# Makerkit SaaS Starter ## Tech Stack - **Next.js 16** (App Router) + **React 19** + **TypeScript** - **Supabase** (Postgres, Auth, Storage) - **Tailwind CSS 4** + Shadcn UI - **Turborepo** monorepo ## Monorepo Structure | Directory | Purpose | Details | | ------------------- | ----------------------------- | --------------------------------- | | `apps/web` | Main Next.js app | See `apps/web/AGENTS.md` | | `apps/web/supabase` | Database schemas & migrations | See `apps/web/supabase/AGENTS.md` | | `apps/e2e` | Playwright E2E tests | See `apps/e2e/AGENTS.md` | | `packages/ui` | UI components (@kit/ui) | See `packages/ui/AGENTS.md` | | `packages/supabase` | Supabase clients | See `packages/supabase/AGENTS.md` | | `packages/next` | Next.js utilities | See `packages/next/AGENTS.md` | | `packages/features` | Feature packages | See `packages/features/AGENTS.md` | # Next.js: ALWAYS read docs before coding Before any Next.js work, find and read the relevant doc in `apps/web/node_modules/next/dist/docs/`. Your training data is outdated — the docs are the source of truth. ## Multi-Tenant Architecture - **Personal Accounts**: `auth.users.id = accounts.id` - **Team Accounts**: Shared workspaces with members, roles, permissions - Data links to accounts via `account_id` foreign key ## Essential Commands ```bash pnpm dev # Start development pnpm supabase:web:start # Start local Supabase pnpm supabase:web:reset # Reset database pnpm supabase:web:typegen # Generate TypeScript types pnpm typecheck # Type check pnpm lint:fix # Fix linting pnpm format:fix # Format code ``` ## Key Patterns (Quick Reference) | Pattern | Import | Details | | -------------- | ------------------------------------------------------------ | ----------------------------- | | Server Actions | `authActionClient` from `@kit/next/safe-action` | `packages/next/AGENTS.md` | | Route Handlers | `enhanceRouteHandler` from `@kit/next/routes` | `packages/next/AGENTS.md` | | Server Client | `getSupabaseServerClient` from `@kit/supabase/server-client` | `packages/supabase/AGENTS.md` | | UI Components | `@kit/ui/{component}` | `packages/ui/AGENTS.md` | | Translations | `Trans` from `@kit/ui/trans` | `packages/ui/AGENTS.md` | ## Authorization - **RLS enforces access control** - no manual auth checks needed with standard client - **Admin client** (`getSupabaseServerAdminClient`) bypasses RLS - use sparingly with manual validation ## Verification After implementation, always run: 1. `pnpm typecheck` 2. `pnpm lint:fix` 3. `pnpm format:fix` 4. Run code quality reviewer agent # GitNexus — Code Intelligence This project is indexed by GitNexus as **myeasycms-v2** (5424 symbols, 14434 relationships, 300 execution flows). Use the GitNexus MCP tools to understand code, assess impact, and navigate safely. > If any GitNexus tool warns the index is stale, run `npx gitnexus analyze` in terminal first. ## Always Do - **MUST run impact analysis before editing any symbol.** Before modifying a function, class, or method, run `gitnexus_impact({target: "symbolName", direction: "upstream"})` and report the blast radius (direct callers, affected processes, risk level) to the user. - **MUST run `gitnexus_detect_changes()` before committing** to verify your changes only affect expected symbols and execution flows. - **MUST warn the user** if impact analysis returns HIGH or CRITICAL risk before proceeding with edits. - When exploring unfamiliar code, use `gitnexus_query({query: "concept"})` to find execution flows instead of grepping. It returns process-grouped results ranked by relevance. - When you need full context on a specific symbol — callers, callees, which execution flows it participates in — use `gitnexus_context({name: "symbolName"})`. ## When Debugging 1. `gitnexus_query({query: ""})` — find execution flows related to the issue 2. `gitnexus_context({name: ""})` — see all callers, callees, and process participation 3. `READ gitnexus://repo/myeasycms-v2/process/{processName}` — trace the full execution flow step by step 4. For regressions: `gitnexus_detect_changes({scope: "compare", base_ref: "main"})` — see what your branch changed ## When Refactoring - **Renaming**: MUST use `gitnexus_rename({symbol_name: "old", new_name: "new", dry_run: true})` first. Review the preview — graph edits are safe, text_search edits need manual review. Then run with `dry_run: false`. - **Extracting/Splitting**: MUST run `gitnexus_context({name: "target"})` to see all incoming/outgoing refs, then `gitnexus_impact({target: "target", direction: "upstream"})` to find all external callers before moving code. - After any refactor: run `gitnexus_detect_changes({scope: "all"})` to verify only expected files changed. ## Never Do - NEVER edit a function, class, or method without first running `gitnexus_impact` on it. - NEVER ignore HIGH or CRITICAL risk warnings from impact analysis. - NEVER rename symbols with find-and-replace — use `gitnexus_rename` which understands the call graph. - NEVER commit changes without running `gitnexus_detect_changes()` to check affected scope. ## Tools Quick Reference | Tool | When to use | Command | |------|-------------|---------| | `query` | Find code by concept | `gitnexus_query({query: "auth validation"})` | | `context` | 360-degree view of one symbol | `gitnexus_context({name: "validateUser"})` | | `impact` | Blast radius before editing | `gitnexus_impact({target: "X", direction: "upstream"})` | | `detect_changes` | Pre-commit scope check | `gitnexus_detect_changes({scope: "staged"})` | | `rename` | Safe multi-file rename | `gitnexus_rename({symbol_name: "old", new_name: "new", dry_run: true})` | | `cypher` | Custom graph queries | `gitnexus_cypher({query: "MATCH ..."})` | ## Impact Risk Levels | Depth | Meaning | Action | |-------|---------|--------| | d=1 | WILL BREAK — direct callers/importers | MUST update these | | d=2 | LIKELY AFFECTED — indirect deps | Should test | | d=3 | MAY NEED TESTING — transitive | Test if critical path | ## Resources | Resource | Use for | |----------|---------| | `gitnexus://repo/myeasycms-v2/context` | Codebase overview, check index freshness | | `gitnexus://repo/myeasycms-v2/clusters` | All functional areas | | `gitnexus://repo/myeasycms-v2/processes` | All execution flows | | `gitnexus://repo/myeasycms-v2/process/{name}` | Step-by-step execution trace | ## Self-Check Before Finishing Before completing any code modification task, verify: 1. `gitnexus_impact` was run for all modified symbols 2. No HIGH/CRITICAL risk warnings were ignored 3. `gitnexus_detect_changes()` confirms changes match expected scope 4. All d=1 (WILL BREAK) dependents were updated ## Keeping the Index Fresh After committing code changes, the GitNexus index becomes stale. Re-run analyze to update it: ```bash npx gitnexus analyze ``` If the index previously included embeddings, preserve them by adding `--embeddings`: ```bash npx gitnexus analyze --embeddings ``` To check whether embeddings exist, inspect `.gitnexus/meta.json` — the `stats.embeddings` field shows the count (0 means no embeddings). **Running analyze without `--embeddings` will delete any previously generated embeddings.** > Claude Code users: A PostToolUse hook handles this automatically after `git commit` and `git merge`. ## CLI | Task | Read this skill file | |------|---------------------| | Understand architecture / "How does X work?" | `.claude/skills/gitnexus/gitnexus-exploring/SKILL.md` | | Blast radius / "What breaks if I change X?" | `.claude/skills/gitnexus/gitnexus-impact-analysis/SKILL.md` | | Trace bugs / "Why is X failing?" | `.claude/skills/gitnexus/gitnexus-debugging/SKILL.md` | | Rename / extract / split / refactor | `.claude/skills/gitnexus/gitnexus-refactoring/SKILL.md` | | Tools, resources, schema reference | `.claude/skills/gitnexus/gitnexus-guide/SKILL.md` | | Index, status, clean, wiki CLI commands | `.claude/skills/gitnexus/gitnexus-cli/SKILL.md` |