chore: auto sync sponsors

[dinwwwh]

Summary by CodeRabbit

• New Features

  • Added an automated Sponsors sync workflow (scheduled + manual) to refresh sponsor listings and update READMEs.
  • Added a package script to run the sponsors sync and apply formatting.

• Documentation

  • Replaced single sponsor badges with multi-tier sponsor galleries (Platinum, Gold, Silver, Generous, Sponsors, Backers, Past Sponsors).
  • Centralized sponsor data for consistent theme rendering and static display across docs.

• Chores

  • Removed several outdated redirect mappings.

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds an automated sponsor synchronization flow: a TypeScript script that fetches sponsor JSON, generates a typed sponsors module, replaces Sponsors sections across READMEs, a scheduled / dispatchable GitHub Actions workflow to run the sync and commit updates, and a small package script; also removes a few legacy redirects and replaces sponsor badges with multi-tier galleries.

Changes

Cohort / File(s)	Summary
Sync script & workflow scripts/sync-sponsor.ts, .github/workflows/sponsors-sync.yaml, package.json	New TypeScript sync script that fetches sponsor JSON, generates apps/content/.vitepress/theme/sponsors.ts, updates README sponsor sections, adds sponsors:sync npm script, and a scheduled/workflow_dispatch GitHub Actions workflow that runs the sync and commits changes.
Generated sponsors data apps/content/.vitepress/theme/sponsors.ts	Adds an auto-generated typed module exporting SidebarPlacementSize, JSONSponsor, and sponsors: JSONSponsor[] (large data array) used by the VitePress theme.
Theme components apps/content/.vitepress/theme/components/AsideSponsors.vue, apps/content/.vitepress/theme/components/FullSponsors.vue	Replaces runtime/composable-based sponsor loading with static import of generated sponsors; rewrites rendering and layout to use sidebarSize, link, and sidebarLogo fields and adds dynamic tiered rendering and styles.
Removed composable apps/content/.vitepress/theme/composables/sponsors.ts	Deletes the composable that fetched sponsors at runtime and persisted them to localStorage; removes its types and exported useSponsors function.
Root README & redirects README.md, apps/content/public/_redirects	Replaces the root sponsor badge with a multi-tier gallery in README.md and removes four legacy redirect entries from _redirects.
Package & playground READMEs packages/*/README.md, playgrounds/*/README.md	Replaces single sponsor badge blocks across many package and playground READMEs with expanded multi-tier sponsor galleries (Platinum/Gold/Silver/Generous/Sponsors/Backers/Past Sponsors).

Sequence Diagram(s)

sequenceDiagram
  participant Scheduler as GitHub Actions Scheduler
  participant Workflow as Sponsors Sync Workflow
  participant Runner as CI Runner
  participant Script as sync-sponsor.ts
  participant Remote as Sponsor JSON API
  participant Repo as Git Repo
  participant GitHub as GitHub (commit)

  Scheduler->>Workflow: trigger (cron / workflow_dispatch)
  Workflow->>Runner: start job (checkout, setup pnpm)
  Runner->>Script: run `sponsors:sync`
  Script->>Remote: fetch sponsor JSON
  Remote-->>Script: sponsor data
  Script->>Script: generate `apps/content/.vitepress/theme/sponsors.ts`
  Script->>Script: render/update README Sponsors sections
  Script->>Repo: write changes
  Runner->>GitHub: commit & push changes (EndBug/add-and-commit, GITHUB_TOKEN)
  GitHub-->>Repo: branch updated

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• docs: sponsors #286 — Introduced sponsors UI components/composables that the generated module and updated components now replace or consume.
• docs: fix sponsors list #288 — Adjusts sponsor data schema and sidebar properties; may overlap with the new generated types and field names.
• docs: fix right sidebar sponsors #1477 — Modifies right-sidebar sponsor metadata/fields which likely intersect with the new SidebarPlacementSize/sidebarLogo usage.

Poem

🐰 I hopped through JSON, carrots in my paw,
I stitched up sponsors, neat lines that I saw,
Workflows tick-tock, a dispatch and a cron,
READMEs dressed up where a small badge had shone,
A rabbit cheers — sync complete, bring on the dawn!

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title 'chore: auto sync sponsors' directly and clearly describes the main change—implementing automated sponsor synchronization across the codebase.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly improves the management and display of sponsor information by automating the synchronization process. It transitions from a static SVG-based approach to a dynamic system that generates detailed sponsor listings across multiple README.md files, ensuring consistency and ease of updates. A new TypeScript file now centrally stores sponsor data, supporting this automated workflow.

Highlights

• Automated Sponsor Synchronization: Implemented an automated process to synchronize GitHub sponsor information across all relevant README.md files and a new dedicated TypeScript file.
• Dynamic Sponsor Display: Replaced static SVG sponsor badges in README.md files with dynamically generated HTML content, providing more detailed sponsor listings.
• New Sponsor Data File: Introduced a new auto-generated TypeScript file (apps/content/.vitepress/theme/sponsors.ts) to store structured sponsor data.
• Build Script Enhancement: Added a sponsors:sync script to package.json to facilitate the automated update and formatting of sponsor data and documentation.

