Payload
{
"action": "edited",
"changes": {
"body": {
"from": "Preview deployed to `pr-38` — https://pr-38.stackpanel.com\n<!-- Sticky Pull Request Commentpreview-web -->"
}
},
"issue": {
"url": "https://api.github.com/repos/darkmatter/stackpanel/issues/38",
"repository_url": "https://api.github.com/repos/darkmatter/stackpanel",
"labels_url": "https://api.github.com/repos/darkmatter/stackpanel/issues/38/labels{/name}",
"comments_url": "https://api.github.com/repos/darkmatter/stackpanel/issues/38/comments",
"events_url": "https://api.github.com/repos/darkmatter/stackpanel/issues/38/events",
"html_url": "https://github.com/darkmatter/stackpanel/pull/38",
"id": 4576064176,
"node_id": "PR_kwDOQi-CSM7iBn1-",
"number": 38,
"title": "fix: production-readiness blockers — Polar prod fallback, CI gate, base-image pinning",
"user": {
"login": "czxtm",
"id": 1325802,
"node_id": "MDQ6VXNlcjEzMjU4MDI=",
"avatar_url": "https://avatars.githubusercontent.com/u/1325802?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/czxtm",
"html_url": "https://github.com/czxtm",
"followers_url": "https://api.github.com/users/czxtm/followers",
"following_url": "https://api.github.com/users/czxtm/following{/other_user}",
"gists_url": "https://api.github.com/users/czxtm/gists{/gist_id}",
"starred_url": "https://api.github.com/users/czxtm/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/czxtm/subscriptions",
"organizations_url": "https://api.github.com/users/czxtm/orgs",
"repos_url": "https://api.github.com/users/czxtm/repos",
"events_url": "https://api.github.com/users/czxtm/events{/privacy}",
"received_events_url": "https://api.github.com/users/czxtm/received_events",
"type": "User",
"user_view_type": "public",
"site_admin": false
},
"labels": [],
"state": "closed",
"locked": false,
"assignees": [],
"milestone": null,
"comments": 2,
"created_at": "2026-06-03T01:03:58Z",
"updated_at": "2026-06-05T02:04:16Z",
"closed_at": "2026-06-05T02:04:16Z",
"assignee": null,
"author_association": "MEMBER",
"issue_field_values": [],
"type": null,
"active_lock_reason": null,
"draft": false,
"pull_request": {
"url": "https://api.github.com/repos/darkmatter/stackpanel/pulls/38",
"html_url": "https://github.com/darkmatter/stackpanel/pull/38",
"diff_url": "https://github.com/darkmatter/stackpanel/pull/38.diff",
"patch_url": "https://github.com/darkmatter/stackpanel/pull/38.patch",
"merged_at": "2026-06-05T02:04:16Z"
},
"body": "## Production-readiness blockers\n\nFrom this session's production-readiness audit. The hosted E2E smoke harness already landed in #37; this PR fixes the three **prod blockers** surfaced by the audit.\n\n### 1. 🔴 Polar silently fell back to sandbox in production\n`packages/auth/src/lib/polar-products.ts` returned `process.env.POLAR_*_PRODUCTION ?? SANDBOX_*` for `production`. If a prod env var was missing (or `STACKPANEL_DEPLOY_ENV`/`NODE_ENV` was unset), **real users would get sandbox products and checkouts would not charge real cards** — with no error.\n- Now **fails fast** in production when the prod IDs are unconfigured.\n- Adds a `strict` flag (default `true`); `planForProduct()` (webhook inverse-lookup, which walks all envs) calls it with `strict:false` so it still resolves ids outside a prod runtime.\n\n### 2. 🔴 No build/test/typecheck gate on PRs\n`ci.yml` (`om ci`) and `test-fixtures.yml` have their `push`/`pull_request` triggers commented out (CodeQL + preview deploys run, but nothing compiles/tests the code).\n- Adds `.github/workflows/ci-checks.yml`: a lightweight PR gate running `vp check` + `vp test` via `setup-vp` (the repo's documented Vite+ CI integration), kept **separate** from the heavy Nix `om ci` (which stays `workflow_dispatch`-only).\n\n### 3. 🔴 Container base images not pinned\n`nix/stackpanel/lib/containers.nix`: `node`/`alpine`/`distroless`/`nginx` carried placeholder digests (`sha256:latest`, etc.) + `lib.fakeSha256`; only `bun` (the prod runtime) is pinned.\n- `pullBaseImage` now **refuses to build from an unpinned base image** with a clear, actionable error instead of a cryptic `fakeSha256` mismatch, and documents pinning via `nix-prefetch-docker`.\n\n## Validation & caveats\n- Polar change typechecks clean in isolation (strict). \n- ⚠️ `containers.nix` was **not** `nix eval`-validated — this sandbox has no Nix. Standard `assert lib.assertMsg` idiom; please confirm in a Nix env.\n- The new `ci-checks.yml` runs on this PR — it may surface **pre-existing** check/test failures (that's the point of adding the gate).\n- Fully pinning the remaining base-image digests needs `nix-prefetch-docker` (Nix tooling) and is left as a follow-up with instructions in-code.\n\nhttps://claude.ai/code/session_01TMCMpDmbLomRBZbg3FpvMV\n\n---\n_Generated by [Claude Code](https://claude.ai/code/session_01TMCMpDmbLomRBZbg3FpvMV)_\n\n<!-- codesmith:footer -->\n---\n<a href=\"https://app.blacksmith.sh/darkmatter/codesmith/stackpanel/pr/38\"><picture><source media=\"(prefers-color-scheme: dark)\" srcset=\"https://pr-comments-assets.blacksmith.sh/codesmith/view-with-codesmith-dark-v2.svg\"><source media=\"(prefers-color-scheme: light)\" srcset=\"https://pr-comments-assets.blacksmith.sh/codesmith/view-with-codesmith-light-v2.svg\"><img alt=\"View with Codesmith\" src=\"https://pr-comments-assets.blacksmith.sh/codesmith/view-with-codesmith-dark-v2.svg\"></picture></a> <a href=\"https://backend.blacksmith.sh/track/enable-autofix?expires=1783040642&installation_id=137091173&pr_number=38&repository=darkmatter%2Fstackpanel&return_to=https%3A%2F%2Fgithub.com%2Fdarkmatter%2Fstackpanel%2Fpull%2F38&signature=31707ec13eaae0ef91283f9ed60a70a4a9589e9adcb9fbaac95a146eec90175c\"><picture><source media=\"(prefers-color-scheme: dark)\" srcset=\"https://pr-comments-assets.blacksmith.sh/codesmith/autofix-with-codesmith-dark.svg\"><source media=\"(prefers-color-scheme: light)\" srcset=\"https://pr-comments-assets.blacksmith.sh/codesmith/autofix-with-codesmith-light.svg\"><img alt=\"Autofix with Codesmith\" src=\"https://pr-comments-assets.blacksmith.sh/codesmith/autofix-with-codesmith-dark.svg\"></picture></a>\n<sup>Need help on this PR? Tag <code>/codesmith</code> with what you need. Autofix is disabled.</sup>\n\n<!-- codesmith:autofix:disabled -->\n<!-- /codesmith:footer -->",
"reactions": {
"url": "https://api.github.com/repos/darkmatter/stackpanel/issues/38/reactions",
"total_count": 0,
"+1": 0,
"-1": 0,
"laugh": 0,
"hooray": 0,
"confused": 0,
"heart": 0,
"rocket": 0,
"eyes": 0
},
"timeline_url": "https://api.github.com/repos/darkmatter/stackpanel/issues/38/timeline",
"performed_via_github_app": {
"id": 1236702,
"client_id": "Iv23liqTIFEtdIu6Vn1r",
"slug": "claude",
"node_id": "A_kwHOBIuudM4AEt7e",
"owner": {
"login": "anthropics",
"id": 76263028,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjc2MjYzMDI4",
"avatar_url": "https://avatars.githubusercontent.com/u/76263028?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/anthropics",
"html_url": "https://github.com/anthropics",
"followers_url": "https://api.github.com/users/anthropics/followers",
"following_url": "https://api.github.com/users/anthropics/following{/other_user}",
"gists_url": "https://api.github.com/users/anthropics/gists{/gist_id}",
"starred_url": "https://api.github.com/users/anthropics/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/anthropics/subscriptions",
"organizations_url": "https://api.github.com/users/anthropics/orgs",
"repos_url": "https://api.github.com/users/anthropics/repos",
"events_url": "https://api.github.com/users/anthropics/events{/privacy}",
"received_events_url": "https://api.github.com/users/anthropics/received_events",
"type": "Organization",
"user_view_type": "public",
"site_admin": false
},
"name": "Claude",
"description": "Run Claude Code from your GitHub Pull Requests and Issues to respond to reviewer feedback, fix CI errors, or modify code, turning it into a virtual teammate that works alongside your development pipelines.\r\n\r\nThis is built on the publicly available Claude Code SDK.",
"external_url": "https://anthropic.com/claude-code",
"html_url": "https://github.com/apps/claude",
"created_at": "2025-04-30T17:54:24Z",
"updated_at": "2026-06-01T18:22:50Z",
"permissions": {
"actions": "write",
"checks": "write",
"contents": "write",
"discussions": "write",
"issues": "write",
"members": "read",
"metadata": "read",
"pull_requests": "write",
"repository_hooks": "write",
"statuses": "read",
"workflows": "write"
},
"events": [
"check_run",
"check_suite",
"commit_comment",
"discussion",
"discussion_comment",
"issues",
"issue_comment",
"merge_queue_entry",
"pull_request",
"pull_request_review",
"pull_request_review_comment",
"push",
"release",
"repository_dispatch",
"status",
"sub_issues",
"workflow_dispatch",
"workflow_job",
"workflow_run"
]
},
"state_reason": null
},
"comment": {
"url": "https://api.github.com/repos/darkmatter/stackpanel/issues/comments/4608214432",
"html_url": "https://github.com/darkmatter/stackpanel/pull/38#issuecomment-4608214432",
"issue_url": "https://api.github.com/repos/darkmatter/stackpanel/issues/38",
"id": 4608214432,
"node_id": "IC_kwDOQi-CSM8AAAABEqvFoA",
"user": {
"login": "github-actions[bot]",
"id": 41898282,
"node_id": "MDM6Qm90NDE4OTgyODI=",
"avatar_url": "https://avatars.githubusercontent.com/in/15368?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/github-actions%5Bbot%5D",
"html_url": "https://github.com/apps/github-actions",
"followers_url": "https://api.github.com/users/github-actions%5Bbot%5D/followers",
"following_url": "https://api.github.com/users/github-actions%5Bbot%5D/following{/other_user}",
"gists_url": "https://api.github.com/users/github-actions%5Bbot%5D/gists{/gist_id}",
"starred_url": "https://api.github.com/users/github-actions%5Bbot%5D/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/github-actions%5Bbot%5D/subscriptions",
"organizations_url": "https://api.github.com/users/github-actions%5Bbot%5D/orgs",
"repos_url": "https://api.github.com/users/github-actions%5Bbot%5D/repos",
"events_url": "https://api.github.com/users/github-actions%5Bbot%5D/events{/privacy}",
"received_events_url": "https://api.github.com/users/github-actions%5Bbot%5D/received_events",
"type": "Bot",
"user_view_type": "public",
"site_admin": false
},
"created_at": "2026-06-03T01:05:10Z",
"updated_at": "2026-06-05T02:04:56Z",
"body": "Preview `pr-38` has been destroyed.\n<!-- Sticky Pull Request Commentpreview-web -->",
"author_association": "CONTRIBUTOR",
"reactions": {
"url": "https://api.github.com/repos/darkmatter/stackpanel/issues/comments/4608214432/reactions",
"total_count": 0,
"+1": 0,
"-1": 0,
"laugh": 0,
"hooray": 0,
"confused": 0,
"heart": 0,
"rocket": 0,
"eyes": 0
},
"performed_via_github_app": {
"id": 15368,
"client_id": "Iv1.05c79e9ad1f6bdfa",
"slug": "github-actions",
"node_id": "MDM6QXBwMTUzNjg=",
"owner": {
"login": "github",
"id": 9919,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjk5MTk=",
"avatar_url": "https://avatars.githubusercontent.com/u/9919?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/github",
"html_url": "https://github.com/github",
"followers_url": "https://api.github.com/users/github/followers",
"following_url": "https://api.github.com/users/github/following{/other_user}",
"gists_url": "https://api.github.com/users/github/gists{/gist_id}",
"starred_url": "https://api.github.com/users/github/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/github/subscriptions",
"organizations_url": "https://api.github.com/users/github/orgs",
"repos_url": "https://api.github.com/users/github/repos",
"events_url": "https://api.github.com/users/github/events{/privacy}",
"received_events_url": "https://api.github.com/users/github/received_events",
"type": "Organization",
"user_view_type": "public",
"site_admin": false
},
"name": "GitHub Actions",
"description": "Automate your workflow from idea to production",
"external_url": "https://help.github.com/en/actions",
"html_url": "https://github.com/apps/github-actions",
"created_at": "2018-07-30T09:30:17Z",
"updated_at": "2026-05-05T14:51:38Z",
"permissions": {
"actions": "write",
"administration": "read",
"artifact_metadata": "write",
"attestations": "write",
"checks": "write",
"code_quality": "write",
"contents": "write",
"copilot_requests": "write",
"deployments": "write",
"discussions": "write",
"issues": "write",
"merge_queues": "write",
"metadata": "read",
"models": "read",
"packages": "write",
"pages": "write",
"pull_requests": "write",
"repository_hooks": "write",
"repository_projects": "write",
"security_events": "write",
"statuses": "write",
"vulnerability_alerts": "read"
},
"events": [
"branch_protection_rule",
"check_run",
"check_suite",
"create",
"delete",
"deployment",
"deployment_status",
"discussion",
"discussion_comment",
"fork",
"gollum",
"issues",
"issue_comment",
"label",
"merge_group",
"milestone",
"page_build",
"public",
"pull_request",
"pull_request_review",
"pull_request_review_comment",
"push",
"registry_package",
"release",
"repository",
"repository_dispatch",
"status",
"watch",
"workflow_dispatch",
"workflow_run"
]
}
},
"repository": {
"id": 1110409800,
"node_id": "R_kgDOQi-CSA",
"name": "stackpanel",
"full_name": "darkmatter/stackpanel",
"private": false,
"owner": {
"login": "darkmatter",
"id": 17834193,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjE3ODM0MTkz",
"avatar_url": "https://avatars.githubusercontent.com/u/17834193?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/darkmatter",
"html_url": "https://github.com/darkmatter",
"followers_url": "https://api.github.com/users/darkmatter/followers",
"following_url": "https://api.github.com/users/darkmatter/following{/other_user}",
"gists_url": "https://api.github.com/users/darkmatter/gists{/gist_id}",
"starred_url": "https://api.github.com/users/darkmatter/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/darkmatter/subscriptions",
"organizations_url": "https://api.github.com/users/darkmatter/orgs",
"repos_url": "https://api.github.com/users/darkmatter/repos",
"events_url": "https://api.github.com/users/darkmatter/events{/privacy}",
"received_events_url": "https://api.github.com/users/darkmatter/received_events",
"type": "Organization",
"user_view_type": "public",
"site_admin": false
},
"html_url": "https://github.com/darkmatter/stackpanel",
"description": "Ship products, not plumbing. Making Nix dev environments accessible to all.",
"fork": false,
"url": "https://api.github.com/repos/darkmatter/stackpanel",
"forks_url": "https://api.github.com/repos/darkmatter/stackpanel/forks",
"keys_url": "https://api.github.com/repos/darkmatter/stackpanel/keys{/key_id}",
"collaborators_url": "https://api.github.com/repos/darkmatter/stackpanel/collaborators{/collaborator}",
"teams_url": "https://api.github.com/repos/darkmatter/stackpanel/teams",
"hooks_url": "https://api.github.com/repos/darkmatter/stackpanel/hooks",
"issue_events_url": "https://api.github.com/repos/darkmatter/stackpanel/issues/events{/number}",
"events_url": "https://api.github.com/repos/darkmatter/stackpanel/events",
"assignees_url": "https://api.github.com/repos/darkmatter/stackpanel/assignees{/user}",
"branches_url": "https://api.github.com/repos/darkmatter/stackpanel/branches{/branch}",
"tags_url": "https://api.github.com/repos/darkmatter/stackpanel/tags",
"blobs_url": "https://api.github.com/repos/darkmatter/stackpanel/git/blobs{/sha}",
"git_tags_url": "https://api.github.com/repos/darkmatter/stackpanel/git/tags{/sha}",
"git_refs_url": "https://api.github.com/repos/darkmatter/stackpanel/git/refs{/sha}",
"trees_url": "https://api.github.com/repos/darkmatter/stackpanel/git/trees{/sha}",
"statuses_url": "https://api.github.com/repos/darkmatter/stackpanel/statuses/{sha}",
"languages_url": "https://api.github.com/repos/darkmatter/stackpanel/languages",
"stargazers_url": "https://api.github.com/repos/darkmatter/stackpanel/stargazers",
"contributors_url": "https://api.github.com/repos/darkmatter/stackpanel/contributors",
"subscribers_url": "https://api.github.com/repos/darkmatter/stackpanel/subscribers",
"subscription_url": "https://api.github.com/repos/darkmatter/stackpanel/subscription",
"commits_url": "https://api.github.com/repos/darkmatter/stackpanel/commits{/sha}",
"git_commits_url": "https://api.github.com/repos/darkmatter/stackpanel/git/commits{/sha}",
"comments_url": "https://api.github.com/repos/darkmatter/stackpanel/comments{/number}",
"issue_comment_url": "https://api.github.com/repos/darkmatter/stackpanel/issues/comments{/number}",
"contents_url": "https://api.github.com/repos/darkmatter/stackpanel/contents/{+path}",
