@factiii/stack 0.1.200 → 0.1.203

package/dist/scanfix/ssl-cert-helper.js.map

@@ -1 +1 @@
-{"version":3,"file":"ssl-cert-helper.js","sourceRoot":"","sources":["../../src/scanfix/ssl-cert-helper.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmBH,4CA0EC;AAOD,wCAUC;AA5GD,iDAAyC;AACzC,uCAAyB;AASzB;;;;;;GAMG;AACH,SAAgB,gBAAgB,CAAC,MAAc,EAAE,WAAmB,CAAC;IACnE,MAAM,QAAQ,GAAG,wBAAwB,GAAG,MAAM,GAAG,gBAAgB,CAAC;IAEtE,kEAAkE;IAClE,IAAI,WAAW,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAE1C,mEAAmE;IACnE,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,IAAI,CAAC;YACH,IAAA,wBAAQ,EAAC,gBAAgB,GAAG,QAAQ,GAAG,GAAG,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YAC9E,WAAW,GAAG,IAAI,CAAC;QACrB,CAAC;QAAC,MAAM,CAAC;YACP,iDAAiD;QACnD,CAAC;IACH,CAAC;IAED,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,kDAAkD;QAClD,8FAA8F;QAC9F,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACzC,CAAC;IAED,gCAAgC;IAChC,MAAM,OAAO,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;QACrC,CAAC,CAAC,cAAc;QAChB,CAAC,CAAC,mBAAmB,CAAC;IACxB,MAAM,OAAO,GAAG,QAAQ,GAAG,QAAQ,GAAG,GAAG,CAAC;IAE1C,IAAI,CAAC;QACH,oDAAoD;QACpD,MAAM,YAAY,GAAG,QAAQ,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7C,IAAA,wBAAQ,EAAC,OAAO,GAAG,aAAa,GAAG,YAAY,GAAG,SAAS,GAAG,OAAO,EAAE;YACrE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;SAChC,CAAC,CAAC;QAEH,qCAAqC;QACrC,MAAM,YAAY,GAAG,IAAA,wBAAQ,EAAC,OAAO,GAAG,kBAAkB,GAAG,OAAO,EAAE;YACpE,QAAQ,EAAE,MAAM;SACjB,CAAC,CAAC;QACH,MAAM,WAAW,GAAG,YAAY,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;QACxD,IAAI,WAAW,IAAI,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;YAClC,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5C,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAChC,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAC5D,CAAC;YACF,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,aAAa,EAAE,eAAe,EAAE,CAAC;QACvE,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACvC,CAAC;IAAC,MAAM,CAAC;QACP,+DAA+D;QAC/D,0DAA0D;QAC1D,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,IAAA,wBAAQ,EAAC,OAAO,GAAG,kBAAkB,GAAG,OAAO,EAAE;gBACpE,QAAQ,EAAE,MAAM;aACjB,CAAC,CAAC;YACH,MAAM,WAAW,GAAG,YAAY,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YACxD,IAAI,WAAW,IAAI,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;gBAClC,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC5C,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAChC,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAC5D,CAAC;gBACF,OAAO;oBACL,MAAM,EAAE,IAAI;oBACZ,KAAK,EAAE,KAAK;oBACZ,aAAa,EAAE,eAAe;oBAC9B,KAAK,EAAE,0BAA0B,GAAG,eAAe,GAAG,OAAO;iBAC9D,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,sBAAsB;QACxB,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,sCAAsC,EAAE,CAAC;IACvF,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAgB,cAAc;IAC5B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,qHAAqH,EAAE;YAC7I,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QACH,OAAO,MAAM,CAAC,IAAI,EAAE,KAAK,eAAe,CAAC;IAC3C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}
+{"version":3,"file":"ssl-cert-helper.js","sourceRoot":"","sources":["../../src/scanfix/ssl-cert-helper.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmBH,4CA6FC;AAOD,wCASC;AA9HD,iDAAyC;AACzC,uCAAyB;AASzB;;;;;;GAMG;AACH,SAAgB,gBAAgB,CAAC,MAAc,EAAE,WAAmB,CAAC;IACnE,MAAM,QAAQ,GAAG,wBAAwB,GAAG,MAAM,GAAG,gBAAgB,CAAC;IAEtE,kEAAkE;IAClE,IAAI,WAAW,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAE1C,mEAAmE;IACnE,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,IAAI,CAAC;YACH,IAAA,wBAAQ,EAAC,gBAAgB,GAAG,QAAQ,GAAG,GAAG,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YAC9E,WAAW,GAAG,IAAI,CAAC;QACrB,CAAC;QAAC,MAAM,CAAC;YACP,iDAAiD;QACnD,CAAC;IACH,CAAC;IAED,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,mFAAmF;QACnF,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,IAAA,wBAAQ,EACxB,mCAAmC,GAAG,MAAM,GAAG,mBAAmB,GAAG,MAAM,GAAG,yDAAyD,EACvI,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CACrC,CAAC;YACF,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YAC/C,IAAI,KAAK,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtB,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBACtC,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAChC,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAC5D,CAAC;gBACF,OAAO;oBACL,MAAM,EAAE,IAAI;oBACZ,KAAK,EAAE,eAAe,GAAG,QAAQ;oBACjC,aAAa,EAAE,eAAe;iBAC/B,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,6CAA6C;QAC/C,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACzC,CAAC;IAED,gCAAgC;IAChC,MAAM,OAAO,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;QACrC,CAAC,CAAC,cAAc;QAChB,CAAC,CAAC,mBAAmB,CAAC;IACxB,MAAM,OAAO,GAAG,QAAQ,GAAG,QAAQ,GAAG,GAAG,CAAC;IAE1C,IAAI,CAAC;QACH,oDAAoD;QACpD,MAAM,YAAY,GAAG,QAAQ,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7C,IAAA,wBAAQ,EAAC,OAAO,GAAG,aAAa,GAAG,YAAY,GAAG,SAAS,GAAG,OAAO,EAAE;YACrE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;SAChC,CAAC,CAAC;QAEH,qCAAqC;QACrC,MAAM,YAAY,GAAG,IAAA,wBAAQ,EAAC,OAAO,GAAG,kBAAkB,GAAG,OAAO,EAAE;YACpE,QAAQ,EAAE,MAAM;SACjB,CAAC,CAAC;QACH,MAAM,WAAW,GAAG,YAAY,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;QACxD,IAAI,WAAW,IAAI,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;YAClC,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5C,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAChC,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAC5D,CAAC;YACF,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,aAAa,EAAE,eAAe,EAAE,CAAC;QACvE,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACvC,CAAC;IAAC,MAAM,CAAC;QACP,+DAA+D;QAC/D,0DAA0D;QAC1D,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,IAAA,wBAAQ,EAAC,OAAO,GAAG,kBAAkB,GAAG,OAAO,EAAE;gBACpE,QAAQ,EAAE,MAAM;aACjB,CAAC,CAAC;YACH,MAAM,WAAW,GAAG,YAAY,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YACxD,IAAI,WAAW,IAAI,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;gBAClC,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC5C,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAChC,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAC5D,CAAC;gBACF,OAAO;oBACL,MAAM,EAAE,IAAI;oBACZ,KAAK,EAAE,KAAK;oBACZ,aAAa,EAAE,eAAe;oBAC9B,KAAK,EAAE,0BAA0B,GAAG,eAAe,GAAG,OAAO;iBAC9D,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,sBAAsB;QACxB,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,sCAAsC,EAAE,CAAC;IACvF,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAgB,cAAc;IAC5B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,6DAA6D,EAAE;YACrF,QAAQ,EAAE,MAAM;SACjB,CAAC,CAAC;QACH,OAAO,MAAM,CAAC,IAAI,EAAE,KAAK,eAAe,CAAC;IAC3C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}

package/dist/scripts/generate-all.js

@@ -271,31 +271,31 @@ function generateNginx(allConfigs) {
         return 0;
     }
     // Generate nginx config
-    let nginxConf = `# Auto-generated nginx configuration
-# Generated by: npx stack (generate-all)
-# Do not edit directly - modify stack.yml files and run: npx stack deploy
-
-events {
-    worker_connections 1024;
-}
-
-http {
-    include /etc/nginx/mime.types;
-    default_type application/octet-stream;
-
-    sendfile on;
-    keepalive_timeout 65;
-    client_max_body_size 100M;
-
-    # Logging
-    access_log /var/log/nginx/access.log;
-    error_log /var/log/nginx/error.log;
-
-    # Gzip
-    gzip on;
-    gzip_vary on;
-    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
-
+    let nginxConf = `# Auto-generated nginx configuration
+# Generated by: npx stack (generate-all)
+# Do not edit directly - modify stack.yml files and run: npx stack deploy
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    sendfile on;
+    keepalive_timeout 65;
+    client_max_body_size 100M;
+
+    # Logging
+    access_log /var/log/nginx/access.log;
