From 97d3b949b72f0c26d8d8cc22923f5263a027cc6b Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Tue, 9 Jun 2026 20:10:07 +0000
Subject: [PATCH 1/6] =?UTF-8?q?Renforcement=20de=20la=20s=C3=A9curit=C3=A9?=
 =?UTF-8?q?=20:=20rate=20limiting,=20durcissement=20OG,=20headers,=20secur?=
 =?UTF-8?q?ity.txt?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Limitation de débit (par IP + globale) sur l'action d'envoi de CV pour
  bloquer le spam d'e-mails via l'action serveur publique
- Messages d'erreur serveur masqués par défaut (ActionError pour les
  messages sûrs) dans le client next-safe-action
- Schéma e-mail durci : prénom trim + caractères autorisés, e-mail max 254
- Route /api/og : titre/description bornés et nettoyés des caractères
  de contrôle (anti-abus de génération d'images)
- Nouveaux headers : HSTS, CSP (base-uri, frame-ancestors, object-src,
  form-action), COOP, X-DNS-Prefetch-Control
- /.well-known/security.txt (RFC 9116)
- Lecture des variables d'env via src/env.ts au lieu de process.env
  (octokit, data.action, commit.action)
- Tests unitaires du rate limiter

https://claude.ai/code/session_01SKa4Csg7HxNxwrt4knWE7r
---
 next.config.ts                  | 17 +++++++
 public/.well-known/security.txt |  4 ++
 src/actions/commit.action.ts    |  5 +-
 src/actions/data.action.ts      |  5 +-
 src/actions/safe-action.ts      | 18 ++++++-
 src/actions/send-cv.action.ts   | 31 +++++++++++-
 src/app/api/og/route.tsx        | 32 ++++++++++--
 src/lib/octokit.ts              |  4 +-
 src/lib/rate-limit.test.ts      | 86 +++++++++++++++++++++++++++++++++
 src/lib/rate-limit.ts           | 70 +++++++++++++++++++++++++++
 src/schemas/emailSchema.ts      | 13 ++++-
 test-results/.last-run.json     |  2 +-
 12 files changed, 271 insertions(+), 16 deletions(-)
 create mode 100644 public/.well-known/security.txt
 create mode 100644 src/lib/rate-limit.test.ts
 create mode 100644 src/lib/rate-limit.ts

diff --git a/next.config.ts b/next.config.ts
index 7e676d4..3936e7b 100644
--- a/next.config.ts
+++ b/next.config.ts
@@ -18,6 +18,23 @@ const nextConfig: NextConfig = {
     return [
       {
         headers: [
+          {
+            key: "Strict-Transport-Security",
+            value: "max-age=63072000; includeSubDomains; preload",
+          },
+          {
+            key: "Content-Security-Policy",
+            value:
+              "base-uri 'self'; frame-ancestors 'none'; object-src 'none'; form-action 'self'",
+          },
+          {
+            key: "Cross-Origin-Opener-Policy",
+            value: "same-origin",
+          },
+          {
+            key: "X-DNS-Prefetch-Control",
+            value: "on",
+          },
           {
             key: "X-Frame-Options",
             value: "DENY",
diff --git a/public/.well-known/security.txt b/public/.well-known/security.txt
new file mode 100644
index 0000000..eac1b95
--- /dev/null
+++ b/public/.well-known/security.txt
@@ -0,0 +1,4 @@
+Contact: mailto:contact@cuzeacflorin.fr
+Expires: 2027-06-09T00:00:00.000Z
+Preferred-Languages: fr, en
+Canonical: https://cuzeacflorin.fr/.well-known/security.txt
diff --git a/src/actions/commit.action.ts b/src/actions/commit.action.ts
index 5ad15aa..377989f 100644
--- a/src/actions/commit.action.ts
+++ b/src/actions/commit.action.ts
@@ -2,6 +2,7 @@
 
 import { unstable_cache } from "next/cache";
 
+import { env } from "@/env";
 import { logger } from "@/lib/logger";
 import { octokit } from "@/lib/octokit";
 
@@ -25,8 +26,8 @@ const fetchCommitData = async (): Promise<CommitData> => {
 				}
 			}`,
       {
-        owner: process.env.GITHUB_USERNAME,
-        repo: process.env.GITHUB_REPO_NAME,
+        owner: env.GITHUB_USERNAME,
+        repo: env.GITHUB_REPO_NAME,
       }
     );
 
diff --git a/src/actions/data.action.ts b/src/actions/data.action.ts
index 654ea98..26db4f0 100644
--- a/src/actions/data.action.ts
+++ b/src/actions/data.action.ts
@@ -2,6 +2,7 @@
 
 import { unstable_cache } from "next/cache";
 
+import { env } from "@/env";
 import { contributionLevelToNumber } from "@/lib/commits";
 import { octokit } from "@/lib/octokit";
 
@@ -49,8 +50,8 @@ const fetchGitHubData = async (): Promise<GitHubData> => {
 		}`,
     {
       from: from.toISOString(),
-      owner: process.env.GITHUB_USERNAME,
-      repo: process.env.GITHUB_REPO_NAME,
+      owner: env.GITHUB_USERNAME,
+      repo: env.GITHUB_REPO_NAME,
       to: to.toISOString(),
     }
   );
diff --git a/src/actions/safe-action.ts b/src/actions/safe-action.ts
index 7f62198..4ac6372 100644
--- a/src/actions/safe-action.ts
+++ b/src/actions/safe-action.ts
@@ -1,3 +1,17 @@
-import { createSafeActionClient } from "next-safe-action";
+import {
+  createSafeActionClient,
+  DEFAULT_SERVER_ERROR_MESSAGE,
+} from "next-safe-action";
 
-export const actionClient = createSafeActionClient();
+// Seuls les messages levés via ActionError sont renvoyés au client,
+// le reste est masqué pour ne pas fuiter de détails serveur.
+export class ActionError extends Error {
+  override name = "ActionError";
+}
+
+export const actionClient = createSafeActionClient({
+  handleServerError: (error) =>
+    error instanceof ActionError
+      ? error.message
+      : DEFAULT_SERVER_ERROR_MESSAGE,
+});
diff --git a/src/actions/send-cv.action.ts b/src/actions/send-cv.action.ts
index e545bfe..b432713 100644
--- a/src/actions/send-cv.action.ts
+++ b/src/actions/send-cv.action.ts
@@ -3,21 +3,48 @@
 import { readFile } from "node:fs/promises";
 import { join } from "node:path";
 
+import { headers } from "next/headers";
 import { Resend } from "resend";
 
-import { actionClient } from "@/actions/safe-action";
+import { ActionError, actionClient } from "@/actions/safe-action";
 import { CvTemplate } from "@/app/(fr)/(content)/(root)/_components/cv/CvTemplate";
 import GLOBAL_DATA from "@/data/global";
 import { env } from "@/env";
+import { checkRateLimit, getClientIp } from "@/lib/rate-limit";
 import { emailSchema } from "@/schemas/emailSchema";
 
-const resend = new Resend(env.RESEND_API_KEY);
+const RATE_LIMIT_PER_IP = { limit: 3, windowMs: 10 * 60 * 1000 };
+const RATE_LIMIT_GLOBAL = { limit: 20, windowMs: 60 * 60 * 1000 };
 
 export const sendCvAction = actionClient
   .inputSchema(emailSchema)
   .action(async ({ parsedInput }) => {
     const { firstName, recipientEmail } = parsedInput;
 
