Standing on better shoulders.

Claude models (Opus, Sonnet, Haiku) — our primary codegen path

Long-context reasoning + structured output reliability is what makes per-entity codegen viable.

GPT-5, GPT-5-mini, text-to-speech for the operator voice features

GPT-5 is the fallback when Claude has variance; OpenAI TTS is what speaks the build status aloud.

Gemini 2.5 (Pro and Flash) — multimodal + cost-sensitive paths

Gemini 2.5 Flash is the cost-optimized choice for low-stakes calls like manifest validation.

Open-weight models for cost-sensitive or EU-residency builds

EU-headquartered provider matters for some compliance setups. Open-weight option for self-hosters.

App Router, static generation, route handlers, metadata files

Lets us ship the entire public + admin surface from one codebase with the metadata conventions (robots, sitemap, alternates) we lean on heavily.

Operator UI, every interactive component

Server components keep the public surface fast and indexable; client components handle the chat + SSE streams.

Type-checked across the entire monorepo

Strict-mode types catch the kind of orchestrator bugs that would otherwise bite at 3 AM.

Every UI surface is Tailwind-styled

Utility classes mean we don't maintain a design system; that scales for a small team.

Postgres database, auth, object storage, edge functions

Open-source Postgres + RLS gives us tenant isolation that scales. We have a BAA + DPA in place.

The actual database engine under Supabase

The boring, reliable database. Hash-chained audit log uses Postgres triggers.

Linux bridge (Runner-1), Windows bridge node, build workers

Lightsail gives us predictable per-instance pricing; EC2 t3.xlarge is the Windows bridge.

CDN, DDoS protection, DNS, Full-Strict SSL

Free tier is enough at our scale; Origin CA certs solve the SSL handshake.

Production deploys, blue/green swaps, isolation per build job

Reproducible deploys + Workspace isolation per build job depend on this.

Reverse proxy + Origin CA cert termination on Prod-S1

Hot-reload dynamic config lets us swap blue/green slots without dropping connections.

Runtime input validation for every API route

Same schemas drive type inference and runtime validation. Rule 4 compliance.

WhatsApp Web protocol (pure-JS) for internal alerts

No Chromium, no browser footprint. Sends factory build alerts to our internal WhatsApp.

Transactional email (signup verification, alerts)

Modern API + good deliverability. SCC-compliant for EU customers.

Payment processing for Pro / Team / Enterprise

PCI-DSS Level 1 means we never touch card data — see /factory/compliance.

Linting on every PR via the CI Gate

Required check on every merge. Custom rules enforce factory-specific patterns.

Formatting on staged files

Removes the "tabs vs spaces" review thread from existence.

Self-hosted runner (Runner-1) for build + deploy lanes

Self-hosted runner means we keep the webpack cache hot on disk — warm builds in ~5 min.

Pre-commit hooks that block obvious mistakes

Catches stray debug logs, mock-data patterns, missing CSRF imports before the push.