feat: implement real-time event streaming

[davidemarcoli]

Summary by CodeRabbit

• New Features
  • Live Events Page: Enjoy a dynamic interface with real-time event updates, animated transitions, and clear connection status badges.
  • Enhanced Real-Time Connectivity: Experience smoother and more reliable live notifications with improved backend communication.
  • WebSocket Integration: New WebSocket handling functionality for better event management and communication.
  • API Key Support: Added support for API key authentication in WebSocket connections.
  • New Dependencies: Expanded project capabilities with additional libraries for enhanced functionality.
  • Build Process Improvement: New script added to streamline the build process.
  • Environment Variable Update: Introduction of a new API key variable for configuration.

[coderabbitai]

📝 Walkthrough

Walkthrough

This update adds a new environment variable (API_KEY) to the configuration and updates the package manifest with a new script and additional dependencies for WebSocket support. A WebSocket handler function is introduced to manage bidirectional communication between clients and a native WebSocket server while incorporating the new API key. A new React component is also added to establish and manage a WebSocket connection for event updates, including status tracking and reconnect logic.

Changes

File(s)	Change Summary
.env.example	Added new API_KEY in the environment file.
package.json	Updated package configuration by adding "prepare": "next-ws patch" script and new dependencies: @formkit/auto-animate, @leo1305/custom-next-ws, @types/ws, and @radix-ui/react-toast. Also added new dev dependency: @trivago/prettier-plugin-sort-imports.
src/app/api/ws/[topic]/socket/route.ts	Introduced a new WebSocket handler function (SOCKET) to manage connection, message forwarding, and errors.
src/app/events/page.tsx	Added a new React component (EventsPage) that manages a WebSocket connection with status updates and reconnection logic.

Sequence Diagram(s)

sequenceDiagram
    participant Client
    participant WS_Route as "API WS Route"
    participant WS_Server as "Native WS Server"
    
    Client->>WS_Route: Connect (includes topic & API_KEY)
    WS_Route->>WS_Server: Establish native connection (convert URL)
    WS_Server-->>WS_Route: Confirm connection
    WS_Route-->>Client: Notify connection established

    Client->>WS_Route: Send message
    WS_Route->>WS_Server: Forward message
    WS_Server-->>WS_Route: Return response
    WS_Route-->>Client: Forward response

    Client->>WS_Route: Close connection
    WS_Route->>WS_Server: Close native connection
    WS_Server-->>WS_Route: Confirm closure
    WS_Route-->>Client: Notify closure

Loading

sequenceDiagram
    participant EventsPage as "EventsPage Component"
    participant WS_Route as "API WS Route"
    
    EventsPage->>WS_Route: Open WebSocket connection
    WS_Route-->>EventsPage: Confirm connection
    EventsPage->>EventsPage: Update status to "Connected"
    
    WS_Route-->>EventsPage: Send event updates
    EventsPage->>EventsPage: Parse and update UI
    
    alt On connection error or close
        EventsPage->>EventsPage: Update to "Disconnected" or "Error"
        EventsPage->>WS_Route: Attempt reconnection after delay
    end

Loading

✨ Finishing Touches

• 📝 Generate Docstrings (Beta)

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 9

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1614cca and 96dbf7a.

⛔ Files ignored due to path filters (1)

• bun.lockb is excluded by !**/bun.lockb

📒 Files selected for processing (4)

• .env.example (1 hunks)
• package.json (3 hunks)
• src/app/api/ws/[topic]/socket/route.ts (1 hunks)
• src/app/events/page.tsx (1 hunks)

🔇 Additional comments (1)

package.json (1)

34-35:

❌ Incorrect review comment

Update React version.

React version 19.0.0 is outdated and might have compatibility issues with other dependencies.

---

🌐 Web query:

What is the latest stable version of React?

💡 Result:

The latest stable version of React is 19.0.0, released on December 5, 2024[1][3][4][5]. This version introduced major features like Actions, new hooks (useActionState, useFormStatus, useOptimistic), Server Components/Server Actions, and improved Context API[3][5].

