/** @type {import('next').NextConfig} */ const nextConfig = { // Enable standalone output for production deployment output: 'standalone', // Turbopack configuration (Next.js 15.5+) turbopack: { // Enable Turbopack optimizations resolveAlias: { // Path aliases for cleaner imports '@': './src', }, }, // Environment variables validation env: { NEXT_PUBLIC_API_BASE: process.env.NEXT_PUBLIC_API_BASE, NEXT_PUBLIC_APP_NAME: process.env.NEXT_PUBLIC_APP_NAME, NEXT_PUBLIC_APP_VERSION: process.env.NEXT_PUBLIC_APP_VERSION, }, // Image optimization images: { remotePatterns: [ { protocol: 'https', hostname: '**', }, ], }, // Security headers async headers() { return [ { // Apply security headers to all routes source: '/(.*)', headers: [ { key: 'X-Frame-Options', value: 'DENY' }, { key: 'X-Content-Type-Options', value: 'nosniff' }, { key: 'Referrer-Policy', value: 'strict-origin-when-cross-origin' }, { key: 'X-XSS-Protection', value: '1; mode=block' }, // Content Security Policy - development-friendly { key: 'Content-Security-Policy', value: process.env.NODE_ENV === 'development' ? "default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https: http://localhost:* ws://localhost:*; frame-ancestors 'none';" : "default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' https:; frame-ancestors 'none';" } ], }, ] }, // Production optimizations compiler: { // Remove console.logs in production removeConsole: process.env.NODE_ENV === 'production', }, // Note: Webpack configuration removed - using Turbopack exclusively // Turbopack handles bundling automatically with better performance }; export default nextConfig;