Template Site: Astro pages & components #494

christian-byrne · 2026-01-20T22:58:53Z

Summary

Base Astro project with pages, components, and layouts for the template site.

Added

Astro project setup with sitemap
/templates/ listing page
/templates/[slug] detail page
Components: TemplateCard, TryOnCloudButton, SEOHead
BaseLayout with responsive styling
Mock template data (replaced by sync script)

Template Site PRs (merge in order)

PR 1 of 5 ← this one
PR 2: sync-script
PR 3: ai-generation
PR 4: preview-gen
PR 5: cicd

Integration tested locally on template-site/integration branch.

- Initialize Astro project with @astrojs/sitemap and TypeScript - Configure site URL for https://templates.comfy.org - Create content collection schema for template data - Add 5 mock template JSON files for development - Build pages: - Homepage with redirect to /templates/ - Template listing page with grid of cards - Template detail pages with full content - Create components: - SEOHead: Meta tags, Open Graph, structured data - TemplateCard: Card component for listings - TryOnCloudButton: CTA linking to Comfy Cloud - Add BaseLayout with header, footer, and global styles - Include FAQ and SoftwareApplication structured data

socket-security · 2026-01-20T23:03:49Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/@astrojs/sitemap@3.7.0
	npm/astro@5.16.11
	npm/typescript@5.9.3

View full report

socket-security · 2026-01-20T23:03:51Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		Obfuscated code: npm `entities` is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: site/package-lock.json → `npm/[email protected]` → `npm/[email protected]` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `[email protected]`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/[email protected]`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `entities` is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: site/package-lock.json → `npm/[email protected]` → `npm/[email protected]` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `[email protected]`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/[email protected]`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm `vite` is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: site/package-lock.json → `npm/[email protected]` → `npm/[email protected]` ℹ Read more on: This package \| This alert \| What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `[email protected]`. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/[email protected]`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

christian-byrne added 2 commits January 20, 2026 13:42

Add template site PRD, design doc, and workstream split plan

d0310bb

christian-byrne mentioned this pull request Jan 20, 2026

Template Site: Sync script #495

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Template Site: Astro pages & components #494

Template Site: Astro pages & components #494

Uh oh!

christian-byrne commented Jan 20, 2026

Uh oh!

socket-security bot commented Jan 20, 2026

Uh oh!

socket-security bot commented Jan 20, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Template Site: Astro pages & components #494

Are you sure you want to change the base?

Template Site: Astro pages & components #494

Uh oh!

Conversation

christian-byrne commented Jan 20, 2026

Summary

Added

Template Site PRs (merge in order)

Uh oh!

socket-security bot commented Jan 20, 2026

Uh oh!

socket-security bot commented Jan 20, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants