Instructions for AI agents working on this codebase.

vinext is a Vite plugin that reimplements the Next.js API surface, with Cloudflare Workers as the primary deployment target. The goal: take any Next.js app and deploy it to Workers with one command.

vinext reimplements the Next.js API surface using Vite, with Cloudflare Workers as the primary deployment target. The goal is to let developers keep their existing Next.js code and deploy it to Workers.

pnpm test                                        # Vitest — full suite (~2 min, serial)
pnpm test tests/routing.test.ts                  # Run a single test file (~seconds)
pnpm test tests/shims.test.ts tests/link.test.ts # Run specific files
pnpm run test:e2e                                # Playwright E2E tests (all projects, use PLAYWRIGHT_PROJECT=<name> to target one)
pnpm run check                                   # Format, lint, and type checks
pnpm run lint                                    # Lint only (type-aware oxlint)
pnpm run fmt                                     # oxfmt (format)
pnpm run fmt:check                               # oxfmt (check only, no writes)
pnpm run build                                   # Build the vinext package (via vp pack)

packages/vinext/src/
  index.ts              # Main Vite plugin
  cli.ts                # vinext CLI
  shims/                # One file per next/* module
  routing/              # File-system route scanners
  server/               # SSR handlers, ISR, middleware
  cloudflare/           # KV cache handler

tests/
  *.test.ts             # Vitest tests
  fixtures/             # Test apps (pages-basic, app-basic, etc.)
  e2e/                  # Playwright tests

examples/               # User-facing demo apps

1. Check if Next.js has it — look at Next.js source to understand expected behavior
2. Search the Next.js test suite — before writing code, search test/e2e/ and test/unit/ in the Next.js repo for related test files (see below)
3. Add tests first — put test cases in the appropriate tests/*.test.ts file
4. Implement in shims or server — most features are either a shim (next/* module) or server-side logic
5. Add fixture pages if needed — tests/fixtures/ has test apps for integration testing
6. Run the relevant test file(s) to verify your changes (see Running Tests below)

This is a required step for all feature work and bug fixes. Before writing code, search the Next.js repo's test/e2e/ and test/unit/ directories for tests related to whatever you're working on. Search broadly, not just for exact feature names.

For example, when working on middleware:

• Search for middleware and proxy in test directory names
• Search for error messages like "must export" to find validation tests
• Check for edge cases like missing exports, misspelled names, invalid configs

Why this matters: vinext aims to match Next.js behavior exactly. If Next.js has a test for it, we should have an equivalent test. Missing this step has caused silent behavioral differences, like middleware failing open on invalid exports instead of throwing an error (which Next.js tests explicitly).

When you find relevant Next.js tests, port the test cases to our test suite and include a comment linking back to the original Next.js test file:

// Ported from Next.js: test/e2e/app-dir/proxy-missing-export/proxy-missing-export.test.ts
// https://github.com/vercel/next.js/blob/canary/test/e2e/app-dir/proxy-missing-export/proxy-missing-export.test.ts

Local Next.js clone for fast searching:

Keep a local clone of the Next.js repo for fast rg (ripgrep) searches. This is much faster and more reliable than gh search code for exploratory searches.

# First time: clone into .nextjs-ref (gitignored)
git clone --depth 1 --single-branch --branch canary https://github.com/vercel/next.js.git .nextjs-ref

# Update periodically
git -C .nextjs-ref pull --ff-only

The .nextjs-ref directory is gitignored. Use it for searching source, tests, and closed PR context:

# Search test suite for how Next.js handles a behavior
rg -rn "javascript:" .nextjs-ref/test/ --include "*.test.*" -l
rg -rn "router\.push" .nextjs-ref/test/e2e/ -l | head -20

# Search source for implementation details
rg -rn "x-middleware-override-headers" .nextjs-ref/packages/next/src/
rg -rn "isExternalUrl" .nextjs-ref/packages/next/src/

# Search for how config headers/redirects are ordered relative to middleware
rg -rn "headers.*redirect.*middleware" .nextjs-ref/packages/next/src/server/

Use gh search code when the local clone is not available:

gh search code "middleware" --repo vercel/next.js --filename "*.test.*" --limit 20
gh search code "must export" --repo vercel/next.js --filename "*.test.*" --limit 10

Always run targeted tests, not the full suite. The full Vitest suite takes ~2 minutes because test files run serially (to avoid Vite deps optimizer cache races). Running the full suite during development wastes time, especially when multiple agents are working on the repo simultaneously.

