Conversation
Bumps the npm_and_yarn group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [graphql](https://github.com/graphql/graphql-js) | `16.7.1` | `16.8.1` | | [next](https://github.com/vercel/next.js) | `14.2.4` | `14.2.10` | | [postcss](https://github.com/postcss/postcss) | `8.4.27` | `8.4.31` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` | Updates `graphql` from 16.7.1 to 16.8.1 - [Release notes](https://github.com/graphql/graphql-js/releases) - [Commits](graphql/graphql-js@v16.7.1...v16.8.1) Updates `next` from 14.2.4 to 14.2.10 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v14.2.4...v14.2.10) Updates `postcss` from 8.4.27 to 8.4.31 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.27...8.4.31) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `micromatch` from 4.0.5 to 4.0.8 - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.5...4.0.8) --- updated-dependencies: - dependency-name: graphql dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: next dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: micromatch dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…arn-40d9cccc4f Bump the npm_and_yarn group across 1 directory with 5 updates
Bumps the npm_and_yarn group with 1 update in the / directory: [nanoid](https://github.com/ai/nanoid). Updates `nanoid` from 3.3.6 to 3.3.8 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.3.6...3.3.8) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…arn-af93afb32e Bump nanoid from 3.3.6 to 3.3.8 in the npm_and_yarn group across 1 directory
Bumps the npm_and_yarn group with 2 updates in the / directory: [next](https://github.com/vercel/next.js) and [cross-spawn](https://github.com/moxystudio/node-cross-spawn). Updates `next` from 14.2.10 to 14.2.21 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v14.2.10...v14.2.21) Updates `cross-spawn` from 7.0.3 to 7.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v7.0.3...v7.0.6) --- updated-dependencies: - dependency-name: next dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: cross-spawn dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…arn-b42a7f98e3 Bump the npm_and_yarn group across 1 directory with 2 updates
Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 14.2.21 to 14.2.30 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v14.2.21...v14.2.30) --- updated-dependencies: - dependency-name: next dependency-version: 14.2.30 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…arn-3bd7c2c787 Bump next from 14.2.21 to 14.2.30 in the npm_and_yarn group across 1 directory
📝 WalkthroughSummary by CodeRabbit
✏️ Tip: You can customize this high-level summary in your review settings. WalkthroughAdds Dependabot config; implements a redeploy branch in the deploy API and UI; updates BridgeInstance (redeploy, view, copy, error reporting); adjusts bridge mappings (instagramgo, facebookgo, signal); tweaks login copy/inputs and repository link; bumps package dependencies and packageManager; minor formatting/tsconfig changes. Changes
Sequence DiagramsequenceDiagram
participant UI as BridgeInstance UI
participant API as /api/deploy Route
participant Fly as Fly Machines API
participant Beeper as Beeper App API
UI->>API: POST /api/deploy { redeploy: true, appName, flyToken }
API->>Fly: GET /v1/apps/{appName}/machines
Fly-->>API: machines list
API->>Fly: POST /v1/apps/{appName}/machines/{machineId}/updates (image: ghcr.io/beeper/bridge-manager)
Fly-->>API: update response
API->>Fly: (optionally) POST create volume -> returns volumeId
API->>Fly: POST create machine with mounts and services
Fly-->>API: machine creation response
loop Poll for bridge registration
API->>Beeper: GET /api/apps/{appName}/bridges
Beeper-->>API: bridge status
end
API-->>UI: 200 success or 4xx/5xx error (with error details)
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes 🚥 Pre-merge checks | ✅ 2 | ❌ 3❌ Failed checks (2 warnings, 1 inconclusive)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Bumps the npm_and_yarn group with 3 updates in the / directory: [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime), [brace-expansion](https://github.com/juliangruber/brace-expansion) and [js-yaml](https://github.com/nodeca/js-yaml). Updates `@babel/runtime` from 7.22.10 to 7.28.4 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.28.4/packages/babel-runtime) Updates `brace-expansion` from 1.1.11 to 1.1.12 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12) Updates `js-yaml` from 4.1.0 to 4.1.1 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@4.1.0...4.1.1) --- updated-dependencies: - dependency-name: "@babel/runtime" dependency-version: 7.28.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: js-yaml dependency-version: 4.1.1 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
⛔ Files ignored due to path filters (1)
yarn.lockis excluded by!**/yarn.lock,!**/*.lock
📒 Files selected for processing (8)
.github/dependabot.yml(1 hunks)app/api/deploy/route.ts(4 hunks)app/components/BeeperLogin.tsx(3 hunks)app/components/BridgeDeploy.tsx(2 hunks)app/components/BridgeInstance.tsx(2 hunks)app/components/FlyLogin.tsx(1 hunks)app/components/Welcome.tsx(1 hunks)package.json(2 hunks)
🧰 Additional context used
🧬 Code graph analysis (1)
app/api/deploy/route.ts (1)
app/api/bridges/route.ts (1)
POST(4-63)
🔇 Additional comments (9)
app/components/FlyLogin.tsx (1)
15-19: LGTM! Clear documentation improvement.The update to reference "org deploy token" with a direct link to the tokens page improves user guidance and aligns with Fly.io's authentication best practices.