Key details about React 19:

• Requires the New JSX Transform for optimizations like ref-as-prop support[5]
• Removed deprecated APIs including string refs and legacy context[5]
• Added error handling improvements through onUncaughtError/onCaughtError root methods[5]
• Introduced pre-warming for Suspense trees and new static DOM APIs[4]

Developers are advised to upgrade via React's official migration guide[4], first testing with React 18.3.x to identify compatibility issues before moving to v19[1][5]. The previous long-term support version was React 18 (last update: 18.3.1 in April 2024)[1][5].

Citations:

• 1: https://endoflife.date/react
• 2: https://reactnative.dev/versions
• 3: https://en.wikipedia.org/wiki/React_(software)
• 4: https://react.dev/blog/2024/12/05/react-19
• 5: https://github.com/facebook/react/releases
• 6: https://react.dev/versions
• 7: https://legacy.reactjs.org/versions/
• 8: https://www.npmjs.com/package/react?activeTab=versions
• 9: https://www.npmjs.com/package/react

---

React version is up-to-date.
The specified "react": "19.0.0" and "react-dom": "19.0.0" in your package.json are already aligned with the latest stable release of React (v19.0.0). The suggestion to update the version stems from outdated information. No changes to the React version are needed.

Likely an incorrect or invalid review comment.

[coderabbitai]

⚠️ Potential issue

Add input validation for topic parameter.

The topic parameter is used directly without validation, which could lead to security vulnerabilities.

Add input validation to prevent injection attacks and ensure the topic follows expected format:

 export function SOCKET(
     client: import('ws').WebSocket,
     request: import('http').IncomingMessage,
     server: import('ws').WebSocketServer,
     { params }: { params: { topic: string } }
 ) {
+    // Validate topic parameter
+    if (!/^[a-zA-Z0-9_-]+$/.test(params.topic)) {
+        client.close(1008, 'Invalid topic format');
+        return;
+    }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	export function SOCKET(
	client: import('ws').WebSocket,
	request: import('http').IncomingMessage,
	server: import('ws').WebSocketServer,
	{ params }: { params: { topic: string } }
	) {
	export function SOCKET(
	client: import('ws').WebSocket,
	request: import('http').IncomingMessage,
	server: import('ws').WebSocketServer,
	{ params }: { params: { topic: string } }
	) {
	// Validate topic parameter
	if (!/^[a-zA-Z0-9_-]+$/.test(params.topic)) {
	client.close(1008, 'Invalid topic format');
	return;
	}
	// ... rest of the function implementation
	}

[coderabbitai]

⚠️ Potential issue

Implement error handling for WebSocket connection.

The native WebSocket connection lacks proper error handling for connection failures and invalid API key responses.

Add error handling for the native WebSocket connection:

-    const nativeWebSocket = new WebSocket(`${websocketUrl}/api/v1/ws/${params.topic}?api_key=${apiKey}`)
+    const nativeWebSocket = new WebSocket(`${websocketUrl}/api/v1/ws/${params.topic}?api_key=${apiKey}`)
+
+    // Add connection timeout
+    const connectionTimeout = setTimeout(() => {
+        if (nativeWebSocket.readyState !== WebSocket.OPEN) {
+            nativeWebSocket.close();
+            client.close(1006, 'Connection timeout');
+        }
+    }, 5000);
+
+    nativeWebSocket.onopen = () => {
+        clearTimeout(connectionTimeout);
+    }

