studio-engine 0.5.0 → 0.5.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '01761814c3988b2d5748c44b65122bb83678455e1ae1ee7f5daa1b949c1c0d65'
-  data.tar.gz: 42a25a49ff120d404827d22298440f1c0cb0b981c8a7c549aaf15e218fa666a8
+  metadata.gz: f351e5f2cf75e05dfc8befdd34cb525310ab4c4415bb084d15c57a1e3713b782
+  data.tar.gz: f84aad6087299527b4cdb330e644ee707f695b6a70597c753039c8b7af81ee93
 SHA512:
-  metadata.gz: 44831601ac48a7dfcfb68dcf0173e7c10aa5be021935fed8c609a44aca3736393b4e556dbcf45ae9a1c4bb4691682caaedb21c7e5316859c720e164189a886da
-  data.tar.gz: 3bbc9bcf51bc62253d7e034f64f6e26e80222e8ae5cdaeef148efcd0e99967ddabcaaf002a80a29ac941f9e04185621c74a1969a3822071db68f70e0a1970cb2
+  metadata.gz: fc184764831f825771d76f9cc93ae51f0103823c571ad886431beeffeb1ba55c15907004dc1796d6901fdafc560571c02cbde8fdd02141f2629c5cd60071f5a0
+  data.tar.gz: 20a76451338e9aea84191a1c5f3efb995c46514117e18e80d014bda75524ff50e6288abb88da26b84ce463fd296f601e63580de9bfb729458c31cfaf54fa96dc

data/CHANGELOG.md

@@ -1,6 +1,32 @@
 # Changelog
 
-The format is [Keep a Changelog](https://keepachangelog.com/en/1.1.0/). This project follows [Semantic Versioning](https://semver.org/spec/v2.0.0.html) — `MAJOR.MINOR.PATCH`. Both consumer Rails apps pin to a tag in their `Gemfile`; bumping the tag is a release.
+The format is [Keep a Changelog](https://keepachangelog.com/en/1.1.0/). This project follows [Semantic Versioning](https://semver.org/spec/v2.0.0.html) — `MAJOR.MINOR.PATCH`. Consumer Rails apps install the released RubyGems package with `gem "studio-engine", "~> 0.5"`; bumping the gem version and updating consumer lockfiles is a release.
+
+## Unreleased
+
+No entries yet.
+
+## v0.5.2 (2026-06-13)
+
+### Added
+- **`Studio::MailTransport`** — shared ActionMailer transport selection for SES SMTP primary and Resend rollback.
+- **`ses:check` / `ses:verify_domain`** — shared Rake tasks for SES credential and domain verification checks.
+- **`bin/release-check`** — local preflight for Ruby syntax, engine unit tests, and optional gem packaging.
+
+### Changed
+- Engine release docs now describe the RubyGems flow and consumer lockfile adoption instead of the legacy git tag pinning flow.
+- Runtime dependency ranges are now bounded for cleaner RubyGems releases while preserving the current Rails 7 / Solid Queue 1.x app stack.
+- `resend` is declared as an engine runtime dependency so consumer apps can drop direct rollback dependencies after they bundle the release that includes `Studio::MailTransport`.
+
+## v0.5.1 (2026-06-02)
+
+Smooths the turf-monster adoption of the v0.5.0 auth core (turf already ships its own battle-tested auth routes).
+
+### Added
+- **`Studio.draw_auth_routes`** (default `true`) — gates the `magic_link` + `solana` route block in `Studio.routes`. An app that already defines those routes (turf-monster) sets it `false` to keep its own routes and avoid a duplicate route-NAME boot crash.
+
+### Changed
+- **`MagicLink`** re-exposes `TOKEN_KEY` + `TTL` constants (equal to the config defaults) for back-compat with consumer code/tests that reference them; behavior is still driven by `Studio.magic_link_token_name` / `Studio.magic_link_ttl`.
 
 ## v0.5.0 (2026-06-02)
 

data/README.md

@@ -1,6 +1,6 @@
 # Studio Engine
 
-Shared Rails engine for McRitchie apps. Provides authentication, error handling, dynamic theming, and common concerns used by [McRitchie Studio](https://app.mcritchie.studio) and [Turf Monster](https://turf.mcritchie.studio).
+Shared Rails engine for McRitchie apps. Provides authentication, error handling, dynamic theming, and common concerns used by [McRitchie Studio](https://app.mcritchie.studio) and [Turf Monster](https://app.turfmonster.media).
 