+    const clientIp = getClientIp(await headers());
+    const perIp = checkRateLimit(
+      `send-cv:ip:${clientIp}`,
+      RATE_LIMIT_PER_IP
+    );
+    const global = checkRateLimit(
+      "send-cv:global",
+      RATE_LIMIT_GLOBAL
+    );
+
+    if (!(perIp.allowed && global.allowed)) {
+      throw new ActionError(
+        "Trop de demandes, réessayez dans quelques minutes !"
+      );
+    }
+
+    if (!env.RESEND_API_KEY) {
+      throw new ActionError(
+        "L'envoi d'e-mails n'est pas disponible pour le moment !"
+      );
+    }
+
+    const resend = new Resend(env.RESEND_API_KEY);
+
     const path = join(
       process.cwd(),
       "public",
diff --git a/src/app/api/og/route.tsx b/src/app/api/og/route.tsx
index c22ec7c..ada336e 100644
--- a/src/app/api/og/route.tsx
+++ b/src/app/api/og/route.tsx
@@ -54,6 +54,24 @@ const getBadge = (type: PageType): string => {
 
 const OG_DIMENSIONS = { height: 630, width: 1200 } as const;
 
+const MAX_TITLE_LENGTH = 120;
+const MAX_DESCRIPTION_LENGTH = 280;
+
+const sanitizeParam = (
+  value: string | null,
+  maxLength: number,
+  fallback: string
+): string => {
+  const cleaned = value?.replaceAll(/\p{C}+/gu, " ").trim() ?? "";
+  if (!cleaned) {
+    return fallback;
+  }
+  if (cleaned.length <= maxLength) {
+    return cleaned;
+  }
+  return `${cleaned.slice(0, maxLength)}…`;
+};
+
 const renderLayout = (
   content: JSX.Element,
   fontFamily = "sans-serif"
@@ -127,10 +145,16 @@ export const GET = async (req: NextRequest) => {
     const type: PageType = isValidPageType(rawType)
       ? rawType
       : "homepage";
-    const title =
-      searchParams.get("title") || GLOBAL_DATA.USER.fullName;
-    const description =
-      searchParams.get("description") || GLOBAL_DATA.USER.bio;
+    const title = sanitizeParam(
+      searchParams.get("title"),
+      MAX_TITLE_LENGTH,
+      GLOBAL_DATA.USER.fullName
+    );
+    const description = sanitizeParam(
+      searchParams.get("description"),
+      MAX_DESCRIPTION_LENGTH,
+      GLOBAL_DATA.USER.bio
+    );
 
     const font = await loadFont();
     const badge = getBadge(type);
diff --git a/src/lib/octokit.ts b/src/lib/octokit.ts
index 4bdcd38..ce08ac7 100644
--- a/src/lib/octokit.ts
+++ b/src/lib/octokit.ts
@@ -1,7 +1,9 @@
 import { Octokit } from "octokit";
 
+import { env } from "@/env";
+
 const github = new Octokit({
-  auth: process.env.GITHUB_API_TOKEN,
+  auth: env.GITHUB_API_TOKEN,
   timeZone: "UTC",
   userAgent: "envindavsorg",
 });
diff --git a/src/lib/rate-limit.test.ts b/src/lib/rate-limit.test.ts
new file mode 100644
index 0000000..f36d544
--- /dev/null
+++ b/src/lib/rate-limit.test.ts
@@ -0,0 +1,86 @@
+import {
+  afterEach,
+  beforeEach,
+  describe,
+  expect,
+  it,
+  vi,
+} from "vitest";
+
+import {
+  checkRateLimit,
+  getClientIp,
+  resetRateLimits,
+} from "@/lib/rate-limit";
+
+const OPTIONS = { limit: 3, windowMs: 60_000 };
+
+describe("checkRateLimit", () => {
+  beforeEach(() => {
+    vi.useFakeTimers();
+    resetRateLimits();
+  });
+
+  afterEach(() => {
+    vi.useRealTimers();
+  });
+
+  it("allows calls under the limit", () => {
+    expect(checkRateLimit("key", OPTIONS).allowed).toBe(true);
+    expect(checkRateLimit("key", OPTIONS).allowed).toBe(true);
+    const third = checkRateLimit("key", OPTIONS);
+    expect(third.allowed).toBe(true);
+    expect(third.remaining).toBe(0);
+  });
+
+  it("blocks calls over the limit and reports retry delay", () => {
+    checkRateLimit("key", OPTIONS);
+    checkRateLimit("key", OPTIONS);
+    checkRateLimit("key", OPTIONS);
+
+    const blocked = checkRateLimit("key", OPTIONS);
+    expect(blocked.allowed).toBe(false);
+    expect(blocked.remaining).toBe(0);
+    expect(blocked.retryAfterMs).toBeGreaterThan(0);
+    expect(blocked.retryAfterMs).toBeLessThanOrEqual(
+      OPTIONS.windowMs
+    );
+  });
+
+  it("tracks keys independently", () => {
+    checkRateLimit("a", OPTIONS);
+    checkRateLimit("a", OPTIONS);
+    checkRateLimit("a", OPTIONS);
+
+    expect(checkRateLimit("a", OPTIONS).allowed).toBe(false);
+    expect(checkRateLimit("b", OPTIONS).allowed).toBe(true);
+  });
+
+  it("allows again once the window has elapsed", () => {
+    checkRateLimit("key", OPTIONS);
+    checkRateLimit("key", OPTIONS);
+    checkRateLimit("key", OPTIONS);
+    expect(checkRateLimit("key", OPTIONS).allowed).toBe(false);
+
+    vi.advanceTimersByTime(OPTIONS.windowMs + 1);
+    expect(checkRateLimit("key", OPTIONS).allowed).toBe(true);
+  });
+});
+
+describe("getClientIp", () => {
+  it("reads the first x-forwarded-for entry", () => {
+    const headers = new Headers({
+      "x-forwarded-for": "203.0.113.7, 10.0.0.1",
+    });
+    expect(getClientIp(headers)).toBe("203.0.113.7");
+  });
+
+  it("falls back to x-real-ip", () => {
+    const headers = new Headers({ "x-real-ip": "203.0.113.8" });
+    expect(getClientIp(headers)).toBe("203.0.113.8");
+  });
+
+  it("returns unknown without client headers", () => {
+    expect(getClientIp(new Headers())).toBe("unknown");
+  });
+});
diff --git a/src/lib/rate-limit.ts b/src/lib/rate-limit.ts
new file mode 100644
index 0000000..05ef9c9
--- /dev/null
+++ b/src/lib/rate-limit.ts
@@ -0,0 +1,70 @@
+interface RateLimitOptions {
+  /** Nombre maximum d'appels autorisés dans la fenêtre. */
+  limit: number;
+  /** Durée de la fenêtre en millisecondes. */
+  windowMs: number;
+}
+
+interface RateLimitResult {
+  allowed: boolean;
+  remaining: number;
+  retryAfterMs: number;
+}
+
+// Limiteur en mémoire : l'état est local à chaque instance serveur,
+// suffisant pour freiner l'abus des actions publiques d'un portfolio.
+const MAX_TRACKED_KEYS = 10_000;
+
+const hits = new Map<string, number[]>();
+
+export const checkRateLimit = (
+  key: string,
+  { limit, windowMs }: RateLimitOptions
+): RateLimitResult => {
+  const now = Date.now();
+  const windowStart = now - windowMs;
+  const timestamps = (hits.get(key) ?? []).filter(
+    (timestamp) => timestamp > windowStart
+  );
+
+  if (timestamps.length >= limit) {
+    hits.set(key, timestamps);
+    return {
+      allowed: false,
+      remaining: 0,
+      retryAfterMs: timestamps[0] + windowMs - now,
+    };
+  }
+
+  if (!hits.has(key) && hits.size >= MAX_TRACKED_KEYS) {
+    const oldestKey = hits.keys().next().value;
+    if (oldestKey !== undefined) {
+      hits.delete(oldestKey);
+    }
+  }
+
+  timestamps.push(now);
+  hits.set(key, timestamps);
+
+  return {
+    allowed: true,
+    remaining: limit - timestamps.length,
+    retryAfterMs: 0,
+  };
+};
+
+export const getClientIp = (headers: Headers): string => {
+  const forwarded = headers.get("x-forwarded-for");
+  if (forwarded) {
+    const [firstIp] = forwarded.split(",");
+    if (firstIp?.trim()) {
+      return firstIp.trim();
+    }
+  }
+
+  return headers.get("x-real-ip")?.trim() || "unknown";
+};
+
+export const resetRateLimits = (): void => {
+  hits.clear();
+};
diff --git a/src/schemas/emailSchema.ts b/src/schemas/emailSchema.ts
index f50d99a..f7f989c 100644
--- a/src/schemas/emailSchema.ts
+++ b/src/schemas/emailSchema.ts
@@ -1,12 +1,21 @@
 import { z } from "zod";
 
+const FIRST_NAME_REGEX = /^[\p{L}\p{M}' -]+$/u;
+
 export const emailSchema = z.object({
   firstName: z
     .string()
+    .trim()
     .min(1, "Le prénom est requis !")
     .min(2, "Le prénom doit contenir au moins 2 caractères !")
-    .max(20, "Le prénom doit contenir moins de 20 caractères !"),
-  recipientEmail: z.email("Adresse e-mail obligatoire !"),
+    .max(20, "Le prénom doit contenir moins de 20 caractères !")
+    .regex(
+      FIRST_NAME_REGEX,
+      "Le prénom contient des caractères non autorisés !"
+    ),
+  recipientEmail: z
+    .email("Adresse e-mail obligatoire !")
+    .max(254, "L'adresse e-mail est trop longue !"),
 });
 
 export type EmailFormData = z.infer<typeof emailSchema>;
diff --git a/test-results/.last-run.json b/test-results/.last-run.json
index cbcc1fb..f740f7c 100644
--- a/test-results/.last-run.json
+++ b/test-results/.last-run.json
@@ -1,4 +1,4 @@
 {
   "status": "passed",
   "failedTests": []
-}
\ No newline at end of file
+}

From 7fa77fc1ebbff3669fec3ce256306b079e19b492 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Tue, 9 Jun 2026 20:28:20 +0000
Subject: [PATCH 2/6] =?UTF-8?q?Nouvelles=20fonctionnalit=C3=A9s=20:=20arti?=
 =?UTF-8?q?cles=20li=C3=A9s,=20progression=20de=20lecture,=20resume.json?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- WritingsRelated : suggestions « à lire ensuite » en bas des articles,
  composants et outils, classées par tags partagés puis par date
  (lib getRelatedContent testée unitairement), FR + EN
- WritingsProgress : barre de progression de lecture en haut des pages
  de contenu (motion, useScroll + useSpring)
- /resume.json : CV machine-readable au format JSON Resume, référencé
  dans /llms.txt

https://claude.ai/code/session_01SKa4Csg7HxNxwrt4knWE7r
---
 messages/en.json                              |  2 +
 messages/fr.json                              |  2 +
 .../(writings)/articles/[slug]/page.tsx       |  4 +
 .../(writings)/components/[slug]/page.tsx     |  4 +
 .../(writings)/utils/[slug]/page.tsx          |  6 ++
 src/app/(llms)/llms.txt/route.ts              |  2 +
 src/app/(llms)/resume.json/route.ts           | 47 ++++++++++
 src/components/features/WritingsProgress.tsx  | 20 ++++
 src/components/features/WritingsRelated.tsx   | 61 +++++++++++++
 src/lib/related.test.ts                       | 91 +++++++++++++++++++
 src/lib/related.ts                            | 30 ++++++
 11 files changed, 269 insertions(+)
 create mode 100644 src/app/(llms)/resume.json/route.ts
 create mode 100644 src/components/features/WritingsProgress.tsx
 create mode 100644 src/components/features/WritingsRelated.tsx
 create mode 100644 src/lib/related.test.ts
 create mode 100644 src/lib/related.ts

diff --git a/messages/en.json b/messages/en.json
index 5d5b79e..3385ad7 100644
--- a/messages/en.json
+++ b/messages/en.json
@@ -290,6 +290,8 @@
   "writings_pagination_next_sr": "next",
   "writings_pagination_previous_aria": "previous",
   "writings_pagination_previous_sr": "previous",
+  "writings_related_heading": "read next:",
+  "writings_related_item_aria": "Read: {title}",
   "writings_tags_by_category": "by category:",
   "writings_toc_trigger_label": "key points on this page",
   "writings_utils_description": "a suite of free web tools designed to optimize your workflow and boost your productivity",
diff --git a/messages/fr.json b/messages/fr.json
index c056260..aeac06f 100644
--- a/messages/fr.json
+++ b/messages/fr.json
@@ -290,6 +290,8 @@
   "writings_pagination_next_sr": "Suivant",
   "writings_pagination_previous_aria": "Précédent",
   "writings_pagination_previous_sr": "Précédent",
+  "writings_related_heading": "à lire ensuite :",
+  "writings_related_item_aria": "Lire : {title}",
   "writings_tags_by_category": "par catégorie :",
   "writings_toc_trigger_label": "points importants sur cette page",
   "writings_utils_description": "Une suite d'outils web gratuits conçus pour optimiser votre workflow et booster votre productivité",
diff --git a/src/app/(fr)/(content)/(writings)/articles/[slug]/page.tsx b/src/app/(fr)/(content)/(writings)/articles/[slug]/page.tsx
index f14b1eb..5fdc4fb 100644
--- a/src/app/(fr)/(content)/(writings)/articles/[slug]/page.tsx
+++ b/src/app/(fr)/(content)/(writings)/articles/[slug]/page.tsx
@@ -3,6 +3,8 @@ import { notFound } from "next/navigation";
 
 import { ArticleTitle } from "@/components/blog/ArticleTitle";
 import { WritingsLocaleNotice } from "@/components/features/WritingsLocaleNotice";
+import { WritingsProgress } from "@/components/features/WritingsProgress";
+import { WritingsRelated } from "@/components/features/WritingsRelated";
 import { WritingsToC } from "@/components/features/WritingsToC";
 import { WritingsTopBar } from "@/components/features/WritingsTopBar";
 import { Mdx } from "@/components/markdown/mdx";
@@ -68,10 +70,12 @@ export const ArticleView = ({
       {locale === "en" && article.locale === "fr" && (
         <WritingsLocaleNotice />
       )}
+      <WritingsProgress />
       <WritingsTopBar item={article} items={articles} slug={slug} />
       <ArticleTitle title={metadata.title} />
       <WritingsToC content={content} />
       <Mdx code={content} />
+      <WritingsRelated current={article} items={articles} />
     </>
   );
 };
diff --git a/src/app/(fr)/(content)/(writings)/components/[slug]/page.tsx b/src/app/(fr)/(content)/(writings)/components/[slug]/page.tsx
index 3fe1195..33a45ef 100644
--- a/src/app/(fr)/(content)/(writings)/components/[slug]/page.tsx
+++ b/src/app/(fr)/(content)/(writings)/components/[slug]/page.tsx
@@ -3,6 +3,8 @@ import { notFound } from "next/navigation";
 
 import { ArticleTitle } from "@/components/blog/ArticleTitle";
 import { WritingsLocaleNotice } from "@/components/features/WritingsLocaleNotice";
+import { WritingsProgress } from "@/components/features/WritingsProgress";
+import { WritingsRelated } from "@/components/features/WritingsRelated";
 import { WritingsToC } from "@/components/features/WritingsToC";
 import { WritingsTopBar } from "@/components/features/WritingsTopBar";
 import { Mdx } from "@/components/markdown/mdx";
@@ -72,6 +74,7 @@ export const ComponentView = ({
       {locale === "en" && component.locale === "fr" && (
         <WritingsLocaleNotice />
       )}
+      <WritingsProgress />
       <WritingsTopBar
         item={component}
         items={components}
@@ -80,6 +83,7 @@ export const ComponentView = ({
       <ArticleTitle title={metadata.title} />
       <WritingsToC content={content} />
       <Mdx code={content} />
+      <WritingsRelated current={component} items={components} />
     </>
   );
 };
diff --git a/src/app/(fr)/(content)/(writings)/utils/[slug]/page.tsx b/src/app/(fr)/(content)/(writings)/utils/[slug]/page.tsx
index 6c0a6bf..b6b8e09 100644
--- a/src/app/(fr)/(content)/(writings)/utils/[slug]/page.tsx
+++ b/src/app/(fr)/(content)/(writings)/utils/[slug]/page.tsx
@@ -5,6 +5,8 @@ import { Divider } from "@/components/base/Divider";
 import { WritingsBreadcrumb } from "@/components/features/WritingsBreadcrumb";
 import { WritingsHeading } from "@/components/features/WritingsHeading";
 import { WritingsLocaleNotice } from "@/components/features/WritingsLocaleNotice";
+import { WritingsProgress } from "@/components/features/WritingsProgress";
+import { WritingsRelated } from "@/components/features/WritingsRelated";
 import { WritingsToC } from "@/components/features/WritingsToC";
 import { WritingsTopBar } from "@/components/features/WritingsTopBar";
 import { Mdx } from "@/components/markdown/mdx";
@@ -89,8 +91,12 @@ export const UtilView = ({
 
       <Divider border={false} after={false} type="half" />
 
+      <WritingsProgress />
+
       <Mdx code={content} />
 
+      <WritingsRelated current={item} items={utils} />
+
       <script
         dangerouslySetInnerHTML={{
           __html: JSON.stringify(getPageJsonLd(item)).replaceAll(
diff --git a/src/app/(llms)/llms.txt/route.ts b/src/app/(llms)/llms.txt/route.ts
index 5cd4e8d..bca76a5 100644
--- a/src/app/(llms)/llms.txt/route.ts
+++ b/src/app/(llms)/llms.txt/route.ts
@@ -16,6 +16,8 @@ const content = `
 
 - [Mes certifications](https://cuzeacflorin.fr/certifications.md): Les certifications que j'ai obtenues.
 
+- [Mon CV au format JSON Resume](https://cuzeacflorin.fr/resume.json): Mon CV dans un format structuré et machine-readable.
+
 ## Blog et registre de composants
 
 Je partage régulièrement des articles sur le développement front-end, les meilleures pratiques, et des tutoriels sur mon blog.
diff --git a/src/app/(llms)/resume.json/route.ts b/src/app/(llms)/resume.json/route.ts
new file mode 100644
index 0000000..9c83aab
--- /dev/null
+++ b/src/app/(llms)/resume.json/route.ts
@@ -0,0 +1,47 @@
+import { NextResponse } from "next/server";
+
+import GLOBAL_DATA from "@/data/global";
+
+export const dynamic = "force-static";
+
+// CV machine-readable au format JSON Resume (https://jsonresume.org).
+export const GET = (): NextResponse => {
+  const resume = {
+    $schema:
+      "https://raw.githubusercontent.com/jsonresume/resume-schema/v1.0.0/schema.json",
+    basics: {
+      email: GLOBAL_DATA.USER.emailAddress,
+      label: GLOBAL_DATA.WORK.title,
+      location: {
+        city: GLOBAL_DATA.USER.location.city,
+        countryCode: "FR",
+      },
+      name: GLOBAL_DATA.USER.fullName,
+      phone: GLOBAL_DATA.USER.phoneNumber,
+      profiles: [
+        {
+          network: "GitHub",
+          url: GLOBAL_DATA.SOCIAL.github,
+          username: GLOBAL_DATA.USER.username,
+        },
+        {
+          network: "LinkedIn",
+          url: GLOBAL_DATA.SOCIAL.linkedin,
+        },
+      ],
+      summary: GLOBAL_DATA.USER.description,
+      url: GLOBAL_DATA.SOCIAL.portfolio,
+    },
+    work: GLOBAL_DATA.WORK.jobs.map((job) => ({
+      name: job.company,
+      position: job.title,
+      url: job.website,
+    })),
+  };
+
+  return NextResponse.json(resume, {
+    headers: {
+      "Cache-Control": "public, max-age=3600, s-maxage=3600",
+    },
+  });
+};
diff --git a/src/components/features/WritingsProgress.tsx b/src/components/features/WritingsProgress.tsx
new file mode 100644
index 0000000..841b59c
--- /dev/null
+++ b/src/components/features/WritingsProgress.tsx
@@ -0,0 +1,20 @@
+"use client";
+
+import { motion, useScroll, useSpring } from "motion/react";
+
+export const WritingsProgress = () => {
+  const { scrollYProgress } = useScroll();
+  const scaleX = useSpring(scrollYProgress, {
+    damping: 30,
+    restDelta: 0.001,
+    stiffness: 200,
+  });
+
+  return (
+    <motion.div
+      aria-hidden
+      className="fixed inset-x-0 top-0 z-[60] h-0.5 origin-left bg-theme"
+      style={{ scaleX }}
+    />
+  );
+};
diff --git a/src/components/features/WritingsRelated.tsx b/src/components/features/WritingsRelated.tsx
new file mode 100644
index 0000000..bb27d4d
--- /dev/null
+++ b/src/components/features/WritingsRelated.tsx
@@ -0,0 +1,61 @@
+import Link from "next/link";
+
+import type { Content } from "@/lib/content";
+import { dayjs } from "@/lib/functions";
+import { getRelatedContent } from "@/lib/related";
+import { m } from "@/paraglide/messages";
+import { localizeHref } from "@/paraglide/runtime";
+
+import { Divider } from "../base/Divider";
+import { PanelContent } from "../base/Panel";
+
+interface WritingsRelatedProps {
+  current: Content;
+  items: Content[];
+}
+
+export const WritingsRelated = ({
+  current,
+  items,
+}: WritingsRelatedProps) => {
+  const related = getRelatedContent(current, items);
+
+  if (related.length === 0) {
+    return null;
+  }
+
+  return (
+    <>
+      <Divider border={false} type="half" />
+
+      <PanelContent reset className="px-3 py-3">
+        <h2 className="font-medium text-muted-foreground text-sm">
+          {m.writings_related_heading()}
+        </h2>
+
+        <ul className="mt-3 flex flex-col gap-y-3">
+          {related.map(({ slug, metadata, reading }) => (
+            <li key={slug}>
+              <Link
+                aria-label={m.writings_related_item_aria({
+                  title: metadata.title,
+                })}
+                className="group flex flex-col gap-y-0.5"
+                href={localizeHref(`/${metadata.category}/${slug}`)}
+                prefetch
+              >
+                <span className="font-medium text-foreground transition-colors group-hover:text-theme">
+                  {metadata.title}
+                </span>
+                <span className="text-muted-foreground text-xs">
+                  {dayjs(metadata.createdAt).format("DD MMMM YYYY")} ·{" "}
+                  {reading.time}
+                </span>
+              </Link>
+            </li>
+          ))}
+        </ul>
+      </PanelContent>
+    </>
+  );
+};
diff --git a/src/lib/related.test.ts b/src/lib/related.test.ts
new file mode 100644
index 0000000..9ee5d29
--- /dev/null
+++ b/src/lib/related.test.ts
@@ -0,0 +1,91 @@
+import { describe, expect, it } from "vitest";
+
+import type { Content } from "@/lib/content";
+import { getRelatedContent } from "@/lib/related";
+
+const makeContent = (
+  slug: string,
+  tags: string[],
+  createdAt: string
+): Content => ({
+  content: "",
+  locale: "fr",
+  metadata: {
+    category: "articles",
+    createdAt: new Date(createdAt),
+    description: "",
+    tags,
+    title: slug,
+    updatedAt: new Date(createdAt),
+  },
+  reading: { time: "1 minutes", words: 100 },
+  slug,
+});
+
+describe("getRelatedContent", () => {
+  const current = makeContent(
+    "current",
+    ["react", "nextjs"],
+    "2026-01-01"
+  );
+
+  it("excludes the current content", () => {
+    const related = getRelatedContent(current, [current]);
+    expect(related).toHaveLength(0);
+  });
+
+  it("prioritizes contents sharing the most tags", () => {
+    const candidates = [
+      current,
+      makeContent("one-tag", ["react"], "2026-01-05"),
+      makeContent("two-tags", ["react", "nextjs"], "2026-01-02"),
+      makeContent("no-tag", ["css"], "2026-01-09"),
+    ];
+
+    const related = getRelatedContent(current, candidates);
+    expect(related.map(({ slug }) => slug)).toEqual([
+      "two-tags",
+      "one-tag",
+      "no-tag",
+    ]);
+  });
+
+  it("breaks ties by most recent date", () => {
+    const candidates = [
+      makeContent("older", ["react"], "2025-01-01"),
+      makeContent("newer", ["react"], "2026-01-01"),
+    ];
+
+    const related = getRelatedContent(current, candidates);
+    expect(related.map(({ slug }) => slug)).toEqual([
+      "newer",
+      "older",
+    ]);
+  });
+
+  it("respects the limit", () => {
+    const candidates = [
+      makeContent("a", ["react"], "2026-01-01"),
+      makeContent("b", ["react"], "2026-01-02"),
+      makeContent("c", ["react"], "2026-01-03"),
+      makeContent("d", ["react"], "2026-01-04"),
+    ];
+
+    expect(getRelatedContent(current, candidates, 2)).toHaveLength(2);
+    expect(getRelatedContent(current, candidates)).toHaveLength(3);
+  });
+
+  it("falls back to recency when contents have no tags", () => {
+    const untaggedCurrent = makeContent("current", [], "2026-01-01");
+    const candidates = [
+      makeContent("old", [], "2025-01-01"),
+      makeContent("recent", [], "2026-02-01"),
+    ];
+
+    const related = getRelatedContent(untaggedCurrent, candidates);
+    expect(related.map(({ slug }) => slug)).toEqual([
+      "recent",
+      "old",
+    ]);
+  });
+});
diff --git a/src/lib/related.ts b/src/lib/related.ts
new file mode 100644
index 0000000..17fc5c9
--- /dev/null
+++ b/src/lib/related.ts
@@ -0,0 +1,30 @@
+import type { Content } from "@/lib/content";
+
+const DEFAULT_LIMIT = 3;
+
+// Classe les contenus par nombre de tags partagés, puis par date
+// décroissante : les éléments sans tag commun complètent la liste.
+export const getRelatedContent = (
+  current: Content,
+  candidates: Content[],
+  limit = DEFAULT_LIMIT
+): Content[] => {
+  const currentTags = new Set(current.metadata.tags);
+
+  return candidates
+    .filter((candidate) => candidate.slug !== current.slug)
+    .map((candidate) => ({
+      candidate,
+      score: (candidate.metadata.tags ?? []).filter((tag) =>
+        currentTags.has(tag)
+      ).length,
+    }))
+    .toSorted(
+      (a, b) =>
+        b.score - a.score ||
+        b.candidate.metadata.createdAt.getTime() -
+          a.candidate.metadata.createdAt.getTime()
+    )
+    .slice(0, limit)
+    .map(({ candidate }) => candidate);
+};

From b13a3fc3af2d2c9f63425fcb1a053badcb0b7250 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Tue, 9 Jun 2026 20:34:08 +0000
Subject: [PATCH 3/6] Compteur de vues par contenu avec Vercel Blob
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Action serveur trackViewAction : compte les vues par article,
  composant et outil dans un blob JSON (stats/views.json), avec
  validation du slug contre le contenu existant, rate limiting par IP
  et désactivation propre si BLOB_READ_WRITE_TOKEN est absent
- Composant WritingsViews : affiche « x vues » à côté du titre,
  une seule vue comptée par session de navigation (sessionStorage),
  masqué tant que le compteur n'est pas disponible
- ArticleTitle accepte des children et WritingsHeading un slot meta
  pour accueillir le compteur, FR + EN

https://claude.ai/code/session_01SKa4Csg7HxNxwrt4knWE7r
---
 messages/en.json                              |  1 +
 messages/fr.json                              |  1 +
 package.json                                  |  1 +
 src/actions/views.action.ts                   | 92 +++++++++++++++++++
 .../(writings)/articles/[slug]/page.tsx       |  5 +-
 .../(writings)/components/[slug]/page.tsx     |  5 +-
 .../(writings)/utils/[slug]/page.tsx          |  7 +-
 src/components/blog/ArticleTitle.tsx          |  9 +-
 src/components/features/WritingsHeading.tsx   | 21 +++--
 src/components/features/WritingsViews.tsx     | 67 ++++++++++++++
 10 files changed, 198 insertions(+), 11 deletions(-)
 create mode 100644 src/actions/views.action.ts
 create mode 100644 src/components/features/WritingsViews.tsx

diff --git a/messages/en.json b/messages/en.json
index 3385ad7..f1e6fca 100644
--- a/messages/en.json
+++ b/messages/en.json
@@ -291,6 +291,7 @@
   "writings_pagination_previous_aria": "previous",
   "writings_pagination_previous_sr": "previous",
   "writings_related_heading": "read next:",
+  "writings_views_count": "{views} view{plural}",
   "writings_related_item_aria": "Read: {title}",
   "writings_tags_by_category": "by category:",
   "writings_toc_trigger_label": "key points on this page",
diff --git a/messages/fr.json b/messages/fr.json
index aeac06f..da7b895 100644
--- a/messages/fr.json
+++ b/messages/fr.json
@@ -291,6 +291,7 @@
   "writings_pagination_previous_aria": "Précédent",
   "writings_pagination_previous_sr": "Précédent",
   "writings_related_heading": "à lire ensuite :",
+  "writings_views_count": "{views} vue{plural}",
   "writings_related_item_aria": "Lire : {title}",
   "writings_tags_by_category": "par catégorie :",
   "writings_toc_trigger_label": "points importants sur cette page",
diff --git a/package.json b/package.json
index 9922bf0..db571c4 100644
--- a/package.json
+++ b/package.json
@@ -89,6 +89,7 @@
     "@tsparticles/slim": "^4.1.3",
     "@uidotdev/usehooks": "^2.4.1",
     "@vercel/analytics": "^2.0.1",
+    "@vercel/blob": "^2.4.0",
     "@vercel/speed-insights": "^2.0.0",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
diff --git a/src/actions/views.action.ts b/src/actions/views.action.ts
new file mode 100644
index 0000000..45d47a7
--- /dev/null
+++ b/src/actions/views.action.ts
@@ -0,0 +1,92 @@
+"use server";
+
+import { head, put } from "@vercel/blob";
+import { headers } from "next/headers";
+import { z } from "zod";
+
+import { actionClient } from "@/actions/safe-action";
+import { env } from "@/env";
+import { getContentBySlug } from "@/lib/content";
+import { logger } from "@/lib/logger";
+import { checkRateLimit, getClientIp } from "@/lib/rate-limit";
+
+const VIEWS_BLOB_PATH = "stats/views.json";
+const RATE_LIMIT_PER_IP = { limit: 60, windowMs: 10 * 60 * 1000 };
+const SLUG_REGEX = /^[a-z0-9-]+$/u;
+
+const viewSchema = z.object({
+  category: z.enum(["articles", "components", "utils"]),
+  increment: z.boolean(),
+  slug: z.string().regex(SLUG_REGEX).max(100),
+});
+
+type ViewCounts = Record<string, number>;
+
+const readViews = async (): Promise<ViewCounts> => {
+  try {
+    const blob = await head(VIEWS_BLOB_PATH, {
+      token: env.BLOB_READ_WRITE_TOKEN,
+    });
+    const res = await fetch(blob.url, { cache: "no-store" });
+    if (!res.ok) {
+      return {};
+    }
+
+    const data = (await res.json()) as ViewCounts;
+    return typeof data === "object" && data !== null ? data : {};
+  } catch {
+    // blob inexistant tant qu'aucune vue n'a été enregistrée
+    return {};
+  }
+};
+
+export const trackViewAction = actionClient
+  .inputSchema(viewSchema)
+  .action(async ({ parsedInput }) => {
+    const { category, increment, slug } = parsedInput;
+
+    if (!env.BLOB_READ_WRITE_TOKEN) {
+      return { views: null };
+    }
+
+    if (!getContentBySlug(slug, category)) {
+      return { views: null };
+    }
+
+    const key = `${category}/${slug}`;
+    const views = await readViews();
+    const current = views[key] ?? 0;
+
+    if (!increment) {
+      return { views: current };
+    }
+
+    const clientIp = getClientIp(await headers());
+    const rate = checkRateLimit(
+      `views:ip:${clientIp}`,
+      RATE_LIMIT_PER_IP
+    );
+    if (!rate.allowed) {
+      return { views: current };
+    }
+
+    // Lecture-modification-écriture non atomique : des incréments
+    // peuvent se perdre en cas d'accès concurrents, acceptable pour
+    // un compteur de vues de portfolio.
+    views[key] = current + 1;
+
+    try {
+      await put(VIEWS_BLOB_PATH, JSON.stringify(views), {
+        access: "public",
+        addRandomSuffix: false,
+        allowOverwrite: true,
+        contentType: "application/json",
+        token: env.BLOB_READ_WRITE_TOKEN,
+      });
+    } catch (error) {
+      logger.error("Failed to persist view counts:", error);
+      return { views: current };
+    }
+
+    return { views: current + 1 };
+  });
diff --git a/src/app/(fr)/(content)/(writings)/articles/[slug]/page.tsx b/src/app/(fr)/(content)/(writings)/articles/[slug]/page.tsx
index 5fdc4fb..8fdbf26 100644
--- a/src/app/(fr)/(content)/(writings)/articles/[slug]/page.tsx
+++ b/src/app/(fr)/(content)/(writings)/articles/[slug]/page.tsx
@@ -7,6 +7,7 @@ import { WritingsProgress } from "@/components/features/WritingsProgress";
 import { WritingsRelated } from "@/components/features/WritingsRelated";
 import { WritingsToC } from "@/components/features/WritingsToC";
 import { WritingsTopBar } from "@/components/features/WritingsTopBar";
+import { WritingsViews } from "@/components/features/WritingsViews";
 import { Mdx } from "@/components/markdown/mdx";
 import type { ContentLocale } from "@/lib/content";
 import {
@@ -72,7 +73,9 @@ export const ArticleView = ({
       )}
       <WritingsProgress />
       <WritingsTopBar item={article} items={articles} slug={slug} />
-      <ArticleTitle title={metadata.title} />
+      <ArticleTitle title={metadata.title}>
+        <WritingsViews category="articles" slug={slug} />
+      </ArticleTitle>
       <WritingsToC content={content} />
       <Mdx code={content} />
       <WritingsRelated current={article} items={articles} />
diff --git a/src/app/(fr)/(content)/(writings)/components/[slug]/page.tsx b/src/app/(fr)/(content)/(writings)/components/[slug]/page.tsx
index 33a45ef..4572531 100644
--- a/src/app/(fr)/(content)/(writings)/components/[slug]/page.tsx
+++ b/src/app/(fr)/(content)/(writings)/components/[slug]/page.tsx
@@ -7,6 +7,7 @@ import { WritingsProgress } from "@/components/features/WritingsProgress";
 import { WritingsRelated } from "@/components/features/WritingsRelated";
 import { WritingsToC } from "@/components/features/WritingsToC";
 import { WritingsTopBar } from "@/components/features/WritingsTopBar";
+import { WritingsViews } from "@/components/features/WritingsViews";
 import { Mdx } from "@/components/markdown/mdx";
 import type { ContentLocale } from "@/lib/content";
 import {
@@ -80,7 +81,9 @@ export const ComponentView = ({
         items={components}
         slug={slug}
       />
-      <ArticleTitle title={metadata.title} />
+      <ArticleTitle title={metadata.title}>
+        <WritingsViews category="components" slug={slug} />
+      </ArticleTitle>
       <WritingsToC content={content} />
       <Mdx code={content} />
       <WritingsRelated current={component} items={components} />
diff --git a/src/app/(fr)/(content)/(writings)/utils/[slug]/page.tsx b/src/app/(fr)/(content)/(writings)/utils/[slug]/page.tsx
index b6b8e09..f11bf14 100644
--- a/src/app/(fr)/(content)/(writings)/utils/[slug]/page.tsx
+++ b/src/app/(fr)/(content)/(writings)/utils/[slug]/page.tsx
@@ -9,6 +9,7 @@ import { WritingsProgress } from "@/components/features/WritingsProgress";
 import { WritingsRelated } from "@/components/features/WritingsRelated";
 import { WritingsToC } from "@/components/features/WritingsToC";
 import { WritingsTopBar } from "@/components/features/WritingsTopBar";
+import { WritingsViews } from "@/components/features/WritingsViews";
 import { Mdx } from "@/components/markdown/mdx";
 import type { ContentLocale } from "@/lib/content";
 import {
@@ -83,7 +84,11 @@ export const UtilView = ({
 
       <Divider border={false} type="half" />
 
-      <WritingsHeading title={title} description={description} />
+      <WritingsHeading
+        title={title}
+        description={description}
+        meta={<WritingsViews category="utils" slug={slug} />}
+      />
 
       <Divider border={false} type="half" />
 
diff --git a/src/components/blog/ArticleTitle.tsx b/src/components/blog/ArticleTitle.tsx
index 4e4e48a..6fabe46 100644
--- a/src/components/blog/ArticleTitle.tsx
+++ b/src/components/blog/ArticleTitle.tsx
@@ -1,10 +1,16 @@
+import type { ReactNode } from "react";
+
 import { PixelHeading } from "../blocks/PixelHeading";
 
 interface ArticleTitleProps {
   title: string;
+  children?: ReactNode;
 }
 
-export const ArticleTitle = ({ title }: ArticleTitleProps) => (
+export const ArticleTitle = ({
+  title,
+  children,
+}: ArticleTitleProps) => (
   <div className="screen-line-after flex w-full items-center justify-between gap-x-3 px-2 sm:px-4">
     <PixelHeading
       autoPlay
@@ -13,5 +19,6 @@ export const ArticleTitle = ({ title }: ArticleTitleProps) => (
     >
       {title}
     </PixelHeading>
+    {children}
   </div>
 );
diff --git a/src/components/features/WritingsHeading.tsx b/src/components/features/WritingsHeading.tsx
index 0e957a8..4634aff 100644
--- a/src/components/features/WritingsHeading.tsx
+++ b/src/components/features/WritingsHeading.tsx
@@ -1,3 +1,5 @@
+import type { ReactNode } from "react";
+
 import { PanelContent } from "../base/Panel";
 import { PixelHeading } from "../blocks/PixelHeading";
 import { Prose } from "../primitives/Typography";
@@ -5,20 +7,25 @@ import { Prose } from "../primitives/Typography";
 interface WritingsHeadingProps {
   title: string;
   description: string;
+  meta?: ReactNode;
 }
 