+    error_log /var/log/nginx/error.log;
+
+    # Gzip
+    gzip on;
+    gzip_vary on;
+    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
 `;
     // ============================================================
     // CRITICAL: HTTPS Certificate Paths
@@ -308,54 +308,54 @@ http {
     for (const { domain, service, port } of routes) {
         // Always generate HTTPS-capable config
         // Certificates must exist before nginx can start (obtained via: npx stack fix --staging/--prod)
-        nginxConf += `
-    # ${service} - ${domain}
-
-    # HTTP - ACME challenge + redirect to HTTPS
-    server {
-        listen 80;
-        server_name ${domain};
-
-        # Allow certbot ACME challenge (for renewals)
-        location /.well-known/acme-challenge/ {
-            root /var/www/certbot;
-        }
-
-        # Redirect all other traffic to HTTPS
-        location / {
-            return 301 https://$server_name$request_uri;
-        }
-    }
-
-    # HTTPS - main server block
-    server {
-        listen 443 ssl;
-        http2 on;
-        server_name ${domain};
-
-        # SSL certificate paths (Let's Encrypt)
-        ssl_certificate /etc/letsencrypt/live/${domain}/fullchain.pem;
-        ssl_certificate_key /etc/letsencrypt/live/${domain}/privkey.pem;
-
-        # SSL security settings
-        ssl_protocols TLSv1.2 TLSv1.3;
-        ssl_prefer_server_ciphers on;
-        ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
-        ssl_session_cache shared:SSL:10m;
-        ssl_session_timeout 10m;
-
-        location / {
-            proxy_pass http://${service}:${port};
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection 'upgrade';
-            proxy_set_header Host $host;
-            proxy_cache_bypass $http_upgrade;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header X-Forwarded-Proto $scheme;
-        }
-    }
+        nginxConf += `
+    # ${service} - ${domain}
+
+    # HTTP - ACME challenge + redirect to HTTPS
+    server {
+        listen 80;
+        server_name ${domain};
+
+        # Allow certbot ACME challenge (for renewals)
+        location /.well-known/acme-challenge/ {
+            root /var/www/certbot;
+        }
+
+        # Redirect all other traffic to HTTPS
+        location / {
+            return 301 https://$server_name$request_uri;
+        }
+    }
+
+    # HTTPS - main server block
+    server {
+        listen 443 ssl;
+        http2 on;
+        server_name ${domain};
+
+        # SSL certificate paths (Let's Encrypt)
+        ssl_certificate /etc/letsencrypt/live/${domain}/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/${domain}/privkey.pem;
+
+        # SSL security settings
+        ssl_protocols TLSv1.2 TLSv1.3;
+        ssl_prefer_server_ciphers on;
+        ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
+        ssl_session_cache shared:SSL:10m;
+        ssl_session_timeout 10m;
+
+        location / {
+            proxy_pass http://${service}:${port};
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection 'upgrade';
+            proxy_set_header Host $host;
+            proxy_cache_bypass $http_upgrade;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
 `;
     }
     nginxConf += `}\n`;

package/dist/utils/deployment-report.js

@@ -154,8 +154,8 @@ function formatDeploymentReport(data) {
 function formatWorkflowSummary(data) {
     const report = formatDeploymentReport(data);
     // Workflow summaries support markdown, so we can enhance it
-    return `\`\`\`
-${report}
+    return `\`\`\`
+${report}
 \`\`\``;
 }
 /**

package/dist/utils/secret-prompts.js

@@ -64,16 +64,16 @@ const SECRET_METADATA = {
     STAGING_SSH: {
         type: 'ssh_key',
         description: 'SSH private key for accessing staging server',
-        helpText: `
-   Step 1: Generate a new SSH key pair:
-   ssh-keygen -t ed25519 -C "staging-deploy" -f ~/.ssh/staging_deploy
-   
-   Step 2: Add PUBLIC key to your staging server:
-   ssh-copy-id -i ~/.ssh/staging_deploy.pub ubuntu@YOUR_HOST
-   
-   (HOST is configured in stack.yml → environments.staging.host)
-   
-   Step 3: Paste the PRIVATE key below (multi-line, end with blank line):
+        helpText: `
+   Step 1: Generate a new SSH key pair:
+   ssh-keygen -t ed25519 -C "staging-deploy" -f ~/.ssh/staging_deploy
+   
+   Step 2: Add PUBLIC key to your staging server:
+   ssh-copy-id -i ~/.ssh/staging_deploy.pub ubuntu@YOUR_HOST
+   
+   (HOST is configured in stack.yml → environments.staging.host)
+   
+   Step 3: Paste the PRIVATE key below (multi-line, end with blank line):
    cat ~/.ssh/staging_deploy`,
         validation: (value) => {
             if (!value || value.trim().length === 0) {
@@ -91,16 +91,16 @@ const SECRET_METADATA = {
     PROD_SSH: {
         type: 'ssh_key',
         description: 'SSH private key for accessing production server',
-        helpText: `
-   Step 1: Generate a new SSH key pair:
-   ssh-keygen -t ed25519 -C "production-deploy" -f ~/.ssh/prod_deploy
-   
-   Step 2: Add PUBLIC key to your production server:
-   ssh-copy-id -i ~/.ssh/prod_deploy.pub ubuntu@YOUR_HOST
-   
-   (HOST is configured in stack.yml → environments.production.host)
-   
-   Step 3: Paste the PRIVATE key below (multi-line, end with blank line):
+        helpText: `
+   Step 1: Generate a new SSH key pair:
+   ssh-keygen -t ed25519 -C "production-deploy" -f ~/.ssh/prod_deploy
+   
+   Step 2: Add PUBLIC key to your production server:
+   ssh-copy-id -i ~/.ssh/prod_deploy.pub ubuntu@YOUR_HOST
+   
+   (HOST is configured in stack.yml → environments.production.host)
+   
+   Step 3: Paste the PRIVATE key below (multi-line, end with blank line):
    cat ~/.ssh/prod_deploy`,
         validation: (value) => {
             if (!value || value.trim().length === 0) {
@@ -118,14 +118,14 @@ const SECRET_METADATA = {
     AWS_SECRET_ACCESS_KEY: {
         type: 'aws_secret',
         description: 'AWS Secret Access Key (the only secret AWS value)',
-        helpText: `
-   Get from AWS Console: IAM → Users → Security credentials
-   
-   This is shown only once when you create the key.
-   If lost, you must create a new key pair.
-   
-   Note: AWS_ACCESS_KEY_ID and AWS_REGION go in stack.yml (not secrets)
-   
+        helpText: `
+   Get from AWS Console: IAM → Users → Security credentials
+   
+   This is shown only once when you create the key.
+   If lost, you must create a new key pair.
+   
+   Note: AWS_ACCESS_KEY_ID and AWS_REGION go in stack.yml (not secrets)
+   
    Enter AWS Secret Access Key:`,
         validation: (value) => {
             if (!value || value.trim().length === 0) {
@@ -143,12 +143,12 @@ const SECRET_METADATA = {
     VERCEL_TOKEN: {
         type: 'api_token',
         description: 'Vercel API Token for deployments',
-        helpText: `
-   Get your token from: https://vercel.com/account/tokens
-   Create a new token with:
-   - Scope: Full Account (or specific team)
-   - Expiration: No Expiration (or custom)
-   
+        helpText: `
+   Get your token from: https://vercel.com/account/tokens
+   Create a new token with:
+   - Scope: Full Account (or specific team)
+   - Expiration: No Expiration (or custom)
+   
    Enter Vercel API Token:`,
         validation: (value) => {
             if (!value || value.trim().length === 0) {

package/dist/utils/template-generator.js

@@ -51,50 +51,50 @@ const env_validator_js_1 = require("./env-validator.js");
  */
 function generateEnvExampleTemplate(config) {
     const repoName = config.name ?? 'myapp';
-    const template = `# .env.example - Environment variable template
-# This file defines all required environment variables across environments.
-# Values are descriptive examples - replace with real values in .env.staging and .env.prod
-# This file is committed to git as a template.
-
-# === Application Settings ===
-NODE_ENV=development
-# Slot number (1-5). Client=3000+PORT, Server=5000+PORT
-# Example: PORT=1 → client:3001, server:5001
-PORT=1
-
-# === Database ===
-# PostgreSQL connection string format
-DATABASE_URL=postgresql://EXAMPLE_user:EXAMPLE_password@localhost:5432/EXAMPLE_${repoName}-dev
-
-# === Authentication ===
-# 256-bit secret key for JWT signing
-JWT_SECRET=EXAMPLE_your-256-bit-secret-key-here
-JWT_EXPIRES_IN=7d
-
-# === External APIs (if needed) ===
-# OPENAI_API_KEY=EXAMPLE_sk-proj-abc123xyz789
-# STRIPE_SECRET_KEY=EXAMPLE_sk_test_51ABC123xyz
-# STRIPE_PUBLISHABLE_KEY=EXAMPLE_pk_test_51ABC123xyz
-
-# === AWS Configuration (if using S3, SES, etc) ===
-# AWS_ACCESS_KEY_ID=EXAMPLE_AKIAIOSFODNN7EXAMPLE
-# AWS_SECRET_ACCESS_KEY=EXAMPLE_wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
-# AWS_REGION=EXAMPLE_us-east-1
-# AWS_BUCKET_NAME=EXAMPLE_${repoName}-assets
-
-# === Email Configuration (if using SMTP) ===
-# SMTP_HOST=EXAMPLE_smtp.gmail.com
-# SMTP_PORT=587
-# SMTP_USER=EXAMPLE_noreply@yourdomain.com
-# SMTP_PASSWORD=EXAMPLE_your-app-password
-
-# === Application URLs ===
-# Replace YOUR_IP with your local network IP (start.sh does this automatically)
-# FRONTEND_URL=http://YOUR_IP:3001
-# API_URL=http://YOUR_IP:5001
-
-# === Application-specific settings ===
-# Add your custom environment variables below
+    const template = `# .env.example - Environment variable template
+# This file defines all required environment variables across environments.
+# Values are descriptive examples - replace with real values in .env.staging and .env.prod
+# This file is committed to git as a template.
+
+# === Application Settings ===
+NODE_ENV=development
+# Slot number (1-5). Client=3000+PORT, Server=5000+PORT
+# Example: PORT=1 → client:3001, server:5001
+PORT=1
+
+# === Database ===
+# PostgreSQL connection string format
+DATABASE_URL=postgresql://EXAMPLE_user:EXAMPLE_password@localhost:5432/EXAMPLE_${repoName}-dev
+
+# === Authentication ===
+# 256-bit secret key for JWT signing
+JWT_SECRET=EXAMPLE_your-256-bit-secret-key-here
+JWT_EXPIRES_IN=7d
+
+# === External APIs (if needed) ===
+# OPENAI_API_KEY=EXAMPLE_sk-proj-abc123xyz789
+# STRIPE_SECRET_KEY=EXAMPLE_sk_test_51ABC123xyz
+# STRIPE_PUBLISHABLE_KEY=EXAMPLE_pk_test_51ABC123xyz
+
+# === AWS Configuration (if using S3, SES, etc) ===
+# AWS_ACCESS_KEY_ID=EXAMPLE_AKIAIOSFODNN7EXAMPLE
+# AWS_SECRET_ACCESS_KEY=EXAMPLE_wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+# AWS_REGION=EXAMPLE_us-east-1
+# AWS_BUCKET_NAME=EXAMPLE_${repoName}-assets
+
+# === Email Configuration (if using SMTP) ===
+# SMTP_HOST=EXAMPLE_smtp.gmail.com
+# SMTP_PORT=587
+# SMTP_USER=EXAMPLE_noreply@yourdomain.com
+# SMTP_PASSWORD=EXAMPLE_your-app-password
+
+# === Application URLs ===
+# Replace YOUR_IP with your local network IP (start.sh does this automatically)
+# FRONTEND_URL=http://YOUR_IP:3001
+# API_URL=http://YOUR_IP:5001
+
+# === Application-specific settings ===
+# Add your custom environment variables below
 `;
     return template;
 }
@@ -106,10 +106,10 @@ JWT_EXPIRES_IN=7d
  */
 function generateEnvTemplate(environment, devEnv) {
     const envUpper = environment.toUpperCase();
-    let template = `# .env.${environment} - ${envUpper} environment variables
-# Fill in all values below. Keys must match .env.example
-# This file should ${environment === 'prod' ? 'ALWAYS' : 'optionally'} be in .gitignore
-
+    let template = `# .env.${environment} - ${envUpper} environment variables
+# Fill in all values below. Keys must match .env.example
+# This file should ${environment === 'prod' ? 'ALWAYS' : 'optionally'} be in .gitignore
+
 `;
     // Copy keys from .env.example with placeholder values
     for (const key of Object.keys(devEnv)) {
@@ -123,11 +123,11 @@ function generateEnvTemplate(environment, devEnv) {
             template += `${key}=<FILL_IN>\n`;
         }
     }
-    template += `
-# Instructions:
-# 1. Replace all <FILL_IN> values with real ${environment} values
-# 2. Ensure all keys match .env.example
-# 3. Run: npx stack (to validate)
+    template += `
+# Instructions:
+# 1. Replace all <FILL_IN> values with real ${environment} values
+# 2. Ensure all keys match .env.example
+# 3. Run: npx stack (to validate)
 `;
     return template;
 }
@@ -200,27 +200,27 @@ function createEnvTemplates(rootDir, config) {
  * Generate secrets checklist for display
  */
 function generateSecretsChecklist() {
-    return `
-   REQUIRED GitHub Secrets (minimal):
-   ───────────────────────────────────────────────────────
-   □ STAGING_SSH           - SSH private key for staging
-   □ PROD_SSH              - SSH private key for production
-   □ AWS_SECRET_ACCESS_KEY - AWS secret key (only secret AWS value)
-
-   OPTIONAL GitHub Secrets:
-   ───────────────────────────────────────────────────────
-   □ STAGING_ENVS   - Environment vars from .env.staging
-   □ PROD_ENVS      - Environment vars from .env.prod
-
-   NOT SECRETS (in stack.yml):
-   ───────────────────────────────────────────────────────
-   ✓ environments.{env}.host - Server IP/hostname
-   ✓ aws.access_key_id       - AWS access key ID
-   ✓ aws.region              - AWS region (e.g., us-east-1)
-
-   NOT SECRETS (in factiiiAuto.yml):
-   ───────────────────────────────────────────────────────
-   ✓ ssh_user               - Defaults to ubuntu
+    return `
+   REQUIRED GitHub Secrets (minimal):
+   ───────────────────────────────────────────────────────
+   □ STAGING_SSH           - SSH private key for staging
+   □ PROD_SSH              - SSH private key for production
+   □ AWS_SECRET_ACCESS_KEY - AWS secret key (only secret AWS value)
+
+   OPTIONAL GitHub Secrets:
+   ───────────────────────────────────────────────────────
+   □ STAGING_ENVS   - Environment vars from .env.staging
+   □ PROD_ENVS      - Environment vars from .env.prod
+
+   NOT SECRETS (in stack.yml):
+   ───────────────────────────────────────────────────────
+   ✓ environments.{env}.host - Server IP/hostname
+   ✓ aws.access_key_id       - AWS access key ID
+   ✓ aws.region              - AWS region (e.g., us-east-1)
+
+   NOT SECRETS (in factiiiAuto.yml):
+   ───────────────────────────────────────────────────────
+   ✓ ssh_user               - Defaults to ubuntu
 `.trim();
 }
 //# sourceMappingURL=template-generator.js.map