     client.onmessage = (message) => {
+        if (nativeWebSocket.readyState !== WebSocket.OPEN) {
+            client.close(1006, 'Backend connection lost');
+            return;
+        }
         nativeWebSocket.send(message.data.toString())
     }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const nativeWebSocket = new WebSocket(`${websocketUrl}/api/v1/ws/${params.topic}?api_key=${apiKey}`)
	client.onmessage = (message) => {
	nativeWebSocket.send(message.data.toString())
	}
	nativeWebSocket.onmessage = (message) => {
	client.send(message.data)
	}
	const nativeWebSocket = new WebSocket(`${websocketUrl}/api/v1/ws/${params.topic}?api_key=${apiKey}`)
	// Add connection timeout
	const connectionTimeout = setTimeout(() => {
	if (nativeWebSocket.readyState !== WebSocket.OPEN) {
	nativeWebSocket.close();
	client.close(1006, 'Connection timeout');
	}
	}, 5000);
	nativeWebSocket.onopen = () => {
	clearTimeout(connectionTimeout);
	}
	client.onmessage = (message) => {
	if (nativeWebSocket.readyState !== WebSocket.OPEN) {
	client.close(1006, 'Backend connection lost');
	return;
	}
	nativeWebSocket.send(message.data.toString())
	}
	nativeWebSocket.onmessage = (message) => {
	client.send(message.data)
	}

[coderabbitai]

🛠️ Refactor suggestion

Enhance error handling and logging.

The error handling is basic and might miss important error details.

Improve error handling with more detailed logging:

     nativeWebSocket.onerror = (error) => {
-        console.error('WebSocket error:', error)
+        const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+        console.error('WebSocket error:', {
+            error: errorMessage,
+            topic: params.topic,
+            timestamp: new Date().toISOString()
+        });
+        client.close(1006, errorMessage);
     }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	nativeWebSocket.onerror = (error) => {
	console.error('WebSocket error:', error)
	}
	nativeWebSocket.onerror = (error) => {
	const errorMessage = error instanceof Error ? error.message : 'Unknown error';
	console.error('WebSocket error:', {
	error: errorMessage,
	topic: params.topic,
	timestamp: new Date().toISOString()
	});
	client.close(1006, errorMessage);
	}

[coderabbitai]

⚠️ Potential issue

Add error handling for JSON parsing.

JSON parsing errors are not handled, which could crash the application.

Add error handling for JSON parsing:

     websocket.onmessage = (event) => {
+        try {
             const data = JSON.parse(event.data)
             setEvents(data.data)
+        } catch (error) {
+            console.error('Failed to parse WebSocket message:', error);
+            setStatus('Error');
+        }
     }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	websocket.onmessage = (event) => {
	const data = JSON.parse(event.data)
	setEvents(data.data)
	}
	websocket.onmessage = (event) => {
	try {
	const data = JSON.parse(event.data)
	setEvents(data.data)
	} catch (error) {
	console.error('Failed to parse WebSocket message:', error);
	setStatus('Error');
	}
	}

[coderabbitai]

🛠️ Refactor suggestion

Improve reconnection logic.

The current reconnection logic is incomplete and might lead to infinite reconnection attempts.

Implement a more robust reconnection strategy:

+    const [reconnectAttempts, setReconnectAttempts] = useState(0);
+    const MAX_RECONNECT_ATTEMPTS = 5;
+
     websocket.onclose = () => {
         setStatus('Disconnected')
         console.log('Disconnected from WebSocket')
 
-        // Attempt to reconnect after 3 seconds
+        if (reconnectAttempts < MAX_RECONNECT_ATTEMPTS) {
+            const delay = Math.min(1000 * Math.pow(2, reconnectAttempts), 30000);
             setTimeout(() => {
                 setStatus('Reconnecting...')
-            }, 3000)
+                setReconnectAttempts(prev => prev + 1);
+                // Trigger reconnection here
+            }, delay)
+        } else {
+            setStatus('Connection Failed');
+            console.error('Max reconnection attempts reached');
+        }
     }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	websocket.onclose = () => {
	setStatus('Disconnected')
	console.log('Disconnected from WebSocket')
	// Attempt to reconnect after 3 seconds
	setTimeout(() => {
	setStatus('Reconnecting...')
	}, 3000)
	}
	const [reconnectAttempts, setReconnectAttempts] = useState(0);
	const MAX_RECONNECT_ATTEMPTS = 5;
	websocket.onclose = () => {
	setStatus('Disconnected')
	console.log('Disconnected from WebSocket')
	if (reconnectAttempts < MAX_RECONNECT_ATTEMPTS) {
	const delay = Math.min(1000 * Math.pow(2, reconnectAttempts), 30000);
	setTimeout(() => {
	setStatus('Reconnecting...')
	setReconnectAttempts(prev => prev + 1);
	// Trigger reconnection here
	}, delay)
	} else {
	setStatus('Connection Failed');
	console.error('Max reconnection attempts reached');
	}
	}

[coderabbitai]

🛠️ Refactor suggestion

Strengthen API key security.