 > **Part of the McRitchie ecosystem** — see [`ECOSYSTEM.md`](https://github.com/amcritchie/mcritchie-studio/blob/main/docs/ECOSYSTEM.md) for the 5-repo map; [`house-burn-down.md`](https://github.com/amcritchie/mcritchie-studio/blob/main/docs/agents/system/house-burn-down.md) for fresh-Mac recovery.
 
@@ -8,16 +8,16 @@ Shared Rails engine for McRitchie apps. Provides authentication, error handling,
 
 ```ruby
 # Gemfile — install from RubyGems (recommended)
-gem "studio-engine", "~> 0.4.0"
+gem "studio-engine", "~> 0.5"
 ```
 
-Then `bundle install`. The current release is **v0.4.10**; see [`CHANGELOG.md`](./CHANGELOG.md) for the history.
+Then `bundle install`. The current release is **v0.5.2**; see [`CHANGELOG.md`](./CHANGELOG.md) for the history.
 
-> Published to RubyGems as of v0.4.0 (2026-05-17). Earlier consumers used a `git:` ref pinned to a tag; that pattern is preserved here for reference but new installs should use the RubyGems form, which the consumer Rails apps (`mcritchie-studio`, `turf-monster`, `tax-studio`) already use.
+> Published to RubyGems as of v0.4.0 (2026-05-17). New installs should use the RubyGems form, which the consumer Rails apps (`mcritchie-studio`, `turf-monster`) already use.
 
 ## What It Provides
 
-- **Authentication**: Session-based login/signup controllers and views, Google OAuth via OmniAuth, one-way SSO (hub to satellite)
+- **Authentication**: Passwordless magic-link auth, optional password auth, Google OAuth via OmniAuth, Solana wallet sign-in, and optional one-way SSO patterns
 - **Error handling**: `Studio::ErrorHandling` concern with `rescue_and_log`, `ErrorLog` model with `capture!`, error log viewer at `/error_logs`
 - **Theme system**: Dynamic CSS custom properties generated from 7 role colors (primary, dark, light, success, accent, warning, danger). Dark/light mode toggle. Admin theme editor at `/admin/theme`.
 - **Sluggable concern**: `before_save :set_slug` with `to_param` for human-readable URLs
@@ -31,14 +31,26 @@ Each consuming app configures the engine in `config/initializers/studio.rb`:
 Studio.configure do |config|
   config.app_name = "My App"
   config.session_key = :my_app_user_id
-  config.sso_logo = "/logo.svg"
   config.welcome_message = ->(user) { "Welcome, #{user.display_name}!" }
-  config.registration_params = [:name, :email, :password, :password_confirmation]
+  config.auth_methods = %i[magic_link google]
+  config.registration_params = [:name, :email]
+  config.magic_link_token_name = "magic_link_my_app_v1"
+  config.mailer_from = ENV.fetch("MAILER_FROM", "noreply@example.com")
   config.theme_primary = "#4BAF50"   # Override default violet
   config.theme_logos = ["logo.svg"]
 end
 ```
 
+Transactional mail transport is shared through `Studio::MailTransport`:
+
+```ruby
+# config/initializers/studio_mail_transport.rb
+Studio::MailTransport.configure!
+```
+
+It selects SES SMTP when `MAIL_TRANSPORT=ses` and SES SMTP credentials are
+present, otherwise falls back to Resend when `RESEND_API_KEY` is present.
+
 ## Routes
 
 In the consuming app's `config/routes.rb`:
@@ -50,7 +62,7 @@ Rails.application.routes.draw do
 end
 ```
 
-This draws: `/login`, `/signup`, `/logout`, `/sso_continue`, `/sso_login`, `/auth/:provider/callback`, `/auth/failure`, `/error_logs`, `/admin/theme` (GET, PATCH), `/admin/theme/regenerate`.
+This draws the enabled auth routes (`/login`, `/signup`, `/logout`, magic-link routes, Solana routes), OAuth callbacks, optional SSO routes, `/error_logs`, and `/admin/theme`.
 
