@wopr-network/platform-ui-core 1.0.0

package/src/proxy.ts

@@ -0,0 +1,258 @@
+import { type NextRequest, NextResponse } from "next/server";
+import { logger } from "@/lib/logger";
+
+const log = logger("middleware");
+
+const apiOrigin = process.env.NEXT_PUBLIC_API_URL
+  ? new URL(process.env.NEXT_PUBLIC_API_URL).origin
+  : "";
+
+const isSecureOrigin = process.env.NODE_ENV === "production";
+
+/**
+ * Nonce-based style-src toggle.
+ *
+ * Enabled — style-src uses nonce-based policy instead of 'unsafe-inline'.
+ * Tailwind v4 compiles styles at build time (no runtime injection).
+ * framer-motion nonce support is provided via MotionConfig in the root layout.
+ */
+const NONCE_STYLES_ENABLED = true;
+
+/** Build the CSP header value with a per-request nonce. */
+function buildCsp(nonce: string): string {
+  return [
+    "default-src 'self'",
+    `script-src 'self' 'nonce-${nonce}' 'strict-dynamic' https://js.stripe.com`,
+    ...(NONCE_STYLES_ENABLED
+      ? [`style-src-elem 'self' 'nonce-${nonce}'`, "style-src-attr 'unsafe-inline'"]
+      : ["style-src 'self' 'unsafe-inline'"]),
+    "img-src 'self' data: blob:",
+    "font-src 'self'",
+    `connect-src 'self' https://api.stripe.com${apiOrigin ? ` ${apiOrigin}` : ""}`,
+    "frame-src https://js.stripe.com",
+    "frame-ancestors 'none'",
+    "base-uri 'self'",
+    "form-action 'self'",
+    "object-src 'none'",
+    ...(isSecureOrigin ? ["upgrade-insecure-requests"] : []),
+  ].join("; ");
+}
+
+const publicPaths = [
+  "/login",
+  "/signup",
+  "/forgot-password",
+  "/reset-password",
+  "/auth/callback",
+  "/auth/verify",
+  "/api/auth/",
+];
+
+/** Paths that are public only when matched exactly (not as a prefix). */
+const publicExactPaths = new Set([
+  "/",
+  "/og",
+  "/terms",
+  "/privacy",
+  "/pricing",
+  "/status",
+  // Health endpoint must be publicly accessible for infra probes (uptime monitors,
+  // Kubernetes liveness/readiness, load balancers) that do not carry session cookies.
+  "/api/health",
+  // Better Auth root endpoint — sub-paths matched via publicPaths prefix list (/api/auth/).
+  "/api/auth",
+]);
+
+const MUTATION_METHODS = new Set(["POST", "PUT", "PATCH", "DELETE"]);
+
+/**
+ * Mutation paths under /api/auth that are exempt from CSRF origin validation.
+ * OAuth identity providers POST to callback URLs cross-origin — these cannot
+ * carry a matching Origin header, so we must allow them through.
+ * All other /api/auth mutations (sign-in, sign-up, sign-out, etc.) are
+ * validated like any other /api route.
+ */
+const CSRF_EXEMPT_AUTH_PATHS = [
+  "/api/auth/callback", // e.g. /api/auth/callback/google, /api/auth/callback/github
+];
+
+const PLATFORM_BASE_URL = process.env.NEXT_PUBLIC_API_URL ?? "http://localhost:3001";
+
+/**
+ * Validate that a state-changing request originates from this application.
+ * Checks the Origin header (preferred) with Referer as fallback.
+ * Returns true if the request is safe, false if it should be blocked.
+ */
+export function validateCsrfOrigin(request: NextRequest): boolean {
+  const origin = request.headers.get("origin");
+  const referer = request.headers.get("referer");
+  const host = request.headers.get("host");
+
+  if (!host) return false;
+
+  // Build the allowed origin using the request's actual protocol only,
+  // preventing protocol downgrade attacks (e.g. HTTP origin to HTTPS endpoint)
+  const protocol = request.nextUrl.protocol; // "https:" or "http:"