The example API key is too simple and predictable. While this is just an example file, it might lead developers to use similarly weak keys in production.

Replace with a more secure example and add guidelines:

-API_KEY=1234567890
+# API_KEY should be a secure random string of at least 32 characters
+API_KEY=example_7d4e3s2n8j9k4m5n7p9w3k4m5n7p9w3k

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	API_KEY=1234567890
	# API_KEY should be a secure random string of at least 32 characters
	API_KEY=example_7d4e3s2n8j9k4m5n7p9w3k4m5n7p9w3k

[coderabbitai]

🛠️ Refactor suggestion

Remove unused Socket.IO dependencies.

The implementation uses native WebSocket (ws), but Socket.IO dependencies are also included.

Remove unused Socket.IO dependencies:

-        "socket.io": "^4.8.1",
-        "socket.io-client": "^4.8.1",

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	"socket.io": "^4.8.1",
	"socket.io-client": "^4.8.1",

[coderabbitai]

Actionable comments posted: 5

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 96dbf7a and a75d537.

⛔ Files ignored due to path filters (1)

• bun.lockb is excluded by !**/bun.lockb

📒 Files selected for processing (2)

• package.json (3 hunks)
• src/app/events/page.tsx (1 hunks)

🔇 Additional comments (4)

src/app/events/page.tsx (2)

49-53: Add error handling for JSON parsing.

JSON parsing errors are not handled, which could crash the application.

---

67-72: Enhance status indicators.

The status indicators could be more informative for users.

package.json (2)

14-14: Clarify the purpose of the generate-client script.

The purpose and usage of the openapi-ts command in the generate-client script is unclear.

Could you provide more information about:

1. The OpenAPI specification file location?
2. The generated client's purpose and usage?
3. When this script should be run?

---

37-38: Remove unused Socket.IO dependencies.

The implementation uses native WebSocket (ws), but Socket.IO dependencies are also included.

[coderabbitai]

🧹 Nitpick (assertive)

Configure WebSocket URL based on environment.

The WebSocket URL is hardcoded which could cause issues in different environments (development, staging, production).

Consider using environment variables:

+const WS_URL = process.env.NEXT_PUBLIC_WS_URL || '/api/ws/event_update/socket'
+
 function getNewWebSocket() {
-    return new WebSocket('/api/ws/event_update/socket')
+    return new WebSocket(WS_URL)
 }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	function getNewWebSocket() {
	return new WebSocket('/api/ws/event_update/socket')
	}
	const WS_URL = process.env.NEXT_PUBLIC_WS_URL || '/api/ws/event_update/socket'
	function getNewWebSocket() {
	return new WebSocket(WS_URL)
	}

[coderabbitai]

🧹 Nitpick (assertive)

Add initial connecting state.

The component lacks a visual indicator for the initial connection attempt.

Add a connecting state:

 <div className='absolute top-4 right-4'>
+    {status === 'Connecting...' && (
+        <Badge variant={'secondary'}>
+            <span className="animate-pulse">Connecting...</span>
+        </Badge>
+    )}
     {status === 'Connected' && <Badge variant={'secondary'}>Connected</Badge>}
     {status === 'Disconnected' && <Badge variant={'destructive'}>Disconnected</Badge>}
     {status === 'Reconnecting...' && <Badge variant={'gray'}>Reconnecting...</Badge>}
     {status === 'Error' && <Badge variant={'destructive'}>Error</Badge>}
 </div>