"compare_url": "https://api.github.com/repos/darkmatter/stackpanel/compare/{base}...{head}",
"merges_url": "https://api.github.com/repos/darkmatter/stackpanel/merges",
"archive_url": "https://api.github.com/repos/darkmatter/stackpanel/{archive_format}{/ref}",
"downloads_url": "https://api.github.com/repos/darkmatter/stackpanel/downloads",
"issues_url": "https://api.github.com/repos/darkmatter/stackpanel/issues{/number}",
"pulls_url": "https://api.github.com/repos/darkmatter/stackpanel/pulls{/number}",
"milestones_url": "https://api.github.com/repos/darkmatter/stackpanel/milestones{/number}",
"notifications_url": "https://api.github.com/repos/darkmatter/stackpanel/notifications{?since,all,participating}",
"labels_url": "https://api.github.com/repos/darkmatter/stackpanel/labels{/name}",
"releases_url": "https://api.github.com/repos/darkmatter/stackpanel/releases{/id}",
"deployments_url": "https://api.github.com/repos/darkmatter/stackpanel/deployments",
"created_at": "2025-12-05T06:37:57Z",
"updated_at": "2026-06-05T02:04:20Z",
"pushed_at": "2026-06-05T02:04:16Z",
"git_url": "git://github.com/darkmatter/stackpanel.git",
"ssh_url": "git@github.com:darkmatter/stackpanel.git",
"clone_url": "https://github.com/darkmatter/stackpanel.git",
"svn_url": "https://github.com/darkmatter/stackpanel",
"homepage": "https://stackpanel.com",
"size": 116180,
"stargazers_count": 5,
"watchers_count": 5,
"language": "TypeScript",
"has_issues": true,
"has_projects": true,
"has_downloads": true,
"has_wiki": true,
"has_pages": false,
"has_discussions": false,
"forks_count": 1,
"mirror_url": null,
"archived": false,
"disabled": false,
"open_issues_count": 0,
"license": null,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"has_pull_requests": true,
"pull_request_creation_policy": "all",
"topics": [],
"visibility": "public",
"forks": 1,
"open_issues": 0,
"watchers": 5,
"default_branch": "main",
"custom_properties": {}
},
"organization": {
"login": "darkmatter",
"id": 17834193,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjE3ODM0MTkz",
"url": "https://api.github.com/orgs/darkmatter",
"repos_url": "https://api.github.com/orgs/darkmatter/repos",
"events_url": "https://api.github.com/orgs/darkmatter/events",
"hooks_url": "https://api.github.com/orgs/darkmatter/hooks",
"issues_url": "https://api.github.com/orgs/darkmatter/issues",
"members_url": "https://api.github.com/orgs/darkmatter/members{/member}",
"public_members_url": "https://api.github.com/orgs/darkmatter/public_members{/member}",
"avatar_url": "https://avatars.githubusercontent.com/u/17834193?v=4",
"description": ""
},
"enterprise": {
"id": 469843,
"slug": "darkmatter",
"name": "darkmatter",
"node_id": "E_kgDOAAcrUw",
"avatar_url": "https://avatars.githubusercontent.com/b/469843?v=4",
"description": "",
"website_url": "darkmatter.io",
"html_url": "https://github.com/enterprises/darkmatter",
"created_at": "2025-09-07T16:01:00Z",
"updated_at": "2026-05-09T15:34:55Z"
},
"sender": {
"login": "github-actions[bot]",
"id": 41898282,
"node_id": "MDM6Qm90NDE4OTgyODI=",
"avatar_url": "https://avatars.githubusercontent.com/in/15368?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/github-actions%5Bbot%5D",
"html_url": "https://github.com/apps/github-actions",
"followers_url": "https://api.github.com/users/github-actions%5Bbot%5D/followers",
"following_url": "https://api.github.com/users/github-actions%5Bbot%5D/following{/other_user}",
"gists_url": "https://api.github.com/users/github-actions%5Bbot%5D/gists{/gist_id}",
"starred_url": "https://api.github.com/users/github-actions%5Bbot%5D/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/github-actions%5Bbot%5D/subscriptions",
"organizations_url": "https://api.github.com/users/github-actions%5Bbot%5D/orgs",
"repos_url": "https://api.github.com/users/github-actions%5Bbot%5D/repos",
"events_url": "https://api.github.com/users/github-actions%5Bbot%5D/events{/privacy}",
"received_events_url": "https://api.github.com/users/github-actions%5Bbot%5D/received_events",
"type": "Bot",
"user_view_type": "public",
"site_admin": false
},
"installation": {
"id": 131074261,
"node_id": "MDIzOkludGVncmF0aW9uSW5zdGFsbGF0aW9uMTMxMDc0MjYx"
}
}