leerob/leerob.io

I ran a production-readiness audit on my project and found the following issues. Please fix all of them: 1. I have a potential XSS vulnerability in mdx-components.tsx at line 12 using unsafe DOM manipulation. Please refactor to avoid dangerouslySetInnerHTML, innerHTML, eval(), and document.write(). If HTML rendering is truly needed, use a sanitization library like DOMPurify and sanitize all content before rendering. 2. My React/Next.js app is missing error boundaries. Please create an error.tsx file in the app/ directory to catch rendering errors. This prevents the entire app from crashing when a component throws an error, and shows a user-friendly fallback UI instead. 3. My Next.js app is missing a root error page. Please create a root error.tsx in the app/ directory that catches unhandled errors and shows a user-friendly error page with a retry option. 4. My project has no tests at all. Please set up a testing framework (vitest with @testing-library/react) and create initial tests for the most critical functionality. Start with: 1) Unit tests for core business logic, 2) Integration tests for API endpoints, 3) Component tests for key UI components. Set up a test script in package.json. 5. My project has no CI/CD configuration. Please create a GitHub Actions workflow (.github/workflows/ci.yml) that runs on push and pull requests. It should: 1) Install dependencies, 2) Run linting, 3) Run type checking, 4) Run tests, 5) Build the project. This ensures every change is automatically validated. 6. My project has no input validation library. Please install zod and add schema validation for all API endpoints and form inputs. Define schemas for request bodies, query parameters, and path parameters. Return clear validation error messages so clients know exactly what to fix. 7. My .gitignore is missing important entries. Please update .gitignore to exclude: node_modules/, .env, .env.*, dist/, build/, coverage/, .DS_Store, and any IDE-specific files. 8. My project has no linter or formatter configured. Please set up ESLint and Prettier (or Biome as an all-in-one alternative). Add a lint script to package.json and an .eslintrc config appropriate for the project's framework.