Skip to content

Dev#8

Merged
hta218 merged 4 commits intomainfrom
dev
Jul 11, 2025
Merged

Dev#8
hta218 merged 4 commits intomainfrom
dev

Conversation

@dangthang1903
Copy link

@dangthang1903 dangthang1903 commented Jul 10, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • New Features

    • Introduced a quick shop drawer interface with enhanced product details, accordion sections, and zoomable product images.
    • Added customizable quick shop settings, including button texts and compare-at price visibility, in theme configuration.
    • Added new components for streamlined variant and option selection in quick shop.

  • Refactor

    • Unified product option selection into a consistent dropdown with swatch/image previews.
    • Replaced modal-based quick shop with a Radix UI Dialog-based drawer for improved user experience.

  • Bug Fixes

    • Improved cart session handling to ensure reliable cart updates and compatibility with React Router v7.
    • Polyfilled header handling to support multiple Set-Cookie headers.

  • Style

    • Updated layouts and spacing for cart, footer, product options, and quantity selector for improved visual consistency.
    • Enhanced product information and details sections with clearer price displays and structured content.

@dangthang1903
refactor(link): update CSS variable syntax for button text decoration…
a5634fa 
… to maintain consistency and improve clarity
@dangthang1903
refactor(footer): adjust padding and link class for consistent stylin…
2f02cb0 
…g in footer component elements
@dangthang1903
refactor(cart): update cart ID handling in context for React Router v…
dd41d6a 
…7 compatibility and adjust class styling in cart components
@dangthang1903
refactor(product): improve quick shop components and styling for bett…
d595e12 
…er UI consistency and user interaction across product options
@coderabbitai
Copy link

coderabbitai bot commented Jul 10, 2025
edited
Loading

📝 Walkthrough

Walkthrough

This update introduces a comprehensive refactor of the quick shop and product variant selection UI, replacing modal-based flows with Radix Dialog drawers and unifying option selectors. It also implements a manual session cookie management workaround for cart-related routes due to React Router v7 compatibility issues. Additional enhancements include new theme schema settings for quick shop customization, polyfills for multi-cookie header support, and various UI and styling adjustments.

Changes

Files/Groups Change Summary
app/components/cart/cart.tsx
app/components/layout/cart-drawer.tsx
app/components/layout/footer.tsx
app/components/link.tsx
app/components/product/quantity.tsx
app/components/product/variants.tsx		 Minor CSS and class name adjustments for layout, spacing, and styling.
app/components/product/product-card-options.tsx Removed unused imports (cn, isValidColor).
app/components/product/product-option-values.tsx Refactored to always render options as a dropdown; unified swatch/image preview logic; removed legacy UI patterns and arrays; updated exports.
app/components/product/quick-shop-option-values.tsx Added new QuickShopOptionValues component for option selection with swatch/image previews and dropdown UI.
app/components/product/quick-shop-variants.tsx Added new QuickShopVariants component for rendering product variant selectors in quick shop.
app/components/product/quick-shop.tsx Major refactor: replaced modal with Radix Dialog drawer, added ProductDetailsContent and ProductDescriptionDrawer, improved variant state, price display, and loading/error handling.
app/routes/($locale).cart.$lines.tsx
app/routes/($locale).cart.add.$variantId.ts
app/routes/($locale).cart.tsx
app/routes/($locale).discount.$code.tsx		 Updated cart/session ID management to use manual session cookie handling instead of cart.setCartId() due to React Router v7 issues.
app/sections/product-information/index.tsx Removed showShortDescription logic and schema; restructured price section; simplified fallback rendering.
app/sections/product-information/product-details.tsx Added product summary as an accordion item in product details.
app/weaverse/schema.server.ts Added new "Quick shop" settings group for theme customization (zoom, button text, compare-at price toggle).
server.ts Polyfilled Headers prototype to support multiple Set-Cookie headers for React Router v7 compatibility.

