nextjs-hackathon-stack 0.1.2 → 0.1.4

package/dist/index.js

@@ -101,13 +101,13 @@ async function scaffold(projectName, skipInstall) {
   if (!skipInstall) {
     spinner2.start("Installing dependencies (this may take a minute)");
     try {
-      execSync("npm install", { cwd: targetDir, stdio: "pipe" });
+      execSync("pnpm install", { cwd: targetDir, stdio: "pipe" });
       spinner2.stop("Dependencies installed");
     } catch (err) {
       spinner2.stop("Failed to install dependencies");
       const stderr = err instanceof Error && "stderr" in err ? err.stderr?.toString() : String(err);
-      p3.log.error(stderr || "npm install failed");
-      p3.log.info("You can install manually: cd " + projectName + " && npm install");
+      p3.log.error(stderr || "pnpm install failed");
+      p3.log.info("You can install manually: cd " + projectName + " && pnpm install");
     }
     spinner2.start("Initializing shadcn/ui");
     try {
@@ -133,6 +133,14 @@ async function scaffold(projectName, skipInstall) {
       }
     }
   }
+  spinner2.start("Creating initial commit");
+  try {
+    execSync("git add -A", { cwd: targetDir, stdio: "ignore" });
+    execSync('git commit -m "chore: initial scaffold"', { cwd: targetDir, stdio: "ignore" });
+    spinner2.stop("Initial commit created");
+  } catch {
+    spinner2.stop("Could not create initial commit");
+  }
   success(pc2.bold(`Project "${projectName}" created!`));
   console.log(`
   ${pc2.dim("Next steps:")}`);
@@ -143,13 +151,13 @@ async function scaffold(projectName, skipInstall) {
   console.log(`    ${pc2.dim("DATABASE_URL")}                   \u2014 from supabase.com > Project Settings > Database`);
   console.log(`    ${pc2.dim("AI_GATEWAY_URL")}                 \u2014 Vercel AI Gateway URL`);
   console.log(`    ${pc2.dim("MINIMAX_API_KEY")}                \u2014 from minimaxi.chat`);
-  console.log(`  ${pc2.cyan("npm run dev")}
+  console.log(`  ${pc2.cyan("pnpm dev")}
 `);
 }
 
 // src/index.ts
 var program = new Command();
-program.name("nextjs-hackathon-stack").description("Scaffold a full-stack Next.js 15 hackathon starter").version("0.1.0").argument("[project-name]", "Name of the project to create").option("--skip-install", "Skip npm install and shadcn/ui init", false).action(async (projectName, opts) => {
+program.name("nextjs-hackathon-stack").description("Scaffold a full-stack Next.js 15 hackathon starter").version("0.1.0").argument("[project-name]", "Name of the project to create").option("--skip-install", "Skip pnpm install and shadcn/ui init", false).action(async (projectName, opts) => {
   try {
     const options = await runCli(projectName, opts.skipInstall);
     await scaffold(options.projectName, options.skipInstall);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nextjs-hackathon-stack",
-  "version": "0.1.2",
+  "version": "0.1.4",
   "description": "Scaffold a full-stack Next.js hackathon starter",
   "type": "module",
   "bin": {

package/template/.cursor/agents/security-researcher.md

@@ -27,7 +27,7 @@ readonly: true
 - [ ] `.env.example` has no real values
 
 ### Dependencies
-- [ ] Run `npm audit` — report Critical/High findings
+- [ ] Run `pnpm audit` — report Critical/High findings
 - [ ] Review new dependencies for malicious packages
 
 ### Headers & Cookies

package/template/.cursor/agents/test-qa.md

@@ -11,7 +11,7 @@ readonly: false
 1. **RED** — write failing test that describes the desired behavior
 2. **GREEN** — write minimum code to make test pass
 3. **REFACTOR** — clean up while keeping tests green
-4. **VERIFY** — run `npm run test:coverage` and confirm 100%
+4. **VERIFY** — run `pnpm test:coverage` and confirm 100%
 
 ## AAA Pattern (Arrange-Act-Assert)
 
@@ -56,7 +56,7 @@ statements: 100%
 ```
 
 After every change:
-1. Run `npm run test:coverage`
+1. Run `pnpm test:coverage`
 2. If below 100%, add missing tests
 3. Never mark work complete without full coverage
 

package/template/.cursor/rules/security.mdc

@@ -12,7 +12,7 @@ alwaysApply: true
 4. **XSS** — never use `dangerouslySetInnerHTML`, escape user input
 5. **Broken Access Control** — RLS on all tables, auth check in all protected routes
 6. **Security Misconfiguration** — CSP, HSTS, X-Frame-Options in `next.config.ts`
-7. **Insecure Dependencies** — run `npm audit` regularly
+7. **Insecure Dependencies** — run `pnpm audit` regularly
 8. **SSRF** — validate URLs before fetch
 
 ## Environment Variables

package/template/.cursor/skills/create-api-route/SKILL.md

@@ -48,9 +48,9 @@ export async function POST(request: Request) {
 
 ### 4. Verify
 ```bash
-npm run test:unit
-npm run lint
-npm run typecheck
+pnpm test:unit
+pnpm lint
+pnpm typecheck
 ```
 
 ## Checklist

package/template/.cursor/skills/create-feature/SKILL.md

@@ -28,22 +28,22 @@ Write ALL test files first:
 - `__tests__/use-<feature>.test.ts` — hook tests
 - `__tests__/<action>.test.ts` — action tests
 
-Run `npm run test:unit` — all tests must FAIL (RED).
+Run `pnpm test:unit` — all tests must FAIL (RED).
 
 ### 4. TDD: GREEN Phase
 Implement minimum code to pass each test:
 - Components → actions → hooks → API routes
 
-Run `npm run test:unit` — all tests must PASS (GREEN).
+Run `pnpm test:unit` — all tests must PASS (GREEN).
 
 ### 5. Refactor
 Clean up while keeping tests green.
 
 ### 6. Verify
 ```bash
-npm run test:coverage   # Must show 100%
-npm run lint            # Must pass with 0 warnings
-npm run typecheck       # Must pass with 0 errors
+pnpm test:coverage   # Must show 100%
+pnpm lint            # Must pass with 0 warnings
+pnpm typecheck       # Must pass with 0 errors
 ```
 
 ## Guardrails

package/template/.cursor/skills/review-branch/SKILL.md

@@ -55,7 +55,7 @@ git diff develop...<branch-name>
 
 ### 4. Run Automated Checks
 ```bash
-npm run lint
-npm run typecheck
-npm run test:coverage
+pnpm lint
+pnpm typecheck
+pnpm test:coverage
 ```

package/template/.cursor/skills/security-audit/SKILL.md

@@ -10,7 +10,7 @@ disable-model-invocation: true
 
 ### 1. Dependency Audit
 ```bash
-npm audit
+pnpm audit
 ```
 Categorize findings by: Critical / High / Medium / Low
 

package/template/.env.example

@@ -1,5 +1,5 @@
 # =============================================================================
-# REQUIRED — fill these in before running npm run dev
+# REQUIRED — fill these in before running pnpm dev
 # =============================================================================
 
 # Supabase — https://supabase.com > Project Settings > API

package/template/README.md

@@ -39,28 +39,28 @@ AI_GATEWAY_URL=https://gateway.ai.vercel.app/v1/your-team-id/your-gateway-id
 ### 2. Run the dev server
 
 ```bash
-npm run dev
+pnpm dev
 ```
 
 ### 3. Apply database migrations
 
 ```bash
-npm run db:generate
-npm run db:migrate
+pnpm db:generate
+pnpm db:migrate
 ```
 
 ## Scripts
 
 ```bash
-npm run dev          # Start dev server
-npm run build        # Production build
-npm run lint         # Lint (0 warnings allowed)
-npm run typecheck    # TypeScript check
-npm run test         # Unit tests
-npm run test:coverage # Tests with coverage (100% required)
-npm run test:e2e     # Playwright e2e tests
-npm run db:generate  # Generate Drizzle migrations
-npm run db:migrate   # Apply migrations
+pnpm dev             # Start dev server
+pnpm build           # Production build
+pnpm lint            # Lint (0 warnings allowed)
+pnpm typecheck       # TypeScript check
+pnpm test            # Unit tests
+pnpm test:coverage   # Tests with coverage (100% required)
+pnpm test:e2e        # Playwright e2e tests
+pnpm db:generate     # Generate Drizzle migrations
+pnpm db:migrate      # Apply migrations
 ```
 
 ## Environment Variables

package/template/package.json.tmpl

@@ -31,7 +31,9 @@
     "@hookform/resolvers": "^3",
     "zod": "^3",
     "react": "^19",
-    "react-dom": "^19"
+    "react-dom": "^19",
+    "clsx": "^2",
+    "tailwind-merge": "^2"
   },
   "devDependencies": {
     "typescript": "^5",

package/template/playwright.config.ts

@@ -15,7 +15,7 @@ export default defineConfig({
     { name: "chromium", use: { ...devices["Desktop Chrome"] } },
   ],
   webServer: {
-    command: "npm run dev",
+    command: "pnpm dev",
     url: "http://localhost:3000",
     reuseExistingServer: !process.env["CI"],
   },

package/template/src/features/auth/components/login-form.tsx

@@ -5,10 +5,10 @@ import { useForm } from "react-hook-form";
 import { zodResolver } from "@hookform/resolvers/zod";
 import { z } from "zod";
 import { loginAction, type LoginActionState } from "../actions/login.action";
-import { Button } from "@/components/ui/button";
-import { Input } from "@/components/ui/input";
-import { Label } from "@/components/ui/label";
-import { Card, CardContent, CardHeader, CardTitle, CardDescription } from "@/components/ui/card";
+import { Button } from "@/shared/components/ui/button";
+import { Input } from "@/shared/components/ui/input";
+import { Label } from "@/shared/components/ui/label";
+import { Card, CardContent, CardHeader, CardTitle, CardDescription } from "@/shared/components/ui/card";
 
 const schema = z.object({
   email: z.string().email("Invalid email"),

package/template/src/shared/lib/utils.ts

@@ -0,0 +1,6 @@
+import { type ClassValue, clsx } from "clsx";
+import { twMerge } from "tailwind-merge";
+
+export function cn(...inputs: ClassValue[]) {
+  return twMerge(clsx(inputs));
+}