refactor(app): Main branch for multi-stack support.

[terabytesoftw]

Q	A
Is bugfix	✔️
New feature	❌
Breaks BC	❌

Summary by CodeRabbit

• Refactor
  • Navigation reduced to a single Home entry; About, Contact, login/logout flows, language selector and flash alerts removed; 404 title localized.
• Documentation
  • README and docs updated for web/ root and responsive light/dark screenshots.
• Style
  • Removed several theme-specific CSS overrides.
• Chores
  • Standardized export/archive rules, removed locale/flag assets and related frontend deps, added environment flags.
• Tests
  • Acceptance, functional and unit tests for removed features deleted.

[coderabbitai]

Walkthrough

Revamps repository attributes and docs, removes contact/security use-cases (controllers, forms, actions, views, assets, tests, i18n catalogs), simplifies configs and menu/asset code, updates web/index.php to define YII_* from env before bootstrap, and drops flag-icons and related locale UI.

Changes

Cohort / File(s)	Summary
Repository attributes /.gitattributes	Replace ad‑hoc export-ignore with * text=auto eol=lf, explicit text/binary rules, /CHANGELOG.md merge=union, and multiple export-ignore entries.
Docs & README /README.md, docs/*	Replace hero image with responsive <picture> (dark/light variants), update screenshot paths, remove contact/security entries from use-case list, change public → web references.
Manifests /composer.json, /package.json	Remove composer deps ui-awesome/html, ui-awesome/html-component-bootstrap5, yii2-extensions/localeurls; remove npm flag-icons.
Web entry / env /web/index.php	Load .env, define YII_DEBUG/YII_ENV from $_ENV, then require Yii bootstrap; adjust vendor path resolution.
Configs (console & web) /config/console/app.php, /config/web/app.php, /config/web/components.php, /config/web/modules.php	Drop ServeController import/mapping; remove contact/security controller mappings and some aliases; simplify bootstrap arrays; change asset basePath; remove UrlLanguageManager and explicit user config; move debug/gii to dev-only modules.
Framework params & assets /src/framework/ApplicationParameters.php, /src/framework/asset/AppAsset.php, src/framework/asset/LocaleAsset.php	Simplify menu methods to a single translated Home item; collapse use statements in AppAsset; delete LocaleAsset and its flag-assets publishing.
Layouts & UI components /src/framework/resource/layout/*, /src/framework/resource/css/site.css	Remove alert view, language toggle view and footer render, and several theme-specific CSS overrides; menu now uses ApplicationParameters directly; update imports/docblocks.
i18n catalogs removed /src/framework/resource/message/*/app.basic.php	Delete app.basic translation files for de, en, es, fr, pt, ru, zh.
Use-case: Contact removed /src/usecase/contact/*	Delete ContactController, ContactEvent, ContactForm, IndexAction, contact view and associated tests.
Use-case: Security removed /src/usecase/security/*	Delete Identity, LoginAction, LoginForm, LogoutAction, SecurityController, login view and associated tests.
Use-case: Site adjustments /src/usecase/site/*	Remove AboutAction and about view; drop about action mapping; change index title key to Home; translate 404 title.
Tests removed/updated /tests/...	Remove multiple acceptance/functional/unit tests for About, Contact, Identity/auth and menu; update some site tests to expect "Home" and drop "English" assertion.
Test env /tests/_envs/php-builtin.yml	Change PHP built-in server docroot from public to web.
Docs updated /docs/configuration.md, /docs/installation.md	Reflect config and web-root changes, asset paths, and dev module notes.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Browser
  participant Front as web/index.php
  participant Dotenv as Dotenv Loader
  participant Yii as Yii Bootstrap
  Note over Front: load .env, set YII_DEBUG/YII_ENV before bootstrap
  Browser->>Front: HTTP request
  Front->>Dotenv: safeLoad .env
  Dotenv-->>Front: populate $_ENV
  Front->>Front: define YII_DEBUG, YII_ENV
  Front->>Yii: require Yii.php and bootstrap application
  Yii-->>Browser: Response

Loading

sequenceDiagram
  autonumber
  participant Config as config/web/modules.php
  participant Env as YII_ENV_DEV
  Note over Config: modules now conditional on environment
  Config->>Env: evaluate YII_ENV_DEV
  alt dev
    Config->>Config: return debug & gii configs
  else
    Config->>Config: return []
  end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• Update README.md, composer.json, and PHPStan configuration; enhance contact form layout and functionality. #90 — touches the same contact-related files and menu/asset pieces now removed here.
• Fix: Add unit tests for controllers and Components (Contact, Hello, Identity, Menu). #92 — overlaps directly on contact/security/identity changes and tests removed by this PR.
• docs: Refactor README.md to enhance clarity and structure, update features section, and improve installation instructions. #96 — overlaps README/media and installation changes (hero/screenshots, web root).

Poem

Hop hop, I nudged the bundle tight,
Hid flags and trimmed the site by night.
Menus leaner, envs in view,
Dotenv hums — the boot is new.
Little rabbit hops, change done — woo! 🥕✨

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix-mini-40

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (15)

src/framework/resource/layout/head.php (1)

14-16: Prefer View::registerCsrfMetaTags over Html::csrfMetaTags

Registers tags through the view to avoid duplicates and guarantees correct placement with $this->head().

-    <?= Html::csrfMetaTags() ?>
+    <?php $this->registerCsrfMetaTags() ?>

src/usecase/site/view/404.php (3)

12-12: Avoid translating a dynamic title; set it directly

Translating $name will trigger "missing translation" logs since message catalogs were removed. Set the title directly (it’s safely encoded on output).

-$this->title = Yii::t('app.basic', $name);
+$this->title = $name;

---

14-14: Fix Bootstrap class: justify-center → justify-content-center

Current class won’t center; use the correct Bootstrap 5 utility.

-<div class="d-flex flex-column align-items-center justify-center">
+<div class="d-flex flex-column align-items-center justify-content-center">

---

26-27: Verify i18n usage for user-facing texts

These strings are wrapped in Yii::t but app.basic message files were removed. Confirm you still want runtime fallbacks (original English) or drop Yii::t here for now.

src/usecase/site/view/index.php (1)

9-9: Confirm i18n intent for title

With app.basic catalogs removed, this will fall back to "Home". If that’s intentional, fine; otherwise restore messages or set the literal.

-$this->title = Yii::t('app.basic', 'Home');
+$this->title = 'Home';

README.md (2)

28-32: Nice dark/light upgrade; consider preventing CLS

Add explicit width/height to stabilize layout in some renderers.

-    <img src="docs/images/home.png" alt="Web Application Basic">
+    <img src="docs/images/home.png" alt="Web Application Basic" width="1280" height="720">

---

221-222: Tighten labels for clarity

Use “(Light)” and “(Dark)” for readability. Also, please review the Features list to remove items (Contact, Security, Multi-language) that this PR dropped to avoid confusion.

-- **[404 Error Page](docs/images/404.png)** - Custom error handling
-- **[404 Error Page Dark](docs/images/404-dark.png)** - Custom error handling
+- **[404 Error Page (Light)](docs/images/404.png)** - Custom error handling
+- **[404 Error Page (Dark)](docs/images/404-dark.png)** - Custom error handling

src/framework/ApplicationParameters.php (1)

38-38: Translation fallback check

Label translation will fall back to “Home” without app.basic catalogs. If that’s the plan, OK; otherwise either restore messages or drop Yii::t here.

-                'label' => Yii::t('app.basic', 'Home'),
+                'label' => 'Home',

src/framework/resource/layout/component/menu.php (1)

28-28: Menu source change: confirm intentional scope reduction

Using only getMenuIsGuest() removes login-based items entirely. If auth flows were removed, this is consistent; otherwise consider a conditional provider or a unified getMenuItems() that adapts to auth state.

config/console/app.php (1)

15-17: Consolidate alias definitions across configs
The @resource alias (resolving to src/framework/resource) exists as expected; consider centralizing all aliases (web + console) in a shared config to prevent drift.

