MOPC-App/package.json

{
  "name": "mopc-platform",
  "version": "0.1.0",
  "private": true,
  "type": "module",
  "scripts": {
    "dev": "next dev --turbopack",
    "build": "next build",
    "start": "next start",
    "lint": "next lint",
    "format": "prettier --write .",
    "typecheck": "tsc --noEmit",
    "db:generate": "prisma generate",
    "db:push": "prisma db push",
    "db:migrate": "prisma migrate dev",
    "db:migrate:deploy": "prisma migrate deploy",
    "db:studio": "prisma studio",
    "db:seed": "tsx prisma/seed.ts",
    "db:seed:candidatures": "tsx prisma/seed-candidatures.ts",
    "test": "vitest",
    "test:e2e": "playwright test"
  },
  "dependencies": {
    "@auth/prisma-adapter": "^2.7.4",
    "@blocknote/core": "^0.46.2",
    "@blocknote/mantine": "^0.46.2",
    "@blocknote/react": "^0.46.2",
    "@dnd-kit/core": "^6.3.1",
    "@dnd-kit/sortable": "^10.0.0",
    "@dnd-kit/utilities": "^3.2.2",
    "@hookform/resolvers": "^3.9.1",
    "@mantine/core": "^8.3.13",
    "@mantine/hooks": "^8.3.13",
    "@notionhq/client": "^2.3.0",
    "@prisma/client": "^6.19.2",
    "@radix-ui/react-alert-dialog": "^1.1.4",
    "@radix-ui/react-avatar": "^1.1.2",
    "@radix-ui/react-checkbox": "^1.1.3",
    "@radix-ui/react-collapsible": "^1.1.2",
    "@radix-ui/react-dialog": "^1.1.4",
    "@radix-ui/react-dropdown-menu": "^2.1.4",
    "@radix-ui/react-label": "^2.1.1",
    "@radix-ui/react-popover": "^1.1.4",
    "@radix-ui/react-progress": "^1.1.1",
    "@radix-ui/react-radio-group": "^1.2.2",
    "@radix-ui/react-scroll-area": "^1.2.10",
    "@radix-ui/react-select": "^2.1.4",
    "@radix-ui/react-separator": "^1.1.1",
    "@radix-ui/react-slider": "^1.2.2",
    "@radix-ui/react-slot": "^1.1.1",
    "@radix-ui/react-switch": "^1.1.2",
    "@radix-ui/react-tabs": "^1.1.2",
    "@radix-ui/react-tooltip": "^1.1.6",
    "@tailwindcss/postcss": "^4.1.18",
    "@tanstack/react-query": "^5.62.0",
    "@trpc/client": "^11.0.0-rc.678",
    "@trpc/react-query": "^11.0.0-rc.678",
    "@trpc/server": "^11.0.0-rc.678",
    "bcryptjs": "^3.0.3",
    "class-variance-authority": "^0.7.1",
    "clsx": "^2.1.1",
    "cmdk": "^1.0.4",
    "date-fns": "^4.1.0",
    "leaflet": "^1.9.4",
    "lucide-react": "^0.563.0",
    "minio": "^8.0.2",
    "motion": "^11.15.0",
    "next": "^15.1.0",
    "next-auth": "^5.0.0-beta.25",
    "next-intl": "^4.8.2",
    "nodemailer": "^7.0.7",
    "openai": "^6.16.0",
    "papaparse": "^5.4.1",
    "react": "^19.0.0",
    "react-day-picker": "^9.13.0",
    "react-dom": "^19.0.0",
    "react-easy-crop": "^5.5.6",
    "react-hook-form": "^7.54.2",
    "react-leaflet": "^5.0.0",
    "react-phone-number-input": "^3.4.14",
    "recharts": "^3.7.0",
    "sonner": "^2.0.7",
    "superjson": "^2.2.2",
    "tailwind-merge": "^3.4.0",
    "use-debounce": "^10.0.4",
    "zod": "^3.24.1"
  },
  "devDependencies": {
    "@playwright/test": "^1.49.1",
    "@types/bcryptjs": "^2.4.6",
    "@types/leaflet": "^1.9.21",
    "@types/node": "^25.0.10",
    "@types/nodemailer": "^7.0.9",
    "@types/papaparse": "^5.3.15",
    "@types/react": "^19.0.2",
    "@types/react-dom": "^19.0.2",
    "eslint": "^9.17.0",
    "eslint-config-next": "^15.1.0",
    "postcss": "^8.4.49",
    "prettier": "^3.4.2",
    "prettier-plugin-tailwindcss": "^0.7.2",
    "prisma": "^6.19.2",
    "tailwindcss": "^4.1.18",
    "tailwindcss-animate": "^1.0.7",
    "tsx": "^4.19.2",
    "typescript": "^5.7.2",
    "vitest": "^4.0.18"
  },
  "engines": {
    "node": ">=20.0.0"
  },
  "prisma": {
    "seed": "tsx prisma/seed.ts"
  }
}
