# Project Requirements — Queue North Website

These requirements apply to all agents working on Queue North Website.

## Project Philosophy

- Feel modern for 2026 standards
- Prioritize responsiveness and reactivity
- Provide smooth user interaction
- Avoid outdated UI/UX patterns
- Maintain fast perceived performance
- Remain lightweight and maintainable
- Prioritize usability over unnecessary complexity

## Technology Stack

- **Build:** Vite
- **Frontend:** React 19 with client-side routing (React Router 7)
- **Styling:** Tailwind CSS with custom Queue North theme
- **UI Components:** shadcn/ui-style local primitives (Button, Card, Input, etc.)
- **State:** TanStack Query for server state
- **Notifications:** Sonner (toast)
- **Backend:** Express (Node.js)
- **Database:** SQLite via better-sqlite3
- **NOT Next.js.** This project uses Vite + React SPA, not Next.js App Router.

## Frontend Standards

- React SPA with React Router (no SSR, no server components)
- shadcn/ui-style primitives in `src/components/ui/`
- Tailwind utilities cleanly and predictably
- Responsive design (mobile + desktop)
- Loading states, error states, accessible interfaces
- Queue North brand colors: navy, light blue, white palette
- Georgia font for numeric content

## Backend Standards

- Express.js REST API
- SQLite via better-sqlite3
- Lead capture endpoints (`/api/leads`, `/api/support`)
- Validate all input, sanitize user-supplied data
- Structured error handling, no silent failures
- Environment variables for configuration, no hardcoded secrets

## Database Standards

- SQLite only
- Validate schema changes before deployment

## Code Quality

- Readable, maintainable, no overengineering
- Remove dead code, consistent formatting
- Document non-obvious logic
- Prefer clarity over cleverness

## Security

- OWASP best practices
- Input validation on all endpoints
- No secrets in logs
- Review dependencies for vulnerabilities

## Requirement Change Policy

Requirements may NOT be modified without explicit approval from `_null`.