Files
Momento/memento-note/next.config.ts
Antigravity 88a7d2ad0a
All checks were successful
CI / Lint, Unit Tests & Build (push) Successful in 7m59s
CI / Deploy production (on server) (push) Successful in 24s
fix(audit): nettoyage accès, garde-fous build, unification quotas
Semaine 1 — fuites et accès :
- /archive rendu accessible via sidebar (était invisible)
- Suppression pages orphelines : /chat, /graph, /support, test-title-suggestions
- Fixes i18n : search-modal (clé non interpolée), sidebar tooltips, export PDF
- 15 locales mises à jour

Semaine 2 — garde-fous :
- 8 erreurs TS fixees → ignoreBuildErrors: false (build type-safe)
- reactStrictMode: true (dev-only, zero impact prod)
- reserveUsageOrThrow → wrapper deprecie vers reserveAiUsageOrThrow
- auth-guard.ts : requireAuthOrResponse() + requireAdminOrResponse()

Tests 212/212 | Lint 0 erreur | Build OK | tsc 0 erreur
2026-07-17 18:47:44 +00:00

89 lines
2.5 KiB
TypeScript

import type { NextConfig } from "next";
const nextConfig: NextConfig = {
// Enable standalone output for Docker
output: 'standalone',
// Type-check at build time (TS errors block the build)
typescript: {
ignoreBuildErrors: false,
},
// These server-side packages use Node.js internals (buffers, native modules, etc.)
// and must not be bundled by Turbopack — they are required directly by Node.js at runtime.
serverExternalPackages: ['pptxgenjs', 'dagre', 'elkjs'],
// Serve dynamically uploaded files via API route (public/ is read-only in production)
async rewrites() {
return [
{
source: '/uploads/:path*',
destination: '/api/uploads/:path*',
},
]
},
async headers() {
return [
{
// Apply to all routes
source: '/(.*)',
headers: [
// Prevent clickjacking
{ key: 'X-Frame-Options', value: 'SAMEORIGIN' },
// Prevent MIME-type sniffing
{ key: 'X-Content-Type-Options', value: 'nosniff' },
// Limit referrer info to same-origin
{ key: 'Referrer-Policy', value: 'strict-origin-when-cross-origin' },
// Disable browser features not needed by the app
{
key: 'Permissions-Policy',
value: 'camera=(), microphone=(), geolocation=(), payment=()',
},
// HSTS — enforce HTTPS for 1 year (prod only; harmless in dev)
{
key: 'Strict-Transport-Security',
value: 'max-age=31536000; includeSubDomains',
},
// Legacy XSS filter for older browsers
{ key: 'X-XSS-Protection', value: '1; mode=block' },
],
},
]
},
async redirects() {
return [
{
source: '/shared',
destination: '/?shared=1',
permanent: false,
},
{
source: '/reminders',
destination: '/home?reminders=1',
permanent: false,
},
]
},
// Image optimization (enabled for better performance)
images: {
formats: ['image/avif', 'image/webp'],
},
// Hide the "compiling" indicator
devIndicators: false,
// React strict mode: double-invokes effects/renders in DEV ONLY (zero prod impact).
// Catches missing cleanups and side-effects in render. May surface pre-existing
// dev-mode issues that were hidden when this was disabled.
reactStrictMode: true,
// Allow development origins for HMR and Dev Server access
allowedDevOrigins: ['192.168.1.83'],
};
export default nextConfig;