Prefer vp for day-to-day local work. The pnpm scripts above still work, but current repo workflow and CI debugging usually use the direct Vite+ commands:

vp check tests/app-router.test.ts
vp test run tests/app-router.test.ts
vp test run tests/app-router.test.ts -t "route handler"
vp run vinext#build

During development, run only the test file(s) relevant to your change:

# Run a single test file (fast — seconds, not minutes)
pnpm test tests/routing.test.ts

# Run a few related files
pnpm test tests/shims.test.ts tests/link.test.ts

# Run all nextjs-compat tests
pnpm test tests/nextjs-compat/

# Run tests matching a name pattern
pnpm test -t "middleware"

Which test files to run depends on what you changed:

Let CI run the full suite. The full pnpm test and all 5 Playwright E2E projects run in CI on every PR. You do not need to run the full suite locally before pushing. CI will catch any cross-cutting regressions.

When to run the full suite locally: Only if you're making a broad change that touches shared infrastructure (e.g., the Vite plugin's resolveId hook, virtual module generation, or the test helpers themselves). Even then, consider pushing and letting CI do it.

Always verify Next.js behavior first. Before writing a fix, confirm how Next.js handles the same scenario. This applies to security fixes, bug reports, and behavioral changes. We have repeatedly shipped fixes that diverged from Next.js because this step was skipped. Specific things to check:

1. Search the Next.js test suite (in .nextjs-ref/test/) for tests covering the behavior. If Next.js has a test, that is the authoritative answer for what the correct behavior is.
2. Search Next.js issues and PRs for prior discussion. Many behaviors are intentional design choices (e.g., Next.js intentionally does not block javascript: URIs in router.push(), config headers intentionally run before middleware). Use gh search code or EXA web search for this.
3. Search Next.js source (in .nextjs-ref/packages/next/src/) for the implementation. Understand what they do before deciding what we should do.
4. Document what you found. When creating a PR or closing an issue, link to the Next.js test, issue, or docs that informed the decision.

If Next.js and vinext should behave differently (defense-in-depth, Cloudflare-specific requirements), that is OK, but it must be a deliberate, documented decision, not an accidental divergence.

Always check dev and prod server parity. Request handling logic exists in multiple places that must stay in sync:

• entries/app-rsc-entry.ts — App Router dev (generates the RSC entry)
• server/dev-server.ts — Pages Router dev
• server/prod-server.ts — Pages Router production (handles middleware, routing, SSR directly)
• cloudflare/worker-entry.ts — Cloudflare Workers entry

The App Router production server delegates to the built RSC entry, so it inherits fixes from entries/app-rsc-entry.ts. But the Pages Router production server has its own middleware/routing/SSR logic that must be updated separately.

When fixing a bug in any of these files, check whether the same bug exists in the others. Do not leave known bugs as "follow-ups" — fix them in the same PR.

• Dev server logs: Run npx vite dev in a fixture directory
• RSC streaming issues: Context is often cleared before stream consumption — check AsyncLocalStorage usage
• Module resolution: Vite has separate module instances for RSC/SSR/client environments

• tests/fixtures/pages-basic/ — Pages Router test app
• tests/fixtures/app-basic/ — App Router test app
• examples/app-router-cloudflare/ — App Router on Workers
• examples/pages-router-cloudflare/ — Pages Router on Workers

Add new test pages to fixtures, not to examples. Examples are for user-facing demos.

The examples/ directory contains real-world Next.js apps ported to run on vinext. These are deployed to Cloudflare Workers on every push to main (see .github/workflows/deploy-examples.yml).