 ## Overriding Views
 
@@ -58,19 +70,20 @@ This is a non-isolated engine -- app views at the same path automatically overri
 
 ## Releasing
 
-Engine releases are git tags (semver: `MAJOR.MINOR.PATCH`). Both consumer apps pin to a tag in their Gemfile — bumping the tag is the release.
+Engine releases use semantic versions and are published to RubyGems. The full
+operator checklist lives in [`docs/RELEASE.md`](./docs/RELEASE.md).
+
+Short form:
 
-1. Make + commit changes on `main`.
-2. Update [`CHANGELOG.md`](./CHANGELOG.md) with the new version + a `### Added` / `### Changed` / `### Removed` summary. Keep entries terse.
-3. Bump `lib/studio/version.rb` to match.
-4. Commit the version bump + CHANGELOG together (`v0.X.Y: <summary>`).
-5. Tag: `git tag -a v0.X.Y -m "<one-line summary>"`.
-6. Push: `git push origin main --tags`.
-7. In each consumer app's Gemfile, update the `tag:` field. Commit + push.
-8. On consumer prod: `bundle install` runs as part of the deploy buildpack.
+1. Update [`CHANGELOG.md`](./CHANGELOG.md) and `lib/studio/version.rb`.
+2. Run `bin/release-check --build`.
+3. Publish the gem only after explicit approval.
+4. Tag the release after RubyGems accepts the gem.
+5. In each consumer app, run `bundle update studio-engine`, verify the lockfile,
+   and run app smoke checks.
 
 **Semver guide**
-- **PATCH**: bug fix; no API change. Consumers can bump tag with zero diff elsewhere.
+- **PATCH**: bug fix; no API change. Consumers can update the gem with zero diff elsewhere.
 - **MINOR**: backward-compatible feature add. Consumers may opt in to new APIs.
 - **MAJOR**: breaking change. Consumers will need code changes alongside the tag bump.
 
@@ -83,11 +96,11 @@ When iterating on engine code from a consumer app, point bundler at the local pa
 bundle config set --local local.studio /Users/alex/projects/studio-engine
 bundle install
 # ... iterate in both repos ...
-bundle config unset --local local.studio  # restore tag-pinned resolution
+bundle config unset --local local.studio  # restore RubyGems resolution
 ```
 
-Note: `bundle config local.studio` requires `branch:` in the Gemfile entry. If you frequently develop locally, change the Gemfile to `gem "studio-engine", git: "...", branch: "main"` during dev and back to `tag:` before merging.
+For short local experiments, temporarily point a consumer Gemfile at `path: "../studio-engine"` and restore the RubyGems dependency before merging.
 
 ## Development Notes
 
-See [CLAUDE.md](./CLAUDE.md) for detailed development context including the theme architecture, SSO protocol, color scale system, and code conventions.
+See [CLAUDE.md](./CLAUDE.md) only as legacy migration context while neutral agent docs are being extracted. Current cross-repo setup, ports, credentials, and workflow guidance live in McRitchie Studio's [`docs/agents/`](https://github.com/amcritchie/mcritchie-studio/tree/main/docs/agents).

data/app/services/magic_link.rb

@@ -21,6 +21,13 @@
 #
 # Lifted into studio-engine (was turf-monster app/services/magic_link.rb).
 class MagicLink
+  # Back-compat defaults. Behavior is driven by the `token_name` / `ttl` methods
+  # (which read Studio config); these constants remain so existing consumer code
+  # /tests referencing MagicLink::TTL keep working, and they equal the config
+  # defaults.
+  TOKEN_KEY = "magic_link_v1"
+  TTL       = 15.minutes
+
   class InvalidToken < StandardError; end
 
   Result = Struct.new(:email, :return_to, keyword_init: true)

data/lib/studio/engine.rb

@@ -1,5 +1,9 @@
 module Studio
   class Engine < ::Rails::Engine
+    rake_tasks do
+      load File.expand_path("../tasks/studio_ses.rake", __dir__)
+    end
+
     config.after_initialize do
       # Validate the host app's User model satisfies the engine's contract.
       # See docs/USER_CONTRACT.md. Opt out with Studio.validate_user_contract = false.

data/lib/studio/mail_transport.rb

@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+module Studio
+  class MailTransport
+    Result = Struct.new(:transport, :delivery_method, :message, keyword_init: true)
+
+    class << self
+      def configure!(env: ENV,
+                     rails_env: defined?(Rails) ? Rails.env : "development",
+                     action_mailer: defined?(ActionMailer) ? ActionMailer::Base : nil,
+                     logger: defined?(Rails) ? Rails.logger : nil,
+                     mailer_from: defined?(Studio) && Studio.respond_to?(:mailer_from) ? Studio.mailer_from : nil,
+                     resend_loader: method(:load_resend!),
+                     resend_configurer: method(:configure_resend!))
+        raise ArgumentError, "action_mailer is required" unless action_mailer
+
+        if rails_env.to_s == "test"
+          return Result.new(transport: :test, delivery_method: action_mailer.delivery_method, message: "test environment skipped")
+        end
+
+        selected = env["MAIL_TRANSPORT"].to_s.downcase
+        ses_ready = selected == "ses" && present?(env["SES_SMTP_USERNAME"]) && present?(env["SES_SMTP_PASSWORD"])
+
+        if selected == "ses" && !ses_ready
+          log(logger, :warn, "[mail] MAIL_TRANSPORT=ses but SES_SMTP_USERNAME/PASSWORD missing - keeping fallback transport")
+        elsif present?(selected) && !%w[ses resend].include?(selected)
+          log(logger, :warn, "[mail] unknown MAIL_TRANSPORT=#{selected.inspect} - keeping fallback transport")
+        end
+
+        if ses_ready
+          configure_ses!(env: env, action_mailer: action_mailer)
+          region = env.fetch("SES_REGION", "us-east-2")
+          log(logger, :info, "[mail] transport=SES region=#{region} from=#{mailer_from}")
+          return Result.new(transport: :ses, delivery_method: action_mailer.delivery_method, message: "SES SMTP active")
+        end
+
+        if present?(env["RESEND_API_KEY"])
+          resend_loader.call
+          resend_configurer.call(env["RESEND_API_KEY"])
+          action_mailer.delivery_method = :resend
+          log(logger, :info, "[mail] transport=Resend from=#{mailer_from}")
+          return Result.new(transport: :resend, delivery_method: action_mailer.delivery_method, message: "Resend active")
+        end
+
+        Result.new(transport: :default, delivery_method: action_mailer.delivery_method, message: "no transactional transport configured")
+      end
+
+      def configure_ses!(env:, action_mailer:)
+        region = env.fetch("SES_REGION", "us-east-2")
+        action_mailer.delivery_method = :smtp
+        action_mailer.smtp_settings = {
+          address: env.fetch("SES_SMTP_HOST", "email-smtp.#{region}.amazonaws.com"),
+          port: env.fetch("SES_SMTP_PORT", 587).to_i,
+          user_name: env["SES_SMTP_USERNAME"],
+          password: env["SES_SMTP_PASSWORD"],
+          authentication: :login,
+          enable_starttls_auto: true
+        }
+      end
+
