Clone the repo, run 'pnpm install', copy .env.example to .env.local, add your Supabase URL and anon key, then run 'pnpm dev'. Visit localhost:3000 to see the app. Check the Getting Started guide in /docs/getting-started for step-by-step instructions with Supabase setup.

Yes! The lifetime license allows commercial use on unlimited projects. You can build and sell SaaS products using PWASK. You cannot resell PWASK itself as a starter kit or redistribute the source code. See the Licencing page for full terms.

PWASK uses IndexedDB to cache data locally and queue mutations when offline. When you reconnect, queued operations replay automatically with exponential backoff. Optimistic UI updates show changes immediately, then sync with the server. See /docs/architecture for sync patterns and conflict resolution.

Full Next.js + React + TypeScript stack, Supabase backend (auth, database, realtime, storage), PWA with service workers, offline sync, i18n (EN/FR), Tailwind UI with dark mode, user authentication, profile management, pricing pages, blog, documentation site, and email integration. Everything production-ready.

Vercel (recommended for Next.js), Netlify, Cloudflare Pages, and self-hosted Docker containers. The docs include platform-specific setup guides with environment variable configuration for each. See /docs/env for detailed deployment instructions.

PWASK includes a Web App Manifest and service worker. Users can install via 'Add to Home Screen' on mobile or 'Install App' in desktop browsers. The app runs like a native app with its own icon and offline capabilities. Test installability with Chrome DevTools Lighthouse.

Modern browsers: Chrome 90+, Safari 14+, Firefox 88+, Edge 90+. Mobile: iOS 14+ and Android 8+. Service workers require HTTPS (localhost works for development). Legacy browsers like IE11 are not supported.

Supabase Auth handles email/password, magic links, and OAuth (Google, GitHub, etc.). JWT sessions are stored securely. Use SUPABASE_ANON_KEY for client operations and SUPABASE_SERVICE_ROLE_KEY only in server code. RLS policies enforce user isolation at the database level.

Yes! Create migration files in supabase/migrations/ with your SQL schema. Run 'supabase db push' to apply them. Always enable Row-Level Security (RLS) on tables with user data. Use auth.uid() in policies to filter by logged-in user. See /docs/architecture for RLS examples.

PWASK uses last-write-wins by default (server timestamp wins). For complex scenarios, implement vector clocks or custom resolution logic. The sync queue tracks timestamps and operation types. You can add conflict detection in your mutation handlers. See offline-first patterns in /docs/architecture.

CSP headers, HSTS, COOP/COEP, XFO, Permissions-Policy, Referrer-Policy all configured. RLS enforces database-level permissions. Service role keys are server-only. HTTPS enforced in production. Input validation on both client and server. See security hardening checklist in /docs.

Edit Tailwind config and CSS variables in globals.css for colors. Replace logo images in public/images/. Update metadata in layout.tsx. All components use Tailwind classes so customization is straightforward. Dark mode works automatically via CSS variables.

Yes! Create new message files (e.g., messages/es.json), add the locale to i18n/routing.ts config, and update the language switcher. The routing automatically handles new locales. PWASK uses next-intl for internationalization.

Create SQL files in supabase/migrations/ with timestamps (YYYYMMDDHHMMSS_description.sql). Migrations run in order and are tracked by Supabase. Use idempotent statements (IF NOT EXISTS, ON CONFLICT). Run 'supabase db push' to apply. Test on staging before production.

Use separate Supabase projects for dev/staging/production. Never use production secrets in development. Create feature branches, test migrations locally, use Vercel preview deployments for PRs, then deploy to production after approval. See deployment patterns in /docs/architecture.

Configure SMTP (Gmail, custom server) or use SendGrid/Postmark API. Set SMTP_* variables or SENDGRID_API_KEY in environment. Add EMAIL_FROM address. Templates are in src/emails/. Test with real accounts before production. See /docs/env for provider setup.

Yes! Add tenant_id or org_id columns to tables, filter by auth.jwt() metadata in RLS policies, enforce per-tenant quotas, and use custom claims for ownership verification. The architecture supports multi-tenancy. See security section in /docs/architecture.

Cache-First for static assets (JS/CSS/images), Network-First for API calls, Stale-While-Revalidate for articles. The service worker is auto-generated during build. Users get update prompts when new versions deploy. See caching strategies in /docs/architecture.

Next.js Image optimization with WebP, lazy loading, code splitting, ISR caching, Tailwind CSS purging, minimal JavaScript bundles, CDN-ready assets. Lighthouse scores: 100/100 Performance and Accessibility. See PageSpeed improvements article in /blog.

Integrate Sentry for error tracking (set NEXT_PUBLIC_SENTRY_DSN). Use Vercel Analytics for Core Web Vitals. Set up uptime monitoring with Pingdom or UptimeRobot. Supabase dashboard shows database metrics. See observability section in /docs/architecture.

Yes, but Supabase Cloud is recommended for ease. For self-hosting, use the provided Dockerfile or deploy to your own PostgreSQL + PostgREST setup. You'll need to configure Auth, Storage, and Realtime separately. See self-hosted guides in /docs/env.

Use Supabase Storage with signed URLs for secure uploads. Create buckets with RLS policies. Upload from client using supabase.storage.from('bucket').upload(). Files queue locally when offline and sync automatically. See storage examples in the codebase.

Lifetime updates included with purchase. Major features, security patches, and dependency updates pushed regularly. Breaking changes announced in advance. Check GitHub releases for changelog. Pull latest changes and test in dev before updating production.

Check /docs for comprehensive guides, search GitHub issues, join our Discord community, or email support. Paid licenses include priority support. Enterprise customers get SLA-backed support with direct access to developers.

Unregister old service worker in DevTools → Application → Service Workers. Bump version in next.config.ts. Clear browser cache. Check console for registration errors. Ensure HTTPS in production (localhost ok for dev).

Check: session expired (refresh token), using anon_key vs service_role_key incorrectly, RLS policies blocking access, CORS configuration, JWT claims missing. Verify policies with different user accounts. See security docs.

Check: IndexedDB enabled in browser, service worker registered, navigator.onLine detection working, network reconnect event firing. Console should show sync queue operations. Verify background sync registration in DevTools.

Verify: image domains in NEXT_PUBLIC_IMAGE_DOMAINS, Supabase Storage policies allow public read, file paths are correct, next/image component used properly. Check Network tab for 403/404 errors.