Changelog

• README.md
  • Updated the sponsors section to display detailed sponsor information instead of a single SVG.
• apps/content/.vitepress/theme/sponsors.ts
  • Added a new auto-generated TypeScript file containing structured sponsor data.
• apps/content/public/_redirects
  • Removed the redirects file.
• package.json
  • Added a new sponsors:sync script for automating sponsor data updates and formatting.
• packages/ai-sdk/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/arktype/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/client/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/contract/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/durable-iterator/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/hey-api/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/json-schema/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/nest/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/openapi-client/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/openapi/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/otel/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/pino/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/publisher-durable-object/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/publisher/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/ratelimit/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/react-query/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/react-swr/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/react/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/server/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/shared/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/solid-query/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/standard-server-aws-lambda/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/standard-server-fastify/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/standard-server-fetch/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/standard-server-node/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/standard-server-peer/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/standard-server/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/svelte-kit/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/svelte-query/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/tanstack-query/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/trpc/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/valibot/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/vue-colada/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/vue-query/README.md
  • Updated the sponsors section with detailed sponsor listings.
• packages/zod/README.md
  • Updated the sponsors section with detailed sponsor listings.
• playgrounds/astro/README.md
  • Updated the sponsors section with detailed sponsor listings.
• playgrounds/browser-extension/README.md
  • Updated the sponsors section with detailed sponsor listings.
• playgrounds/bun-websocket-otel/README.md
  • Updated the sponsors section with detailed sponsor listings.
• playgrounds/cloudflare-worker/README.md
  • Updated the sponsors section with detailed sponsor listings.
• playgrounds/contract-first/README.md
  • Updated the sponsors section with detailed sponsor listings.
• playgrounds/electron/README.md
  • Updated the sponsors section with detailed sponsor listings.
• playgrounds/nest/README.md
  • Updated the sponsors section with detailed sponsor listings.
• playgrounds/next/README.md
  • Updated the sponsors section with detailed sponsor listings.
• playgrounds/nuxt/README.md
  • Updated the sponsors section with detailed sponsor listings.
• playgrounds/solid-start/README.md
  • Updated the sponsors section with detailed sponsor listings.
• playgrounds/svelte-kit/README.md
  • Updated the sponsors section with detailed sponsor listings.

Ignored Files

• Ignored by pattern: .github/workflows/** (1)
  • .github/workflows/sponsors-sync.yaml

Activity

• No human activity has been recorded on this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[pkg-pr-new]

More templates

• @orpc/astro-playground
• @orpc/browser-extension-playground
• @orpc/bun-websocket-otel-playground
• @orpc/cloudflare-worker-playground
• @orpc/contract-first-playground
• @orpc/electron-playground
• @orpc/nest-playground
• @orpc/next-playground
• @orpc/nuxt-playground
• @orpc/solid-start-playground
• @orpc/svelte-kit-playground
• @orpc/tanstack-start-playground

@orpc/ai-sdk

npm i https://pkg.pr.new/@orpc/ai-sdk@1481

@orpc/arktype

npm i https://pkg.pr.new/@orpc/arktype@1481

@orpc/client

npm i https://pkg.pr.new/@orpc/client@1481

@orpc/contract

npm i https://pkg.pr.new/@orpc/contract@1481

@orpc/experimental-durable-iterator

npm i https://pkg.pr.new/@orpc/experimental-durable-iterator@1481

@orpc/hey-api

npm i https://pkg.pr.new/@orpc/hey-api@1481

@orpc/interop

npm i https://pkg.pr.new/@orpc/interop@1481

@orpc/json-schema

npm i https://pkg.pr.new/@orpc/json-schema@1481

@orpc/nest

npm i https://pkg.pr.new/@orpc/nest@1481

@orpc/openapi

npm i https://pkg.pr.new/@orpc/openapi@1481

@orpc/openapi-client

npm i https://pkg.pr.new/@orpc/openapi-client@1481

@orpc/otel

npm i https://pkg.pr.new/@orpc/otel@1481

@orpc/experimental-pino

npm i https://pkg.pr.new/@orpc/experimental-pino@1481

@orpc/experimental-publisher

npm i https://pkg.pr.new/@orpc/experimental-publisher@1481

@orpc/experimental-publisher-durable-object

npm i https://pkg.pr.new/@orpc/experimental-publisher-durable-object@1481

@orpc/experimental-ratelimit

npm i https://pkg.pr.new/@orpc/experimental-ratelimit@1481

@orpc/react

npm i https://pkg.pr.new/@orpc/react@1481

@orpc/react-query

npm i https://pkg.pr.new/@orpc/react-query@1481

@orpc/experimental-react-swr

npm i https://pkg.pr.new/@orpc/experimental-react-swr@1481

@orpc/server

npm i https://pkg.pr.new/@orpc/server@1481

@orpc/shared

npm i https://pkg.pr.new/@orpc/shared@1481

@orpc/solid-query

npm i https://pkg.pr.new/@orpc/solid-query@1481

@orpc/standard-server

npm i https://pkg.pr.new/@orpc/standard-server@1481

@orpc/standard-server-aws-lambda

npm i https://pkg.pr.new/@orpc/standard-server-aws-lambda@1481

@orpc/standard-server-fastify

npm i https://pkg.pr.new/@orpc/standard-server-fastify@1481

@orpc/standard-server-fetch

npm i https://pkg.pr.new/@orpc/standard-server-fetch@1481

@orpc/standard-server-node

npm i https://pkg.pr.new/@orpc/standard-server-node@1481

@orpc/standard-server-peer

npm i https://pkg.pr.new/@orpc/standard-server-peer@1481

@orpc/svelte-query

npm i https://pkg.pr.new/@orpc/svelte-query@1481

@orpc/tanstack-query

npm i https://pkg.pr.new/@orpc/tanstack-query@1481

@orpc/trpc

npm i https://pkg.pr.new/@orpc/trpc@1481

@orpc/valibot

npm i https://pkg.pr.new/@orpc/valibot@1481

@orpc/vue-colada

npm i https://pkg.pr.new/@orpc/vue-colada@1481

@orpc/vue-query

npm i https://pkg.pr.new/@orpc/vue-query@1481

@orpc/zod

npm i https://pkg.pr.new/@orpc/zod@1481

commit: 8fe3d9a

[gemini-code-assist]

Code Review

This pull request automates the synchronization of sponsor information across the repository. It introduces a script to generate a sponsors.ts file with sponsor data and updates all README.md files to display a detailed list of sponsors. While this automation is a great step for maintainability, I have a couple of suggestions to further improve the clarity of the generated data and reduce code duplication in the documentation files.

[gemini-code-assist]

The property name createdAt is misleading. Based on the data, it seems to represent the sponsorship expiration date (e.g., '2026-03-15T14:00:10Z'). I recommend renaming it to expiresAt to more accurately reflect its purpose. This will improve code clarity and prevent potential confusion for future developers.

Suggested change

	createdAt?: string
	expiresAt?: string

[gemini-code-assist]

While it's great to give sponsors more visibility, this large block of HTML is now duplicated across many README files in the repository. This makes the files noisy and harder to maintain, even with automation.

Consider generating a central SPONSORS.md file and linking to it from each README. You could still feature top-tier sponsors in the main READMEs to give them prominent visibility, but keep the full list in one place. This would make the individual READMEs much cleaner.

[Copilot]

Pull request overview

Adds an automated sponsors synchronization pipeline that fetches canonical sponsor data and updates README sponsor sections (and the website sponsors data file) on a schedule.

Changes:

• Introduces scripts/sync-sponsor.ts to fetch sponsors JSON, regenerate the “## Sponsors” sections across README files, and emit a website sponsors TS data file.
• Rewrites sponsor sections in multiple package READMEs and the root README from an embedded SVG approach to explicit sponsor lists with tracking links.
• Adds a scheduled GitHub Actions workflow plus a pnpm sponsors:sync script to run the sync and commit updates back to main.

Reviewed changes

Copilot reviewed 53 out of 53 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
scripts/sync-sponsor.ts	New sync script: fetches sponsor data, regenerates README sponsor sections, and writes the website sponsors data file.
package.json	Adds sponsors:sync script to run the sync and format outputs via ESLint.
.github/workflows/sponsors-sync.yaml	Adds scheduled workflow to run the sync daily and commit changes.
apps/content/public/_redirects	Removes redirect rules previously used for legacy docs routes and /sponsor.
README.md	Replaces the sponsors SVG embed with generated sponsor tiers/links.
packages/zod/README.md	Same sponsors section replacement.
packages/vue-query/README.md	Same sponsors section replacement.
packages/vue-colada/README.md	Same sponsors section replacement.
packages/svelte-query/README.md	Same sponsors section replacement.
packages/solid-query/README.md	Same sponsors section replacement.
packages/server/README.md	Same sponsors section replacement.
packages/react/README.md	Same sponsors section replacement.
packages/react-query/README.md	Same sponsors section replacement.
packages/otel/README.md	Same sponsors section replacement.
packages/nest/README.md	Same sponsors section replacement.
packages/contract/README.md	Same sponsors section replacement.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

packages/client/README.md (1)

95-189: Add generated-content markers to prevent manual drift.

