Skip to content

Add e2e tests, CI, AI crawlability files, and upgrade to Next.js 16 / mongodb 7#3

Merged
sis0k0 merged 6 commits into
mainfrom
add-tests-ci-crawlability
Jul 1, 2026
Merged

Add e2e tests, CI, AI crawlability files, and upgrade to Next.js 16 / mongodb 7#3
sis0k0 merged 6 commits into
mainfrom
add-tests-ci-crawlability

Conversation

@sis0k0

@sis0k0 sis0k0 commented Jun 30, 2026

Copy link
Copy Markdown
Member

Summary

Applies the MongoDB Developer AI & Search Crawlability checklist, adds an
end-to-end test suite with CI, and upgrades the template to the latest major
versions of Next.js, React, and the MongoDB driver.

What's included

Dependency upgrades & code migration

  • Next.js 15 → 16 (next@^16.2.9), React 19.0 → 19.2 (react/react-dom@^19.2.7),
    MongoDB driver 6 → 7 (mongodb@^7.4.0), eslint-config-next → 16
  • Migrated linting to the ESLint CLI (next lint was removed in Next 16) and
    rewrote eslint.config.mjs to a native flat config
  • Pinned the Turbopack workspace root in next.config.ts
  • Converted the Tailwind plugin require() to an ESM import
  • Updated README version references (Next.js 16, mongodb v7)

Tests & CI

  • Playwright end-to-end suite (tests/e2e/home.spec.ts, playwright.config.ts):
    • Renders the home page hero content (heading + Deploy button)
    • Asserts the MongoDB status badge shows Database connected (exercises
      app/page.tsxdb/connection-status.tslib/mongodb.ts → a real ping)
    • Runs against next dev locally and next start in CI
  • GitHub Actions CI (.github/workflows/ci.yml): lint → build → e2e against a
    mongo:latest service container, on Node 20.x and 22.x (max-parallel: 1),
    uploads the Playwright report as an artifact
  • package.json: adds @playwright/test and test / test:e2e / test:e2e:ui scripts
  • .gitignore: ignores Playwright artifacts

Security hardening (Semgrep)

  • Pinned all GitHub Actions to full commit SHAs (with version comments) to resolve
    the Semgrep mutable-action-reference findings: actions/checkout,
    actions/setup-node, actions/upload-artifact

Crawlability checklist files

  • README: added Features, Tech Stack, Architecture Overview (Mermaid diagram),
    Prerequisites, Environment Variables table, Project Structure, Testing, and
    Troubleshooting sections
  • AGENTS.md: build/test commands, project structure, env vars, MongoDB Skills + EDD guidance
  • EDD.md: documents the data layer honestly (connection-only template, no domain
    collections) with an example entity for extension
  • .claude/settings.json: enables the official MongoDB Claude plugin
  • LICENSE: Apache-2.0 (matches the org convention)

appName (devrel.nextjs.starter) was already set in lib/mongodb.ts.

Verification

  • npm run lint — clean (ESLint CLI, native flat config)
  • npm run build — succeeds on Next 16 (Turbopack), page prerenders static
  • npm run test:e2e — 2 passed locally (dev) and in CI mode (next start), against a real MongoDB
  • CI green on the upgraded stack

Notes / follow-ups (GitHub metadata, not in this PR)

These require repo-settings changes rather than file edits:

  • Description: currently empty — suggest e.g. "Full-stack Next.js 16 + MongoDB starter template (App Router, TypeScript, Tailwind/shadcn) with one-click Vercel + Atlas deploy."
  • Topics: suggest mongodb, nextjs, react, typescript, tailwindcss, shadcn-ui, vercel, template, fullstack
  • Repo name: the org's checklist suggests omitting mongodb from names in mongodb-developer; renaming is disruptive, so left as-is.

- Add Playwright end-to-end suite covering the home page and the MongoDB
  connection status badge
- Add GitHub Actions CI: lint, build, and e2e against a mongo service
  container on Node 20.x and 22.x
- Add AGENTS.md, EDD.md, .claude/settings.json, and Apache-2.0 LICENSE
- Expand README with features, tech stack, architecture diagram,
  prerequisites, environment variables, project structure, testing, and
  troubleshooting sections
@vercel

vercel Bot commented Jun 30, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
nextjs-template-mongodb Ready Ready Preview, Comment Jul 1, 2026 10:39am

Request Review

Comment thread .github/workflows/ci.yml Outdated

- name: Upload Playwright report
if: ${{ !cancelled() }}
uses: actions/upload-artifact@v4

@semgrep-code-mongodb semgrep-code-mongodb Bot Jun 30, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

GitHub Actions step uses a mutable tag or branch reference. Tags and branch names can be silently repointed by the action owner, enabling supply-chain attacks — as seen in the trivy-action and kics-github-action compromises. Pin the reference to a full 40-character commit SHA instead, e.g. uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608.

🧼 Fixed in commit f883b7e 🧼

Comment thread .github/workflows/ci.yml Outdated
uses: actions/checkout@v4

- name: Setup Node.js
uses: actions/setup-node@v4

@semgrep-code-mongodb semgrep-code-mongodb Bot Jun 30, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

GitHub Actions step uses a mutable tag or branch reference. Tags and branch names can be silently repointed by the action owner, enabling supply-chain attacks — as seen in the trivy-action and kics-github-action compromises. Pin the reference to a full 40-character commit SHA instead, e.g. uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608.

🥳 Fixed in commit f883b7e 🥳

Comment thread .github/workflows/ci.yml Outdated

steps:
- name: Checkout
uses: actions/checkout@v4

@semgrep-code-mongodb semgrep-code-mongodb Bot Jun 30, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

GitHub Actions step uses a mutable tag or branch reference. Tags and branch names can be silently repointed by the action owner, enabling supply-chain attacks — as seen in the trivy-action and kics-github-action compromises. Pin the reference to a full 40-character commit SHA instead, e.g. uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608.

🥳 Fixed in commit f883b7e 🥳

sis0k0 added 2 commits June 30, 2026 21:34
- Upgrade next 15->16, react/react-dom 19.0->19.2, mongodb 6->7, eslint-config-next 16
- Migrate lint to ESLint CLI (next lint removed in Next 16); rewrite eslint.config.mjs to native flat config
- Pin Turbopack workspace root in next.config.ts
- Convert tailwind plugin require() to ESM import
- Update README version references
Resolve Semgrep findings by pinning actions/checkout, actions/setup-node, and actions/upload-artifact to full commit SHAs with version comments.
@sis0k0 sis0k0 changed the title Add e2e tests, CI, and AI crawlability files Add e2e tests, CI, AI crawlability files, and upgrade to Next.js 16 / mongodb 7 Jun 30, 2026
Rename appName from devrel.nextjs.starter to devrel-github-javascript-nextjs to match the devrel-github-<language>-<stack> pattern used across the org's example repos (mean/mern). Updates EDD.md to match.
Use devrel-github-javascript-nextjs-ci so CI telemetry shares the recommended app prefix while remaining distinguishable from production.
Comment thread LICENSE Outdated
@sis0k0 sis0k0 merged commit 46305d5 into main Jul 1, 2026
6 checks passed
@sis0k0 sis0k0 deleted the add-tests-ci-crawlability branch July 1, 2026 10:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants