Fix/apps import

[IAmKio]

Description

• Added: vite-plugin-dynamic-import, also configured to load the apps directory as aliases
• Changed: Apps directory is now loaded via the import.meta.glob method
• Removed: Redundant app loading code
• Removed: Redundant README and example manifest file

How Has This Been Tested?

• Locally
• On preview branch: https://fix-apps-import.x-e62.pages.dev/

Screenshots (if appropriate):

Types of changes

• Bug fix (non-breaking change which fixes an issue)

Summary by CodeRabbit

• Chores

  • Added a new development dependency for dynamic imports.
  • Updated Vite configuration to support dynamic imports and added an alias for simplified app imports.

• Refactor

  • Simplified dynamic app manifest and component imports for improved maintainability.
  • Removed logic related to loading development apps based on environment variables.

• Documentation

  • Deleted developer documentation and example manifest for app creation and configuration.

[coderabbitai]

Walkthrough

This update introduces the vite-plugin-dynamic-import as a development dependency and integrates it into the Vite configuration. It also removes documentation and example files related to app manifests, simplifies dynamic import logic in several modules, and refactors the routing mechanism to use import.meta.glob for app discovery, eliminating environment-based conditional routes.

Changes

File(s)	Change Summary
package.json	Added vite-plugin-dynamic-import to devDependencies.
vite.config.js	Imported vite-plugin-dynamic-import, added it to plugins, and set up an alias for src/apps.
src/apps/index.ts, src/pages/App/index.tsx	Simplified dynamic import statements; removed @vite-ignore comments and conditional dev app logic.
src/containers/Main.tsx	Refactored routing: uses import.meta.glob for app entry discovery; removed env-based dev app routing.
src/apps/README.md, src/apps/manifest.json.example	Deleted documentation and example manifest files.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant MainRouter
    participant AppLoader
    participant AppComponent

    User->>MainRouter: Navigates to /apps/:id
    MainRouter->>AppLoader: Dynamically import app entry points (import.meta.glob)
    AppLoader->>AppComponent: Import app by ID
    AppComponent-->>User: Render app UI

Loading

Suggested reviewers

• RanaBug

Poem

🐇
A plugin hops into our Vite,
Dynamic imports now feel light.
Old docs and samples bid adieu,
While routing paths are fresh and new.
With globs and aliases in the mix,
Our apps load up with fewer tricks!

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

npm error Exit handler never called!
npm error This is an error with npm itself. Please report this error at:
npm error https://github.com/npm/cli/issues
npm error A complete log of this run can be found in: /.npm/_logs/2025-07-02T21_32_08_977Z-debug-0.log

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b6bb862 and d0386f5.

⛔ Files ignored due to path filters (1)

• src/containers/__snapshots__/Main.test.tsx.snap is excluded by !**/*.snap

📒 Files selected for processing (1)

• src/containers/Main.tsx (3 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• src/containers/Main.tsx

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: lint
• GitHub Check: unit-tests
• GitHub Check: build

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d960773 and b6bb862.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (7)

• package.json (1 hunks)
• src/apps/README.md (0 hunks)
• src/apps/index.ts (1 hunks)
• src/apps/manifest.json.example (0 hunks)
• src/containers/Main.tsx (2 hunks)
• src/pages/App/index.tsx (1 hunks)
• vite.config.js (1 hunks)

💤 Files with no reviewable changes (2)

• src/apps/manifest.json.example
• src/apps/README.md

🧰 Additional context used

🧬 Code Graph Analysis (2)

src/containers/Main.tsx (2)

src/apps/the-exchange/index.tsx (1)

• App (25-76)

src/apps/sign-message/index.tsx (1)

• App (37-85)

src/apps/index.ts (1)

src/types/index.ts (1)

• AppManifest (6-10)

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: lint
• GitHub Check: unit-tests

🔇 Additional comments (6)

src/pages/App/index.tsx (1)

95-97: LGTM! Dynamic import simplification aligns with plugin addition.

The removal of the @vite-ignore comment is appropriate now that the vite-plugin-dynamic-import plugin handles dynamic imports properly. This change is consistent with the broader refactor.

src/apps/index.ts (1)

20-20: All manifest.json files confirmed—dynamic import path is valid

All app directories under src/apps/ contain a manifest.json, so

appManifest = (await import(`./${appId}/manifest.json`)) as AppManifest;

will resolve at runtime with the dynamic‐import plugin.

No further action needed.

vite.config.js (3)

2-4: LGTM! Plugin imports are properly configured.

The addition of the path module and vite-plugin-dynamic-import is correctly implemented to support the dynamic import refactor.

---

8-8: LGTM! Plugin properly added to configuration.

The dynamicImport() plugin is correctly added to the plugins array alongside existing plugins.

---

13-17: Verify the '@' alias or remove it

A project-wide search in .js, .ts, .jsx, .tsx, and .vue files found no imports or requires using @/. Before deleting this alias mapping, please:

• Manually check for any dynamic imports, test files, scripts, or documentation that may reference @.

• If truly unused, remove lines 13–17 in vite.config.js:

   resolve: {
     alias: {
  -    '@': path.join(__dirname, 'src/apps'),
     },
   },

• Otherwise, add documentation or examples showing its intended usage.

src/containers/Main.tsx (1)

50-50: LGTM! Import organization improvement.

Moving the App import to a more logical location improves code organization.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Verify the plugin version and security status.

Ensure that vite-plugin-dynamic-import@^1.6.0 is the latest stable version and check for any known security vulnerabilities.

---

🌐 Web query:

What is the latest version of vite-plugin-dynamic-import npm package and are there any known security vulnerabilities for version 1.6.0?

💡 Result:

The latest released version of the vite-plugin-dynamic-import npm package is 1.3.1, as documented in its official repository README and release history[1]. There is no evidence in the available results of a version 1.6.0 for this package[1]. The readme specifically documents up to version 1.3.1 (released in April 2023), and there are no indications of newer releases or changelogs referencing version 1.6.0[1].

Regarding security vulnerabilities for version 1.6.0, since there is no reference to version 1.6.0 in official sources or security databases in the search results, there is no known public record or advisory for security vulnerabilities affecting that version[1]. Additionally, widely used vulnerability scanners and advisories (like Snyk) do not list vite-plugin-dynamic-import version 1.6.0 or any vulnerabilities for this plugin in the context provided[4].

Summary Table

Plugin	Latest Version	Version 1.6.0 Exists?	Known Vulnerabilities (1.6.0)
vite-plugin-dynamic-import	1.3.1	No	No known vulnerabilities

If you are referring to a different similarly-named plugin (such as vite-plugin-dynamic-import-module), its latest version is also lower (v0.2.1)[3]. If you have a specific npm link for "1.6.0," it could be a fork or similarly named but distinct package.

Conclusion:

• The most recent official version is 1.3.1.
• Version 1.6.0 does not exist in the official repo or main npm registry as of July 2025.
• No known security vulnerabilities are reported for a nonexistent version 1.6.0 of this package[1].

Citations:

• 1: https://github.com/vite-plugin/vite-plugin-dynamic-import/blob/main/README.zh-CN.md
• 2: https://github.com/sveltejs/vite-plugin-svelte/blob/main/pnpm-lock.yaml
• 3: https://github.com/Dunqing/vite-plugin-dynamic-import-module
• 4: https://security.snyk.io/package/npm/vite
• 5: https://vite.dev/guide/features
• 6: https://docs.cypress.io/app/references/changelog
• 7: https://codeparrot.ai/blogs/advanced-guide-to-using-vite-with-react-in-2025
• 8: https://reactrouter.com/changelog
• 9: https://www.npmjs.com/package/vite-plugin-dynamic-import
• 10: https://www.npmjs.com/package/vite-plugin-dynamic-import/v/0.1.1

---

Invalid version for vite-plugin-dynamic-import—update to latest release

The package.json entry specifies "vite-plugin-dynamic-import": "^1.6.0", but there is no version 1.6.0 published. The most recent official release is 1.3.1, and there are no known vulnerabilities for that version.

• package.json, line 137: change
"vite-plugin-dynamic-import": "^1.6.0"
to
"vite-plugin-dynamic-import": "^1.3.1"

🤖 Prompt for AI Agents

In package.json at line 137, the version specified for
"vite-plugin-dynamic-import" is "^1.6.0", which does not exist. Update this
version to the latest official release by changing it to "^1.3.1" to ensure the
dependency is valid and up to date.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Significant architectural change: verify app discovery robustness.

This replaces explicit app configuration with automatic discovery using import.meta.glob. While more flexible, there are potential concerns:

1. Path extraction brittleness: path.split('/')[2] assumes a specific path format and could break if the glob pattern or directory structure changes.
2. Loss of explicit control: The previous approach with allowedApps provided explicit control over which apps are loaded.

Consider making the path extraction more robust:

-    const appId = path.split('/')[2];
+    const pathParts = path.split('/');
+    const appId = pathParts[pathParts.length - 2]; // Gets the directory name before index.tsx

Verify that all discovered apps have the expected structure:

---

🏁 Script executed:

#!/bin/bash
# Description: Verify app discovery works correctly and all apps have required files

echo "=== Discovered apps using the glob pattern ==="
fd -t f "index.tsx" src/apps/ -d 2

echo -e "\n=== Checking each app directory structure ==="
fd -t d . src/apps/ -d 1 --exec sh -c 'echo "App: $(basename {})"; ls -la {}/index.tsx {}/manifest.json 2>/dev/null || echo "  Missing required files"'

echo -e "\n=== Verifying App component exports ==="
fd -t f "index.tsx" src/apps/ -d 2 --exec sh -c 'echo "File: {}"; grep -n "export.*App\|export default" {} || echo "  No App export found"'

Length of output: 3157

---

Ensure robust app ID extraction in Main.tsx

All existing apps under src/apps/ have the expected index.tsx and manifest.json, and each exports an App component. To guard against future changes in relative paths, replace the hard-coded index with a dynamic lookup:

• File: src/containers/Main.tsx
Lines: 239–258

Proposed diff:

     // Import app directory globs so that we can
     // dynamically extract and import the manifest
     // data needed to show the app icons
     const appImports = import.meta.glob('../apps/*/index.tsx');
     for (const path in appImports) {
-      // Extract the app ID from the path
-      const appId = path.split('/')[2];
+      // Extract the app ID more robustly
+      const pathParts = path.split('/');
+      const appId = pathParts[pathParts.length - 2]; // directory before index.tsx

       authorizedRoutesDefinition[0].children.push({
         path: `/${appId}`,
         element: <App id={appId} />,
       });

With this change, any adjustments to the glob’s relative depth won’t break your ID extraction.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	/**
	* Import app directory globs so that we can
	* dynamically extract and import the manifest
	* data needed to show the app icons
	*/
	const appImports = import.meta.glob('../apps/*/index.tsx');
	for (const path in appImports) {
	// Extract the app ID from the path
	const appId = path.split('/')[2];
	authorizedRoutesDefinition[0].children.push({
	path: `/${appId}`,
	element: <App id={appId} />,
	});
	authorizedRoutesDefinition[0].children.push({
	path: `/${appId}/*`,
	element: <App id={appId} />,
	});
	});
	// Finally, add the development app to the route definition
	// if it exists...
	if (import.meta.env.VITE_PX_DEVELOPMENT_ID) {
	authorizedRoutesDefinition[0].children.push({
	path: `/${import.meta.env.VITE_PX_DEVELOPMENT_ID}`,
	element: <App id={import.meta.env.VITE_PX_DEVELOPMENT_ID} />,
	});
	}
	/**
	* Import app directory globs so that we can
	* dynamically extract and import the manifest
	* data needed to show the app icons
	*/
	const appImports = import.meta.glob('../apps/*/index.tsx');
	for (const path in appImports) {
	- // Extract the app ID from the path
	- const appId = path.split('/')[2];
	+ // Extract the app ID more robustly
	+ const pathParts = path.split('/');
	+ const appId = pathParts[pathParts.length - 2]; // directory before index.tsx
	authorizedRoutesDefinition[0].children.push({
	path: `/${appId}`,
	element: <App id={appId} />,
	});
	authorizedRoutesDefinition[0].children.push({
	path: `/${appId}/*`,
	element: <App id={appId} />,
	});
	}

🤖 Prompt for AI Agents

In src/containers/Main.tsx around lines 239 to 258, the app ID extraction from
the path uses a hard-coded index which can break if the relative path depth
changes. To fix this, replace the fixed index with a dynamic method that
extracts the app ID by locating the app folder name relative to the glob
pattern, such as using path methods to find the folder name before 'index.tsx'.
This ensures the extraction remains correct even if the directory structure
changes.

[cloudflare-workers-and-pages]

Deploying x with    Cloudflare Pages

Latest commit:	d0386f5
Status:	✅  Deploy successful!
Preview URL:	https://38307199.x-e62.pages.dev
Branch Preview URL:	https://fix-apps-import.x-e62.pages.dev

View logs

[RanaBug]

LGTM