Skip to main content
Skip to content
Template Empire

Standards

Built to ship,
not to demo.

Every release passes a 16-gate audit (UI kits) or 17-gate audit (full-stack templates). No shortcuts, no TODO comments, no "fix this later". The full audit report ships in your download.

Applies to all Empire UI kits and full-stack templates. Templates run additional backend, security, and compliance checks.

16 / 17Quality gates (kit / template)
0TypeScript errors
0ESLint warnings
90+Audited Lighthouse averages

The bar, by product

  • CheckpointsUI Kits195Templates358
  • Quality GatesUI Kits16Templates17
  • Pipeline PhasesUI Kits8Templates8
  • Review SpecialistsUI Kits9Templates15
  • Lighthouse 4-MatrixUI KitsTemplates
  • Backend ComplianceUI KitsTemplates
  • DockerUI KitsTemplates
  • Buyer SimulationUI KitsInstall + runTemplatesInstall + seed + login + run

Quality Pillars

Security First

OWASP Top 10 mitigated. JWT refresh rotation, RBAC, rate limiting, CORS, input validation, security headers, httpOnly cookies. All secrets via env vars — never in source.

Full Test Coverage

Unit, integration, and E2E tests included. Vitest (Next.js), pytest (Django), RSpec (Rails). CI pipeline: lint → typecheck → test → build → audit.

Production DockerTemplates only

Multi-stage Dockerfiles, Docker Compose with health checks. PostgreSQL + SQLite dual database. Deploy anywhere — Vercel, Railway, Render, AWS.

Accessibility

WCAG 2.2 AA compliant. Semantic HTML, keyboard navigation, screen reader tested, prefers-reduced-motion respected on all animations.

Performance

Audited Lighthouse averages from stock production builds. The matrix covers desktop dark, desktop light, mobile dark, and mobile light runs across included pages.

Compliance Scaffold

GDPR/CCPA/GPC built in. Legal pages (/privacy, /terms, /cookie-policy, /accessibility, /dmca, /do-not-sell), cookie consent, DSAR endpoint, account-deletion soft-delete, audit_log table, Stripe webhook signatures, password hashing, and per-user RLS — all tiers.

8-Phase Release Process

Every release — UI kit or full-stack template — goes through an eight-phase pipeline. Issues found at any stage send it back. Nothing ships until zero P0s, zero P1s, and the Buyer Simulation Test passes.

  1. 0Pre-Build

    Read docs, load pitfalls, confirm scope

  2. 1Build

    Implement features, pitfall-check after each section

  3. 2Verify

    Typecheck, lint, test, build, audit, dev server — ALL must pass

  4. 3Review

    Internal checklist + LLM review panel — Claude specialists in parallel + Codex + Gemini cross-review

  5. 4Triage

    Categorise issues P0–P3, update pitfall patterns

  6. 5Fix

    Fix base template first, then propagate. Re-run all gates

  7. 6Re-Review

    Issues found? Back to Phase 4. Zero issues? Phase 7

  8. 7Final Gate

    Buyer Simulation Test, packaging checklist, quality gate report, post-release verify on the published ZIP

Review panel composition & checklist detail

Full-stack templatesrun a 13-specialist Claude panel: 8 code-band (Buyer First-Run · Auth & Session Security · Billing & Payment Safety · Database & Migration Safety · API Contracts & Validation · OWASP Top 10 · Code Quality & Maintainability · Demo Content, Docs & Legal Safety) + 5 spec-band (Spec Conformance · Design System & §14 Family Layout · Family Differentiation · Feature Count Audit · Marketing Claims Consistency) — driving a 358-item QG inventory across 11 sections, plus a manual 17-Gate sign-off before tagging.

UI kitsrun a tighter 7-specialist Claude panel (Buyer First-Run · Accessibility WCAG 2.2 AA · Design System & Token Consistency · Demo Content & Legal Safety · Code Quality & Maintainability · Animation & Motion · Marketing Claims Consistency) covering a 195-item QG inventory across 9 sections, plus a manual 17-Gate sign-off.

Both panels add OpenAI Codex GPT-5.4 and Google Gemini 3.1 Pro running in parallel — bringing the total reviewer count to 9 for UI kits and 15 for templates. A finding raised by ≥2 reviewers (Claude / Codex / Gemini) is marked HIGH-CONFIDENCE — at P0 and P1 severity that means auto-block; P2 (should-fix, defer) and P3 (polish) findings stay advisory even when multi-source confirmed.

What Ships in Your Download

Complete Source Code

Full source. No obfuscation, no hidden dependencies. You own every file.

Quality Gate Audit Report

16-gate (kits) or 17-gate (templates) audit with Lighthouse scores, OWASP findings, and issue triage — shipped as PDF in your download.

Commercial Licence

Unlimited end users, deploy anywhere, use for client work. No royalties, no recurring fees.

Lifetime Updates + Support

Every update free forever. Email support that doesn’t expire. Buy once, benefit always.

Compliance ScaffoldingTemplates only

Server-side compliance plumbing — DSAR endpoint, audit log table, webhook signature verification, per-user RLS. UI kits ship the legal pages (privacy, terms, cookie consent) but the backend hooks are template-only.

Documentation

README, INSTALLATION, CUSTOMIZATION guides. Get running in under 10 minutes.

Docker ReadyTemplates only

Dockerfile + docker-compose.yml. Health checks, env management, production-optimised.

Performance Transparency

Lighthouse scores are audited snapshots, not deployment guarantees.

Product score badges show category averages from a stock production build at the time of audit. Each product is tested with a four-run matrix: desktop light, desktop dark, mobile light, and mobile dark. The published score for each category is an average across included pages and those matrix runs.

Real-world results can change after purchase. Hosting, analytics, third-party scripts, large media, custom content, application data, and buyer modifications can all affect Lighthouse and Core Web Vitals. The stock build is designed to start from a strong baseline, but modified deployments should be re-tested before launch.

Where a product includes a quality report, that report is the evidence source for the displayed scores. It should include the audit date, source commit or release version, tested routes, commands used, and links or paths to the Lighthouse summaries.

Audit matrix

  • Production build, not local dev mode
  • Desktop light theme
  • Desktop dark theme
  • Mobile light theme
  • Mobile dark theme
  • All included public pages or documented representative routes
  • Scores stored with audit date and report path

Code Quality Guarantees

  • TypeScript strict mode — zero type errors, zero any
  • ESLint strict — zero warnings, zero errors
  • Functions < 50 lines, files < 400 lines (UI) / 600 lines (full-stack)
  • Conventional commits (feat, fix, chore)
  • Parameterised queries only — no SQL injection riskTemplates only
  • httpOnly cookies for auth — never localStorageTemplates only
  • No console.log, no commented-out code, no dead code
  • No vendor lock-in — eject anytime
  • 800+ known pitfall patterns checked before every build
  • Dual database — SQLite for dev/demo, PostgreSQL for productionTemplates only

The Buyer Simulation Test

Before any release ships — UI kit or full-stack template — we simulate exactly what you'll do. Extract the ZIP. Read the README. Follow the install guide step-by-step. Kits: install and run. Templates also: cp .env.example .env with zero manual edits, then install · seed · login · run. If anything fails, it doesn't ship. This single test caught 6 critical issues that automated review couldn't find.

Browse the catalogue

Every release candidate is checked against these standards, with visible evidence instead of vague promises.

Explore catalogue