RELEASE-20250309

[alsgud8311]

RELEASE-20250309

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on preparing for the 20250309 release by enhancing configuration management and optimizing SEO-related features. It integrates a new environment variable for the Toss Payments client key, ensuring better security and flexibility. The sitemap generation logic has been refined to dynamically include member-specific sitemaps, which improves content discoverability for search engines. Additionally, a minor adjustment was made to a UI component to improve the display of token history.

Highlights

• Environment Variable Integration: Introduced and integrated NEXT_PUBLIC_TOSS_PAYMENTS_CLIENT_KEY across the Dockerfile, environment type declarations, and the PurchaseSection component to externalize the Toss Payments client key.
• Sitemap Generation Refactoring: Streamlined the sitemap generation process by consolidating member sitemap creation directly into server-sitemap.xml/index.tsx, removing the need for a separate members.xml.tsx file and dynamically generating individual member sitemap entries.
• UI Component Update: Modified the TokenHistory component to display the state property directly, replacing the previous conditional display logic based on remainingCount.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• apps/client/Dockerfile
  • Added NEXT_PUBLIC_TOSS_PAYMENTS_CLIENT_KEY as a build argument.
• apps/client/env.d.ts
  • Declared the type for NEXT_PUBLIC_TOSS_PAYMENTS_CLIENT_KEY.
• apps/client/src/domains/purchase/components/PurchaseSection.tsx
  • Updated Toss Payments initialization to use the NEXT_PUBLIC_TOSS_PAYMENTS_CLIENT_KEY environment variable instead of a hardcoded test key.
• apps/client/src/pages/server-sitemap.xml/index.tsx
  • Modified to fetch paginated rank lists and dynamically generate sitemap entries for individual members, integrating them into the main sitemap index.
  • Removed the static entry for /sitemap/members.xml.
• apps/client/src/pages/sitemap/members.xml.tsx
  • Removed this file, as its functionality was absorbed into server-sitemap.xml/index.tsx.
• packages/ui/src/components/domains/purchase/tokenHistory.tsx
  • Changed the display logic to show the state prop directly, replacing conditional rendering based on remainingCount.

Ignored Files

• Ignored by pattern: .github/workflows/** (2)
  • .github/workflows/deploy-dev.yml
  • .github/workflows/deploy.yml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

🛠️ Build Summary

Status: ✅ SUCCESS
Duration: 62초
Exit Code: 0
Commit: c377849

📋 Build Output (마지막 45줄)

├ ƒ /api/auth/logout                           0 B         340 kB
├ ƒ /dashboard                             12.7 kB         647 kB
├ ƒ /interviews                            7.52 kB         354 kB
├ ƒ /interviews/[interviewId]              9.17 kB         612 kB
├ ƒ /interviews/[interviewId]/result       8.79 kB         372 kB
├ ○ /layout (1553 ms)                        542 B         341 kB
├   └ css/2af4d3721e97fa9b.css               280 B
├ ƒ /login                                 2.59 kB         343 kB
├ ƒ /login/callback                        2.79 kB         343 kB
├ ƒ /login/google/callback                 2.79 kB         343 kB
├ ƒ /login/profile                         5.33 kB         375 kB
├ ƒ /members/[memberId]                    4.79 kB         348 kB
├ ƒ /members/[memberId]/sitemap.xml          429 B         341 kB
├ ƒ /members/interviews/[interviewId]      7.66 kB         348 kB
├ ƒ /purchase                              7.83 kB         637 kB
├ ƒ /purchase/confirm                      2.42 kB         345 kB
├ ○ /purchase/error (1553 ms)                801 B         343 kB
├ ƒ /rank                                  4.14 kB         347 kB
├ ƒ /recruit                               6.92 kB         354 kB
├ ƒ /resume                                1.76 kB         450 kB
├ ƒ /resume/eval                            4.6 kB         348 kB
├ ƒ /resume/eval/[evaluationId]/result     3.63 kB         449 kB
├ ƒ /resume/eval/demo                      3.56 kB         452 kB
├ ƒ /resume/interview                      6.16 kB         376 kB
├ ƒ /resume/interview/[interviewId]        4.52 kB         348 kB
├ ƒ /server-sitemap.xml                      423 B         341 kB
├ ƒ /sitemap/rank.xml                        421 B         341 kB
├ ƒ /terms/privacy                         6.01 kB         346 kB
└ ƒ /terms/termsofuse                      5.84 kB         346 kB
+ First Load JS shared by all               356 kB
  ├ chunks/framework-0859aa6f37f5c68e.js   57.6 kB
  ├ chunks/main-6384995b64836ca9.js         176 kB
  ├ chunks/pages/_app-5b4bed7b31e253ea.js   104 kB
  ├ css/b89643931364741b.css               15.9 kB
  └ other shared chunks (total)            2.54 kB

