@bleedingdev/modern-js-create 3.2.0-ultramodern.119 → 3.2.0-ultramodern.120

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/README.md +50 -11
  2. package/dist/cjs/ultramodern-workspace.cjs +1651 -476
  3. package/dist/esm/ultramodern-workspace.js +1651 -476
  4. package/dist/esm-node/ultramodern-workspace.js +1651 -476
  5. package/package.json +7 -7
  6. package/template-workspace/AGENTS.md +5 -3
  7. package/template-workspace/README.md.handlebars +45 -9
package/package.json CHANGED
@@ -21,7 +21,7 @@
21
21
  "engines": {
22
22
  "node": ">=20"
23
23
  },
24
- "version": "3.2.0-ultramodern.119",
24
+ "version": "3.2.0-ultramodern.120",
25
25
  "types": "./dist/types/index.d.ts",
26
26
  "main": "./dist/esm-node/index.js",
27
27
  "bin": {
@@ -51,13 +51,13 @@
51
51
  "bin"
52
52
  ],
53
53
  "dependencies": {
54
- "@modern-js/i18n-utils": "npm:@bleedingdev/modern-js-i18n-utils@3.2.0-ultramodern.119"
54
+ "@modern-js/i18n-utils": "npm:@bleedingdev/modern-js-i18n-utils@3.2.0-ultramodern.120"
55
55
  },
56
56
  "devDependencies": {
57
- "@rslib/core": "0.21.5",
58
- "@types/node": "^25.9.1",
59
- "@typescript/native-preview": "7.0.0-dev.20260606.1",
60
- "tsx": "^4.22.3",
57
+ "@rslib/core": "0.22.0",
58
+ "@types/node": "^25.9.3",
59
+ "@typescript/native-preview": "7.0.0-dev.20260610.1",
60
+ "tsx": "^4.22.4",
61
61
  "@scripts/rstest-config": "2.66.0"
62
62
  },
63
63
  "publishConfig": {
@@ -72,6 +72,6 @@
72
72
  "test": "rm -rf dist && rslib build -c rslibconfig.mts && rstest --passWithNoTests"
73
73
  },
74
74
  "ultramodern": {
75
- "frameworkVersion": "3.2.0-ultramodern.119"
75
+ "frameworkVersion": "3.2.0-ultramodern.120"
76
76
  }
77
77
  }
package/template-workspace/AGENTS.md CHANGED
@@ -24,9 +24,11 @@ static language links, and canonical plus `hreflang` metadata. A new workspace
24
24
  starts shell-only; `create <domain> --vertical` adds route-owned metadata,
25
25
  localized resources, and Effect BFF surfaces for that domain. Runtime i18n is
26
26
  not enabled in the starter because the current React 19 + Module Federation
27
- streaming SSR stack must render predictably first. Production builds fail unless
28
- `MODERN_PUBLIC_SITE_URL` is set per deployed app, so canonical URLs always use
29
- the production origin.
27
+ streaming SSR stack must render predictably first. Canonical and hreflang URLs
28
+ use `MODERN_PUBLIC_SITE_URL` (falling back to per-app `ULTRAMODERN_PUBLIC_URL_<APP_ID>`),
29
+ while asset URLs prefer the per-app `ULTRAMODERN_PUBLIC_URL_<APP_ID>`. Without
30
+ any configured public URL, builds emit origin-relative asset paths so pages work
31
+ behind tunnels and reverse proxies.
30
32
 
31
33
  ## Required Skill Baseline
32
34
 
package/template-workspace/README.md.handlebars CHANGED
@@ -25,12 +25,23 @@ handlers and Effect client/contract modules stay out of browser exposes.
25
25
 
26
26
  ## Private-First Public Surfaces
27
27
 
28
- Generated app routes are private and non-indexable by default. Private app,
29
- auth, tenant, dashboard, and internal routes publish no discovery output unless
30
- route metadata explicitly marks them `public && indexable`. The default scaffold
31
- therefore emits only a disallowing `robots.txt`; sitemap, web manifest,
32
- `llms.txt`, API catalog, security.txt, and JSON-LD output stay omitted until a
33
- safe public route or public docs/help/product surface exists.
28
+ Generated app routes are private and non-indexable by default. Author route
29
+ metadata in colocated `src/routes/**/route.meta.ts` files; the scaffold
30
+ regenerates `src/routes/ultramodern-route-metadata.ts` as a compatibility
31
+ manifest for config, i18n, public head, and public surface contracts. Private
32
+ app, auth, tenant, dashboard, and internal routes publish no discovery output
33
+ unless route metadata explicitly marks them `public && indexable`. The default
34
+ scaffold therefore emits only a disallowing `robots.txt`; sitemap, web
35
+ manifest, `llms.txt`, API catalog, security.txt, and JSON-LD output stay
36
+ omitted until a safe public route or public docs/help/product surface exists.
37
+
38
+ Public web artifacts are build/deploy outputs generated into `dist/public` and
39
+ `.output/public`, not hand-authored source files under `config/public`. Dynamic
40
+ public routes can expand sitemap entries through route-owned, Node-safe
41
+ `route.sitemap.mjs` providers beside route metadata. The public-surface
42
+ generator discovers those providers for dynamic public routes and still honors
43
+ explicit `routes.publicSurface.contentSources` entries in the generated
44
+ compatibility manifest.
34
45
 
35
46
  Run the scaffold validator before adding business code and after every
36
47
  `--vertical` mutation:
@@ -72,12 +83,37 @@ development. To create a workspace that can install those packages outside the
72
83
  monorepo, generate with `--ultramodern-package-source install`; generated shared
73
84
  packages still use `workspace:*` because they are part of this workspace.
74
85
 
86
+ ## Public URL Environment Variables
87
+
88
+ This workspace's apps no longer bake absolute `http://localhost:<port>` URLs
89
+ into asset configuration. Two environment variables now have distinct roles in
90
+ controlling where assets are served from and where SEO output links point.
91
+
92
+ | Variable | Role | Feeds |
93
+ | --- | --- | --- |
94
+ | `ULTRAMODERN_PUBLIC_URL_<APP_ID>` | Per-app deployment and asset origin | `output.assetPrefix`, Module Federation remote URLs |
95
+ | `MODERN_PUBLIC_SITE_URL` | Site-wide public origin for SEO output | Canonical, hreflang, sitemap `<loc>`, robots `Sitemap:` |
96
+
97
+ Asset URLs use this precedence: `ULTRAMODERN_PUBLIC_URL_<APP_ID>` →
98
+ `MODERN_PUBLIC_SITE_URL` → inferred workers.dev URL → origin-relative `/`.
99
+ SEO and site origin prefer: `MODERN_PUBLIC_SITE_URL` →
100
+ `ULTRAMODERN_PUBLIC_URL_<APP_ID>` → inferred workers.dev → `http://localhost:<port>`.
101
+
102
+ Without public URLs configured, asset paths are origin-relative (`/`), and the
103
+ dev server uses `dev.assetPrefix: '/'` — so apps work through tunnels and
104
+ reverse proxies (ngrok, cloudflared) without triggering Chrome's Local Network
105
+ Access prompt or mixed-content errors. Shell-only workspaces can set just
106
+ `MODERN_PUBLIC_SITE_URL` for SEO output.
107
+
75
108
  ## Cloudflare Proof
76
109
 
77
110
  Deploy the generated apps, then pass each deployed app's generated public URL
78
- env key into the proof step. A shell-only workspace only needs the shell URL;
79
- added verticals use the same `ULTRAMODERN_PUBLIC_URL_<APP_ID>` pattern with
80
- hyphens converted to underscores and uppercased.
111
+ env key into the proof step. The proof script reads the generated contract and
112
+ checks the live Worker surface, including public-route sitemap/robots
113
+ consistency, preview noindex behavior, unknown-route status, asset headers,
114
+ byte budgets, and public sourcemap exposure. A shell-only workspace only needs
115
+ the shell URL; added verticals use the same `ULTRAMODERN_PUBLIC_URL_<APP_ID>`
116
+ pattern with hyphens converted to underscores and uppercased.
81
117
 
82
118
  ```bash
83
119
  pnpm cloudflare:deploy