feat: initialize game-app with Vite and React setup

- Added package.json with dependencies for React, Vite, and testing libraries.
- Included Vite logo SVG in public directory.
- Created App component with basic structure and state management.
- Added CSS styles for layout and animations.
- Implemented unit tests for App component using Vitest and Testing Library.
- Configured TypeScript with strict settings and project references.
- Set up Vite configuration for development and testing environments.
- Included setup for Vitest with custom matchers and cleanup after tests.

Author: pethers

.devcontainer/init-xvfb.sh

@@ -0,0 +1,25 @@
+# Copilot Instructions
+
+## Coding Guidelines
+
+- **Strict Typing:**
+  - _Use explicit types and interfaces; avoid `any` (use `unknown` if needed)_.
+  - _Leverage utility types (Pick, Omit, Partial) and always define return types_.
+  - _Enable TypeScript's strict options in `tsconfig.json` (e.g., `strictNullChecks`, `noImplicitAny`)_.
+
+## Testing Guidelines
+
+- **Vite & Vitest Integration:**
+  - Configure Vite and Vitest for fast feedback and native ESM support.
+  - Separate unit and integration tests, leveraging Vite's watch mode and coverage tools.
+  - Mock external dependencies using existing helpers with proper TypeScript typings.
+- **Quality Standards:**
+  - Aim for a minimum of 80% code coverage.
+  - Write tests for critical business logic and security paths.
+
+## Summary
+
+Focus on stability, strict TypeScript usage, and Vite-enhanced testing while reusing existing code.
+This dev container includes an up-to-date version of Git, built from source as needed, pre-installed and available on the `PATH`.
+This dev container includes `node`, `npm` and `eslint` pre-installed and available on the `PATH` for Node.js and JavaScript development.
+This dev container includes the GitHub CLI (`gh`), which is pre-installed and available on the `PATH`. IMPORTANT: `gh api -f` does not support object values, use multiple `-f` flags with hierarchical keys and string values instead. When using GitHub actions `actions/upload-artifact` or `actions/download-artifact` use v4 or later.

.github/copilot-instructions.md

@@ -0,0 +1,201 @@
+name: Test and Report
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+
+# Set default permissions to read-only
+permissions: read-all
+
+jobs:
+  prepare:
+    runs-on: ubuntu-latest
+    # Only needs read permissions
+    permissions:
+      contents: read # Required to check out code
+    steps:
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        with:
+          egress-policy: audit
+
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        with:
+          node-version: "24"
+          cache: "npm"
+
+      - name: Setup display and dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y xvfb libgtk2.0-0 libgtk-3-0 libgbm-dev libnotify-dev libnss3 libxss1 libasound2t64 libxtst6 xauth
+          sudo mkdir -p /var/run/dbus
+          sudo dbus-daemon --system --fork
+
+      - name: Cache dependencies
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+        with:
+          path: ~/.npm
+          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          restore-keys: |
+            ${{ runner.os }}-node-
+
+      - name: Install dependencies
+        run: npm install
+
+      - name: Cache Cypress binary
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+        with:
+          path: ~/.cache/Cypress
+          key: cypress-${{ runner.os }}-${{ hashFiles('**/package.json') }}
+
+      - name: Verify Cypress
+        run: npx cypress verify
+
+  build-validation:
+    needs: prepare
+    runs-on: ubuntu-latest
+    # Needs write permissions to upload artifacts
+    permissions:
+      contents: write # Required to check out code
+      actions: read # Required to use GitHub actions
+      id-token: write # Required for attestation
+      pull-requests: write # Required to upload artifacts (implicit permission)
+    steps:
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        with:
+          egress-policy: audit
+
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        with:
+          node-version: "24"
+          cache: "npm"
+
+      - name: Cache dependencies
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+        with:
+          path: ~/.npm
+          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          restore-keys: |
+            ${{ runner.os }}-node-
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build application
+        run: npm run build
+
+      - name: Upload build artifacts
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        with:
+          name: build-output
+          path: build
+          if-no-files-found: error
+
+  unit-tests:
+    needs: [prepare, build-validation]
+    runs-on: ubuntu-latest
+    # Needs write permissions to upload artifacts
+    permissions:
+      contents: write # Required to check out code
+      actions: read # Required to use GitHub actions
+      checks: write # Required to upload artifacts (implicit permission)
+    steps:
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        with:
+          egress-policy: audit
+
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        with:
+          node-version: "24"
+          cache: "npm"
+
+      - name: Install dependencies
+        run: npm install
+
+      - name: Run unit tests with coverage
+        run: xvfb-run --auto-servernum npm run test:ci
+        env:
+          JEST_JUNIT_OUTPUT_DIR: "coverage"
+          JEST_JUNIT_OUTPUT_NAME: "junit.xml"
+
+      - name: Upload coverage report
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        with:
+          name: coverage-report
+          path: coverage
+          if-no-files-found: error
+
+  e2e-tests:
+    needs: [prepare, build-validation]
+    runs-on: ubuntu-latest
+    # Needs write permissions to upload artifacts
+    permissions:
+      contents: write # Required to check out code
+      actions: read # Required to use GitHub actions
+      checks: write # Required to upload artifacts (implicit permission)
+      pull-requests: write
+    steps:
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        with:
+          egress-policy: audit
+
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        with:
+          node-version: "24"
+          cache: "npm"
+
+      - name: Install dependencies
+        run: npm install
+
+      - name: Start app and run Cypress tests
+        run: |
+          xvfb-run --auto-servernum --server-args="-screen 0 1280x720x24" npm run test:e2e
+        env:
+          CYPRESS_VIDEO: true
+
+      - name: Upload Cypress results
+        if: always()
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        with:
+          name: cypress-results
+          path: |
+            cypress/videos
+            cypress/screenshots
+            cypress/results
+
+  report:
+    needs: [unit-tests, e2e-tests]
+    runs-on: ubuntu-latest
+    if: always()
+    # Needs write permissions to upload artifacts
+    permissions:
+      contents: write # Required to check out code
+      actions: read # Required to use GitHub actions
+      checks: write # Required to upload artifacts (implicit permission)
+    steps:
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        with:
+          egress-policy: audit
+
+      - name: Download all artifacts
+        uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
+        with:
+          path: artifacts
+
+      - name: Upload combined reports
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        with:
+          name: test-reports
+          path: |
+            coverage
+            artifacts/cypress-results