Initial commit: MOPC platform with Docker deployment setup Full Next.js 15 platform with tRPC, Prisma, PostgreSQL, NextAuth. Includes production Dockerfile (multi-stage, port 7600), docker-compose with registry-based image pull, Gitea Actions CI workflow, nginx config for portal.monaco-opc.com, deployment scripts, and DEPLOYMENT.md guide. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-30 13:41:32 +01:00			`{`
			`"name": "mopc-platform",`
			`"version": "0.1.0",`
			`"private": true,`
			`"type": "module",`
			`"scripts": {`
			`"dev": "next dev --turbopack",`
			`"build": "next build",`
			`"start": "next start",`
			`"lint": "next lint",`
			`"format": "prettier --write .",`
			`"typecheck": "tsc --noEmit",`
			`"db:generate": "prisma generate",`
			`"db:push": "prisma db push",`
			`"db:migrate": "prisma migrate dev",`
			`"db:migrate:deploy": "prisma migrate deploy",`
			`"db:studio": "prisma studio",`
			`"db:seed": "tsx prisma/seed.ts",`
			`"db:seed:candidatures": "tsx prisma/seed-candidatures.ts",`
			`"test": "vitest",`
			`"test:e2e": "playwright test"`
			`},`
			`"dependencies": {`
			`"@auth/prisma-adapter": "^2.7.4",`
			`"@blocknote/core": "^0.46.2",`
			`"@blocknote/mantine": "^0.46.2",`
			`"@blocknote/react": "^0.46.2",`
			`"@dnd-kit/core": "^6.3.1",`
			`"@dnd-kit/sortable": "^10.0.0",`
			`"@dnd-kit/utilities": "^3.2.2",`
			`"@hookform/resolvers": "^3.9.1",`
			`"@mantine/core": "^8.3.13",`
			`"@mantine/hooks": "^8.3.13",`
			`"@notionhq/client": "^2.3.0",`
			`"@prisma/client": "^6.19.2",`
			`"@radix-ui/react-alert-dialog": "^1.1.4",`
			`"@radix-ui/react-avatar": "^1.1.2",`
			`"@radix-ui/react-checkbox": "^1.1.3",`
			`"@radix-ui/react-collapsible": "^1.1.2",`
			`"@radix-ui/react-dialog": "^1.1.4",`
			`"@radix-ui/react-dropdown-menu": "^2.1.4",`
			`"@radix-ui/react-label": "^2.1.1",`
			`"@radix-ui/react-popover": "^1.1.4",`
			`"@radix-ui/react-progress": "^1.1.1",`
			`"@radix-ui/react-radio-group": "^1.2.2",`
			`"@radix-ui/react-scroll-area": "^1.2.10",`
			`"@radix-ui/react-select": "^2.1.4",`
			`"@radix-ui/react-separator": "^1.1.1",`
			`"@radix-ui/react-slider": "^1.2.2",`
			`"@radix-ui/react-slot": "^1.1.1",`
			`"@radix-ui/react-switch": "^1.1.2",`
			`"@radix-ui/react-tabs": "^1.1.2",`
			`"@radix-ui/react-tooltip": "^1.1.6",`
			`"@tailwindcss/postcss": "^4.1.18",`
			`"@tanstack/react-query": "^5.62.0",`
			`"@trpc/client": "^11.0.0-rc.678",`
			`"@trpc/react-query": "^11.0.0-rc.678",`
			`"@trpc/server": "^11.0.0-rc.678",`
			`"bcryptjs": "^3.0.3",`
			`"class-variance-authority": "^0.7.1",`
			`"clsx": "^2.1.1",`
			`"cmdk": "^1.0.4",`
			`"date-fns": "^4.1.0",`
			`"leaflet": "^1.9.4",`
			`"lucide-react": "^0.563.0",`
			`"minio": "^8.0.2",`
			`"motion": "^11.15.0",`
			`"next": "^15.1.0",`
			`"next-auth": "^5.0.0-beta.25",`
Implement 15 platform features: digest, availability, templates, comparison, live voting SSE, file versioning, mentorship, messaging, analytics, drafts, webhooks, peer review, audit enhancements, i18n Features implemented: - F1: Email digest notifications with cron endpoint and per-user frequency - F2: Jury availability windows and workload preferences in smart assignment - F3: Round templates with save-from-round and CRUD management - F4: Side-by-side project comparison view for jury members - F5: Real-time voting dashboard with Server-Sent Events (SSE) - F6: Live voting UX: QR codes, audience voting, tie-breaking, score animations - F7: File versioning, inline preview, bulk download with presigned URLs - F8: Mentor dashboard: milestones, private notes, activity tracking - F9: Communication hub with broadcasts, templates, and recipient targeting - F10: Advanced analytics: cross-round comparison, juror consistency, diversity metrics, PDF export - F11: Applicant draft saving with magic link resume and cron cleanup - F12: Webhook