Nespo.dev

Technical Specifications

Complete technical stack and version information for Nespo.dev.

Core Technologies

Monorepo & Build System

| Component | Technology | Version | |-----------|-----------|---------| | Monorepo Tool | TurboRepo | 1.12.4+ | | Package Manager | pnpm | 9.0.0+ | | Node.js | Node.js | 20.x LTS | | TypeScript | TypeScript | 5.x |

Backend Stack

| Component | Technology | Version | |-----------|-----------|---------| | Framework | NestJS | 11.x | | Runtime | Node.js | 20.x | | ORM | Prisma | 6.6.0+ | | Database | PostgreSQL | 14+ | | API Documentation | Swagger/OpenAPI | 3.0 | | Validation | class-validator | Latest | | Authentication | Passport.js + JWT | Latest |

Web Frontend

| Component | Technology | Version | |-----------|-----------|---------| | Framework | Next.js | 15.3.0+ | | React | React | 19.x | | Routing | App Router | Next.js 15 | | State Management | TanStack Query | 5.x | | Authentication | NextAuth.js | 5.x | | Styling | Tailwind CSS | 3.4.x | | UI Components | Radix UI | Latest | | Form Handling | React Hook Form | 7.x | | Validation | Zod | 3.x |

Mobile Frontend

| Component | Technology | Version | |-----------|-----------|---------| | Framework | Expo | 52.x | | React Native | React Native | Latest (via Expo) | | Navigation | Expo Router | Latest | | Styling | NativeWind | 4.x | | State Management | TanStack Query | 5.x | | Authentication | Expo Auth Session | Latest |

Development Tools

Code Quality

| Tool | Purpose | Configuration | |------|---------|---------------| | ESLint | Linting | @typescript-eslint/recommended | | Prettier | Formatting | Standard config | | Husky | Git hooks | Pre-commit, pre-push | | lint-staged | Staged file linting | Automatic | | commitlint | Commit message linting | Conventional Commits |

Testing

| Tool | Purpose | Version | |------|---------|---------| | Jest | Unit testing | 29.x | | Testing Library | Component testing | Latest | | Supertest | API testing | Latest | | Playwright | E2E testing | Latest |

Database

Schema Management

// Prisma Schema Example
model User {
  id            String    @id @default(cuid())
  email         String    @unique
  name          String?
  password      String
  role          Role      @default(USER)
  posts         Post[]
  createdAt     DateTime  @default(now())
  updatedAt     DateTime  @updatedAt
}

model Post {
  id          String    @id @default(cuid())
  title       String
  content     String
  published   Boolean   @default(false)
  author      User      @relation(fields: [authorId], references: [id])
  authorId    String
  createdAt   DateTime  @default(now())
  updatedAt   DateTime  @updatedAt
}

enum Role {
  USER
  ADMIN
  MODERATOR
}

Database Features

  • Migrations: Automatic schema migrations
  • Seeding: Database seeding for development
  • Backups: Automated backup scripts
  • Connection Pooling: Optimized connections
  • Indexing: Performance-optimized indexes

API Specifications

RESTful Endpoints

Base URL: https://api.nespo.dev/v1

Authentication:
  - POST   /auth/login
  - POST   /auth/register
  - POST   /auth/logout
  - POST   /auth/refresh
  - GET    /auth/me

Users:
  - GET    /users
  - GET    /users/:id
  - POST   /users
  - PATCH  /users/:id
  - DELETE /users/:id

Posts:
  - GET    /posts
  - GET    /posts/:id
  - POST   /posts
  - PATCH  /posts/:id
  - DELETE /posts/:id
  - POST   /posts/:id/publish

WebSocket Events

// Real-time communication
namespace: '/notifications'

Events:
  - connection
  - disconnect
  - notification:new
  - notification:read
  - notification:delete

API Response Format

// Success Response
{
  "success": true,
  "data": { /* response data */ },
  "message": "Operation successful",
  "timestamp": "2025-01-15T10:30:00Z"
}

// Error Response
{
  "success": false,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Invalid input data",
    "details": [
      {
        "field": "email",
        "message": "Email is required"
      }
    ]
  },
  "timestamp": "2025-01-15T10:30:00Z"
}

Third-Party Integrations

Payment Processing

  • Stripe: Payment gateway
  • Webhooks: Event-driven updates
  • Subscriptions: Recurring payments
  • Invoicing: Automated billing

Email Service

  • Resend: Transactional emails
  • Templates: Pre-built email templates
  • Tracking: Open and click tracking
  • Queue: Delayed sending

Cloud Storage

  • AWS S3: File storage
  • CloudFront: CDN delivery
  • Signed URLs: Secure uploads
  • Image Processing: On-the-fly resizing

Push Notifications

  • Expo Push Notifications: Mobile notifications
  • FCM: Firebase Cloud Messaging
  • APNs: Apple Push Notification service
  • Web Push: Browser notifications

Authentication Providers

  • Google OAuth: Social login
  • GitHub OAuth: Developer login
  • Email/Password: Traditional auth
  • Magic Links: Passwordless auth

Performance Specifications

Web Performance

| Metric | Target | Actual | |--------|--------|--------| | First Contentful Paint | < 1.5s | ~1.2s | | Largest Contentful Paint | < 2.5s | ~2.1s | | Time to Interactive | < 3.5s | ~3.0s | | Cumulative Layout Shift | < 0.1 | ~0.05 | | First Input Delay | < 100ms | ~50ms |

API Performance

| Metric | Target | |--------|--------| | Average Response Time | < 200ms | | P95 Response Time | < 500ms | | P99 Response Time | < 1s | | Uptime | > 99.9% |

Database Performance

  • Query Time: < 50ms average
  • Connection Pool: 20-100 connections
  • Max Connections: 200
  • Timeout: 30s

Security Features

Authentication

  • JWT tokens with expiration
  • Refresh token rotation
  • OAuth 2.0 support
  • Multi-factor authentication ready

Data Protection

  • bcrypt password hashing (12 rounds)
  • SQL injection prevention (Prisma)
  • XSS protection (React)
  • CSRF tokens
  • Rate limiting
  • Input sanitization

Network Security

  • HTTPS/TLS encryption
  • CORS configuration
  • Security headers (Helmet)
  • DDoS protection ready

Browser Support

Web Application

| Browser | Minimum Version | |---------|----------------| | Chrome | Last 2 versions | | Firefox | Last 2 versions | | Safari | Last 2 versions | | Edge | Last 2 versions |

Mobile Application

| Platform | Minimum Version | |----------|----------------| | iOS | 13.0+ | | Android | 6.0+ (API 23) |

Deployment

Container Specifications

# API Container
FROM node:20-alpine
WORKDIR /app
RUN pnpm install --prod
EXPOSE 4000
CMD ["node", "dist/main.js"]

# Web Container
FROM node:20-alpine
WORKDIR /app
RUN pnpm build
EXPOSE 3000
CMD ["pnpm", "start"]

Environment Variables

# Database
DATABASE_URL="postgresql://..."
DATABASE_POOL_SIZE=20

# Authentication
JWT_SECRET="..."
JWT_EXPIRATION="15m"
REFRESH_TOKEN_EXPIRATION="7d"

# API
API_URL="https://api.nespo.dev"
API_VERSION="v1"

# External Services
STRIPE_SECRET_KEY="..."
RESEND_API_KEY="..."
AWS_ACCESS_KEY_ID="..."

System Requirements

Development

  • CPU: 4+ cores recommended
  • RAM: 16GB recommended
  • Storage: 10GB+ free space
  • OS: macOS, Linux, Windows (WSL2)

Production

  • API Server: 2 vCPUs, 4GB RAM minimum
  • Web Server: 1 vCPU, 2GB RAM minimum
  • Database: 2 vCPUs, 4GB RAM, 50GB storage minimum
  • Load Balancer: As needed for scale

Compliance & Standards

  • GDPR: Privacy-compliant
  • WCAG 2.1: Accessibility standards
  • SOC 2: Ready for certification
  • ISO 27001: Security ready
  • OWASP Top 10: Protected

Next Steps