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	<div className='absolute top-4 right-4'>
	{status === 'Connected' && <Badge variant={'secondary'}>Connected</Badge>}
	{status === 'Disconnected' && <Badge variant={'destructive'}>Disconnected</Badge>}
	{status === 'Reconnecting...' && <Badge variant={'gray'}>Reconnecting...</Badge>}
	{status === 'Error' && <Badge variant={'destructive'}>Error</Badge>}
	</div>
	<div className='absolute top-4 right-4'>
	{status === 'Connecting...' && (
	<Badge variant={'secondary'}>
	<span className="animate-pulse">Connecting...</span>
	</Badge>
	)}
	{status === 'Connected' && <Badge variant={'secondary'}>Connected</Badge>}
	{status === 'Disconnected' && <Badge variant={'destructive'}>Disconnected</Badge>}
	{status === 'Reconnecting...' && <Badge variant={'gray'}>Reconnecting...</Badge>}
	{status === 'Error' && <Badge variant={'destructive'}>Error</Badge>}
	</div>

[coderabbitai]

🧹 Nitpick (assertive)

Enhance WebSocket cleanup.

The cleanup function could be more robust by handling additional edge cases.

Consider enhancing the cleanup:

 return () => {
     if (websocket) {
+        // Remove all event listeners to prevent memory leaks
+        websocket.onclose = null;
+        websocket.onerror = null;
+        websocket.onmessage = null;
+        websocket.onopen = null;
+
+        // Only close if the connection is still open
+        if (websocket.readyState === WebSocket.OPEN) {
             websocket.close()
+        }
     }
 }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	return () => {
	if (websocket) {
	websocket.close()
	}
	}
	return () => {
	if (websocket) {
	// Remove all event listeners to prevent memory leaks
	websocket.onclose = null;
	websocket.onerror = null;
	websocket.onmessage = null;
	websocket.onopen = null;
	// Only close if the connection is still open
	if (websocket.readyState === WebSocket.OPEN) {
	websocket.close()
	}
	}
	}

[coderabbitai]

🧹 Nitpick (assertive)

Enhance accessibility.

The list elements could benefit from improved accessibility attributes.

Add ARIA attributes and semantic markup:

-<ul ref={itemsRef} className='flex flex-wrap space-y-4 space-x-4'>
+<ul ref={itemsRef} 
+    className='flex flex-wrap space-y-4 space-x-4'
+    role="list"
+    aria-label={`Events for ${key}`}>
     {value.map((event) => (
-        <li key={event} className='list-none'>
+        <li key={event} 
+            className='list-none'
+            role="listitem">
             <div className='rounded-lg border-2 border-black p-4 dark:border-white'>
-                <p>{event}</p>
+                <p role="text">{event}</p>
             </div>
         </li>
     ))}
 </ul>

Committable suggestion skipped: line range outside the PR's diff.

[coderabbitai]

🧹 Nitpick (assertive)

Use more specific version constraints.

The caret (^) version range could lead to unexpected breaking changes.

Consider using exact versions or tilde (~) for minor updates:

-        "@formkit/auto-animate": "^0.8.2",
-        "@leo1305/custom-next-ws": "^1.0.0",
-        "@types/ws": "^8.5.14",
-        "ws": "^8.18.0",
+        "@formkit/auto-animate": "~0.8.2",
+        "@leo1305/custom-next-ws": "1.0.0",
+        "@types/ws": "~8.5.14",
+        "ws": "~8.18.0",

Also applies to: 20-20, 26-26, 42-42

[coderabbitai]

Actionable comments posted: 7

🔭 Outside diff range comments (1)

.env.example (1)

1-4: 🧹 Nitpick (assertive)

Add documentation for environment variables.

The environment variables lack descriptions and validation rules.

Add documentation for each variable:

+# Database connection URL
 POSTGRES_URL=postgres://postgres:postgres@localhost:5432/forge
+
+# Backend service URL (required)
+# Format: http://hostname:port
 BACKEND_URL=http://localhost:8080
+
+# API key for WebSocket authentication (required)
+# Must be a secure random string of at least 32 characters
 API_KEY=1234567890

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 569f968 and 13aa666.

