I’d like to start discussing our recommendation to combine Frontity and WordPress in the same repo.
Of course, people can do what they please, but I think having an “official recommendation” would be great to standardize it a bit.
My first idea was to recommend keeping Frontity in the
/wp-content/frontity folder, like this:
/wp-content /plugins /themes /frontity package.json frontity.settings.js packages/...
But I don’t think that’s the best idea anymore, because it could compromise security. If people do the build in the same server, the server bundle will be exposed in the
/wp-content/frontity/build/server.js file, accessible from the Internet, and could leak a secret if people don’t use env variables.
The other idea is to add Frontity at the root:
/wp-content /plugins /themes ... /frontity package.json frontity.settings.js packages/...
But my afraid is that having Frontity in the root may lead to permission problems in some hostings, but I’m not sure about it.
Is there a place where the write permissions are granted but it’s not exposed?