescing (`??`), and explicit null/undefined checks when reading query results. Never assume an optional field is present — otherwise the app may crash or behave incorrectly for users without field access.
+
+```ts
+// ✅ Defend against missing fields
+const name = node.Name?.value ?? '';
+const relatedName = node.RelationshipName?.Name?.value ?? 'N/A';
+
+// ❌ Unsafe — will throw if field omitted due to FLS
+const name = node.Name.value;
+```
+
+## Your Role
+
+You are a GraphQL expert. Generate Salesforce-compatible read queries. Schema exploration must complete first. If the schema exploration has not been executed yet, you **MUST** run the full exploration workflow from the `salesforce-graphql-explore-schema` skill first, then return here for read query generation.
+
+## Read Query Generation Workflow
+
+Strictly follow the rules below when generating the GraphQL read query:
+
+1. **No Proliferation** - Only generate for the explicitly requested fields, nothing else. Do NOT add fields the user did not ask for.
+2. **Unique Query** - Leverage child relationships to query entities in one single query
+3. **Navigate Entities** - Always use `relationshipName` to access reference fields and child entities
+   1. **Exception** - if the `relationshipName` field is null, you can't navigate the related entity, and will have to return the `Id` itself
+4. **Leverage Fragments** - Generate one fragment per possible type on polymorphic fields (field with `dataType="REFERENCE"` and more than one entry in `referenceToInfos` introspection attribute)
+5. **Type Consistency** - Make sure variables used as query arguments and their related fields share the same GraphQL type. Verify types against grep output from the schema — do not assume types
+6. **Type Enforcement** - Make sure to leverage field type information from introspection and GraphQL schema to generate field access
+7. **Field Name Validation** - Every field name in the generated query **MUST** match a field confirmed via grep lookup in the schema. Do NOT guess or assume field names exist
+8. **@optional for FLS** - Apply `@optional` on all Salesforce record fields when possible (see [Field-Level Security and @optional](#field-level-security-and-optional)). This lets the query succeed when the user lacks field-level access; the server omits inaccessible fields instead of failing
+9. **Consuming code defense** - When generating or modifying code that consumes read query results, defend against missing fields (see [Field-Level Security and @optional](#field-level-security-and-optional)). Use optional chaining, nullish coalescing, and null/undefined checks — never assume optional fields are present
+10. **Semi and anti joins** - Use the semi-join or anti-join templates to filter an entity with conditions on child entities
+11. **Query Generation** - Use the [template](#read-query-template) to generate the query
+12. **Output Format** - Use the [standalone](#read-standalone-default-output-format---clean-code-only)
+13. **Lint Validation** - After writing the query to a file, run `npx eslint <file>` from the webapp dir to validate it against the schema. Fix any reported errors before proceeding. See [Lint Validation](#lint-validation) for details
+14. **Test the Query** - Use the [Generated Read Query Testing](#generated-read-query-testing) workflow to test the generated query
+    1. **Report First** - Always output the generated query in the proper output format BEFORE initiating any test
+
+## Read Query Template
+
+```graphql
+query QueryName {
+  uiapi {
+    query {
+      EntityName(
+        # conditions here
+      ) {
+        edges {
+          node {
+            # Direct fields — use @optional for FLS resilience
+            FieldName @optional { value }
+
+            # Non-polymorphic reference (single type)
+            RelationshipName @optional {
+              Id
+              Name { value }
+            }
+
+            # Polymorphic reference (multiple types)
+            PolymorphicRelationshipName @optional {
+              ...TypeAInfo
+              ...TypeBInfo
+            }
+
+            # Child relationship (subquery)
+            RelationshipName @optional (
+              # conditions here
+            ) {
+              edges {
+                node {
+                  # fields
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}
+
+fragment TypeAInfo on TypeA {
+  Id
+  SpecificFieldA @optional { value }
+}
+
+fragment TypeBInfo on TypeB {
+  Id
+  SpecificFieldB @optional { value }
+}
+```
+
+## Semi-Join and Anti-Join Condition Template
+
+Semi-joins (resp. anti-joins) condition leverage parent-child relationships and allow filtering the parent entity using a condition on child entities.
+This is a standard `where` condition, on the parent entity's `Id`, expressed using the `inq` (resp. `ninq`, i.e. not `inq`) operator. This operator accepts two attributes:
+
+- The child entity camelcase name to apply the condition on, with a value expressing the condition
+- The field name on the child entity containing the parent entity `Id`, which is the `fieldName` from the `childRelationships` information for the child entity
+- If the only condition is related child entity existence, you can use an `Id: { ne: null }` condition
+
+### Semi-Join Example - ParentEntity with at least one Matching ChildEntity
+
+```graphql
+query testSemiJoin {
+  uiapi {
+    query {
+      ParentEntity(
+        where: {
+          Id: {
+            inq: {
+              ChildEntity: {
+                # standard conditions here
+                Name: { like: "test%" }
+                Type: { eq: "some value" }
+              }
+              ApiName: "parentIdFieldInChild"
+            }
+          }
+        }
+      ) {
+        edges {
+          node {
+            Id
+            Name @optional {
+              value
+            }
+          }
+        }
+      }
+    }
+  }
+}
+```
+
+### Anti-Join Example - ParentEntity with no Matching ChildEntity
+
+Same example as the [Semi-Join Example](#semi-join-example---parententity-with-at-least-one-matching-childentity), but replacing the `inq` operator by the `ninq` one.
+
+## Read Standalone (Default) Output Format - CLEAN CODE ONLY
+
+```javascript
+const QUERY_NAME = `
+  query GetData {
+    # query here
+  }
+`;
+
+const QUERY_VARIABLES = {
+  // variables here
+};
+```
+
+**❌ FORBIDDEN — Do NOT include any of the following:**
+
+- Explanatory comments about the query (inline or surrounding)
+- Field descriptions or annotations
+- Additional text about what the query does
+- Workflow step descriptions or summaries
+- Comments like `// fetches...`, `// returns...`, `/* ... */`
+
+**✅ ONLY output:**
+
+- The raw query string constant
+- The variables object constant
+- Nothing else — no imports, no exports, no wrapper functions
+
+## Lint Validation
+
+After writing the generated query into a source file, validate it against the schema using the project's GraphQL ESLint setup:
+
+```bash
+# Run from webapp dir (force-app/main/default/webapplications/<app-name>/)
+npx eslint <path-to-file-containing-query>
+```
+
+**How it works:** The ESLint config uses `@graphql-eslint/eslint-plugin` with its `processor`, which extracts GraphQL operations from `gql` template literals in `.ts`/`.tsx` files and validates the extracted `.graphql` virtual files against `schema.graphql`.
+
+**Rules enforced:** `no-anonymous-operations`, `no-duplicate-fields`, `known-fragment-names`, `no-undefined-variables`, `no-unused-variables`
+
+**On failure:** Fix the reported issues, re-run `npx eslint <file>` until clean, then proceed to testing.
+
+> ⚠️ **Prerequisites**: The `schema.graphql` file must exist (invoke `salesforce-graphql-explore-schema` first) and project dependencies must be installed (`npm install`).
+
+## Generated Read Query Testing
+
+**Triggering conditions** — **ALL conditions must be true:**
+
+1. The [Read Query Generation Workflow](#read-query-generation-workflow) completed with status `SUCCESS` and you have a generated query
+2. The query is a read query
+3. A non-manual method was used during schema exploration to retrieve introspection data
+
+**Workflow**
+
+1. **Report Step** - State the exact method you will use to test (e.g., `sf api request graphql` from the **project root**, Connect API, etc.) — this **MUST** match the method used during schema exploration
+2. **Interactive Step** - Ask the user whether they want you to test the query using the proposed method
+   1. **STOP and WAIT** for the user's answer. Do NOT proceed until the user responds. Do NOT assume consent.
+3. **Test Query** - Only if the user explicitly agrees:
+   1. Use `sf api request rest` to POST the query to the GraphQL endpoint:
+      ```bash
+      sf api request rest /services/data/v65.0/graphql \
+        --method POST \
+        --body '{"query":"query GetData { uiapi { query { EntityName { edges { node { Id } } } } } }"}'
+      ```
+   2. Replace `v65.0` with the API version of the target org
+   3. Replace the `query` value with the generated read query string
+   4. If the query uses variables, include them in the JSON body as a `variables` key
+   5. Report the result as `SUCCESS` if the query executed without error, or `FAILED` if errors were returned
+   6. An empty result set with no errors is `SUCCESS` — the query is valid, the org simply has no matching data
+4. **Remediation Step** - If status is `FAILED`, use the [`FAILED` status handling workflows](#failed-status-handling-workflow)
+
+### `FAILED` Status Handling Workflow
+
+The query is invalid:
+
+1. **Error Analysis** - Parse and categorize the specific error messages
+2. **Root Cause Identification** - Use error message to identify the root cause:
+   - **Syntax** - Error contains `invalid syntax`
+   - **Validation** - Error contains `validation error`
+   - **Type** - Error contains `VariableTypeMismatch` or `UnknownType`
+3. **Targeted Resolution** - Depending on the root cause categorization
+   - **Syntax** - Update the query using the error message information to fix the syntax errors
+   - **Validation** - The field name is most probably invalid. Re-run the relevant grep command from the `salesforce-graphql-explore-schema` skill to verify the correct field name. If still unclear, ask the user for clarification and **STOP and WAIT** for their answer
+   - **Type** - Use the error details and re-verify the type via grep lookup in the schema. Correct the argument type and adjust variables accordingly
+4. **Test Again** - Resume the [query testing workflow](#generated-read-query-testing) with the updated query (increment and track attempt counter)
+5. **Escalation Path** - If targeted resolution fails after 2 attempts, ask for additional details and restart the entire GraphQL workflow from the `salesforce-graphql-explore-schema` skill
+
+## Related Skills
+
+- Schema exploration: `salesforce-graphql-explore-schema` (must complete first)
+- Mutation generation: `salesforce-graphql-mutation-query`

package/dist/.a4drules/skills/salesforce-rest-api-fetch/SKILL.md

@@ -0,0 +1,167 @@
+---
+name: salesforce-rest-api-fetch
+description: REST API usage via the Data SDK fetch method. Use when implementing Chatter, Connect REST, Apex REST, UI API REST, or Einstein LLM calls — only when GraphQL is not sufficient.
+paths:
+  - "**/*.ts"
+  - "**/*.tsx"
+  - "**/*.graphql"
+---
+
+# Salesforce REST API via Data SDK Fetch
+
+Use `sdk.fetch` from the Data SDK when GraphQL is not sufficient. The SDK applies authentication, CSRF handling, and base URL resolution. **Always use optional chaining** (`sdk.fetch?.()`) and handle the case where `fetch` is not available.
+
+Invoke this skill when you need to call Chatter, Connect REST, Apex REST, UI API REST, or Einstein LLM endpoints.
+
+## API Version
+
+Use the project's API version. It is typically injected as `__SF_API_VERSION__`; fallback to `"65.0"`:
+
+```typescript
+declare const __SF_API_VERSION__: string;
+const API_VERSION = typeof __SF_API_VERSION__ !== "undefined" ? __SF_API_VERSION__ : "65.0";
+```
+
+## Base Path
+
+URLs are relative to the Salesforce API base. The SDK prepends the correct base path. Use paths starting with `/services/...`.
+
+---
+
+## Chatter API
+
+User and collaboration data. No GraphQL equivalent.
+
+| Endpoint | Method | Purpose |
+| -------- | ------ | ------- |
+| `/services/data/v{version}/chatter/users/me` | GET | Current user (id, name, email, username) |
+
+```typescript
+const sdk = await createDataSDK();
+const response = await sdk.fetch?.(`/services/data/v${API_VERSION}/chatter/users/me`);
+
+if (!response?.ok) throw new Error(`HTTP ${response?.status}`);
+const data = await response.json();
+return { id: data.id, name: data.name };
+```
+
+---
+
+## Connect REST API
+
+File and content operations.
+
+| Endpoint | Method | Purpose |
+| -------- | ------ | ------- |
+| `/services/data/v{version}/connect/file/upload/config` | GET | Upload config (token, uploadUrl) for file uploads |
+
+```typescript
+const sdk = await createDataSDK();
+const configRes = await sdk.fetch?.(`/services/data/v${API_VERSION}/connect/file/upload/config`, {
+  method: "GET",
+});
+
+if (!configRes?.ok) throw new Error(`Failed to get upload config: ${configRes?.status}`);
+const config = await configRes.json();
+const { token, uploadUrl } = config;
+```
+
+---
+
+## Apex REST
+
+Custom Apex REST resources. Requires corresponding Apex classes in the org. CSRF protection is applied automatically for `services/apexrest` URLs.
+
+| Endpoint | Method | Purpose |
+| -------- | ------ | ------- |
+| `/services/apexrest/auth/login` | POST | User login |
+| `/services/apexrest/auth/register` | POST | User registration |
+| `/services/apexrest/auth/forgot-password` | POST | Request password reset |
+| `/services/apexrest/auth/reset-password` | POST | Reset password with token |
+| `/services/apexrest/auth/change-password` | POST | Change password (authenticated) |
+| `/services/apexrest/{resource}` | GET/POST | Custom Apex REST resources |
+
+**Example (login):**
+
+```typescript
+const sdk = await createDataSDK();
+const response = await sdk.fetch?.("/services/apexrest/auth/login", {
+  method: "POST",
+  body: JSON.stringify({ email, password, startUrl: "/" }),
+  headers: { "Content-Type": "application/json", Accept: "application/json" },
+});
+```
+
+Apex REST paths do not include the API version.
+
+---
+
+## UI API (REST)
+
+When GraphQL cannot cover the use case. **Prefer GraphQL** when possible.
+
+| Endpoint | Method | Purpose |
+| -------- | ------ | ------- |
+| `/services/data/v{version}/ui-api/records/{recordId}` | GET | Fetch a single record |
+
+```typescript
+const sdk = await createDataSDK();
+const response = await sdk.fetch?.(`/services/data/v${API_VERSION}/ui-api/records/${recordId}`);
+```
+
+---
+
+## Einstein LLM Gateway
+
+AI features. Requires Einstein API setup.
+
+| Endpoint | Method | Purpose |
+| -------- | ------ | ------- |
+| `/services/data/v{version}/einstein/llm/prompt/generations` | POST | Generate text from Einstein LLM |
+
+```typescript
+const sdk = await createDataSDK();
+const response = await sdk.fetch?.(`/services/data/v${API_VERSION}/einstein/llm/prompt/generations`, {
+  method: "POST",
+  headers: { "Content-Type": "application/json" },
+  body: JSON.stringify({
+    additionalConfig: { applicationName: "PromptTemplateGenerationsInvocable" },
+    promptTextorId: prompt,
+  }),
+});
+
+if (!response?.ok) throw new Error(`Einstein LLM failed (${response?.status})`);
+const data = await response.json();
+return data?.generations?.[0]?.text ?? "";
+```
+
+---
+
+## General Pattern
+
+```typescript
+import { createDataSDK } from "@salesforce/sdk-data";
+
+const sdk = await createDataSDK();
+
+if (!sdk.fetch) {
+  throw new Error("Data SDK fetch is not available in this context");
+}
+
+const response = await sdk.fetch(url, {
+  method: "GET", // or POST, PUT, PATCH, DELETE
+  headers: { "Content-Type": "application/json", Accept: "application/json" },
+  body: method !== "GET" ? JSON.stringify(payload) : undefined,
+});
+
+if (!response.ok) throw new Error(`HTTP ${response.status}`);
+const data = await response.json();
+```
+
+---
+
+## Reference
+
+- Parent: `salesforce-data-access` — enforces Data SDK usage for all Salesforce data fetches
+- GraphQL: `salesforce-graphql` — use for record queries and mutations when possible
+- `createRecord` from `@salesforce/webapp-experimental/api` for UI API record creation (uses SDK internally)

package/dist/.a4drules/webapp-react.md

@@ -46,7 +46,7 @@ import { Input } from '@/components/ui/input';
 - **No emojis ever:** Do not use emojis anywhere in the app: no emojis in UI labels, buttons, headings, empty states, tooltips, or any user-facing text. Use words and lucide-react icons instead.
   - ✅ "Settings" with `<Settings />` icon
   - ❌ "⚙️ Settings" or "Settings 🔧"
-- For icon usage patterns and naming, see the **webapp-ui-ux** skill (`.a4drules/skills/webapp-ui-ux/`, especially `data/icons.csv`).
+- For icon usage patterns and naming, see the **designing-webapp-ui-ux** skill (`.a4drules/skills/designing-webapp-ui-ux/`, especially `data/icons.csv`).
 
 ## Editing UI — Source Files Only (CRITICAL)
 
@@ -90,55 +90,7 @@ Use standard web APIs and npm packages only.
 
 ## Data Access (CRITICAL)
 
-All Salesforce API calls **must** go through the DataSDK (`@salesforce/sdk-data`). Do NOT use `axios` or raw `fetch` — the SDK handles authentication and CSRF.
-
-### GraphQL (Preferred)
-
-For queries and mutations, follow the **`graphql-data-access`** skill in `feature-graphql`. It covers schema exploration, query patterns, codegen, type generation, and guardrails.
-
-### UI API (Fallback)
-
-When GraphQL cannot cover the use case, use `sdk.fetch!()` for UI API endpoints:
-
-```typescript
-const sdk = await getDataSDK();
-const resp = await sdk.fetch!('/services/data/v62.0/ui-api/records/{recordId}');
-```
-
-### Apex REST is NOT Available
-
-Apex REST cannot be called from React applications. If Apex seems required:
-1. Evaluate if GraphQL can accomplish the task
-2. If not, inform the user the feature is not supported in React
-
-### MCP Tool Integration
-
-Before implementing data access:
-1. Check if `orchestrate_lds_data_requirements` tool is available
-2. Use it to get guidance on the appropriate pattern (GraphQL or UI API)
-3. If it recommends Apex REST, ignore and use GraphQL instead
-
-## Einstein LLM Gateway (AI Features)
-
-```typescript
-import { getDataSDK } from '@salesforce/sdk-data';
-
-async function callEinsteinGenerations(prompt: string): Promise<string> {
-  const sdk = await getDataSDK();
-  const resp = await sdk.fetch!('/services/data/v62.0/einstein/llm/prompt/generations', {
-    method: 'POST',
-    headers: { 'Content-Type': 'application/json' },
-    body: JSON.stringify({
-      additionalConfig: { applicationName: 'PromptTemplateGenerationsInvocable' },
-      promptTextorId: prompt,
-    }),
-  });
-
-  if (!resp.ok) throw new Error(`Einstein LLM failed (${resp.status})`);
-  const data = await resp.json();
-  return data?.generations?.[0]?.text || '';
-}
-```
+For all Salesforce data access (GraphQL, REST, Chatter, Connect, Apex REST, UI API, Einstein LLM), invoke the **`salesforce-data-access`** skill (`.a4drules/skills/salesforce-data-access/`). It enforces Data SDK usage, GraphQL-first preference, optional chaining, and documents when to use `sdk.fetch` via the `salesforce-rest-api-fetch` skill.
 
 ## Error Handling
 

package/dist/AGENT.md

@@ -58,6 +58,10 @@ cd <sfdx-source>/webapplications/<appName>
 
 This project includes **.a4drules/** at the project root. Follow them when generating or editing code.
 
