Skip to content

chore: Firebase 배포 설정 개선 (#53)#55

Merged
AndyH0ng merged 2 commits intomainfrom
chore/firebase-hosting#53
Jan 18, 2026
Merged

chore: Firebase 배포 설정 개선 (#53)#55
AndyH0ng merged 2 commits intomainfrom
chore/firebase-hosting#53

Conversation

@AndyH0ng
Copy link
Member

📌 관련 이슈

✨ 변경 내용

  • GitHub Actions: Node 버전 지정, npm 캐싱, 환경변수 주입
  • firebase.json: 정적 에셋 캐싱, 보안 헤더 추가
  • 환경변수 템플릿 업데이트

💡 참고 사항

스크린샷, 참고 링크, 추가 설명 등 (없으면 생략 가능)

- GitHub Actions: Node 버전 지정, npm 캐싱, 환경변수 주입
- firebase.json: 정적 에셋 캐싱, 보안 헤더 추가
- 환경변수 템플릿 업데이트

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
@gemini-code-assist
Copy link
Contributor

Summary of Changes

Hello @AndyH0ng, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

이 PR은 Firebase 배포 설정을 전반적으로 개선하여 애플리케이션의 성능, 보안 및 개발 워크플로우를 최적화하는 데 중점을 둡니다. GitHub Actions를 통해 CI/CD 파이프라인을 효율화하고, Firebase 호스팅 설정을 통해 정적 콘텐츠 캐싱 및 웹 보안을 강화하며, 환경변수 관리를 표준화하여 개발 편의성을 높였습니다.

Highlights

  • GitHub Actions 개선: Node.js 버전 지정, npm 캐싱 추가, 환경변수 주입을 통해 배포 워크플로우의 효율성과 안정성을 향상시켰습니다.
  • Firebase 호스팅 설정 강화: 정적 에셋(JS, CSS, 이미지 등)에 대한 캐싱 전략을 추가하고, 다양한 보안 헤더를 적용하여 웹 애플리케이션의 성능과 보안을 개선했습니다.
  • 환경변수 관리 업데이트: 개발 및 프로덕션 환경별 .env 파일을 추가하고, .env.example 템플릿을 상세하게 업데이트하여 환경변수 관리를 명확히 했습니다.
Ignored Files
  • Ignored by pattern: .github/workflows/** (2)
    • .github/workflows/firebase-hosting-merge.yml
    • .github/workflows/firebase-hosting-pull-request.yml
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

@github-actions
Copy link

github-actions bot commented Jan 18, 2026

Visit the preview URL for this PR (updated for commit 55f6606):

https://ttorang--pr55-chore-firebase-hosti-nbmlpcho.web.app

(expires Sun, 25 Jan 2026 10:02:00 GMT)

🔥 via Firebase Hosting GitHub Action 🌎

Sign: b554669f2531ae9a6954d553a841ad9a6c4ceb6d

Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

이번 PR은 Firebase 배포 설정을 개선하는 중요한 변경사항들을 포함하고 있습니다. 환경별 구성 분리, 캐싱 정책 및 보안 헤더 추가 등 배포 환경을 크게 향상시키는 좋은 작업입니다. firebase.json 파일의 헤더 설정과 관련하여 몇 가지 개선점을 제안합니다.

firebase.json Outdated
Comment on lines 50 to 53
{
"key": "X-XSS-Protection",
"value": "1; mode=block"
},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

security-high high

X-XSS-Protection 헤더는 현재 대부분의 최신 브라우저에서 지원이 중단되었으며, 구형 브라우저에서는 오히려 보안 취약점을 유발할 수 있습니다. 따라서 이 헤더를 제거하는 것이 좋습니다. 대신, 더 강력하고 표준적인 Content-Security-Policy (CSP) 헤더를 설정하여 XSS 공격을 방어하는 것을 권장합니다.

참고: MDN - X-XSS-Protection

Comment on lines 12 to 29
{
"source": "**/*.@(js|css)",
"headers": [
{
"key": "Cache-Control",
"value": "public, max-age=31536000, immutable"
}
]
},
{
"source": "**/*.@(jpg|jpeg|png|gif|webp|svg|ico|woff|woff2)",
"headers": [
{
"key": "Cache-Control",
"value": "public, max-age=31536000, immutable"
}
]
},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

자바스크립트/CSS 파일과 이미지/폰트 파일에 대한 캐싱 규칙이 동일한 Cache-Control 헤더를 사용하고 있습니다. 이 두 규칙을 하나로 병합하면 firebase.json 설정 파일을 더 간결하게 유지할 수 있습니다.

Suggested change
{
"source": "**/*.@(js|css)",
"headers": [
{
"key": "Cache-Control",
"value": "public, max-age=31536000, immutable"
}
]
},
{
"source": "**/*.@(jpg|jpeg|png|gif|webp|svg|ico|woff|woff2)",
"headers": [
{
"key": "Cache-Control",
"value": "public, max-age=31536000, immutable"
}
]
},
{
"source": "**/*.@(js|css|jpg|jpeg|png|gif|webp|svg|ico|woff|woff2)",
"headers": [
{
"key": "Cache-Control",
"value": "public, max-age=31536000, immutable"
}
]
},

- X-XSS-Protection 제거 (deprecated)
- Content-Security-Policy 추가
- 캐싱 규칙 병합 (JS/CSS + 이미지/폰트)

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
@TTORANG TTORANG deleted a comment from claude bot Jan 18, 2026
@AndyH0ng AndyH0ng linked an issue Jan 18, 2026 that may be closed by this pull request
3 tasks
@AndyH0ng AndyH0ng merged commit 5af4f47 into main Jan 18, 2026
3 checks passed
@AndyH0ng AndyH0ng deleted the chore/firebase-hosting#53 branch January 18, 2026 10:07
@AndyH0ng AndyH0ng restored the chore/firebase-hosting#53 branch January 18, 2026 11:01
@AndyH0ng AndyH0ng deleted the chore/firebase-hosting#53 branch January 18, 2026 11:08
@AndyH0ng AndyH0ng self-assigned this Jan 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

ci: 배포 개선

1 participant