add: pnpm-lock.yaml #35

khulnasoft-bot · 2025-04-04T22:48:57Z

Category:

One of: Bugfix / Feature / Code style update / Refactoring Only / Build related changes / Documentation / Other (please specify)

Overview

Briefly outline your new changes...

Issue Number (if applicable) #00

New Vars (if applicable)

If you've added any new build scripts, environmental variables, config file options, dependency or devDependency, please outline here

Screenshot (if applicable)

If you've introduced any significant UI changes, please include a screenshot

Code Quality Checklist (Please complete)

All changes are backwards compatible
All lint checks and tests are passing
There are no (new) build warnings or errors
(If a new config option is added) Attribute is outlined in the schema and documented
(If a new dependency is added) Package is essential, and has been checked out for security or performance
(If significant change) Bumps version in package.json

Summary by Sourcery

Build:

Added pnpm lockfile to ensure consistent dependency versions across development environments

Summary by CodeRabbit

New Features
- Introduced a Minecraft Server widget that enables real-time server status monitoring with flexible configuration options.
Style
- Updated the visual presentation with a refreshed color palette, improved typography, and refined layout adjustments for a more modern, consistent experience.
Documentation
- Revised user guides and setup instructions to clearly reflect the latest configuration and workflow enhancements.
- Updated all references from Yarn to PNPM throughout the documentation, ensuring consistency in dependency management instructions.

Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com>

sourcery-ai · 2025-04-04T22:49:02Z

Reviewer's Guide by Sourcery

This pull request adds the pnpm-lock.yaml file to the repository. This file is used by pnpm to ensure that the same versions of dependencies are installed across different environments. This helps to ensure that the application is built and runs consistently.

No diagrams generated as the changes look simple and do not need a visual representation.

Tips and commands

Interacting with Sourcery

Trigger a new review: Comment @sourcery-ai review on the pull request.
Continue discussions: Reply directly to Sourcery's review comments.
Generate a GitHub issue from a review comment: Ask Sourcery to create an
issue from a review comment by replying to it. You can also reply to a
review comment with @sourcery-ai issue to create an issue from it.
Generate a pull request title: Write @sourcery-ai anywhere in the pull
request title to generate a title at any time. You can also comment
@sourcery-ai title on the pull request to (re-)generate the title at any time.
Generate a pull request summary: Write @sourcery-ai summary anywhere in
the pull request body to generate a PR summary at any time exactly where you
want it. You can also comment @sourcery-ai summary on the pull request to
(re-)generate the summary at any time.
Generate reviewer's guide: Comment @sourcery-ai guide on the pull
request to (re-)generate the reviewer's guide at any time.
Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
pull request to resolve all Sourcery comments. Useful if you've already
addressed all the comments and don't want to see them anymore.
Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
request to dismiss all existing Sourcery reviews. Especially useful if you
want to start fresh with a new review - don't forget to comment
@sourcery-ai review to trigger a new review!
Generate a plan of action for an issue: Comment @sourcery-ai plan on
an issue to generate a plan of action for it.

Customizing Your Experience

Access your dashboard to:

Enable or disable review features such as the Sourcery-generated pull request
summary, the reviewer's guide, and others.
Change the review language.
Add, remove or edit custom review instructions.
Adjust other review settings.

Getting Help

Contact our support team for questions or feedback.
Visit our documentation for detailed guides and information.
Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

coderabbitai · 2025-04-04T22:49:04Z

Walkthrough

This pull request transitions the project’s dependency management from Yarn to PNPM. Numerous configuration files, CI/CD workflows, Dockerfiles, documentation files, and scripts have been updated accordingly. In addition, new configuration files, CSS stylesheets, and TypeScript declarations have been introduced. The updates also include enhancements to tooling (ESLint, npm, VS Code tasks, webpack) and adjustments to the build and server commands. Overall, the changes modernize and streamline project setup, dependency resolution, and documentation.

Changes

File(s)	Change Summary
`.devcontainer/devcontainer.json`, `.dockerignore`, `.gitpod.yml`, `.github/pr-auto-comments.yml`, `.github/workflows/dependency-updates-summary.yml`, `.github/workflows/get-size.yml`, `.github/workflows/pnpm.yml`, `.github/workflows/yarn.yml` (deleted), `Dockerfile`, `docker/Dockerfile-arm32v7`, `docker/Dockerfile-arm64v8`, `docker/Dockerfile-lite`, `docker/Dockerfile-old`, `netlify.toml`, `docs/{configuring, deployment, developing, development-guides, management, quick-start, troubleshooting}.md`, `README.md`, `package.json`	Replaced Yarn commands and lock file references with PNPM equivalents across container setup, CI workflows, Docker configurations, documentation, and package scripts.
`.eslintrc.js`, `.npmrc`, `.vscode/tasks.json`, `package.json`, `vue.config.js`	Introduced new tooling configurations, updated build scripts, and enhanced webpack/PWA settings to align with the PNPM migration.
`pnpm-workspace.yaml`, `tsconfig.json`, `src/types/{global.d.ts, index.ts, vue-shim.d.ts}`, `src/@`	Added workspace definitions and TypeScript type declarations to improve modularization and type safety.
`docs/{credits.md, widgets.md}`	Updated documentation to reflect PNPM usage and added a new Minecraft Server widget section with configuration examples.
`public/css/*` (including `color-palette.css`, `color-themes.css`, `dimensions.css`, `global-styles.css`, `media-queries.css`, `schema-editor.css`, `style-helpers.css`, `typography.css`, `user-defined-themes.css`, `weather-icons.css`, `widgets/nextcloud-shared.css`)	Added multiple CSS files defining custom themes, typography, dimensions, and widget styles for consistent UI styling.
`scripts/download-fonts.js`, `scripts/update-sass.sh`, `server.js`, `services/rebuild-app.js`	Introduced new scripts for automated font downloads and SASS updates; updated server and rebuild commands (including memory configuration) to reflect new build processes.

Sequence Diagram(s)

sequenceDiagram
    participant PR as Pull Request
    participant GH as GitHub Actions
    participant Checkout as Checkout Action
    participant Node as Node.js Setup
    participant PNPM as PNPM CLI
    participant Export as pnpm-lock-export
    participant Comment as PR Commenter

    PR->>GH: Trigger on dependency change (pnpm-lock.yaml)
    GH->>Checkout: Checkout repository code
    Checkout->>Node: Set up Node.js (v18)
    Node->>PNPM: Install PNPM globally via npm
    PNPM->>PNPM: Install dependencies (--frozen-lockfile)
    PNPM->>Export: Run pnpm-lock-export for lock changes
    Export->>GH: Generate markdown summary of changes
    GH->>Comment: Comment on the pull request with summary

Suggested labels

enhancement, Review effort [1-5]: 3

Poem

Hop along, my dears, with code so bright,
I’ve left behind the old yarn in the night.
PNPM leads our hops in a brand-new way,
Updates and configs make a joyous day.
With each command, I bounce with glee,
A rabbit’s cheer for innovation, endlessly!
(_/)(•‿•)(> <)

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

Review comments: Directly reply to a review comment made by CodeRabbit. Example:
- I pushed a fix in commit <commit_id>, please review it.
- Generate unit testing code for this file.
- Open a follow-up GitHub issue for this discussion.
Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
- @coderabbitai generate unit testing code for this file.
- @coderabbitai modularize this function.
PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
- @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
- @coderabbitai read src/utils.ts and generate unit testing code.
- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
- @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

@coderabbitai pause to pause the reviews on a PR.
@coderabbitai resume to resume the paused reviews.
@coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
@coderabbitai full review to do a full review from scratch and review all the files again.
@coderabbitai summary to regenerate the summary of the PR.
@coderabbitai generate docstrings to generate docstrings for this PR.
@coderabbitai resolve resolve all the CodeRabbit review comments.
@coderabbitai plan to trigger planning for file edits and PR creation.
@coderabbitai configuration to show the current CodeRabbit configuration for the repository.
@coderabbitai help to get help.

Other keywords and placeholders

Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (`.coderabbit.yaml`)

You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
Please see the configuration documentation for more information.
If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

Visit our Documentation for detailed information on how to use CodeRabbit.
Join our Discord Community to get help, request features, and share feedback.
Follow us on X/Twitter for updates and announcements.

sourcery-ai

We have skipped reviewing this pull request. Here's why:

It seems to have been created by a bot (hey, khulnasoft-bot!). We assume it knows what it's doing!
All of the files are larger than we can process. We're working on it!

netlify · 2025-04-04T22:49:19Z

✅ Deploy Preview for shipyard ready!

Name	Link
🔨 Latest commit	`167eda6`
🔍 Latest deploy log	https://app.netlify.com/sites/shipyard/deploys/67f1e83386d4b80008c6b0e4
😎 Deploy Preview	https://deploy-preview-35--shipyard.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

codiumai-pr-agent-free · 2025-04-04T22:49:33Z

CI Feedback 🧐

(Feedback updated until commit `c20939a`)

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: Create pnpm Lock Changes Comment
Failed stage: Build machine-learning-apps/pr-comment@master [❌]
Failure summary: The action failed because the Docker build process couldn't install the Ruby gem `octokit`. The error occurs at line 10 in the Dockerfile with the command `RUN gem install octokit`. The specific issue is a Ruby version incompatibility: The current Ruby version in the Docker image is 2.7.8.225 The `octokit` gem depends on `public_suffix` which requires Ruby version >= 3.0 The error message suggests installing a specific version of `public_suffix` (5.1.1) first, but the fundamental issue is that the Ruby version is too old
Relevant error logs: 1: ##[group]Operating System 2: Ubuntu ... 72: #6 sha256:45ca5ff1e098ddc85430bad09d433dfab4be9417477a5778568a7877408f1cd0 1.36kB / 1.36kB done 73: #6 sha256:3d97617184c42d64792083f39c516c84b3073b4ed1ff6b8235c7d7096acc1dcc 6.28kB / 6.28kB done 74: #6 sha256:91d30c5bc19582de1415b18f1ec5bcbf52a558b62cf6cc201c9669df9f748c22 2.81MB / 2.81MB 0.1s done 75: #6 sha256:c0b2360bc8a61145966a48dadc4627a325c755f7a05419ad1776f76704302306 13.90MB / 13.90MB 0.2s done 76: #6 sha256:ca2bfe3c7e591e13f24752feb93c7337e9236e26b0c0d8e58e942f28ff441d81 172B / 172B 0.1s done 77: #6 extracting sha256:91d30c5bc19582de1415b18f1ec5bcbf52a558b62cf6cc201c9669df9f748c22 0.1s done 78: #6 extracting sha256:c52a5fbef9a7ca13abdb787ccddf6fb7d2ecad991b7d37fb776cd6d717b4e3d7 79: #6 extracting sha256:c52a5fbef9a7ca13abdb787ccddf6fb7d2ecad991b7d37fb776cd6d717b4e3d7 0.3s done 80: #6 extracting sha256:669ebe35e8508ac4a673ebf6ad67a95e27550896cb835fdd7a80cd80d9c0dc98 done 81: #6 extracting sha256:c0b2360bc8a61145966a48dadc4627a325c755f7a05419ad1776f76704302306 82: #6 extracting sha256:c0b2360bc8a61145966a48dadc4627a325c755f7a05419ad1776f76704302306 0.5s done 83: #6 extracting sha256:ca2bfe3c7e591e13f24752feb93c7337e9236e26b0c0d8e58e942f28ff441d81 84: #6 extracting sha256:ca2bfe3c7e591e13f24752feb93c7337e9236e26b0c0d8e58e942f28ff441d81 done 85: #6 DONE 1.2s 86: #7 [2/3] RUN gem install octokit 87: #7 55.93 ERROR: Error installing octokit: 88: #7 55.93 The last version of public_suffix (>= 2.0.2, < 7.0) to support your Ruby & RubyGems was 5.1.1. Try installing it with `gem install public_suffix -v 5.1.1` and then running the current command again 89: #7 55.93 public_suffix requires Ruby version >= 3.0. The current ruby version is 2.7.8.225. 90: #7 ERROR: process "/bin/sh -c gem install octokit" did not complete successfully: exit code: 1 91: ------ 92: > [2/3] RUN gem install octokit: 93: 55.93 ERROR: Error installing octokit: 94: 55.93 The last version of public_suffix (>= 2.0.2, < 7.0) to support your Ruby & RubyGems was 5.1.1. Try installing it with `gem install public_suffix -v 5.1.1` and then running the current command again 95: 55.93 public_suffix requires Ruby version >= 3.0. The current ruby version is 2.7.8.225. 96: ------ 97: Dockerfile:10 98: -------------------- 99: 8 \| LABEL "com.github.actions.color"="black" 100: 9 \| 101: 10 \| >>> RUN gem install octokit 102: 11 \| 103: 12 \| ADD entrypoint.sh /entrypoint.sh 104: -------------------- 105: ERROR: failed to solve: process "/bin/sh -c gem install octokit" did not complete successfully: exit code: 1 106: ##[warning]Docker build failed with exit code 1, back off 8.504 seconds before retry. 107: ##[command]/usr/bin/docker build -t 17ac56:5223cf80e1374269978c2edb8971efb7 -f "/home/runner/work/_actions/machine-learning-apps/pr-comment/master/Dockerfile" "/home/runner/work/_actions/machine-learning-apps/pr-comment/master" 108: #0 building with "default" instance using docker driver 109: #1 [internal] load build definition from Dockerfile 110: #1 transferring dockerfile: 567B done 111: #1 DONE 0.0s 112: #2 [internal] load metadata for docker.io/library/ruby:2.7-alpine 113: #2 DONE 0.1s 114: #3 [internal] load .dockerignore 115: #3 transferring context: 2B done 116: #3 DONE 0.0s 117: #4 [1/3] FROM docker.io/library/ruby:2.7-alpine@sha256:371668748735a808d1fd1c506878e09f40cb542ffc758cfa7eb124f90827e8d9 118: #4 CACHED 119: #5 [internal] load build context 120: #5 transferring context: 35B done 121: #5 DONE 0.0s 122: #6 [2/3] RUN gem install octokit 123: #6 54.81 ERROR: Error installing octokit: 124: #6 54.81 The last version of public_suffix (>= 2.0.2, < 7.0) to support your Ruby & RubyGems was 5.1.1. Try installing it with `gem install public_suffix -v 5.1.1` and then running the current command again 125: #6 54.81 public_suffix requires Ruby version >= 3.0. The current ruby version is 2.7.8.225. 126: #6 ERROR: process "/bin/sh -c gem install octokit" did not complete successfully: exit code: 1 127: ------ 128: > [2/3] RUN gem install octokit: 129: 54.81 ERROR: Error installing octokit: 130: 54.81 The last version of public_suffix (>= 2.0.2, < 7.0) to support your Ruby & RubyGems was 5.1.1. Try installing it with `gem install public_suffix -v 5.1.1` and then running the current command again 131: 54.81 public_suffix requires Ruby version >= 3.0. The current ruby version is 2.7.8.225. 132: ------ 133: Dockerfile:10 134: -------------------- 135: 8 \| LABEL "com.github.actions.color"="black" 136: 9 \| 137: 10 \| >>> RUN gem install octokit 138: 11 \| 139: 12 \| ADD entrypoint.sh /entrypoint.sh 140: -------------------- 141: ERROR: failed to solve: process "/bin/sh -c gem install octokit" did not complete successfully: exit code: 1 142: ##[warning]Docker build failed with exit code 1, back off 4.274 seconds before retry. 143: ##[command]/usr/bin/docker build -t 17ac56:5223cf80e1374269978c2edb8971efb7 -f "/home/runner/work/_actions/machine-learning-apps/pr-comment/master/Dockerfile" "/home/runner/work/_actions/machine-learning-apps/pr-comment/master" 144: #0 building with "default" instance using docker driver 145: #1 [internal] load build definition from Dockerfile 146: #1 transferring dockerfile: 567B done 147: #1 DONE 0.0s 148: #2 [internal] load metadata for docker.io/library/ruby:2.7-alpine 149: #2 DONE 0.1s 150: #3 [internal] load .dockerignore 151: #3 transferring context: 2B done 152: #3 DONE 0.0s 153: #4 [1/3] FROM docker.io/library/ruby:2.7-alpine@sha256:371668748735a808d1fd1c506878e09f40cb542ffc758cfa7eb124f90827e8d9 154: #4 CACHED 155: #5 [internal] load build context 156: #5 transferring context: 35B done 157: #5 DONE 0.0s 158: #6 [2/3] RUN gem install octokit 159: #6 55.56 ERROR: Error installing octokit: 160: #6 55.56 The last version of public_suffix (>= 2.0.2, < 7.0) to support your Ruby & RubyGems was 5.1.1. Try installing it with `gem install public_suffix -v 5.1.1` and then running the current command again 161: #6 55.56 public_suffix requires Ruby version >= 3.0. The current ruby version is 2.7.8.225. 162: #6 ERROR: process "/bin/sh -c gem install octokit" did not complete successfully: exit code: 1 163: ------ 164: > [2/3] RUN gem install octokit: 165: 55.56 ERROR: Error installing octokit: 166: 55.56 The last version of public_suffix (>= 2.0.2, < 7.0) to support your Ruby & RubyGems was 5.1.1. Try installing it with `gem install public_suffix -v 5.1.1` and then running the current command again 167: 55.56 public_suffix requires Ruby version >= 3.0. The current ruby version is 2.7.8.225. 168: ------ 169: Dockerfile:10 170: -------------------- 171: 8 \| LABEL "com.github.actions.color"="black" 172: 9 \| 173: 10 \| >>> RUN gem install octokit 174: 11 \| 175: 12 \| ADD entrypoint.sh /entrypoint.sh 176: -------------------- 177: ERROR: failed to solve: process "/bin/sh -c gem install octokit" did not complete successfully: exit code: 1 178: ##[endgroup] 179: ##[error]Docker build failed with exit code 1 180: Cleaning up orphan processes

qodo-code-review · 2025-04-04T22:49:34Z

Qodo Merge was enabled for this repository. To continue using it, please link your Git account with your Qodo account here.

CI Feedback 🧐

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: build
Failed stage: Get Compressed Size [❌]
Failure summary: The action failed because of a Node.js version incompatibility issue. The package `@achrinza/node-ipc@9.2.2` requires Node.js version "8 \|\| 10 \|\| 12 \|\| 14 \|\| 16 \|\| 17", but the environment is using Node.js version "20.19.0". This caused the `yarn install --frozen-lockfile` command to fail with exit code 1.
Relevant error logs: 1: ##[group]Operating System 2: Ubuntu ... 546: exclude: {./dist/manifest.json,*/.map,/node_modules/} 547: minimum-change-threshold: 100 548: build-script: build 549: show-total: true 550: collapse-unchanged: true 551: ##[endgroup] 552: PR #35 is targeted at master (master) 553: Stripping hash from build chunks using '\\b\\w{8}\\.' pattern. 554: ##[group][current] Install Dependencies 555: Installing using yarn --frozen-lockfile 556: [command]/usr/local/bin/yarn --frozen-lockfile 557: yarn install v1.22.22 558: [1/5] Validating package.json... 559: [2/5] Resolving packages... 560: [3/5] Fetching packages... 561: error @achrinza/node-ipc@9.2.2: The engine "node" is incompatible with this module. Expected version "8 \|\| 10 \|\| 12 \|\| 14 \|\| 16 \|\| 17". Got "20.19.0" 562: error Found incompatible module. 563: info Visit https://yarnpkg.com/en/docs/cli/install for documentation about this command. 564: ##[error]The process '/usr/local/bin/yarn' failed with exit code 1 565: Post job cleanup.

Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com>

scripts/download-fonts.js

+    const fontPath = path.join(outputDir, font.filename);
+    await downloadFile(woff2Url, fontPath);
+  } catch (err) {
+    console.error(`❌ Failed to download ${font.name}:`, err);


To fix the log injection issue, we need to sanitize the err.message before logging it. This can be done by removing any newline characters from the err.message to prevent log injection attacks. We will use String.prototype.replace to achieve this.

scripts/download-fonts.js

+    const weatherIconPath = path.join(widgetDir, weatherIcon.name);
+    await downloadFile(weatherIcon.url, weatherIconPath);
+  } catch (err) {
+    console.error(`❌ Error downloading ${weatherIcon.name}:`, err);


To fix the log injection issue, we need to sanitize the err.message before logging it. This can be done by removing any newline characters from the error message. We will use String.prototype.replace to achieve this. The changes will be made in the downloadFile function where the error is initially caught and in the downloadAllFonts function where the error is logged.

Signed-off-by: NxPKG <116948796+NxPKG@users.noreply.github.com>

coderabbitai

Actionable comments posted: 7

🧹 Nitpick comments (27)

src/@ (1)

1-1: Clarify the Placeholder File's Purpose

This new file contains only a single dot (.), which suggests it might be intended as a placeholder to ensure the directory is tracked by Git. It would be helpful to add a descriptive comment (or consider using a more conventional filename like .gitkeep) so that future maintainers immediately understand its purpose.
public/css/schema-editor.css (1)
10-11: Remove duplicate font name in font-family declaration
-  font-family: "Source Code Pro", "SF Mono", Monaco, Inconsolata, "Fira Mono",
-      "Droid Sans Mono", monospace, monospace;
+  font-family: "Source Code Pro", "SF Mono", Monaco, Inconsolata, "Fira Mono",
+      "Droid Sans Mono", monospace;
The word "monospace" appears twice in the font-family declaration, which is redundant.

🧰 Tools

🪛 Biome (1.9.4)

[error] 11-11: Duplicate font names are redundant and unnecessary: monospace

Remove duplicate font names within the property

(lint/suspicious/noDuplicateFontNames)
docker/Dockerfile-old (1)
15-15: Consider consistency in package file copying between Dockerfiles.

This explicitly copies package.json and pnpm-lock.yaml, while Dockerfile-arm32v7 uses wildcards with package*.json but doesn't explicitly copy the lock file.

Consider using the same approach across all Dockerfiles for consistency:
-COPY package.json pnpm-lock.yaml ./
+COPY package*.json pnpm-lock.yaml ./
scripts/update-sass.sh (1)
22-27: Appropriate feedback and SASS command execution.

The script provides clear feedback about what it's doing and uses the correct SASS command with proper flags.

Consider adding a check to verify the sass version to ensure compatibility with the compressed style and load path options:
 # Check if sass is installed
 if ! command -v sass &> /dev/null; then
     echo "sass is not installed. Please install it using: npm install -g sass"
     exit 1
 fi
+
+# Verify sass version
+SASS_VERSION=$(sass --version)
+echo "Using Sass version: $SASS_VERSION"
scripts/download-fonts.js (4)
42-45: Improve URL encoding for font names

The current implementation only replaces spaces with '+' characters, but font names might contain other special characters that need URL encoding.
const getGoogleFontsCss = (fontName) => {
-  const formatted = fontName.replace(/ /g, '+');
+  const formatted = encodeURIComponent(fontName).replace(/%20/g, '+');
  return `https://fonts.googleapis.com/css2?family=${formatted}&display=swap`;
};
47-62: Enhance error handling in HTTP request

The fetchCss function lacks status code checking and request timeout, which could lead to unexpected behavior if the server returns an error or never responds.
const fetchCss = (url) => {
  return new Promise((resolve, reject) => {
    const options = {
      headers: {
        'User-Agent':
          'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36',
      },
+     timeout: 10000, // 10 seconds timeout
    };

    https.get(url, options, (res) => {
+     if (res.statusCode !== 200) {
+       return reject(`Failed to fetch CSS: Status code ${res.statusCode}`);
+     }
      let data = '';
      res.on('data', (chunk) => (data += chunk));
      res.on('end', () => resolve(data));
    }).on('error', (err) => reject(err));
  });
};
85-102: Improve download performance with parallel processing

The current implementation downloads fonts sequentially. Using Promise.all would allow for concurrent downloads and improve performance.
const downloadAllFonts = async () => {
  const fontsDir = path.join(__dirname, '..', 'public', 'fonts');
  const widgetDir = path.join(__dirname, '..', 'public', 'widget-resources');

  fs.mkdirSync(fontsDir, { recursive: true });
  fs.mkdirSync(widgetDir, { recursive: true });

-  for (const font of fonts) {
-    await downloadGoogleFont(font, fontsDir);
-  }
+  // Download all fonts in parallel
+  await Promise.all(fonts.map(font => downloadGoogleFont(font, fontsDir)));

  try {
    const weatherIconPath = path.join(widgetDir, weatherIcon.name);
    await downloadFile(weatherIcon.url, weatherIconPath);
  } catch (err) {
    console.error(`❌ Error downloading ${weatherIcon.name}:`, err);
  }
};
🧰 Tools

🪛 GitHub Check: CodeQL

[warning] 100-100: Log injection
Log entry depends on a user-provided value.

16-19: Document the source of the weather icon

Adding a comment about the source of the weather icon would improve maintainability, especially if the URL changes in the future.
+// Weather Icons font from Erik Flowers' weather-icons project
+// https://github.com/erikflowers/weather-icons
const weatherIcon = {
  name: 'WeatherIcons.woff2',
  url: 'https://erikflowers.github.io/weather-icons/font/weathericons-regular-webfont.woff2',
};
docs/widgets.md (1)

1382-1418: Add Alt Text to the Widget Image

The new "Minecraft Server" widget section is clear and well structured. One small improvement is needed for accessibility: the image tag on line 1384 is missing an alt attribute. Please add a descriptive alt text (for example, alt="Minecraft Server status widget") to comply with accessibility guidelines and resolve MD045 warnings.

🧰 Tools

🪛 markdownlint-cli2 (0.17.2)

1386-1386: Images should have alternate text (alt text)
null

(MD045, no-alt-text)
public/css/weather-icons.css (1)
1-1: Format this minified CSS file for better readability

The CSS is currently minified into a single line, which makes it difficult to read, maintain, and review. While minification is appropriate for production, the source file in version control should ideally be formatted for readability.

