init commit

.eslintignore

@@ -0,0 +1,6 @@
+**/node_modules/*
+**/out/*
+**/.next/*
+**/public/charting_library/*
+**/public/datafeeds/*
+**/components/charting_library/*

.eslintrc.json

@@ -0,0 +1,25 @@
+{
+  "parser": "@typescript-eslint/parser",
+  "plugins": ["@typescript-eslint"],
+  "extends": [
+    "next",
+    "prettier",
+    "eslint:recommended",
+    "plugin:react/recommended",
+    "plugin:@typescript-eslint/recommended",
+    "plugin:tailwindcss/recommended"
+  ],
+  "rules": {
+    "react/react-in-jsx-scope": 0,
+    "@next/next/no-img-element": 0,
+    "react-hooks/rules-of-hooks": "error", // Checks rules of Hooks
+    "react-hooks/exhaustive-deps": "warn", // Checks effect dependencies
+    "@typescript-eslint/no-explicit-any": "error",
+    "@typescript-eslint/no-unused-vars": [
+      2,
+      {
+        "argsIgnorePattern": "^_"
+      }
+    ]
+  }
+}

.github/workflows/ci-code-review.yml

@@ -0,0 +1,70 @@
+name: Code Review
+
+on:
+  pull_request:
+    branches: ['main']
+  push:
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: '18'
+          cache: 'yarn'
+
+      - name: Check dep dupes
+        run: yarn ci-dupe-check
+
+      - name: Install dependencies
+        run: yarn ci
+
+      - name: Build
+        run: yarn build
+
+  semgrep:
+    name: Code Scan
+    runs-on: ubuntu-latest
+    container:
+      image: returntocorp/semgrep
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - run: semgrep ci --exclude 'public/charting_library'
+        env:
+          SEMGREP_RULES: p/typescript
+
+  sca:
+    name: Dependency Scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # Report all vulnerabilities in CI output
+      - name: Report on all vulnerabilities
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          ignore-unfixed: true
+          hide-progress: true
+          format: 'table'
+
+      # Fail the job on critical vulnerabiliies with fix available
+      - name: Fail on critical vulnerabilities
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          ignore-unfixed: true
+          hide-progress: true
+          security-checks: 'vuln' # disable secrets scanning until public
+          format: 'table'
+          severity: 'CRITICAL'
+          exit-code: '1'

.gitignore

@@ -0,0 +1,44 @@
+.serverless/
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+.env
+
+# dependencies
+/node_modules
+/.pnp
+.pnp.js
+
+# TradingView
+public/charting_library
+public/datafeeds
+
+# testing
+/coverage
+
+# next.js
+/.next/
+/out/
+
+# production
+/build
+
+# misc
+.DS_Store
+*.pem
+
+# debug
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+.pnpm-debug.log*
+
+# local env files
+.env*.local
+
+# vercel
+.vercel
+
+# typescript
+tsconfig.tsbuildinfo
+
+# Sentry Auth Token
+.sentryclirc

.husky/pre-commit

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+yarn typecheck && yarn lint --quiet && yarn format

.prettierignore

@@ -0,0 +1,7 @@
+node_modules
+.next
+.vercel
+yarn.lock
+package-lock.json
+public
+components/charting_library

.yarnrc

@@ -0,0 +1,2 @@
+ignore-scripts true
+--add.exact true

.yarnrc.yml

@@ -0,0 +1 @@
+enableScripts: false