Sequence Diagram(s)

Quick Shop Drawer Flow

sequenceDiagram
    participant User
    participant QuickShopTrigger
    participant QuickShop (Drawer)
    participant QuickShopVariants
    participant QuickShopOptionValues
    participant ProductDescriptionDrawer

    User->>QuickShopTrigger: Clicks "Quick Shop"
    QuickShopTrigger->>QuickShop: Opens drawer, fetches product data
    QuickShop->>QuickShopVariants: Renders variant selectors
    QuickShopVariants->>QuickShopOptionValues: Renders dropdowns with swatches/images
    User->>QuickShopOptionValues: Selects option value
    QuickShopOptionValues->>QuickShop: Updates selected variant
    User->>QuickShop: Clicks "View Description"
    QuickShop->>ProductDescriptionDrawer: Opens description drawer with accordion details
Loading

Cart Session Cookie Handling (Simplified)

sequenceDiagram
    participant RouteLoader
    participant Session
    participant Headers

    RouteLoader->>Session: set("cartId", newCartId)
    RouteLoader->>Session: commit()
    Session-->>RouteLoader: Set-Cookie header value
    RouteLoader->>Headers: set("Set-Cookie", value)
    RouteLoader->>Client: Responds with headers (including Set-Cookie)
Loading

Poem

🛒✨
A bunny hopped into the shop,
With drawers that slide and swatches that pop.
Cookies set with extra care,
So carts and discounts travel fair.
Quick shop settings, oh what fun—
Now every product shines like the sun!
Hooray for code, the update’s done!

✨ Finishing Touches
  • 📝 Generate Docstrings
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch dev

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai auto-generate unit tests to generate unit tests for this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot reviewed Jul 10, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🧹 Nitpick comments (1)
app/components/product/quick-shop-option-values.tsx (1)

82-87: Use optional chaining for cleaner code.

Apply this change to use optional chaining:

-          const found = optionValues.find(({ name: value }) => value === v);
-          if (found && found.firstSelectableVariant?.id) {
-            onVariantChange(found.firstSelectableVariant.id);
-          }
+          const found = optionValues.find(({ name: value }) => value === v);
+          if (found?.firstSelectableVariant?.id) {
+            onVariantChange(found.firstSelectableVariant.id);
+          }
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4d20c83 and d595e12.

📒 Files selected for processing (19)
  • app/components/cart/cart.tsx (1 hunks)
  • app/components/layout/cart-drawer.tsx (1 hunks)
  • app/components/layout/footer.tsx (5 hunks)
  • app/components/link.tsx (1 hunks)
  • app/components/product/product-card-options.tsx (1 hunks)
  • app/components/product/product-option-values.tsx (3 hunks)
  • app/components/product/quantity.tsx (1 hunks)
  • app/components/product/quick-shop-option-values.tsx (1 hunks)
  • app/components/product/quick-shop-variants.tsx (1 hunks)
  • app/components/product/quick-shop.tsx (1 hunks)
  • app/components/product/variants.tsx (1 hunks)
  • app/routes/($locale).cart.$lines.tsx (2 hunks)
  • app/routes/($locale).cart.add.$variantId.ts (2 hunks)
  • app/routes/($locale).cart.tsx (2 hunks)
  • app/routes/($locale).discount.$code.tsx (2 hunks)
  • app/sections/product-information/index.tsx (3 hunks)
  • app/sections/product-information/product-details.tsx (1 hunks)
  • app/weaverse/schema.server.ts (1 hunks)
  • server.ts (1 hunks)
🧰 Additional context used
📓 Path-based instructions (5)
`**/*.{js,jsx,ts,tsx}`: Replace all imports from Remix packages with their equiv...

**/*.{js,jsx,ts,tsx}: Replace all imports from Remix packages with their equivalent React Router v7 packages as specified in the provided mapping table.
NEVER use 'react-router-dom' imports in this Hydrogen project.
When generating new code or modifying existing code, ensure all routing-related imports come from the correct React Router packages.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/hydrogen-react-router.mdc)

List of files the instruction was applied to:

  • app/components/cart/cart.tsx
  • app/components/product/quantity.tsx
  • app/components/link.tsx
  • app/components/product/quick-shop-option-values.tsx
  • app/components/layout/footer.tsx
  • app/components/product/quick-shop.tsx
  • app/weaverse/schema.server.ts
  • app/components/product/product-card-options.tsx
  • app/routes/($locale).cart.$lines.tsx
  • app/components/layout/cart-drawer.tsx
  • app/components/product/variants.tsx
  • app/sections/product-information/index.tsx
  • app/components/product/product-option-values.tsx
  • app/routes/($locale).discount.$code.tsx
  • app/routes/($locale).cart.add.$variantId.ts
  • app/sections/product-information/product-details.tsx
  • server.ts
  • app/components/product/quick-shop-variants.tsx
  • app/routes/($locale).cart.tsx
`{app/weaverse/schema.server.ts,app/sections/**/index.tsx,app/components/**/inde...

{app/weaverse/schema.server.ts,app/sections/**/index.tsx,app/components/**/index.tsx}: Always use settings instead of inspector in component and theme schemas. The inspector key is deprecated and has been replaced with settings for better consistency with industry standards.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc)

List of files the instruction was applied to:

  • app/weaverse/schema.server.ts
  • app/sections/product-information/index.tsx
`app/weaverse/schema.server.ts`: Use the theme schema to define global settings such as typography, colors, and layout defaults, organized in logical groups.

app/weaverse/schema.server.ts: Use the theme schema to define global settings such as typography, colors, and layout defaults, organized in logical groups.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc)

List of files the instruction was applied to:

  • app/weaverse/schema.server.ts
`app/{sections,components}/**/index.tsx`: Always follow naming conventions for W...

app/{sections,components}/**/index.tsx: Always follow naming conventions for Weaverse components: use PascalCase for component names.
Keep component-specific types in the same file as the component.
Ensure all components have proper schema definitions for the Weaverse builder.
Component-specific types should be colocated with the component implementation.
Each Weaverse component should export a default component (optionally using forwardRef) and a schema object created with createSchema() that defines the component's properties and UI controls.
For components that need to fetch data, use the component loader pattern and the shouldRevalidate: true property on inputs to automatically refresh data when settings change.
Ensure your Weaverse components provide responsive design settings (e.g., separate settings for desktop, tablet, and mobile columns).
Always implement proper error handling in your Weaverse components, especially for data fetching.
Provide default configurations (presets) for Weaverse components to make them usable out of the box.
Use the condition property in Weaverse schema inputs to show or hide controls based on other settings.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc)

List of files the instruction was applied to:

  • app/sections/product-information/index.tsx
`server.ts`: Initialize the Weaverse client in your server context and pass the theme schema and components.

server.ts: Initialize the Weaverse client in your server context and pass the theme schema and components.

📄 Source: CodeRabbit Inference Engine (.cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc)

List of files the instruction was applied to:

  • server.ts
🧠 Learnings (17)
📓 Common learnings 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : Replace all imports from Remix packages with their equivalent React Router v7 packages as specified in the provided mapping table.
app/components/product/quantity.tsx (4) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Ensure your Weaverse components provide responsive design settings (e.g., separate settings for desktop, tablet, and mobile columns).

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Keep component-specific types in the same file as the component.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Component-specific types should be colocated with the component implementation.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Provide default configurations (presets) for Weaverse components to make them usable out of the box.
app/components/link.tsx (3) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/weaverse/style.tsx : Apply theme settings as global CSS variables using a GlobalStyle component.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Keep component-specific types in the same file as the component.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Always follow naming conventions for Weaverse components: use PascalCase for component names.
app/components/layout/footer.tsx (3) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Ensure your Weaverse components provide responsive design settings (e.g., separate settings for desktop, tablet, and mobile columns).

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Keep component-specific types in the same file as the component.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: If following documentation or examples based on Remix, adapt the code to use React Router equivalents.
app/components/product/quick-shop.tsx (1) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : For components that need to fetch data, use the component loader pattern and the `shouldRevalidate: true` property on inputs to automatically refresh data when settings change.
app/weaverse/schema.server.ts (10) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/weaverse/schema.server.ts : Use the theme schema to define global settings such as typography, colors, and layout defaults, organized in logical groups.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to {app/weaverse/schema.server.ts,app/sections/**/index.tsx,app/components/**/index.tsx} : Always use `settings` instead of `inspector` in component and theme schemas. The `inspector` key is deprecated and has been replaced with `settings` for better consistency with industry standards.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to server.ts : Initialize the Weaverse client in your server context and pass the theme schema and components.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Ensure all components have proper schema definitions for the Weaverse builder.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Use the `condition` property in Weaverse schema inputs to show or hide controls based on other settings.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Design your Weaverse schema with intuitive controls, structured groups, and sensible default values.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Provide default configurations (presets) for Weaverse components to make them usable out of the box.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Each Weaverse component should export a default component (optionally using forwardRef) and a `schema` object created with `createSchema()` that defines the component's properties and UI controls.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/weaverse/style.tsx : Access theme settings in your Hydrogen app using the `useThemeSettings` hook from `@weaverse/hydrogen`.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Ensure your Weaverse components provide responsive design settings (e.g., separate settings for desktop, tablet, and mobile columns).
app/components/product/product-card-options.tsx (5) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Keep component-specific types in the same file as the component.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Provide default configurations (presets) for Weaverse components to make them usable out of the box.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Component-specific types should be colocated with the component implementation.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : When generating new code or modifying existing code, ensure all routing-related imports come from the correct React Router packages.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : NEVER use 'react-router-dom' imports in this Hydrogen project.
app/routes/($locale).cart.$lines.tsx (5) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : When generating new code or modifying existing code, ensure all routing-related imports come from the correct React Router packages.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : Replace all imports from Remix packages with their equivalent React Router v7 packages as specified in the provided mapping table.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: If following documentation or examples based on Remix, adapt the code to use React Router equivalents.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Always check existing code in the project to understand which specific React Router hooks and components are being used.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : For components that need to fetch data, use the component loader pattern and the `shouldRevalidate: true` property on inputs to automatically refresh data when settings change.
app/components/layout/cart-drawer.tsx (1) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : When generating new code or modifying existing code, ensure all routing-related imports come from the correct React Router packages.
app/components/product/variants.tsx (3) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Ensure your Weaverse components provide responsive design settings (e.g., separate settings for desktop, tablet, and mobile columns).