Given this is auto-synced content, consider wrapping the block with explicit markers (for example, <!-- sponsors:start --> / <!-- sponsors:end -->) so future updates stay deterministic and conflicts are easier to resolve.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/client/README.md` around lines 95 - 189, The sponsors block in
packages/client/README.md (the section starting at the "🏆 Platinum Sponsor" /
"Sponsors" headings) is auto-synced and should be wrapped with deterministic
generated-content markers to avoid manual drift; add explicit HTML comments such
as <!-- sponsors:start --> before the start of the sponsor list and <!--
sponsors:end --> after the end, and update any sync scripts or CI that
regenerate this content to only replace the content between those markers (refer
to the "🏆 Platinum Sponsor" / "Sponsors" block to locate the exact insertion
points).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/sponsors-sync.yaml:
- Line 24: The sync script currently writes upstream data without validating it;
in scripts/sync-sponsor.ts after parsing the response into the sponsors array
(e.g., const sponsors = await response.json() as Sponsor[] inside the function
that fetches sponsors or main), add a guard that throws an Error and aborts
before any file-write/commit when sponsors.length === 0 (so the write/commit
logic such as writeSponsors(), updateReadmes(), or any Git commit step is not
reached); ensure the thrown error causes the process to exit non-zero so the
.github/workflows/sponsors-sync.yaml run (pnpm sponsors:sync) fails instead of
committing an empty sponsors payload.

In `@apps/content/.vitepress/theme/sponsors.ts`:
- Around line 5-17: The schema rename removed the backward-compatible fields
used by consumers and breaks sidebar sponsor logic; restore compatibility by
adding aliases or mappings so the old properties (rightSidebarSize,
rightSidebarLink, rightSidebarLogo) remain available while using the new names
(sidebarSize, sidebarLogo), or update the consumer component AsideSponsors.vue
to read sidebarSize and sidebarLogo (and derive the link from link/tier if
needed). Locate the JSONSponsor interface and ensure it exposes the old property
names (as optional getters/aliases or keep them in the serialized shape) or
update the consumer code that references
rightSidebarSize/rightSidebarLink/rightSidebarLogo to use
sidebarSize/sidebarLogo (and link) consistently.

---

Nitpick comments:
In `@packages/client/README.md`:
- Around line 95-189: The sponsors block in packages/client/README.md (the
section starting at the "🏆 Platinum Sponsor" / "Sponsors" headings) is
auto-synced and should be wrapped with deterministic generated-content markers
to avoid manual drift; add explicit HTML comments such as <!-- sponsors:start
--> before the start of the sponsor list and <!-- sponsors:end --> after the
end, and update any sync scripts or CI that regenerate this content to only
replace the content between those markers (refer to the "🏆 Platinum Sponsor" /
"Sponsors" block to locate the exact insertion points).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 797bce99-6100-4a28-8c96-d1cefb274ba9

📥 Commits

Reviewing files that changed from the base of the PR and between 62c9665 and 05b7091.

📒 Files selected for processing (53)

• .github/workflows/sponsors-sync.yaml
• README.md
• apps/content/.vitepress/theme/sponsors.ts
• apps/content/public/_redirects
• package.json
• packages/ai-sdk/README.md
• packages/arktype/README.md
• packages/client/README.md
• packages/contract/README.md
• packages/durable-iterator/README.md
• packages/hey-api/README.md
• packages/interop/README.md
• packages/json-schema/README.md
• packages/nest/README.md
• packages/openapi-client/README.md
• packages/openapi/README.md
• packages/otel/README.md
• packages/pino/README.md
• packages/publisher-durable-object/README.md
• packages/publisher/README.md
• packages/ratelimit/README.md
• packages/react-query/README.md
• packages/react-swr/README.md
• packages/react/README.md
• packages/server/README.md
• packages/shared/README.md
• packages/solid-query/README.md
• packages/standard-server-aws-lambda/README.md
• packages/standard-server-fastify/README.md
• packages/standard-server-fetch/README.md
• packages/standard-server-node/README.md
• packages/standard-server-peer/README.md
• packages/standard-server/README.md
• packages/svelte-query/README.md
• packages/tanstack-query/README.md
• packages/trpc/README.md
• packages/valibot/README.md
• packages/vue-colada/README.md
• packages/vue-query/README.md
• packages/zod/README.md
• playgrounds/astro/README.md
• playgrounds/browser-extension/README.md
• playgrounds/bun-websocket-otel/README.md
• playgrounds/cloudflare-worker/README.md
• playgrounds/contract-first/README.md
• playgrounds/electron/README.md
• playgrounds/nest/README.md
• playgrounds/next/README.md
• playgrounds/nuxt/README.md
• playgrounds/solid-start/README.md
• playgrounds/svelte-kit/README.md
• playgrounds/tanstack-start/README.md
• scripts/sync-sponsor.ts

💤 Files with no reviewable changes (1)

• apps/content/public/_redirects

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify the sync script's handling of sponsors data
cat scripts/sync-sponsor.ts | head -250

Repository: middleapi/orpc

Length of output: 7445

---

Add safeguard for empty sponsors data before committing changes.

