DevDetective is a GitHub Portfolio Analyzer & Enhancer optimized for Vercel serverless deployment. It provides recruiter-style scoring, risk detection, roadmap generation, and downloadable reports using real GitHub data.
- Accepts GitHub username,
@username, or profile URL - Uses real GitHub REST/GraphQL data through serverless API
- Objective portfolio score (
0-100) + weighted category subscores - Recruiter insights: strengths, red flags, hidden risks
- Hireability score + readiness level
- Top repository ranking and visual analytics dashboard
- Personalized improvement roadmap and career-path recommendation
- Downloadable markdown recruiter report
- Dark/light mode and responsive SaaS-style UI
- Static frontend served via Vercel CDN
- Serverless API route:
api/analyze.js - Stateless request flow
- Optional distributed rate limiting using Vercel KV / Upstash REST
- API response caching + in-function cache + CDN caching headers
- Request de-duplication for concurrent same-user analysis calls
.
├── api/
│ ├── analyze.js
│ └── _lib/
│ ├── analysis.js
│ ├── github.js
│ ├── rate-limit.js
│ └── utils.js
├── src/
│ ├── main.js
│ ├── config/constants.js
│ ├── report/markdown.js
│ ├── ui/charts.js
│ ├── ui/elements.js
│ ├── ui/render.js
│ └── utils/core.js
├── index.html
├── style.css
├── sw.js
├── manifest.json
├── vercel.json
└── .env.example
Set in Vercel Project Settings -> Environment Variables.
GITHUB_TOKEN: GitHub token for higher rate limits and GraphQL pinned repos
KV_REST_API_URLKV_REST_API_TOKEN
RATE_LIMIT_MAX_REQUESTS(default30)RATE_LIMIT_WINDOW_MS(default60000)ANALYSIS_CACHE_TTL_MS(default300000)GITHUB_CACHE_TTL_MS(default120000)GITHUB_REQUEST_TIMEOUT_MS(default10000)
- Import this repository in Vercel.
- Add environment variables above.
- Deploy.
Vercel settings:
- Build Command: (none required)
- Output Directory: (none required)
- Framework Preset: Other
vercel.json already includes function config and production headers.
python3 -m http.server 5500Open http://localhost:5500.
vercel dev- Input sanitization for usernames/URLs
- API abuse protection with rate limiting
- 429 responses when limits are exceeded
- Graceful handling for invalid input, not found, network failures, and GitHub upstream failures
- No sensitive token exposed to browser
- Security headers configured via
vercel.json
- Commit consistency is approximated via
pushed_atmetadata. - Deep README/language checks are limited to top repos for performance and GitHub quota efficiency.