Skip to content

feat: migrate from Next.js to Vite and off Vercel (ENG-3644)#2

Open
dnehl wants to merge 2 commits into
mainfrom
eng-3644-migrate-infinex-off-vercel
Open

feat: migrate from Next.js to Vite and off Vercel (ENG-3644)#2
dnehl wants to merge 2 commits into
mainfrom
eng-3644-migrate-infinex-off-vercel

Conversation

@dnehl

@dnehl dnehl commented Jun 25, 2026

Copy link
Copy Markdown

Migrate the Infinex frontend from Next.js to Vite and prepare it for AWS Amplify hosting, mirroring the admin-dashboard setup.

  • Replace Next.js with Vite + @vitejs/plugin-react and the @vanilla-extract/vite-plugin; add index.html + src/main.tsx entry
  • Convert app/layout.tsx + app/page.tsx into src/app/app.tsx; load IBM Plex Sans Condensed via @fontsource instead of next/font
  • Swap next/image for , drop "use client" directives, and read the API key from import.meta.env.VITE_API_KEY
  • Add mise.toml + generated mise.lock for pinned Node/pnpm tooling
  • Point Biome at dist and use the git ignore file; lint no longer auto-writes (biome check + tsc)
  • Add amplify.yml and a mise-based GitHub Actions CI workflow

@dnehl @claude
feat: migrate from Next.js to Vite and off Vercel (ENG-3644)
f3c97d9 
Migrate the Infinex frontend from Next.js to Vite and prepare it for
AWS Amplify hosting, mirroring the admin-dashboard setup.

- Replace Next.js with Vite + @vitejs/plugin-react and the
  @vanilla-extract/vite-plugin; add index.html + src/main.tsx entry
- Convert app/layout.tsx + app/page.tsx into src/app/app.tsx; load
  IBM Plex Sans Condensed via @fontsource instead of next/font
- Swap next/image for <img>, drop "use client" directives, and read
  the API key from import.meta.env.VITE_API_KEY
- Add mise.toml + generated mise.lock for pinned Node/pnpm tooling
- Point Biome at dist and use the git ignore file; lint no longer
  auto-writes (biome check + tsc)
- Add amplify.yml and a mise-based GitHub Actions CI workflow

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@socket-security

socket-security Bot commented Jun 25, 2026
edited
Loading

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Added@​fontsource/​ibm-plex-sans-condensed@​5.2.878100858890
Addedvite@​6.4.3941008398100
Added@​vanilla-extract/​sprinkles@​1.7.010010010090100
Added@​vanilla-extract/​css@​1.21.0991009994100
Added@​vitejs/​plugin-react@​4.7.09910010094100
Added@​vanilla-extract/​vite-plugin@​5.2.31001009996100

View full report

@socket-security

socket-security Bot commented Jun 25, 2026
edited
Loading

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @emnapi/runtime is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/@vanilla-extract/vite-plugin@5.2.3npm/@emnapi/runtime@1.11.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@emnapi/runtime@1.11.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Low adoption: npm @fontsource/ibm-plex-sans-condensed

Location: Package overview

From: package.jsonnpm/@fontsource/ibm-plex-sans-condensed@5.2.8

ℹ Read more on: This package | This alert | What are unpopular packages?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Unpopular packages may have less maintenance and contain other problems.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@fontsource/ibm-plex-sans-condensed@5.2.8. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@petar-omni petar-omni petar-omni approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dnehl @petar-omni