+  const allowedOrigin = `${protocol}//${host}`;
+
+  // Check Origin header first (most reliable)
+  if (origin) {
+    return origin === allowedOrigin;
+  }
+
+  // Fall back to Referer header
+  if (referer) {
+    try {
+      const refererOrigin = new URL(referer).origin;
+      return refererOrigin === allowedOrigin;
+    } catch {
+      // Malformed referer URL — treat as non-matching origin
+      return false;
+    }
+  }
+
+  // No Origin or Referer on a mutation request is suspicious — block it.
+  // Legitimate browser form submissions and fetch() calls include Origin.
+  return false;
+}
+
+/**
+ * Fetch the authenticated user's role from Better Auth's get-session endpoint.
+ * Returns the role string (e.g. "platform_admin", "user") or null if the
+ * session is invalid or the request fails. Fails closed: any error → null.
+ */
+async function getSessionRole(request: NextRequest): Promise<string | null> {
+  const sessionCookie =
+    request.cookies.get("better-auth.session_token") ??
+    request.cookies.get("__Secure-better-auth.session_token");
+
+  if (!sessionCookie?.value.trim()) return null;
+
+  try {
+    const res = await fetch(`${PLATFORM_BASE_URL}/api/auth/get-session`, {
+      headers: {
+        cookie: `${sessionCookie.name}=${sessionCookie.value}`,
+      },
+    });
+    if (!res.ok) return null;
+    const data = await res.json();
+    return data?.user?.role ?? null;
+  } catch (e) {
+    log.warn("Failed to fetch user role for middleware routing", e);
+    return null;
+  }
+}
+
+export default async function middleware(request: NextRequest) {
+  const { pathname } = request.nextUrl;
+  const host = request.headers.get("host") || "";
+
+  // Generate a per-request nonce for CSP
+  const nonce = crypto.randomUUID();
+  const cspHeaderValue = buildCsp(nonce);
+
+  /** Apply CSP and cache-busting headers to any response before returning it. */
+  function withCsp(response: NextResponse): NextResponse {
+    response.headers.set("Content-Security-Policy", cspHeaderValue);
+    // Nonce is passed to server components via request headers (not response headers).
+    // See nextWithNonce() below — it uses NextResponse.next({ request: { headers } }).
+    response.headers.set("Vary", "*");
+    return response;
+  }
+
+  /**
+   * Create a NextResponse.next() that forwards the CSP nonce to server components
+   * via request headers, without exposing it in the HTTP response.
+   */
+  function nextWithNonce(): NextResponse {
+    const requestHeaders = new Headers(request.headers);
+    requestHeaders.set("x-nonce", nonce);
+    return NextResponse.next({ request: { headers: requestHeaders } });
+  }
+
+  // CSRF protection: validate Origin/Referer on state-changing API requests.
+  if (pathname.startsWith("/api") && MUTATION_METHODS.has(request.method)) {
+    // OAuth callback endpoints receive cross-origin POSTs from identity providers (POST only)
+    const isCsrfExempt =
+      CSRF_EXEMPT_AUTH_PATHS.some((p) => pathname === p || pathname.startsWith(`${p}/`)) &&
+      request.method === "POST";
+    if (!isCsrfExempt && !validateCsrfOrigin(request)) {
+      return NextResponse.json({ error: "CSRF validation failed" }, { status: 403 });
+    }
+  }
+
+  // Redirect authenticated users from "/" to the app subdomain if on the marketing domain.
+  // On the app subdomain, redirect to /marketplace. On the base domain, redirect to app subdomain.
+  // NOTE: This check requires the Better Auth server to set the session cookie with
+  // domain=".<base-domain>" so it is visible on both the app and marketing subdomains.
+  // See: wopr-platform/src/auth/better-auth.ts advanced.cookies.session_token.attributes.domain
+  if (pathname === "/") {
+    const sessionToken =
+      request.cookies.get("better-auth.session_token") ??
+      request.cookies.get("__Secure-better-auth.session_token");
+    if (sessionToken?.value.trim()) {
+      const appDomain =
+        process.env.NEXT_PUBLIC_BRAND_APP_DOMAIN || process.env.NEXT_PUBLIC_APP_DOMAIN;
+      if (appDomain && !host.startsWith("app.")) {
+        // On marketing domain — redirect to the app subdomain
+        return withCsp(NextResponse.redirect(new URL(`https://${appDomain}/marketplace`)));
+      }
+      // On app subdomain (or no configured app domain) — redirect to /marketplace
+      return withCsp(NextResponse.redirect(new URL("/marketplace", request.url)));
+    }
+  }
+
+  // --- Admin route authorization (server-side) ---
+  // Non-admins are redirected before any page JS loads.
+  // Unauthenticated users fall through to the session check below (→ /login).
+  if (pathname.startsWith("/admin")) {
+    const sessionCookie =
+      request.cookies.get("better-auth.session_token") ??
+      request.cookies.get("__Secure-better-auth.session_token");
+    if (sessionCookie?.value.trim()) {
+      const role = await getSessionRole(request);
+      if (role !== "platform_admin") {
+        return withCsp(NextResponse.redirect(new URL("/marketplace", request.url)));
+      }
+      // Admin confirmed — serve page with anti-cache headers so revocation
+      // is detected on the very next navigation (browser must revalidate).
+      const response = nextWithNonce();
+      response.headers.set("Cache-Control", "no-store, no-cache, must-revalidate");
+      response.headers.set("Pragma", "no-cache");
+      response.headers.set("Expires", "0");
+      return withCsp(response);
+    }
+    // No session cookie → fall through to the session check below which redirects to /login
+  }
+
+  // Allow public paths
+  if (publicExactPaths.has(pathname) || publicPaths.some((p) => pathname.startsWith(p))) {
+    return withCsp(nextWithNonce());
+  }
+
+  // Allow static files (but not API paths with dots, e.g. /api/config.json)
+  if (pathname.startsWith("/_next") || (pathname.includes(".") && !pathname.startsWith("/api"))) {
+    return withCsp(nextWithNonce());
+  }
+
+  // Check for session cookie (Better Auth uses "better-auth.session_token" by default).
+  // NOTE: Bearer token auth (Authorization: Bearer <token>) is intentionally not supported
+  // here. This is a browser-facing UI application; all API consumers are the Next.js
+  // front-end itself (cookie-based). Automation/SDK/CLI clients should use the platform
+  // API directly (wopr-platform), which issues and validates Bearer tokens independently.
+  const sessionToken =
+    request.cookies.get("better-auth.session_token") ??
+    request.cookies.get("__Secure-better-auth.session_token");
+
+  if (!sessionToken || !sessionToken.value.trim()) {
+    const loginUrl = new URL("/login", request.url);
+    loginUrl.searchParams.set("callbackUrl", pathname);
+    return withCsp(NextResponse.redirect(loginUrl));
+  }
+
+  return withCsp(nextWithNonce());
+}
+
+export const config = {
+  matcher: ["/((?!_next/static|_next/image|favicon.ico).*)"],
+};