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Keep component-specific types in the same file as the component.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Always follow naming conventions for Weaverse components: use PascalCase for component names.
app/sections/product-information/index.tsx (4) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Use the `condition` property in Weaverse schema inputs to show or hide controls based on other settings.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to {app/weaverse/schema.server.ts,app/sections/**/index.tsx,app/components/**/index.tsx} : Always use `settings` instead of `inspector` in component and theme schemas. The `inspector` key is deprecated and has been replaced with `settings` for better consistency with industry standards.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Ensure all components have proper schema definitions for the Weaverse builder.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Keep component-specific types in the same file as the component.
app/components/product/product-option-values.tsx (6) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Provide default configurations (presets) for Weaverse components to make them usable out of the box.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : For components that need to fetch data, use the component loader pattern and the `shouldRevalidate: true` property on inputs to automatically refresh data when settings change.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Keep component-specific types in the same file as the component.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to {app/weaverse/schema.server.ts,app/sections/**/index.tsx,app/components/**/index.tsx} : Always use `settings` instead of `inspector` in component and theme schemas. The `inspector` key is deprecated and has been replaced with `settings` for better consistency with industry standards.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : NEVER use 'react-router-dom' imports in this Hydrogen project.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/weaverse/style.tsx : Access theme settings in your Hydrogen app using the `useThemeSettings` hook from `@weaverse/hydrogen`.
app/routes/($locale).discount.$code.tsx (6) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : When generating new code or modifying existing code, ensure all routing-related imports come from the correct React Router packages.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : Replace all imports from Remix packages with their equivalent React Router v7 packages as specified in the provided mapping table.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: If following documentation or examples based on Remix, adapt the code to use React Router equivalents.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Always check existing code in the project to understand which specific React Router hooks and components are being used.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Always follow the React Router patterns that are already established in the existing code.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : NEVER use 'react-router-dom' imports in this Hydrogen project.
app/routes/($locale).cart.add.$variantId.ts (4) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : When generating new code or modifying existing code, ensure all routing-related imports come from the correct React Router packages.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : Replace all imports from Remix packages with their equivalent React Router v7 packages as specified in the provided mapping table.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : For components that need to fetch data, use the component loader pattern and the `shouldRevalidate: true` property on inputs to automatically refresh data when settings change.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: If following documentation or examples based on Remix, adapt the code to use React Router equivalents.
server.ts (11) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : When generating new code or modifying existing code, ensure all routing-related imports come from the correct React Router packages.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : Replace all imports from Remix packages with their equivalent React Router v7 packages as specified in the provided mapping table.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/weaverse/csp.ts : Create a CSP configuration file to ensure your store works correctly with Weaverse.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to server.ts : Initialize the Weaverse client in your server context and pass the theme schema and components.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Provide default configurations (presets) for Weaverse components to make them usable out of the box.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Always implement proper error handling in your Weaverse components, especially for data fetching.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/root.tsx : Wrap your App component with `withWeaverse` to enable Weaverse functionality.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Each Weaverse component should export a default component (optionally using forwardRef) and a `schema` object created with `createSchema()` that defines the component's properties and UI controls.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: If following documentation or examples based on Remix, adapt the code to use React Router equivalents.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : For components that need to fetch data, use the component loader pattern and the `shouldRevalidate: true` property on inputs to automatically refresh data when settings change.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Ensure all components have proper schema definitions for the Weaverse builder.
app/components/product/quick-shop-variants.tsx (2) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Provide default configurations (presets) for Weaverse components to make them usable out of the box.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/cookbook-recipe-weaverse-hydrogen-integration.mdc:0-0
Timestamp: 2025-07-04T07:31:53.832Z
Learning: Applies to app/{sections,components}/**/index.tsx : Keep component-specific types in the same file as the component.
app/routes/($locale).cart.tsx (3) 
Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : When generating new code or modifying existing code, ensure all routing-related imports come from the correct React Router packages.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: Applies to **/*.{js,jsx,ts,tsx} : Replace all imports from Remix packages with their equivalent React Router v7 packages as specified in the provided mapping table.

Learnt from: CR
PR: Weaverse/aspen#0
File: .cursor/rules/hydrogen-react-router.mdc:0-0
Timestamp: 2025-07-04T07:32:00.233Z
Learning: If following documentation or examples based on Remix, adapt the code to use React Router equivalents.
🧬 Code Graph Analysis (4)
app/components/layout/footer.tsx (1)
app/components/link.tsx (1)
  • Link (123-193)
app/sections/product-information/index.tsx (4)
app/utils/product.ts (1)
  • isDiscounted (15-20)
app/components/compare-at-price.tsx (1)
  • CompareAtPrice (5-20)
app/components/product/variants.tsx (1)
  • ProductVariants (4-34)
app/components/product/quantity.tsx (1)
  • Quantity (5-51)
app/components/product/product-option-values.tsx (2)
app/components/image.tsx (1)
  • Image (31-68)
app/utils/misc.ts (2)
  • isValidColor (19-22)
  • isLightColor (24-27)
app/components/product/quick-shop-variants.tsx (1)
app/components/product/quick-shop-option-values.tsx (1)
  • QuickShopOptionValues (14-174)
🪛 Biome (1.9.4)
app/components/product/quick-shop-option-values.tsx

[error] 84-84: Change to an optional chain.

