[add] pitch 2.0

[apsinghdev]

Summary by CodeRabbit

• Bug Fixes

  • Improved payment initiation: requires login, redirects to sign-in when needed, and provides clearer, distinct handling and messaging for authentication vs. payment failures.

• Refactor

  • Redesigned the pitch page into a condensed narrative focused on four major career risks with solution bullets; simplified visuals and layout, updated invest CTA copy/layout (fallback CTA “im in”) and reduced page clutter.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
opensox-website	Ready	Preview, Comment	May 28, 2026 10:38am

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2136f64b-66c6-401e-be87-1849927af591

📥 Commits

Reviewing files that changed from the base of the PR and between 16578f5 and 38e214a.

📒 Files selected for processing (1)

• apps/web/src/components/payment/PaymentFlow.tsx

🚧 Files skipped from review as they are similar to previous changes (1)

• apps/web/src/components/payment/PaymentFlow.tsx

---

📝 Walkthrough

Walkthrough

The PR condenses the pitch landing page content and removes animation/icon deps, updates the invest CTA wiring, and hardens PaymentFlow by requiring an access token and distinguishing auth-related order failures (redirect to login) from other failures (show alert).

Changes

Pitch Page & Payment Flow Refinement

Layer / File(s)	Summary
Pitch content and imports cleanup apps/web/src/app/(main)/(landing)/pitch/page.tsx	Removed framer-motion/lucide-react and hash-scrolling useEffect; replaced multi-section pitch with a condensed "4 problems" / "here's how" layout; plan ID validation now trims before length check.
Invest section CTA wiring apps/web/src/app/(main)/(landing)/pitch/page.tsx	Updated #invest to conditionally render PaymentFlow with new button label/sizing and adjusted fallback PrimaryButton label/placement. Contact email block retained.
PaymentFlow import, auth check & error handling apps/web/src/components/payment/PaymentFlow.tsx	Added TRPCClientError import; require session.accessToken and redirect to /login with encoded callbackUrl if missing; catch block detects auth-related TRPC errors (tracks auth_token_expired, clears processing, redirects) vs non-auth failures (tracks order_creation_failed, clears processing, shows alert).

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• apsinghdev/opensox#250: Related pitch/invest page and callbackUrl wiring changes touching the same areas.
• apsinghdev/opensox#268: Overlaps in hash-based navigation/heading ID behavior for the pitch page.
• apsinghdev/opensox#266: Overlapping edits to pitch page content and wording.

Poem

🐰 Hopped in to prune the pitch and tidy the flow,
Tokens checked, redirects set, now payments know where to go.
Four problems named, solutions short and sweet,
Alerts hum softly when orders miss a beat.
A rabbit's tidy patch — small, swift, and neat.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title '[add] pitch 2.0' accurately reflects the main change: a substantial restructuring and simplification of the Pitch page component with condensed content and updated payment flow logic.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch add/pitch2

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint skipped: no ESLint configuration detected in root package.json. To enable, add eslint to devDependencies.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

apps/web/src/components/payment/PaymentFlow.tsx (1)

163-168: Update accessToken redirect rationale + make auth error handling less brittle

• session.accessToken is populated via NextAuth callbacks (callbacks.jwt sets token.jwtToken, and callbacks.session assigns accessToken: token.jwtToken), so the redirect is not triggered for normal authenticated sessions—only when jwtToken ends up missing/undefined (e.g., token generation failure).
• The auth-error redirect relies on regex over error.message, but the backend is throwing TRPCError with specific code/message values (e.g., UNAUTHORIZED: "Invalid or expired token" / "Missing or invalid authorization header"). Prefer detecting UNAUTHORIZED via the tRPC error code/shape instead of message parsing to avoid drift.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@apps/web/src/components/payment/PaymentFlow.tsx` around lines 163 - 168, The
current redirect triggers when session.accessToken is missing but that should
only happen for genuine token-generation failures, so keep the accessToken check
(accessToken on session) but clarify in the code comment and only redirect when
accessToken is falsy/empty (as implemented around accessToken, session,
callbackUrl, router.push); additionally, stop relying on regex-ing error.message
for auth failures and instead detect tRPC auth errors by checking the tRPC error
shape (e.g., inspect the thrown error for error.data?.code === 'UNAUTHORIZED' or
error.code === 'UNAUTHORIZED' in your payment/error-handling code) and use that
branch to trigger the login redirect—replace the regex logic with these explicit
checks.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@apps/web/src/app/`(main)/(landing)/pitch/page.tsx:
- Around line 25-27: Several heading spans currently use an inline arbitrary
font-family utility (e.g., the span wrapping "opensox manifesto" with className
"font-semibold [font-family:Helvetica,Arial,sans-serif]") which bypasses the
design-system typography; replace the arbitrary utility with the design token
class (use "font-sans" or the appropriate token class from the design system)
while keeping other utilities like "font-semibold" intact. Update the same
pattern at the other occurrences called out in the review (the spans at the
other listed locations) so all headings use "font-sans" (or the defined token)
instead of "[font-family:...]" to align with apps/web/src/lib/design-tokens.ts
and apps/web/tailwind.config.ts.

In `@apps/web/src/components/payment/PaymentFlow.tsx`:
- Around line 219-223: The code currently sets isAuthError by regex-matching
errorMessage; change the logic in PaymentFlow.tsx where
createOrderMutation.mutateAsync failure is handled to detect tRPC authentication
errors by checking if the thrown error is a TRPCClientError and then inspecting
error.data?.code for "UNAUTHORIZED" or "FORBIDDEN" (instead of regex on
error.message). Update the isAuthError/redirect branch to use this check (e.g.,
import TRPCClientError type, guard on instance and error.data?.code) and keep
the existing redirect behavior when those codes are present.

---

Nitpick comments:
In `@apps/web/src/components/payment/PaymentFlow.tsx`:
- Around line 163-168: The current redirect triggers when session.accessToken is
missing but that should only happen for genuine token-generation failures, so
keep the accessToken check (accessToken on session) but clarify in the code
comment and only redirect when accessToken is falsy/empty (as implemented around
accessToken, session, callbackUrl, router.push); additionally, stop relying on
regex-ing error.message for auth failures and instead detect tRPC auth errors by
checking the tRPC error shape (e.g., inspect the thrown error for
error.data?.code === 'UNAUTHORIZED' or error.code === 'UNAUTHORIZED' in your
payment/error-handling code) and use that branch to trigger the login
redirect—replace the regex logic with these explicit checks.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: eba75691-a9bf-450e-b5f2-31a8651acecc

📥 Commits

Reviewing files that changed from the base of the PR and between f1679cd and 16578f5.

📒 Files selected for processing (2)

• apps/web/src/app/(main)/(landing)/pitch/page.tsx
• apps/web/src/components/payment/PaymentFlow.tsx

[coderabbitai]

Actionable comments posted: 0