+      def load_resend!
+        require "resend"
+      end
+
+      def configure_resend!(api_key)
+        Resend.api_key = api_key
+      end
+
+      private
+
+      def present?(value)
+        !value.to_s.strip.empty?
+      end
+
+      def log(logger, level, message)
+        return unless logger
+
+        logger.public_send(level, message)
+      end
+    end
+  end
+end

data/lib/studio/version.rb

@@ -1,3 +1,3 @@
 module Studio
-  VERSION = "0.5.0"
+  VERSION = "0.5.2"
 end

data/lib/studio.rb

@@ -5,6 +5,7 @@ require "studio/theme_resolver"
 require "studio/username_generator"
 require "studio/s3"
 require "studio/image_cache"
+require "studio/mail_transport"
 
 module Studio
   mattr_accessor :app_name,            default: "Studio"
@@ -29,6 +30,12 @@ module Studio
   mattr_accessor :magic_link_ttl,        default: 15.minutes
   mattr_accessor :magic_link_token_name, default: "magic_link_v1"
 
+  # Whether Studio.routes draws the magic_link + solana wallet routes. An app that
+  # already defines its own auth routes (e.g. turf-monster, which has battle-tested
+  # magic_link/solana routes + extras) sets this false to avoid duplicate route
+  # NAMES at boot, keeping its own routes intact. New consumers leave it true.
+  mattr_accessor :draw_auth_routes, default: true
+
   # Default From: for engine-sent mail (magic links). Apps set this to their
   # verified Resend sending address in config/initializers/studio.rb.
   mattr_accessor :mailer_from, default: nil
@@ -154,7 +161,7 @@ module Studio
       # to request a link) + magic_link_path(token) / magic_link_url(token:)
       # (the emailed consume link). The token is a URL-safe MessageVerifier blob
       # but the constraint guards against a stray "." segment.
-      if Studio.auth_method?(:magic_link)
+      if Studio.draw_auth_routes && Studio.auth_method?(:magic_link)
         post "magic_link",        to: "magic_links#create",  as: :magic_link_request
         get  "magic_link/:token", to: "magic_links#consume", as: :magic_link,
              constraints: { token: %r{[^/]+} }
@@ -164,7 +171,7 @@ module Studio
       # The browser posts to these literal paths from the shared Connect-Wallet
       # flow; app-specific surfaces (mobile deep-link callback, account-linking,
       # OAuth popup) stay in the consuming app's routes.
-      if Studio.auth_method?(:wallet)
+      if Studio.draw_auth_routes && Studio.auth_method?(:wallet)
         get  "auth/solana/nonce",  to: "solana_sessions#nonce",  as: :solana_nonce
         post "auth/solana/verify", to: "solana_sessions#verify", as: :solana_verify
       end

data/lib/tasks/studio_ses.rake

@@ -0,0 +1,103 @@
+# frozen_string_literal: true
+
+unless Rake::Task.task_defined?("ses:check")
+  namespace :ses do
+    def studio_ses_signer(region)
+      require "aws-sigv4"
+
+      Aws::Sigv4::Signer.new(
+        service: "ses",
+        region: region,
+        access_key_id: ENV.fetch("AWS_ACCESS_KEY_ID"),
+        secret_access_key: ENV.fetch("AWS_SECRET_ACCESS_KEY")
+      )
+    rescue LoadError
+      abort "ses:* needs aws-sigv4; it is usually available through aws-sdk-s3."
+    end
+
+    def studio_ses_request(signer, region, method, path, body = nil)
+      require "net/http"
+      require "json"
+
+      url = "https://email.#{region}.amazonaws.com#{path}"
+      headers = body ? { "content-type" => "application/json" } : {}
+      sig = signer.sign_request(http_method: method, url: url, body: body, headers: headers)
+      uri = URI(url)
+      http = Net::HTTP.new(uri.host, 443)
+      http.use_ssl = true
+      req = Net::HTTP.const_get(method.capitalize).new(uri)
+      headers.each { |key, value| req[key] = value }
+      sig.headers.each { |key, value| req[key] = value }
+      req.body = body if body
+      res = http.request(req)
+      [res.code.to_i, (JSON.parse(res.body) rescue { "raw" => res.body.to_s[0, 300] })]
+    end
+
+    def studio_ses_error(body)
+      body["message"] || body["Message"] || body["raw"]
+    end
+
+    desc "Check SES account status and verified identities"
+    task check: :environment do
+      region = ENV.fetch("SES_REGION", "us-east-2")
+      signer = studio_ses_signer(region)
+      get = ->(path) { studio_ses_request(signer, region, "GET", path) }
+
+      code, account = get.call("/v2/email/account")
+      puts "GetAccount (region #{region}) -> HTTP #{code}"
+      if code == 200
+        puts "  SendingEnabled=#{account['SendingEnabled']} ProductionAccessEnabled=#{account['ProductionAccessEnabled']} Enforcement=#{account['EnforcementStatus']}"
+      else
+        puts "  ERROR: #{studio_ses_error(account)}"
+      end
+
+      code, identities = get.call("/v2/email/identities")
+      puts "ListEmailIdentities -> HTTP #{code}"
+      if code == 200
+        list = identities["EmailIdentities"] || []
+        names = list.map { |identity| "#{identity['IdentityName']}(#{identity['VerifiedForSendingStatus'] ? 'verified' : 'pending'})" }
+        puts "  identities: #{names.empty? ? '(none yet)' : names.join(', ')}"
+      else
+        puts "  ERROR: #{studio_ses_error(identities)}"
+      end
+
+      transport = ENV.fetch("MAIL_TRANSPORT", "(unset -> resend)")
+      puts "Live transport: MAIL_TRANSPORT=#{transport} delivery_method=#{ActionMailer::Base.delivery_method}"
+    end
+
+    desc "Create a SES domain identity and print DKIM CNAME records"
+    task :verify_domain, [:domain] => :environment do |_task, args|
+      abort "Usage: ses:verify_domain[domain]" if args[:domain].blank?
+
+      domain = args[:domain]
+      region = ENV.fetch("SES_REGION", "us-east-2")
+      signer = studio_ses_signer(region)
+      body = { EmailIdentity: domain }.to_json
+      code, response = studio_ses_request(signer, region, "POST", "/v2/email/identities", body)
+
+      if code == 409 || "#{response['message']}#{response['Message']}".match?(/already exists/i)
+        code, response = studio_ses_request(signer, region, "GET", "/v2/email/identities/#{domain}")
+      end
+
+      if code != 200
+        puts "#{domain}: ERROR (HTTP #{code}) #{studio_ses_error(response)}"
+        next
+      end
+
+      tokens = response.dig("DkimAttributes", "Tokens") || []
+      status = response.dig("DkimAttributes", "Status") || response["VerifiedForSendingStatus"]
+      puts "== #{domain} (region #{region}, DKIM status: #{status}) =="
+      if tokens.empty?
+        puts "  (no DKIM tokens returned)"
+      else
+        puts "  Add these 3 CNAME records to #{domain}'s DNS:"
+        tokens.each do |token|
+          puts "    NAME:  #{token}._domainkey.#{domain}"
+          puts "    TYPE:  CNAME"
+          puts "    VALUE: #{token}.dkim.amazonses.com"
+          puts ""
+        end
+      end
+    end
+  end
+end

data/studio-engine.gemspec

@@ -13,7 +13,7 @@ Gem::Specification.new do |spec|
 
   spec.metadata = {
     "homepage_uri"    => "https://github.com/amcritchie/studio-engine",
-    "source_code_uri" => "https://github.com/amcritchie/studio-engine",
+    "source_code_uri" => "https://github.com/amcritchie/studio-engine/tree/main",
     "bug_tracker_uri" => "https://github.com/amcritchie/studio-engine/issues",
     "changelog_uri"   => "https://github.com/amcritchie/studio-engine/blob/main/CHANGELOG.md"
   }
@@ -21,10 +21,11 @@ Gem::Specification.new do |spec|
   spec.files = Dir["lib/**/*", "app/**/*", "config/**/*", "tailwind/**/*", "Gemfile", "studio-engine.gemspec", "README.md", "CHANGELOG.md", "LICENSE"]
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "rails", ">= 7.0"
+  spec.add_dependency "rails", ">= 7.0", "< 8.0"
   spec.add_dependency "tailwindcss-rails", "~> 2.7"
-  spec.add_dependency "faker", ">= 2.0"
-  spec.add_dependency "solid_queue"
+  spec.add_dependency "faker", ">= 2.0", "< 4.0"
+  spec.add_dependency "solid_queue", ">= 1.0", "< 2.0"
   spec.add_dependency "aws-sdk-s3", "~> 1.218"
   spec.add_dependency "mini_magick", "~> 5.0"
+  spec.add_dependency "resend", "~> 1.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: studio-engine
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.5.2
 platform: ruby
 authors:
 - Alex McRitchie
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2026-06-02 00:00:00.000000000 Z
+date: 2026-06-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -17,6 +17,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '7.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '8.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -24,6 +27,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '7.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '8.0'
 - !ruby/object:Gem::Dependency
   name: tailwindcss-rails
   requirement: !ruby/object:Gem::Requirement
@@ -45,6 +51,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '2.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '4.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -52,20 +61,29 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '2.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: solid_queue
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: aws-sdk-s3
   requirement: !ruby/object:Gem::Requirement
@@ -94,6 +112,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: resend
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
 description: Studio Engine is a non-isolated Rails engine that ships an opinionated
   authentication + SSO contract, a polymorphic ErrorLog model, a Sluggable concern,
   a 7-role dynamic theme system with CSS-custom-property generation, and an S3-backed
@@ -172,10 +204,12 @@ files:
 - lib/studio/color_scale.rb
 - lib/studio/engine.rb
 - lib/studio/image_cache.rb
+- lib/studio/mail_transport.rb
 - lib/studio/s3.rb
 - lib/studio/theme_resolver.rb
 - lib/studio/username_generator.rb
 - lib/studio/version.rb
+- lib/tasks/studio_ses.rake
 - studio-engine.gemspec
 - tailwind/studio.tailwind.config.js
 homepage: https://github.com/amcritchie/studio-engine
@@ -183,7 +217,7 @@ licenses:
 - MIT
 metadata:
   homepage_uri: https://github.com/amcritchie/studio-engine
-  source_code_uri: https://github.com/amcritchie/studio-engine
+  source_code_uri: https://github.com/amcritchie/studio-engine/tree/main
   bug_tracker_uri: https://github.com/amcritchie/studio-engine/issues
   changelog_uri: https://github.com/amcritchie/studio-engine/blob/main/CHANGELOG.md
 post_install_message: