fix: autoreload stuff in case if frontend build is changed

[HardMax71]

---

Summary by cubic

Ensure users always load the latest frontend after deploy by hashing assets and generating index.html with correct hashed references. Removes build caching and cleans old files to prevent stale bundles and enable auto-reload.

• Refactors

  • Generate index.html via Rollup from src/index.html and emit it to public; ignore public/index.html in git.
  • Output hashed JS chunks and a hashed CSS bundle to public/build; clean public/build on production builds.
  • Inject script/style tags via Rollup to reference hashed assets.
  • Remove long-lived caching for /build in nginx; keep HTML non-cached.

• Dependencies

  • Added @rollup/plugin-html and rollup-plugin-cleandir (dev).

^{Written for commit d0b485b. Summary will update on new commits.}

Summary by CodeRabbit

• Chores

  • Updated build tooling and dependencies to modernize the asset pipeline.

• Build & Deployment

  • Switched to content-hashed asset names for reliable cache busting.
  • Stopped long-term caching for the build assets to ensure timely updates.
  • Enabled dynamic injection of built assets into generated HTML during the build.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 87570d77-da49-4f33-82e6-8dc7de33c399

📥 Commits

Reviewing files that changed from the base of the PR and between 9019333 and d0b485b.

📒 Files selected for processing (1)

• frontend/rollup.config.js

🚧 Files skipped from review as they are similar to previous changes (1)

• frontend/rollup.config.js

---

📝 Walkthrough

Walkthrough

The frontend build was reworked: Rollup plugins were added to auto-generate HTML and hash CSS/assets, build outputs moved/renamed, manual asset tags removed from the source HTML, nginx long-cache for /build/ was removed, and public/index.html was added to .gitignore.

Changes

Cohort / File(s)	Summary
Build Config & Plugins frontend/rollup.config.js, frontend/package.json	Added Rollup plugins (@rollup/plugin-html, rollup-plugin-cleandir), switched outputs to public with hashed filenames in production, added cleandir hook, and introduced a post-bundle CSS-hash step to rename build/bundle.css to build/bundle-<hash>.css.
Source HTML frontend/src/index.html	Removed manual <link>/<script> references to /build/bundle.css and /build/main.js; asset injection is now handled by Rollup HTML plugin.
Server config & VCS frontend/nginx.conf.template, frontend/.gitignore	Removed the long-expiry caching block for /build/ in nginx template. Added public/index.html to .gitignore.

Sequence Diagram(s)

sequenceDiagram
    participant Dev as Developer/CI
    participant Rollup as Rollup Build
    participant Plugins as Plugins (cleandir, css-hash, html)
    participant Out as public/ (build artifacts)
    participant Nginx as nginx (runtime)
    Dev->>Rollup: start build (dev/prod)
    Rollup->>Plugins: run plugins during bundle
    Plugins-->>Rollup: cleandir removes old public/build (generateBundle)
    Rollup->>Out: emit JS chunks and `build/bundle.css`
    Plugins->>Rollup: css-hash renames CSS to `build/bundle-<hash>.css` and updates bundle references
    Plugins->>Out: html plugin generates `public/index.html` with injected CSS link and CSP-nonce script tag
    Out->>Nginx: served at runtime with updated caching rules (no 1y /build/ expiry)
    Nginx->>Browser: clients fetch hashed assets

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• feat: deploy for frontend - unified across local and prod #183: Modifies frontend/nginx.conf.template and related nginx config; touches the same nginx caching area as this change.

Poem

🐇 I hashed my carrots, I rolled them round,

Build-time hop! — no tags to be found.
HTML sprouts where plugins play,
Nginx breathes lighter, caches sway.
A tumble of files, a tidy delight. 🥕✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'fix: autoreload stuff in case if frontend build is changed' uses vague language ('stuff') and is grammatically awkward, making it unclear what the actual change accomplishes despite relating to the changeset.	Revise the title to be more specific and grammatically clear, such as 'fix: add asset fingerprinting and auto-reload support after frontend builds' or 'fix: implement cache-busting for frontend assets via content hashing'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/mandatory-update-after-deploy

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cubic-dev-ai]

No issues found across 7 files

[codecov-commenter]

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

✅ All modified and coverable lines are covered by tests.
❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Flag	Coverage Δ
backend-e2e	83.22% <ø> (+0.01%)	⬆️
backend-unit	67.91% <ø> (ø)
frontend-unit	86.17% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
Backend	90.07% <ø> (ø)
Frontend	86.17% <ø> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Copilot]

Pull request overview

This PR updates the frontend build output to generate an index.html that references content-hashed JS/CSS assets, preventing stale client caches when the frontend build changes.

Changes:

• Add an src/index.html template and generate public/index.html via Rollup (@rollup/plugin-html) with injected hashed asset URLs.
• Move Rollup output to public/ with build/ subpaths, introduce CSS content-hashing, and clean public/build on production builds.
• Update nginx caching rules and ignore generated public/index.html.

Reviewed changes

Copilot reviewed 5 out of 6 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
frontend/src/index.html	Adds the HTML template that Rollup uses to generate the final public/index.html.
frontend/rollup.config.js	Generates HTML with correct asset URLs, adds hashed output naming, and cleans build artifacts.
frontend/public/index.html	Updated to hashed asset URLs (appears to be generated build output).
frontend/package.json	Adds build-time dependencies for HTML generation/cleaning.
frontend/package-lock.json	Locks newly added build-time dependencies.
frontend/nginx.conf.template	Removes redundant /build/ caching block (static asset caching still handled via extension-based rule).
frontend/.gitignore	Ignores public/index.html (intended to be generated).

Files not reviewed (1)

• frontend/package-lock.json: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

🧹 Nitpick comments (4)

frontend/rollup.config.js (4)

220-233: LGTM! The HTML template plugin correctly injects hashed CSS and JS references with CSP nonce support.

One minor observation: if src/index.html is missing </head> or </body> tags, the injection silently does nothing. Consider adding a warning for easier debugging:

Optional: Add warnings for missing injection points

                 if (cssAsset) {
+                    if (!tmpl.includes('</head>')) {
+                        console.warn('Warning: </head> not found in template, CSS not injected');
+                    }
                     tmpl = tmpl.replace('</head>', `    <link rel="stylesheet" href="/${cssAsset.fileName}">\n</head>`);
                 }
                 if (entryChunk) {
+                    if (!tmpl.includes('</body>')) {
+                        console.warn('Warning: </body> not found in template, script not injected');
+                    }
                     tmpl = tmpl.replace('</body>', `    <script nonce="**CSP_NONCE**" type="module" src="/${entryChunk.fileName}"></script>\n</body>`);
                 }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/rollup.config.js` around lines 220 - 233, The template function
currently does silent no-ops if src/index.html lacks </head> or </body>; update
the html plugin's template({ bundle }) to detect missing injection anchors and
log warnings: after reading tmpl and computing cssAsset and entryChunk, check
tmpl.includes('</head>') and tmpl.includes('</body>') and call console.warn (or
use the rollup plugin logger) with clear messages referencing cssAsset.fileName
and entryChunk.fileName so developers know which injection failed; keep the
existing injection logic (replace) intact and only emit warnings when the
corresponding tag is absent.

---

141-142: Minor inconsistency: chunks always use hashes, entry files only in production.

In development mode, entryFileNames produces build/[name].js (no hash) while chunkFileNames produces build/[name]-[hash].js (with hash). This inconsistency is unlikely to cause functional issues, but you may want to align them for consistency:

Optional: Consistent hashing strategy

         entryFileNames: production ? 'build/[name]-[hash].js' : 'build/[name].js',
-        chunkFileNames: 'build/[name]-[hash].js',
+        chunkFileNames: production ? 'build/[name]-[hash].js' : 'build/[name].js',

This would give stable chunk filenames during development, which may improve dev server caching.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/rollup.config.js` around lines 141 - 142, entryFileNames is
conditional on the production flag while chunkFileNames always includes a hash,
causing inconsistent filenames between entries and chunks in dev; update the
rollup config so both entryFileNames and chunkFileNames use the same hashing
strategy based on the production variable (e.g., make chunkFileNames conditional
on production or add hashes to entryFileNames when production is false) by
editing the entryFileNames and/or chunkFileNames settings in the rollup config
to reference the production flag consistently.

---

11-11: Prefer node: protocol for Node.js built-in modules.

