import type { NextConfig } from "next"; const nextConfig: NextConfig = { // Enable standalone output for Docker output: 'standalone', // Pre-existing TS errors in 3rd-party import paths (next/cache cookies, AI SDK v6 maxSteps) // are false positives that don't affect runtime — skip type-check at build time typescript: { ignoreBuildErrors: true, }, // These server-side packages use Node.js internals (buffers, native modules, etc.) // and must not be bundled by Turbopack — they are required directly by Node.js at runtime. serverExternalPackages: ['pptxgenjs', 'dagre', 'elkjs'], // Serve dynamically uploaded files via API route (public/ is read-only in production) async rewrites() { return [ { source: '/uploads/:path*', destination: '/api/uploads/:path*', }, ] }, async headers() { return [ { // Apply to all routes source: '/(.*)', headers: [ // Prevent clickjacking { key: 'X-Frame-Options', value: 'SAMEORIGIN' }, // Prevent MIME-type sniffing { key: 'X-Content-Type-Options', value: 'nosniff' }, // Limit referrer info to same-origin { key: 'Referrer-Policy', value: 'strict-origin-when-cross-origin' }, // Disable browser features not needed by the app { key: 'Permissions-Policy', value: 'camera=(), microphone=(), geolocation=(), payment=()', }, // HSTS — enforce HTTPS for 1 year (prod only; harmless in dev) { key: 'Strict-Transport-Security', value: 'max-age=31536000; includeSubDomains', }, // Legacy XSS filter for older browsers { key: 'X-XSS-Protection', value: '1; mode=block' }, ], }, ] }, async redirects() { return [ { source: '/shared', destination: '/?shared=1', permanent: false, }, { source: '/reminders', destination: '/home?reminders=1', permanent: false, }, ] }, // Image optimization (enabled for better performance) images: { formats: ['image/avif', 'image/webp'], }, // Hide the "compiling" indicator devIndicators: false, // Disable strict mode: React 19 strict mode can cause double-invocation of render // functions during concurrent transitions, amplifying timing issues. reactStrictMode: false, // Allow development origins for HMR and Dev Server access // @ts-expect-error - Some NextConfig versions might require this in experimental allowedDevOrigins: ['192.168.1.83'], }; export default nextConfig;