Unsafe fix: Change to an optional chain.

(lint/complexity/useOptionalChain)

app/components/product/quick-shop.tsx

[error] 100-100: Avoid passing content using the dangerouslySetInnerHTML prop.

Setting content using code can expose users to cross-site scripting (XSS) attacks

(lint/security/noDangerouslySetInnerHtml)

🔇 Additional comments (27)
app/components/cart/cart.tsx (1)

546-546: Verify the price alignment change is intentional

The change from ml-auto to mr-2 removes the automatic right-alignment of the price. This could affect the visual layout of cart items where prices are typically aligned to the right.

app/components/link.tsx (1)

50-50: Good fix for CSS variable syntax consistency

The change from bracket notation to parentheses notation aligns with the syntax used in all other variants in this file, ensuring consistency across the codebase.

app/components/layout/cart-drawer.tsx (1)

61-61: Good explicit positioning improvement

Adding right-0 makes the drawer's right-side positioning explicit, which is better than relying on default behavior. This ensures consistent placement across different browsers and contexts.

app/components/layout/footer.tsx (1)

106-106: Well-structured layout improvements

The changes improve the footer's layout precision:

  • Conditional padding provides better responsive spacing control
  • w-fit on links prevents unwanted width expansion and improves click target accuracy

These refinements align with modern CSS best practices for precise layout control.

Also applies to: 188-188, 241-241, 250-250, 277-277

app/weaverse/schema.server.ts (1)

881-919: Well-structured schema additions for Quick Shop functionality.

The new settings group follows proper Weaverse schema patterns with logical organization, appropriate input types, and sensible default values. The use of settings instead of the deprecated inspector key aligns with the coding guidelines.

app/components/product/product-card-options.tsx (1)

12-12: Good import cleanup removing unused dependencies.

Removing unused imports cn and isValidColor while keeping only isLightColor improves code maintainability and follows good practices.

app/sections/product-information/product-details.tsx (1)

9-9: Consistent implementation of summary field in product details.

The addition of the summary field follows the established pattern for accordion items and maintains consistency with the existing code structure.

Also applies to: 13-13

app/components/product/quantity.tsx (1)

20-21: Improved layout and styling consistency.

The change from vertical to horizontal layout with justified spacing and the updated legend styling enhances visual consistency with other product components in the UI.

app/routes/($locale).discount.$code.tsx (1)

16-16: Appropriate workaround for React Router v7 compatibility issue.

The manual session handling approach properly addresses the compatibility issue with cart.setCartId(). The implementation correctly sets the cart ID in the session and commits it to generate the appropriate Set-Cookie header.

Monitor for when the React Router v7 compatibility issue is resolved to replace this workaround with the proper cart.setCartId() method.

Also applies to: 41-46

app/components/product/variants.tsx (3)

22-22: Enhanced visual hierarchy with improved spacing and dividers.

The updated container styling adds better visual separation between product options with increased spacing, subtle dividers, and consistent padding. This creates a cleaner, more organized appearance.

24-24: Improved layout with horizontal alignment.

The flex layout with justify-between creates better alignment between option names and their values, making the interface more scannable and professional.

26-26: Consistent typography with medium weight and uppercase styling.

The font changes create better visual consistency and hierarchy. The uppercase styling adds emphasis while medium weight provides good readability without being too heavy.

app/routes/($locale).cart.$lines.tsx (2)

23-23: Session destructuring added for manual cookie management.

Adding session to the context destructuring is necessary for the React Router v7 compatibility workaround.

56-62: Consistent session cookie management across cart routes verified

All cart.setCartId() calls have been removed and each cart-related route now:

  • Persists the cart ID via session.set("cartId", …).
  • Instantiates new Headers() and sets the Set-Cookie header with await session.commit().

