npm - @holo-js/cli - Versions diffs - 0.1.9 → 0.2.1 - Mend

@holo-js/cli 0.1.9 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (46) hide show

package/dist/bin/holo.mjs +179 -81
package/dist/broadcast-III5MB3R.mjs +203 -0
package/dist/broadcast-ZIFYFOUQ.mjs +203 -0
package/dist/{cache-ETOIQ5IG.mjs → cache-634WUR3T.mjs} +6 -6
package/dist/cache-7J7DIOP6.mjs +66 -0
package/dist/{cache-migrations-2GGI4TJK.mjs → cache-migrations-2NBEUF2T.mjs} +50 -30
package/dist/cache-migrations-S2LJMDOQ.mjs +173 -0
package/dist/{chunk-WRZFATUT.mjs → chunk-4OHJC3GL.mjs} +232 -143
package/dist/{chunk-ASTSSSL2.mjs → chunk-5TEH2QPK.mjs} +99 -122
package/dist/{chunk-F4MT6GBK.mjs → chunk-FGQ2I2YH.mjs} +1 -1
package/dist/chunk-I7QBCEV7.mjs +33 -0
package/dist/{chunk-R6BWRY3E.mjs → chunk-ILU426CF.mjs} +3 -1
package/dist/{chunk-IMOGEKB4.mjs → chunk-J76GH2DR.mjs} +229 -119
package/dist/{chunk-HB4Q7VYK.mjs → chunk-KS5TWO75.mjs} +30 -273
package/dist/{chunk-57SJ566R.mjs → chunk-LBJAJLKU.mjs} +1 -1
package/dist/{chunk-BAFQ2GOA.mjs → chunk-LXGQCG56.mjs} +1 -1
package/dist/chunk-MCVRN7KX.mjs +3308 -0
package/dist/chunk-SFRAGRHY.mjs +472 -0
package/dist/{chunk-7JR73TOH.mjs → chunk-VP2E62DF.mjs} +36 -25
package/dist/{chunk-5EU32E7X.mjs → chunk-VRGB6DIS.mjs} +116 -12
package/dist/{chunk-SRPGIWCF.mjs → chunk-YEFJBN56.mjs} +2 -2
package/dist/{config-ARLE6PKR.mjs → config-MD27U4FM.mjs} +3 -3
package/dist/{dev-6RG5SSZ7.mjs → dev-M2GGURAX.mjs} +9 -7
package/dist/dev-PBNFQK6Y.mjs +44 -0
package/dist/{discovery-FCVGQQVD.mjs → discovery-GWTBF5RZ.mjs} +3 -3
package/dist/{generators-UI2LJK3O.mjs → generators-BZJ53PUU.mjs} +13 -36
package/dist/generators-DEPLONDJ.mjs +520 -0
package/dist/index.mjs +181 -83
package/dist/{media-migrations-JQSDCC7S.mjs → media-migrations-5EISZBSD.mjs} +9 -20
package/dist/media-migrations-NMUWBEKE.mjs +106 -0
package/dist/{queue-BY3PLH4I.mjs → queue-FRAVPNFJ.mjs} +12 -12
package/dist/queue-GY7BWGTX.mjs +625 -0
package/dist/{queue-migrations-YZUKEZK7.mjs → queue-migrations-J7YPIKRB.mjs} +13 -12
package/dist/queue-migrations-O24ERNFF.mjs +167 -0
package/dist/{runtime-BI343WHS.mjs → runtime-2AA7ZLJ6.mjs} +9 -9
package/dist/{runtime-ZKD6URAV.mjs → runtime-GSXF4NB3.mjs} +1 -1
package/dist/runtime-HGK2MWSC.mjs +57 -0
package/dist/runtime-worker.d.ts +2 -0
package/dist/runtime-worker.mjs +276 -0
package/dist/{scaffold-UBOS2NZR.mjs → scaffold-DEOTRALR.mjs} +9 -5
package/dist/scaffold-Y232IGYS.mjs +139 -0
package/dist/{security-TYPVOYGF.mjs → security-MZW2CJKS.mjs} +6 -6
package/dist/security-XVG673UR.mjs +71 -0
package/package.json +9 -7
package/dist/broadcast-VR46UZEL.mjs +0 -84
package/dist/chunk-ZXDU7RHU.mjs +0 -9

package/dist/chunk-MCVRN7KX.mjs ADDED Viewed

@@ -0,0 +1,3308 @@
+import {
+  loadProjectConfig,
+  resolveGeneratedSchemaPath
+} from "./chunk-YEFJBN56.mjs";
+import {
+  loadGeneratedProjectRegistry,
+  relativeImportPath,
+  renderAuthProviderRouteFiles,
+  renderAuthRouteFiles,
+  renderFrameworkFiles,
+  renderFrameworkRunner,
+  renderGeneratedModelTypes,
+  renderNextBroadcastAuthRoute,
+  renderNextBroadcastConfigRoute,
+  renderNextGeneratedBroadcastAuthRoute,
+  renderNextGeneratedBroadcastConfigRoute,
+  renderNextGeneratedRealtimeDefinitions,
+  renderNextHoloHelper,
+  renderNextManagedHostedAuthRouteFiles,
+  renderNextRuntimeBootstrap,
+  renderSvelteHoloHelper,
+  renderSvelteViteConfig
+} from "./chunk-J76GH2DR.mjs";
+import {
+  AUTH_CONFIG_FILE_NAMES,
+  AUTH_SOCIAL_PROVIDER_PACKAGE_NAMES,
+  BROADCAST_CONFIG_FILE_NAMES,
+  CACHE_CONFIG_FILE_NAMES,
+  CORS_CONFIG_FILE_NAMES,
+  DB_DRIVER_PACKAGE_NAMES,
+  GENERATED_MODEL_TYPES_PATH,
+  MAIL_CONFIG_FILE_NAMES,
+  MEDIA_CONFIG_FILE_NAMES,
+  NOTIFICATIONS_CONFIG_FILE_NAMES,
+  QUEUE_CONFIG_FILE_NAMES,
+  REDIS_CONFIG_FILE_NAMES,
+  SECURITY_CONFIG_FILE_NAMES,
+  SESSION_CONFIG_FILE_NAMES,
+  SUPPORTED_AUTH_SOCIAL_PROVIDERS,
+  isSupportedCacheInstallerDriver,
+  isSupportedQueueInstallerDriver,
+  normalizeScaffoldOptionalPackages,
+  pathExists,
+  readTextFile,
+  resolveFirstExistingPath,
+  sanitizePackageName,
+  writeTextFile
+} from "./chunk-ILU426CF.mjs";
+// src/project/scaffold.ts
+import { mkdir as mkdir3, readdir as readdir2 } from "fs/promises";
+import { dirname as dirname2, extname as extname2, relative, resolve as resolve4, sep } from "path";
+import { loadConfigDirectory as loadConfigDirectory2 } from "@holo-js/config";
+// src/project/scaffold/config-renderers.ts
+import { appendFile, mkdir } from "fs/promises";
+import { extname, resolve as resolve2 } from "path";
+import { holoStorageDefaults } from "@holo-js/config";
+// src/project/scaffold/dependencies.ts
+import { resolve } from "path";
+import { loadConfigDirectory } from "@holo-js/config";
+// package.json
+var package_default = {
+  name: "@holo-js/cli",
+  version: "0.2.1",
+  description: "Holo-JS Framework - project creation, discovery, and operational CLI",
+  type: "module",
+  license: "MIT",
+  bin: {
+    holo: "./dist/bin/holo.mjs",
+    "holo-js": "./dist/bin/holo.mjs"
+  },
+  exports: {
+    ".": {
+      types: "./dist/index.d.ts",
+      import: "./dist/index.mjs"
+    }
+  },
+  main: "./dist/index.mjs",
+  types: "./dist/index.d.ts",
+  files: [
+    "dist"
+  ],
+  scripts: {
+    build: "node ../../scripts/generate-cli-workspace-catalog.mjs && tsup",
+    stub: "node ../../scripts/generate-cli-workspace-catalog.mjs && tsup --watch",
+    typecheck: "tsc -p tsconfig.json --noEmit",
+    test: "vitest --run && HOLO_CLI_INCLUDE_INTEGRATION=1 vitest --run tests/cli.test.ts",
+    "test:integration": "HOLO_CLI_INCLUDE_INTEGRATION=1 vitest --run tests/cli.test.ts"
+  },
+  dependencies: {
+    "@clack/prompts": "catalog:",
+    "@holo-js/cache-db": "catalog:",
+    "@holo-js/config": "catalog:",
+    "@holo-js/core": "catalog:",
+    "@holo-js/db": "catalog:",
+    esbuild: "catalog:",
+    inflection: "catalog:"
+  },
+  devDependencies: {
+    "@holo-js/events": "catalog:",
+    "@holo-js/queue": "catalog:",
+    "@holo-js/queue-db": "catalog:",
+    "@types/node": "catalog:",
+    tsup: "catalog:",
+    typescript: "catalog:",
+    vitest: "catalog:"
+  },
+  engines: {
+    node: ">=20.11.0"
+  }
+};
+// src/generated/workspaceCatalog.ts
+var WORKSPACE_CATALOG = Object.freeze({
+  "@clerk/backend": "^3.4.7",
+  "@clack/prompts": "^1.5.1",
+  "@eslint/js": "^9.17.0",
+  "@holo-js/adapter-next": "^0.2.1",
+  "@holo-js/adapter-nuxt": "^0.2.1",
+  "@holo-js/adapter-sveltekit": "^0.2.1",
+  "@holo-js/auth": "^0.2.1",
+  "@holo-js/auth-clerk": "^0.2.1",
+  "@holo-js/auth-social": "^0.2.1",
+  "@holo-js/auth-social-apple": "^0.2.1",
+  "@holo-js/auth-social-discord": "^0.2.1",
+  "@holo-js/auth-social-facebook": "^0.2.1",
+  "@holo-js/auth-social-github": "^0.2.1",
+  "@holo-js/auth-social-google": "^0.2.1",
+  "@holo-js/auth-social-linkedin": "^0.2.1",
+  "@holo-js/auth-workos": "^0.2.1",
+  "@holo-js/authorization": "^0.2.1",
+  "@holo-js/broadcast": "^0.2.1",
+  "@holo-js/cache": "^0.2.1",
+  "@holo-js/cache-db": "^0.2.1",
+  "@holo-js/cache-redis": "^0.2.1",
+  "@holo-js/cli": "^0.2.1",
+  "@holo-js/config": "^0.2.1",
+  "@holo-js/core": "^0.2.1",
+  "@holo-js/db": "^0.2.1",
+  "@holo-js/db-mysql": "^0.2.1",
+  "@holo-js/db-postgres": "^0.2.1",
+  "@holo-js/db-sqlite": "^0.2.1",
+  "@holo-js/events": "^0.2.1",
+  "@holo-js/flux": "^0.2.1",
+  "@holo-js/flux-react": "^0.2.1",
+  "@holo-js/flux-svelte": "^0.2.1",
+  "@holo-js/flux-vue": "^0.2.1",
+  "@holo-js/forms": "^0.2.1",
+  "@holo-js/mail": "^0.2.1",
+  "@holo-js/media": "^0.2.1",
+  "@holo-js/notifications": "^0.2.1",
+  "@holo-js/queue": "^0.2.1",
+  "@holo-js/queue-db": "^0.2.1",
+  "@holo-js/queue-redis": "^0.2.1",
+  "@holo-js/realtime": "^0.2.1",
+  "@holo-js/security": "^0.2.1",
+  "@holo-js/session": "^0.2.1",
+  "@holo-js/storage": "^0.2.1",
+  "@holo-js/storage-s3": "^0.2.1",
+  "@holo-js/validation": "^0.2.1",
+  "@nuxt/kit": "^4.4.4",
+  "@nuxt/module-builder": "^1.0.2",
+  "@sveltejs/adapter-node": "^5.5.4",
+  "@sveltejs/kit": "^2.59.1",
+  "@sveltejs/vite-plugin-svelte": "^7.1.0",
+  "@types/better-sqlite3": "^7.6.12",
+  "@types/node": "^22.10.2",
+  "@types/pg": "^8.11.0",
+  "@types/react": "^19.2.14",
+  "@types/react-dom": "^19.2.3",
+  "@types/react-test-renderer": "^19.1.0",
+  "@types/ws": "^8.18.1",
+  "@vitest/coverage-istanbul": "^4.1.5",
+  "@vitest/coverage-v8": "^4.1.5",
+  "better-sqlite3": "^11.7.0",
+  "bullmq": "^5.71.0",
+  "create-holo-js": "^0.2.1",
+  "esbuild": "^0.27.4",
+  "eslint": "^9.17.0",
+  "fast-check": "^4.5.3",
+  "globals": "^15.14.0",
+  "h3": "^1.15.11",
+  "inflection": "^3.0.2",
+  "ioredis": "^5.4.2",
+  "mysql2": "^3.17.1",
+  "next": "^16.2.4",
+  "nodemailer": "^6.10.1",
+  "nuxt": "^4.4.4",
+  "pg": "^8.13.0",
+  "playwright": "^1.57.0",
+  "react": "^19.2.6",
+  "react-dom": "^19.2.6",