1. Create a directory under examples/ with a package.json (use "vinext": "workspace:*")
2. Add a vite.config.ts with vinext() and cloudflare() plugins
3. Add a wrangler.jsonc — for simple apps use "main": "vinext/server/app-router-entry" (no custom worker entry needed)
4. Add the example to the deploy matrix in .github/workflows/deploy-examples.yml:
   • Add to matrix.example array (with name, project, wrangler_config)
   • Add to the examples array in the PR comment step
5. Add a smoke test entry in scripts/smoke-test.sh — add a line to the CHECKS array:

   "your-example-name  /  expected-text-in-body"
   

6. Run ./scripts/smoke-test.sh locally to verify after deploying

scripts/smoke-test.sh is a lightweight post-deploy check that curls every deployed example and verifies HTTP 200 + expected content. It runs automatically in CI after the deploy job completes.

./scripts/smoke-test.sh                    # check production URLs
./scripts/smoke-test.sh --preview pr-42    # check PR preview URLs

When adding a new example, always add a corresponding smoke test entry. The format is:

"worker-name  /path  expected-text"

where expected-text is a case-insensitive string that must appear in the response body.

The examples in .github/repos.json are the ecosystem of Next.js apps we want to support. When porting one:

1. Use App Router unless the original app specifically requires Pages Router
2. Keep the same content — the goal is to prove the app works on vinext, not to rewrite it
3. Use @mdx-js/rollup for MDX support (vinext auto-detects and injects it, or you can register it manually in vite.config.ts)
4. File issues for anything that requires workarounds — missing shims, unsupported config options, etc.
5. Don't depend on the original framework's build plugins — e.g., Nextra's webpack plugin won't work; port the content and build a lightweight equivalent

Context7 provides fast access to up-to-date documentation and source code for libraries. Use it liberally when researching how to implement something or debugging behavior.

Key library IDs for this project:

• /vercel/next.js — Next.js source code and docs
• /llmstxt/nextjs_llms_txt — Extended Next.js documentation
• /vitejs/vite-plugin-react — Vite RSC plugin docs

Example queries:

• How Next.js implements headers() and cookies() internally
• AsyncLocalStorage patterns for request-scoped context
• RSC streaming and rendering lifecycle
• Route matching and middleware patterns

Use EXA for web search when you need to find recent discussions, blog posts, GitHub issues, or documentation that isn't in Context7. Particularly useful for:

• Finding workarounds for edge cases
• Understanding how other frameworks solved similar problems
• Locating relevant GitHub issues and discussions

When in doubt, look at how Next.js does it. Vinext aims to replicate Next.js behavior, so their implementation is the authoritative reference.

If you're trying to understand how something works under the hood (route matching, RSC streaming, caching behavior, API semantics), the best approach is to go look at the Next.js source code and understand what they're doing, then apply it to how we do things in this project.

Use the local .nextjs-ref clone for fast searching. If the clone doesn't exist yet, create it:

git clone --depth 1 --single-branch --branch canary https://github.com/vercel/next.js.git .nextjs-ref

Always use Node.js built-in modules and APIs before reaching for third-party packages or hand-rolling your own implementation. Node ships a lot of useful utilities that people forget about or don't know exist. Examples:

• node:util parseEnv for parsing .env file contents (not dotenv)
• node:crypto randomUUID() for UUIDs (not uuid)
• node:fs/promises for async file operations
• node:test patterns when they apply
• URL and URLSearchParams for URL manipulation (not string splitting)
• structuredClone for deep cloning (not lodash.cloneDeep)

If a Node built-in does the job, use it. Only reach for a dependency when the built-in is genuinely insufficient.

• NEVER push directly to main. Always create a feature branch and open a PR, even for small fixes. This ensures CI runs before changes are merged and provides a review checkpoint.

• Branch protection is enabled on main. Required checks: Check, Vitest, Playwright E2E. Pushing directly to main bypasses these protections and can introduce regressions.

• NEVER use gh pr merge --admin. The --admin flag bypasses branch protection checks entirely. If merge is blocked, investigate why — don't force it through. A blocked merge usually means a required check failed or is still running.

• PR workflow:

  1. Create a branch: git checkout -b fix/descriptive-name
  2. Make changes and commit
  3. Push branch: git push -u origin fix/descriptive-name
  4. Open PR via gh pr create
  5. Wait for CI to pass — all required checks (Check, Vitest, Playwright E2E) must be green
  6. Merge via gh pr merge --squash --delete-branch
  7. If merge is blocked, check which status check failed and fix it — do not bypass with --admin

• For large refactors, prefer small stacked PRs. When extracting logic out of generated entries or other high-risk files, do the work in reviewable slices:

  1. Move one cohesive runtime seam into a typed helper
  2. Add focused helper tests plus minimal generator assertion updates
  3. Push, fix CI, and re-request review
  4. Rebase the next stacked branch after each merge

• Use /bigbonk after meaningful updates on stacked refactor PRs. That is the normal re-review loop for this repo once a PR has been rebased or a review comment has been addressed.

CI is split into safe checks (no secrets) and deploy previews (requires secrets). This lets external contributors get feedback on their PRs without exposing credentials.

Safe CI (ci.yml) runs for all PRs after first-time contributor approval:

• Check, Vitest, Playwright E2E
• Uses zero secrets and read-only permissions
• First-time contributors need one manual approval, then subsequent PRs run automatically

Deploy previews (deploy-examples.yml) run automatically only for same-repo branches:

• The entire workflow is skipped for fork PRs via a job-level if condition
• Cloudflare employees should push branches to the main repo (not fork), so previews deploy automatically
• For fork PRs, a maintainer can comment /deploy-preview to trigger the deploy (see deploy-preview-command.yml)

/deploy-preview slash command (deploy-preview-command.yml):

• Triggered by commenting /deploy-preview on any PR
• Restricted to org members, collaborators, and repo owners via author_association
• Builds all examples, deploys previews, runs smoke tests, and posts preview URLs

When modifying CI workflows, keep these rules in mind:

• ci.yml must never use secrets. It runs untrusted code from forks.
• deploy-examples.yml must skip entirely for fork PRs. Don't remove the job-level if guard.
• The /deploy-preview slash command gates secret usage behind the author_association check.

Non-obvious patterns and pitfalls discovered during development. Read this before making significant changes.

This is the single most important architectural detail. The RSC environment and the SSR environment are separate Vite module graphs with separate module instances. If you set state in a module in the RSC environment (e.g., setNavigationContext() in next/navigation), the SSR environment's copy of that module is unaffected.

Per-request state (pathname, searchParams, params, headers, cookies) must be explicitly passed from the RSC entry to the SSR entry via the handleSsr(rscStream, navContext) call. The SSR entry calls the setter before rendering and cleans up afterward.

Rule of thumb: Any per-request state that "use client" components need during SSR must be passed across the environment boundary. They don't share module state.

The RSC plugin handles:

• Bundler transforms for "use client" / "use server" directives
• RSC stream serialization (wraps react-server-dom-webpack)
• Multi-environment builds (RSC/SSR/Client)
• CSS code-splitting and auto-injection
• HMR for server components
• Bootstrap script injection for client hydration

vinext handles everything else:

• File-system routing (scanning app/ and pages/ directories)
• Request lifecycle (middleware, headers, redirects, rewrites, then route handling)
• Layout nesting and React tree construction
• Client-side navigation and prefetching
• Caching (ISR, "use cache", fetch cache)
• All next/* module shims

The RSC entry's default export is the request handler. The plugin calls it for every request; vinext does route matching, builds the React tree, renders to RSC stream, and delegates to the SSR entry for HTML.

The generated entry files under packages/vinext/src/entries/* are one of the easiest places for the codebase to become hard to maintain. Treat them as codegen glue, not as the home for large runtime subsystems.

Rule of thumb: generated code may describe route-specific imports, manifests, and thin closures, but it should not own substantial request lifecycle logic.

Move real behavior into normal typed modules under packages/vinext/src/server/* whenever the code involves:

• request/response orchestration
• streaming or teeing streams
• ISR/cache policy or cache writes
• route-handler method dispatch
• redirect / not-found / access-fallback handling
• response shaping, header merging, or middleware merge behavior
• logic that needs direct unit tests

Preferred layering:

1. entries/* — generate route-specific imports, manifests, and thin wiring
2. server/* — implement runtime behavior in importable typed modules
3. tests/* — unit test the runtime helpers directly; keep generated-entry tests focused on delegation and wiring

Testing guidance for entry refactors:

• If you move behavior out of a template string, add a focused unit test for the new helper module
• Update tests/entry-templates.test.ts or other generated-code assertions to check the new helper delegation, not the old inline implementation detail
• Prefer verifying stream/cache/error behavior in helper tests instead of asserting on giant generated strings

App Router examples: the long-term pattern is for files like entries/app-rsc-entry.ts, entries/app-browser-entry.ts, and entries/app-ssr-entry.ts to stay thin and delegate to server/app-*.ts helpers.

You must use createBuilder() + builder.buildApp() for production builds, not build() directly. Calling build() from the Vite JS API doesn't trigger the RSC plugin's multi-environment build pipeline. buildApp() runs the 5-step RSC/SSR/client build sequence in the correct order.

This repo currently resolves vite to @voidzero-dev/vite-plus-core, which bundles Vite 8. Keep that in mind when touching Vite config or plugin integration code:

• Prefer oxc over esbuild for new JavaScript transform config
• Prefer optimizeDeps.rolldownOptions over optimizeDeps.esbuildOptions
• Prefer build.rolldownOptions / worker.rolldownOptions over adding new *.rollupOptions config
• When touching existing build.rollupOptions or manualChunks, preserve Vite 7 compatibility but treat them as migration targets, not patterns to copy forward
• If something breaks only on Vite 8, check the newer build.target baseline and stricter CommonJS default import behavior first

• Build-time root prefix: Vite prefixes virtual module IDs with the project root path when resolving SSR build entries. The resolveId hook must handle both virtual:vinext-server-entry and <root>/virtual:vinext-server-entry.
• \0 prefix in client environment: When the RSC plugin generates its browser entry, it imports virtual modules using the already-resolved \0-prefixed ID. Vite's import-analysis plugin can't resolve this. Fix: strip the \0 prefix before matching in resolveId.
• Absolute paths required: Virtual modules have no real file location, so all imports within them must use absolute paths.

Next.js 15 changed params and searchParams to Promises. For backward compatibility with pre-15 code, vinext creates "thenable objects":

Object.assign(Promise.resolve(params), params);

This works both as await params (new style) and params.id (old style). The same pattern applies to generateMetadata and generateViewport.

The ISR cache layer sits above CacheHandler, not inside it. CacheHandler (matching Next.js 16's interface) is a simple key-value store. ISR semantics live in a separate isr-cache.ts module:

• Stale-while-revalidate: Returns stale entries (not null) while background regeneration runs
• Dedup: A Map<string, Promise> keyed by cache key ensures only one regeneration per key at a time
• Revalidate tracking: A side map stores revalidate durations by cache key (populated on MISS, read on HIT/STALE)
• Tag invalidation: Tag-invalidated entries are hard-deleted (return null), unlike time-expired entries which return stale

The caching layer is pluggable via setCacheHandler(). KV is the default for Cloudflare Workers. The ISR logic works automatically with any backend.

This is critical to get right. Many security reports and bug fixes depend on understanding which steps run before vs after middleware. The Next.js documented execution order is (source: Next.js middleware docs, rewrites docs):

1. headers from next.config.js (has/missing conditions use the original request)
2. redirects from next.config.js (has/missing conditions use the original request)
3. Middleware (rewrites, redirects, header modifications, etc.)
4. beforeFiles rewrites from next.config.js (has/missing conditions use post-middleware request)
5. Filesystem routes (public/, _next/static/, pages, app)
6. afterFiles rewrites from next.config.js (has/missing conditions use post-middleware request)
7. Dynamic routes (/blog/[slug])
8. fallback rewrites from next.config.js

Key implications:

• Config headers and redirects run BEFORE middleware. Their has/missing conditions evaluate against the original incoming request, not middleware-modified state. If you need middleware-aware conditional headers, set them in middleware itself.
• _next/static/* (build output) is served directly without middleware. But public/ directory files go through middleware.
• beforeFiles, afterFiles, and fallback rewrites run AFTER middleware and should see middleware-modified request state.