.gitattributes (2)

18-23: Broaden binary/text patterns to cover common assets.

Add missing font/image types to avoid misclassification.

 *.png  binary
 *.jpg  binary
 *.gif  binary
 *.ttf  binary
+*.otf  binary
+*.eot  binary
+*.woff binary
+*.woff2 binary
+*.webp binary
+*.ico  binary
+# SVGs are XML (text), so explicitly mark as text:
+*.svg  text
+*.pdf  binary

---

28-35: Optional: exclude more dev-only files from archives.

Keeps distribution lean.

 /.gitattributes                 export-ignore
 /.github                        export-ignore
 /.gitignore                     export-ignore
 /.styleci.yml                   export-ignore
 /docs                           export-ignore
 /psalm.xml                      export-ignore
 /tests                          export-ignore
+/.editorconfig                  export-ignore
+/phpunit.xml*                   export-ignore
+/phpstan*.neon*                 export-ignore
+/infection.json*                export-ignore
+/docker                         export-ignore

web/index.php (1)

16-22: Ensure YII_C3 detection works with Dotenv-loaded vars.

Dotenv may not always populate getenv(); also check $_ENV.

-if (getenv('YII_C3')) {
+if (!empty($_ENV['YII_C3']) || getenv('YII_C3')) {
     $c3 = dirname(__DIR__) . '/c3.php';
     if (file_exists($c3)) {
         require_once $c3;
     }
 }

config/web/app.php (2)

16-24: Deduplicate aliases across web/console.

Move common aliases to a shared config to prevent drift; keep web-only aliases local.

---

7-12: Docblocks: narrow types for static analysis.

These aren’t string arrays; use array<string,mixed> (or a dedicated config shape) to aid tools.

-/** @phpstan-var string[] $components */
+/** @phpstan-var array<string, mixed> $components */
-/** @phpstan-var string[] $modules */
+/** @phpstan-var array<string, mixed> $modules */
-/** @phpstan-var string[] $params */
+/** @phpstan-var array<string, mixed> $params */

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 133fe9c and 81a9d16.

⛔ Files ignored due to path filters (12)

• composer.lock is excluded by !**/*.lock
• docs/404.png is excluded by !**/*.png
• docs/about.png is excluded by !**/*.png
• docs/contact.png is excluded by !**/*.png
• docs/home.png is excluded by !**/*.png
• docs/images/404-dark.png is excluded by !**/*.png
• docs/images/404.png is excluded by !**/*.png
• docs/images/home-dark.png is excluded by !**/*.png
• docs/images/home.png is excluded by !**/*.png
• web/favicon.ico is excluded by !**/*.ico
• web/image/yii.svg is excluded by !**/*.svg
• web/image/yiiframework.svg is excluded by !**/*.svg

📒 Files selected for processing (47)