package/src/types/missing-deps.d.ts

@@ -0,0 +1,160 @@
+/**
+ * Stub type declarations for packages whose type files cannot be resolved
+ * by moduleResolution:"bundler" due to missing `types` conditions in their
+ * package.json `exports` maps, or for Node.js built-in modules.
+ *
+ * Remove individual stubs when the upstream package fixes its exports map.
+ */
+
+// ---------------------------------------------------------------------------
+// NodeJS.Process augmentation – @types/node in this install omits env/Process.
+// Ensures process.env is typed throughout the codebase.
+// ---------------------------------------------------------------------------
+declare namespace NodeJS {
+  interface Process {
+    env: ProcessEnv;
+  }
+  interface ProcessEnv {
+    readonly NODE_ENV?: "development" | "production" | "test";
+    [key: string]: string | undefined;
+  }
+}
+
+// ---------------------------------------------------------------------------
+// node:path – @types/node path.d.ts is empty in this install.
+// Explicitly declares the named exports used by this codebase.
+// ---------------------------------------------------------------------------
+declare module "node:path" {
+  export function resolve(...paths: string[]): string;
+  export function join(...paths: string[]): string;
+  export function dirname(path: string): string;
+  export function basename(path: string, ext?: string): string;
+  export function extname(path: string): string;
+  export function normalize(path: string): string;
+  export function isAbsolute(path: string): boolean;
+  export function relative(from: string, to: string): string;
+  export const sep: string;
+  export const delimiter: string;
+}
+
+// ---------------------------------------------------------------------------
+// node:fs – @types/node fs.d.ts declarations for sync file reading used in tests.
+// ---------------------------------------------------------------------------
+declare module "node:fs" {
+  export function readFileSync(path: string, encoding: BufferEncoding): string;
+  export function readFileSync(
+    path: string,
+    options: { encoding: BufferEncoding; flag?: string },
+  ): string;
+  export function readFileSync(path: string): Buffer;
+  export function existsSync(path: string): boolean;
+  export function writeFileSync(
+    path: string,
+    data: string | Buffer,
+    options?: { encoding?: BufferEncoding; flag?: string },
+  ): void;
+}
+
+// ---------------------------------------------------------------------------
+// node:fs/promises – async file operations
+// ---------------------------------------------------------------------------
+declare module "node:fs/promises" {
+  export function readFile(path: string, encoding: BufferEncoding): Promise<string>;
+  export function writeFile(path: string, data: string | Buffer): Promise<void>;
+  export function access(path: string, mode?: number): Promise<void>;
+}
+
+// ---------------------------------------------------------------------------
+// node:url – URL utilities
+// ---------------------------------------------------------------------------
+declare module "node:url" {
+  export function fileURLToPath(url: string | URL): string;
+  export function pathToFileURL(path: string): URL;
+  export class URL {
+    constructor(input: string, base?: string | URL);
+    href: string;
+    origin: string;
+    protocol: string;
+    host: string;
+    hostname: string;
+    port: string;
+    pathname: string;
+    search: string;
+    hash: string;
+  }
+}
+
+// ---------------------------------------------------------------------------
+// node:os – OS utilities
+// ---------------------------------------------------------------------------
+declare module "node:os" {
+  export function tmpdir(): string;
+  export function homedir(): string;
+  export function platform(): string;
+  export function arch(): string;
+}
+
+// ---------------------------------------------------------------------------
+// react-markdown – markdown renderer for React
+// The package ships index.d.ts but does not expose it via its exports map,
+// so moduleResolution:bundler cannot find it. Stub the default export here.
+// ---------------------------------------------------------------------------
+declare module "react-markdown" {
+  import type { ReactNode, ComponentType } from "react";
+  interface ReactMarkdownProps {
+    children?: string;
+    remarkPlugins?: unknown[];
+    rehypePlugins?: unknown[];
+    components?: Record<string, ComponentType<Record<string, unknown>>>;
+  }
+  export default function ReactMarkdown(props: ReactMarkdownProps): ReactNode;
+}
+
+// ---------------------------------------------------------------------------
+// remark-gfm – GitHub-Flavored Markdown plugin for remark/react-markdown
+// Same exports-map issue as react-markdown above.
+// ---------------------------------------------------------------------------
+declare module "remark-gfm" {
+  const remarkGfm: (...args: unknown[]) => unknown;
+  export default remarkGfm;
+}
+
+// ---------------------------------------------------------------------------
+// rehype-sanitize – HTML sanitization plugin for rehype/react-markdown
+// Same exports-map issue as react-markdown above.
+// ---------------------------------------------------------------------------
+declare module "rehype-sanitize" {
+  interface SanitizeSchema {
+    tagNames?: string[];
+    attributes?: Record<string, string[]>;
+    protocols?: Record<string, string[]>;
+    [key: string]: unknown;
+  }
+  export const defaultSchema: SanitizeSchema;
+  const rehypeSanitize: (...args: unknown[]) => unknown;
+  export default rehypeSanitize;
+}
+
+// ---------------------------------------------------------------------------
+// node:child_process – child process utilities
+// ---------------------------------------------------------------------------
+declare module "node:child_process" {
+  export interface SpawnOptions {
+    cwd?: string;
+    env?: Record<string, string>;
+    stdio?: "pipe" | "inherit" | "ignore";
+  }
+  export interface ChildProcess {
+    pid?: number;
+    stdout: unknown;
+    stderr: unknown;
+    stdin: unknown;
+    on(event: string, listener: (...args: unknown[]) => void): this;
+    kill(signal?: string): boolean;
+  }
+  export function spawn(command: string, args?: string[], options?: SpawnOptions): ChildProcess;
+  export function execSync(
+    command: string,
+    options?: { encoding?: BufferEncoding; cwd?: string },
+  ): string | Buffer;
+}

package/src/types/motion-dom.d.ts

@@ -0,0 +1,162 @@
+/**
+ * Ambient type declarations for motion-dom 12.x, framer-motion 12.x shims,
+ * and process.env augmentation for Next.js/browser environments.
+ *
+ * motion-dom ships without bundled type declarations in some versions.
+ * This stub satisfies the imports that framer-motion's types expect.
+ * Remove this file once motion-dom ships with its own .d.ts files.
+ */
+
+declare module "motion-dom" {
+  /** A motion value that can animate between values. */
+  export class MotionValue<T = unknown> {
+    get(): T;
+    set(v: T): void;
+    on(event: string, cb: (v: T) => void): () => void;
+  }
+
+  /** CSS transform property names that motion supports independently. */
+  export interface TransformProperties {
+    x?: number | string;
+    y?: number | string;
+    z?: number | string;
+    rotate?: number | string;
+    rotateX?: number | string;
+    rotateY?: number | string;
+    rotateZ?: number | string;
+    scale?: number | string;
+    scaleX?: number | string;
+    scaleY?: number | string;
+    skew?: number | string;
+    skewX?: number | string;
+    skewY?: number | string;
+    originX?: number | string;
+    originY?: number | string;
+    originZ?: number | string;
+    perspective?: number | string;
+    translateX?: number | string;
+    translateY?: number | string;
+    translateZ?: number | string;
+  }
+
+  /** SVG path-specific animatable properties. */
+  export interface SVGPathProperties {
+    pathLength?: number;
+    pathOffset?: number;
+    pathSpacing?: number;
+  }
+
+  /** Target values for an animation — CSS properties plus transforms. */
+  export type TargetAndTransition = Record<string, unknown>;
+
+  /** A named set of animation states. */
+  export type VariantLabels = string | string[];
+
+  /** Transition configuration. */
+  export type Transition = Record<string, unknown>;
+
+  /** Bounding box used for drag constraints. */
+  export interface BoundingBox {
+    top: number;
+    right: number;
+    bottom: number;
+    left: number;
+  }
+
+  /** Information about a pan/drag gesture. */
+  export interface PanInfo {
+    point: { x: number; y: number };
+    delta: { x: number; y: number };
+    offset: { x: number; y: number };
+    velocity: { x: number; y: number };
+  }
+
+  /** The core animation props exposed by every motion element. */
+  export interface MotionNodeOptions {
+    /** Initial visual state — can be a variant name, object, or false. */
+    initial?: boolean | TargetAndTransition | VariantLabels;
+    /** Animation target — can be a variant name, object, or controls. */
+    animate?: TargetAndTransition | VariantLabels;
+    /** State to animate to when removed from the React tree (requires AnimatePresence). */
+    exit?: TargetAndTransition | VariantLabels;
+    /** Named animation variants. */
+    // biome-ignore lint/suspicious/noExplicitAny: variant functions accept arbitrary custom args (e.g. stagger index)
+    variants?: Record<string, TargetAndTransition | ((arg: any) => TargetAndTransition)>;
+    /** Transition defaults for this element. */
+    transition?: Transition;
+    /** Animate when hovered. */
+    whileHover?: TargetAndTransition | VariantLabels;
+    /** Animate while focused. */
+    whileFocus?: TargetAndTransition | VariantLabels;
+    /** Animate while tapped / clicked. */
+    whileTap?: TargetAndTransition | VariantLabels;
+    /** Animate while dragging. */
+    whileDrag?: TargetAndTransition | VariantLabels;
+    /** Animate while element is in viewport. */
+    whileInView?: TargetAndTransition | VariantLabels;
+    /** Enable dragging. */
+    drag?: boolean | "x" | "y";
+    /** Drag constraints (ref or pixel values). */
+    dragConstraints?: false | Partial<BoundingBox> | { current: Element | null };
+    /** Drag elasticity (0 = rigid, 1 = full). */
+    dragElastic?: boolean | number | Partial<BoundingBox>;
+    /** Drag momentum. */
+    dragMomentum?: boolean;
+    /** Enable layout animations. */
+    layout?: boolean | "position" | "size" | "preserve-aspect";
+    /** Layout ID for shared-layout transitions. */
+    layoutId?: string;
+    /** Custom prop forwarding filter. */
+    custom?: unknown;
+    /** Called when animation starts. */
+    onAnimationStart?: (definition: string) => void;
+    /** Called when animation completes. */
+    onAnimationComplete?: (definition: string) => void;
+    /** Called when drag starts. */
+    onDragStart?: (event: MouseEvent | TouchEvent | PointerEvent, info: PanInfo) => void;
+    /** Called while dragging. */
+    onDrag?: (event: MouseEvent | TouchEvent | PointerEvent, info: PanInfo) => void;
+    /** Called when drag ends. */
+    onDragEnd?: (event: MouseEvent | TouchEvent | PointerEvent, info: PanInfo) => void;
+    /** Called when element enters viewport. */
+    onViewportEnter?: (entry: IntersectionObserverEntry | null) => void;
+    /** Called when element leaves viewport. */
+    onViewportLeave?: (entry: IntersectionObserverEntry | null) => void;
+    /** Inherited variant from parent. */
+    inherit?: boolean;
+    /** Viewport options for whileInView. */
+    viewport?: {
+      once?: boolean;
+      root?: React.RefObject<Element>;
+      margin?: string;
+      amount?: "some" | "all" | number;
+    };
+  }
+
+  export type ElementOrSelector = Element | string | NodeListOf<Element> | Element[];
+
+  export type DOMKeyframesDefinition = Record<string, unknown>;
+
+  export type AnimationOptions = Record<string, unknown>;
+
+  export interface AnimationPlaybackControlsWithThen {
+    then(resolve: () => void, reject?: () => void): Promise<void>;
+    cancel(): void;
+    complete(): void;
+    pause(): void;
+    play(): void;
+    stop(): void;
+  }
+
+  export type AnimationPlaybackControls = AnimationPlaybackControlsWithThen;
+
+  export type AnimationScope<T = Element> = {
+    readonly current: T;
+    animations: AnimationPlaybackControls[];
+  };
+
+  export type ValueAnimationTransition = Record<string, unknown>;
+
+  export type NodeGroup = unknown;
+  export type IProjectionNode = unknown;
+}

package/src/types/vitest-matchers.d.ts

@@ -0,0 +1,40 @@
+/**
+ * Type augmentation for @testing-library/jest-dom vitest matchers.
+ *
+ * The @testing-library/jest-dom package ships without types/vitest.d.ts
+ * in this npm install. This file augments @vitest/expect's Assertion
+ * interface with the jest-dom matchers.
+ *
+ * This is a module file (export {} below) so the declare module blocks
+ * act as augmentation rather than replacement.
+ */
+
+// Make this a module file so declare module augments rather than replaces.
+export {};
+
+declare module "@vitest/expect" {
+  interface Assertion {
+    toBeInTheDocument(): void;
+    toBeVisible(): void;
+    toBeDisabled(): void;
+    toBeEnabled(): void;
+    toBeChecked(): void;
+    toBePartiallyChecked(): void;
+    toBeRequired(): void;
+    toBeValid(): void;
+    toBeInvalid(): void;
+    toBeEmptyDOMElement(): void;
+    toContainElement(element: Element | null): void;
+    toContainHTML(html: string): void;
+    toHaveAccessibleDescription(description?: string | RegExp): void;
+    toHaveAccessibleName(name?: string | RegExp): void;
+    toHaveAttribute(attr: string, value?: unknown): void;
+    toHaveClass(...classNames: string[]): void;
+    toHaveFocus(): void;
+    toHaveFormValues(values: Record<string, unknown>): void;
+    toHaveStyle(css: string | Record<string, unknown>): void;
+    toHaveTextContent(text: string | RegExp, options?: { normalizeWhitespace: boolean }): void;
+    toHaveValue(value?: string | string[] | number): void;
+    toHaveDisplayValue(value: string | RegExp | (string | RegExp)[]): void;
+  }
+}

package/src/types/web-mcp.d.ts

@@ -0,0 +1,22 @@
+/**
+ * Ambient type declarations for the WebMCP API (Chrome 146+ DevTrial).
+ * See: https://chromestatus.com/feature/xxxxx
+ *
+ * These types will be removed once WebMCP ships in stable Chrome
+ * and @types/web-mcp is published.
+ */
+
+interface ModelContextTool {
+  name: string;
+  description: string;
+  inputSchema: Record<string, unknown>;
+  handler: (params: Record<string, unknown>) => Promise<unknown>;
+}
+
+interface ModelContext {
+  registerTool(tool: ModelContextTool): void;
+}
+
+interface Navigator {
+  modelContext?: ModelContext;
+}

package/tsconfig.json

@@ -0,0 +1,34 @@
+{
+  "compilerOptions": {
+    "target": "ES2017",
+    "lib": ["dom", "dom.iterable", "esnext"],
+    "allowJs": true,
+    "skipLibCheck": true,
+    "strict": true,
+    "noEmit": true,
+    "esModuleInterop": true,
+    "module": "esnext",
+    "moduleResolution": "bundler",
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "jsx": "react-jsx",
+    "incremental": true,
+    "plugins": [
+      {
+        "name": "next"
+      }
+    ],
+    "paths": {
+      "@/*": ["./src/*"]
+    }
+  },
+  "include": [
+    "next-env.d.ts",
+    "**/*.ts",
+    "**/*.tsx",
+    ".next/types/**/*.ts",
+    ".next/dev/types/**/*.ts",
+    "**/*.mts"
+  ],
+  "exclude": ["node_modules", "e2e", "playwright.config.ts"]
+}