Current vinext gap: vinext evaluates config headers at step 6 (after middleware) instead of step 1 (before middleware). The has/missing conditions correctly use the pre-middleware request context, but the timing of when headers are applied differs from Next.js. This is a known parity gap tracked for future work.

When adding support for third-party Next.js libraries:

• next/navigation.js (with .js extension): Libraries like nuqs import with the .js extension. Vite's resolve.alias does exact matching, so a resolveId hook strips .js from next/* imports and redirects through the shim map.
• next-themes: Works out of the box. ThemeProvider, useTheme, SSR script injection all function correctly.
• next-intl: Requires deep integration. It expects a plugin from next.config.ts (createNextIntlPlugin) that injects config at build time. Simply installing and importing doesn't work.
• General pattern: Libraries that only import from next/* public APIs tend to work. Libraries that depend on Next.js build plugins or internal APIs need custom shimming.

This project is using Vite+, a unified toolchain built on top of Vite, Rolldown, Vitest, tsdown, Oxlint, Oxfmt, and Vite Task. Vite+ wraps runtime management, package management, and frontend tooling in a single global CLI called vp. Vite+ is distinct from Vite, but it invokes Vite through vp dev and vp build.

vp is a global binary that handles the full development lifecycle. Run vp help to print a list of commands and vp <command> --help for information about a specific command.

• create - Create a new project from a template
• migrate - Migrate an existing project to Vite+
• config - Configure hooks and agent integration
• staged - Run linters on staged files
• install (i) - Install dependencies
• env - Manage Node.js versions

• dev - Run the development server
• check - Run format, lint, and TypeScript type checks
• lint - Lint code
• fmt - Format code
• test - Run tests

• run - Run monorepo tasks
• exec - Execute a command from local node_modules/.bin
• dlx - Execute a package binary without installing it as a dependency
• cache - Manage the task cache

• build - Build for production
• pack - Build libraries
• preview - Preview production build

Vite+ automatically detects and wraps the underlying package manager such as pnpm, npm, or Yarn through the packageManager field in package.json or package manager-specific lockfiles.

• add - Add packages to dependencies
• remove (rm, un, uninstall) - Remove packages from dependencies
• update (up) - Update packages to latest versions
• dedupe - Deduplicate dependencies
• outdated - Check for outdated packages
• list (ls) - List installed packages
• why (explain) - Show why a package is installed
• info (view, show) - View package information from the registry
• link (ln) / unlink - Manage local package links
• pm - Forward a command to the package manager

• upgrade - Update vp itself to the latest version

These commands map to their corresponding tools. For example, vp dev --port 3000 runs Vite's dev server and works the same as Vite. vp test runs JavaScript tests through the bundled Vitest. The version of all tools can be checked using vp --version. This is useful when researching documentation, features, and bugs.

• Using the package manager directly: Do not use pnpm, npm, or Yarn directly. Vite+ can handle all package manager operations.
• Always use Vite commands to run tools: Don't attempt to run vp vitest or vp oxlint. They do not exist. Use vp test, vp lint, and vp check instead.
• Running scripts: Vite+ commands take precedence over package.json scripts. If there is a test script defined in scripts that conflicts with the built-in vp test command, run it using vp run test.
• Do not install Vitest, Oxlint, Oxfmt, or tsdown directly: Vite+ wraps these tools. They must not be installed directly. You cannot upgrade these tools by installing their latest versions. Always use Vite+ commands.
• Use Vite+ wrappers for one-off binaries: Use vp dlx instead of package-manager-specific dlx/npx commands.
• Import JavaScript modules from vite-plus: Instead of importing from vite or vitest, all modules should be imported from the project's vite-plus dependency. For example, import { defineConfig } from 'vite-plus'; or import { expect, test, vi } from 'vite-plus/test';. You must not install vitest to import test utilities.
• Static checks: Prefer vp check as the default validation command. It runs formatting, linting, and type checks together, and vp lint --type-aware works when you need lint-only feedback.

• Run vp install after pulling remote changes and before getting started.
• Run vp check and vp test to validate changes.