.github/dependabot.yml (1)
1-11: LGTM! Standard Dependabot configuration.The Dependabot setup is correctly configured for yarn with weekly updates, which will help keep dependencies current and secure.
package.json (2)
5-5: Good addition for dependency management.The
packageManagerfield helps ensure consistent package manager versions across environments when using Corepack.
19-22: Dependency versions are secure and verified.All three versions are legitimate, secure releases:
- graphql@16.8.1: Fixes CVE-2023-26144 (DoS vulnerability)
- next@14.2.32: Fixes CVE-2025-57822 (SSRF in Middleware) and CVE-2025-57752 (image optimization cache issue from 14.2.31)
- postcss@8.4.31: Fixes CVE-2023-44270 (parsing/injection vulnerability)
The Next.js update from 14.2.4 to 14.2.32 is a patch-level change within the same minor version (28 patch updates), not a significant version jump. No breaking changes are expected from these security-focused patch updates.
app/components/BeeperLogin.tsx (2)
36-37: Good UX improvement for code input handling.Stripping whitespace allows users to paste codes formatted with spaces (like "123 456") and have them work correctly.
85-91: Better input type for numeric codes.Changing from
type="number"totype="text"withinputMode="numeric"is the correct approach for verification codes, as it prevents invalid characters (e, +, -, .) while still showing the numeric keyboard on mobile devices.app/components/BridgeInstance.tsx (1)
57-62: Nice UX enhancements.The Copy button for the bot handle and the View on Fly link provide helpful shortcuts for users to interact with their deployed bridges.
app/api/deploy/route.ts (1)
51-203: LGTM! Existing deploy logic preserved.The formatting changes don't affect the deployment logic, and the flow remains intact with proper error handling and deployment verification.
app/components/BridgeDeploy.tsx (1)
47-49: Verify new bridge names are supported by the backend.The bridge mapping now includes
instagramgo,facebookgo, andsignal(replacing the oldghcr.io/beeper/bridge-managercontainer expects and are properly supported. Verify the changes are used consistently throughout the codebase and that no stale references to the old
| // If redeploy flag is passed, update existing machine to latest image | ||
| if (redeploy) { | ||
| const res_list = await fetch(`https://api.machines.dev/v1/apps/${appName}/machines`, { | ||
| method: 'GET', | ||
| headers: { | ||
| 'Authorization': `Bearer ${flyToken}`, | ||
| 'Content-Type': 'application/json', | ||
| } | ||
| }) | ||
|
|
||
| if (res_list.status !== 200) { | ||
| const list_data = await res_list.json() | ||
| return NextResponse.json({ error: JSON.stringify(list_data) }, { status: 500 }) | ||
| } | ||
|
|
||
| const machines = await res_list.json() | ||
| if (!machines || machines.length === 0) { | ||
| return NextResponse.json({ error: `No machines found for app ${appName}` }, { status: 404 }) | ||
| } | ||
|
|
||
| const machine = machines[0] | ||
|
|
||
| const update_res = await fetch(`https://api.machines.dev/v1/apps/${appName}/machines/${machine.id}`, { | ||
| method: 'POST', | ||
| headers: { | ||
| 'Authorization': `Bearer ${flyToken}`, | ||
| 'Content-Type': 'application/json', | ||
| }, | ||
| body: JSON.stringify({ | ||
| config: { | ||
| ...machine.config, | ||
| image: "ghcr.io/beeper/bridge-manager" | ||
| } | ||
| }) | ||
| }) | ||
|
|
||
| if (update_res.status !== 200) { | ||
| const update_data = await update_res.json() | ||
| return NextResponse.json({ error: JSON.stringify(update_data) }, { status: 500 }) | ||
| } | ||
|
|
||
| return NextResponse.json({ success: true }) | ||
| } |
There was a problem hiding this comment.