Using the node: prefix makes it explicit that this is a built-in module, improves readability, and follows modern Node.js conventions.

Suggested fix

-import crypto from 'crypto';
+import crypto from 'node:crypto';

For consistency, consider also updating the other Node.js built-ins:

-import fs from 'fs';
-import https from 'https';
-import path from 'path';
+import fs from 'node:fs';
+import https from 'node:https';
+import path from 'node:path';

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/rollup.config.js` at line 11, The import of the Node.js built-in in
rollup.config.js uses the bare specifier "crypto"; update the import to use the
node: protocol (e.g., replace the import statement that references 'crypto' with
one that references 'node:crypto') and likewise update any other imports of
Node.js built-ins in this file to their node:... equivalents to follow modern
Node.js conventions and improve clarity.

---

207-207: Consider using buildStart hook for cleaning.

The generateBundle hook means old build artifacts remain on disk until new ones are about to be written. Using buildStart would clean the directory at the beginning of the build, which is typically the expected behavior and ensures a truly clean state before generating new files.

Suggested change

-        production && cleandir('public/build', { hook: 'generateBundle' }),
+        production && cleandir('public/build', { hook: 'buildStart' }),

However, generateBundle may be intentional if you want to preserve old files during watch mode rebuilds until new files are ready. If that's the case, this is fine as-is.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/rollup.config.js` at line 207, The current Rollup plugin invocation
uses cleandir(..., { hook: 'generateBundle' }) which delays cleaning until
generateBundle; change the hook option to 'buildStart' so the cleandir call (the
production && cleandir(...) entry in rollup.config.js) runs at the start of the
build and removes old artifacts before file generation; update the option value
from 'generateBundle' to 'buildStart' on the cleandir call to implement this
behavior (leave as-is only if you intentionally need to preserve old files
during watch-mode rebuilds).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@frontend/rollup.config.js`:
- Around line 220-233: The template function currently does silent no-ops if
src/index.html lacks </head> or </body>; update the html plugin's template({
bundle }) to detect missing injection anchors and log warnings: after reading
tmpl and computing cssAsset and entryChunk, check tmpl.includes('</head>') and
tmpl.includes('</body>') and call console.warn (or use the rollup plugin logger)
with clear messages referencing cssAsset.fileName and entryChunk.fileName so
developers know which injection failed; keep the existing injection logic
(replace) intact and only emit warnings when the corresponding tag is absent.
- Around line 141-142: entryFileNames is conditional on the production flag
while chunkFileNames always includes a hash, causing inconsistent filenames
between entries and chunks in dev; update the rollup config so both
entryFileNames and chunkFileNames use the same hashing strategy based on the
production variable (e.g., make chunkFileNames conditional on production or add
hashes to entryFileNames when production is false) by editing the entryFileNames
and/or chunkFileNames settings in the rollup config to reference the production
flag consistently.
- Line 11: The import of the Node.js built-in in rollup.config.js uses the bare
specifier "crypto"; update the import to use the node: protocol (e.g., replace
the import statement that references 'crypto' with one that references
'node:crypto') and likewise update any other imports of Node.js built-ins in
this file to their node:... equivalents to follow modern Node.js conventions and
improve clarity.
- Line 207: The current Rollup plugin invocation uses cleandir(..., { hook:
'generateBundle' }) which delays cleaning until generateBundle; change the hook
option to 'buildStart' so the cleandir call (the production && cleandir(...)
entry in rollup.config.js) runs at the start of the build and removes old
artifacts before file generation; update the option value from 'generateBundle'
to 'buildStart' on the cleandir call to implement this behavior (leave as-is
only if you intentionally need to preserve old files during watch-mode
rebuilds).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: bac4b4c3-5123-487a-9d2a-226150e641b8

📥 Commits

Reviewing files that changed from the base of the PR and between b3d6937 and 9019333.

⛔ Files ignored due to path filters (1)

• frontend/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (5)

• frontend/.gitignore
• frontend/nginx.conf.template
• frontend/package.json
• frontend/rollup.config.js
• frontend/src/index.html

💤 Files with no reviewable changes (2)

• frontend/nginx.conf.template
• frontend/src/index.html

[sonarqubecloud]

Quality Gate passed

Issues
2 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud