Dashboard

[adhyayan-ai]

• Fixed Strapi CORS Issue
• Fixed Auth Issues
• Fixed Next Vulnerabilities

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
7419tech	Ready	Preview, Comment	Jan 14, 2026 7:56pm

[Copilot]

Pull request overview

This pull request implements fixes for Strapi CORS, authentication issues, and Next.js vulnerabilities. The main changes include refactoring the Supabase client to remove singleton pattern, simplifying the auth context implementation, improving login page UX with redirect logic, upgrading Next.js from 15.0.3 to 15.5.9, and updating Strapi CMS URLs across the application. The entire strapi-cms-v2 directory has been deleted and moved to a separate repository.

• Removed Supabase client singleton pattern for simpler implementation
• Refactored AuthContext to remove caching and timeout logic
• Added authenticated user redirect logic to login page
• Updated Next.js and dependencies to address security vulnerabilities
• Changed Strapi CMS instance URLs throughout the application

Reviewed changes

Copilot reviewed 41 out of 51 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
strapi-cms-v2/*	Entire Strapi CMS v2 directory deleted (moved to separate repo)
src/lib/supabase/client.ts	Simplified client creation by removing singleton pattern
src/lib/strapi/client.ts	Updated Strapi instance URLs
src/contexts/AuthContext.tsx	Major refactoring: removed caching, timeouts, and simplified state management
src/components/NavHeader.tsx	Improved loading state UI with spinner
src/components/AuthNavHeader.tsx	Improved loading state UI with spinner
src/app/auth/signup/page.tsx	Updated to use getSupabaseClient instead of createClient
src/app/auth/login/page.tsx	Added redirect logic for authenticated users and improved UX
src/app/admin/cms/CMSAccessClient.tsx	Updated Strapi URLs
package.json	Upgraded Next.js from 15.0.3 to 15.5.9 and updated dependencies
package-lock.json	Dependency lock file updates
next.config.js	Updated Strapi hostnames for image domains
.gitignore	Added strapi-cms-v2 directory to ignore list

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The Supabase client is now created on every call without environment variable validation. If the environment variables are undefined, this will fail silently or cause runtime errors. Consider adding validation to fail early with a clear error message during initialization.

Suggested change

	export function createClient() {
	return createBrowserClient<Database>(
	process.env.NEXT_PUBLIC_SUPABASE_URL!,
	process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!
	)
	const SUPABASE_URL = process.env.NEXT_PUBLIC_SUPABASE_URL
	const SUPABASE_ANON_KEY = process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY
	if (!SUPABASE_URL) {
	throw new Error('Environment variable NEXT_PUBLIC_SUPABASE_URL is not set.')
	}
	if (!SUPABASE_ANON_KEY) {
	throw new Error('Environment variable NEXT_PUBLIC_SUPABASE_ANON_KEY is not set.')
	}
	export function createClient() {
	return createBrowserClient<Database>(SUPABASE_URL, SUPABASE_ANON_KEY)

[Copilot]

The auth context now creates a new Supabase client on every render using useMemo with an empty dependency array. This could lead to inconsistent behavior if the environment variables change. Consider creating the client outside the component or ensuring proper memoization.

[Copilot]

The login page now has a default redirect to '/dashboard' instead of '/'. This could cause issues if the dashboard page doesn't exist or if unauthenticated users are redirected there. Verify that the dashboard route is properly protected.

Suggested change

	const redirectTo = searchParams.get('redirectTo') || '/dashboard'
	const redirectTo = searchParams.get('redirectTo') || '/'