The scripts/sync-sponsor.ts script fetches from the upstream source and immediately writes sponsor data without validating if the sponsors array is empty. If the upstream source returns an empty array due to an API issue or misconfiguration, this workflow will commit changes that overwrite all sponsor sections in 28+ README files with just the header and call-to-action text, effectively removing all sponsor visibility.

Add validation in the sync script to abort if the sponsors array is unexpectedly empty:

const sponsors = await response.json() as Sponsor[]

if (sponsors.length === 0) {
  throw new Error('Sponsors array is empty - aborting to prevent accidental data loss')
}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/sponsors-sync.yaml at line 24, The sync script currently
writes upstream data without validating it; in scripts/sync-sponsor.ts after
parsing the response into the sponsors array (e.g., const sponsors = await
response.json() as Sponsor[] inside the function that fetches sponsors or main),
add a guard that throws an Error and aborts before any file-write/commit when
sponsors.length === 0 (so the write/commit logic such as writeSponsors(),
updateReadmes(), or any Git commit step is not reached); ensure the thrown error
causes the process to exit non-zero so the .github/workflows/sponsors-sync.yaml
run (pnpm sponsors:sync) fails instead of committing an empty sponsors payload.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

packages/ratelimit/README.md (1)

73-189: LGTM! Systematic sponsor gallery implementation looks great.

The auto-generated multi-tier sponsor gallery is well-structured with consistent formatting, proper link attributes, and appropriate image sizing across all tiers. The automation approach via the sync script is sound.

💡 Optional consideration for README focus

While the sponsor gallery looks great, consider whether all package-level READMEs need the complete gallery. An alternative approach could be to show top-tier sponsors only and link to a central sponsors page, keeping individual package READMEs more focused on their specific functionality. However, this is purely optional since the current approach provides good visibility for all sponsor tiers.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/ratelimit/README.md` around lines 73 - 189, Reviewer approved the
sponsor gallery but suggested optionally simplifying package READMEs by showing
only top-tier sponsors and linking to a central sponsors page; update
packages/ratelimit/README.md by keeping the "🏆 Platinum Sponsor" and "🥇 Gold
Sponsor" sections (remove or collapse "🥈 Silver Sponsor", "Generous Sponsors",
"Sponsors", "Backers", "Past Sponsors") and add a clear link labeled (e.g.,
"Full sponsor list") to the central sponsors page, or alternatively implement a
collapsible/details block for lower tiers using the existing section headings to
keep the README focused on package content.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@scripts/sync-sponsor.ts`:
- Around line 65-74: The image sizing depends on the order of the tierLevels
array (derived from Map keys), so ensure tierLevels is sorted by numeric tier
value in descending order before calculating rank in getTierImageSize; change
the code that builds/passes tierLevels (or sort inside getTierImageSize) to
perform a numeric sort like tierLevels.sort((a,b)=>b-a) so higher tiers map to
larger sizes consistently when getTierImageSize uses findIndex and sizesByRank.
- Around line 173-224: The generated file uses sidebarSize/sidebarLogo but the
site expects rightSidebarSize/rightSidebarLogo and a rightSidebarLink field; in
buildWebsiteSponsorsFileContent map normalizedSponsors to use rightSidebarSize
(from sponsor.sidebarSize with same validation), rightSidebarLogo (from
sponsor.sidebarLogo or sponsor.avatar), and add rightSidebarLink (prefer
sponsor.sidebarLink if present else sponsor.link) instead of the current
sidebar* names, and update the exported JSONSponsor interface in the generated
string to declare rightSidebarSize: 'normal' | 'small' | 'none',
rightSidebarLink?: string, and rightSidebarLogo: string so the consuming
composable AsideSponsors.vue and composables/sponsors.ts receive the expected
field names.

---

Nitpick comments:
In `@packages/ratelimit/README.md`:
- Around line 73-189: Reviewer approved the sponsor gallery but suggested
optionally simplifying package READMEs by showing only top-tier sponsors and
linking to a central sponsors page; update packages/ratelimit/README.md by
keeping the "🏆 Platinum Sponsor" and "🥇 Gold Sponsor" sections (remove or
collapse "🥈 Silver Sponsor", "Generous Sponsors", "Sponsors", "Backers", "Past
Sponsors") and add a clear link labeled (e.g., "Full sponsor list") to the
central sponsors page, or alternatively implement a collapsible/details block
for lower tiers using the existing section headings to keep the README focused
on package content.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 3ff7800d-f610-4793-9e42-3721cd5a98fe

📥 Commits

Reviewing files that changed from the base of the PR and between 05b7091 and cefcf32.

📒 Files selected for processing (49)

• README.md
• packages/ai-sdk/README.md
• packages/arktype/README.md
• packages/client/README.md
• packages/contract/README.md
• packages/durable-iterator/README.md
• packages/hey-api/README.md
• packages/interop/README.md
• packages/json-schema/README.md
• packages/nest/README.md
• packages/openapi-client/README.md
• packages/openapi/README.md
• packages/otel/README.md
• packages/pino/README.md
• packages/publisher-durable-object/README.md
• packages/publisher/README.md
• packages/ratelimit/README.md
• packages/react-query/README.md
• packages/react-swr/README.md
• packages/react/README.md
• packages/server/README.md
• packages/shared/README.md
• packages/solid-query/README.md
• packages/standard-server-aws-lambda/README.md
• packages/standard-server-fastify/README.md
• packages/standard-server-fetch/README.md
• packages/standard-server-node/README.md
• packages/standard-server-peer/README.md
• packages/standard-server/README.md
• packages/svelte-query/README.md
• packages/tanstack-query/README.md
• packages/trpc/README.md
• packages/valibot/README.md
• packages/vue-colada/README.md
• packages/vue-query/README.md
• packages/zod/README.md
• playgrounds/astro/README.md
• playgrounds/browser-extension/README.md
• playgrounds/bun-websocket-otel/README.md
• playgrounds/cloudflare-worker/README.md
• playgrounds/contract-first/README.md
• playgrounds/electron/README.md
• playgrounds/nest/README.md
• playgrounds/next/README.md
• playgrounds/nuxt/README.md
• playgrounds/solid-start/README.md
• playgrounds/svelte-kit/README.md
• playgrounds/tanstack-start/README.md
• scripts/sync-sponsor.ts

✅ Files skipped from review due to trivial changes (2)

• packages/json-schema/README.md
• packages/arktype/README.md

🚧 Files skipped from review as they are similar to previous changes (14)

• packages/client/README.md
• packages/publisher-durable-object/README.md
• playgrounds/browser-extension/README.md
• packages/interop/README.md
• playgrounds/svelte-kit/README.md
• packages/otel/README.md
• playgrounds/bun-websocket-otel/README.md
• packages/nest/README.md
• packages/valibot/README.md
• playgrounds/solid-start/README.md
• packages/tanstack-query/README.md
• playgrounds/electron/README.md
• packages/standard-server-fetch/README.md
• packages/openapi/README.md

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify field names used in AsideSponsors component and sponsors composable

echo "=== Fields accessed in AsideSponsors.vue ==="
rg -n 'rightSidebar' apps/content/.vitepress/theme/components/AsideSponsors.vue

echo ""
echo "=== Interface in composables/sponsors.ts ==="
rg -n -A 10 'interface JSONSponsor' apps/content/.vitepress/theme/composables/sponsors.ts

Repository: middleapi/orpc

Length of output: 1029

---

Critical: Field names don't match consuming component expectations.

The generated sponsors.ts exports fields sidebarSize and sidebarLogo, but the consuming component (AsideSponsors.vue) and composable (composables/sponsors.ts) expect:

• rightSidebarSize (not sidebarSize)
• rightSidebarLink (this field is missing entirely)
• rightSidebarLogo (not sidebarLogo)

The composable interface at apps/content/.vitepress/theme/composables/sponsors.ts defines:

export interface JSONSponsor {
  rightSidebarSize: 'normal' | 'small' | 'none'
  rightSidebarLink?: string
  rightSidebarLogo: string
  // ...
}

The component filters sponsors using s.rightSidebarSize and renders using sponsor.rightSidebarLink and sponsor.rightSidebarLogo. With the current field names, sidebar sponsors will not display.

Proposed fix: Align field names with existing interface

     return {
       name: sponsor.name,
       login: sponsor.login,
       avatar: sponsor.avatar,
       amount: sponsor.amount,
       link: sponsor.link,
       org: sponsor.org,
       ...(createdAt ? { createdAt } : {}),
       tierTitle: sponsor.tierTitle,
       tierLevel: sponsor.tierLevel,
-      sidebarSize,
-      sidebarLogo,
+      rightSidebarSize: sidebarSize,
+      rightSidebarLink: sponsor.link,
+      rightSidebarLogo: sidebarLogo,
     }

Also update the interface in the generated file:

 export interface JSONSponsor {
   name: string | null
   login: string
   avatar: string
   amount: number
   link: string
   org: boolean
   createdAt?: string
   tierTitle: string
   tierLevel: number
-  sidebarSize: SidebarPlacementSize
-  sidebarLogo: string
+  rightSidebarSize: SidebarPlacementSize
+  rightSidebarLink: string
+  rightSidebarLogo: string
 }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@scripts/sync-sponsor.ts` around lines 173 - 224, The generated file uses
sidebarSize/sidebarLogo but the site expects rightSidebarSize/rightSidebarLogo
and a rightSidebarLink field; in buildWebsiteSponsorsFileContent map
normalizedSponsors to use rightSidebarSize (from sponsor.sidebarSize with same
validation), rightSidebarLogo (from sponsor.sidebarLogo or sponsor.avatar), and
add rightSidebarLink (prefer sponsor.sidebarLink if present else sponsor.link)
instead of the current sidebar* names, and update the exported JSONSponsor
interface in the generated string to declare rightSidebarSize: 'normal' |
'small' | 'none', rightSidebarLink?: string, and rightSidebarLogo: string so the
consuming composable AsideSponsors.vue and composables/sponsors.ts receive the
expected field names.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

.github/workflows/sponsors-sync.yaml (1)

24-24: ⚠️ Potential issue | 🟠 Major

Block empty sponsor payloads before write/commit.

At Line 24, pnpm sponsors:sync can still propagate an empty upstream payload because scripts/sync-sponsor.ts parses sponsors and proceeds to write without an explicit sponsors.length === 0 guard.

🔧 Proposed fix in scripts/sync-sponsor.ts

 const sponsors = await response.json() as Sponsor[]
+if (sponsors.length === 0) {
+  throw new Error('Sponsors array is empty - aborting to prevent accidental data loss')
+}
 await writeWebsiteSponsorsFile(sponsors)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/sponsors-sync.yaml at line 24, The CI step invoking "pnpm
sponsors:sync" can write an empty payload because scripts/sync-sponsor.ts does
not guard against zero-length results; update scripts/sync-sponsor.ts to check
the parsed sponsors array (e.g., the variable returned by parseSponsors or
getSponsors) and if sponsors.length === 0 either abort with a non-zero exit
(process.exit(1)) or skip the write/commit path and log a clear warning,
ensuring the writeSponsors/saveSponsors code path is only executed when the
array has at least one entry.

🧹 Nitpick comments (2)

README.md (1)

203-319: Consider collapsing the long sponsor gallery for readability.
The expanded section is accurate, but it makes the root README significantly harder to scan. A <details> wrapper for “Backers”/“Past Sponsors” (or linking to a central sponsors page) would keep discoverability while reducing noise.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@README.md` around lines 203 - 319, The sponsor galleries (notably the
"Backers" and "Past Sponsors" sections) make README.md hard to scan; wrap those
long tables in collapsible <details> blocks (e.g., around the "Backers" and
"Past Sponsors" headings and their following <table> or <p> content) or replace
them with a short link to a separate sponsors page so the README shows only a
brief summary and a "Show more" expander/link for full lists.

scripts/sync-sponsor.ts (1)

240-248: Consider adding basic JSON structure validation.

The as Sponsor[] type assertion trusts the upstream JSON completely. While the source is controlled, a malformed response could cause cryptic errors downstream.

💡 Optional: Add minimal validation

   const sponsors = await response.json() as Sponsor[]
+
+  if (!Array.isArray(sponsors)) {
+    throw new Error('Expected sponsors data to be an array')
+  }
+
   await writeWebsiteSponsorsFile(sponsors)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@scripts/sync-sponsor.ts` around lines 240 - 248, In main(), don't blindly
trust the upstream JSON or use a raw "as Sponsor[]"; after fetching and before
calling writeWebsiteSponsorsFile, parse and perform minimal validation: ensure
the parsed value is an array (Array.isArray) and that each element contains the
required Sponsor properties (e.g., id/name/tier/website or whatever fields the
Sponsor type defines) with correct primitive types; if validation fails, throw a
clear Error including SPONSORS_SOURCE_URL and the offending structure so
failures are actionable; keep identifiers Sponsor, main, SPONSORS_SOURCE_URL,
and writeWebsiteSponsorsFile in your check so the change is easy to locate and
maintain.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/sponsors-sync.yaml:
- Line 14: The workflow pins third-party actions using mutable tags (e.g.,
actions/checkout@v4 and two other actions pinned as `@v9`); replace those tag pins
with the corresponding immutable commit SHAs for each action reference (locate
the action usages like actions/checkout@v4 and the two `@v9` entries) by finding
the exact release commit SHA on the action's GitHub repository and update the
workflow to use e.g., actions/checkout@<full-commit-sha> (repeat for each
actions/*@v9 entry) so all three action uses are referenced by their full commit
SHAs.

---

Duplicate comments:
In @.github/workflows/sponsors-sync.yaml:
- Line 24: The CI step invoking "pnpm sponsors:sync" can write an empty payload
because scripts/sync-sponsor.ts does not guard against zero-length results;
update scripts/sync-sponsor.ts to check the parsed sponsors array (e.g., the
variable returned by parseSponsors or getSponsors) and if sponsors.length === 0
either abort with a non-zero exit (process.exit(1)) or skip the write/commit
path and log a clear warning, ensuring the writeSponsors/saveSponsors code path
is only executed when the array has at least one entry.

---

Nitpick comments:
In `@README.md`:
- Around line 203-319: The sponsor galleries (notably the "Backers" and "Past
Sponsors" sections) make README.md hard to scan; wrap those long tables in
collapsible <details> blocks (e.g., around the "Backers" and "Past Sponsors"
headings and their following <table> or <p> content) or replace them with a
short link to a separate sponsors page so the README shows only a brief summary
and a "Show more" expander/link for full lists.

In `@scripts/sync-sponsor.ts`:
- Around line 240-248: In main(), don't blindly trust the upstream JSON or use a
raw "as Sponsor[]"; after fetching and before calling writeWebsiteSponsorsFile,
parse and perform minimal validation: ensure the parsed value is an array
(Array.isArray) and that each element contains the required Sponsor properties
(e.g., id/name/tier/website or whatever fields the Sponsor type defines) with
correct primitive types; if validation fails, throw a clear Error including
SPONSORS_SOURCE_URL and the offending structure so failures are actionable; keep
identifiers Sponsor, main, SPONSORS_SOURCE_URL, and writeWebsiteSponsorsFile in
your check so the change is easy to locate and maintain.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: c073d33a-0de8-4d99-8f57-4645ee111b3b

📥 Commits

Reviewing files that changed from the base of the PR and between 5eff727 and 598e6b8.

📒 Files selected for processing (53)

• .github/workflows/sponsors-sync.yaml
• README.md
• apps/content/.vitepress/theme/components/AsideSponsors.vue
• apps/content/.vitepress/theme/components/FullSponsors.vue
• apps/content/.vitepress/theme/composables/sponsors.ts
• packages/ai-sdk/README.md
• packages/arktype/README.md
• packages/client/README.md
• packages/contract/README.md
• packages/durable-iterator/README.md
• packages/hey-api/README.md
• packages/interop/README.md
• packages/json-schema/README.md
• packages/nest/README.md
• packages/openapi-client/README.md
• packages/openapi/README.md
• packages/otel/README.md
• packages/pino/README.md
• packages/publisher-durable-object/README.md
• packages/publisher/README.md
• packages/ratelimit/README.md
• packages/react-query/README.md
• packages/react-swr/README.md
• packages/react/README.md
• packages/server/README.md
• packages/shared/README.md
• packages/solid-query/README.md
• packages/standard-server-aws-lambda/README.md
• packages/standard-server-fastify/README.md
• packages/standard-server-fetch/README.md
• packages/standard-server-node/README.md
• packages/standard-server-peer/README.md
• packages/standard-server/README.md
• packages/svelte-query/README.md
• packages/tanstack-query/README.md
• packages/trpc/README.md
• packages/valibot/README.md
• packages/vue-colada/README.md
• packages/vue-query/README.md
• packages/zod/README.md
• playgrounds/astro/README.md
• playgrounds/browser-extension/README.md
• playgrounds/bun-websocket-otel/README.md
• playgrounds/cloudflare-worker/README.md
• playgrounds/contract-first/README.md
• playgrounds/electron/README.md
• playgrounds/nest/README.md
• playgrounds/next/README.md
• playgrounds/nuxt/README.md
• playgrounds/solid-start/README.md
• playgrounds/svelte-kit/README.md
• playgrounds/tanstack-start/README.md
• scripts/sync-sponsor.ts

💤 Files with no reviewable changes (1)

• apps/content/.vitepress/theme/composables/sponsors.ts

✅ Files skipped from review due to trivial changes (1)

• packages/publisher-durable-object/README.md

🚧 Files skipped from review as they are similar to previous changes (10)

• packages/openapi-client/README.md
• packages/standard-server-aws-lambda/README.md
• playgrounds/nuxt/README.md
• packages/ratelimit/README.md
• packages/vue-colada/README.md
• packages/client/README.md
• packages/solid-query/README.md
• playgrounds/bun-websocket-otel/README.md
• playgrounds/svelte-kit/README.md
• packages/react-swr/README.md

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify workflow actions that are still tag-pinned (non-SHA).
rg -n '^\s*-\s*uses:\s*[^@]+@v[0-9]+' .github/workflows
# Expected after fix: no matches

Repository: middleapi/orpc

Length of output: 1019

---

Pin GitHub Actions to immutable commit SHAs.

At lines 14, 18, and 26, actions are pinned by major tags (@v4, @v9) instead of full commit SHAs, which weakens workflow supply-chain integrity.

🔒 Suggested hardening

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@<full-commit-sha>

-      - uses: pnpm/action-setup@v4
+      - uses: pnpm/action-setup@<full-commit-sha>

-      - uses: EndBug/add-and-commit@v9
+      - uses: EndBug/add-and-commit@<full-commit-sha>

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/sponsors-sync.yaml at line 14, The workflow pins
third-party actions using mutable tags (e.g., actions/checkout@v4 and two other
actions pinned as `@v9`); replace those tag pins with the corresponding immutable
commit SHAs for each action reference (locate the action usages like
actions/checkout@v4 and the two `@v9` entries) by finding the exact release commit
SHA on the action's GitHub repository and update the workflow to use e.g.,
actions/checkout@<full-commit-sha> (repeat for each actions/*@v9 entry) so all
three action uses are referenced by their full commit SHAs.