nextjs-hackathon-stack 0.1.1 → 0.1.3

package/dist/index.js

@@ -18,9 +18,6 @@ function printBanner() {
 function success(msg) {
   p.log.success(msg);
 }
-function info(msg) {
-  p.log.info(msg);
-}
 function outro2(msg) {
   p.outro(pc.green(msg));
 }
@@ -104,37 +101,45 @@ async function scaffold(projectName, skipInstall) {
   if (!skipInstall) {
     spinner2.start("Installing dependencies (this may take a minute)");
     try {
-      execSync("npm install", { cwd: targetDir, stdio: "pipe" });
+      execSync("pnpm install", { cwd: targetDir, stdio: "pipe" });
       spinner2.stop("Dependencies installed");
     } catch (err) {
       spinner2.stop("Failed to install dependencies");
       const stderr = err instanceof Error && "stderr" in err ? err.stderr?.toString() : String(err);
-      p3.log.error(stderr || "npm install failed");
-      p3.log.info("You can install manually: cd " + projectName + " && npm install");
+      p3.log.error(stderr || "pnpm install failed");
+      p3.log.info("You can install manually: cd " + projectName + " && pnpm install");
     }
-    info("Running shadcn/ui init...");
+    spinner2.start("Initializing shadcn/ui");
     try {
-      execSync("npx shadcn@latest init --yes --defaults", {
+      execSync("npx shadcn@latest init --yes --defaults --force --silent", {
         cwd: targetDir,
-        stdio: "inherit"
+        stdio: "pipe"
       });
-      success("shadcn/ui initialized");
+      spinner2.stop("shadcn/ui initialized");
     } catch {
-      p3.log.warn("shadcn/ui init failed \u2014 run manually: npx shadcn@latest init");
+      spinner2.stop("shadcn/ui init failed \u2014 run manually: npx shadcn@latest init");
     }
-    info("Adding shadcn/ui base components...");
     const components = ["button", "input", "card", "form", "label"];
     for (const component of components) {
+      spinner2.start(`Adding shadcn/ui component: ${component}`);
       try {
-        execSync(`npx shadcn@latest add ${component} --yes`, {
+        execSync(`npx shadcn@latest add ${component} --yes --silent`, {
           cwd: targetDir,
-          stdio: "ignore"
+          stdio: "pipe"
         });
+        spinner2.stop(`Added shadcn/ui component: ${component}`);
       } catch {
-        p3.log.warn(`Failed to add component: ${component}`);
+        spinner2.stop(`Failed to add component: ${component}`);
       }
     }
-    success("shadcn/ui components added");
+  }
+  spinner2.start("Creating initial commit");
+  try {
+    execSync("git add -A", { cwd: targetDir, stdio: "ignore" });
+    execSync('git commit -m "chore: initial scaffold"', { cwd: targetDir, stdio: "ignore" });
+    spinner2.stop("Initial commit created");
+  } catch {
+    spinner2.stop("Could not create initial commit");
   }
   success(pc2.bold(`Project "${projectName}" created!`));
   console.log(`
@@ -146,13 +151,13 @@ async function scaffold(projectName, skipInstall) {
   console.log(`    ${pc2.dim("DATABASE_URL")}                   \u2014 from supabase.com > Project Settings > Database`);
   console.log(`    ${pc2.dim("AI_GATEWAY_URL")}                 \u2014 Vercel AI Gateway URL`);
   console.log(`    ${pc2.dim("MINIMAX_API_KEY")}                \u2014 from minimaxi.chat`);
-  console.log(`  ${pc2.cyan("npm run dev")}
+  console.log(`  ${pc2.cyan("pnpm dev")}
 `);
 }
 
 // src/index.ts
 var program = new Command();
-program.name("nextjs-hackathon-stack").description("Scaffold a full-stack Next.js 15 hackathon starter").version("0.1.0").argument("[project-name]", "Name of the project to create").option("--skip-install", "Skip npm install and shadcn/ui init", false).action(async (projectName, opts) => {
+program.name("nextjs-hackathon-stack").description("Scaffold a full-stack Next.js 15 hackathon starter").version("0.1.0").argument("[project-name]", "Name of the project to create").option("--skip-install", "Skip pnpm install and shadcn/ui init", false).action(async (projectName, opts) => {
   try {
     const options = await runCli(projectName, opts.skipInstall);
     await scaffold(options.projectName, options.skipInstall);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nextjs-hackathon-stack",
-  "version": "0.1.1",
+  "version": "0.1.3",
   "description": "Scaffold a full-stack Next.js hackathon starter",
   "type": "module",
   "bin": {

package/template/.cursor/agents/security-researcher.md

@@ -27,7 +27,7 @@ readonly: true
 - [ ] `.env.example` has no real values
 
 ### Dependencies
-- [ ] Run `npm audit` — report Critical/High findings
+- [ ] Run `pnpm audit` — report Critical/High findings
 - [ ] Review new dependencies for malicious packages
 
 ### Headers & Cookies

package/template/.cursor/agents/test-qa.md

@@ -11,7 +11,7 @@ readonly: false
 1. **RED** — write failing test that describes the desired behavior
 2. **GREEN** — write minimum code to make test pass
 3. **REFACTOR** — clean up while keeping tests green
-4. **VERIFY** — run `npm run test:coverage` and confirm 100%
+4. **VERIFY** — run `pnpm test:coverage` and confirm 100%
 
 ## AAA Pattern (Arrange-Act-Assert)
 
@@ -56,7 +56,7 @@ statements: 100%
 ```
 
 After every change:
-1. Run `npm run test:coverage`
+1. Run `pnpm test:coverage`
 2. If below 100%, add missing tests
 3. Never mark work complete without full coverage
 

package/template/.cursor/rules/security.mdc

@@ -12,7 +12,7 @@ alwaysApply: true
 4. **XSS** — never use `dangerouslySetInnerHTML`, escape user input
 5. **Broken Access Control** — RLS on all tables, auth check in all protected routes
 6. **Security Misconfiguration** — CSP, HSTS, X-Frame-Options in `next.config.ts`
-7. **Insecure Dependencies** — run `npm audit` regularly
+7. **Insecure Dependencies** — run `pnpm audit` regularly
 8. **SSRF** — validate URLs before fetch
 
 ## Environment Variables

package/template/.cursor/skills/create-api-route/SKILL.md

@@ -48,9 +48,9 @@ export async function POST(request: Request) {
 
 ### 4. Verify
 ```bash
-npm run test:unit
-npm run lint
-npm run typecheck
+pnpm test:unit
+pnpm lint
+pnpm typecheck
 ```
 
 ## Checklist

package/template/.cursor/skills/create-feature/SKILL.md

@@ -28,22 +28,22 @@ Write ALL test files first:
 - `__tests__/use-<feature>.test.ts` — hook tests
 - `__tests__/<action>.test.ts` — action tests
 
-Run `npm run test:unit` — all tests must FAIL (RED).
+Run `pnpm test:unit` — all tests must FAIL (RED).
 
 ### 4. TDD: GREEN Phase
 Implement minimum code to pass each test:
 - Components → actions → hooks → API routes
 
-Run `npm run test:unit` — all tests must PASS (GREEN).
+Run `pnpm test:unit` — all tests must PASS (GREEN).
 
 ### 5. Refactor
 Clean up while keeping tests green.
 
 ### 6. Verify
 ```bash
-npm run test:coverage   # Must show 100%
-npm run lint            # Must pass with 0 warnings
-npm run typecheck       # Must pass with 0 errors
+pnpm test:coverage   # Must show 100%
+pnpm lint            # Must pass with 0 warnings
+pnpm typecheck       # Must pass with 0 errors
 ```
 
 ## Guardrails

package/template/.cursor/skills/review-branch/SKILL.md

@@ -55,7 +55,7 @@ git diff develop...<branch-name>
 
 ### 4. Run Automated Checks
 ```bash
-npm run lint
-npm run typecheck
-npm run test:coverage
+pnpm lint
+pnpm typecheck
+pnpm test:coverage
 ```

package/template/.cursor/skills/security-audit/SKILL.md

@@ -10,7 +10,7 @@ disable-model-invocation: true
 
 ### 1. Dependency Audit
 ```bash
-npm audit
+pnpm audit
 ```
 Categorize findings by: Critical / High / Medium / Low
 

package/template/.env.example

@@ -1,5 +1,5 @@
 # =============================================================================
-# REQUIRED — fill these in before running npm run dev
+# REQUIRED — fill these in before running pnpm dev
 # =============================================================================
 
 # Supabase — https://supabase.com > Project Settings > API

package/template/README.md

@@ -39,28 +39,28 @@ AI_GATEWAY_URL=https://gateway.ai.vercel.app/v1/your-team-id/your-gateway-id
 ### 2. Run the dev server
 
 ```bash
-npm run dev
+pnpm dev
 ```
 
 ### 3. Apply database migrations
 
 ```bash
-npm run db:generate
-npm run db:migrate
+pnpm db:generate
+pnpm db:migrate
 ```
 
 ## Scripts
 
 ```bash
-npm run dev          # Start dev server
-npm run build        # Production build
-npm run lint         # Lint (0 warnings allowed)
-npm run typecheck    # TypeScript check
-npm run test         # Unit tests
-npm run test:coverage # Tests with coverage (100% required)
-npm run test:e2e     # Playwright e2e tests
-npm run db:generate  # Generate Drizzle migrations
-npm run db:migrate   # Apply migrations
+pnpm dev             # Start dev server
+pnpm build           # Production build
+pnpm lint            # Lint (0 warnings allowed)
+pnpm typecheck       # TypeScript check
+pnpm test            # Unit tests
+pnpm test:coverage   # Tests with coverage (100% required)
+pnpm test:e2e        # Playwright e2e tests
+pnpm db:generate     # Generate Drizzle migrations
+pnpm db:migrate      # Apply migrations
 ```
 
 ## Environment Variables

package/template/playwright.config.ts

@@ -15,7 +15,7 @@ export default defineConfig({
     { name: "chromium", use: { ...devices["Desktop Chrome"] } },
   ],
   webServer: {
-    command: "npm run dev",
+    command: "pnpm dev",
     url: "http://localhost:3000",
     reuseExistingServer: !process.env["CI"],
   },

package/template/src/app/(auth)/login/page.tsx

@@ -2,9 +2,14 @@ import { LoginForm } from "@/features/auth/components/login-form";
 
 export default function LoginPage() {
   return (
-    <main className="flex min-h-screen items-center justify-center">
-      <div className="w-full max-w-md p-8">
-        <h1 className="mb-8 text-2xl font-bold">Sign in</h1>
+    <main className="flex min-h-screen items-center justify-center bg-muted/40 px-4">
+      <div className="w-full max-w-sm space-y-6">
+        <div className="text-center">
+          <h1 className="text-3xl font-bold tracking-tight">Welcome back</h1>
+          <p className="mt-2 text-sm text-muted-foreground">
+            Sign in to your account to continue
+          </p>
+        </div>
         <LoginForm />
       </div>
     </main>

package/template/src/features/auth/components/login-form.tsx

@@ -5,6 +5,10 @@ import { useForm } from "react-hook-form";
 import { zodResolver } from "@hookform/resolvers/zod";
 import { z } from "zod";
 import { loginAction, type LoginActionState } from "../actions/login.action";
+import { Button } from "@/shared/components/ui/button";
+import { Input } from "@/shared/components/ui/input";
+import { Label } from "@/shared/components/ui/label";
+import { Card, CardContent, CardHeader, CardTitle, CardDescription } from "@/shared/components/ui/card";
 
 const schema = z.object({
   email: z.string().email("Invalid email"),
@@ -32,49 +36,52 @@ export function LoginForm() {
   });
 
   return (
-    <form onSubmit={onSubmit} data-testid="login-form" className="space-y-4">
-      {state.status === "error" && (
-        <p role="alert" className="text-sm text-red-600">
-          {state.message}
-        </p>
-      )}
-      <div>
-        <label htmlFor="email" className="block text-sm font-medium">
-          Email
-        </label>
-        <input
-          id="email"
-          type="email"
-          autoComplete="email"
-          {...register("email")}
-          className="mt-1 block w-full rounded border px-3 py-2"
-        />
-        {errors.email && (
-          <p className="mt-1 text-sm text-red-600">{errors.email.message}</p>
-        )}
-      </div>
-      <div>
-        <label htmlFor="password" className="block text-sm font-medium">
-          Password
-        </label>
-        <input
-          id="password"
-          type="password"
-          autoComplete="current-password"
-          {...register("password")}
-          className="mt-1 block w-full rounded border px-3 py-2"
-        />
-        {errors.password && (
-          <p className="mt-1 text-sm text-red-600">{errors.password.message}</p>
-        )}
-      </div>
-      <button
-        type="submit"
-        disabled={isPending}
-        className="w-full rounded bg-primary px-4 py-2 text-primary-foreground disabled:opacity-50"
-      >
-        {isPending ? "Signing in..." : "Sign in"}
-      </button>
-    </form>
+    <Card>
+      <CardHeader>
+        <CardTitle>Sign in</CardTitle>
+        <CardDescription>Enter your email and password below</CardDescription>
+      </CardHeader>
+      <CardContent>
+        <form onSubmit={onSubmit} data-testid="login-form" className="space-y-4">
+          {state.status === "error" && (
+            <p role="alert" className="rounded-md bg-destructive/10 px-3 py-2 text-sm text-destructive">
+              {state.message}
+            </p>
+          )}
+
+          <div className="space-y-1.5">
+            <Label htmlFor="email">Email</Label>
+            <Input
+              id="email"
+              type="email"
+              autoComplete="email"
+              placeholder="you@example.com"
+              {...register("email")}
+            />
+            {errors.email && (
+              <p className="text-sm text-destructive">{errors.email.message}</p>
+            )}
+          </div>
+
+          <div className="space-y-1.5">
+            <Label htmlFor="password">Password</Label>
+            <Input
+              id="password"
+              type="password"
+              autoComplete="current-password"
+              placeholder="••••••••"
+              {...register("password")}
+            />
+            {errors.password && (
+              <p className="text-sm text-destructive">{errors.password.message}</p>
+            )}
+          </div>
+
+          <Button type="submit" className="w-full" disabled={isPending}>
+            {isPending ? "Signing in…" : "Sign in"}
+          </Button>
+        </form>
+      </CardContent>
+    </Card>
   );
 }