GTEdgeAI/gt-ai-os-community
3
0
Fork 0
Code Issues Packages Releases Wiki Activity
Files
1dbc93f53b01c7d948f869749ee81b4524ba4227
gt-ai-os-community/apps/tenant-app/next.config.js
HackWeasel b9dfb86260 GT AI OS Community Edition v2.0.33 
Security hardening release addressing CodeQL and Dependabot alerts:

- Fix stack trace exposure in error responses
- Add SSRF protection with DNS resolution checking
- Implement proper URL hostname validation (replaces substring matching)
- Add centralized path sanitization to prevent path traversal
- Fix ReDoS vulnerability in email validation regex
- Improve HTML sanitization in validation utilities
- Fix capability wildcard matching in auth utilities
- Update glob dependency to address CVE
- Add CodeQL suppression comments for verified false positives

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-12 17:04:45 -05:00

52 lines
1.6 KiB
JavaScript
Raw Blame History

/** @type {import('next').NextConfig} */
const nextConfig = {
// Disable trailing slash redirects so our API routes can handle them
skipTrailingSlashRedirect: true,
// Ignore ESLint errors during production build
eslint: {
ignoreDuringBuilds: true,
},
// Ignore TypeScript errors during production build (for speed)
typescript: {
ignoreBuildErrors: true,
},
// Remove console logs in production builds
compiler: {
removeConsole: process.env.NODE_ENV === 'production' ? {
exclude: ['error'],
} : false,
},
// NOTE: Server-side environment variables (TENANT_BACKEND_URL, etc.) are NOT defined here
// to prevent Next.js from inlining them at build time. They are read from process.env at
// runtime, allowing Docker containers to inject the correct URLs via environment variables.
// This enables flexible deployment without rebuilding when backend URLs change.
// Rewrites disabled for /api - using API routes at src/app/api/v1/[...path]/route.ts for server-side proxying
// This ensures proper handling of redirects and Docker internal networking
async rewrites() {
return [
{
source: '/ws/:path*',
destination: `${process.env.INTERNAL_BACKEND_URL || 'http://tenant-backend:8000'}/ws/:path*`,
},
{
source: '/socket.io/:path*',
destination: `${process.env.INTERNAL_BACKEND_URL || 'http://tenant-backend:8000'}/socket.io/:path*`,
},
];
},
webpack: (config) => {
config.resolve.fallback = {
fs: false,
net: false,
tls: false,
};
return config;
},
};
module.exports = nextConfig;
View Git Blame Copy Permalink