ƒ Middleware                               96.2 kB

○  (Static)   prerendered as static content
ƒ  (Dynamic)  server-rendered on demand

   Memory usage report:
    - Total time spent in GC: 401.88ms
    - Peak heap usage: 75.52 MB
    - Peak RSS usage: 682.44 MB

🤖 Generated by GitHub Actions at Mon Mar 9 13:28:56 UTC 2026

[gemini-code-assist]

Code Review

This pull request introduces support for Toss Payments by adding a new environment variable for the client key and updating the PurchaseSection component. It also refactors the sitemap generation logic, consolidating it into server-sitemap.xml/index.tsx and removing the redundant sitemap/members.xml.tsx file. A critical concern is a potential Denial of Service (DoS) vulnerability in the server-side sitemap generation, specifically due to fetching 100,000 records from the backend API on every request to the sitemap index, which can exhaust server resources. Aside from this, the TokenHistory component has been simplified by directly using a state prop, and other changes appear to be well-implemented, enhancing the application's functionality and maintainability.

[gemini-code-assist]

The getServerSideProps function fetches up to 100,000 rank items from the backend API in a single request. This operation is triggered every time the /server-sitemap.xml endpoint is accessed. Fetching and processing such a large volume of data (potentially several megabytes of JSON) can lead to significant resource exhaustion (CPU, memory, and network bandwidth) on both the Next.js server and the backend API. An attacker or even a search engine crawler could cause a Denial of Service (DoS) by repeatedly requesting this URL.

[github-actions]

🚀 Lighthouse Report for TEST1

📅 Date: 3/9/2026

Category	Score
🟠 Performance	58
🟢 Accessibility	96
🟢 Best Practices	96
🟢 SEO	100

📊 Performance Details

Metric	Score	Value
🟢 First Contentful Paint	100	1.0 s
🟠 Largest Contentful Paint	86	2.7 s
🟢 Cumulative Layout Shift	100	0

🚀 Lighthouse Report for TEST2

📅 Date: 3/9/2026

Category	Score
🔴 Performance	45
🟢 Accessibility	96
🟢 Best Practices	96
🟢 SEO	100

📊 Performance Details

Metric	Score	Value
🟢 First Contentful Paint	100	1.0 s
🔴 Largest Contentful Paint	27	5.0 s
🟢 Cumulative Layout Shift	100	0

🚀 Lighthouse Report for TEST3

📅 Date: 3/9/2026

Category	Score
🔴 Performance	49
🟢 Accessibility	96
🟢 Best Practices	96
🟢 SEO	100

📊 Performance Details

Metric	Score	Value
🟢 First Contentful Paint	100	1.0 s
🔴 Largest Contentful Paint	41	4.3 s
🟢 Cumulative Layout Shift	100	0

🚀 Lighthouse Report for TEST4

📅 Date: 3/9/2026

Category	Score
🟠 Performance	54
🟢 Accessibility	96
🟢 Best Practices	96
🟢 SEO	100

📊 Performance Details

Metric	Score	Value
🟢 First Contentful Paint	100	1.0 s
🟠 Largest Contentful Paint	59	3.7 s
🟢 Cumulative Layout Shift	100	0

🚀 Lighthouse Report for TEST5

📅 Date: 3/9/2026

Category	Score
🟠 Performance	51
🟢 Accessibility	96
🟢 Best Practices	96
🟢 SEO	100

📊 Performance Details

Metric	Score	Value
🟢 First Contentful Paint	100	0.9 s
🟠 Largest Contentful Paint	53	3.9 s
🟢 Cumulative Layout Shift	100	0