Consider adding a pre-minified version to the repository or using a build step to handle minification:
-@font-face{font-family:"OpenWeatherIcons";src:url("/widget-resources/WeatherIcons.woff2");font-style:normal;font-weight:400}i.owi{display:inline-block;transform:translate(0, 0);text-rendering:auto;font-family:OpenWeatherIcons;font-style:normal;font-size:inherit;-webkit-font-smoothing:antialiased;color:var(--primary)}i.owi.owi-01d::before{content:""}i.owi.owi-01n::before{content:""}i.owi.owi-02d::before{content:""}i.owi.owi-02n::before{content:""}i.owi.owi-03d::before{content:""}i.owi.owi-03n::before{content:""}i.owi.owi-04d::before{content:""}i.owi.owi-04n::before{content:""}i.owi.owi-09d::before{content:""}i.owi.owi-09n::before{content:""}i.owi.owi-10d::before{content:""}i.owi.owi-10n::before{content:""}i.owi.owi-11d::before{content:""}i.owi.owi-11n::before{content:""}i.owi.owi-13d::before{content:""}i.owi.owi-13n::before{content:""}i.owi.owi-50d::before{content:""}i.owi.owi-50n::before{content:""}i.owi.owi-1232n::before{content:""}/*# sourceMappingURL=weather-icons.css.map */
+@font-face {
+  font-family: "OpenWeatherIcons";
+  src: url("/widget-resources/WeatherIcons.woff2");
+  font-style: normal;
+  font-weight: 400;
+}
+
+i.owi {
+  display: inline-block;
+  transform: translate(0, 0);
+  text-rendering: auto;
+  font-family: OpenWeatherIcons;
+  font-style: normal;
+  font-size: inherit;
+  -webkit-font-smoothing: antialiased;
+  color: var(--primary);
+}
+
+i.owi.owi-01d::before { content: ""; }
+i.owi.owi-01n::before { content: ""; }
+i.owi.owi-02d::before { content: ""; }
+i.owi.owi-02n::before { content: ""; }
+i.owi.owi-03d::before { content: ""; }
+i.owi.owi-03n::before { content: ""; }
+i.owi.owi-04d::before { content: ""; }
+i.owi.owi-04n::before { content: ""; }
+i.owi.owi-09d::before { content: ""; }
+i.owi.owi-09n::before { content: ""; }
+i.owi.owi-10d::before { content: ""; }
+i.owi.owi-10n::before { content: ""; }
+i.owi.owi-11d::before { content: ""; }
+i.owi.owi-11n::before { content: ""; }
+i.owi.owi-13d::before { content: ""; }
+i.owi.owi-13n::before { content: ""; }
+i.owi.owi-50d::before { content: ""; }
+i.owi.owi-50n::before { content: ""; }
+i.owi.owi-1232n::before { content: ""; }
+
+/*# sourceMappingURL=weather-icons.css.map */
Also, the static analysis hints indicate some parsing issues at the beginning of the file that may need to be checked.

🧰 Tools

🪛 Biome (1.9.4)

[error] 1-1: expected , but instead found @

Remove @

(parse)

[error] 1-1: expected , but instead found font-face

Remove font-face

(parse)
public/css/color-themes.css (2)
1-6: Review Error Message Comment Block.
The lengthy comment (lines 1–6) clearly documents an "Undefined mixin" error. Ensure that this block is intentional for debugging purposes and not left in production styles.

9-10: Remove Duplicate Font Name.
Static analysis flagged a duplicate monospace entry in the font-family. Removing the duplicate will clean up the rule.
-  font-family: "Source Code Pro", "SF Mono", Monaco, Inconsolata, "Fira Mono",
-      "Droid Sans Mono", monospace, monospace;
+  font-family: "Source Code Pro", "SF Mono", Monaco, Inconsolata, "Fira Mono",
+      "Droid Sans Mono", monospace;
🧰 Tools

🪛 Biome (1.9.4)

[error] 10-10: Duplicate font names are redundant and unnecessary: monospace

Remove duplicate font names within the property

(lint/suspicious/noDuplicateFontNames)
public/css/style-helpers.css (1)

1-2: CSS Helpers File: Minification and Maintainability.
The new CSS file correctly defines scrollbar, button, text alignment, and utility classes using CSS variables. Although minification is acceptable for production, consider using a formatted version during development to improve readability and ease future modifications.
docs/developing.md (4)
27-27: Prerequisites Tone Enhancement.
Consider using a more formal phrasing in the prerequisites section (e.g., "ensure that you have installed" instead of "ensure you've got") to elevate the documentation's tone.

🧰 Tools

🪛 LanguageTool

[style] ~27-~27: Try using a more formal synonym here to elevate your writing.
Context: ... the code, and push any changes. If you plan on running or deploying the container, you'll also...

(PLAN_ON_INTEND)

42-42: Typo Correction: "Straightforward".
The phrase "this is very straight forward" should be revised to "this is very straightforward" (one word) for improved clarity and correctness.
- ...this is very straight forward. Just run `pnpm build` ...
+ ...this is very straightforward. Just run `pnpm build` ...
🧰 Tools

🪛 LanguageTool

[grammar] ~42-~42: It appears that the verb form is incorrect or a word is missing.
Context: ...ld-time, and therefore the app needs to rebuilt for any new changes to take effect. Luc...

(HAS_TO_APPROVED_BY)

[typographical] ~42-~42: Consider adding a comma after ‘Luckily’ for more clarity.
Context: ...ilt for any new changes to take effect. Luckily this is very straight forward. Just run...

(RB_LY_COMMA)

[uncategorized] ~42-~42: The adjective or adverb “straightforward” (= easy, precise) is spelled as one word.
Context: ...es to take effect. Luckily this is very straight forward. Just run pnpm build or `docker exec ...

(STRAIGHT_FORWARD_COMPOUND)

59-59: Possessive Form Correction.
Consider updating "files within the projects root" to "files within the project's root" for correct grammatical usage.
- ...changes to any files within the projects root, and then trigger...
+ ...changes to any files within the project's root, and then trigger...
🧰 Tools

🪛 LanguageTool

[uncategorized] ~59-~59: It seems likely that a singular genitive (’s) apostrophe is missing.
Context: ...tch for changes to any files within the projects root, and then trigger a rebuild. Note ...

(AI_HYDRA_LEO_APOSTROPHE_S_XS)

184-184: Tone Refinement in the Style Guide Section.
In the style guide, consider revising "run pnpm lint to report and fix issues" to a more formal expression (e.g., "execute pnpm lint to identify and correct issues") to further enhance the documentation’s formality.

🧰 Tools

🪛 LanguageTool

[style] ~184-~184: Consider using a different verb for a more formal wording.
Context: .... You can run pnpm lint to report and fix issues. While the dev server is running...

(FIX_RESOLVE)
docs/quick-start.md (1)

138-145: Transition to PNPM for Alternative Deployment
The alternative deployment instructions now use PNPM commands (pnpm install, pnpm build, pnpm start), aligning with the overall shift in package management. Additionally, note the introductory line at 138—consider reviewing the punctuation (for example, adding a comma after [Node.js](https://nodejs.org/)) to improve clarity in the list.

🧰 Tools

🪛 LanguageTool

[uncategorized] ~138-~138: Possible missing comma found.
Context: ... app on your system without Docker. For this Git, [Node.js](...

(AI_HYDRA_LEO_MISSING_COMMA)
.github/pr-auto-comments.yml (1)
32-35: Updated Dependency File Reference and YAML Formatting
The dependency-changes snippet now targets pnpm-lock.yaml, which is consistent with the project's switch from Yarn to PNPM. However, a YAML indentation warning was reported (expected 8 spaces but found 6) on this block. Please adjust the indentation to ensure correct parsing. Consider applying the following diff:
-      files:
-      - pnpm-lock.yaml
+      files:
+        - pnpm-lock.yaml
🧰 Tools

🪛 YAMLlint (1.35.1)

[warning] 34-34: wrong indentation: expected 8 but found 6

(indentation)
.github/workflows/get-size.yml (1)
15-19: PNPM Installation – Update Deprecated Command
In the PNPM installation step, the command on line 18 currently uses the deprecated ::add-path:: syntax. Please update it to use the new GitHub Actions command as follows:
- echo "::add-path::$(pnpm bin)"
+ echo "$(pnpm bin)" >> $GITHUB_PATH
This change follows GitHub’s updated best practices for modifying the system PATH in workflows.

🧰 Tools

🪛 actionlint (1.7.4)

16-16: workflow command "add-path" was deprecated. use echo "{path}" >> $GITHUB_PATH instead: https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions

(deprecated-commands)
.github/workflows/pnpm.yml (1)
13-13: Upgrade actions/checkout to a Newer Version
Static analysis flags that using actions/checkout@v2 is outdated. Upgrading to actions/checkout@v3 would provide improved performance and better security. Consider applying the following diff:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
🧰 Tools

🪛 actionlint (1.7.4)

13-13: the runner of "actions/checkout@v2" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)
public/css/dimensions.css (1)

1-2: Introduce CSS Custom Properties for Consistent Styling
The new CSS file defines a comprehensive set of custom properties that streamline styling across the application. The definitions look correct. For improved maintainability and readability, consider formatting these properties with line breaks and optional comments.

docs/management.md (2)

772-773: Typographical Improvement Needed
The sentence “Note that the app must have been build (run pnpm build), and you need Node.js installed.” should use the past participle “built” (i.e. “... must have been built ...”) for clarity and correct grammar.

🧰 Tools

🪛 LanguageTool

[grammar] ~772-~772: Make sure that the noun ‘build’ is correct. Did you mean the past participle “built”?
Context: ...rver. Note that the app must have been build (run pnpm build`), and you need [Node....

(BE_VB_OR_NN)

906-907: Development Workflow Instructions Review
The step-by-step instructions for forking the project, installing dependencies with PNPM (pnpm dev to start development, followed by pnpm build and pnpm start) are clear. Consider a slight rephrasing for brevity if desired.

🧰 Tools

🪛 LanguageTool

[style] ~906-~906: Consider shortening or rephrasing this to strengthen your wording.
Context: ...ost:8080` in your browser. You can then make changes to the codebase, and see the live app upda...

(MAKE_CHANGES)

docs/troubleshooting.md (1)

146-146: Stylistic Suggestion for Clarity
The phrase “First of all, check that you've got PNPM installed correctly…” could be made more concise by removing the introductory adverb. This small change might improve clarity.

🧰 Tools

🪛 LanguageTool

[style] ~146-~146: Often, this adverbial phrase is redundant. Consider using an alternative.
Context: ...ub.com//issues/1)

First of all, check that you've got PNPM installed c...

(FIRST_OF_ALL)

vue.config.js (1)

110-135: Consider removing unnecessary polyfills to reduce bundle size.
While these fallbacks ensure Node modules work in the browser, they can inflate the bundle. If not all are needed, removing them could yield performance benefits.

public/css/color-palette.css (1)

1-1: Consider formatting color variables for readability.
Currently, all variables are on a single line. Splitting them into multiple lines or grouping logically can improve maintainability.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0a19c0d and c20939a.

⛔ Files ignored due to path filters (23)

pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
public/css/color-palette.css.map is excluded by !**/*.map
public/css/dimensions.css.map is excluded by !**/*.map
public/css/global-styles.css.map is excluded by !**/*.map
public/css/media-queries.css.map is excluded by !**/*.map
public/css/style-helpers.css.map is excluded by !**/*.map
public/css/typography.css.map is excluded by !**/*.map
public/css/user-defined-themes.css.map is excluded by !**/*.map
public/css/weather-icons.css.map is excluded by !**/*.map
public/css/widgets/nextcloud-shared.css.map is excluded by !**/*.map
public/widget-resources/WeatherIcons.woff2 is excluded by !**/*.woff2
src/assets/fonts/Audiowide-Regular.ttf is excluded by !**/*.ttf
src/assets/fonts/CutiveMono-Regular.ttf is excluded by !**/*.ttf
src/assets/fonts/Digital-Regular.ttf is excluded by !**/*.ttf
src/assets/fonts/FrancoisOne-Regular.ttf is excluded by !**/*.ttf
src/assets/fonts/Podkova-Medium.ttf is excluded by !**/*.ttf
src/assets/fonts/Roboto-Light.ttf is excluded by !**/*.ttf
src/assets/fonts/Shrikhand-Regular.ttf is excluded by !**/*.ttf
src/assets/fonts/Sniglet-Regular.ttf is excluded by !**/*.ttf
src/assets/fonts/VT323-Regular.ttf is excluded by !**/*.ttf
src/assets/fonts/WeatherIcons.woff2 is excluded by !**/*.woff2
src/assets/widget-resources/WeatherIcons.woff2 is excluded by !**/*.woff2
yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (52)

.devcontainer/devcontainer.json (1 hunks)
.dockerignore (1 hunks)
.eslintrc.js (1 hunks)
.github/pr-auto-comments.yml (2 hunks)
.github/workflows/dependency-updates-summary.yml (1 hunks)
.github/workflows/docker-build-publish.yml (1 hunks)
.github/workflows/get-size.yml (3 hunks)
.github/workflows/pnpm.yml (1 hunks)
.github/workflows/yarn.yml (0 hunks)
.gitignore (1 hunks)
.gitpod.yml (2 hunks)
.npmrc (1 hunks)
.vscode/tasks.json (2 hunks)
Dockerfile (2 hunks)
README.md (4 hunks)
docker/Dockerfile-arm32v7 (2 hunks)
docker/Dockerfile-arm64v8 (2 hunks)
docker/Dockerfile-lite (1 hunks)
docker/Dockerfile-old (1 hunks)
docs/configuring.md (2 hunks)
docs/credits.md (1 hunks)
docs/deployment.md (2 hunks)
docs/developing.md (3 hunks)
docs/development-guides.md (2 hunks)
docs/management.md (5 hunks)
docs/quick-start.md (2 hunks)
docs/troubleshooting.md (5 hunks)
docs/widgets.md (2 hunks)
netlify.toml (1 hunks)
package.json (3 hunks)
pnpm-workspace.yaml (1 hunks)
public/css/color-palette.css (1 hunks)
public/css/color-themes.css (1 hunks)
public/css/dimensions.css (1 hunks)
public/css/global-styles.css (1 hunks)
public/css/media-queries.css (1 hunks)
public/css/schema-editor.css (1 hunks)
public/css/style-helpers.css (1 hunks)
public/css/typography.css (1 hunks)
public/css/user-defined-themes.css (1 hunks)
public/css/weather-icons.css (1 hunks)
public/css/widgets/nextcloud-shared.css (1 hunks)
scripts/download-fonts.js (1 hunks)
scripts/update-sass.sh (1 hunks)
server.js (1 hunks)
services/rebuild-app.js (1 hunks)
src/@ (1 hunks)
src/types/global.d.ts (1 hunks)
src/types/index.ts (1 hunks)
src/types/vue-shim.d.ts (1 hunks)
tsconfig.json (2 hunks)
vue.config.js (2 hunks)

💤 Files with no reviewable changes (1)

.github/workflows/yarn.yml

🧰 Additional context used

🧬 Code Definitions (2)

scripts/download-fonts.js (2)

services/rebuild-app.js (1)

require (5-5)

vue.config.js (2)

path (1-1)

match (161-161)

vue.config.js (2)

services/rebuild-app.js (1)

require (5-5)

scripts/download-fonts.js (2)

path (3-3)

match (65-65)

🪛 Biome (1.9.4)

public/css/color-themes.css

[error] 10-10: Duplicate font names are redundant and unnecessary: monospace

Remove duplicate font names within the property

(lint/suspicious/noDuplicateFontNames)

public/css/schema-editor.css

[error] 11-11: Duplicate font names are redundant and unnecessary: monospace

Remove duplicate font names within the property

(lint/suspicious/noDuplicateFontNames)

vue.config.js

[error] 24-24: Use a regular expression literal instead of the RegExp constructor.

Regular expression literals avoid some escaping required in a string literal, and are easier to analyze statically.
Safe fix: Use a literal notation instead.

(lint/complexity/useRegexLiterals)

[error] 325-325: Change to an optional chain.

Unsafe fix: Change to an optional chain.

(lint/complexity/useOptionalChain)

[error] 340-340: Change to an optional chain.

Unsafe fix: Change to an optional chain.

(lint/complexity/useOptionalChain)

public/css/weather-icons.css

[error] 1-1: expected , but instead found @

Remove @

(parse)

[error] 1-1: expected , but instead found font-face

Remove font-face

(parse)

🪛 GitHub Actions: Dependency Updates Summary

docker/Dockerfile-lite

[error] 10-10: Error installing octokit: public_suffix requires Ruby version >= 3.0. The current ruby version is 2.7.8.225.