Frequently asked questions

Lifetime access to the full Sinter codebase via a private GitHub repo. That includes authentication (Supabase Auth with email/password, magic links, OAuth), payments (Stripe with full webhook handling), transactional email (Resend with 5 pre-built templates), 30 UI components in an interactive design viewer, 30 CI/CD workflows, 19 safety hooks, 375+ documented micro-lessons, and OWASP LLM Top 10 hardening. Plus all future updates for as long as Sinter is actively developed.

Node.js, pnpm, Docker Desktop (for local Supabase), and a GitHub account. For third-party services you’ll need accounts with Supabase (database and auth), Stripe (payments), and Resend (email). PostHog (analytics) and Sentry (error tracking) are optional but pre-configured. All of these have free tiers that cover development and early production.

If you use Claude Code, run /setup and it walks you through everything interactively. That takes about 10 minutes. There’s also a manual fallback (pnpm setup-fallback) that takes 30–45 minutes. Either way, you’re connecting Supabase, Stripe, and Resend, setting environment variables, and running database migrations.

Basic familiarity helps, but Sinter is designed to work with Claude Code, which understands the codebase deeply. The 521 documentation files, micro-lessons, and the skill system mean Claude Code can guide you through Next.js patterns as you build. If you’ve used React, you’ll pick it up.

The docs will cover Sinter’s architecture, conventions, and what every system does. This FAQ was generated by Claude Code reading the actual codebase, which tells you something about how well the project is documented. A live demo is coming.

It’s a Turborepo monorepo with pnpm workspaces. The main app lives in apps/web/ (Next.js 16). Shared packages include packages/ui/ (30+ components and design tokens), packages/db/ (Supabase client and types), packages/i18n/ (translations), packages/ai/ (AI utilities), and several more for config, types, and utilities. Database migrations live in supabase/. Claude Code skills, agents, and hooks live in .claude/.

Yes. Sinter has a dedicated prototype mode that relaxes quality gates for speed. Run pnpm prototype:enable right after cloning. It’s a day-one decision, not something you toggle mid-project. It disables TypeScript strict mode, downgrades ESLint errors to warnings, strips CI to build-only, and reduces commit hooks to just secret scanning and branch protection. When the prototype validates your idea, run pnpm check:production-ready to see what needs fixing, then pnpm convert:production to restore full quality gates.

Your best support is Claude Code itself. It knows the codebase intimately: 521 documentation files, 375+ micro-lessons, architecture guides, and can answer questions, debug issues, and walk you through unfamiliar areas instantly. That’s not a workaround; it’s by design. The entire project is structured so that AI tools can give you accurate, context-aware help at any time. For anything beyond that (licensing questions, bug reports, feature requests), email us directly.

You open the project, type /start, and point it at a GitHub issue. It reads the issue, decides whether you need the simple or spec-driven workflow, and sets everything up. For most work you’re writing code within seconds. For complex features it walks you through spec, plan, and task breakdown first so the agent isn’t guessing. Write code with full AI assistance that understands the project’s patterns and conventions. When you commit, Lefthook runs formatting, linting, secret scanning, and spell checking automatically. When you push, the full test suite and type checks run before your code reaches the remote. Open a pull request and 30 CI workflows handle security scans, accessibility checks, bundle size monitoring, and AI-powered code review. The knowledge system surfaces relevant patterns and gotchas as you work, so you’re building on what’s already been learned rather than rediscovering it.

Free starters give you the skeleton. You still need auth edge cases, payment webhooks, testing infrastructure, CI/CD pipelines, security hardening, and a way for your AI tools to understand the codebase. That’s where your time and tokens go. Sinter includes 30 CI/CD workflows, 19 safety hooks, and 375+ documented patterns that free starters don’t have. The gap between “it runs locally” and “it’s safe to go live” is what you’re paying for.

Yes. One purchase, unlimited projects. Build your own SaaS, build for clients, build side projects. No per-project licensing.

Unlimited. There’s no per-project or per-seat limit. Buy once, use it as many times as you want.

Run /update in Claude Code. It fetches the latest changes from Sinter, groups them by PR so you can see what changed, flags high-risk files like env config and database migrations, and previews conflicts before touching your working tree. When you proceed, it resolves conflicts with smart per-file heuristics and verifies the build afterward. No forced updates. You pull when you’re ready, and Claude walks you through the merge.

You keep your code. It’s a real codebase you own, not a hosted service. If updates stop, everything you have still works. The micro-lessons, skills, and documentation are all local to your project.

If you’re not satisfied, contact us at legal@getsinter.dev within 14 days of purchase. See our Terms of Service for full details.

Yes, but they all have generous free tiers. Supabase’s free tier covers most early-stage apps. Stripe charges per transaction (no monthly fee). Resend gives you 3,000 emails per month free. PostHog has a generous free tier too. You won’t pay anything until you have real users.

Solo ($249) is for one person. You can build unlimited projects, and contractors can work on your projects, but they can’t use Sinter independently. Team ($499) gives up to 5 named people at your company full access for company projects. Need more than 5? Purchase additional Team Licenses.

Not under your license. Contractors and collaborators can work on your projects, but if they want to use Sinter for their own products, they need their own Solo License.

Yes. The infrastructure (auth, payments, testing, CI/CD, the design system, security hardening) works with any editor or AI tool. The Claude Code slash commands, agents, and safety hooks are a bonus layer. You’re getting a production-ready Next.js codebase either way.

Slash commands are shortcuts you type in Claude Code to trigger specific workflows. For example, /start begins work on a GitHub issue, /setup walks you through project configuration, /commit creates a properly formatted commit, and /test generates and runs tests. There are 27 commands covering the full development lifecycle from planning to deployment.

There are 19 hooks that run automatically during Claude Code sessions. They block destructive git operations, validate database migrations before they run, inject project context (branch, issue info) into every prompt, scan for prompt injection attempts, audit security-sensitive commands, and enforce workflow rules. You don’t interact with them directly. They run silently and catch problems before they happen.

When you solve a tricky problem, run /learn to save it as a micro-lesson (a short markdown note with metadata). There are 375+ of these in the codebase already, covering patterns from database edge cases to security gotchas. They’re indexed by domain and ranked by how often they’re relevant. When Claude Code works on related code, it surfaces the right lessons automatically. Run /reflect to analyze recent lessons and suggest improvements to project guides.

Simple workflow is for low-risk changes: bug fixes, single components, refactoring. It’s /start → /code → /commit. Spec-driven workflow is for complex features that touch auth, payments, database schema, or multiple systems. It adds planning steps: /start → /spec → /plan → /tasks → /code → /verify → /commit. The /start command auto-detects which workflow to use based on the issue.

Yes. Skills are markdown files in .claude/skills/ and agents are defined in .claude/agents/. There’s a /skill-creator meta-skill that analyzes your needs and generates new skills with proper structure. The system is designed to grow with your project.

The opposite. Sinter is built to be token-efficient at every layer. Skills use three-tier progressive disclosure: metadata first (~50 tokens), then usage details (~500 tokens), then full implementation guides (~2,000 tokens), loading only what the task needs. Code search uses AST patterns instead of reading entire files, cutting research cycles from ~30K tokens to 3-5K. A .claudeignore file excludes archives and build output from context. Hooks inject session state (branch, issue, date) once at startup so prompts stay lean. Heavy operations like code review and spec analysis run in isolated subagent contexts to keep your main conversation clean. Workflows checkpoint progress to disk, so resuming after a context reset costs near-zero tokens. The result: ~65% fewer tokens on average compared to an unoptimized codebase, with some automation tasks seeing 89% savings.

/health audits your codebase architecture. It checks module boundaries, coupling patterns, dead exports, and test coverage drift. It's not a linter. Linters check syntax and style. /health catches the structural decay that builds up over weeks of shipping features. Run it after a sprint, or weekly on active projects. It ranks findings by impact and creates GitHub issues with migration plans for the ones you want to fix.

Three entry points. Pick whichever matches where you are. /think is for rough ideas. It interviews you about every aspect of the feature, reads the codebase for context, and produces a structured brief. /bootstrap takes a PRD and turns it into a GitHub Epic with dependency-tracked issues. /start picks up an existing GitHub issue and begins work. Most people use /start day-to-day and /think when kicking off something new. None of them require the others.

SaaS apps, dashboards, marketplaces, internal tools, AI products, admin panels. Anything you’d build with Next.js. The stack also supports marketing pages, landing pages, and docs sites alongside your app. You can ship as a web app, a PWA, or pair with Expo for mobile. Not a fit for: native iOS/Android apps, WordPress sites, or standalone Shopify storefronts.

Next.js 16 with React 19, TypeScript 5, Tailwind CSS 4, and Turborepo for the monorepo. Supabase for database (PostgreSQL) and auth. Stripe for payments. Resend for transactional email. PostHog for analytics. Sentry for error tracking. Vercel AI SDK 6 for AI features with multi-provider support (Anthropic and OpenAI). Vitest for unit tests, Playwright for E2E tests.

Supabase Auth handles the core: email/password, magic links, and OAuth providers. Server-side session management with httpOnly cookies. Row-Level Security policies at the database level so data access is enforced even if application code has bugs. There’s a swappable adapter pattern if you want to switch to NextAuth, Clerk, or a custom provider later. Rate limiting on auth endpoints prevents brute force attempts.

Stripe handles everything. There’s a complete webhook handler covering checkout sessions, subscription lifecycle events (created, updated, deleted), invoice payments, trial expiry warnings, refunds, and disputes. Subscription status is tracked in the database. The pricing page and customer portal are pre-built. Stripe test keys are blocked in production to prevent accidental sandbox usage.

Unit tests with Vitest (70% coverage minimum enforced), E2E tests with Playwright (Chromium desktop and mobile), database tests with pgTAP for RLS policies, and bash tests with BATS for shell scripts. There are 20+ E2E test files. An AI-powered test healer analyzes failures and proposes fixes. Pre-commit hooks run linting, secret scanning, and spell checking. Pre-push hooks run the full test suite.

Multiple layers. Row-Level Security at the database level. Input validation with Zod schemas on all forms and server-side re-validation. CSRF protection on API endpoints. Content Security Policy headers. Secret scanning with Gitleaks on every commit. Rate limiting on auth and AI endpoints. Error masking so internal details don’t leak. OWASP LLM Top 10 hardening for the AI features. 30 CI workflows include security checks on every pull request.

Auth has a swappable adapter pattern (Supabase, NextAuth, Clerk, or custom). Replacing the database or payments is more involved since they’re wired into migrations, webhooks, and RLS policies. It’s possible but not a quick swap; you’d be rewriting integration code.

The infrastructure is production-grade: security hardening, error tracking, monitoring, CI/CD with automated rollbacks, and testing coverage. Sinter is designed for Vercel deployment with Supabase as the backend. How much traffic you handle depends on your Supabase and Vercel plan tiers, not Sinter itself.

next-intl v4 with locale-prefixed routing. All UI text lives in centralized JSON translation files, enforced by an ESLint rule that blocks hardcoded strings. Ships with English, but the infrastructure is ready for any language. Server components use getTranslations(), client components use useTranslations(). Type-safe keys with TypeScript autocomplete.

30 GitHub Actions workflows. The core CI runs type checking, linting, and tests on every PR. Security workflows include CodeQL analysis, Gitleaks scanning, dependency review, and accessibility audits. There’s automated PR labeling, bundle size monitoring, database migration validation, and an AI-powered code review via CodeRabbit. Post-deploy smoke tests and synthetic monitoring are included.

Three layers, each catching different things. On every commit (via Lefthook): Biome runs formatting and linting, Gitleaks scans for leaked secrets, typos catches spelling errors, ShellCheck validates shell scripts, Stylelint checks CSS, markdownlint validates docs, commitlint enforces commit message conventions, and a large-deletion guard prevents accidental mass file removal. On every push: branch protection blocks direct pushes to main, ESLint runs in strict mode (zero warnings outside marketing pages), TypeScript type checking, lockfile sync validation, unit tests via Vitest, and component registry validation. In CI on every pull request: all of the above plus CodeQL security analysis, dependency vulnerability review, accessibility audits, bundle size monitoring, database migration validation, and AI-powered code review via CodeRabbit.

It’s your code. You can change anything. Sinter is opinionated about structure and quality, but not locked down. Some integrations have adapter patterns that make swapping straightforward (see the question above about swapping Supabase or Stripe). For removing things entirely (say you don’t need analytics or email yet), you delete the integration code and its references. Claude Code understands the dependency graph well enough to guide you through what to remove and what to keep. The quality gates, CI workflows, and design system are modular too: prototype mode strips them down to the essentials if you want to move fast first and add rigor later.

Edit one file. The design system uses a three-tier token architecture: raw values (colors, spacing, typography), semantic tokens (what they mean: background, foreground, primary, muted), and component tokens (button backgrounds, input borders). Change your color scheme in tokens.css and it cascades through all 30+ components automatically. Light and dark mode are built in. The interactive design viewer at /design lets you browse every component, see which tokens it uses, and preview changes before touching your app. Tailwind CSS 4 integration means your tokens work everywhere, and custom ESLint rules block hardcoded colors and spacing so the system stays consistent as you build.

That’s the problem Sinter is designed to solve. Most AI tools generate code that looks fine on first glance but falls apart at the edges: inconsistent spacing, missing loading states, generic error messages, accessibility gaps. Sinter enforces design quality through multiple layers. ESLint rules block hardcoded colors, spacing, and typography. Everything goes through semantic tokens, so the visual language stays coherent as the codebase grows. The /design command runs four specialized checks: token compliance, WCAG AA contrast, state coverage (loading, error, empty, success), and usability review. There are 11 documented design patterns covering forms, buttons, typography, motion, and layout. UX writing guidelines govern every button label, error message, and empty state, with automated copy review that catches generic or unclear text. A component registry tracks every variant so Claude Code selects the right component with the right props, not a guess. The result is UI that looks intentional, not generated.

WCAG AA compliance is a CI blocker, not a suggestion. The /design command includes an automated accessibility review that checks contrast ratios (4.5:1 for normal text, 3:1 for large), keyboard navigation, and screen reader compatibility. All 30+ components are built on Radix primitives with proper ARIA attributes, focus management, and keyboard handling baked in. Custom ESLint rules catch common issues like missing aria-labels on icon buttons or outline-none without focus-visible. CI runs accessibility audits on every pull request. The design patterns documentation covers accessibility requirements for each pattern type: forms, dialogs, navigation, loading states. Color is never used as the sole indicator for status or state.

Great for building your first version. When the codebase starts fighting you (bugs multiply, context fragments, auth breaks in edge cases), Sinter is the foundation you build on next. Think of it as a graduation path, not a replacement.

Similar price point, different depth. Sinter is built specifically for Claude Code with 37 skill domains, 12 specialized agents, and 19 safety hooks. It includes a compounding knowledge system (375+ micro-lessons), AI-assisted test repair, and 30 CI/CD workflows with security gates. ShipFast gives you the basics. Sinter gives you production hardening and an AI development methodology.

A free starter gets you routing and maybe basic auth. You’ll spend weeks adding payment webhooks, writing CI pipelines, configuring security headers, setting up testing, and building a design system. Then you need to document it all so your AI tools understand it. Sinter has 521 documentation files, 375+ micro-lessons, and 30 CI workflows already working together. The documentation alone would take months to write.

Sinter is designed as a starting point, not a migration target. If you have an existing Next.js app, you could adopt specific pieces (the Claude Code skills, the CI workflows, the design tokens) by copying them into your project. But migrating a full app onto Sinter’s architecture would be closer to a rewrite.

You absolutely can, and if learning is the goal, that’s a valid path. The question is whether you want to spend your time building infrastructure or building your product. Auth edge cases, payment webhook handling, CI/CD pipelines, security hardening: these are solved problems, but they’re time-consuming to get right even with AI help. And AI-assisted coding isn’t free: Claude Max starts at $100/month, so the subscription cost alone adds up quickly. The part that takes the longest isn’t the code. It’s the documentation. Sinter has 521 documentation files and 375+ micro-lessons structured for AI consumption. That’s what makes Claude Code effective on the codebase long-term, and it’s not something you can generate in a weekend.