+  "react-test-renderer": "^19.2.6",
+  "sharp": "^0.34.4",
+  "svelte": "^5.55.5",
+  "svelte-check": "^4.4.6",
+  "tslib": "^2.8.1",
+  "tsup": "^8.3.5",
+  "typescript": "^5.7.2",
+  "typescript-eslint": "^8.30.1",
+  "ulid": "^3.0.1",
+  "uuid": "^12.0.0",
+  "valibot": "^1.1.0",
+  "vite": "^8.0.10",
+  "vitepress": "^1.6.3",
+  "vitest": "^4.1.5",
+  "vue": "^3.5.13",
+  "vue-router": "^5.0.4",
+  "vue-tsc": "^2.2.0",
+  "ws": "^8.18.3"
+});
+// src/metadata.ts
+var HOLO_PACKAGE_VERSION = package_default.version;
+var HOLO_PACKAGE_RANGE = `^${HOLO_PACKAGE_VERSION}`;
+function catalogVersion(packageName) {
+  return WORKSPACE_CATALOG[packageName];
+}
+var ESBUILD_PACKAGE_VERSION = catalogVersion("esbuild");
+var SCAFFOLD_PACKAGE_MANAGER_VERSIONS = Object.freeze({
+  npm: "npm@latest",
+  pnpm: "pnpm@latest",
+  yarn: "yarn@stable",
+  bun: "bun@1.3.9"
+});
+var SCAFFOLD_FRAMEWORK_VERSIONS = Object.freeze({
+  nuxt: catalogVersion("nuxt"),
+  next: catalogVersion("next"),
+  sveltekit: catalogVersion("@sveltejs/kit")
+});
+var SCAFFOLD_NEXT_REACT_VERSIONS = Object.freeze({
+  react: catalogVersion("react"),
+  "react-dom": catalogVersion("react-dom"),
+  "@types/react": catalogVersion("@types/react"),
+  "@types/react-dom": catalogVersion("@types/react-dom")
+});
+var SCAFFOLD_BASE_DEV_DEPENDENCY_VERSIONS = Object.freeze({
+  typescript: catalogVersion("typescript"),
+  "@types/node": catalogVersion("@types/node"),
+  eslint: catalogVersion("eslint")
+});
+var SCAFFOLD_NUXT_DEPENDENCY_VERSIONS = Object.freeze({
+  vue: catalogVersion("vue"),
+  "vue-router": catalogVersion("vue-router"),
+  "vue-tsc": catalogVersion("vue-tsc")
+});
+var SCAFFOLD_SVELTEKIT_DEPENDENCY_VERSIONS = Object.freeze({
+  "@sveltejs/adapter-node": catalogVersion("@sveltejs/adapter-node"),
+  "@sveltejs/vite-plugin-svelte": catalogVersion("@sveltejs/vite-plugin-svelte"),
+  svelte: catalogVersion("svelte"),
+  "svelte-check": catalogVersion("svelte-check"),
+  vite: catalogVersion("vite")
+});
+var IOREDIS_PACKAGE_VERSION = catalogVersion("ioredis");
+var SCAFFOLD_FRAMEWORK_ADAPTER_VERSIONS = Object.freeze({
+  nuxt: HOLO_PACKAGE_RANGE,
+  next: HOLO_PACKAGE_RANGE,
+  sveltekit: HOLO_PACKAGE_RANGE
+});
+var SCAFFOLD_FRAMEWORK_RUNTIME_VERSIONS = Object.freeze({
+  nuxt: {
+    "@holo-js/storage": HOLO_PACKAGE_RANGE
+  },
+  next: {
+    "@holo-js/storage": HOLO_PACKAGE_RANGE
+  },
+  sveltekit: {
+    "@holo-js/storage": HOLO_PACKAGE_RANGE
+  }
+});
+// src/project/scaffold/dependencies.ts
+function normalizeDependencyMap(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) {
+    return {};
+  }
+  return Object.fromEntries(
+    Object.entries(value).filter(([, dependencyVersion]) => typeof dependencyVersion === "string").sort(([left], [right]) => left.localeCompare(right))
+  );
+}
+function isWorkspaceDependencyVersion(value) {
+  return typeof value === "string" && value.startsWith("workspace:");
+}
+function resolveManagedHoloPackageVersion(packageName, dependencies, devDependencies) {
+  const currentPackageVersion = dependencies[packageName] ?? devDependencies[packageName];
+  if (isWorkspaceDependencyVersion(currentPackageVersion)) {
+    return currentPackageVersion;
+  }
+  const workspaceVersion = Object.entries({
+    ...dependencies,
+    ...devDependencies
+  }).find(([dependencyName, dependencyVersion]) => dependencyName.startsWith("@holo-js/") && isWorkspaceDependencyVersion(dependencyVersion))?.[1];
+  return workspaceVersion ?? `^${HOLO_PACKAGE_VERSION}`;
+}
+async function readPackageJsonDependencyState(projectRoot) {
+  const packageJsonPath = resolve(projectRoot, "package.json");
+  const existing = await readTextFile(packageJsonPath);
+  if (!existing) {
+    throw new Error(`Missing package.json in ${projectRoot}.`);
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(existing);
+  } catch {
+    throw new Error(`Invalid package.json in ${projectRoot}.`);
+  }
+  return {
+    packageJsonPath,
+    parsed,
+    dependencies: normalizeDependencyMap(parsed.dependencies),
+    devDependencies: normalizeDependencyMap(parsed.devDependencies)
+  };
+}
+async function writePackageJsonDependencyState(packageJsonPath, parsed, dependencies, devDependencies) {
+  parsed.dependencies = Object.fromEntries(
+    Object.entries(dependencies).sort(([left], [right]) => left.localeCompare(right))
+  );
+  if (Object.keys(devDependencies).length > 0) {
+    parsed.devDependencies = Object.fromEntries(
+      Object.entries(devDependencies).sort(([left], [right]) => left.localeCompare(right))
+    );
+  } else {
+    delete parsed.devDependencies;
+  }
+  await writeTextFile(packageJsonPath, `${JSON.stringify(parsed, null, 2)}
+`);
+}
+function hasLoadedConfigFile(loadedFiles, configName) {
+  return loadedFiles.some((filePath) => {
+    const normalizedPath = filePath.replaceAll("\\", "/");
+    return normalizedPath.endsWith(`/config/${configName}.ts`) || normalizedPath.endsWith(`/config/${configName}.mts`) || normalizedPath.endsWith(`/config/${configName}.js`) || normalizedPath.endsWith(`/config/${configName}.mjs`) || normalizedPath.endsWith(`/config/${configName}.cts`) || normalizedPath.endsWith(`/config/${configName}.cjs`);
+  });
+}
+function inferDatabaseDriverFromUrl(value) {
+  if (!value) {
+    return void 0;
+  }
+  const normalized = value.trim().toLowerCase();
+  if (normalized.startsWith("postgres://") || normalized.startsWith("postgresql://")) {
+    return "postgres";
+  }
+  if (normalized.startsWith("mysql://") || normalized.startsWith("mysql2://")) {
+    return "mysql";
+  }
+  if (normalized === ":memory:" || normalized.startsWith("file:") || normalized.startsWith("/") || normalized.startsWith("./") || normalized.startsWith("../") || normalized.endsWith(".db") || normalized.endsWith(".sqlite") || normalized.endsWith(".sqlite3")) {
+    return "sqlite";
+  }
+  return void 0;
+}
+function inferConnectionDriver(connection) {
+  if (typeof connection === "string") {
+    return inferDatabaseDriverFromUrl(connection);
+  }
+  const explicitDriver = connection.driver;
+  if (explicitDriver === "sqlite" || explicitDriver === "postgres" || explicitDriver === "mysql") {
+    return explicitDriver;
+  }
+  return inferDatabaseDriverFromUrl(connection.url ?? connection.filename);
+}
+function registryHasJobs(registry) {
+  return (registry?.jobs.length ?? 0) > 0;
+}
+function registryHasEvents(registry) {
+  return (registry?.events.length ?? 0) > 0 || (registry?.listeners.length ?? 0) > 0;
+}
+function registryHasBroadcastDefinitions(registry) {
+  return (registry?.broadcast.length ?? 0) > 0 || (registry?.channels.length ?? 0) > 0;
+}
+function registryHasAuthorizationDefinitions(registry) {
+  return (registry?.authorizationPolicies.length ?? 0) > 0 || (registry?.authorizationAbilities.length ?? 0) > 0;
+}
+function authConfigUsesSocialProviders(loaded) {
+  return Object.keys(loaded.auth.social).length > 0;
+}
+function authConfigUsesWorkosProviders(loaded) {
+  return Object.entries(loaded.auth.workos).some(([name, provider]) => name !== "provider" && typeof provider === "object" && provider !== null);
+}
+function authConfigUsesClerkProviders(loaded) {
+  return Object.keys(loaded.auth.clerk).length > 0;
+}
+function mailConfigUsesQueue(loaded) {
+  return loaded.mail.queue.queued || Object.values(loaded.mail.mailers).some((mailer) => mailer.queue.queued);
+}
+async function projectHasAuthorizationScaffold(projectRoot) {
+  const project = await loadProjectConfig(projectRoot);
+  const policiesRoot = resolve(projectRoot, project.config.paths.authorizationPolicies ?? "server/policies");
+  const abilitiesRoot = resolve(projectRoot, project.config.paths.authorizationAbilities ?? "server/abilities");
+  return await pathExists(policiesRoot) || await pathExists(abilitiesRoot);
+}
+async function projectHasEventsScaffold(projectRoot) {
+  const project = await loadProjectConfig(projectRoot);
+  const eventsRoot = resolve(projectRoot, project.config.paths.events);
+  const listenersRoot = resolve(projectRoot, project.config.paths.listeners);
+  return await pathExists(eventsRoot) || await pathExists(listenersRoot);
+}
+async function projectHasRealtimeScaffold(projectRoot) {
+  return await pathExists(resolve(projectRoot, "server/realtime"));
+}
+async function syncManagedDriverDependencies(projectRoot, registry) {
+  const loaded = await loadConfigDirectory(projectRoot, {
+    preferCache: false,
+    processEnv: process.env
+  });
+  const discoveredRegistry = registry ?? await loadGeneratedProjectRegistry(projectRoot);
+  const authConfigured = hasLoadedConfigFile(loaded.loadedFiles, "auth");
+  const broadcastConfigured = hasLoadedConfigFile(loaded.loadedFiles, "broadcast");
+  const cacheConfigured = hasLoadedConfigFile(loaded.loadedFiles, "cache");
+  const mailConfigured = hasLoadedConfigFile(loaded.loadedFiles, "mail");
+  const mediaConfigured = hasLoadedConfigFile(loaded.loadedFiles, "media");
+  const notificationsConfigured = hasLoadedConfigFile(loaded.loadedFiles, "notifications");
+  const queueConfigured = hasLoadedConfigFile(loaded.loadedFiles, "queue");
+  const securityConfigured = hasLoadedConfigFile(loaded.loadedFiles, "security");
+  const sessionConfigured = hasLoadedConfigFile(loaded.loadedFiles, "session");
+  const storageConfigured = hasLoadedConfigFile(loaded.loadedFiles, "storage");
+  const requiredPackages = /* @__PURE__ */ new Set();
+  const hasAuthorizationScaffold = await projectHasAuthorizationScaffold(projectRoot);
+  const hasEventsScaffold = await projectHasEventsScaffold(projectRoot);
+  const hasRealtimeScaffold = await projectHasRealtimeScaffold(projectRoot);
+  const {
+    packageJsonPath,
+    parsed,
+    dependencies,
+    devDependencies
+  } = await readPackageJsonDependencyState(projectRoot);
+  const cachePackageInstalled = typeof dependencies["@holo-js/cache"] !== "undefined" || typeof devDependencies["@holo-js/cache"] !== "undefined";
+  const cacheDesired = cacheConfigured || cachePackageInstalled;
+  requiredPackages.add("@holo-js/core");
+  for (const connection of Object.values(loaded.database.connections)) {
+    const inferredDriver = inferConnectionDriver(connection);
+    if (inferredDriver) {
+      requiredPackages.add(DB_DRIVER_PACKAGE_NAMES[inferredDriver]);
+    }
+  }
+  if (authConfigured || sessionConfigured) {
+    requiredPackages.add("@holo-js/session");
+  }
+  if (authConfigured || securityConfigured) {
+    requiredPackages.add("@holo-js/security");
+  }
+  if (authConfigured) {
+    requiredPackages.add("@holo-js/auth");
+    if (authConfigUsesSocialProviders(loaded)) {
+      requiredPackages.add("@holo-js/auth-social");
+      for (const [providerName, provider] of Object.entries(loaded.auth.social)) {
+        if (typeof provider.runtime === "string" && provider.runtime.trim()) {
+          continue;
+        }
+        const builtinPackage = AUTH_SOCIAL_PROVIDER_PACKAGE_NAMES[providerName];
+        if (builtinPackage) {
+          requiredPackages.add(builtinPackage);
+        }
+      }
+    }
+    if (authConfigUsesWorkosProviders(loaded)) {
+      requiredPackages.add("@holo-js/auth-workos");
+    }
+    if (authConfigUsesClerkProviders(loaded)) {
+      requiredPackages.add("@holo-js/auth-clerk");
+    }
+  }
+  if (mailConfigured) {
+    requiredPackages.add("@holo-js/mail");
+  }
+  if (mediaConfigured) {
+    requiredPackages.add("@holo-js/media");
+  }
+  if (cacheDesired) {
+    requiredPackages.add("@holo-js/cache");
+  }
+  if (cacheConfigured) {
+    const cacheDrivers = Object.values(loaded.cache.drivers);
+    if (cacheDrivers.some((driver) => driver.driver === "redis")) {
+      requiredPackages.add("@holo-js/cache-redis");
+    }
+    if (cacheDrivers.some((driver) => driver.driver === "database")) {
+      requiredPackages.add("@holo-js/cache-db");
+    }
+  }
+  if (notificationsConfigured) {
+    requiredPackages.add("@holo-js/notifications");
+  }
+  if (broadcastConfigured || registryHasBroadcastDefinitions(discoveredRegistry) || hasRealtimeScaffold) {
+    requiredPackages.add("@holo-js/broadcast");
+    requiredPackages.add("@holo-js/flux");
+    const framework = detectProjectFrameworkFromPackageJson(dependencies, devDependencies);
+    if (framework === "next") {
+      requiredPackages.add("@holo-js/flux-react");
+      requiredPackages.add("@holo-js/adapter-next");
+    } else if (framework === "nuxt") {
+      requiredPackages.add("@holo-js/flux-vue");
+      requiredPackages.add("@holo-js/adapter-nuxt");
+    } else if (framework === "sveltekit") {
+      requiredPackages.add("@holo-js/flux-svelte");
+      requiredPackages.add("@holo-js/adapter-sveltekit");
+    }
+  }
+  if (hasRealtimeScaffold) {
+    requiredPackages.add("@holo-js/realtime");
+  }
+  if (registryHasAuthorizationDefinitions(discoveredRegistry) || hasAuthorizationScaffold) {
+    requiredPackages.add("@holo-js/authorization");
+  }
+  if (registryHasEvents(discoveredRegistry) || hasEventsScaffold) {
+    requiredPackages.add("@holo-js/events");
+    requiredPackages.add("@holo-js/queue");
+  }
+  if (queueConfigured || registryHasJobs(discoveredRegistry) || mailConfigUsesQueue(loaded)) {
+    requiredPackages.add("@holo-js/queue");
+    if (queueConfigured) {
+      const queueConnections = Object.values(loaded.queue.connections);
+      if (queueConnections.some((connection) => connection.driver === "redis")) {
+        requiredPackages.add("@holo-js/queue-redis");
+      }
+      if (queueConnections.some((connection) => connection.driver === "database") || loaded.queue.failed !== false) {
+        requiredPackages.add("@holo-js/queue-db");
+      }
+    }
+  }
+  if (Object.values(loaded.cache?.drivers ?? {}).some((driver) => driver.driver === "redis") || loaded.security?.rateLimit?.driver === "redis" || Object.values(loaded.session?.stores ?? {}).some((store) => store.driver === "redis") || loaded.broadcast?.worker != null && loaded.broadcast.worker.scaling !== false) {
+    requiredPackages.add("ioredis");
+  }
+  if (storageConfigured) {
+    requiredPackages.add("@holo-js/storage");
+    if (Object.values(loaded.storage.disks).some((disk) => disk.driver === "s3")) {
+      requiredPackages.add("@holo-js/storage-s3");
+    }
+  }
+  let changed = false;
+  const removableManagedPackages = /* @__PURE__ */ new Set([
+    "@holo-js/core",
+    ...Object.values(DB_DRIVER_PACKAGE_NAMES),
+    "@holo-js/auth",
+    "@holo-js/auth-clerk",
+    "@holo-js/auth-social",
+    "@holo-js/auth-workos",
+    "@holo-js/authorization",
+    "@holo-js/broadcast",
+    "@holo-js/cache-db",
+    "@holo-js/cache-redis",
+    "@holo-js/events",
+    "@holo-js/flux",
+    "@holo-js/flux-react",
+    "@holo-js/flux-svelte",
+    "@holo-js/flux-vue",
+    "@holo-js/mail",
+    "@holo-js/media",
+    "@holo-js/notifications",
+    "@holo-js/queue",
+    "@holo-js/queue-db",
+    "@holo-js/queue-redis",
+    "@holo-js/realtime",
+    "@holo-js/security",
+    "@holo-js/session",
+    "@holo-js/storage",
+    "@holo-js/storage-s3",
+    ...Object.values(AUTH_SOCIAL_PROVIDER_PACKAGE_NAMES),
+    "ioredis"
+  ]);
+  if (cacheDesired || cachePackageInstalled) {
+    removableManagedPackages.add("@holo-js/cache");
+  }
+  for (const packageName of requiredPackages) {
+    const requiredVersion = packageName === "ioredis" ? IOREDIS_PACKAGE_VERSION : resolveManagedHoloPackageVersion(packageName, dependencies, devDependencies);
+    if (dependencies[packageName] !== requiredVersion || typeof devDependencies[packageName] !== "undefined") {
+      dependencies[packageName] = requiredVersion;
+      delete devDependencies[packageName];
+      changed = true;
+    }
+  }
+  for (const packageName of removableManagedPackages) {
+    if (requiredPackages.has(packageName)) {
+      continue;
+    }
+    if (typeof dependencies[packageName] !== "undefined" || typeof devDependencies[packageName] !== "undefined") {
+      delete dependencies[packageName];
+      delete devDependencies[packageName];
+      changed = true;
+    }
+  }
+  if (!changed) {
+    return false;
+  }
+  await writePackageJsonDependencyState(packageJsonPath, parsed, dependencies, devDependencies);
+  return true;
+}
+async function upsertQueuePackageDependency(projectRoot, driver) {
+  const { packageJsonPath, parsed, dependencies, devDependencies } = await readPackageJsonDependencyState(projectRoot);
+  const queueConfigPath = await resolveFirstExistingPath(projectRoot, ["config/queue.ts", "config/queue.mts", "config/queue.js", "config/queue.mjs", "config/queue.cts", "config/queue.cjs"]);
+  const loadedQueueConfig = queueConfigPath ? loadConfigDirectory(projectRoot, {
+    preferCache: false,
+    processEnv: process.env
+  }).then((config) => config.queue).catch(() => void 0) : Promise.resolve(void 0);
+  const nextVersion = resolveManagedHoloPackageVersion("@holo-js/queue", dependencies, devDependencies);
+  const nextQueueDbVersion = resolveManagedHoloPackageVersion("@holo-js/queue-db", dependencies, devDependencies);
+  const nextQueueRedisVersion = resolveManagedHoloPackageVersion("@holo-js/queue-redis", dependencies, devDependencies);
+  const nextEsbuildVersion = ESBUILD_PACKAGE_VERSION;
+  const queueConfig = typeof driver === "undefined" ? await loadedQueueConfig : void 0;
+  const resolvedQueueDriver = driver && driver !== "sync" ? driver : queueConfig?.connections[queueConfig.default]?.driver ?? driver;
+  const requiresQueueDb = resolvedQueueDriver === "database" || (queueConfig?.failed ?? false) !== false || Object.values(queueConfig?.connections ?? {}).some((connection) => connection.driver === "database");
