fix(web): enable Next.js version skew protection during rolling deploys

[brendan-kellam]

Problem

During a Sourcebot pod update, users sometimes see an Unexpected Error screen with Failed to load chunk /_next/static/chunks/<hash>.js. This is Next.js client/server version skew: a browser holding an old build's HTML/runtime requests a content-hashed chunk that the newly-rolled pod no longer serves (especially sharp at replicaCount: 1, where the old pod is gone entirely after the rollout). The zero-downtime rollout config handles connection-level downtime (502s) but not stale assets already in a user's browser.

Fix

Enable Next.js version skew protection by setting deploymentId in next.config.mjs, sourced from NEXT_PUBLIC_BUILD_COMMIT_SHA — a per-build, build-time-stable value already plumbed through the Dockerfile and _build.yml (github.sha).

With this set, Next.js:

• stamps static asset URLs with ?dpl=<sha>, and
• on a deployment-id mismatch during navigation, triggers a full page reload instead of attempting a client-side navigation that fetches missing chunks.

So a user on an old build silently reloads onto the new build instead of hitting the error screen.

Notes

• Only active in CI-built images (where NEXT_PUBLIC_BUILD_COMMIT_SHA is passed); local pnpm build leaves it undefined, which harmlessly leaves skew protection inactive.
• No effect when redeploying the exact same commit (same id → same chunks → nothing to protect against), which is correct.

🤖 Generated with Claude Code

Summary by CodeRabbit

• Bug Fixes
  • Fixed "Failed to load chunk" errors that occurred during rolling deploys by enabling version skew protection.

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 41cb4a5a-ee67-4c9b-abe4-c1d8466dd5e5

📥 Commits

Reviewing files that changed from the base of the PR and between 5bd62b3 and 6f24c6b.

📒 Files selected for processing (2)

• CHANGELOG.md
• packages/web/next.config.mjs

---

Walkthrough

nextConfig in packages/web/next.config.mjs gains a deploymentId field sourced from process.env.NEXT_PUBLIC_BUILD_COMMIT_SHA. A corresponding entry is added to CHANGELOG.md under Unreleased → Fixed.

Changes

Next.js version-skew protection

Layer / File(s)	Summary
deploymentId config field and changelog packages/web/next.config.mjs, CHANGELOG.md	nextConfig now includes deploymentId: process.env.NEXT_PUBLIC_BUILD_COMMIT_SHA; changelog records this as a fix for "Failed to load chunk" errors during rolling deploys.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix(web): enable Next.js version skew protection during rolling deploys' accurately and clearly describes the main change - enabling Next.js version skew protection to fix a specific issue during rolling deploys.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch brendan/version-skew-protection

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}