feat: connect backend via trpc, homepage group search

[lorenzocorallo]

No description provided.

[coderabbitai]

Warning

Review limit reached

@lorenzocorallo, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 55 minutes and 30 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 1575c0ea-2c12-4939-8cbe-da02a203590a

📥 Commits

Reviewing files that changed from the base of the PR and between 87109a7 and 27b76b2.

📒 Files selected for processing (2)

• src/components/home/group-search.tsx
• src/components/home/hero.tsx

Walkthrough

This PR integrates tRPC for backend group search functionality. It adds environment variables, type definitions, a typed tRPC client, a server query function, a debounced group search component with dropdown results, a reusable spinner component, and wires the search into the Hero component.

Changes

tRPC Group Search Feature

Layer / File(s)	Summary
Dependencies and environment setup package.json, .env.example, src/env.js	Adds tRPC, SuperJSON, and backend packages; configures BACKEND_URL environment variable with validation and runtime exposure.
API type definitions src/types.ts	Exports ApiOutput, ApiInput, and ApiError type aliases inferred from the tRPC router.
tRPC client initialization src/lib/backend.ts	Creates a typed tRPC client with HTTP batch link, SuperJSON transformer, and backend URL construction.
Server-side group search query src/queries/groups.ts	Implements searchGroups(query, limit) function that calls the tRPC backend search endpoint.
Search UI components src/components/spinner.tsx, src/components/home/group-search.tsx	Adds accessible spinner component and debounced group search input with results dropdown and link rendering.
Hero section integration src/components/home/hero.tsx	Replaces inline search input with GroupSearch component.

🚥 Pre-merge checks | ✅ 3 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main changes: connecting a backend via tRPC and implementing a homepage group search feature, which aligns with the primary modifications across all files in the changeset.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (2)

src/queries/groups.ts (1)

5-8: ⚡ Quick win

Validate/clamp Server Action inputs.

"use server" exposes searchGroups as a public endpoint, so query and limit arrive directly from the client and are forwarded unchecked. The UI passes 20, but a direct caller can supply any limit, potentially triggering heavy backend queries. Consider validating with Zod (already a dependency) and clamping limit, unless the backend strictly enforces these bounds.

🛡️ Example validation

 "use server"

 import { trpc } from "`@/lib/backend`"
+import { z } from "zod"
+
+const schema = z.object({
+  query: z.string().max(200),
+  limit: z.number().int().min(1).max(50),
+})

-export async function searchGroups(query: string, limit: number = 6) {
-  const res = await trpc.tg.groups.search.query({ query, limit })
-  return res
+export async function searchGroups(query: string, limit: number = 6) {
+  const input = schema.parse({ query, limit })
+  return await trpc.tg.groups.search.query(input)
 }

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/queries/groups.ts` around lines 5 - 8, searchGroups is exposed as a
server action and forwards unvalidated client inputs directly to
trpc.tg.groups.search.query; validate and clamp inputs before calling the
backend: use Zod to parse/validate the incoming query (trim, ensure non-empty
string) and parse limit as an integer with a min (e.g. 1) and a sensible max
(e.g. 50), then pass the validated/clamped values to trpc.tg.groups.search.query
(reference: function searchGroups and the downstream call
trpc.tg.groups.search.query).

package.json (1)

27-27: 💤 Low value

Remove unused @trpc/next dependency (if not needed)

@trpc/next is only present in package.json and there are no repo references to @trpc/next / createTRPCNext. src/lib/backend.ts uses createTRPCClient + httpBatchLink from @trpc/client, so @trpc/next (React Query/createTRPCNext) doesn’t appear to be used—drop it unless something else depends on it indirectly.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@package.json` at line 27, Dependency `@trpc/next` appears unused—search the
repo for any imports/usages of "`@trpc/next`" or createTRPCNext (and confirm
src/lib/backend.ts only uses createTRPCClient and httpBatchLink from
`@trpc/client`); if there are no references, remove the "`@trpc/next`" entry from
package.json, run package manager install to update lockfile, and run tests/lint
to ensure nothing else depended on it indirectly.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/components/home/group-search.tsx`:
- Line 57: The Link element rendering group links (the one using
key={g.telegramId} href={g.link!} target="_blank"}) lacks rel attributes for
safety; update that Link (in the group-search component) to include
rel="noopener noreferrer" when target="_blank" is present so external links use
rel="noopener noreferrer" to prevent reverse-tabnabbing and referrer leakage.
- Around line 53-72: The branch currently checks results.count > 0 but then
filters groups by g.link, which can produce an empty render; update GroupSearch
to first compute a filteredGroups array (e.g., const filteredGroups =
results?.groups.filter(g => g.link) ?? []) and use filteredGroups.length > 0 for
the conditional render, map over filteredGroups (using g.telegramId, g.link,
g.title), and keep the existing debouncedSearch.state.isLoading fallback so the
spinner or "No group found" message shows when filteredGroups is empty.

In `@src/lib/backend.ts`:
- Around line 11-14: The httpBatchLink configuration in backend.ts currently
omits a fetch option, leaving requests unbounded; update the httpBatchLink call
(the object that currently has url and transformer: SuperJSON) to pass a fetch
ponyfill that uses AbortController and setTimeout to enforce a timeout: create a
fetch wrapper that creates an AbortController, starts a timer (clear on
success), calls the real fetch with signal, and rejects/aborts when the timer
fires, then supply that wrapper as the fetch property to httpBatchLink so
backend requests time out safely.

---

Nitpick comments:
In `@package.json`:
- Line 27: Dependency `@trpc/next` appears unused—search the repo for any
imports/usages of "`@trpc/next`" or createTRPCNext (and confirm src/lib/backend.ts
only uses createTRPCClient and httpBatchLink from `@trpc/client`); if there are no
references, remove the "`@trpc/next`" entry from package.json, run package manager
install to update lockfile, and run tests/lint to ensure nothing else depended
on it indirectly.

In `@src/queries/groups.ts`:
- Around line 5-8: searchGroups is exposed as a server action and forwards
unvalidated client inputs directly to trpc.tg.groups.search.query; validate and
clamp inputs before calling the backend: use Zod to parse/validate the incoming
query (trim, ensure non-empty string) and parse limit as an integer with a min
(e.g. 1) and a sensible max (e.g. 50), then pass the validated/clamped values to
trpc.tg.groups.search.query (reference: function searchGroups and the downstream
call trpc.tg.groups.search.query).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: d7a5d4fc-29f6-4e62-9de1-e29d5963de91

📥 Commits

Reviewing files that changed from the base of the PR and between 1080199 and 87109a7.

⛔ Files ignored due to path filters (2)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
• src/assets/icons/telegram-fill.svg is excluded by !**/*.svg

📒 Files selected for processing (9)

• .env.example
• package.json
• src/components/home/group-search.tsx
• src/components/home/hero.tsx
• src/components/spinner.tsx
• src/env.js
• src/lib/backend.ts
• src/queries/groups.ts
• src/types.ts

[BIA3IA]

LGTM :) Magari poi pensiamo anche a come mostrare meglio eventuali errori all’utente, tipo con un toast o qualcosa del genere

[BIA3IA]

Se in results ci fossero gruppi senza link (non so se puó succedere), poi verrebbero filtrati qui senza entrare nell'else e non si vedrebbe né il risultato né il messaggio

[BIA3IA]

Lo avevo detto il coniglio, non avevo visto :)

Comunque, quando i designers faranno il design dovremo comunque cambiarlo