📒 Files selected for processing (4)

• .env.example (1 hunks)
• package.json (1 hunks)
• src/app/api/ws/[topic]/socket/route.ts (1 hunks)
• src/app/events/page.tsx (1 hunks)

[coderabbitai]

🧹 Nitpick (assertive)

Enhance logging with structured data.

Basic console logging doesn't provide enough context for production monitoring.

Add structured logging with relevant metadata:

-    console.log('A client connected')
+    console.log('WebSocket client connected', {
+        topic: params.topic,
+        timestamp: new Date().toISOString(),
+        clientId: request.headers['x-client-id'] || 'unknown'
+    })

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	console.log('A client connected')
	console.log('WebSocket client connected', {
	topic: params.topic,
	timestamp: new Date().toISOString(),
	clientId: request.headers['x-client-id'] || 'unknown'
	})

[coderabbitai]

⚠️ Potential issue

Add message size validation.

The code forwards messages without validating their size, which could lead to memory issues.

Add message size validation:

     client.onmessage = (message) => {
+        const MAX_MESSAGE_SIZE = 1024 * 1024; // 1MB
+        if (message.data.length > MAX_MESSAGE_SIZE) {
+            client.close(1009, 'Message too large');
+            return;
+        }
         nativeWebSocket.send(message.data.toString())
     }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	client.onmessage = (message) => {
	nativeWebSocket.send(message.data.toString())
	}
	client.onmessage = (message) => {
	const MAX_MESSAGE_SIZE = 1024 * 1024; // 1MB
	if (message.data.length > MAX_MESSAGE_SIZE) {
	client.close(1009, 'Message too large');
	return;
	}
	nativeWebSocket.send(message.data.toString())
	}

[coderabbitai]

⚠️ Potential issue

Add validation for required environment variables.

The code assumes BACKEND_URL and API_KEY environment variables are available but doesn't validate their presence.

Add environment variable validation:

 const websocketUrl = (env.BACKEND_URL || 'http://localhost:8080').replace(/^http/, 'ws')
-const apiKey = env.API_KEY
+const apiKey = env.API_KEY
+if (!apiKey) {
+    throw new Error('API_KEY environment variable is required')
+}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const websocketUrl = (env.BACKEND_URL || 'http://localhost:8080').replace(/^http/, 'ws')
	const apiKey = env.API_KEY
	const websocketUrl = (env.BACKEND_URL || 'http://localhost:8080').replace(/^http/, 'ws')
	const apiKey = env.API_KEY
	if (!apiKey) {
	throw new Error('API_KEY environment variable is required')
	}

[coderabbitai]

🧹 Nitpick (assertive)

Consider using a reducer for complex state management.

Multiple related state variables could be better managed using useReducer.

Consider refactoring to use useReducer:

-    const [events, setEvents] = useState<EventData | undefined>()
-    const [status, setStatus] = useState('Disconnected')
-    const [ws, setWs] = useState<WebSocket | undefined>()
+    const [state, dispatch] = useReducer(reducer, {
+        events: undefined,
+        status: 'Disconnected',
+        ws: undefined
+    })

Committable suggestion skipped: line range outside the PR's diff.

[coderabbitai]

🛠️ Refactor suggestion

Add loading state timeout.

The loading state could persist indefinitely if the WebSocket connection fails.

Add a timeout for the loading state:

+    const LOADING_TIMEOUT = 10000; // 10 seconds
+    useEffect(() => {
+        if (events === undefined) {
+            const timer = setTimeout(() => {
+                setStatus('Error');
+                setEvents(null);
+            }, LOADING_TIMEOUT);
+            return () => clearTimeout(timer);
+        }
+    }, [events]);
+
     return (
         <>
             <div className='container mx-auto p-6'>
                 {events === undefined && <h1 className='text-xl font-bold'>Loading...</h1>}
                 {events === null && <h1 className='text-xl font-bold text-red-600'>Error</h1>}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	{events === undefined && <h1 className='text-xl font-bold'>Loading...</h1>}
	{events === null && <h1 className='text-xl font-bold text-red-600'>Error</h1>}
	const LOADING_TIMEOUT = 10000; // 10 seconds
	useEffect(() => {
	if (events === undefined) {
	const timer = setTimeout(() => {
	setStatus('Error');
	setEvents(null);
	}, LOADING_TIMEOUT);
	return () => clearTimeout(timer);
	}
	}, [events]);
	return (
	<>
	<div className='container mx-auto p-6'>
	{events === undefined && <h1 className='text-xl font-bold'>Loading...</h1>}
	{events === null && <h1 className='text-xl font-bold text-red-600'>Error</h1>}
	{/* Other component content */}
	</div>
	</>
	);

[coderabbitai]

🛠️ Refactor suggestion

Remove duplicate import sorting plugins.

Two different import sorting plugins are included:

• @ianvs/prettier-plugin-sort-imports
• @trivago/prettier-plugin-sort-imports

Choose one plugin to avoid conflicts:

         "@hey-api/openapi-ts": "^0.64.1",
         "@ianvs/prettier-plugin-sort-imports": "^4.4.1",
         "@next/bundle-analyzer": "^15.1.6",
         "@next/eslint-plugin-next": "^15.1.6",
-        "@trivago/prettier-plugin-sort-imports": "^5.2.2",
         "@types/bcryptjs": "^2.4.6",

Also applies to: 53-53

[coderabbitai]

⚠️ Potential issue

❓ Verification inconclusive

Update React version to match Next.js requirements.

The React version (19.0.0) is outdated and may not be compatible with Next.js 15.

---

🌐 Web query:

What is the compatible React version for Next.js 15?

💡 Result:

Next.js 15's compatible React version depends on which routing system you use:

App Router
Requires React 19+ (RC or stable) due to architectural dependencies on new React features like Actions and Async Components[1][4][6]. Attempting to use React 18 with App Router will cause compatibility issues[1][6].

Pages Router
Supports React 18+ with backward compatibility maintained in Next.js 15[4][6]. This allows gradual migration paths for legacy projects[1][4].

---

Key Details

Aspect	App Router	Pages Router
React Version	19+ (mandatory)	18+ (supported)
Stability	Requires RC/stable¹	Fully stable
Mixed Usage	Not recommended²	N/A

¹React 19 reached stable status in Next.js 15.1[5]
²Combining App Router (React 19) and Pages Router (React 18) in one project risks inconsistent behavior[4]

---

Migration Considerations

• New projects using App Router must adopt React 19[1][4]
• Legacy projects can stay on Pages Router + React 18 while upgrading Next.js core[4][6]
• Critical dependencies not supporting React 19 may block App Router adoption[1][6]

The architecture split reflects Vercel's strategy to push React innovations through App Router while maintaining enterprise stability via Pages Router[1][4]. Developers should choose based on project requirements: bleeding-edge features vs dependency stability[1][4].

Citations:

• 1: https://www.wisp.blog/blog/can-nextjs-15-app-router-be-used-with-react-18
• 2: https://nextjs.org/blog/next-15-rc
• 3: https://www.syncfusion.com/blogs/post/whats-new-in-next-js-15-rc
• 4: https://nextjs.org/blog/next-15
• 5: https://nextjs.org/blog/next-15-1
• 6: Can React 18 be used with Next.js version 15? vercel/next.js#72795
• 7: https://www.youtube.com/watch?v=fqabW3WRUbw
• 8: https://ui.shadcn.com/docs/react-19
• 9: https://nextjs.org/docs/app/building-your-application/upgrading/version-15
• 10: https://nextjs.org/docs/messages/react-version

---

React Version Compatibility – Verify Your Next.js Routing Setup

The current React version is set to 19.0.0 in package.json which aligns with Next.js 15's requirements if you are using the App Router (which mandates React 19+). However, if your project relies on the Pages Router, you should consider downgrading to React 18 to ensure optimal compatibility and stability.

• Confirm which routing system your project uses.
• If using the App Router, you can keep React 19.0.0.
• If using the Pages Router, update React to version 18.x accordingly.