Redeploy logic needs improvements for robustness.
The redeploy implementation has several concerns:
-
Line 27: Always uses the first machine without validation - if multiple machines exist, is this intentional?
-
Line 38: The hardcoded image
"ghcr.io/beeper/bridge-manager"has no version tag:- Docker may use cached images instead of pulling the latest
- Consider using a specific tag or
:latestexplicitly - No guarantee the image will actually update
-
No deployment verification: Unlike the main deploy flow (lines 182-200), the redeploy returns immediately without confirming the machine restarted or is running the new image
-
Line 37: Spreading
...machine.configcould be risky if the config schema has changed between bridge-manager versions
Consider these improvements:
// If redeploy flag is passed, update existing machine to latest image
if (redeploy) {
const res_list = await fetch(`https://api.machines.dev/v1/apps/${appName}/machines`, {
method: 'GET',
headers: {
'Authorization': `Bearer ${flyToken}`,
'Content-Type': 'application/json',
}
})
if (res_list.status !== 200) {
const list_data = await res_list.json()
return NextResponse.json({ error: JSON.stringify(list_data) }, { status: 500 })
}
const machines = await res_list.json()
if (!machines || machines.length === 0) {
return NextResponse.json({ error: `No machines found for app ${appName}` }, { status: 404 })
}
const machine = machines[0]
const update_res = await fetch(`https://api.machines.dev/v1/apps/${appName}/machines/${machine.id}`, {
method: 'POST',
headers: {
'Authorization': `Bearer ${flyToken}`,
'Content-Type': 'application/json',
},
body: JSON.stringify({
config: {
...machine.config,
- image: "ghcr.io/beeper/bridge-manager"
+ image: "ghcr.io/beeper/bridge-manager:latest"
}
})
})
if (update_res.status !== 200) {
const update_data = await update_res.json()
return NextResponse.json({ error: JSON.stringify(update_data) }, { status: 500 })
}
+
+ // TODO: Consider adding verification that the machine restarted successfully
return NextResponse.json({ success: true })
}📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| // If redeploy flag is passed, update existing machine to latest image | |
| if (redeploy) { | |
| const res_list = await fetch(`https://api.machines.dev/v1/apps/${appName}/machines`, { | |
| method: 'GET', | |
| headers: { | |
| 'Authorization': `Bearer ${flyToken}`, | |
| 'Content-Type': 'application/json', | |
| } | |
| }) | |
| if (res_list.status !== 200) { | |
| const list_data = await res_list.json() | |
| return NextResponse.json({ error: JSON.stringify(list_data) }, { status: 500 }) | |
| } | |
| const machines = await res_list.json() | |
| if (!machines || machines.length === 0) { | |
| return NextResponse.json({ error: `No machines found for app ${appName}` }, { status: 404 }) | |
| } | |
| const machine = machines[0] | |
| const update_res = await fetch(`https://api.machines.dev/v1/apps/${appName}/machines/${machine.id}`, { | |
| method: 'POST', | |
| headers: { | |
| 'Authorization': `Bearer ${flyToken}`, | |
| 'Content-Type': 'application/json', | |
| }, | |
| body: JSON.stringify({ | |
| config: { | |
| ...machine.config, | |
| image: "ghcr.io/beeper/bridge-manager" | |
| } | |
| }) | |
| }) | |
| if (update_res.status !== 200) { | |
| const update_data = await update_res.json() | |
| return NextResponse.json({ error: JSON.stringify(update_data) }, { status: 500 }) | |
| } | |
| return NextResponse.json({ success: true }) | |
| } | |
| // If redeploy flag is passed, update existing machine to latest image | |
| if (redeploy) { | |
| const res_list = await fetch(`https://api.machines.dev/v1/apps/${appName}/machines`, { | |
| method: 'GET', | |
| headers: { | |
| 'Authorization': `Bearer ${flyToken}`, | |
| 'Content-Type': 'application/json', | |
| } | |
| }) | |
| if (res_list.status !== 200) { | |
| const list_data = await res_list.json() | |
| return NextResponse.json({ error: JSON.stringify(list_data) }, { status: 500 }) | |
| } | |
| const machines = await res_list.json() | |
| if (!machines || machines.length === 0) { | |
| return NextResponse.json({ error: `No machines found for app ${appName}` }, { status: 404 }) | |
| } | |
| const machine = machines[0] | |
| const update_res = await fetch(`https://api.machines.dev/v1/apps/${appName}/machines/${machine.id}`, { | |
| method: 'POST', | |
| headers: { | |
| 'Authorization': `Bearer ${flyToken}`, | |