• .gitattributes (1 hunks)
• README.md (2 hunks)
• composer.json (0 hunks)
• config/console/app.php (1 hunks)
• config/web/app.php (1 hunks)
• config/web/components.php (0 hunks)
• config/web/modules.php (1 hunks)
• package.json (0 hunks)
• src/framework/ApplicationParameters.php (2 hunks)
• src/framework/asset/AppAsset.php (1 hunks)
• src/framework/asset/LocaleAsset.php (0 hunks)
• src/framework/event/ContactEventHandler.php (0 hunks)
• src/framework/resource/css/site.css (0 hunks)
• src/framework/resource/layout/component/menu.php (2 hunks)
• src/framework/resource/layout/component/toggle_language.php (0 hunks)
• src/framework/resource/layout/footer.php (0 hunks)
• src/framework/resource/layout/head.php (1 hunks)
• src/framework/resource/layout/main.php (1 hunks)
• src/framework/resource/message/de/app.basic.php (0 hunks)
• src/framework/resource/message/en/app.basic.php (0 hunks)
• src/framework/resource/message/es/app.basic.php (0 hunks)
• src/framework/resource/message/fr/app.basic.php (0 hunks)
• src/framework/resource/message/pt/app.basic.php (0 hunks)
• src/framework/resource/message/ru/app.basic.php (0 hunks)
• src/framework/resource/message/zh/app.basic.php (0 hunks)
• src/usecase/contact/ContactController.php (0 hunks)
• src/usecase/contact/ContactEvent.php (0 hunks)
• src/usecase/contact/ContactForm.php (0 hunks)
• src/usecase/contact/IndexAction.php (0 hunks)
• src/usecase/contact/view/index.php (0 hunks)
• src/usecase/security/Identity.php (0 hunks)
• src/usecase/security/LoginAction.php (0 hunks)
• src/usecase/security/LoginForm.php (0 hunks)
• src/usecase/security/LogoutAction.php (0 hunks)
• src/usecase/security/SecurityController.php (0 hunks)
• src/usecase/security/view/login.php (0 hunks)
• src/usecase/site/AboutAction.php (0 hunks)
• src/usecase/site/SiteController.php (0 hunks)
• src/usecase/site/view/404.php (1 hunks)
• src/usecase/site/view/about.php (0 hunks)
• src/usecase/site/view/index.php (1 hunks)
• tests/Acceptance/AboutCest.php (0 hunks)
• tests/Acceptance/ContactCest.php (0 hunks)
• tests/Functional/ContactCest.php (0 hunks)
• tests/Unit/ContactControllerTest.php (0 hunks)
• tests/Unit/IdentityTest.php (0 hunks)
• web/index.php (1 hunks)

💤 Files with no reviewable changes (34)

• src/framework/resource/layout/footer.php
• src/framework/resource/message/pt/app.basic.php
• src/framework/resource/message/en/app.basic.php
• src/framework/resource/layout/component/toggle_language.php
• tests/Unit/ContactControllerTest.php
• composer.json
• src/usecase/site/view/about.php
• src/usecase/site/SiteController.php
• package.json
• src/usecase/contact/ContactController.php
• tests/Acceptance/AboutCest.php
• src/usecase/security/LoginAction.php
• src/usecase/contact/IndexAction.php
• tests/Functional/ContactCest.php
• src/usecase/security/LogoutAction.php
• src/usecase/security/view/login.php
• src/framework/resource/css/site.css
• tests/Unit/IdentityTest.php
• src/usecase/security/SecurityController.php
• src/framework/asset/LocaleAsset.php
• src/framework/resource/message/ru/app.basic.php
• src/framework/resource/message/es/app.basic.php
• src/usecase/contact/ContactEvent.php
• src/framework/resource/message/zh/app.basic.php
• src/usecase/site/AboutAction.php
• src/usecase/contact/view/index.php
• src/framework/resource/message/de/app.basic.php
• config/web/components.php
• src/usecase/security/Identity.php
• src/framework/event/ContactEventHandler.php
• src/usecase/security/LoginForm.php
• src/framework/resource/message/fr/app.basic.php
• src/usecase/contact/ContactForm.php
• tests/Acceptance/ContactCest.php

🧰 Additional context used

🧬 Code graph analysis (3)

src/framework/resource/layout/component/menu.php (1)

src/framework/ApplicationParameters.php (2)

• ApplicationParameters (19-46)
• getMenuIsGuest (34-45)

config/console/app.php (1)

src/usecase/hello/HelloController.php (1)

• HelloController (9-17)

config/web/app.php (1)

src/usecase/site/SiteController.php (1)

• SiteController (11-34)

🪛 LanguageTool

README.md

[grammar] ~221-~221: There might be a mistake here.
Context: ...mages/404.png)** - Custom error handling - **[404 Error Page Dark](docs/images/404-dar...

(QB_NEW_EN)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: codeception / PHP 8.2-windows-latest
• GitHub Check: codeception / PHP 8.3-windows-latest
• GitHub Check: codeception / PHP 8.4-windows-latest
• GitHub Check: codeception / PHP 8.1-windows-latest

🔇 Additional comments (13)

src/framework/asset/AppAsset.php (2)

7-8: Imports grouped cleanly

Consolidating imports improves readability and keeps namespace usage consistent.

---

16-21: No change needed: custom BootstrapIconAsset exists
BootstrapIconAsset is defined in src/framework/asset/BootstrapIconAsset.php under the same namespace, so BootstrapIconAsset::class resolves correctly at runtime.

Likely an incorrect or invalid review comment.

src/framework/resource/layout/main.php (1)

9-9: FQCN in PHPDoc for $this is correct and consistent

Using @var yii\web\View $this avoids import churn and matches the pattern used in head.php.

src/framework/resource/layout/head.php (1)

5-5: Import trimming is fine

Keeping only yii\helpers\Html is sufficient here.

src/framework/ApplicationParameters.php (1)

7-8: Import looks correct

Needed for Yii::t usage below.

src/framework/resource/layout/component/menu.php (1)

6-6: Grouped import LGTM

Clean and idiomatic use of group use.

config/console/app.php (1)

21-21: Controller map simplification looks good.

Mapping only 'hello' → HelloController is clean and sufficient.

.gitattributes (1)

1-2: Confirm enforcing LF on all text files is acceptable for Windows contributors.

This forces LF on checkout; ensure your team intends to avoid CRLF on Windows.

web/index.php (1)

5-10: vlucas/phpdotenv is already required — found in composer.json (v^5.6) and confirmed in composer.lock, no action needed.

config/web/modules.php (1)

5-18: Approve debug & gii modules behind YII_ENV_DEV
Dependencies yiisoft/yii2-debug and yiisoft/yii2-gii are listed in composer.json.

config/web/app.php (3)

26-26: Bootstrap config is fine.

Keeping only 'log' by default is appropriate.

---

28-30: Controller map looks correct.

Inline SiteController mapping is clear.

---

37-41: Dev bootstrap of debug/gii is correct given modules.php gating.

No action needed.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

tests/_envs/php-builtin.yml (1)

5-5: Bump the startup delay to reduce CI flakiness.

One second can be tight on shared runners; consider 2–3s.

Example:

-            sleep: 1
+            sleep: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 81a9d16 and 8f9ea24.

📒 Files selected for processing (2)

• config/web/components.php (0 hunks)
• tests/_envs/php-builtin.yml (1 hunks)

💤 Files with no reviewable changes (1)

• config/web/components.php

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (133fe9c) to head (484d2fa).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@             Coverage Diff              @@
##                main      #129    +/-   ##
============================================
  Coverage     100.00%   100.00%            
+ Complexity        36         7    -29     
============================================
  Files             23        12    -11     
  Lines            621       177   -444     
============================================
- Hits             621       177   -444     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

config/web/components.php (1)

25-27: Extract cookieValidationKey from environment and preserve CSRF in dev

• In config/web/components.php (around line 25), replace
  'cookieValidationKey' => 'your-cookie-validation-key'
  with
  'cookieValidationKey' => getenv('APP_COOKIE_VALIDATION_KEY') ?: ''
  to avoid shipping a fixed secret in VCS.
• Change
  'enableCsrfValidation' => YII_ENV_DEV === false
  to
  'enableCsrfValidation' => !defined('YII_ENV_TEST') || YII_ENV_TEST === false
  so CSRF remains enabled in development and is only disabled during automated tests.

Ensure APP_COOKIE_VALIDATION_KEY is set in your environment (e.g. .env or secret store); an empty value will cause the application to refuse startup.

🧹 Nitpick comments (5)

src/framework/ApplicationParameters.php (1)

28-29: Use the core ‘yii’ category or a plain string for the Home label
ApplicationParameters::getMenuIsGuest still calls Yii::t('app.basic', 'Home'). Although app.basic is registered in config/web/components.php, there are no message files under messages/app.basic.php, so it always silently falls back. Change to:

-                'label' => Yii::t('app.basic', 'Home'),
+                'label' => Yii::t('yii', 'Home'),

or, if you’re trimming i18n entirely:

-                'label' => Yii::t('app.basic', 'Home'),
+                'label' => 'Home',

Nav::widget ignores any extra keys (order/category/linkAttributes), so no renderer changes are needed.

src/usecase/site/SiteController.php (1)

22-22: Optional: prefer conventional 'error' route id.

Using 'error' instead of numeric '404' is more idiomatic in Yii and avoids surprises in route filters or tooling. Change only if you don’t rely on 'site/404' elsewhere.

- '404' => ['class' => ErrorAction::class],
+ 'error' => ['class' => ErrorAction::class],

If applied, also update errorHandler.errorAction to 'site/error'.

config/web/app.php (2)

29-30: Simplify controllerMap entry to match console style.

No extra options used; you can reference the class directly.

- 'site' => ['class' => SiteController::class],
+ 'site' => SiteController::class,

---

37-41: Guard debug/gii bootstrapping with module presence.

If modules.php doesn’t define these, bootstrapping will fail in dev.

-if (YII_ENV_DEV) {
-    // configuration adjustments for 'dev' environment
-    $config['bootstrap'][] = 'debug';
-    $config['bootstrap'][] = 'gii';
-}
+if (YII_ENV_DEV) {
+    // bootstrap only if the modules are configured
+    if (isset($config['modules']['debug'])) {
+        $config['bootstrap'][] = 'debug';
+    }
+    if (isset($config['modules']['gii'])) {
+        $config['bootstrap'][] = 'gii';
+    }
+}

Would you like me to move all dev-only wiring into modules.php to centralize environment gating?

config/console/app.php (1)

15-18: Define ‘@root’ alias in console config for parity with web config
Add the following in config/console/app.php to align with docs and web settings and avoid surprises if shared code uses ‘@root’:

 return [
     'id' => 'console.basic',
     'basePath' => dirname(__DIR__, 2),
+    'aliases' => [
+        '@root' => dirname(__DIR__, 2),
+    ],
     'bootstrap' => ['log'],
     'components' => $components,
     'controllerMap' => ['hello' => HelloController::class],
     'params' => $params,
 ];

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between f439a44 and 226a3c5.

📒 Files selected for processing (6)

• config/console/app.php (1 hunks)
• config/web/app.php (1 hunks)
• config/web/components.php (1 hunks)
• src/framework/ApplicationParameters.php (2 hunks)
• src/usecase/site/SiteController.php (1 hunks)
• tests/Functional/SiteCest.php (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• tests/Functional/SiteCest.php

🧰 Additional context used

🧬 Code graph analysis (2)

config/console/app.php (1)

src/usecase/hello/HelloController.php (1)

• HelloController (9-17)

config/web/app.php (1)

src/usecase/site/SiteController.php (1)

• SiteController (11-32)

🔇 Additional comments (3)

src/framework/ApplicationParameters.php (1)

7-8: Import of Yii is appropriate within a namespaced class.

Using use Yii; keeps calls concise (Yii::t(...)). No issues.

src/usecase/site/SiteController.php (1)

22-22: Consistent error action mapping.

'404' is correctly wired to ErrorAction and aligns with errorHandler config. LGTM.

config/web/components.php (1)

12-13: Add baseUrl to AssetManager configuration

 'assetManager' => [
     'basePath' => '@root/web/assets',
+    'baseUrl'  => '@web/assets',
 ],

Verify that the @web alias is defined before this config is loaded (e.g., in your entry script). If it isn’t, either define it early or use an absolute URL (such as /assets).

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

src/framework/resource/layout/main.php (1)

21-23: Confirm flash/alert handling after layout cleanup

The layout no longer renders an alert/messages component. If the app still sets session flashes (e.g., success/error notices), ensure they’re surfaced somewhere else; otherwise users won’t see feedback. If needed, I can propose a minimal inline flash block.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 226a3c5 and d1d01cd.

📒 Files selected for processing (2)

• src/framework/resource/layout/component/alert.php (0 hunks)
• src/framework/resource/layout/main.php (1 hunks)

💤 Files with no reviewable changes (1)

• src/framework/resource/layout/component/alert.php

🔇 Additional comments (2)

src/framework/resource/layout/main.php (2)

9-9: Docblock FQN for View looks good

Using a fully-qualified type in the PHPDoc removes the need for an import and is clear for static analyzers.

---

13-19: Layout bootstrapping order is correct

AppAsset registration before beginPage/beginBody and the head partial render sequence look proper.

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (3)

docs/installation.md (1)

107-116: Include a router script parameter for php -S to support pretty URLs
Update Method 1 in docs/installation.md to route all requests through web/index.php:

- php -S localhost:8080 -t web
+ php -S localhost:8080 -t web web/index.php

docs/configuration.md (2)

123-151: Early return makes dev bootstrap unreachable

You return the array immediately, then try to append debug/gii and return $config. This snippet, as written, won’t work.

-return [
+ $config = [
     'id' => 'web.basic',
     'aliases' => [
         '@root' => $rootDir,
         '@npm' => '@root/node_modules',
         '@bower' => '@npm',
         '@resource' => '@root/src/framework/resource',
         '@runtime' => '@root/runtime',
     ],
     'basePath' => $rootDir,
     'bootstrap' => ['log'],
     'components' => $components,
     'controllerMap' => [
         'site' => ['class' => SiteController::class],
     ],
     'language' => 'en-US',
     'modules' => $modules,
     'name' => 'Web application basic',
     'params' => $params,
-];
+];
 
 if (YII_ENV_DEV) {
     // configuration adjustments for 'dev' environment
     $config['bootstrap'][] = 'debug';
     $config['bootstrap'][] = 'gii';
 }
 
 return $config;

---

172-177: Correct i18n basePath to match configured messagePath

In the docs/configuration.md translation block, set basePath to the singular directory (@resource/message) to align with the messagePath configuration:

 'i18n' => [
     'translations' => [
         'app.basic' => [
             'class' => PhpMessageSource::class,
-            'basePath' => '@resource/messages',
+            'basePath' => '@resource/message',
         ],
     ],
 ],

🧹 Nitpick comments (7)

docs/installation.md (2)

59-60: Use safer, cross-env directory permissions

Avoid broad 775 without ensuring ownership. Recommend explicit create + user/group perms to prevent writable-by-others and CI flakiness.

-chmod 775 web/assets runtime tests/_output
+mkdir -p web/assets runtime tests/_output
+# Adjust www-data:www-data to your web server user/group (e.g., apache:apache)
+chown -R www-data:www-data web/assets runtime || true
+chmod -R ug+rwX,o-rwx web/assets runtime
+# Keep tests output writable for your user/group
+chmod -R ug+rwX tests/_output

---

66-73: Harden Apache rules and support subdir installs

Add common hardening and avoid rewriting index.php requests; “RewriteBase” helps when the app isn’t at web root.

-Create `web/.htaccess`.
+Create `web/.htaccess`.

 ```apache
-RewriteEngine on
-RewriteCond %{REQUEST_FILENAME} !-f
-RewriteCond %{REQUEST_FILENAME} !-d
-RewriteRule . index.php
+RewriteEngine On
+Options -Indexes
+# If your app is served from a subdirectory, set the path here:
+RewriteBase /
+# Don't rewrite direct calls to index.php
+RewriteRule ^index\.php$ - [L]
+# Route non-existing files/dirs to index.php
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteRule . index.php [L]

</blockquote></details>
<details>
<summary>README.md (4)</summary><blockquote>

`28-32`: **Add loading/decoding hints to the hero image**

Minor UX win to reduce CLS and speed up rendering.


```diff
-    <img src="docs/images/home.png" alt="Web Application Basic">
+    <img src="docs/images/home.png" alt="Web Application Basic" loading="lazy" decoding="async">

---

12-17: Verify the “Yii2 22” badge/link

“22” looks non-standard for Yii2 versioning and the link may 404. Consider keeping only the stable 2.0.x badge or correcting the target.

-    <a href="https://github.com/yiisoft/yii2/tree/22.0" target="_blank">
-        <img src="https://img.shields.io/badge/Yii2%20-22-blue" alt="Yii2 22.0">
-    </a>
+    <!-- Verify existence of a 2.2 branch before re-adding an updated badge -->

---

182-186: Remove About action from example if page is no longer shipped

Keep examples aligned with included pages.

     public function actionIndex(): string
     {
         return $this->render('index');
     }
-    
-    public function actionAbout(): string
-    {
-        return $this->render('about');
-    }

---

221-222: Tighten screenshot labels

Minor copy tweak for consistency; LanguageTool also flagged this line.

-- **[404 Error Page](docs/images/404.png)** - Custom error handling
-- **[404 Error Page Dark](docs/images/404-dark.png)** - Custom error handling
+- **[404 page (light)](docs/images/404.png)** – Custom error page
+- **[404 page (dark)](docs/images/404-dark.png)** – Custom error page

docs/configuration.md (1)

179-182: Keep CSRF enabled in dev to catch issues early

Disabling CSRF in dev can hide bugs; defaults are secure and developer-friendly.

-    'request' => [
-        'cookieValidationKey' => 'your-cookie-validation-key',
-        'enableCsrfValidation' => YII_ENV_DEV === false,
-    ],
+    'request' => [
+        'cookieValidationKey' => 'your-cookie-validation-key',
+        // Keep CSRF enabled in all envs; override per need in local config.
+        'enableCsrfValidation' => true,
+    ],

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between d1d01cd and 7b02356.

📒 Files selected for processing (3)

• README.md (4 hunks)
• docs/configuration.md (4 hunks)
• docs/installation.md (3 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-08-30T20:31:14.913Z

Learnt from: terabytesoftw
PR: yii2-extensions/app-basic#129
File: tests/_envs/php-builtin.yml:4-4
Timestamp: 2025-08-30T20:31:14.913Z
Learning: Yii2 framework doesn't require separate router scripts for PHP's built-in server. Yii2 handles routing through URL rules in configuration files and controller/action mapping conventions, not separate route definition files. If tests pass with the built-in server setup, additional router scripts are unnecessary.

Applied to files:

• docs/installation.md
• README.md

📚 Learning: 2025-08-30T20:39:38.520Z

Learnt from: terabytesoftw
PR: yii2-extensions/app-basic#129
File: config/console/app.php:17-18
Timestamp: 2025-08-30T20:39:38.520Z
Learning: Yii2 provides a built-in `yii serve` command by default that doesn't require custom ServeController configuration in the controllerMap. When custom ServeController entries are removed from console configuration, the default Yii2 serve functionality remains available and documentation should be updated to reflect configuration changes rather than removing serve command references entirely.

Applied to files:

• docs/configuration.md
• README.md

🪛 LanguageTool

README.md

[grammar] ~221-~221: There might be a mistake here.
Context: ...mages/404.png)** - Custom error handling - **[404 Error Page Dark](docs/images/404-dar...

(QB_NEW_EN)

🔇 Additional comments (7)

docs/installation.md (1)

83-84: LGTM: Nginx root now points to web/

Root path matches the new document root. Consistent with the rest of the PR.

README.md (3)

160-161: LGTM: Project tree reflects web/ as document root

Matches the move from public/ to web/.

---

87-92: Ignore router script addition
Yii2’s built-in PHP server handles routing via its URL rules and controller/action conventions—no separate router script is needed (see tests/_envs/php-builtin.yml using php -S … -t web without web/index.php).

Likely an incorrect or invalid review comment.

---

39-47: Update README features list to match code changes

• Contact form, “about” page, security features (CSRF protection), and SSL support (mkcert) appear removed—please verify their removal in the codebase and remove or update these bullets accordingly.

docs/configuration.md (3)

166-168: LGTM: asset basePath moved to web/assets

Matches the new web root and avoids stale public/ paths.

---

194-215: LGTM: Dev-only modules via modules.php

Returning [] outside dev keeps prod clean; bootstrap append in app.php (once fixed) will activate them.

---

95-99: Console config simplification looks good

Minimal bootstrap and controller map are appropriate.