integration layer with HMAC signing, retry, and delivery logs - F13: Peer review discussions with anonymized scores and threaded comments - F14: Audit log enhancements: before/after diffs, session grouping, anomaly detection, retention - F15: i18n foundation with next-intl (EN/FR), cookie-based locale, language switcher Schema: 12 new models, field additions to User, Project, ProjectFile, LiveVotingSession, LiveVote, MentorAssignment, AuditLog, Program New routers: roundTemplate, message, webhook (registered in _app.ts) New services: email-digest, webhook-dispatcher New cron endpoints: /api/cron/digest, /api/cron/draft-cleanup, /api/cron/audit-cleanup New API routes: /api/live-voting/stream (SSE), /api/files/bulk-download All features are admin-configurable via SystemSettings or per-model settingsJson fields. Docker build verified successfully. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-05 23:31:41 +01:00			`"next-intl": "^4.8.2",`
Initial commit: MOPC platform with Docker deployment setup Full Next.js 15 platform with tRPC, Prisma, PostgreSQL, NextAuth. Includes production Dockerfile (multi-stage, port 7600), docker-compose with registry-based image pull, Gitea Actions CI workflow, nginx config for portal.monaco-opc.com, deployment scripts, and DEPLOYMENT.md guide. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-30 13:41:32 +01:00			`"nodemailer": "^7.0.7",`
			`"openai": "^6.16.0",`
			`"papaparse": "^5.4.1",`
			`"react": "^19.0.0",`
Add background filtering jobs, improved date picker, AI reasoning display - Implement background job system for AI filtering to avoid HTTP timeouts - Add FilteringJob model to track progress of long-running filtering operations - Add real-time progress polling for filtering operations on round details page - Create custom DateTimePicker component with calendar popup (no year picker hassle) - Fix round date persistence bug (refetchOnWindowFocus was resetting form state) - Integrate filtering controls into round details page for filtering rounds - Display AI reasoning for flagged/filtered projects in results table - Add onboarding system scaffolding (schema, routes, basic UI) - Allow setting round dates in the past for manual overrides Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-02-03 19:48:41 +01:00			`"react-day-picker": "^9.13.0",`
Initial commit: MOPC platform with Docker deployment setup Full Next.js 15 platform with tRPC, Prisma, PostgreSQL, NextAuth. Includes production Dockerfile (multi-stage, port 7600), docker-compose with registry-based image pull, Gitea Actions CI workflow, nginx config for portal.monaco-opc.com, deployment scripts, and DEPLOYMENT.md guide. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-30 13:41:32 +01:00			`"react-dom": "^19.0.0",`
Add image cropping to avatar upload and show avatars platform-wide - Add react-easy-crop for circular crop + zoom UI on avatar upload - Create server-side getUserAvatarUrl utility for generating pre-signed URLs - Update all nav components (admin, jury, mentor, observer) to show user avatars - Add avatar URLs to user list, mentor list, and project detail API responses - Replace initials-only avatars with UserAvatar component across admin pages Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-02-02 13:19:28 +01:00			`"react-easy-crop": "^5.5.6",`
Initial commit: MOPC platform with Docker deployment setup Full Next.js 15 platform with tRPC, Prisma, PostgreSQL, NextAuth. Includes production Dockerfile (multi-stage, port 7600), docker-compose with registry-based image pull, Gitea Actions CI workflow, nginx config for portal.monaco-opc.com, deployment scripts, and DEPLOYMENT.md guide. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-30 13:41:32 +01:00			`"react-hook-form": "^7.54.2",`
			`"react-leaflet": "^5.0.0",`
			`"react-phone-number-input": "^3.4.14",`
			`"recharts": "^3.7.0",`
			`"sonner": "^2.0.7",`
			`"superjson": "^2.2.2",`
			`"tailwind-merge": "^3.4.0",`
			`"use-debounce": "^10.0.4",`
			`"zod": "^3.24.1"`
			`},`
			`"devDependencies": {`
			`"@playwright/test": "^1.49.1",`
			`"@types/bcryptjs": "^2.4.6",`
Comprehensive platform review: security fixes, query optimization, UI improvements, and code cleanup Security (Critical/High): - Fix path traversal bypass in local storage provider (path.resolve + prefix check) - Fix timing-unsafe HMAC comparison (crypto.timingSafeEqual) - Add auth + ownership checks to email API routes (verify-credentials, change-password) - Remove hardcoded secret key fallback in local storage provider - Add production credential check for MinIO (fail loudly if not set) - Remove DB error details from health check response - Add stricter rate limiting on application submissions (5/hour) - Add rate limiting on email availability check (anti-enumeration) - Change getAIAssignmentJobStatus to adminProcedure - Block dangerous file extensions on upload - Reduce project list max perPage from 5000 to 200 Query Optimization: - Optimize analytics getProjectRankings with select instead of full includes - Fix N+1 in mentor.getSuggestions (batch findMany instead of loop) - Use _count for files instead of fetching full file records in project list - Switch to bulk notifications in assignment and user bulk operations - Batch filtering upserts (25 per transaction instead of all at once) UI/UX: - Replace Inter font with Montserrat in public layout (brand consistency) - Use Logo component in public layout instead of placeholder - Create branded 404 and error pages - Make admin rounds table responsive with mobile card layout - Fix notification bell paths to be role-aware - Replace hardcoded slate colors with semantic tokens in admin sidebar - Force light mode (dark mode untested) - Adjust CardTitle default size - Improve muted-foreground contrast for accessibility (A11Y) - Move profile form state initialization to useEffect Code Quality: - Extract shared toProjectWithRelations to anonymization.ts (removed 3 duplicates) - Remove dead code: getObjectInfo, isValidImageSize, unused batch tag functions, debug logs - Remove unused twilio dependency - Remove redundant email index from schema - Add actual storage object deletion when file records are deleted - Wrap evaluation submit + assignment update in - Add comprehensive platform review document Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-05 20:31:08 +01:00			`"@types/leaflet": "^1.9.21",`
Initial commit: MOPC platform with Docker deployment setup Full Next.js 15 platform with tRPC, Prisma, PostgreSQL, NextAuth. Includes production Dockerfile (multi-stage, port 7600), docker-compose with registry-based image pull, Gitea Actions CI workflow, nginx config for portal.monaco-opc.com, deployment scripts, and DEPLOYMENT.md guide. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-30 13:41:32 +01:00			`"@types/node": "^25.0.10",`
			`"@types/nodemailer": "^7.0.9",`
			`"@types/papaparse": "^5.3.15",`
			`"@types/react": "^19.0.2",`
			`"@types/react-dom": "^19.0.2",`
			`"eslint": "^9.17.0",`
			`"eslint-config-next": "^15.1.0",`
			`"postcss": "^8.4.49",`
			`"prettier": "^3.4.2",`
			`"prettier-plugin-tailwindcss": "^0.7.2",`
			`"prisma": "^6.19.2",`
			`"tailwindcss": "^4.1.18",`
			`"tailwindcss-animate": "^1.0.7",`
			`"tsx": "^4.19.2",`
			`"typescript": "^5.7.2",`
			`"vitest": "^4.0.18"`
			`},`
			`"engines": {`
			`"node": ">=20.0.0"`
			`},`
			`"prisma": {`
			`"seed": "tsx prisma/seed.ts"`
			`}`
			`}`