ci: add PR-time next build validation (#45)

[JohnRDOrazio]

Summary

Closes #45. Adds .github/workflows/pr-build.yml that runs
next build on PRs that touch Next.js build inputs, so build-only
failures are caught pre-merge instead of at production-deploy time.

Why now

Three recent production breaks in this PR series would have been
caught by this workflow:

PR	Failure mode	Caught by static analyzers?
#44	middleware.ts and proxy.ts both present (Next.js 16 conflict)	❌
#47	request.nextUrl.hostname returned localhost on prod (trustHostHeader: false)	❌ (build-only error wouldn't have caught this either; runtime issue)
#48	Conflated NEXT_PUBLIC_SITE_URL with indexable-host set	❌ (build-only error wouldn't have caught this either)

The middleware/proxy conflict is exactly the class this PR
prevents: the build fails with a clear error if the conflict is
in the diff, before the broken code ever gets onto main.

How

• Trigger: pull_request against main
• Path filter: only when files that affect next build change
  (source, configs, deps, public assets, the workflow itself)
• Concurrency: cancel-in-progress per PR number
• Build env: same vars as production (WP_GRAPHQL_URL,
  NEXT_PUBLIC_SITE_URL) so the build exercises the same code path
• Cache: .next/cache keyed on package-lock.json for cold-
  build speed

Acceptance criteria from #45

• PR-time build runs only on relevant changes
• Caches .next/cache
• Uses same env shape as production
• Configure as required check in branch protection (one-time
  repo settings change after this lands)
• Verify a deliberately-broken PR fails the check (next time
  we have one in-flight; not worth manufacturing)

Out of scope

• Lint / type-check (those have their own paths and are quick)
• Visual regression / e2e
• WP-side validation (no build step there)
• Deploying the PR build anywhere — purely validation

🤖 Generated with Claude Code

[coderabbitai]

Warning

Rate limit exceeded

@JohnRDOrazio has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 28 minutes and 14 seconds before requesting another review.

To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ec5ae2a2-87a5-4621-8376-dd4112c0f3dc

📥 Commits

Reviewing files that changed from the base of the PR and between 941011e and 9209c98.

📒 Files selected for processing (1)

• .github/workflows/pr-build.yml

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/pr-build-validation

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 0/1 reviews remaining, refill in 28 minutes and 14 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codacy-production]

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

_{NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.}