| 'Content-Type': 'application/json', | |
| }, | |
| body: JSON.stringify({ | |
| config: { | |
| ...machine.config, | |
| image: "ghcr.io/beeper/bridge-manager:latest" | |
| } | |
| }) | |
| }) | |
| if (update_res.status !== 200) { | |
| const update_data = await update_res.json() | |
| return NextResponse.json({ error: JSON.stringify(update_data) }, { status: 500 }) | |
| } | |
| // TODO: Consider adding verification that the machine restarted successfully | |
| return NextResponse.json({ success: true }) | |
| } |
🤖 Prompt for AI Agents
In app/api/deploy/route.ts around lines 7 to 49, the redeploy branch is fragile:
it unconditionally picks the first machine, injects a hardcoded untagged image,
blindly spreads machine.config, and returns before verifying the update. Fix by
selecting the correct machine (validate if multiple exist and choose by
role/name or surface an error if ambiguous), require or append an explicit image
tag (or accept a tag param) instead of a bare registry string, build the new
config by copying only known-safe fields rather than blind ...machine.config
spreading, perform the machine update call and then poll the machine status
endpoint (with a short retry/backoff and a timeout) to verify the machine
restarted and is running the new image, and propagate detailed error responses
if selection, update, or verification fails.
| async function redeployBridge() { | ||
| setRedeploying(true) | ||
|
|
||
| const res = await fetch("/api/deploy", { | ||
| method: "POST", | ||
| headers: { | ||
| "Content-Type": "application/json" | ||
| }, | ||
| body: JSON.stringify({ | ||
| redeploy: true, | ||
| appName: name, | ||
| flyToken: flyToken | ||
| }) | ||
| }) | ||
|
|
||
| if (res.status !== 200) { | ||
| const error_data = await res.json() | ||
| setErrorMessage(error_data.error) | ||
| } | ||
|
|
||
| setRedeploying(false) | ||
| } |
There was a problem hiding this comment.
🛠️ Refactor suggestion | 🟠 Major
Improve redeploy error handling and user feedback.
The redeploy implementation has a few issues:
- The
redeployingstate is cleared even when an error occurs (line 47), which hides the error state from the user's perspective - There's no success feedback after a successful redeploy
- The
errorMessagefrom previous operations might still be displayed
Consider these improvements:
async function redeployBridge() {
setRedeploying(true)
+ setErrorMessage("") // Clear previous errors
const res = await fetch("/api/deploy", {
method: "POST",
headers: {
"Content-Type": "application/json"
},
body: JSON.stringify({
redeploy: true,
appName: name,
flyToken: flyToken
})
})
if (res.status !== 200) {
const error_data = await res.json()
setErrorMessage(error_data.error)
+ setRedeploying(false)
+ return
}
+ // Success feedback
+ setErrorMessage("") // Clear any errors
+ // Consider adding success state/message
setRedeploying(false)
}🤖 Prompt for AI Agents
In app/components/BridgeInstance.tsx around lines 27 to 48, improve redeploy
error handling by: clear any prior errorMessage before starting the request,
wrap the fetch in try/catch/finally, set a success message (e.g. "Redeploy
started") when res.status === 200, set errorMessage from the response in the
catch/failed branch, and move setRedeploying(false) into finally so redeploying
is only cleared after success or error handling is complete.
| <div className="px-20"> | ||
| <p className="mt-10">Use this web app to self-host bridges on your <a target="_blank" href={"https://fly.io/"} rel="noopener noreferrer">fly.io</a> account. Simply sign into Beeper and Fly, and this web app will run the bridge on your Fly account and install it in Beeper.</p> | ||
| <p className="mt-5">This site is open-source at <a target="_blank" href={"https://github.com/beeper/self-host-web"} rel="noopener noreferrer">https://github.com/beeper/self-host-web</a>. This webpage is being auto-deployed, however, you can run it from the GitHub if you prefer. Just follow the instructions in the README.</p> | ||
| <p className="mt-5">This site is open-source at <a target="_blank" href={"https://github.com/kubo6472/beeper-selfhost/"} rel="noopener noreferrer">https://github.com/kubo6472/beeper-selfhost</a>. This webpage is being auto-deployed, however, you can run it from the GitHub if you prefer. Just follow the instructions in the README.</p> |
There was a problem hiding this comment.
Confirm canonical GitHub URL (personal fork vs upstream).
Line 22 changes the “open‑source at” link to https://github.com/kubo6472/beeper-selfhost/, which appears to be a personal fork rather than the upstream project. For users of the main repo, this may be confusing and could send them to the wrong source of truth.
Unless the canonical project has actually moved to that URL, consider keeping (or switching back to) the upstream org repo instead:
- <p className="mt-5">This site is open-source at <a target="_blank" href={"https://github.com/kubo6472/beeper-selfhost/"} rel="noopener noreferrer">https://github.com/kubo6472/beeper-selfhost</a>. This webpage is being auto-deployed, however, you can run it from the GitHub if you prefer. Just follow the instructions in the README.</p>
+ <p className="mt-5">This site is open-source at <a target="_blank" href={"https://github.com/beeper/self-host-web"} rel="noopener noreferrer">https://github.com/beeper/self-host-web</a>. This webpage is being auto-deployed, however, you can run it from the GitHub if you prefer. Just follow the instructions in the README.</p>📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| <p className="mt-5">This site is open-source at <a target="_blank" href={"https://github.com/kubo6472/beeper-selfhost/"} rel="noopener noreferrer">https://github.com/kubo6472/beeper-selfhost</a>. This webpage is being auto-deployed, however, you can run it from the GitHub if you prefer. Just follow the instructions in the README.</p> | |
| <p className="mt-5">This site is open-source at <a target="_blank" href={"https://github.com/beeper/self-host-web"} rel="noopener noreferrer">https://github.com/beeper/self-host-web</a>. This webpage is being auto-deployed, however, you can run it from the GitHub if you prefer. Just follow the instructions in the README.</p> |
🤖 Prompt for AI Agents
In app/components/Welcome.tsx around line 22, the "open-source at" link points
to a personal fork (https://github.com/kubo6472/beeper-selfhost/) rather than
the upstream canonical repository; verify which repository is intended (upstream
org vs this fork) and then update the href and visible URL to the canonical
upstream repo if the project hasn't moved, or add a short note clarifying that
this is a personal fork if that was intentional so users are directed to the
correct source of truth.
…arn-0497ab73d8 Bump the npm_and_yarn group across 1 directory with 3 updates
Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Updates `next` from 14.2.32 to 16.1.5 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v14.2.32...v16.1.5) --- updated-dependencies: - dependency-name: next dependency-version: 16.1.5 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
…arn-a415b051ba Bump next from 14.2.32 to 16.1.5 in the npm_and_yarn group across 1 directory
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Fix all issues with AI agents
In `@package.json`:
- Around line 19-22: Update package.json to use eslint-config-next@16.x and
modify the "lint" script to run ESLint directly: change the dependency
"eslint-config-next" version from 13.4.13 to a 16.x range and replace the
existing "lint" script that invoked the removed "next lint" command with a
direct ESLint invocation (e.g., "lint": "eslint .") so the project uses the
correct Next.js 16 ESLint config and the script runs successfully.
| "graphql": "^16.8.1", | ||
| "graphql-request": "^6.1.0", | ||
| "next": "^14.2.4", | ||
| "postcss": "8.4.27", | ||
| "next": "^16.1.5", | ||
| "postcss": "8.4.31", |
There was a problem hiding this comment.
🧩 Analysis chain
🌐 Web query:
Next.js 16 official release React peer dependencies requirements
💡 Result:
Next.js 16 officially released on October 21, 2025. (nextjs.org)
For Next.js 16.1.1, the React peer dependency requirements are: (unpkg.com)
react:^18.2.0 || 19.0.0-rc-de68d2f4-20241204 || ^19.0.0react-dom:^18.2.0 || 19.0.0-rc-de68d2f4-20241204 || ^19.0.0
Citations:
- 1: https://nextjs.org/blog/next-16?utm_source=openai
- 2: https://unpkg.com/next%4016.1.1/package.json
🌐 Web query:
eslint-config-next versions compatibility Next.js 16
💡 Result:
For Next.js 16, you should use eslint-config-next 16.x (same major as next), because eslint-config-next pins @next/eslint-plugin-next to the exact same version (e.g., eslint-config-next@15.1.6 depends on @next/eslint-plugin-next@15.1.6). (app.unpkg.com)
Practical guidance (compatibility)
- If your app is on
next@16.*, installeslint-config-next@16.*(don’t keepeslint-config-next@15.*). (Next.js 16 is released; docs show latest 16.1.6.) (nextjs.org) - Next.js 16 removed
next lintand theeslintoption innext.config.js; run ESLint directly (or use the provided codemod). (nextjs.org) - Next.js 16 also shifts the Next ESLint plugin towards ESLint “flat config” by default. (nextjs.org)
What versions exist?
eslint-config-nexthas 16.0.1 stable releases (and canary 16.0.2 builds), so 16.x is available to match Next 16. (releasealert.dev)
Citations:
- 1: https://app.unpkg.com/eslint-config-next%4015.1.6/files/package.json?utm_source=openai
- 2: https://nextjs.org/docs/app/guides/upgrading/version-16
- 3: https://nextjs.org/docs/app/guides/upgrading/version-16
- 4: https://nextjs.org/docs/app/guides/upgrading/version-16?utm_source=openai
- 5: https://releasealert.dev/npmjs/_/eslint-config-next?utm_source=openai
🏁 Script executed:
# Find and read the package.json to see the full dependency context
fd package.json -x head -40 {}Repository: beeper/self-host-web
Length of output: 770
Upgrade eslint-config-next to 16.x and update the lint script.
Next.js 16 requires eslint-config-next@16.x to match the major version. The current eslint-config-next@13.4.13 is incompatible. Additionally, Next.js 16 removed the next lint command, so the lint script in package.json will fail—update it to run ESLint directly (e.g., "lint": "eslint ."). React 18.3.1 satisfies Next.js 16's requirements and does not need to be changed.
🤖 Prompt for AI Agents
In `@package.json` around lines 19 - 22, Update package.json to use
eslint-config-next@16.x and modify the "lint" script to run ESLint directly:
change the dependency "eslint-config-next" version from 13.4.13 to a 16.x range
and replace the existing "lint" script that invoked the removed "next lint"
command with a direct ESLint invocation (e.g., "lint": "eslint .") so the
project uses the correct Next.js 16 ESLint config and the script runs
successfully.
There was a problem hiding this comment.
Actionable comments posted: 1
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
app/components/Console.tsx (1)
10-27: AddbridgeRedeployedto the useEffect dependency array.
bridgeRedeployedis toggled by the redeploy handler but isn't in the dependency list, so the bridge list won't re-fetch after redeploy (unlike create and delete).🛠️ Suggested fix
- }, [bridgeDeleted, bridgeCreated]); + }, [bridgeDeleted, bridgeCreated, bridgeRedeployed]);
🤖 Fix all issues with AI agents
In `@app/components/FlyLogin.tsx`:
- Line 15: Update the hardcoded Fly.io token link in the FlyLogin component
paragraph to point to the current official org-scoped token docs; replace the
href value in the <p className="mt-4"> (the anchor inside that paragraph) from
"https://fly.io/tokens" to "https://fly.io/docs/flyctl/tokens-create-org/" so
users are directed to the correct org deploy token documentation.
🧹 Nitpick comments (3)
app/components/FlyLogin.tsx (1)
19-21: Associate the label with the token input for accessibility.A
<label htmlFor>improves screen‑reader support and click‑to‑focus behavior.♿ Suggested tweak
- <p>Your fly.io org deploy token:</p> - <form onSubmit={handleSubmit}> - <input className="p-2 border-2 rounded-md w-full" type={"password"} /> + <form onSubmit={handleSubmit}> + <label htmlFor="flyToken" className="block">Your Fly.io org deploy token:</label> + <input id="flyToken" className="p-2 border-2 rounded-md w-full" type="password" />app/components/BridgeInstance.tsx (1)
74-79: Hide/disable Redeploy whenonFlyis false.
If the app isn’t on Fly, redeploy will always fail—consider gating the button.♻️ Suggested tweak
- {!redeploying ? ( - <button className="p-2 rounded-md m-4 bg-blue-600 border-0 text-white hover:bg-blue-500" onClick={redeployBridge}>Redeploy</button> - ) : ( - <button className="p-2 rounded-md m-4 bg-blue-300 border-0 text-white" disabled={true}>Redeploying...</button> - )} + {onFly && (!redeploying ? ( + <button className="p-2 rounded-md m-4 bg-blue-600 border-0 text-white hover:bg-blue-500" onClick={redeployBridge}>Redeploy</button> + ) : ( + <button className="p-2 rounded-md m-4 bg-blue-300 border-0 text-white" disabled={true}>Redeploying...</button> + ))}app/api/deploy/route.ts (1)
136-206: Consider cleanup on partial failures to avoid orphaned resources.
If volume creation succeeds but machine creation (or later steps) fails, volumes/apps can be left behind. A compensating delete/rollback path would improve reliability and cost control.
| <p className="mt-4">{"We'll"} use Fly, a cloud hosting provider, to deploy your bridges. You can run up to 3 bridges for free, then {"they'll"} charge you $2/month for each additional bridge.</p> | ||
| <p className="mt-4">Create a Fly account at <a target="_blank" href={"https://fly.io/app/sign-up"} rel="noopener noreferrer">https://fly.io/app/sign-up</a>.</p> | ||
| <p className="mt-4">Next, generate an access token: <a target="_blank" href={"https://fly.io/user/personal_access_tokens"} rel="noopener noreferrer">https://fly.io/user/personal_access_tokens</a>. This allows the self-host utility to deploy bridges on your Fly account. Your token is passed directly from this web app to Fly, and all of the code involving your Fly token is open-source on GitHub.</p> | ||
| <p className="mt-4">Next, generate an org deploy token: <a target="_blank" href={"https://fly.io/tokens"} rel="noopener noreferrer">https://fly.io/tokens</a>. This allows the self-host utility to deploy bridges on your Fly account. Your token is passed directly from this web app to Fly, and all of the code involving your Fly token is open-source on GitHub.</p> |
There was a problem hiding this comment.
🧩 Analysis chain
🌐 Web query:
Fly.io org deploy token documentation URL tokens
💡 Result:
Fly.io docs for org deploy tokens (and token docs in general):
- Org-scoped deploy token (fly tokens create org):
https://fly.io/docs/flyctl/tokens-create-org/[1] - Access tokens overview (app-scoped vs org-scoped, best practices):
https://fly.io/docs/security/tokens/[2] - (Related) App-scoped deploy token (fly tokens create deploy):
https://fly.io/docs/flyctl/tokens-create-deploy/[3]
🌐 Web query:
site:fly.io/tokens page
💡 Result:
Fly.io “tokens” docs/pages (from site:fly.io/tokens page):
- Access tokens (overview): https://fly.io/docs/security/tokens/ [1]
- fly tokens (CLI command): https://fly.io/docs/flyctl/tokens/ [4]
- Machines API “Tokens” resource (OIDC): https://fly.io/docs/machines/api/tokens-resource/ [3]
- fly tokens create deploy: https://fly.io/docs/flyctl/tokens-create-deploy/ [5]
- fly tokens create org: https://fly.io/docs/flyctl/tokens-create-org/ [2]
- fly tokens create readonly: https://fly.io/docs/flyctl/tokens-create-readonly/ [6]
- fly tokens list: https://fly.io/docs/flyctl/tokens-list/ [8]
Sources: [1] [2] [3] [4] [5] [6] [8]
Update Fly.io org deploy token URL to the current official documentation.
The link https://fly.io/tokens does not match Fly.io's official documentation structure. Update it to https://fly.io/docs/flyctl/tokens-create-org/ for org-scoped deploy token guidance, or https://fly.io/docs/security/tokens/ for the broader tokens overview.
🤖 Prompt for AI Agents
In `@app/components/FlyLogin.tsx` at line 15, Update the hardcoded Fly.io token
link in the FlyLogin component paragraph to point to the current official
org-scoped token docs; replace the href value in the <p className="mt-4"> (the
anchor inside that paragraph) from "https://fly.io/tokens" to
"https://fly.io/docs/flyctl/tokens-create-org/" so users are directed to the
correct org deploy token documentation.
1 participant
tested on my vercel, resolves #10