Routes checked:

  • app/routes/($locale).cart.tsx
  • app/routes/($locale).cart.add.$variantId.ts
  • app/routes/($locale).cart.$lines.tsx
  • app/routes/($locale).discount.$code.tsx

No further changes required; approving these updates.

app/routes/($locale).cart.tsx (3)

24-24: Consistent session destructuring for cart management.

Adding session to the context destructuring follows the established pattern for the React Router v7 workaround.

67-71: Manual session management correctly implemented.

The manual session handling properly replaces the cart.setCartId() functionality with explicit session management and cookie commitment.

77-77: Headers properly included in redirect.

The redirect now correctly includes the session headers to ensure the updated cart ID cookie is sent to the client.

app/routes/($locale).cart.add.$variantId.ts (3)

2-2: Redirect import added for consistency.

The redirect import aligns with the React Router v7 migration pattern, even though this route uses data() with headers instead of direct redirect.

5-5: Session context added for manual cart management.

Consistent with the established pattern for React Router v7 compatibility.

20-25: Manual session management properly implemented.

The workaround correctly handles cart ID persistence by manually setting the session and creating appropriate headers for the response.

app/sections/product-information/index.tsx (3)

78-78: Product summary removed from destructuring.

The summary field is no longer extracted from the product object, which aligns with the removal of the showShortDescription functionality mentioned in the AI summary.

134-168: Enhanced product information layout with improved organization.

The restructured layout provides several improvements:

  1. Better visual hierarchy: The space-y-7 divide-y divide-line-subtle [&>*:not(:last-child)]:pb-3 classes create clear sections with proper spacing and dividers
  2. Improved price display: Adding the "Price" label makes the interface more user-friendly and professional
  3. Better component organization: Grouping price, variants, and quantity within the same container creates a logical flow
  4. Enhanced fallback handling: The simplified fallback for when no variant is selected is cleaner

The changes align well with the broader UI refactoring mentioned in the AI summary and create a more cohesive product information experience.

32-40: ✅ Removal of showShortDescription Verified

No remaining references to showShortDescription were found across the codebase, and the ProductInformationData interface in app/sections/product-information/index.tsx no longer includes it:

• Interface now only declares:

  • addToCartText
  • soldOutText
  • showVendor
  • showSalePrice
  • showShippingPolicy
  • showRefundPolicy

All removals have been applied correctly.

app/components/product/quick-shop-variants.tsx (1)

1-43: LGTM! Clean implementation of variant selector component.

The component correctly handles the edge case of default-only variant products and provides a clean interface for rendering product options. The structure follows React best practices with proper prop typing.

app/components/product/quick-shop-option-values.tsx (1)

1-174: Excellent implementation of option value selector with visual previews.

The component provides a great user experience with:

  • Visual swatches/images in both the trigger and dropdown items
  • Proper handling of invalid/light colors with border styling
  • Accessible dropdown implementation using Radix UI
  • Clear configuration for which options show swatches vs images
app/components/product/product-option-values.tsx (1)

8-182: Great refactoring to unify option rendering patterns.

The changes successfully:

  • Consolidate multiple UI patterns into a consistent dropdown interface
  • Maintain backward compatibility with the OPTIONS_AS_SWATCH export
  • Preserve the navigation logic for variant changes
  • Align with the new QuickShopOptionValues component for consistency

The unified approach improves maintainability and user experience.

app/components/product/quick-shop.tsx (1)

171-300: Excellent refactoring of the quick shop functionality.

The refactoring brings significant improvements:

  • Better mobile UX with drawer instead of modal
  • Clean separation of concerns with dedicated components
  • Improved loading states with detailed skeleton UI
  • Proper error handling
  • Accessible implementation using Radix UI
  • Internal variant state management appropriate for quick shop context

The code is well-structured and maintainable.

Also applies to: 302-404

app/components/product/quick-shop.tsx
Comment on lines +96 to +101
>
<div
suppressHydrationWarning
className="prose dark:prose-invert py-2.5"
dangerouslySetInnerHTML={{ __html: content }}
/>
Copy link

@coderabbitai coderabbitai bot Jul 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Potential XSS vulnerability with dangerouslySetInnerHTML.

Using dangerouslySetInnerHTML to render product descriptions and policy content could expose users to XSS attacks if the content isn't properly sanitized.

Let me verify if the content is sanitized before being stored:

Consider using a sanitization library like DOMPurify if the content isn't already sanitized server-side:

+import DOMPurify from 'isomorphic-dompurify';

 <div
   suppressHydrationWarning
   className="prose dark:prose-invert py-2.5"
-  dangerouslySetInnerHTML={{ __html: content }}
+  dangerouslySetInnerHTML={{ __html: DOMPurify.sanitize(content) }}
 />

🏁 Script executed:

#!/bin/bash
# Search for where product descriptions and policies are created/updated
rg -A 10 "description|summary|shippingPolicy|refundPolicy" --type graphql || rg -A 10 "description|summary|shippingPolicy|refundPolicy" app/graphql

# Check if there's any sanitization happening in the codebase
rg -i "sanitize|dompurify|xss|escape.*html" --type ts --type tsx --type js --type jsx

Length of output: 1711

🏁 Script executed:

#!/bin/bash
# Search the entire codebase for any sanitization or XSS-protection utilities
rg -i 'dompurify\|sanitizeHtml\|sanitize\|xss'

Length of output: 48

Add HTML sanitization around dangerouslySetInnerHTML to prevent XSS

No evidence of any sanitization library or custom escape logic was found in the repo (searched globally for “sanitize”, “dompurify”, “xss”, etc.). Rendering raw HTML from product descriptions and policies creates a potential XSS vector.

• Ensure that all incoming HTML is sanitized server-side, or—better yet—add client-side sanitization before injection
• Install and import a library like isomorphic-dompurify
• Wrap content with a sanitization call in app/components/product/quick-shop.tsx

Suggested diff:

--- a/app/components/product/quick-shop.tsx
+++ b/app/components/product/quick-shop.tsx
@@ -96,7 +96,8 @@ export function QuickShopContent({ content, ... }) {
           <div
             suppressHydrationWarning
             className="prose dark:prose-invert py-2.5"
-            dangerouslySetInnerHTML={{ __html: content }}
+            dangerouslySetInnerHTML={{
+             __html: DOMPurify.sanitize(content),
+            }}
           />
  1. yarn add isomorphic-dompurify
  2. import DOMPurify from 'isomorphic-dompurify'; at top of the file
  3. Confirm with your backend team that no unsafe HTML can slip through
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
>
<div
suppressHydrationWarning
className="prose dark:prose-invert py-2.5"
dangerouslySetInnerHTML={{ __html: content }}
/>
>
<div
suppressHydrationWarning
className="prose dark:prose-invert py-2.5"
- dangerouslySetInnerHTML={{ __html: content }}
+ dangerouslySetInnerHTML={{
+ __html: DOMPurify.sanitize(content),
+ }}
/>
🧰 Tools
🪛 Biome (1.9.4)

[error] 100-100: Avoid passing content using the dangerouslySetInnerHTML prop.

Setting content using code can expose users to cross-site scripting (XSS) attacks

(lint/security/noDangerouslySetInnerHtml)

🤖 Prompt for AI Agents 
In app/components/product/quick-shop.tsx around lines 96 to 101, the raw HTML
content is injected using dangerouslySetInnerHTML without sanitization, which
risks XSS attacks. To fix this, install the isomorphic-dompurify library, import
DOMPurify at the top of the file, and wrap the content variable with
DOMPurify.sanitize before passing it to dangerouslySetInnerHTML. Also, confirm
with the backend team that no unsafe HTML bypasses server-side checks.

@dangthang1903 dangthang1903 requested a review from hta218 July 10, 2025 10:07
@hta218 hta218 merged commit 9c1c370 into main Jul 11, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hta218 hta218 hta218 approved these changes

+1 more reviewer

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dangthang1903 @hta218