All checks were successful
Deploy blog-frontend / build-and-deploy (push) Successful in 2m10s
7.3 KiB
7.3 KiB
LOG.md
2026-05-28
- Created
AGENTS.mdwith repository-specific coding-agent guidance for the Next.js blog frontend. - Updated
AGENTS.mdto require recording completed work inLOG.mdfor each task. - Validation: confirmed
AGENTS.mdcontent and checked repository status with a one-off safe-directory git option. - Started the renewal plan by adding an
/admindashboard entry point with admin-only route guarding, post/category summary widgets, and quick access to writing. - Updated
TopHeaderto show관리자 설정and새 글only after auth hydration confirms an admin role. - Renamed the post detail loading file from
loding.tsxtoloading.tsx, gated React Query Devtools to development mode, and addedPostSaveRequestfor post create/update APIs. - Validation: ran
npm cisuccessfully after rerunning outside the sandbox due npm cache permissions; targeted ESLint passed for the new admin/header/API/type files;npm run buildpassed; verified/adminredirects unauthenticated users to/loginin the in-app browser on local port 3100.npm run lintstill fails on existing baseline issues across the repo, mostlyanyusage, React Compilerset-state-in-effectfindings, and arequire()intailwind.config.ts. - Updated
AGENTS.mdso future task wrap-ups must include the recommended next task inLOG.md. - Next task: proceed with renewal Phase 2 by removing profile/category admin editing controls from
Sidebarand moving those flows into/admintabs or dedicated admin components. - Continued renewal Phase 2 by reducing
Sidebarto public navigation only: profile display, search, archive, category links, and social links remain; profile edit modal and category create/delete/move controls were removed. - Added
/adminprofile and category management panels with profile image upload, profile save, category creation, rename, parent move, and guarded delete confirmation flows using the existing API wrappers. - Validation: targeted ESLint passed for the changed admin/sidebar files;
npm run buildpassed, with the existing sitemap backend connection warning logged asECONNREFUSED;npm run lintstill fails on the known baseline issues outside this task; local dev server on port 3100 returned HTTP 200 for/admin. - Next task: proceed with renewal Phase 3 by adding an admin posts management view with searchable post rows, edit links, and a non-browser-confirm delete flow.
- Continued renewal Phase 3 by adding an
/admin게시글 관리 panel with keyword search, sort controls, pagination, view/edit actions, and an in-app delete confirmation dialog that invalidates post queries after deletion. - Added
PageMetaand expandedPostListResponseso admin and dashboard counts can handle either top-level pagination fields or a nestedpageobject from the backend. - Validation: installed dependencies with
npm ci; targeted ESLint passed forAdminPostsPanel,/admin, and shared types;tsc --noEmitpassed;next build --webpackpassed with the existing sitemap fetchEPERMwarning. The defaultnpm run buildTurbopack run hung during optimization and was terminated; fullnpm run lintstill fails on known baseline issues outside this task. Local dev server on port 3100 returned HTTP 200 for/adminand redirected unauthenticated browser access to/login. - Next task: continue Phase 3 by tightening the write/edit flow under the admin experience, including replacing remaining browser
alert/confirmusage in post detail/write flows with in-app dialogs or toast patterns. - Added a Next.js
src/proxy.tsHTTPS enforcement layer that redirects non-local HTTP requests to HTTPS, respectsX-Forwarded-Proto/X-Forwarded-Hostto avoid reverse-proxy redirect loops, and adds HSTS on non-local HTTPS responses. - Validation: targeted ESLint passed for
src/proxy.tsand the existing changed admin/type files;tsc --noEmitpassed;next build --webpackpassed with the existing sitemap fetchEPERMwarning. Curl checks confirmedHost: blog.wypark.meover HTTP returns301 Location: https://blog.wypark.me/archive,X-Forwarded-Proto: httpsreturns200with HSTS, and127.0.0.1local HTTP remains200. Fullnpm run lintstill fails on the known baseline issues outside this task. - Next task: mirror the HTTPS redirect at the outer reverse proxy/load balancer as infrastructure defense-in-depth, then continue Phase 3 write/edit flow cleanup.
- Completed the admin function move by extracting the post editor into
AdminPostEditor, adding/admin/posts/newand/admin/posts/[slug]/edit, turning legacy/writeinto a compatibility redirect, and updating header/admin/post links to the new admin routes. - Removed direct post edit/delete controls from the public post detail page and moved admin comment deletion into a new
/admincomments panel backed by typedAdminCommentresponses. - Updated
npm run buildto usenext build --webpackso Docker/CI uses the build mode that passes locally instead of the default Turbopack build that previously hung. - Validation: targeted ESLint passed for changed admin/write/comment/post/header/API/type/proxy files with one existing
<img>warning inPostDetailClient;tsc --noEmitpassed;npm run buildpassed with the existing sitemap fetchEPERMwarning; local dev server on port 3100 returned HTTP 200 for/admin/posts/new,/admin/posts/sample/edit, and/write. Fullnpm run lintstill fails on known baseline issues outside this task. - Next task: continue with non-design quality work by cleaning the remaining lint baseline (
src/api/http.ts, category/archive/home/login/signup/comment form/list, Markdown renderer, TOC, auth store, and Tailwind config). - Split admin management into dedicated routes under a shared guarded admin shell:
/admin/posts,/admin/comments,/admin/categories, and/admin/profile;/adminis now a dashboard only. - Added admin dashboard recent comments and total comments widgets, plus defensive
getAdminCommentsnormalization for possibleauthor,postSlug, andpostTitleresponse aliases. - Enhanced admin post management with category filtering, direct page-number navigation, current-page row selection, and bulk delete via the existing single-delete API.
- Added login return handling with
/login?redirect=..., kept/writeas the chosen legacy compatibility redirect, and documented these decisions indocs/renewal-plan.md. - Validation: unauthenticated live-server request to
https://blogserver.wypark.me/api/admin/comments?page=0&size=1returned HTTP 403 with an empty body, so exact admin comment fields still require an authenticated admin token/session; targeted ESLint passed for the changed admin/login/comment API files;npx tsc --noEmitpassed;npm run buildpassed with the existing sitemap fetchEPERMwarning; fullnpm run lintstill fails on known baseline issues outside this task; local dev route checks returned HTTP 200 for/admin,/admin/posts,/admin/comments,/admin/categories, and/login?redirect=%2Fadmin%2Fcomments; in-app browser verification confirmed/admin/commentsredirects to/login?redirect=%2Fadmin%2Fcommentswhen logged out. - Next task: authenticate against the real admin API to capture the exact
getAdminCommentspayload, then clean the existing lint baseline so fullnpm run lintcan become a reliable gate.