fix(web): silence Vite web build warnings

[skulidropek]

Source TZ / Issues

• Fixes #
• Related discussion: fix(web): silence Vite web build warnings #356 (review)

Summary

• strips deprecated Gridland Vite plugin options before Vite 8 sees them
• suppresses known third-party Rolldown invalid pure annotation warnings
• adds a strict web build CI guard that fails on relevant warning output
• addresses CodeRabbit review feedback for documentation, regex specificity, and spawn error handling

Requirements Alignment

• Implemented: web build output no longer prints the known Vite/Rolldown warnings; Final Build now detects regressions with build:web:strict on Ubuntu, macOS, and Windows.
• Out of scope: dependency upgrades and chunk-splitting refactors.
• Security-sensitive changes: no permission or secret handling changes; CI script executes a fixed local Bun command without user-controlled arguments.

Verification

• bun run --cwd packages/app build:web:strict
• bun run --cwd packages/app typecheck
• bun run --cwd packages/app lint
• bun run --cwd packages/app lint:effect
• bun scripts/final-build/browser-web-smoke.mjs
• bun run --cwd packages/app vitest run tests/docker-git/browser-frontend.test.ts tests/docker-git/app-ready-create.test.ts tests/docker-git/actions-project-create.test.ts
• env PATH=/no-bun /usr/bin/node scripts/ci/check-web-build-output.mjs (expected ENOENT exit, verifies spawn error path)

[coderabbitai]

Warning

Review limit reached

@skulidropek, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 39 minutes and 12 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 91652c3f-3562-4435-b9ac-8d0fb750dc0f

📥 Commits

Reviewing files that changed from the base of the PR and between 2cf2a43 and f6f8b4d.

📒 Files selected for processing (2)

• packages/app/vite.web.config.ts
• scripts/ci/check-web-build-output.mjs

📝 Walkthrough

Walkthrough

Пул запросов добавляет механизм усиленной валидации веб-сборки в CI: новый скрипт проверяет выходные данные на запрещённые предупреждения (Vite, rollup, deprecated, размер чанков), Vite конфигурация очищена от deprecated опций, и GitHub Actions workflow переведена на использование режима strict.

Changes

Усиление валидации веб-сборки

Layer / File(s)	Summary
Скрипт валидации выходных данных сборки и интеграция npm scripts/ci/check-web-build-output.mjs, packages/app/package.json	Новый CI-скрипт проверяет stdout/stderr веб-сборки против списка запрещённых шаблонов (Vite warnings, rollup аннотации, deprecated, chunk size предупреждения) с завершением процесса кодом 1 при совпадениях. npm скрипт build:web:strict вызывает эту проверку.
Обновление Vite конфигурации для строгой сборки packages/app/vite.web.config.ts	Расширены импорты типов (Plugin, UserConfig), добавлены вспомогательные функции для удаления deprecated optimizeDeps.esbuildOptions, заменён вызов gridlandWebPlugin() на обёрнутую версию, обновлена секция build с добавлением chunkSizeWarningLimit и rolldownOptions.checks.invalidAnnotation вместо старых esbuild опций.
Интеграция в GitHub Actions workflow .github/workflows/final-build.yml	GitHub Actions workflow Final Build обновлена: шаг smoke checks теперь использует build:web:strict вместо build:web, подключая новый механизм валидации в CI pipeline.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• ProverCoderAI/docker-git#279: Расширяет тот же pipeline Final Build, добавляя строгую валидацию веб-сборки и использует новый скрипт check-web-build-output.mjs как ворота для проверки предупреждений.

---

Important

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

❌ Failed checks (1 error)

Check name	Status	Explanation	Resolution
Requirements Alignment	❌ Error	Новые функции в vite.web.config.ts нарушают требование документирования (отсутствуют TSDoc и функциональные комментарии). check-web-build-output.mjs содержит потенциальную ошибку null в stream.	Добавить обязательный TSDoc к новым функциям. Переместить stdout/stderr.write() после проверки result.error. Уточнить regex для deprecated чтобы избежать ложных падений.

✅ Passed checks (6 passed)

Check name	Status	Explanation
Title check	✅ Passed	Заголовок точно отражает основную цель изменений: подавление предупреждений при сборке Vite для веб-приложения.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Security Regression	✅ Passed	Анализ не выявил высоко-уверенных регрессий безопасности. Нет инъекции команд, обхода пути, утечки учетных данных, опасных конфигураций GitHub Actions или рисков цепочки поставок.
Description check	✅ Passed	PR описание следует шаблону: содержит разделы Issues, Summary, Requirements Alignment и Verification с детальной информацией об изменениях.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/silence-vite-web-build-warnings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@packages/app/vite.web.config.ts`:
- Around line 168-217: Add comprehensive TSDoc and functional markers to the new
helper functions: removeDeprecatedOptimizeDepsOptions,
removeDeprecatedGridlandOptions, isVitePlugin, and
gridlandWebPluginWithoutDeprecatedOptions. For each function add a TSDoc block
documenting parameters and return type, mark pure functions with `@pure`, include
`@precondition` and `@postcondition` describing input/output constraints, an
`@invariant` if applicable, and an `@complexity` (Big-O) annotation; also add the
functional comment markers (CHANGE, WHY, PURITY, INVARIANT, COMPLEXITY)
describing the core behavior and reasoning. Ensure isVitePlugin notes its
boolean predicate behavior and purity; removeDeprecated* functions describe when
they return undefined vs modified objects and any normalization guarantees;
gridlandWebPluginWithoutDeprecatedOptions documents that it maps plugins and
preserves non-objects/async config behavior.

In `@scripts/ci/check-web-build-output.mjs`:
- Around line 15-18: Шаблон в объекте с label "Deprecated build option warning"
(текущее поле pattern: /\bdeprecated\b/iu) слишком широкий и ловит любые
вхождения слова «deprecated» из зависимостей; сузьте паттерн до формата
предупреждений Vite/Rollup, например использовать одно регулярное выражение,
которое ищет либо префикс Vite ("[vite]" или "[vite] warning") либо Rollup-style
предупреждение ("(!) ... deprecated") — например объединённый паттерн вида
/\[vite\].*deprecated|!\).*\bdeprecated\b/iu (подставьте корректную экранировку
и флаги в поле pattern) чтобы CI реагировал только на релевантные предупреждения
сборки.
- Around line 30-36: The current code calls process.stdout.write(result.stdout)
and process.stderr.write(result.stderr) unconditionally after spawnSync, which
throws a TypeError when result.stdout/result.stderr are null on failed spawn;
change the logic in the block handling the spawnSync result so you first check
for result.error (or guard nullish values) before writing: either move the error
check to run before any process.*.write calls, or only call
process.stdout.write/process.stderr.write when result.stdout !== null &&
result.stdout !== undefined (and same for stderr); reference the existing
identifiers result, process.stdout.write, process.stderr.write, and the
spawnSync call to locate and update the code.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: c19c8db8-84f8-436a-bd93-82bb20cc98c7

📥 Commits

Reviewing files that changed from the base of the PR and between 1e19bc5 and 2cf2a43.

📒 Files selected for processing (4)

• .github/workflows/final-build.yml
• packages/app/package.json
• packages/app/vite.web.config.ts
• scripts/ci/check-web-build-output.mjs

📜 Review details

⏰ Context from checks skipped due to timeout of 900000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: E2E (Runtime volumes + SSH)
• GitHub Check: E2E (Login context)
• GitHub Check: E2E (Clone auto-open SSH)
• GitHub Check: E2E (Browser command)
• GitHub Check: Lint
• GitHub Check: Test
• GitHub Check: E2E (OpenCode)
• GitHub Check: E2E (Clone cache)
• GitHub Check: Final build (windows-latest)

🧰 Additional context used

📓 Path-based instructions (8)

**/*.{js,ts,jsx,tsx,py,java,go,rb,php,sh,bash,yml,yaml,json,env*,toml,cfg,config,dockerfile,dockerignore}

📄 CodeRabbit inference engine (Custom checks)

Fail if changed files expose credentials, tokens, private-keys, or PII in source, generated config, logs, or CI output

Files:

• packages/app/package.json
• packages/app/vite.web.config.ts

**/{package*.json,requirements*.txt,setup.py,setup.cfg,Pipfile,Pipfile.lock,pyproject.toml,pom.xml,build.gradle,Gemfile,Gemfile.lock,go.mod,go.sum,composer.json,Cargo.toml,Cargo.lock}

📄 CodeRabbit inference engine (Custom checks)

Fail if dependency or package-manager changes materially increase supply-chain risk without justification

Files:

• packages/app/package.json

**/*

⚙️ CodeRabbit configuration file

**/*: Ты строгий ревьюер SPEC DRIVEN DEVELOPMENT.

Перед выводами изучи README.md, другие *.md файлы, linked issues,
PR description, PR comments/discussion и релевантную кодовую базу.

Сверь изменения с исходным ТЗ/спекой и обсуждением. Флагай любой уход
от спеки, недокументированное изменение поведения, отсутствие тестов
для заявленного поведения и security-риск. Если спека не видна,
попроси автора добавить ее в issue или PR description.

Проверь решение с точки зрения формальной верификации: какие инварианты,
предусловия и постусловия можно доказать математически, а где доказуемость
слабая. Оцени решение с точки зрения теории игр: устойчивы ли стимулы,
нет ли выгодного обхода правил, и какое решение было бы сильнее.

Files:

• packages/app/package.json
• scripts/ci/check-web-build-output.mjs
• packages/app/vite.web.config.ts

**/.github/workflows/*.{yml,yaml}

📄 CodeRabbit inference engine (Custom checks)

Fail if changed files introduce unsafe GitHub Actions configuration such as unsafe pull_request_target, or unnecessary write permissions

Files:

• .github/workflows/final-build.yml

**/*.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.{ts,tsx}: Implement Functional Core, Imperative Shell (FCIS) pattern: CORE layer contains only pure functions with immutable data and mathematical operations; SHELL layer isolates all effects (IO, network, database). Strict dependency direction: SHELL → CORE (never reverse).
Never use any, unknown, eslint-disable, ts-ignore, or as type assertions (except in rigorously justified cases with documentation). Always use exhaustive union type analysis through .exhaustive() pattern matching.
All external dependencies must be wrapped through typed interfaces and injected via Effect-TS Layer pattern. Never call external services directly from CORE functions.
Use monadic composition with Effect-TS for all effects: Effect<Success, Error, Requirements>. Compose effects through pipe() and Effect.flatMap(). Implement dependency injection via Layer pattern. Handle errors without try/catch blocks.
All functions must be pure in the CORE layer: no side effects (logging, console output, IO operations, mutations). Separate all side effects into the SHELL layer.
Use exhaustive pattern matching with Effect.Match instead of switch statements. Example: Match.value(item).pipe(Match.when(...), Match.exhaustive).
Document all functions with comprehensive TSDoc including: @pure (true/false), @effect (required services), @invariant (mathematical invariants), @precondition, @postcondition, @complexity (time and space), @throws Never (errors must be typed in Effect).
Use functional comment markers for code clarity: CHANGE (brief description), WHY (mathematical/architectural justification), QUOTE(ТЗ) (requirement citation), REF (RTM or message ID), SOURCE (external source with quote), FORMAT THEOREM (∀x ∈ Domain: P(x) → Q(f(x))), PURITY (CORE|SHELL), EFFECT (Effect type signature), INVARIANT (mathematical invariant), COMPLEXITY (time/space).
Define all external service dependencies as Context.Tag classes with fully typed methods returning Effect types. Example: `class Da...

Files:

• packages/app/vite.web.config.ts

**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (AGENTS.md)

**/*.{ts,tsx,js,jsx}: Forbidden constructs in CORE code: any, eslint-disable, ts-ignore, async/await, raw Promise chains (then/catch), Promise.all, try/catch for logic control, console.*, switch statements (use Match with .exhaustive() instead)
All functions must use Effect-TS for composing effects: Effect<Success, Error, Requirements>. No direct async/await, Promise chains, or try/catch in product logic.
Functional comments must include: CHANGE, WHY, QUOTE(ТЗ) or n/a, REF, SOURCE or n/a, FORMAT THEOREM, PURITY (CORE|SHELL), EFFECT signature for SHELL functions, INVARIANT, and COMPLEXITY.
All data mutations must use immutable patterns (ReadonlyArray, readonly properties, Object.freeze); mutation in SHELL only when absolutely necessary and documented.

Files:

• packages/app/vite.web.config.ts

**/*.{sh,bash,py,js,ts,jsx,tsx,go,java,rb,php}

📄 CodeRabbit inference engine (Custom checks)

Fail if changed files introduce command injection or unsafe shell/process execution with user-controlled input

Files:

• packages/app/vite.web.config.ts

**/*.{py,js,ts,jsx,tsx,go,java,rb,php,sh,bash,c,cpp}

📄 CodeRabbit inference engine (Custom checks)

Fail if changed files introduce path traversal or writes outside intended project/container state directories

Files:

• packages/app/vite.web.config.ts

🔇 Additional comments (5)

packages/app/package.json (1)

20-20: LGTM!

packages/app/vite.web.config.ts (3)

8-8: LGTM!

---

262-272: LGTM!

---

198-217: ⚡ Quick win

Проверьте форму config у gridland-web-aliases (функция vs ObjectHook)
Очистка deprecated-опций в обёртке выполняется только когда typeof plugin.config === "function"; если у gridland-web-aliases config задан в объектной форме (ObjectHook, например { handler, order }), то очистка будет пропущена (ветка вокруг проверки на строке ~203).
В доступном коде сейчас находится только сама обёртка в packages/app/vite.web.config.ts, а исходники/типы @gridland в среде поиска не доступны, поэтому фактическую форму config подтвердить нельзя; нужно либо подтвердить, что это функция, либо расширить обёртку под ObjectHook.

.github/workflows/final-build.yml (1)

33-37: LGTM!

[skulidropek]

AI Session Backup

Commit: f6f8b4d
Status: success
Files: 10 (13.89 MB)
Links: README | Manifest

git status

On branch codex/silence-vite-web-build-warnings
Your branch is ahead of 'origin/main' by 2 commits.
  (use "git push" to publish your local commits)

nothing to commit, working tree clean

[skulidropek]

Addressed CodeRabbit review 4388758572 in f6f8b4d.

• Added TSDoc and functional markers for the new Vite helper functions.
• Narrowed the deprecated-output regex to Vite/Rolldown warning formats.
• Guarded stdout/stderr writes on spawn failure and verified the ENOENT path.
• Added support for Vite object-form config hooks while preserving the current function-hook path.
• Updated the PR description to match the repository template.

Validation: local strict build/typecheck/lint/smoke/targeted tests passed; GitHub Actions Check, Final Build, Snapshot, and Checking Dependencies are green on f6f8b4d. CodeRabbit itself reports insufficient review credits, so it did not re-run the review.