 export const WritingsHeading = ({
   title,
   description,
+  meta,
 }: WritingsHeadingProps) => (
   <>
-    <PixelHeading
-      autoPlay
-      className="text-3xl sm:text-4xl px-3 py-1 text-theme"
-      mode="multi"
-    >
-      {title}
-    </PixelHeading>
+    <div className="flex w-full items-center justify-between gap-x-3 pr-3">
+      <PixelHeading
+        autoPlay
+        className="text-3xl sm:text-4xl px-3 py-1 text-theme"
+        mode="multi"
+      >
+        {title}
+      </PixelHeading>
+      {meta}
+    </div>
     <PanelContent reset className="screen-line-before px-3 py-1.5">
       <Prose>-- {description} --</Prose>
     </PanelContent>
diff --git a/src/components/features/WritingsViews.tsx b/src/components/features/WritingsViews.tsx
new file mode 100644
index 0000000..9d0c475
--- /dev/null
+++ b/src/components/features/WritingsViews.tsx
@@ -0,0 +1,67 @@
+"use client";
+
+import { useEffect, useState } from "react";
+
+import { trackViewAction } from "@/actions/views.action";
+import type { ContentCategory } from "@/lib/content";
+import { m } from "@/paraglide/messages";
+
+interface WritingsViewsProps {
+  category: ContentCategory;
+  slug: string;
+}
+
+export const WritingsViews = ({
+  category,
+  slug,
+}: WritingsViewsProps) => {
+  const [views, setViews] = useState<number | null>(null);
+
+  useEffect(() => {
+    const storageKey = `viewed:${category}/${slug}`;
+    let cancelled = false;
+
+    // une seule vue comptée par session de navigation
+    const alreadyViewed = sessionStorage.getItem(storageKey) === "1";
+
+    const track = async () => {
+      try {
+        const result = await trackViewAction({
+          category,
+          increment: !alreadyViewed,
+          slug,
+        });
+        if (cancelled) {
+          return;
+        }
+
+        const count = result?.data?.views;
+        if (typeof count === "number") {
+          sessionStorage.setItem(storageKey, "1");
+          setViews(count);
+        }
+      } catch {
+        // le compteur reste masqué si le suivi échoue
+      }
+    };
+
+    track();
+
+    return () => {
+      cancelled = true;
+    };
+  }, [category, slug]);
+
+  if (views === null) {
+    return null;
+  }
+
+  return (
+    <span className="shrink-0 text-muted-foreground text-sm tabular-nums">
+      {m.writings_views_count({
+        plural: views > 1 ? "s" : "",
+        views,
+      })}
+    </span>
+  );
+};

From 1f0be40046e28b3ac5e0bd79c524a28d0b7e2145 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Tue, 9 Jun 2026 20:40:24 +0000
Subject: [PATCH 4/6] Outillage dev : rsc-boundary et nextmap (Next.js Weekly)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- rsc-boundary : visualisation des frontières RSC/composants client
  en dev (pill flottant), branché dans RootDocument — rend uniquement
  children en production
- nextmap : carte interactive des routes via pnpm routes:map
- Documentation du nouveau script dans CLAUDE.md

https://claude.ai/code/session_01SKa4Csg7HxNxwrt4knWE7r
---
 CLAUDE.md                              |  1 +
 package.json                           |  3 +++
 src/components/layout/RootDocument.tsx | 19 ++++++++++++-------
 3 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/CLAUDE.md b/CLAUDE.md
index e9052d4..e51e087 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -19,6 +19,7 @@ pnpm test                 # Vitest unit tests (src/**/*.test.ts)
 pnpm test:e2e             # Playwright e2e (e2e/, needs `playwright install chromium`)
 pnpm analyze              # Build with @next/bundle-analyzer
 pnpm knip                 # Dead code/dependency detection
+pnpm routes:map           # Interactive visual map of all routes (nextmap)
 pnpm i18n:compile         # Compile Paraglide messages to src/paraglide/
 pnpm registry:build       # Build component registry for distribution
 ```
diff --git a/package.json b/package.json
index db571c4..030443e 100644
--- a/package.json
+++ b/package.json
@@ -72,6 +72,7 @@
     "test:e2e": "playwright test",
     "analyze": "ANALYZE=true next build",
     "knip": "knip",
+    "routes:map": "nextmap",
     "prepare": "lefthook install"
   },
   "dependencies": {
@@ -119,6 +120,7 @@
     "react-use-measure": "^2.1.7",
     "resend": "^6.12.4",
     "rough-notation": "^0.5.1",
+    "rsc-boundary": "^0.2.0",
     "schema-dts": "^2.0.0",
     "sharp": "^0.34.5",
     "sonner": "^2.0.7",
@@ -152,6 +154,7 @@
     "jsdom": "^29.1.1",
     "knip": "^6.16.0",
     "lefthook": "^2.1.9",
+    "nextmap": "^1.0.1",
     "oxfmt": "^0.53.0",
     "oxlint": "^1.68.0",
     "pngjs": "^7.0.0",
diff --git a/src/components/layout/RootDocument.tsx b/src/components/layout/RootDocument.tsx
index 3032f87..6e9b924 100644
--- a/src/components/layout/RootDocument.tsx
+++ b/src/components/layout/RootDocument.tsx
@@ -9,6 +9,7 @@ import {
 import { GeistSans } from "geist/font/sans";
 import { NuqsAdapter } from "nuqs/adapters/next/app";
 import type React from "react";
+import { RscBoundaryProvider } from "rsc-boundary";
 
 import { TooltipProvider } from "@/components/base/Tooltip";
 import { LocaleProvider } from "@/components/providers/modules/LocaleProvider";
@@ -111,13 +112,17 @@ export const RootDocument = ({
       </head>
 
       <body className="font-pixel-square">
-        <NuqsAdapter>
-          <LocaleProvider locale={locale}>
-            <Providers>
-              <TooltipProvider>{children}</TooltipProvider>
-            </Providers>
-          </LocaleProvider>
-        </NuqsAdapter>
+        {/* devtools de visualisation des frontières RSC, rend uniquement
+            children en production */}
+        <RscBoundaryProvider>
+          <NuqsAdapter>
+            <LocaleProvider locale={locale}>
+              <Providers>
+                <TooltipProvider>{children}</TooltipProvider>
+              </Providers>
+            </LocaleProvider>
+          </NuqsAdapter>
+        </RscBoundaryProvider>
       </body>
     </html>
   );

From 84a59c851e619a2af63650b4470b1a873ae9e5f8 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Tue, 9 Jun 2026 20:47:03 +0000
Subject: [PATCH 5/6] Touches design : bouton retour en haut et easter egg
 Konami
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- BackToTop : bouton flottant animé (Motion) qui apparaît après 600px
  de scroll et remonte la page en douceur, icône ChevronUp animée,
  monté dans le layout du site (FR + EN)
- KonamiConfetti : le code Konami (↑↑↓↓←→←→BA) déclenche une pluie de
  confettis, un toast et un son — vérifié en navigateur via Playwright

https://claude.ai/code/session_01SKa4Csg7HxNxwrt4knWE7r
---
 messages/en.json                           |  2 +
 messages/fr.json                           |  2 +
 src/app/(fr)/(content)/layout.tsx          |  5 ++
 src/components/features/BackToTop.tsx      | 55 +++++++++++++
 src/components/features/KonamiConfetti.tsx | 91 ++++++++++++++++++++++
 5 files changed, 155 insertions(+)
 create mode 100644 src/components/features/BackToTop.tsx
 create mode 100644 src/components/features/KonamiConfetti.tsx

diff --git a/messages/en.json b/messages/en.json
index f1e6fca..35b52f3 100644
--- a/messages/en.json
+++ b/messages/en.json
@@ -1,6 +1,8 @@
 {
   "$schema": "https://inlang.com/schema/inlang-message-format",
   "article_french_only": "this article is written in French.",
+  "back_to_top_aria": "Back to top",
+  "easter_egg_toast": "secret code found, well done! 🎉",
   "footer_made_with_love_suffix": "in Paris.",
   "footer_on_branch": "(on branch {branch})",
   "home_about_collapse_button": "show less",
diff --git a/messages/fr.json b/messages/fr.json
index da7b895..7544f76 100644
--- a/messages/fr.json
+++ b/messages/fr.json
@@ -1,6 +1,8 @@
 {
   "$schema": "https://inlang.com/schema/inlang-message-format",
   "article_french_only": "cet article est rédigé en français.",
+  "back_to_top_aria": "Retour en haut de page",
+  "easter_egg_toast": "code secret découvert, bravo ! 🎉",
   "footer_made_with_love_suffix": "à Paris.",
   "footer_on_branch": "(sur la branche {branch})",
   "home_about_collapse_button": "réduire le texte",
diff --git a/src/app/(fr)/(content)/layout.tsx b/src/app/(fr)/(content)/layout.tsx
index e5873df..04ac829 100644
--- a/src/app/(fr)/(content)/layout.tsx
+++ b/src/app/(fr)/(content)/layout.tsx
@@ -1,6 +1,8 @@
 import type React from "react";
 
 import { Particles } from "@/components/blocks/Particles";
+import { BackToTop } from "@/components/features/BackToTop";
+import { KonamiConfetti } from "@/components/features/KonamiConfetti";
 import { Footer } from "@/components/layout/footer/Footer";
 import { NavBar } from "@/components/layout/navbar/NavBar";
 import { m } from "@/paraglide/messages";
@@ -27,6 +29,9 @@ const AppLayout = ({ children }: Readonly<AppLayoutProps>) => (
     </main>
     <Footer />
 
+    <BackToTop />
+    <KonamiConfetti />
+
     <Particles density={80} />
   </>
 );
diff --git a/src/components/features/BackToTop.tsx b/src/components/features/BackToTop.tsx
new file mode 100644
index 0000000..b6c4147
--- /dev/null
+++ b/src/components/features/BackToTop.tsx
@@ -0,0 +1,55 @@
+"use client";
+
+import {
+  AnimatePresence,
+  motion,
+  useMotionValueEvent,
+  useScroll,
+} from "motion/react";
+import { useState } from "react";
+
+import { Button } from "@/components/primitives/Button";
+import useAnimatedRef from "@/hooks/useAnimatedRef";
+import { m } from "@/paraglide/messages";
+
+import { ChevronUp } from "../motion/ChevronUp";
+
+const SCROLL_THRESHOLD = 600;
+
+export const BackToTop = () => {
+  const { scrollY } = useScroll();
+  const [visible, setVisible] = useState(false);
+  const chevron = useAnimatedRef();
+
+  useMotionValueEvent(scrollY, "change", (latest) => {
+    setVisible(latest > SCROLL_THRESHOLD);
+  });
+
+  return (
+    <AnimatePresence>
+      {visible && (
+        <motion.div
+          animate={{ opacity: 1, y: 0 }}
+          className="fixed right-4 bottom-4 z-40 sm:right-6 sm:bottom-6"
+          exit={{ opacity: 0, y: 16 }}
+          initial={{ opacity: 0, y: 16 }}
+          transition={{ duration: 0.2 }}
+        >
+          <Button
+            aria-label={m.back_to_top_aria()}
+            className="bg-background/80 backdrop-blur-sm"
+            onClick={() =>
+              window.scrollTo({ behavior: "smooth", top: 0 })
+            }
+            onMouseEnter={chevron.handleMouseEnter}
+            onMouseLeave={chevron.handleMouseLeave}
+            size="icon"
+            variant="outline"
+          >
+            <ChevronUp ref={chevron.ref} />
+          </Button>
+        </motion.div>
+      )}
+    </AnimatePresence>
+  );
+};
diff --git a/src/components/features/KonamiConfetti.tsx b/src/components/features/KonamiConfetti.tsx
new file mode 100644
index 0000000..8a0ae27
--- /dev/null
+++ b/src/components/features/KonamiConfetti.tsx
@@ -0,0 +1,91 @@
+"use client";
+
+import { useEffect, useState } from "react";
+import Confetti from "react-confetti";
+import { toast } from "sonner";
+
+import { soundManager } from "@/lib/sound-manager";
+import { m } from "@/paraglide/messages";
+
+const KONAMI_SEQUENCE = [
+  "ArrowUp",
+  "ArrowUp",
+  "ArrowDown",
+  "ArrowDown",
+  "ArrowLeft",
+  "ArrowRight",
+  "ArrowLeft",
+  "ArrowRight",
+  "b",
+  "a",
+];
+
+const CELEBRATION_MS = 8000;
+
+export const KonamiConfetti = () => {
+  const [celebrating, setCelebrating] = useState(false);
+
+  useEffect(() => {
+    let progress = 0;
+
+    const onKeyDown = (event: KeyboardEvent) => {
+      const target = event.target as HTMLElement;
+      if (
+        target.isContentEditable ||
+        target.matches("input, textarea, select")
+      ) {
+        return;
+      }
+
+      const key =
+        event.key.length === 1 ? event.key.toLowerCase() : event.key;
+
+      if (key === KONAMI_SEQUENCE[progress]) {
+        progress += 1;
+      } else {
+        progress = key === KONAMI_SEQUENCE[0] ? 1 : 0;
+      }
+
+      if (progress === KONAMI_SEQUENCE.length) {
+        progress = 0;
+        setCelebrating(true);
+        soundManager.playToastSound();
+        toast.success("", {
+          description: m.easter_egg_toast(),
+          duration: 5000,
+          id: "konami",
+        });
+      }
+    };
+
+    document.addEventListener("keydown", onKeyDown);
+    return () => document.removeEventListener("keydown", onKeyDown);
+  }, []);
+
+  useEffect(() => {
+    if (!celebrating) {
+      return;
+    }
+
+    const timeout = setTimeout(
+      () => setCelebrating(false),
+      CELEBRATION_MS
+    );
+    return () => clearTimeout(timeout);
+  }, [celebrating]);
+
+  if (!celebrating) {
+    return null;
+  }
+
+  return (
+    <div className="pointer-events-none fixed inset-0 z-[70]">
+      <Confetti
+        className="size-full"
+        gravity={0.15}
+        numberOfPieces={300}
+        recycle={false}
+      />
+    </div>
+  );
+};

From b17e7990fa49e82863918d0b684619dadc0b9e79 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Tue, 9 Jun 2026 20:51:22 +0000
Subject: [PATCH 6/6] CI : ajout de la config .github/labeler.yml manquante
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Le workflow Labeler (pull_request_target) échouait sur chaque PR car
son fichier de configuration n'existait pas. Labels par chemins
modifiés : documentation, content, components, actions, routes,
tests, dependencies, ci.

https://claude.ai/code/session_01SKa4Csg7HxNxwrt4knWE7r
---
 .github/labeler.yml | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 .github/labeler.yml

diff --git a/.github/labeler.yml b/.github/labeler.yml
new file mode 100644
index 0000000..51dcf08
--- /dev/null
+++ b/.github/labeler.yml
@@ -0,0 +1,29 @@
+# Configuration de actions/labeler@v4 (.github/workflows/label.yml) :
+# applique des labels aux PR selon les fichiers modifiés.
+
+documentation:
+  - "**/*.md"
+
+content:
+  - "src/content/**"
+  - "messages/**"
+
+components:
+  - "src/components/**"
+  - "src/registry/**"
+
+actions:
+  - "src/actions/**"
+
+routes:
+  - "src/app/**"
+
+tests:
+  - "**/*.test.ts"
+  - "e2e/**"
+
+dependencies:
+  - "package.json"
+
+ci:
+  - ".github/**"