A comprehensive Next.js starter kit featuring 32 themes, PWA capabilities, component gallery, and extensive testing infrastructure.
- Main App: https://www.scripthammer.com/
- Storybook: https://www.scripthammer.com/storybook/
- Status Dashboard: https://www.scripthammer.com/status
- π¨ 32 DaisyUI Themes - Light/dark variants with persistent selection
- π± Progressive Web App - Installable with offline support
- 𧩠Component Library - Atomic design with Storybook documentation
- βΏ Accessibility - WCAG AA compliant, colorblind assistance
- π Privacy Compliance - GDPR-ready cookie consent system
- π§ͺ Testing Suite - Comprehensive unit tests with 58% coverage, E2E test suite, accessibility testing
- π Real-time Monitoring - Web Vitals, Lighthouse scores, health checks
- π CI/CD Pipeline - GitHub Actions with automated deployment
- Next.js 15.5 / React 19 / TypeScript 5
- Tailwind CSS 4 + DaisyUI (beta)
- Vitest / Playwright / Pa11y
- Docker / GitHub Actions / pnpm 10.16.1
- Docker and Docker Compose installed
- Git configured
This project REQUIRES Docker for development to ensure consistency across all environments.
# 1. Use this template on GitHub (your project name is auto-detected!)
# 2. Clone YOUR new repository
git clone https://github.com/YOUR_USERNAME/YOUR_PROJECT_NAME.git
cd YOUR_PROJECT_NAME
# 3. Create and configure .env file (REQUIRED)
cp .env.example .env
# Edit .env to add your services (all optional except UID/GID):
# - Google Analytics ID
# - EmailJS/Web3Forms credentials
# - Calendar integration URLs
# - Author information
# See .env.example for all available options
# 4. Start Docker development environment
docker compose up # Start everything (first build takes 5-10 minutes)
# Development is now running at http://localhost:3000# Run commands inside container
docker compose exec scripthammer pnpm run dev # Dev server
docker compose exec scripthammer pnpm test # Run tests
docker compose exec scripthammer pnpm run storybook # Storybook
# Clean restart if needed
docker compose down
docker compose up --buildNOTE: Local pnpm/npm commands are NOT supported. All development MUST use Docker.
Add these secrets to your repository at Settings β Secrets and variables β Actions β Repository secrets.
These secrets are required for the build and deployment workflows to succeed:
| Secret | Description |
|---|---|
NEXT_PUBLIC_SUPABASE_URL |
Your Supabase project URL (e.g., https://abc123.supabase.co) |
NEXT_PUBLIC_SUPABASE_ANON_KEY |
Your Supabase anonymous/public key |
These secrets enable full E2E test coverage. Without them, E2E tests will be skipped or fail:
| Secret | Description |
|---|---|
SUPABASE_SERVICE_ROLE_KEY |
Service role key for admin operations in tests |
TEST_USER_PRIMARY_EMAIL |
Primary test user email (use Gmail plus alias: [email protected]) |
TEST_USER_PRIMARY_PASSWORD |
Primary test user password |
TEST_USER_SECONDARY_EMAIL |
Secondary test user for multi-user tests |
TEST_USER_SECONDARY_PASSWORD |
Secondary test user password |
TEST_USER_TERTIARY_EMAIL |
Tertiary test user for group chat tests |
TEST_USER_TERTIARY_PASSWORD |
Tertiary test user password |
TEST_EMAIL_DOMAIN |
Email domain for generated test emails (e.g., [email protected]) |
Note: Supabase validates email domains have MX records. Use Gmail plus aliases ([email protected]) instead of @example.com which is always blocked.
These customize the site appearance but aren't required for builds:
| Secret | Description |
|---|---|
NEXT_PUBLIC_AUTHOR_NAME |
Your display name |
NEXT_PUBLIC_AUTHOR_EMAIL |
Contact email |
NEXT_PUBLIC_AUTHOR_BIO |
Short biography |
NEXT_PUBLIC_AUTHOR_ROLE |
Job title/role |
NEXT_PUBLIC_AUTHOR_AVATAR |
Avatar image URL |
NEXT_PUBLIC_AUTHOR_GITHUB |
GitHub username |
NEXT_PUBLIC_AUTHOR_LINKEDIN |
LinkedIn profile URL |
NEXT_PUBLIC_AUTHOR_TWITTER |
Twitter/X handle |
NEXT_PUBLIC_AUTHOR_TWITCH |
Twitch username |
NEXT_PUBLIC_SITE_URL |
Production site URL |
NEXT_PUBLIC_DEPLOY_URL |
Custom deployment URL |
NEXT_PUBLIC_SOCIAL_PLATFORMS |
Comma-separated list of platforms |
| Secret | Description |
|---|---|
NEXT_PUBLIC_CALENDAR_PROVIDER |
Calendar service (e.g., calendly) |
NEXT_PUBLIC_CALENDAR_URL |
Calendar booking URL |
NEXT_PUBLIC_DISQUS_SHORTNAME |
Disqus comments integration |
NEXT_PUBLIC_PAGESPEED_API_KEY |
Google PageSpeed API key |
NEXT_PUBLIC_GA_MEASUREMENT_ID |
Google Analytics measurement ID |
| Secret | Description |
|---|---|
SUPABASE_ACCESS_TOKEN |
Personal access token for Management API |
SUPABASE_DB_PASSWORD |
Database password |
SUPABASE_PROJECT_REF |
Project reference ID |
Claude Code and SpecKit use a GitHub token for API access only (reading issues, creating issues). Git pushes use SSH authentication - keeping you in control of what gets committed.
-
Go to GitHub Token Settings (fine-grained tokens)
-
Configure the token:
- Token name:
ScriptHammerorClaude Code - Expiration: 90 days recommended
- Repository access: Select "Only select repositories" β choose your repository
- Token name:
-
Grant these read-only permissions:
Permission Access Used For Contents Read-only Reading files, checking status Issues Read & Write /speckit.taskstoissuescommandPull requests Read-only Viewing PR status Actions Read-only Checking CI status -
Click Generate token and copy it immediately (shown only once)
GitHub CLI:
gh auth login
# Choose: GitHub.com β SSH β Paste token for API accessGit pushes use SSH (your existing SSH key):
# Verify SSH is configured
ssh -T [email protected]
# Should show: Hi USERNAME! You've successfully authenticated...- You control commits - AI can't push without your SSH key
- API access only - Token reads issues, creates issues, checks CI
- No accidental pushes - All pushes require explicit user action
The quickest way to create your own project from ScriptHammer:
# 1. Fork and clone
gh repo fork TortoiseWolfe/ScriptHammer --clone
cd YourProjectName
# 2. Run the rebrand script (updates 200+ files automatically)
./scripts/rebrand.sh MyProject myusername "My awesome project description"
# 3. Create environment file
cp .env.example .env
# Edit .env with your UID/GID (run: id -u && id -g)
# 4. Start development
docker compose up -d
# 5. Verify everything works
docker compose exec myproject pnpm run build
docker compose exec myproject pnpm test
# 6. Commit and push
docker compose exec myproject git add -A
docker compose exec myproject git commit -m "Rebrand to MyProject"
git push# Preview changes without modifying files
./scripts/rebrand.sh MyProject myuser "Description" --dry-run
# Skip confirmation prompts
./scripts/rebrand.sh MyProject myuser "Description" --force
# Keep CNAME file (for custom domains)
./scripts/rebrand.sh MyProject myuser "Description" --keep-cnameFor detailed setup instructions, see docs/FORKING.md.
# Add upstream and pull changes
git remote add upstream https://github.com/TortoiseWolfe/ScriptHammer.git
git fetch upstream
git merge upstream/mainSee docs/FORKING.md for detailed sync instructions and docs/FORKING-FEEDBACK.md for manual fixes if merging fails.
The project automatically detects your repository name and owner from git remote URL at build time:
- Project name: Detected from repository name
- Owner: Detected from GitHub username
- Base path: Configured for GitHub Pages deployment
- PWA manifest: Generated with your project name
Troubleshooting:
- If auto-detection fails, ensure you have a git remote:
git remote -v - Override with environment variables in
.envif needed - Check
src/config/project-detected.tsafter build to see detected values
- Developer Guide: See CLAUDE.md for comprehensive development documentation
- Component Creation: docs/CREATING_COMPONENTS.md
- PRP/SpecKit Workflow: docs/prp-docs/SPECKIT-PRP-GUIDE.md - Quick reference for feature development
- Testing Guide: docs/project/TESTING.md
- Contributing: docs/project/CONTRIBUTING.md
- Security: docs/project/SECURITY.md
- Changelog: docs/project/CHANGELOG.md
For detailed tracking of E2E test fixes, helper patterns, and resolved issues, see docs/TECHNICAL-DEBT.md.
Run these specs in order (041 β 064). Copy a command to start the full SpecKit workflow.
SPEC-041: β COMPLETE - GitHub secrets verified configured (2025-12-26). E2E status: 298 passed, 19 failed, 12 flaky, 61 skipped (as of 2025-12-27).
SPEC-042: β INVALID - File is NOT obsolete. Analysis: tests/e2e/examples/homepage-with-pom.spec.ts has 5 working tests + 4 skipped (with documented reasons). It's in examples/ as a POM pattern teaching example. The 4 skips document former homepage features - this is valuable history, not technical debt.
SPEC-043: β
COMPLETE - Form honeypot fix merged (2025-12-26). Added isHoneypotField() helper to skip bot trap fields.
SPEC-044: β
COMPLETE - Accessibility contrast fix merged (2025-12-26). Changed text-base-content/40 to /60 in Footer.
SPEC-045: β COMPLETE - Already fixed in commit 2a8aa08 (2025-12-26). All 43 message-editing tests pass.
SPEC-046: β
COMPLETE - Payment isolation fix merged (2025-12-26). Added handlePaymentConsent() helper. All 24 tests pass.
SPEC-047: β COMPLETE - OAuth CSRF tests rewritten as proper security tests (2025-12-26).
SPEC-048: β COMPLETE - Theme/PWA tests fixed with flexible assertions (2025-12-26).
/speckit.workflow SPEC-049: Group Service Implementation - Complete 8 unimplemented methods in src/services/messaging/group-service.ts: addMembers (T043), getMembers (T074), removeMember (T060), leaveGroup (T061), transferOwnership (T062), upgradeToGroup (T054), renameGroup (T093), deleteGroup (T092). These methods throw "Not implemented" errors. Effort: 2-3 days.
/speckit.workflow SPEC-050: SEO Library Tests - Add unit tests for 4 untested SEO modules: src/lib/seo/readability.ts, keywords.ts, content.ts, technical.ts. Create src/lib/seo/__tests__/ directory. Effort: 4-6 hours.
/speckit.workflow SPEC-051: Blog Library Tests - Add unit tests for 3 untested blog modules: src/lib/blog/seo-analyzer.ts, toc-generator.ts, markdown-processor.ts. Create src/lib/blog/__tests__/ directory. Effort: 3-4 hours.
/speckit.workflow SPEC-052: Messaging Service Tests - Add unit tests for core messaging services: message-service.ts (1182 lines), key-service.ts, group-key-service.ts, and src/services/auth/audit-logger.ts. Effort: 1 day.
/speckit.workflow SPEC-053: Auth Component Test Expansion - Expand 6 auth component tests that have TODO comments: AuthGuard, SignUpForm, ResetPasswordForm, SignInForm, ProtectedRoute, ForgotPasswordForm. Effort: 4-6 hours.
/speckit.workflow SPEC-054: Payment Dashboard - Implement real-time payment dashboard with payment history table, recent transactions widget, and Supabase real-time updates. Unblocks 20 E2E tests. Effort: 2-3 days.
/speckit.workflow SPEC-055: Payment Offline Queue UI - Implement offline queue UI for payments with queue status indicator, pending payment list, and retry mechanism UI. Unblocks 18 E2E tests. Effort: 1 day.
/speckit.workflow SPEC-056: Payment Retry UI - Implement failed payment retry functionality with error display, retry button, payment method update flow, and retry confirmation. Unblocks 14 E2E tests. Effort: 1 day.
/speckit.workflow SPEC-057: PayPal Subscription Management - Implement subscription management with active subscriptions list, cancel/pause functionality, and billing cycle display. Unblocks 12 E2E tests. Effort: 2 days.
/speckit.workflow SPEC-058: Payment Security RLS - Implement payment table RLS policies in Supabase: payments table with user isolation, subscriptions table RLS, admin access policies. Unblocks 25 E2E tests. Effort: 1-2 days.
/speckit.workflow SPEC-059: Large Component Refactoring - Refactor 4 oversized components: CaptainShipCrew.tsx (560 lines, no memoization), GlobalNav.tsx (482 lines), AccountSettings.tsx (476 lines), MessageBubble.tsx (411 lines). Add React.memo/useMemo where appropriate. Effort: 2-3 days.
/speckit.workflow SPEC-060: Error Handler Integrations - Implement TODO integrations in src/utils/error-handler.ts: Add Sentry/LogRocket/DataDog logging (line 233), add toast notification system (line 252), remove console-only logging. Effort: 4-6 hours.
/speckit.workflow SPEC-061: ESLint Disable Cleanup - Review and document 11 eslint-disable comments across codebase. Add JSDoc explaining necessity, fix underlying issues where possible, remove unnecessary disables. Effort: 2-3 hours.
/speckit.workflow SPEC-062: Hardcoded UUID Fix - Fix hardcoded UUID '00000000-0000-0000-0000-000000000000' in src/lib/payments/offline-queue.ts:166. Replace with auth context user ID. Effort: 30 min.
/speckit.workflow SPEC-063: Disqus Theme Enhancement - Improve Disqus theme integration in src/components/molecular/DisqusComments.tsx. Map DaisyUI themes to Disqus color schemes, investigate CSS custom properties. Low priority UX improvement. Effort: 4-6 hours.
/speckit.workflow SPEC-064: Game Component A11y Tests - Expand 5 game component accessibility tests: CaptainShipCrewWithNPC, CaptainShipCrew, Dice, DraggableDice, DiceTray. Add keyboard navigation, ARIA verification, focus management tests. Effort: 4-6 hours.
Version 0.3.5 - Sprint 3.5 Complete β | 12 of 14 PRPs completed
| Category | Completed | Remaining |
|---|---|---|
| Foundation | Component Structure, E2E Testing | PRP Methodology |
| Accessibility | WCAG AA, Colorblind Mode, Font Switcher | - |
| Privacy | Cookie Consent, Google Analytics | - |
| Forms | Web3Forms Integration, EmailJS, PWA Sync | - |
| Features | Calendar Integration, Geolocation Map | Visual Regression |
| Tech Debt | Sprint 3.5: All 46 tasks complete (2025-09-19) β¨ | - |
See docs/prp-docs/PRP-STATUS.md for detailed progress.
- Performance: 92/100
- Accessibility: 98/100
- Best Practices: 95/100
- SEO: 100/100
- PWA: 92/100
- Fork the repository (for contributing back to ScriptHammer)
- Create your feature branch (
git checkout -b feature/amazing) - Run tests in Docker (
docker compose exec scripthammer pnpm test) - Commit changes (
git commit -m 'Add feature') - Push and open a PR
MIT - See LICENSE for details
For Template Users: Your project name is automatically detected from your new repository! No manual configuration needed. See docs/TEMPLATE-GUIDE.md for details.