+  const requiresQueueRedis = resolvedQueueDriver === "redis" || Object.values(queueConfig?.connections ?? {}).some((connection) => connection.driver === "redis");
+  const currentVersion = dependencies["@holo-js/queue"];
+  const currentQueueDbVersion = dependencies["@holo-js/queue-db"];
+  const currentQueueRedisVersion = dependencies["@holo-js/queue-redis"];
+  const currentDevVersion = devDependencies["@holo-js/queue"];
+  const currentDevQueueDbVersion = devDependencies["@holo-js/queue-db"];
+  const currentDevQueueRedisVersion = devDependencies["@holo-js/queue-redis"];
+  const currentEsbuildVersion = dependencies.esbuild;
+  const currentDevEsbuildVersion = devDependencies.esbuild;
+  if (currentVersion === nextVersion && (requiresQueueDb ? currentQueueDbVersion === nextQueueDbVersion : typeof currentQueueDbVersion === "undefined") && (requiresQueueRedis ? currentQueueRedisVersion === nextQueueRedisVersion : typeof currentQueueRedisVersion === "undefined") && typeof currentDevVersion === "undefined" && typeof currentDevQueueDbVersion === "undefined" && typeof currentDevQueueRedisVersion === "undefined" && currentEsbuildVersion === nextEsbuildVersion && typeof currentDevEsbuildVersion === "undefined") {
+    return false;
+  }
+  dependencies["@holo-js/queue"] = nextVersion;
+  if (requiresQueueDb) {
+    dependencies["@holo-js/queue-db"] = nextQueueDbVersion;
+  } else {
+    delete dependencies["@holo-js/queue-db"];
+  }
+  if (requiresQueueRedis) {
+    dependencies["@holo-js/queue-redis"] = nextQueueRedisVersion;
+  } else {
+    delete dependencies["@holo-js/queue-redis"];
+  }
+  dependencies.esbuild = nextEsbuildVersion;
+  delete devDependencies["@holo-js/queue"];
+  delete devDependencies["@holo-js/queue-db"];
+  delete devDependencies["@holo-js/queue-redis"];
+  delete devDependencies.esbuild;
+  await writePackageJsonDependencyState(packageJsonPath, parsed, dependencies, devDependencies);
+  return true;
+}
+async function upsertEventsPackageDependency(projectRoot) {
+  const { packageJsonPath, parsed, dependencies, devDependencies } = await readPackageJsonDependencyState(projectRoot);
+  const nextVersion = resolveManagedHoloPackageVersion("@holo-js/events", dependencies, devDependencies);
+  const nextQueueVersion = resolveManagedHoloPackageVersion("@holo-js/queue", dependencies, devDependencies);
+  const currentVersion = dependencies["@holo-js/events"];
+  const currentDevVersion = devDependencies["@holo-js/events"];
+  const currentQueueVersion = dependencies["@holo-js/queue"];
+  const currentQueueDevVersion = devDependencies["@holo-js/queue"];
+  if (currentVersion === nextVersion && typeof currentDevVersion === "undefined" && currentQueueVersion === nextQueueVersion && typeof currentQueueDevVersion === "undefined") {
+    return false;
+  }
+  dependencies["@holo-js/events"] = nextVersion;
+  dependencies["@holo-js/queue"] = nextQueueVersion;
+  delete devDependencies["@holo-js/events"];
+  delete devDependencies["@holo-js/queue"];
+  await writePackageJsonDependencyState(packageJsonPath, parsed, dependencies, devDependencies);
+  return true;
+}
+async function upsertManagedPackageDependency(projectRoot, packageName) {
+  const { packageJsonPath, parsed, dependencies, devDependencies } = await readPackageJsonDependencyState(projectRoot);
+  const nextVersion = resolveManagedHoloPackageVersion(packageName, dependencies, devDependencies);
+  const currentVersion = dependencies[packageName];
+  const currentDevVersion = devDependencies[packageName];
+  if (currentVersion === nextVersion && typeof currentDevVersion === "undefined") {
+    return false;
+  }
+  dependencies[packageName] = nextVersion;
+  delete devDependencies[packageName];
+  await writePackageJsonDependencyState(packageJsonPath, parsed, dependencies, devDependencies);
+  return true;
+}
+async function upsertNotificationsPackageDependency(projectRoot) {
+  return await upsertManagedPackageDependency(projectRoot, "@holo-js/notifications");
+}
+async function upsertMailPackageDependency(projectRoot) {
+  return await upsertManagedPackageDependency(projectRoot, "@holo-js/mail");
+}
+async function upsertMediaPackageDependency(projectRoot) {
+  return await upsertManagedPackageDependency(projectRoot, "@holo-js/media");
+}
+async function upsertSecurityPackageDependency(projectRoot) {
+  return await upsertManagedPackageDependency(projectRoot, "@holo-js/security");
+}
+async function upsertCachePackageDependencies(projectRoot, driver = "file") {
+  const { packageJsonPath, parsed, dependencies, devDependencies } = await readPackageJsonDependencyState(projectRoot);
+  const cacheConfigPath = await resolveFirstExistingPath(projectRoot, CACHE_CONFIG_FILE_NAMES);
+  const cacheConfig = cacheConfigPath ? await loadConfigDirectory(projectRoot, {
+    preferCache: false,
+    processEnv: process.env
+  }).then((config) => config.cache).catch(() => void 0) : void 0;
+  const nextVersion = resolveManagedHoloPackageVersion("@holo-js/cache", dependencies, devDependencies);
+  const nextCacheDbVersion = resolveManagedHoloPackageVersion("@holo-js/cache-db", dependencies, devDependencies);
+  const nextCacheRedisVersion = resolveManagedHoloPackageVersion("@holo-js/cache-redis", dependencies, devDependencies);
+  const requiresCacheRedis = driver === "redis" || Object.values(cacheConfig?.drivers ?? {}).some((connection) => connection.driver === "redis");
+  const requiresCacheDb = driver === "database" || Object.values(cacheConfig?.drivers ?? {}).some((connection) => connection.driver === "database");
+  const currentVersion = dependencies["@holo-js/cache"];
+  const currentCacheDbVersion = dependencies["@holo-js/cache-db"];
+  const currentCacheRedisVersion = dependencies["@holo-js/cache-redis"];
+  const currentDevVersion = devDependencies["@holo-js/cache"];
+  const currentDevCacheDbVersion = devDependencies["@holo-js/cache-db"];
+  const currentDevCacheRedisVersion = devDependencies["@holo-js/cache-redis"];
+  if (currentVersion === nextVersion && (requiresCacheDb ? currentCacheDbVersion === nextCacheDbVersion : typeof currentCacheDbVersion === "undefined") && (requiresCacheRedis ? currentCacheRedisVersion === nextCacheRedisVersion : typeof currentCacheRedisVersion === "undefined") && typeof currentDevVersion === "undefined" && typeof currentDevCacheDbVersion === "undefined" && typeof currentDevCacheRedisVersion === "undefined") {
+    return false;
+  }
+  dependencies["@holo-js/cache"] = nextVersion;
+  if (requiresCacheDb) {
+    dependencies["@holo-js/cache-db"] = nextCacheDbVersion;
+  } else {
+    delete dependencies["@holo-js/cache-db"];
+  }
+  if (requiresCacheRedis) {
+    dependencies["@holo-js/cache-redis"] = nextCacheRedisVersion;
+  } else {
+    delete dependencies["@holo-js/cache-redis"];
+  }
+  delete devDependencies["@holo-js/cache"];
+  delete devDependencies["@holo-js/cache-db"];
+  delete devDependencies["@holo-js/cache-redis"];
+  await writePackageJsonDependencyState(packageJsonPath, parsed, dependencies, devDependencies);
+  return true;
+}
+function detectProjectFrameworkFromPackageJson(dependencies, devDependencies) {
+  if (dependencies.next || devDependencies.next) {
+    return "next";
+  }
+  if (dependencies.nuxt || devDependencies.nuxt) {
+    return "nuxt";
+  }
+  if (dependencies["@sveltejs/kit"] || devDependencies["@sveltejs/kit"]) {
+    return "sveltekit";
+  }
+  return void 0;
+}
+async function upsertBroadcastPackageDependencies(projectRoot) {
+  const { packageJsonPath, parsed, dependencies, devDependencies } = await readPackageJsonDependencyState(projectRoot);
+  const nextVersion = resolveManagedHoloPackageVersion("@holo-js/broadcast", dependencies, devDependencies);
+  const framework = detectProjectFrameworkFromPackageJson(dependencies, devDependencies);
+  let changed = false;
+  const requestedPackages = /* @__PURE__ */ new Set([
+    "@holo-js/broadcast",
+    "@holo-js/flux"
+  ]);
+  if (framework === "next") {
+    requestedPackages.add("@holo-js/flux-react");
+    requestedPackages.add("@holo-js/adapter-next");
+  } else if (framework === "nuxt") {
+    requestedPackages.add("@holo-js/flux-vue");
+    requestedPackages.add("@holo-js/adapter-nuxt");
+  } else if (framework === "sveltekit") {
+    requestedPackages.add("@holo-js/flux-svelte");
+    requestedPackages.add("@holo-js/adapter-sveltekit");
+  }
+  const frameworkPackages = /* @__PURE__ */ new Set([
+    "@holo-js/flux-react",
+    "@holo-js/adapter-next",
+    "@holo-js/flux-vue",
+    "@holo-js/adapter-nuxt",
+    "@holo-js/flux-svelte",
+    "@holo-js/adapter-sveltekit"
+  ]);
+  const managedPackages = /* @__PURE__ */ new Set([
+    ...requestedPackages,
+    ...frameworkPackages
+  ]);
+  for (const packageName of managedPackages) {
+    if (!requestedPackages.has(packageName)) {
+      if (typeof dependencies[packageName] !== "undefined" || typeof devDependencies[packageName] !== "undefined") {
+        delete dependencies[packageName];
+        delete devDependencies[packageName];
+        changed = true;
+      }
+      continue;
+    }
+    if (dependencies[packageName] !== nextVersion || typeof devDependencies[packageName] !== "undefined") {
+      dependencies[packageName] = nextVersion;
+      delete devDependencies[packageName];
+      changed = true;
+    }
+  }
+  if (!changed) {
+    return {
+      updated: false,
+      framework
+    };
+  }
+  await writePackageJsonDependencyState(packageJsonPath, parsed, dependencies, devDependencies);
+  return {
+    updated: true,
+    framework
+  };
+}
+async function upsertAuthPackageDependencies(projectRoot, features = {}) {
+  const { packageJsonPath, parsed, dependencies, devDependencies } = await readPackageJsonDependencyState(projectRoot);
+  const socialEnabled = features.social === true || (features.socialProviders?.length ?? 0) > 0;
+  const requestedPackages = {
+    "@holo-js/auth": true,
+    "@holo-js/session": true,
+    "@holo-js/security": true,
+    "@holo-js/auth-social": socialEnabled,
+    "@holo-js/auth-workos": features.workos === true,
+    "@holo-js/auth-clerk": features.clerk === true
+  };
+  const requestedSocialProviders = new Set(features.socialProviders ?? (socialEnabled ? ["google"] : []));
+  let changed = false;
+  for (const [packageName, enabled] of Object.entries(requestedPackages)) {
+    const currentDependency = dependencies[packageName];
+    const currentDevDependency = devDependencies[packageName];
+    const nextVersion = resolveManagedHoloPackageVersion(packageName, dependencies, devDependencies);
+    if (enabled) {
+      if (currentDependency !== nextVersion || typeof currentDevDependency !== "undefined") {
+        dependencies[packageName] = nextVersion;
+        delete devDependencies[packageName];
+        changed = true;
+      }
+      continue;
+    }
+    if (typeof currentDevDependency !== "undefined") {
+      delete devDependencies[packageName];
+      changed = true;
+    }
+    if (typeof currentDependency !== "undefined") {
+      delete dependencies[packageName];
+      changed = true;
+    }
+  }
+  for (const [providerName, packageName] of Object.entries(AUTH_SOCIAL_PROVIDER_PACKAGE_NAMES)) {
+    const enabled = requestedSocialProviders.has(providerName);
+    const currentDependency = dependencies[packageName];
+    const currentDevDependency = devDependencies[packageName];
+    const nextVersion = resolveManagedHoloPackageVersion(packageName, dependencies, devDependencies);
+    if (enabled) {
+      if (currentDependency !== nextVersion || typeof currentDevDependency !== "undefined") {
+        dependencies[packageName] = nextVersion;
+        delete devDependencies[packageName];
+        changed = true;
+      }
+      continue;
+    }
+    if (typeof currentDevDependency !== "undefined") {
+      delete devDependencies[packageName];
+      changed = true;
+    }
+    if (typeof currentDependency !== "undefined") {
+      delete dependencies[packageName];
+      changed = true;
+    }
+  }
+  if (!changed) {
+    return false;
+  }
+  await writePackageJsonDependencyState(packageJsonPath, parsed, dependencies, devDependencies);
+  return true;
+}
+async function upsertAuthorizationPackageDependency(projectRoot) {
+  return await upsertManagedPackageDependency(projectRoot, "@holo-js/authorization");
+}
+async function upsertRealtimePackageDependency(projectRoot) {
+  const broadcastResult = await upsertBroadcastPackageDependencies(projectRoot);
+  const { packageJsonPath, parsed, dependencies, devDependencies } = await readPackageJsonDependencyState(projectRoot);
+  const nextVersion = resolveManagedHoloPackageVersion("@holo-js/realtime", dependencies, devDependencies);
+  const currentVersion = dependencies["@holo-js/realtime"];
+  const currentDevVersion = devDependencies["@holo-js/realtime"];
+  if (currentVersion === nextVersion && typeof currentDevVersion === "undefined") {
+    return broadcastResult.updated;
+  }
+  dependencies["@holo-js/realtime"] = nextVersion;
+  delete devDependencies["@holo-js/realtime"];
+  await writePackageJsonDependencyState(packageJsonPath, parsed, dependencies, devDependencies);
+  return true;
+}
+// src/project/scaffold/config-renderers.ts
+function renderStorageConfig() {
+  return [
+    "import { defineStorageConfig, env } from '@holo-js/config'",
+    "",
+    "export default defineStorageConfig({",
+    `  defaultDisk: env('STORAGE_DEFAULT_DISK', '${holoStorageDefaults.defaultDisk}'),`,
+    `  routePrefix: env('STORAGE_ROUTE_PREFIX', '${holoStorageDefaults.routePrefix}'),`,
+    "  disks: {",
+    "    local: {",
+    "      driver: 'local',",
+    "      root: './storage/app',",
+    "    },",
+    "    public: {",
+    "      driver: 'public',",
+    "      root: './storage/app/public',",
+    "      visibility: 'public',",
+    "    },",
+    "  },",
+    "})",
+    ""
+  ].join("\n");
+}
+function renderMediaConfig() {
+  return [
+    "import { defineMediaConfig } from '@holo-js/config'",
+    "",
+    "export default defineMediaConfig({})",
+    ""
+  ].join("\n");
+}
+function renderQueueConfig(options = {}) {
+  const driver = options.driver ?? "sync";
+  const defaultDatabaseConnection = options.defaultDatabaseConnection?.trim() || "default";
+  if (driver === "redis") {
+    return [
+      "import { defineQueueConfig, env } from '@holo-js/config'",
+      "",
+      "export default defineQueueConfig({",
+      "  default: 'redis',",
+      "  failed: false,",
+      "  connections: {",
+      "    redis: {",
+      "      driver: 'redis',",
+      "      connection: 'default',",
+      "      queue: 'default',",
+      "      retryAfter: 90,",
+      "      blockFor: 5,",
+      "    },",
+      "  },",
+      "})",
+      ""
+    ].join("\n");
+  }
+  if (driver === "database") {
+    return [
+      "import { defineQueueConfig } from '@holo-js/config'",
+      "",
+      "export default defineQueueConfig({",
+      "  default: 'database',",
+      "  failed: {",
+      "    driver: 'database',",
+      `    connection: '${defaultDatabaseConnection}',`,
+      "    table: 'failed_jobs',",
+      "  },",
+      "  connections: {",
+      "    database: {",
+      "      driver: 'database',",
+      `      connection: '${defaultDatabaseConnection}',`,
+      "      table: 'jobs',",
+      "      queue: 'default',",
+      "      retryAfter: 90,",
+      "      sleep: 1,",
+      "    },",
+      "  },",
+      "})",
+      ""
+    ].join("\n");
+  }
+  return [
+    "import { defineQueueConfig } from '@holo-js/config'",
+    "",
+    "export default defineQueueConfig({",
+    "  default: 'sync',",
+    "  failed: false,",
+    "  connections: {",
+    "    sync: {",
+    "      driver: 'sync',",
+    "      queue: 'default',",
+    "    },",
+    "  },",
+    "})",
+    ""
+  ].join("\n");
+}
+function renderCacheConfig(driver = "file", defaultDatabaseConnection = "default", defaultRedisConnection = "default") {
+  const lines = [
+    "import { defineCacheConfig, env } from '@holo-js/config'",
+    "",
+    "export default defineCacheConfig({",
+    `  default: '${driver}',`,
+    "  prefix: env('CACHE_PREFIX', ''),",
+    "  drivers: {",
+    "    file: {",
+    "      driver: 'file',",
+    "      path: './storage/framework/cache/data',",
+    "    },",
+    "    memory: {",
+    "      driver: 'memory',",
+    "      maxEntries: 1000,",
+    "    },"
+  ];
+  if (driver === "redis") {
+    lines.push(
+      "    redis: {",
+      "      driver: 'redis',",
+      `      connection: '${defaultRedisConnection}',`,
+      "      prefix: 'cache:',",
+      "    },"
+    );
+  }
+  if (driver === "database") {
+    lines.push(
+      "    database: {",
+      "      driver: 'database',",
+      `      connection: '${defaultDatabaseConnection}',`,
+      "      table: 'cache',",
+      "      lockTable: 'cache_locks',",
+      "    },"
+    );
+  }
+  lines.push(
+    "  },",
+    "})",
+    ""
+  );
+  return lines.join("\n");
+}
+function renderRedisConfig() {
+  return [
+    "import { defineRedisConfig, env } from '@holo-js/config'",
+    "",
+    "export default defineRedisConfig({",
+    "  default: 'default',",
+    "  connections: {",
+    "    default: {",
+    "      url: env('REDIS_URL') || undefined,",
+    "      host: env('REDIS_HOST', '127.0.0.1'),",
+    "      port: env('REDIS_PORT', 6379),",
+    "      username: env('REDIS_USERNAME'),",
+    "      password: env('REDIS_PASSWORD'),",
+    "      db: env('REDIS_DB', 0),",
+    "    },",
+    "  },",
+    "})",
+    ""
+  ].join("\n");
+}
+async function ensureRedisConfigFile(projectRoot) {
+  const redisConfigPath = await resolveFirstExistingPath(projectRoot, REDIS_CONFIG_FILE_NAMES) ?? resolve2(projectRoot, "config/redis.ts");
+  const redisConfigExists = await pathExists(redisConfigPath);
+  if (!redisConfigExists) {
+    await writeTextFile(redisConfigPath, renderRedisConfig());
+  }
+  return !redisConfigExists;
+}
+function renderNotificationsConfig() {
+  return [
+    "import { defineNotificationsConfig } from '@holo-js/config'",
+    "",
+    "export default defineNotificationsConfig({",
+    "  table: 'notifications',",
+    "  queue: {",
+    "    afterCommit: false,",
+    "  },",
+    "})",
+    ""
+  ].join("\n");
+}
+function renderMailConfig() {
+  return [
+    "import { defineMailConfig, env } from '@holo-js/config'",
+    "",
+    "export default defineMailConfig({",
+    "  default: env('MAIL_MAILER', 'preview'),",
+    "  from: {",
+    "    email: env('MAIL_FROM_ADDRESS', 'hello@app.test'),",
+    "    name: env('MAIL_FROM_NAME', 'Holo App'),",
+    "  },",
+    "  preview: {",
+    "    allowedEnvironments: ['development'],",
+    "  },",
+    "  mailers: {",
+    "    preview: {",
+    "      driver: 'preview',",
+    "    },",
+    "    log: {",
+    "      driver: 'log',",
+    "      logBodies: env('MAIL_LOG_BODIES', false),",
+    "    },",
+    "    fake: {",
+    "      driver: 'fake',",
+    "    },",
+    "    smtp: {",
+    "      driver: 'smtp',",
+    "      host: env('MAIL_HOST', '127.0.0.1'),",
+    "      port: env('MAIL_PORT', 1025),",
+    "      secure: env('MAIL_SECURE', false),",
+    "      user: env('MAIL_USERNAME') || undefined,",
+    "      password: env('MAIL_PASSWORD') || undefined,",
+    "    },",
+    "  },",
+    "})",
+    ""
+  ].join("\n");
+}
+function renderSecurityConfig() {
+  return [
+    `import { defineSecurityConfig, limit } from '@holo-js/security'`,
+    "",
+    "export default defineSecurityConfig({",
+    "  csrf: {",
+    "    enabled: true,",
+    "    field: '_token',",
+    "    header: 'X-CSRF-TOKEN',",
+    "    cookie: 'XSRF-TOKEN',",
+    "    except: [],",
+    "  },",
+    "  rateLimit: {",
+    "    driver: 'file',",
+    "    file: {",
+    "      path: './storage/framework/rate-limits',",
+    "    },",
+    "    redis: {",
+    "      connection: 'default',",
+    "      prefix: 'holo:rate-limit:',",
+    "    },",
+    "    limiters: {",
+    "      login: limit.perMinute(5).define(),",
+    "      register: limit.perHour(10).define(),",
+    "    },",
+    "  },",
+    "})",
+    ""
+  ].join("\n");
+}
+function renderCorsConfig() {
+  return [
+    "import { defineCorsConfig, env } from '@holo-js/config'",
+    "",
+    "export default defineCorsConfig({",
+    "  paths: ['/api/*', '/broadcasting/auth'],",
+    "  origins: [",
+    "    env('FRONTEND_URL', 'http://localhost:3000'),",
+    "  ],",
+    "  methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],",
+    "  headers: ['Content-Type', 'Authorization', 'X-CSRF-TOKEN', 'X-Requested-With'],",
+    "  credentials: true,",
+    "  maxAge: 7200,",
+    "  statefulDomains: [",
+    "    env('FRONTEND_DOMAIN', 'localhost:3000'),",
+    "  ],",
+    "})",
+    ""
+  ].join("\n");
+}
+async function ensureCorsConfigFile(projectRoot) {
+  const corsConfigPath = await resolveFirstExistingPath(projectRoot, CORS_CONFIG_FILE_NAMES) ?? resolve2(projectRoot, "config/cors.ts");
+  const corsConfigExists = await pathExists(corsConfigPath);
+  if (!corsConfigExists) {
+    await writeTextFile(corsConfigPath, renderCorsConfig());
+  }
+  return !corsConfigExists;
+}
+async function ensureRateLimitStorageIgnore(projectRoot) {
+  const rateLimitRoot = resolve2(projectRoot, "storage/framework/rate-limits");
+  const ignorePath = resolve2(rateLimitRoot, ".gitignore");
+  await mkdir(rateLimitRoot, { recursive: true });
+  if (!await pathExists(ignorePath)) {
+    await writeTextFile(ignorePath, "*\n!.gitignore\n");
+    return;
+  }
+  const currentContents = await readTextFile(ignorePath) ?? "";
+  const existingLines = new Set(currentContents.split(/\r?\n/));
+  const missingLines = [
+    "*",
+    "!.gitignore"
+  ].filter((line) => !existingLines.has(line));
+  if (missingLines.length === 0) {
+    return;
+  }
+  await appendFile(
+    ignorePath,
+    `${currentContents.length > 0 && !currentContents.endsWith("\n") ? "\n" : ""}${missingLines.join("\n")}
+`,
+    "utf8"
+  );
+}
+function renderBroadcastConfig(moduleFormat, includeAuthEndpoint, useTypeScriptSyntax) {
+  const renderBroadcastScheme = () => {
+    return useTypeScriptSyntax ? "env('BROADCAST_SCHEME') === 'https' ? 'https' : 'http'" : "(process.env.BROADCAST_SCHEME === 'https' ? 'https' : 'http')";
+  };
+  if (moduleFormat === "cjs") {
+    return [
+      "const { defineBroadcastConfig, env } = require('@holo-js/config')",
+      "",
+      `const broadcastScheme = ${renderBroadcastScheme()}`,
+      "",
+      "module.exports = defineBroadcastConfig({",
+      "  default: env('BROADCAST_CONNECTION', 'holo'),",
+      "  connections: {",
+      "    holo: {",
+      "      driver: 'holo',",
+      "      appId: env('BROADCAST_APP_ID', 'app-id'),",
+      "      key: env('BROADCAST_APP_KEY', 'app-key'),",
+      "      secret: env('BROADCAST_APP_SECRET', 'app-secret'),",
+      "      options: {",
+      "        host: env('BROADCAST_HOST', '127.0.0.1'),",
+      "        port: env('BROADCAST_PORT', 8080),",
+      "        scheme: broadcastScheme,",
+      "        useTLS: broadcastScheme === 'https',",
+      "      },",
+      ...includeAuthEndpoint ? [
+        "      clientOptions: {",
+        "        authEndpoint: `${env('APP_URL', 'http://localhost:3000')}/broadcasting/auth`,",
+        "      },"
+      ] : [],
+      "    },",
+      "    log: {",
+      "      driver: 'log',",
+      "    },",
+      "    null: {",
+      "      driver: 'null',",
+      "    },",
+      "  },",
+      "})",
+      ""
+    ].join("\n");
+  }
+  return [
+    "import { defineBroadcastConfig, env } from '@holo-js/config'",
+    "",
+    `const broadcastScheme = ${renderBroadcastScheme()}`,
+    "",
+    "export default defineBroadcastConfig({",
+    "  default: env('BROADCAST_CONNECTION', 'holo'),",
+    "  connections: {",
+    "    holo: {",
+    "      driver: 'holo',",
+    "      appId: env('BROADCAST_APP_ID', 'app-id'),",
+    "      key: env('BROADCAST_APP_KEY', 'app-key'),",
+    "      secret: env('BROADCAST_APP_SECRET', 'app-secret'),",
+    "      options: {",
+    "        host: env('BROADCAST_HOST', '127.0.0.1'),",
+    "        port: env('BROADCAST_PORT', 8080),",
+    "        scheme: broadcastScheme,",
+    "        useTLS: broadcastScheme === 'https',",
+    "      },",
+    ...includeAuthEndpoint ? [
+      "      clientOptions: {",
+      "        authEndpoint: `${env('APP_URL', 'http://localhost:3000')}/broadcasting/auth`,",
+      "      },"
+    ] : [],
+    "    },",
+    "    log: {",
+    "      driver: 'log',",
+    "    },",
+    "    null: {",
+    "      driver: 'null',",
+    "    },",
+    "  },",
+    "})",
+    ""
+  ].join("\n");
+}
+function stripBroadcastAuthEndpointBlock(value) {
+  return value.replace(
+    /(^|\n)\s*clientOptions:\s*\{\n\s*authEndpoint:\s*.*,\n\s*\},/m,
+    ""
+  );
+}
+function hasUnaliasedEnvSpecifier(specifiers, aliasToken) {
+  return specifiers.split(",").some((specifier) => {
+    const normalized = specifier.trim().replace(/\s+/g, " ");
+    return normalized === "env" || normalized === `env ${aliasToken} env`;
+  });
+}
+function hasHoloConfigEnvBinding(value) {
+  for (const match of value.matchAll(/import\s*\{([^}]+)\}\s*from\s*['"]@holo-js\/config['"]/g)) {
+    const specifiers = match[1];
+    if (specifiers && hasUnaliasedEnvSpecifier(specifiers, "as")) {
+      return true;
+    }
+  }
+  for (const match of value.matchAll(/\{([^}]+)\}\s*=\s*require\(['"]@holo-js\/config['"]\)/g)) {
+    const specifiers = match[1];
+    if (specifiers && hasUnaliasedEnvSpecifier(specifiers, ":")) {
+      return true;
+    }
+  }
+  return false;
+}
+function injectBroadcastAuthEndpoint(value) {
+  if (value.includes("authEndpoint:")) {
+    return value;
+  }
+  const authEndpointExpression = hasHoloConfigEnvBinding(value) ? "`${env('APP_URL', 'http://localhost:3000')}/broadcasting/auth`" : "`${process.env.APP_URL ?? 'http://localhost:3000'}/broadcasting/auth`";
+  const nextValue = value.replace(
+    /(holo:\s*\{[\s\S]*?options:\s*\{[\s\S]*?\n)([ \t]*)\},/m,
+    (_match, prefix, indent) => {
+      return [
+        `${prefix}${indent}},`,
+        `${indent}clientOptions: {`,
+        `${indent}  authEndpoint: ${authEndpointExpression},`,
+        `${indent}},`
+      ].join("\n");
+    }
+  );
+  return nextValue === value ? void 0 : nextValue;
+}
+function canSafelyRewriteBroadcastConfig(currentContents, moduleFormat, useTypeScriptSyntax) {
+  return stripBroadcastAuthEndpointBlock(currentContents) === stripBroadcastAuthEndpointBlock(
+    renderBroadcastConfig(moduleFormat, false, useTypeScriptSyntax)
+  );
+}
+function resolveBroadcastConfigTargetPath(projectRoot, manifestPath, moduleFormat) {
+  const extension = extname(manifestPath);
+  const targetExtension = extension === ".cjs" || extension === ".cts" || extension === ".mjs" || extension === ".mts" ? extension : moduleFormat === "cjs" ? ".cjs" : extension === ".ts" || extension === ".js" ? extension : ".ts";
+  return resolve2(projectRoot, `config/broadcast${targetExtension}`);
+}
+function renderBroadcastEnvFiles() {
+  const env = [
+    "BROADCAST_CONNECTION=holo"
+  ];
+  const example = [
+    "BROADCAST_CONNECTION=holo",
+    "BROADCAST_APP_ID=",
+    "BROADCAST_APP_KEY=",
+    "BROADCAST_APP_SECRET="
+  ];
+  return {
+    env,
+    example
+  };
+}
+async function syncBroadcastAuthSupportAfterAuthInstall(projectRoot) {
+  const { dependencies, devDependencies } = await readPackageJsonDependencyState(projectRoot);
+  const framework = detectProjectFrameworkFromPackageJson(dependencies, devDependencies);
+  const canCreateBroadcastAuthRoute = framework === "next" || framework === "nuxt" || framework === "sveltekit";
+  const authConfigPath = await resolveFirstExistingPath(projectRoot, AUTH_CONFIG_FILE_NAMES);
+  const broadcastConfigPath = await resolveFirstExistingPath(projectRoot, BROADCAST_CONFIG_FILE_NAMES);
+  if (!authConfigPath || !broadcastConfigPath || !canCreateBroadcastAuthRoute) {
+    return {
+      updatedBroadcastConfig: false,
+      createdBroadcastAuthRoute: false
+    };
+  }
+  const currentBroadcastConfig = await readTextFile(broadcastConfigPath);
+  let updatedBroadcastConfig = false;
+  let createdBroadcastAuthRoute = false;
+  if (!currentBroadcastConfig.includes("authEndpoint:")) {
+    const broadcastConfigModuleFormat = resolveConfigModuleFormat(broadcastConfigPath, currentBroadcastConfig);
+    const broadcastConfigIsTypeScript = [".ts", ".mts", ".cts"].includes(extname(broadcastConfigPath));
+    const rewrittenBroadcastConfig = canSafelyRewriteBroadcastConfig(
+      currentBroadcastConfig,
+      broadcastConfigModuleFormat,
+      broadcastConfigIsTypeScript
+    ) ? renderBroadcastConfig(broadcastConfigModuleFormat, true, broadcastConfigIsTypeScript) : injectBroadcastAuthEndpoint(currentBroadcastConfig);
+    if (rewrittenBroadcastConfig) {
+      await writeTextFile(
+        broadcastConfigPath,
+        rewrittenBroadcastConfig
+      );
+      updatedBroadcastConfig = true;
+    }
+  }
+  if (framework === "next") {
+    const authRoutePath = resolve2(projectRoot, "app/broadcasting/auth/route.ts");
+    const holoHelperPath = resolve2(projectRoot, ".holo-js/generated/next/holo.ts");
+    const generatedRoutePath = resolve2(projectRoot, ".holo-js/generated/next/broadcast-auth-route.ts");
+    if (!await pathExists(authRoutePath)) {
+      await writeTextFile(authRoutePath, renderNextBroadcastAuthRoute());
+      createdBroadcastAuthRoute = true;
+    }
+    await writeTextFile(holoHelperPath, renderNextHoloHelper());
+    await writeTextFile(generatedRoutePath, renderNextGeneratedBroadcastAuthRoute());
+    return {
+      updatedBroadcastConfig,
+      createdBroadcastAuthRoute
+    };
+  }
+  if (framework === "sveltekit") {
+    const holoHelperPath = resolve2(projectRoot, ".holo-js/generated/sveltekit/holo.ts");
+    await writeTextFile(holoHelperPath, renderSvelteHoloHelper());
+  }
+  return {
+    updatedBroadcastConfig,
+    createdBroadcastAuthRoute
+  };
+}
+function renderSessionConfig(defaultDatabaseConnection = "default") {
+  return [
+    "import { defineSessionConfig, env } from '@holo-js/config'",
+    "",
+    "const sessionSameSite = env('SESSION_SAME_SITE') === 'strict'",
+    "  ? 'strict'",
+    "  : env('SESSION_SAME_SITE') === 'none'",
+    "    ? 'none'",
+    "    : 'lax'",
+    "",
+    "export default defineSessionConfig({",
+    "  driver: env('SESSION_DRIVER', 'file'),",
+    "  stores: {",
+    "    database: {",
+    "      driver: 'database',",
+    `      connection: env('SESSION_CONNECTION', '${defaultDatabaseConnection}'),`,
+    "      table: 'sessions',",
+    "    },",
+    "    file: {",
+    "      driver: 'file',",
+    "      path: './storage/framework/sessions',",
+    "    },",
+    "  },",
+    "  cookie: {",
+    "    name: env('SESSION_COOKIE', 'holo_session'),",
+    "    path: env('SESSION_PATH', '/'),",
+    "    domain: env('SESSION_DOMAIN'),",
+    "    secure: env('SESSION_SECURE', false),",
+    "    httpOnly: true,",
+    "    sameSite: sessionSameSite,",
+    "  },",
+    "  idleTimeout: env('SESSION_IDLE_TIMEOUT', 120),",
+    "  absoluteLifetime: env('SESSION_LIFETIME', 120),",
+    "  rememberMeLifetime: env('SESSION_REMEMBER_ME_LIFETIME', 43200),",
+    "})",
+    ""
+  ].join("\n");
+}
+function renderAuthConfig(features = {}, moduleFormat = "esm") {
+  const envValue = (name, fallback) => {
+    if (moduleFormat === "cjs") {
+      return typeof fallback === "string" ? `process.env.${name} || ${JSON.stringify(fallback)}` : `process.env.${name}`;
+    }
+    return typeof fallback === "string" ? `env('${name}', ${JSON.stringify(fallback)})` : `env('${name}')`;
+  };
+  const socialEnabled = features.social === true || (features.socialProviders?.length ?? 0) > 0;
+  const socialProviders = features.socialProviders && features.socialProviders.length > 0 ? features.socialProviders : socialEnabled ? ["google"] : [];
+  const lines = [
+    moduleFormat === "cjs" ? "module.exports = {" : "import { defineAuthConfig, env } from '@holo-js/config'",
+    "",
+    ...moduleFormat === "cjs" ? [] : ["export default defineAuthConfig({"],
+    "  defaults: {",
+    "    guard: 'web',",
+    "    passwords: 'users',",
+    "  },",
+    "  guards: {",
+    "    web: {",
+    "      driver: 'session',",
+    "      provider: 'users',",
+    "    },",
+    "    // admin: {",
+    "    //   driver: 'session',",
+    "    //   provider: 'admins',",
+    "    // },",
+    "  },",
+    "  providers: {",
+    "    users: {",
+    "      model: 'User',",
+    "      identifiers: ['email'],",
+    "    },",
+    "    // admins: {",
+    "    //   model: 'Admin',",
+    "    //   identifiers: ['email'],",
+    "    // },",
+    "  },",
+    "  passwords: {",
+    "    users: {",
+    "      provider: 'users',",
+    "      table: 'password_reset_tokens',",
+    "      expire: 60,",
+    "      throttle: 60,",
+    "      route: '/reset-password',",
+    "    },",
+    "  },",
+    "  emailVerification: {",
+    "    required: false,",
+    "    route: '/verify-email',",
+    "  },"
+  ];
+  if (socialProviders.length > 0) {
+    lines.push("  social: {");
+    for (const provider of socialProviders) {
+      const upper = provider.toUpperCase();
+      const defaultScopes = provider === "google" ? ["openid", "email", "profile"] : provider === "github" ? ["read:user", "user:email"] : provider === "discord" ? ["identify", "email"] : provider === "facebook" ? ["email", "public_profile"] : provider === "apple" ? ["name", "email"] : ["openid", "profile", "email"];
+      lines.push(
+        `    ${provider}: {`,
+        `      clientId: ${envValue(`AUTH_${upper}_CLIENT_ID`)},`,
+        `      clientSecret: ${envValue(`AUTH_${upper}_CLIENT_SECRET`)},`,
+        `      redirectUri: ${envValue(`AUTH_${upper}_REDIRECT_URI`)},`,
+        `      scopes: [${defaultScopes.map((scope) => `'${scope}'`).join(", ")}],`,
+        "    },"
+      );
+    }
+    lines.push("  },");
+  }
+  if (features.workos) {
+    lines.push(
+      "  workos: {",
+      `    provider: ${envValue("AUTH_WORKOS_PROVIDER", "dashboard")},`,
+      "    dashboard: {",
+      `      clientId: ${envValue("WORKOS_CLIENT_ID")},`,
+      `      apiKey: ${envValue("WORKOS_API_KEY")},`,
+      `      redirectUri: ${envValue("WORKOS_REDIRECT_URI")},`,
+      "    },",
+      "  },",
+      "  // Add a dedicated guard and provider if WorkOS users should resolve through a different model."
+    );
+  }
+  if (features.clerk) {
+    lines.push(
+      "  clerk: {",
+      `    provider: ${envValue("AUTH_CLERK_PROVIDER", "app")},`,
+      "    app: {",
+      `      publishableKey: ${envValue("CLERK_PUBLISHABLE_KEY")},`,
+      `      secretKey: ${envValue("CLERK_SECRET_KEY")},`,
+      `      apiUrl: ${envValue("CLERK_API_URL")},`,
+      `      frontendApi: ${envValue("CLERK_FRONTEND_API")},`,
+      `      redirectUri: ${envValue("CLERK_REDIRECT_URI")},`,
+      `      sessionCookie: ${envValue("CLERK_SESSION_COOKIE", "__session")},`,
+      "    },",
+      "  },",
+      "  // Add a dedicated guard and provider if Clerk users should resolve through a different model."
