§ FX-41✕ FAIL
AI token spiral — runaway credit burn
Cursor or Bolt burns through credits on recursive fixes. Five root causes, per-tool recovery steps, and a prevention checklist so the spiral does not restart on the next feature.
§ FX-00/error fix index
AI app error fix index — 43 common AI app problems
The symptom-to-fix index for AI-built apps. Forty-three exact-match errors drawn from rescue work across Lovable, Bolt, Cursor, Claude Code, v0, Base44, and Replit Agent — now covering Turbopack, Clerk, NextAuth, Prisma pooling, Supabase Realtime and Storage, upstream rate limits, and three AI-builder coding-loop failures (token spirals, regression loops, context loss). Each page maps the error string to the root cause, the code-level fix, and a regression test you can merge.
The Afterbuild Labs /fix index is grouped into four mid-tier topical hubs — payments, auth, deploy, and database — plus a long tail of framework-specific and tool-specific errors. Roughly seventy percent of the production incidents Afterbuild Labs audits trace back to four recurring failure classes: Supabase Row-Level Security policies missing or misconfigured on multi-tenant tables, Stripe webhook handlers that only process checkout.session.completed and ignore invoice.paid, customer.subscription.updated, and customer.subscription.deleted, OAuth redirect URLs still pointing at a preview subdomain after cutover, and environment variables split inconsistently between a local .env file and the Vercel dashboard. Each /fix page names the exact error string, explains the underlying cause in plain prose, gives the copy-paste code-level fix, and ships with a regression test so the same break does not reappear on the next deploy.
- 43
- Errors indexed
- 48h
- Triage turnaround
- $299
- Fixed-price single fix
- 100%
- Root-cause fix
+ regression test
§ 01/how the index works
What the AI app error fix index covers
The errors on this page are not random bugs — they are the predictable failure modes of AI-generated code once it hits real traffic, real payments, or a real production environment. Lovable and Bolt scaffold Stripe in test mode and skip webhook signature verification. Cursor regenerates nearby files and breaks shared utilities. Claude Code and v0 wire Supabase clients with the anon key where the service role is required. Each fix page is a root-cause walkthrough of one of those patterns: the exact error string, the commit shape that produced it, the fix, and the regression test.
Start with the category that matches your symptom. If the failure is touching money, read the Payments group — Stripe test-mode lingering in production and webhook signature mismatches are the most common revenue-losing bugs we rescue. If users cannot sign in, that is the Auth group, usually an OAuth redirect URI, a Clerk matcher conflict, or a cross-domain cookie flag. White screen on deploy is the Deploy & Build group, almost always an env var or a Turbopack mismatch. Silent insert failure is the Database group, almost always Supabase RLS or a Prisma connection-pool timeout. The Runtime & Frontend, Integrations, and API & Performance groups cover the long tail — hydration, next/image, Supabase Realtime, and the 429s and function timeouts that only show up under real traffic.
§ 01.5/sub-hub category pages
Browse fixes by category
Four dedicated category hubs group the most-requested fixes. Each hub has its own write-up, FAQ, and linking pattern if you want depth on one failure domain.
§ 02/ai coding loops errors
AI Coding Loops errors in AI-built apps
Failures in the AI coding tool itself — not the app it produced. Token spirals on Cursor and Bolt, regression loops where the agent re-breaks working code on every edit, and context loss as codebases outgrow the model's window.
§ FX-42✕ FAIL
AI regression loop — agent re-breaks working code
Every fix ships a new regression. Cursor, Claude Code, Lovable, or Bolt re-edits code it should not touch. Diagnose the cause, stop the loop, and recover from git without losing the good work.
§ FX-43✕ FAIL
AI loses context on large codebases
Cursor, Claude Code, or v0 stops understanding the project. Use external memory files, file-level scoping, and session checkpoints to keep the agent grounded as the codebase grows past the model window.
§ 03/deploy & build errors
Deploy & Build errors in AI-built apps
Works-locally-breaks-in-production failures. Env var scoping, Turbopack errors, middleware mismatches, dynamic-route 404s, and white screens on deploy.
§ FX-01✕ FAIL
500 error after deploy
Vercel returns 500 on routes that worked in preview. Env var scope, runtime flag, or a missing build dependency.
§ FX-02✕ FAIL
White screen after Vercel deploy
Build passes, page loads blank. NEXT_PUBLIC_ env var undefined in the bundle or a hydration error swallowed by the production build.
§ FX-03✕ FAIL
Vercel build failed with no error
Build exits non-zero, logs show nothing. TypeScript strict, missing prerender param, or a silent package-lock mismatch.
