Frequently asked questions

Lifetime access to the full Sinter codebase via a private GitHub repo. That includes authentication (Supabase Auth with email/password, magic links, OAuth), payments (Stripe with full webhook handling), transactional email (Resend with 5 pre-built templates), 30+ UI components in an interactive design viewer, 30 CI/CD workflows, 20+ safety hooks, 385+ documented micro-lessons, 6 MCP integrations (PostHog, Stripe, Supabase, Vercel, Upstash, Resend), and OWASP LLM Top 10 hardening. Plus all future updates for as long as Sinter is actively developed.

Node.js, pnpm, Docker Desktop (for local Supabase), and a GitHub account. For third-party services you’ll need accounts with Supabase (database and auth), Stripe (payments), and Resend (email). PostHog (analytics) and Sentry (error tracking) are optional but pre-configured. All of these have free tiers that cover development and early production.

After purchase you’ll get an invite to a private GitHub repo. Accept the invite, then open a terminal and run git clone --depth 1 https://github.com/getsinter/sinter.git. That downloads the full codebase to your machine. If you use VS Code or Cursor, you can also clone directly from the editor: open the command palette (Cmd+Shift+P or Ctrl+Shift+P), type "Git: Clone", and paste the repo URL. Either way, once it’s cloned, cd into the folder and run /setup to get everything configured.

If you use Claude Code, run /setup and it walks you through everything interactively. That takes about 10 minutes. There’s also a manual fallback (pnpm setup-fallback) that takes 30–45 minutes. Either way, you’re connecting Supabase, Stripe, and Resend, setting environment variables, and running database migrations.

Basic familiarity helps, but Sinter is designed to work with Claude Code, which understands the codebase deeply. The 535+ documentation files, micro-lessons, and the skill system mean Claude Code can guide you through Next.js patterns as you build. If you’ve used React, you’ll pick it up.

The docs will cover Sinter’s architecture, conventions, and what every system does. This FAQ was generated by Claude Code reading the actual codebase, which tells you something about how well the project is documented. A live demo is coming.

It’s a Turborepo monorepo with pnpm workspaces. The main app lives in apps/web/ (Next.js 16). Shared packages include packages/ui/ (30+ components and design tokens), packages/db/ (Supabase client and types), packages/i18n/ (translations), packages/ai/ (AI utilities), and several more for config, types, and utilities. Database migrations live in supabase/. Claude Code skills, agents, and hooks live in .claude/.

Yes. Sinter has a dedicated prototype mode that relaxes quality gates for speed. Run pnpm prototype:enable right after cloning. It’s a day-one decision, not something you toggle mid-project. It disables TypeScript strict mode, downgrades ESLint errors to warnings, strips CI to build-only, and reduces commit hooks to just secret scanning and branch protection. When the prototype validates your idea, run pnpm check:production-ready to see what needs fixing, then pnpm convert:production to restore full quality gates.

Your best support is Claude Code itself. It knows the codebase intimately: 535+ documentation files, 385+ micro-lessons, architecture guides, and can answer questions, debug issues, and walk you through unfamiliar areas instantly. That’s not a workaround; it’s by design. The entire project is structured so that AI tools can give you accurate, context-aware help at any time. For anything beyond that (licensing questions, bug reports, feature requests), email us directly.

Most work starts with /start and a GitHub issue number. It reads the issue, creates a branch, and figures out whether this is a quick fix or something bigger. For straightforward work (bug fixes, small features), you’re writing code immediately. For complex features, it generates a spec, plan, and task breakdown that you can review and adjust before implementation begins. When you’re done, /commit saves your work with a conventional commit message and runs quality checks (formatting, linting, secret scanning). /pr opens a draft pull request and runs an AI code review. After the PR merges, /cleanup deletes the branch and resets your workspace for the next issue. If you don’t have an issue yet, /think walks you through structured questions about your idea and produces a brief you can turn into an issue.

Free starters give you the skeleton. You still need auth edge cases, payment webhooks, testing infrastructure, CI/CD pipelines, security hardening, and a way for your AI tools to understand the codebase. That’s where your time and tokens go. Sinter includes 30 CI/CD workflows, 20+ safety hooks, and 385+ documented patterns that free starters don’t have. The gap between “it runs locally” and “it’s safe to go live” is what you’re paying for.

Yes. One purchase, unlimited projects. Build your own SaaS, build for clients, build side projects. No per-project licensing.

Unlimited. There’s no per-project or per-seat limit. Buy once, use it as many times as you want.

Run /update in Claude Code. It fetches the latest changes from Sinter, groups them by PR so you can see what changed, flags high-risk files like env config and database migrations, and previews conflicts before touching your working tree. When you proceed, it resolves conflicts with smart per-file heuristics and verifies the build afterward. No forced updates. You pull when you’re ready, and Claude walks you through the merge.

You keep your code. It’s a real codebase you own, not a hosted service. If updates stop, everything you have still works. The micro-lessons, skills, and documentation are all local to your project.

If you’re not satisfied, contact us at legal@getsinter.dev within 14 days of purchase. See our Terms of Service for full details.

Yes, but they all have generous free tiers. Supabase’s free tier covers most early-stage apps. Stripe charges per transaction (no monthly fee). Resend gives you 3,000 emails per month free. PostHog has a generous free tier too. You won’t pay anything until you have real users.

Solo ($249) is for one person. You can build unlimited projects, and contractors can work on your projects, but they can’t use Sinter independently. Team ($499) gives up to 5 named people at your company full access for company projects. Need more than 5? Purchase additional Team Licenses.

Not under your license. Contractors and collaborators can work on your projects, but if they want to use Sinter for their own products, they need their own Solo License.

Quality gates catch regressions before they reach users: 30 CI/CD workflows, pre-commit hooks, and automated test repair. When Sinter releases improvements, run /update to pull them into your project with a three-way merge. You get bug fixes and new patterns without losing your customizations. The micro-lesson system captures what you learn during development, so Claude Code gets more effective on your specific codebase over time. And the learning paths guide you through common maintenance tasks: adding fields, handling migrations, onboarding new developers. You own the code, and the tooling is designed to keep it healthy long after launch.

Yes. The infrastructure (auth, payments, testing, CI/CD, the design system, security hardening) works with any editor or AI tool. The Claude Code slash commands, agents, and safety hooks are a bonus layer. You’re getting a production-ready Next.js codebase either way.

Slash commands are shortcuts you type in Claude Code to trigger specific workflows. For example, /start begins work on a GitHub issue, /setup walks you through project configuration, /commit creates a properly formatted commit, and /test generates and runs tests. There are 30+ commands covering the full development lifecycle from planning to deployment.

There are 20+ hooks that run automatically during Claude Code sessions. They block destructive git operations, validate database migrations before they run, inject project context (branch, issue info) into every prompt, scan for prompt injection attempts, audit security-sensitive commands, and enforce workflow rules. You don’t interact with them directly. They run silently and catch problems before they happen.

When you solve a tricky problem, run /learn to save it as a micro-lesson (a short markdown note with metadata). There are 385+ of these in the codebase already, covering patterns from database edge cases to security gotchas. They’re indexed by domain and ranked by how often they’re relevant. When Claude Code works on related code, it surfaces the right lessons automatically. Run /reflect to analyze recent lessons and suggest improvements to project guides.

Simple workflow is for low-risk changes: bug fixes, single components, refactoring. It’s /start → /code → /commit. Spec-driven workflow is for complex features that touch auth, payments, database schema, or multiple systems. It adds planning steps: /start → /spec → /plan → /tasks → /code → /verify → /commit. The /start command auto-detects which workflow to use based on the issue.

Yes. Skills are markdown files in .claude/skills/ and agents are defined in .claude/agents/. There’s a /skill-creator meta-skill that analyzes your needs and generates new skills with proper structure. The system is designed to grow with your project.

The opposite. Sinter is built to be token-efficient at every layer. Skills use three-tier progressive disclosure: metadata first (~50 tokens), then usage details (~500 tokens), then full implementation guides (~2,000 tokens), loading only what the task needs. Code search uses AST patterns instead of reading entire files, cutting research cycles from ~30K tokens to 3-5K. A .claudeignore file excludes archives and build output from context. Hooks inject session state (branch, issue, date) once at startup so prompts stay lean. Heavy operations like code review and spec analysis run in isolated subagent contexts to keep your main conversation clean. Workflows checkpoint progress to disk, so resuming after a context reset costs near-zero tokens. The result: ~65% fewer tokens on average compared to an unoptimized codebase, with some automation tasks seeing 89% savings.

/health audits your codebase architecture. It checks module boundaries, coupling patterns, dead exports, and test coverage drift. It's not a linter. Linters check syntax and style. /health catches the structural decay that builds up over weeks of shipping features. Run it after a sprint, or weekly on active projects. It ranks findings by impact and creates GitHub issues with migration plans for the ones you want to fix.

Three entry points. Pick whichever matches where you are. /think is for rough ideas. It interviews you about every aspect of the feature, reads the codebase for context, and produces a structured brief. /bootstrap takes a PRD and turns it into a GitHub Epic with dependency-tracked issues. /start picks up an existing GitHub issue and begins work. Most people use /start day-to-day and /think when kicking off something new. None of them require the others.

The planning workflow catches them before you write code. When you run /specify and /plan on a complex feature, Sinter stress-tests your design with targeted questions: What happens when a user is deleted but has active records? What if two people edit the same record? What if a webhook fires twice? These scenarios get tracked in the spec so they don't get forgotten during implementation. For spec-driven features, the spec-planner agent runs failure mode analysis across critical codepaths, identifying what can go wrong and how to recover. It won't catch every edge case. But it catches the ones that usually surface in production.

30+ components built on Base UI primitives (the unstyled component library from the MUI team): buttons, forms, dialogs, cards, tabs, select menus, data tables, tooltips, toasts, sidebars, and more. Each one handles keyboard navigation, focus management, and ARIA attributes out of the box. You can customize any of them or add new ones as your product grows. Browse them all in the interactive viewer at /design with live examples and token usage for each variant.

Edit one file. The design system uses a three-tier token architecture: raw values (colors, spacing, typography), semantic tokens (what they mean: background, foreground, primary, muted), and component tokens (button backgrounds, input borders). Change your color scheme in tokens.css and it cascades through all 30+ components automatically. Light and dark mode are built in. The interactive viewer at /design lets you preview changes before touching your app. Custom ESLint rules block hardcoded colors and spacing so the system stays consistent as you build.

Most AI-generated apps fall apart at the edges: inconsistent spacing, missing loading states, error messages that sound like a robot wrote them. Sinter ships with opinionated guidelines that Claude Code follows when generating code. 12 design pattern guides cover layout, forms, typography, motion, loading states, empty states, error handling, and page composition. UX writing guidelines define how button labels, error messages, tooltips, and toasts should read. Motion guidelines set duration, easing, and reduced-motion behavior. These aren't documentation you hope the AI reads. They're enforced through ESLint rules and CI checks. Your app looks intentional because a designer already decided how errors read, how pages load, and how elements move. To make it yours, edit tokens.css. Your colors, typography, and spacing cascade through all 30+ components.

Yes. Light and dark themes with system preference detection. The token system defines both themes as parallel sets of semantic tokens, so switching is handled at the CSS layer. Components don't need conditional logic for dark mode. The warm charcoal dark theme avoids the cold blue-black look most starters ship with.

WCAG AA compliance is enforced in CI, not just recommended. /design includes automated checks for contrast ratios (4.5:1 for normal text, 3:1 for large), keyboard navigation, and screen reader compatibility. All 30+ components are built on Base UI primitives with proper ARIA attributes, focus management, and keyboard handling. Custom ESLint rules catch missing aria-labels on icon buttons and outline-none without focus-visible. Color is never the sole indicator for status or state.

A component registry tells Claude Code what's available: every component, its variants, sizes, and valid use cases. When you ask for a new page or feature, Claude selects from your actual design system instead of inventing markup. ESLint rules catch any deviation, so even AI-generated code follows your tokens and patterns. The /design command runs token compliance, WCAG AA contrast, state coverage, and usability checks in one pass.

Yes. The component library lives in packages/ui/ as a standard package. Import what you need, build your own alongside it, or extend existing components. The token system works with any Tailwind component. If you add a component to the registry, Claude Code will use it the same way it uses built-in ones.

All UI text lives in centralized translation files, one per language. Claude Code follows the UX writing guidelines when generating copy, so labels, errors, and empty states come out consistent. A copy review tool (pnpm design:validate:copy) catches title case mistakes, marketing jargon, blame language, and verbose messages. It runs in CI on every pull request. Typos are blocked on every commit by a spell checker.

Sinter uses next-intl, the most widely adopted i18n framework for Next.js. All UI text lives in one JSON file per language. To add Spanish, copy the English file, translate the strings, and register the locale. The app handles routing (/en/, /es/) and date formatting automatically. An ESLint rule blocks hardcoded strings in components, so nothing gets missed. The UX writing guidelines give translators context on tone and length constraints for each UI pattern (buttons should stay under 3 words, tooltips under one sentence). Strings use ICU message format for plurals, dates, and variables, so translators work with standard syntax.

SaaS apps, dashboards, marketplaces, AI products, admin panels. Anything you’d build with Next.js. Internal tools and dashboards are a strong fit too: the auth system, RBAC, data tables, and form components handle data-dense interfaces well, and smaller user bases mean fewer edge cases to manage. The stack also supports marketing pages, landing pages, and docs sites alongside your app. You can ship as a web app, a PWA, or pair with Expo for mobile. Not a fit for: native iOS/Android apps, WordPress sites, or standalone Shopify storefronts.

Next.js 16 with React 19, TypeScript 5, Tailwind CSS 4, and Turborepo for the monorepo. Supabase for database (PostgreSQL) and auth. Stripe for payments. Resend for transactional email. PostHog for analytics. Sentry for error tracking. Vercel AI SDK 6 for AI features with multi-provider support (Anthropic and OpenAI). Vitest for unit tests, Playwright for E2E tests.

Supabase Auth handles the core: email/password, magic links, and OAuth providers. Server-side session management with httpOnly cookies. Row-Level Security policies at the database level so data access is enforced even if application code has bugs. There’s a swappable adapter pattern if you want to switch to NextAuth, Clerk, or a custom provider later. Rate limiting on auth endpoints prevents brute force attempts.

Stripe handles everything. There’s a complete webhook handler covering checkout sessions, subscription lifecycle events (created, updated, deleted), invoice payments, trial expiry warnings, refunds, and disputes. Subscription status is tracked in the database. The pricing page and customer portal are pre-built. Stripe test keys are blocked in production to prevent accidental sandbox usage.

Unit tests with Vitest (70% coverage minimum enforced), E2E tests with Playwright (Chromium desktop and mobile), database tests with pgTAP for RLS policies, and bash tests with BATS for shell scripts. There are 17 E2E test files covering critical flows. An AI-powered test healer analyzes failures and proposes fixes. Pre-commit hooks run linting, secret scanning, and spell checking. Pre-push hooks run the full test suite.

Multiple layers. Row-Level Security at the database level. Input validation with Zod schemas on all forms and server-side re-validation. CSRF protection on API endpoints. Content Security Policy headers. Secret scanning with Gitleaks on every commit. Rate limiting on auth and AI endpoints. Error masking so internal details don’t leak. OWASP LLM Top 10 hardening for the AI features. 30 CI workflows include security checks on every pull request.

Auth has a swappable adapter pattern (Supabase, NextAuth, Clerk, or custom). Replacing the database or payments is more involved since they’re wired into migrations, webhooks, and RLS policies. It’s possible but not a quick swap; you’d be rewriting integration code.

The infrastructure is production-grade: security hardening, error tracking, monitoring, CI/CD with automated rollbacks, and testing coverage. Sinter is designed for Vercel deployment with Supabase as the backend. How much traffic you handle depends on your Supabase and Vercel plan tiers, not Sinter itself.

next-intl v4 with locale-prefixed routing. All UI text lives in centralized JSON translation files, enforced by an ESLint rule that blocks hardcoded strings. Ships with English, but the infrastructure is ready for any language. Server components use getTranslations(), client components use useTranslations(). Type-safe keys with TypeScript autocomplete.

30 GitHub Actions workflows. The core CI runs type checking, linting, and tests on every PR. Security workflows include CodeQL, Gitleaks, dependency review, and axe accessibility audits. Structural checks include Knip (dead code), DPDM (circular imports), and enforced coverage thresholds. Every release includes CycloneDX + SPDX software bills of materials. There’s also automated PR labeling, bundle-size monitoring, database migration validation, and an AI-powered code review via CodeRabbit. Post-deploy smoke tests and synthetic monitoring are included.

Three layers, each catching different things. On every commit (via Lefthook): Biome runs formatting and linting, Gitleaks scans for leaked secrets, typos catches spelling errors, ShellCheck validates shell scripts, Stylelint checks CSS, markdownlint validates docs, commitlint enforces commit message conventions, and a large-deletion guard prevents accidental mass file removal. On every push: branch protection blocks direct pushes to main, ESLint runs in strict mode (zero warnings outside marketing pages), TypeScript type checking, lockfile sync validation, unit tests via Vitest, and component registry validation. In CI on every pull request: all of the above plus CodeQL security analysis, dependency vulnerability review, accessibility audits, bundle size monitoring, database migration validation, and AI-powered code review via CodeRabbit.

It’s your code. You can change anything. Sinter is opinionated about structure and quality, but not locked down. Some integrations have adapter patterns that make swapping straightforward (see the question above about swapping Supabase or Stripe). For removing things entirely (say you don’t need analytics or email yet), you delete the integration code and its references. Claude Code understands the dependency graph well enough to guide you through what to remove and what to keep. The quality gates, CI workflows, and design system are modular too: prototype mode strips them down to the essentials if you want to move fast first and add rigor later.

Great for building your first version. When the codebase starts fighting you (bugs multiply, context fragments, auth breaks in edge cases), Sinter is the foundation you build on next. Think of it as a graduation path, not a replacement.

They're all solid products at similar price points. The difference is where the depth goes. ShipFast focuses on shipping fast: auth, payments, email, and you're off. Supastarter goes wide: five payment providers, multi-tenancy, admin panels, and broad AI editor support across Cursor, Copilot, and Claude Code. Makerkit targets B2B specifically with team management, org switching, and role-based access. Sinter goes deep on Claude Code. Instead of broad AI editor rules, you get 41 skill domains, 14 specialized agents, 22 safety hooks, and a knowledge system (390+ micro-lessons) that compounds over time. If you use Claude Code, that depth matters. If you need multi-tenancy or five payment providers, look at Supastarter or Makerkit instead.

A free starter gets you routing, and some include basic auth and even Stripe. But you’re still building payment webhook handling, CI pipelines, security headers, testing infrastructure, and documentation for your AI tools. Sinter has 535+ documentation files, 390+ micro-lessons, and 30 CI workflows already working together. The documentation alone would take months to write.

Sinter is designed as a starting point, not a migration target. If you have an existing Next.js app, you could adopt specific pieces (the Claude Code skills, the CI workflows, the design tokens) by copying them into your project. But migrating a full app onto Sinter’s architecture would be closer to a rewrite.

You absolutely can, and if learning is the goal, that’s a valid path. The question is whether you want to spend your time building infrastructure or building your product. Auth edge cases, payment webhook handling, CI/CD pipelines, security hardening: these are solved problems, but they’re time-consuming to get right even with AI help. And AI-assisted coding isn’t free: Claude Max starts at $100/month, so the subscription cost alone adds up quickly. The part that takes the longest isn’t the code. It’s the documentation. Sinter has 535+ documentation files and 390+ micro-lessons structured for AI consumption. That’s what makes Claude Code effective on the codebase long-term, and it’s not something you can generate in a weekend.