The budget options were English/USD even in Persian mode. Make them
locale-aware (stable option values) so the FA form is fully Persian.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The site sits behind a CDN and shipped static assets with no Cache-Control
and no versioning, so browsers/CDN kept serving stale css/js after a deploy
(the "design didn't change" symptom).
- HTML responses now send Cache-Control: no-cache, no-store, must-revalidate
so the page itself is always revalidated.
- Static assets get a long cache and are fingerprinted via asp-append-version
(/css/site.css?v=<contenthash>), so they bust automatically on every change.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Audited the site with the ui-ux-pro-max skill. It validated the brand blue
(#2563EB == its SaaS primary) but flagged real high-severity gaps:
- Contrast: muted grays were zinc-400 (~2.8:1, fails WCAG AA). Bumped the
muted token + all text-zinc-400 to zinc-500 (#71717a, ~4.6:1).
- Touch targets: social buttons 38px -> 44x44 (meets 44pt minimum).
- Cursor + disabled: cursor-pointer on buttons; disabled state dims + blocks.
- Form a11y: required-field asterisks (name/service/budget/message),
autocomplete on name/company, and role=status aria-live=polite on the
submit status so screen readers announce success/error.
Kept Syne + system fonts and the blue accent (skill suggested Inter + an
AI-purple palette its own anti-patterns reject). Rebuilt Tailwind bundles.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Broaden the messaging so AI is one strong pillar, not the whole story
(matches the real portfolio: web/SaaS, mobile, a game, plus AI tools).
- Hero: "software, enterprise apps, and AI solutions"; role is now
"Software & AI Engineer, Solution Architect"
- Services reframed: Web & enterprise apps, Mobile apps, Solution
architecture & cloud, AI solutions, Automation & integrations, Strategy
(replaces the six AI-centric ones; new "apps" icon)
- Expertise areas lead with architecture + web/enterprise apps, AI as one
- Contact service options, meta description, title, footer blurb updated
English and Persian both. No CSS/JS changes.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Rewrite the FA strings sitewide in natural, human Persian (English unchanged),
removing translation calques like «معمار راهکار», «هوش مصنوعی تولیدی»,
«موارد کاربری», «چرخههای هیجان», «استقرار در تولید», «محیط تولید».
Covers: hero, services, pipeline, stack, expertise, portfolio, blog, contact
(Index), nav/meta/footer (_Layout), the /blog list + per-post FA titles
(BlogIndexModel, PostModel). Also removed two stray English em-dashes in the
blog excerpts.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The FA hero read as machine-translated calque. Replace with natural Persian:
- subhead: «هوش مصنوعیای میسازم که فقط روی کاغذ نمیماند؛ از طراحی تا اجرا، در مقیاس سازمانی.»
- role: «مهندس هوش مصنوعی و معمار نرمافزار.» (was the calque «معمار راهکار»)
English copy unchanged.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Swap the fabricated case studies (Atlas/Sentinel/etc. with invented metrics)
for the four real shipped products, each linking to its live site:
- Hamkadr (hamkadr.ir) - healthcare staffing marketplace
- Meezi (meezi.ir) - cafe/restaurant management SaaS
- Barge Vasat (bargevasat.ir) - online Hokm card game
- Flatrender (flatrender.ir) - AI video/image studio
Cards are now external links (2x2 grid), no invented numbers or clients.
Regenerated the purged Tailwind bundle for the new classes.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The runtime CDN (cdn.tailwindcss.com) is not production-grade: FOUC, no
purging, and an external request that is slow/blocked from some networks.
- Add Tailwind v3 build (package.json `npm run build`) with two scoped configs:
public (accent + zinc) -> wwwroot/css/tailwind.css, and admin (dark base/
electric/violet/emerald, separate to avoid the emerald flat-vs-scale clash)
-> wwwroot/css/tailwind-admin.css. Both minified + content-purged.
- Layouts now link the built CSS instead of the CDN script; built artifacts
are committed so Docker/CI need no Node step. node_modules stays ignored.
- Verified: utilities (incl. arbitrary values like aspect-[16/9], grid-cols-
[8rem_1fr]) resolve; public + admin render; no console errors.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The transitive SQLitePCLRaw.lib.e_sqlite3 2.1.11 (via EF Core 10 Sqlite) is
flagged High by GHSA-2m69-gcr7-jv3q, and the 2.x line has no patched release
(first_patched_version: null). Pin SQLitePCLRaw.bundle_e_sqlite3 3.0.3, which
is outside the vulnerable range (<= 2.1.11). Runtime-verified: EnsureCreated
and a DB read both succeed; `dotnet list package --vulnerable` is now clean.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Redesign-preserve pass on the light editorial theme (dials 7/5/3):
- Hero: live availability status, accent value-prop, role line, social row,
staggered entrance
- Motion (all motivated, reduced-motion safe): CSS scroll-driven reading
progress bar, scrollspy nav with animated underline, CTA/blog arrow nudges,
service hover accent rule, portfolio cover scale, card lift
- Shared multi-column footer across home + blog (brand, nav, contact, social)
- Fix anchor scroll offset under the fixed navbar (scroll-margin-top)
- Wire real social: LinkedIn, Instagram, email (code.soroush@gmail.com)
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Geometric "S" monogram in a near-black rounded tile with a single #2563eb
accent dot at the bottom-left. Crisp from 16px (favicon) up. All references
already point to /logo-mark.svg, so nav, footer, and favicon update together.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Host port 3000 is Gitea (git.soroushasadi.com proxies to :3000). The
portfolio was publishing 3000:3000 AND the deploy had a "Free Port 3000"
step that force-removed every container on :3000 — which evicted the
Gitea container.
- compose: publish 3020:3000 instead of 3000:3000
- deploy: delete the "Free Port 3000" step entirely; compose recreates
only our own named container and must never touch other stacks
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The previous name-based stop only removed soroushasadi-site, but the
container holding :3000 can have a different name (old Next.js build or
an orphan from a previously-named compose project), so the bind kept
failing. Now we remove every container publishing :3000 by filter, then
also remove by our known name as a fallback.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Port 3000 was already allocated by the previous container from the
Next.js era. --remove-orphans only removes containers within the same
compose project, so the old one survived. Explicitly stop+rm the named
container before docker compose up so the port is always free.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
.gitignore has '/data' which Windows git (case-insensitive) silently
matched '/Data/', so AppDbContext.cs was never committed and the Docker
build (Linux, case-sensitive) failed with CS0234 'Data' not found.
Renaming the directory to 'Database/' sidesteps the collision.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Full rewrite of the portfolio site from Next.js 14 to .NET 10:
- ASP.NET Core 10 Razor Pages, no Node.js dependency
- EF Core 10 + SQLite (same schema as before — data survives upgrade)
- Cookie authentication (same single-password model)
- Resend contact form via HttpClient
- Bilingual FA/EN via locale cookie + BasePageModel
- All UI ported to Razor Pages with Tailwind CDN + custom CSS
- Vanilla JS: particles, typewriter, cursor, animations, portfolio modal
- Dockerfile: SDK 10.0-alpine → aspnet 10.0-alpine (no npm/Node needed)
- CI/CD: dropped NPM_TOKEN, ADMIN_SESSION_SECRET — pure dotnet publish
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The npm ci layer was cached with a broken result (node_modules/next missing).
Changing the RUN command text invalidates that cache entry and forces a fresh
install. The added post-install check will show the exact npm ci error if next
is still missing, instead of failing silently.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace `npm run build` with `node node_modules/next/dist/bin/next build`
to bypass PATH/symlink resolution issues on Alpine. Also adds a diagnostic
`ls node_modules/.bin/next` so CI logs show whether the binary is present.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The cross-stage COPY --from=deps /app/node_modules caused
sh: next: not found in the builder stage. Fix by merging deps
and builder into one stage — npm ci and next build run in the
same layer so node_modules is always present when building.
Also add libc6-compat (required by Next.js SWC binaries on Alpine)
to both builder and runner stages.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Mirror exposes images as mirror.soroushasadi.com/<image> directly,
not via /repository/docker-group/ path. Also node:20-alpine is already
cached on the server; node:20-slim was never pulled.
Dockerfile: apk instead of apt-get, addgroup/adduser instead of
groupadd/useradd (Alpine BusyBox compatibility).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Previous commit introduced a typo (soroushasad vs soroushasadi).
All references now use:
npm -> http://mirror.soroushasadi.com/repository/npm-group/
docker -> mirror.soroushasadi.com/repository/docker-group/ (no protocol in image refs)
Also restore Dockerfile ARG NPM_TOKEN + COPY .npmrc that were lost
when the soroush-cicd skill regenerated the file, and set the
NODE_IMAGE ARG default back to the mirror path.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
docker-compose.yml:
- Add top-level name: soroushasadi so Compose uses a stable project name
regardless of which temp directory the runner checks out into. Without
this, each run gets a different project name and the old container is not
recognised as an orphan — it stays bound to port 3000 and the new
container fails to start.
- Fix healthcheck: wget is not in node:20-slim; use Node 20's built-in
fetch instead.
- Set NODE_IMAGE default to the Nexus docker-group mirror.
Workflows:
- Add GIT_SSL_NO_VERIFY=true to checkout steps (self-signed cert on
git.soroushasadi.com).
- Pass NODE_IMAGE to build step in deploy.
- Add git remote remove guard to CI checkout (prevents failure on
second run in the same workspace).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
soroush.asadi