§ FX-04✕ FAIL
App works locally, not in production
Localhost perfect, production broken. Case-sensitive imports, missing env vars, or an edge runtime directive the AI tool added silently.
§ FX-21✕ FAIL
Turbopack build error in Next.js 16
Turbopack explodes on a loader or import the webpack build accepted. Pinpoint the unsupported plugin or fall back to --turbo=false while you port.
§ FX-22✕ FAIL
Build succeeds locally but fails on Vercel
Green on your Mac, red on Vercel. Case-sensitive filesystem, a missing peer dep, or Node version drift between dev and build.
§ FX-23✕ FAIL
Next.js middleware not running in production
Auth redirects fire locally, vanish in production. Matcher misconfiguration, wrong file location, or an edge-runtime import that silently fails.
§ FX-24✕ FAIL
404 on dynamic route after deploy
/users/[id] works in dev, 404s in production. Missing generateStaticParams, wrong dynamicParams flag, or a prerender that excluded the slug.
§ 04/auth errors
Auth errors in AI-built apps
Sign-in flows that break under real users. OAuth redirect URIs, cookie Secure/SameSite flags, Clerk redirect loops, NextAuth session drift, cross-domain cookies.
§ FX-07✕ FAIL
OAuth callback URL not working in production
Google or Supabase rejects the callback. Authorized redirect URI still points at localhost or a preview URL.
§ FX-08✕ FAIL
Google OAuth redirect_uri_mismatch
Error 400: redirect_uri_mismatch. Paste the exact production URL into Authorized redirect URIs — scheme, host, path must match.
§ FX-09✕ FAIL
Signup button does nothing
Click, no request, no error. Swallowed Supabase error, missing NEXT_PUBLIC_ env var, or RLS blocking the profile insert.
§ FX-10✕ FAIL
Users can't log in after deploy
Session cookies missing, JWT secret drift, or Supabase Site URL still set to localhost.
§ FX-11✕ FAIL
Password reset email not sending
Supabase default SMTP is rate-limited. Wire Resend, configure SPF/DKIM/DMARC, and stop losing signups.
§ FX-12✕ FAIL
Session expires immediately after login
SameSite=Strict on OAuth, Secure flag over HTTP, or JWT exp in milliseconds instead of seconds.
§ FX-25✕ FAIL
Clerk infinite redirect loop
Every page bounces between /sign-in and the protected route. Middleware matcher conflict, publicRoutes gap, or cookies dropped on a subdomain.
§ FX-26✕ FAIL
NextAuth session undefined in production
useSession returns null for logged-in users. Missing NEXTAUTH_URL, trust-host flag off, or the session cookie blocked by cookie domain mismatch.
§ FX-27✕ FAIL
Cookies not set cross-domain in production
Login sets the cookie, next request drops it. SameSite=Lax on a cross-site POST, missing Secure flag, or a third-party cookie blocked by the browser.
§ 05/payments errors
Payments errors in AI-built apps
Stripe wires AI builders scaffold and leave broken. Webhook signature failures, test-mode drift in production, expired Checkout sessions, missing signing secrets.
§ FX-13✕ FAIL
Stripe webhook not firing
No delivery or red failed badge. Wrong endpoint URL, missing signing secret, or JSON parse before signature verify.
§ FX-14✕ FAIL
Stripe stuck in test mode in production
pk_test_ in the bundle, no live webhook, hardcoded price_test IDs. Swap every env var and redeploy live.
§ FX-28✕ FAIL
Stripe Checkout session expired
Users hit a dead Checkout URL. Session TTL expired between create and redirect, or the session_id was reused after a cancelled flow.
§ FX-29✕ FAIL
Webhook signature verification failed
Stripe (or Clerk, Svix, Shopify) rejects the event. Raw body was parsed as JSON, the wrong signing secret is loaded, or a proxy rewrote the payload.
§ 06/database errors
Database errors in AI-built apps
Supabase RLS, silent insert failures, N+1 query patterns, Prisma connection-pool timeouts, and failed production migrations.
§ FX-17✕ FAIL
Supabase RLS blocking insert
42501 permission denied or silent PGRST116. Write a WITH CHECK policy matching auth.uid() to the ownership column.
§ FX-18✕ FAIL
Database saves with no error and no row
Supabase insert returns 200, row never appears. RLS with no INSERT policy, chained .select() filter, or wrong client key.
§ FX-19✕ FAIL
N+1 query slow page load
101 queries instead of 2. Fix with Prisma include, Supabase nested select, or Dataloader. TTFB 1.4s to 60ms.
§ FX-30✕ FAIL
Prisma connection pool timeout
P2024: Timed out fetching a new connection. Serverless opens one pool per lambda. Move to pgBouncer or Accelerate, bound connection_limit.
§ FX-31✕ FAIL
Prisma migration failed in production
prisma migrate deploy errors on a column that already exists. Drift between shadow DB and production, or a half-applied migration left the _prisma_migrations table inconsistent.
§ 07/runtime & frontend errors
Runtime & Frontend errors in AI-built apps
UI and runtime fixes that ship most often during rescue. Hydration errors, CORS, Tailwind not applying, next/image failures, App Router stuck loading, Strict Mode double renders.
§ FX-05✕ FAIL
env variables not loading Vercel
process.env.X is undefined after deploy. Missing NEXT_PUBLIC_ prefix, wrong environment scope, or a stale cached build.
§ FX-06✕ FAIL
Next.js hydration error in production
Text content did not match. SSR mismatch from Date.now, window access, or a localStorage read on first paint.
§ FX-15✕ FAIL
CORS error in production only
Access-Control-Allow-Origin missing on live domain. Add the origin to Supabase/Clerk allow-list or return it from Next.js middleware.
§ FX-16✕ FAIL
Form submit does nothing
Click, no network request. Missing event.preventDefault, wrong button type, or a swallowed API error.
§ FX-32✕ FAIL
Tailwind CSS not working in production
Styles render in dev, strip out of the production bundle. JIT content globs miss the file, PurgeCSS over-aggressive, or the class is constructed at runtime.
§ FX-33✕ FAIL
Next.js Image not loading in production
next/image returns 400 or a broken icon. Missing domains/remotePatterns entry, oversized width/height pair, or a loader that needs an env-var base URL.
§ FX-34✕ FAIL
API route returns 405 Method Not Allowed
POST to /api/foo returns 405. App Router requires a named export (GET/POST), the method is missing, or the route file is in the wrong segment.
§ FX-35✕ FAIL
React Strict Mode double render
useEffect fires twice, API calls duplicate in dev. Expected in Strict Mode — add an AbortController, idempotency key, or gate effects with a ref.
§ FX-36✕ FAIL
Next.js App Router stuck loading
loading.tsx never resolves. A Suspense boundary waiting on a promise that never settles, a fetch without a timeout, or a server action blocked by an edge-runtime import.
§ 08/integrations errors
Integrations errors in AI-built apps
Third-party service wires that silently break at the edge. Supabase Realtime subscriptions dropping events and Supabase Storage 403s on signed uploads.
§ FX-37✕ FAIL
Supabase Realtime not receiving events
Subscription silently drops INSERT/UPDATE. Replication not enabled on the table, wrong channel filter, or RLS blocking the row from the anon key.
§ FX-38✕ FAIL
Supabase Storage upload 403 error
Uploads fail with 403 StorageApiError. Missing bucket policy, RLS on storage.objects, or a signed URL that expired before the client used it.
§ 09/api & performance errors
API & Performance errors in AI-built apps
API routes and platform limits that tip over under real traffic. 429 rate limits from upstream APIs, Vercel function timeouts, and app crashes under concurrent load.
§ FX-20✕ FAIL
App crashes under load
30-50 concurrent users tips over. Prisma P1001 or FATAL too many clients. Switch to pooled DATABASE_URL, bound connection_limit.
§ FX-39✕ FAIL
OpenAI API rate limit 429 error
OpenAI (or Anthropic, Gemini) returns 429 in spikes. Respect retry-after, add exponential backoff with jitter, and queue non-interactive calls.
§ FX-40✕ FAIL
Vercel function timeout error
FUNCTION_INVOCATION_TIMEOUT at 10s (hobby) or 60s (pro). Stream the response, move long work to a queue, or bump maxDuration with route segment config.
§ 06/engagement notes
When to read the fix index vs book the error rescue
Each fix page is written so a technical founder or a developer can read the root-cause walkthrough and ship the patch without hiring anyone. Most resolve in 30–90 minutes once the root cause is clear. If you are comfortable reading a diff, running a regression test, and pushing to production, the fix index is usually enough on its own. Every page links to the relevant expert and stack hub if you want to go deeper.
If the failure is revenue-losing, data-leaking, or showing up in front of investors in the next 48 hours, book a rescue. The Emergency Triage service is exactly that window — one bug, 48 hours, $299 fixed price, refund if we miss. For multi-error regression sprints see Break the Fix Loop. For stack-wide coverage read the Supabase fix hub, the Stripe integration fix hub, and the Vercel deploy fix hub.
Next step
Stuck on an error not in the fix index?
Book the free 48-hour diagnostic. We return a written rescue-vs-rewrite recommendation and a scoped, fixed-price proposal. No sales calls required.