+- **Salesforce Data Access** (`.a4drules/skills/salesforce-data-access/`): Use for all Salesforce data fetches. Enforces Data SDK usage (`createDataSDK()` + `sdk.graphql` or `sdk.fetch`); GraphQL preferred, fetch when GraphQL is not sufficient.
+- **Salesforce REST API Fetch** (`.a4drules/skills/salesforce-rest-api-fetch/`): Use when implementing Chatter, Connect REST, Apex REST, UI API REST, or Einstein LLM calls via `sdk.fetch`.
+- **Salesforce GraphQL** (`.a4drules/skills/salesforce-graphql/`): Use when implementing Salesforce GraphQL queries or mutations. Sub-skills: `salesforce-graphql-explore-schema`, `salesforce-graphql-read-query`, `salesforce-graphql-mutation-query`.
+
 When rules refer to "web app directory" or `<sfdx-source>/webapplications/<appName>/`, resolve `<sfdx-source>` from `sfdx-project.json` and use the **actual app folder name** for this project.
 
 ## Deploying
@@ -79,3 +83,4 @@ sf project deploy start --source-dir <packageDir> --target-org <alias>
 
 - **UI**: shadcn/ui + Tailwind. Import from `@/components/ui/...`.
 - **Entry**: Keep `App.tsx` and routes in `src/`; add features as new routes or sections, don't replace the app shell but you may modify it to match the requested design.
+- **Data (Salesforce)**: Invoke the `salesforce-data-access` skill for all Salesforce data fetches. The skill enforces use of the Data SDK (`createDataSDK()` + `sdk.graphql` or `sdk.fetch`) — never use `fetch` or `axios` directly. GraphQL is preferred; use `sdk.fetch` when GraphQL is not sufficient (e.g., Chatter, Connect REST). For GraphQL implementation, invoke the `salesforce-graphql` skill.

package/dist/CHANGELOG.md

@@ -3,6 +3,25 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.106.0](https://github.com/salesforce-experience-platform-emu/webapps/compare/v1.105.1...v1.106.0) (2026-03-17)
+
+
+### Features
+
+* **data-skills:** Restructure data knowledge into composable skills ([#296](https://github.com/salesforce-experience-platform-emu/webapps/issues/296)) ([35e0223](https://github.com/salesforce-experience-platform-emu/webapps/commit/35e0223ac8e14c451f204fd206d5ca29fb5e684a))
+
+
+
+
+
+## [1.105.1](https://github.com/salesforce-experience-platform-emu/webapps/compare/v1.105.0...v1.105.1) (2026-03-17)
+
+**Note:** Version bump only for package @salesforce/webapp-template-base-sfdx-project-experimental
+
+
+
+
+
 # [1.105.0](https://github.com/salesforce-experience-platform-emu/webapps/compare/v1.104.1...v1.105.0) (2026-03-17)
 
 **Note:** Version bump only for package @salesforce/webapp-template-base-sfdx-project-experimental

package/dist/force-app/main/default/webapplications/feature-react-authentication/eslint.config.js

@@ -1,3 +1,7 @@
+import { existsSync } from 'node:fs';
+import { resolve } from 'node:path';
+import { fileURLToPath } from 'node:url';
+import { dirname } from 'node:path';
 import js from '@eslint/js';
 import tseslint from '@typescript-eslint/eslint-plugin';
 import tsparser from '@typescript-eslint/parser';
@@ -7,7 +11,11 @@ import reactRefresh from 'eslint-plugin-react-refresh';
 import globals from 'globals';
 import graphqlPlugin from '@graphql-eslint/eslint-plugin';
 
-export default [
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const schemaPath = resolve(__dirname, '../../../../../schema.graphql');
+const schemaExists = existsSync(schemaPath);
+
+const config = [
   // Global ignores
   {
     ignores: ['build/**/*', 'dist/**/*', 'coverage/**/*'],
@@ -111,31 +119,38 @@ export default [
       '@typescript-eslint/no-explicit-any': 'off',
     },
   },
-  // GraphQL processor - extracts GraphQL from gql template literals in TS/TSX files
-  {
-    files: ['**/*.{ts,tsx}'],
-    processor: graphqlPlugin.processor,
-  },
-  // GraphQL linting configuration for .graphql files
-  {
-    files: ['**/*.graphql'],
-    languageOptions: {
-      parser: graphqlPlugin.parser,
-      parserOptions: {
-        graphQLConfig: {
-          schema: '../../../../../schema.graphql',
+];
+
+// Only add GraphQL rules when schema exists (e.g. after graphql:schema).
+// In CI or when schema is not checked in, skip so lint succeeds.
+if (schemaExists) {
+  config.push(
+    {
+      files: ['**/*.{ts,tsx}'],
+      processor: graphqlPlugin.processor,
+    },
+    {
+      files: ['**/*.graphql'],
+      languageOptions: {
+        parser: graphqlPlugin.parser,
+        parserOptions: {
+          graphQLConfig: {
+            schema: '../../../../../schema.graphql',
+          },
         },
       },
-    },
-    plugins: {
-      '@graphql-eslint': graphqlPlugin,
-    },
-    rules: {
-      '@graphql-eslint/no-anonymous-operations': 'error',
-      '@graphql-eslint/no-duplicate-fields': 'error',
-      '@graphql-eslint/known-fragment-names': 'error',
-      '@graphql-eslint/no-undefined-variables': 'error',
-      '@graphql-eslint/no-unused-variables': 'error',
-    },
-  },
-];
+      plugins: {
+        '@graphql-eslint': graphqlPlugin,
+      },
+      rules: {
+        '@graphql-eslint/no-anonymous-operations': 'error',
+        '@graphql-eslint/no-duplicate-fields': 'error',
+        '@graphql-eslint/known-fragment-names': 'error',
+        '@graphql-eslint/no-undefined-variables': 'error',
+        '@graphql-eslint/no-unused-variables': 'error',
+      },
+    }
+  );
+}
+
+export default config;

package/dist/force-app/main/default/webapplications/feature-react-authentication/vite.config.ts

@@ -1,3 +1,4 @@
+import { existsSync } from 'node:fs';
 import { defineConfig } from 'vite';
 import react from '@vitejs/plugin-react';
 import path from 'path';
@@ -6,26 +7,29 @@ import tailwindcss from '@tailwindcss/vite';
 import salesforce from '@salesforce/vite-plugin-webapp-experimental';
 import codegen from 'vite-plugin-graphql-codegen';
 
+const schemaPath = resolve(__dirname, '../../../../../schema.graphql');
+const schemaExists = existsSync(schemaPath);
+
 export default defineConfig(({ mode }) => {
   return {
     base: './',
-    // Type assertion avoids Plugin type mismatch when dist has its own node_modules (vite/rollup)
     plugins: [
       tailwindcss(),
       react(),
       salesforce(),
-      codegen({
-        // Path to the codegen config file
-        configFilePathOverride: resolve(__dirname, 'codegen.yml'),
-        // Run codegen on dev server start
-        runOnStart: true,
-        // Don't run codegen on build for now
-        runOnBuild: false,
-        // Enable file watcher during development
-        enableWatcher: true,
-        // Fail build if codegen errors
-        throwOnBuild: true,
-      }),
+      // Only add codegen when schema exists (e.g. after `npm run graphql:schema`).
+      // In CI or when schema is not checked in, skip codegen so build succeeds.
+      ...(schemaExists
+        ? [
+            codegen({
+              configFilePathOverride: resolve(__dirname, 'codegen.yml'),
+              runOnStart: true,
+              runOnBuild: true,
+              enableWatcher: true,
+              throwOnBuild: true,
+            }),
+          ]
+        : []),
     ] as import('vite').PluginOption[],
 
     // Build configuration for MPA

package/dist/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@salesforce/webapp-template-base-sfdx-project-experimental",
-  "version": "1.105.0",
+  "version": "1.106.0",
   "description": "Base SFDX project template",
   "license": "SEE LICENSE IN LICENSE.txt",
   "publishConfig": {