+    );
+  }
+  lines.push(moduleFormat === "cjs" ? "}" : "})", "");
+  return lines.join("\n");
+}
+function authFeaturesRequireConfigUpdate(features) {
+  return features.workos === true || features.clerk === true || features.social === true || (features.socialProviders?.length ?? 0) > 0;
+}
+function detectAuthInstallFeaturesFromConfig(contents) {
+  const socialProviders = SUPPORTED_AUTH_SOCIAL_PROVIDERS.filter((provider) => {
+    const pattern = new RegExp(`\\b${provider}\\s*:\\s*\\{`);
+    return pattern.test(contents);
+  });
+  return Object.freeze({
+    ...socialProviders.length > 0 ? { social: true, socialProviders } : {},
+    ...contents.includes("  workos: {") ? { workos: true } : {},
+    ...contents.includes("  clerk: {") ? { clerk: true } : {}
+  });
+}
+function mergeAuthInstallFeatures(current, requested) {
+  const socialProviders = Array.from(/* @__PURE__ */ new Set([
+    ...current.socialProviders ?? [],
+    ...requested.socialProviders ?? []
+  ]));
+  return Object.freeze({
+    ...current.social === true || requested.social === true || socialProviders.length > 0 ? { social: true } : {},
+    ...socialProviders.length > 0 ? { socialProviders } : {},
+    ...current.workos === true || requested.workos === true ? { workos: true } : {},
+    ...current.clerk === true || requested.clerk === true ? { clerk: true } : {}
+  });
+}
+function canSafelyRewriteAuthConfig(currentContents, currentFeatures, moduleFormat) {
+  const stripLegacyCurrentUserEndpoint = (value) => value.replace(
+    /(^|\n)\s*currentUserEndpoint:\s*\{\n\s*path:\s*.*,\n\s*\},/m,
+    ""
+  );
+  return stripLegacyCurrentUserEndpoint(currentContents) === stripLegacyCurrentUserEndpoint(
+    renderAuthConfig(currentFeatures, moduleFormat)
+  );
+}
+function resolveConfigModuleFormat(filePath, contents) {
+  if (filePath?.endsWith(".cjs") || filePath?.endsWith(".cts") || contents.includes("module.exports =")) {
+    return "cjs";
+  }
+  return "esm";
+}
+function mergeInstalledAuthFeatures(current, requested) {
+  return mergeAuthInstallFeatures(current, requested);
+}
+// src/project/scaffold/framework.ts
+import { mkdir as mkdir2, readdir, writeFile } from "fs/promises";
+import { dirname, resolve as resolve3 } from "path";
+import {
+  normalizeHoloProjectConfig,
+  renderGeneratedSchemaPlaceholder
+} from "@holo-js/db";
+// src/project/scaffold/project-renderers.ts
+import {
+  createMigrationFileName
+} from "@holo-js/db";
+// src/project/scaffold/types.ts
+var AUTH_MIGRATION_SLUGS = [
+  "create_users",
+  "create_sessions",
+  "create_auth_identities",
+  "create_personal_access_tokens",
+  "create_password_reset_tokens",
+  "create_email_verification_tokens"
+];
+// src/project/scaffold/project-renderers.ts
+function renderAuthEnvFiles(features = {}, defaultDatabaseConnection = "default") {
+  const socialEnabled = features.social === true || (features.socialProviders?.length ?? 0) > 0;
+  const socialProviders = features.socialProviders && features.socialProviders.length > 0 ? features.socialProviders : socialEnabled ? ["google"] : [];
+  const env = [
+    "AUTH_EMAIL_VERIFICATION_ROUTE=/verify-email",
+    "AUTH_PASSWORD_RESET_ROUTE=/reset-password",
+    "FRONTEND_URL=",
+    "FRONTEND_DOMAIN=",
+    "SESSION_DRIVER=file",
+    `SESSION_CONNECTION=${defaultDatabaseConnection}`,
+    "SESSION_COOKIE=holo_session",
+    "SESSION_PATH=/",
+    "SESSION_DOMAIN=",
+    "SESSION_SECURE=false",
+    "SESSION_SAME_SITE=lax",
+    "SESSION_IDLE_TIMEOUT=120",
+    "SESSION_LIFETIME=120",
+    "SESSION_REMEMBER_ME_LIFETIME=43200"
+  ];
+  for (const provider of socialProviders) {
+    const upper = provider.toUpperCase();
+    env.push(
+      `AUTH_${upper}_CLIENT_ID=`,
+      `AUTH_${upper}_CLIENT_SECRET=`,
+      `AUTH_${upper}_REDIRECT_URI=`
+    );
+  }
+  if (features.workos) {
+    env.push(
+      "AUTH_WORKOS_PROVIDER=dashboard",
+      "WORKOS_CLIENT_ID=",
+      "WORKOS_API_KEY=",
+      "WORKOS_REDIRECT_URI="
+    );
+  }
+  if (features.clerk) {
+    env.push(
+      "CLERK_PUBLISHABLE_KEY=",
+      "CLERK_SECRET_KEY=",
+      "CLERK_API_URL=",
+      "CLERK_FRONTEND_API=",
+      "CLERK_REDIRECT_URI=",
+      "CLERK_SESSION_COOKIE=__session"
+    );
+  }
+  return {
+    env,
+    example: env.map((line) => `${line.split("=")[0]}=`)
+  };
+}
+function renderAuthUserModel(_generatedSchemaImportPath = "../../.holo-js/generated/schema.generated") {
+  return [
+    "import { defineModel } from '@holo-js/db'",
+    "",
+    "export default defineModel('users', {",
+    "  fillable: ['name', 'email', 'password', 'avatar'],",
+    "  hidden: ['password'],",
+    "})",
+    ""
+  ].join("\n");
+}
+function renderAuthEmailVerificationNotification() {
+  return [
+    "import { defineNotification } from '@holo-js/notifications'",
+    "",
+    "interface EmailVerificationNotification {",
+    "  readonly email: string",
+    "  readonly name?: string",
+    "  readonly url: string",
+    "  readonly expiresAt: Date",
+    "}",
+    "",
+    "export default defineNotification({",
+    "  type: 'auth.email-verification',",
+    "  via() {",
+    "    return ['email']",
+    "  },",
+    "  build: {",
+    "    email(data: EmailVerificationNotification) {",
+    "      return {",
+    "        subject: 'Verify your email address',",
+    "        greeting: data.name ? `Hello ${data.name},` : undefined,",
+    "        lines: [",
+    "          'Confirm your account to finish signing in.',",
+    "          `This verification link expires at ${data.expiresAt.toUTCString()}.`,",
+    "        ],",
+    "        action: {",
+    "          label: 'Verify email address',",
+    "          url: data.url,",
+    "        },",
+    "      }",
+    "    },",
+    "  },",
+    "})",
+    ""
+  ].join("\n");
+}
+function renderAuthPasswordResetNotification() {
+  return [
+    "import { defineNotification } from '@holo-js/notifications'",
+    "",
+    "interface PasswordResetNotification {",
+    "  readonly email: string",
+    "  readonly url: string",
+    "  readonly expiresAt: Date",
+    "}",
+    "",
+    "export default defineNotification({",
+    "  type: 'auth.password-reset',",
+    "  via() {",
+    "    return ['email']",
+    "  },",
+    "  build: {",
+    "    email(data: PasswordResetNotification) {",
+    "      return {",
+    "        subject: 'Reset your password',",
+    "        lines: [",
+    "          'Click the link below to choose a new password.',",
+    "          `This reset link expires at ${data.expiresAt.toUTCString()}.`,",
+    "        ],",
+    "        action: {",
+    "          label: 'Reset password',",
+    "          url: data.url,",
+    "        },",
+    "      }",
+    "    },",
+    "  },",
+    "})",
+    ""
+  ].join("\n");
+}
+function renderAuthorizationPoliciesReadme() {
+  return [
+    "# Authorization Policies",
+    "",
+    "Place policy files in this directory.",
+    "Export `definePolicy(...)` definitions from `@holo-js/authorization`.",
+    ""
+  ].join("\n");
+}
+function renderAuthorizationAbilitiesReadme() {
+  return [
+    "# Authorization Abilities",
+    "",
+    "Place ability files in this directory.",
+    "Export `defineAbility(...)` definitions from `@holo-js/authorization`.",
+    ""
+  ].join("\n");
+}
+function resolveAuthUserModelSchemaImportPath(userModelPath, generatedSchemaPath) {
+  return relativeImportPath(userModelPath, generatedSchemaPath);
+}
+function renderAuthMigration(slug) {
+  switch (slug) {
+    case "create_users":
+      return [
+        "import { defineMigration, type MigrationContext } from '@holo-js/db'",
+        "",
+        "export default defineMigration({",
+        "  async up({ schema }: MigrationContext) {",
+        "    await schema.createTable('users', (table) => {",
+        "      table.id()",
+        "      table.string('name')",
+        "      table.string('email').unique()",
+        "      table.string('password').nullable()",
+        "      table.string('avatar').nullable()",
+        "      table.timestamp('email_verified_at').nullable()",
+        "      table.timestamps()",
+        "    })",
+        "  },",
+        "  async down({ schema }: MigrationContext) {",
+        "    await schema.dropTable('users')",
+        "  },",
+        "})",
+        ""
+      ].join("\n");
+    case "create_sessions":
+      return [
+        "import { defineMigration, type MigrationContext } from '@holo-js/db'",
+        "",
+        "export default defineMigration({",
+        "  async up({ schema }: MigrationContext) {",
+        "    await schema.createTable('sessions', (table) => {",
+        "      table.string('id').primaryKey()",
+        "      table.string('store').default('database')",
+        "      table.json('data')",
+        "      table.timestamp('created_at')",
+        "      table.timestamp('last_activity_at')",
+        "      table.timestamp('expires_at')",
+        "      table.timestamp('invalidated_at').nullable()",
+        "      table.string('remember_token_hash').nullable()",
+        "      table.index(['expires_at'])",
+        "    })",
+        "  },",
+        "  async down({ schema }: MigrationContext) {",
+        "    await schema.dropTable('sessions')",
+        "  },",
+        "})",
+        ""
+      ].join("\n");
+    case "create_auth_identities":
+      return [
+        "import { defineMigration, type MigrationContext } from '@holo-js/db'",
+        "",
+        "export default defineMigration({",
+        "  async up({ schema }: MigrationContext) {",
+        "    await schema.createTable('auth_identities', (table) => {",
+        "      table.id()",
+        "      table.string('user_id')",
+        "      table.string('guard').default('web')",
+        "      table.string('auth_provider').default('users')",
+        "      table.string('provider')",
+        "      table.string('provider_user_id')",
+        "      table.string('email').nullable()",
+        "      table.boolean('email_verified').default(false)",
+        "      table.json('profile')",
+        "      table.json('tokens')",
+        "      table.timestamps()",
+        "      table.index(['user_id'])",
+        "      table.unique(['provider', 'provider_user_id'], 'auth_identities_provider_user_unique')",
+        "    })",
+        "  },",
+        "  async down({ schema }: MigrationContext) {",
+        "    await schema.dropTable('auth_identities')",
+        "  },",
+        "})",
+        ""
+      ].join("\n");
+    case "create_personal_access_tokens":
+      return [
+        "import { defineMigration, type MigrationContext } from '@holo-js/db'",
+        "",
+        "export default defineMigration({",
+        "  async up({ schema }: MigrationContext) {",
+        "    await schema.createTable('personal_access_tokens', (table) => {",
+        "      table.uuid('id').primaryKey()",
+        "      table.string('provider').default('users')",
+        "      table.string('user_id')",
+        "      table.string('name')",
+        "      table.string('token_hash').unique()",
+        "      table.json('abilities')",
+        "      table.timestamp('last_used_at').nullable()",
+        "      table.timestamp('expires_at').nullable()",
+        "      table.timestamps()",
+        "      table.index(['provider'])",
+        "      table.index(['user_id'])",
+        "    })",
+        "  },",
+        "  async down({ schema }: MigrationContext) {",
+        "    await schema.dropTable('personal_access_tokens')",
+        "  },",
+        "})",
+        ""
+      ].join("\n");
+    case "create_password_reset_tokens":
+      return [
+        "import { defineMigration, type MigrationContext } from '@holo-js/db'",
+        "",
+        "export default defineMigration({",
+        "  async up({ schema }: MigrationContext) {",
+        "    await schema.createTable('password_reset_tokens', (table) => {",
+        "      table.uuid('id').primaryKey()",
+        "      table.string('provider').default('users')",
+        "      table.string('email')",
+        "      table.string('token_hash')",
+        "      table.timestamp('expires_at')",
+        "      table.timestamp('used_at').nullable()",
+        "      table.timestamps()",
+        "      table.index(['provider'])",
+        "      table.index(['email'])",
+        "    })",
+        "  },",
+        "  async down({ schema }: MigrationContext) {",
+        "    await schema.dropTable('password_reset_tokens')",
+        "  },",
+        "})",
+        ""
+      ].join("\n");
+    case "create_email_verification_tokens":
+      return [
+        "import { defineMigration, type MigrationContext } from '@holo-js/db'",
+        "",
+        "export default defineMigration({",
+        "  async up({ schema }: MigrationContext) {",
+        "    await schema.createTable('email_verification_tokens', (table) => {",
+        "      table.uuid('id').primaryKey()",
+        "      table.string('provider').default('users')",
+        "      table.string('user_id')",
+        "      table.string('email')",
+        "      table.string('token_hash')",
+        "      table.timestamp('expires_at')",
+        "      table.timestamp('used_at').nullable()",
+        "      table.timestamps()",
+        "      table.index(['provider'])",
+        "      table.index(['user_id'])",
+        "      table.index(['email'])",
+        "    })",
+        "  },",
+        "  async down({ schema }: MigrationContext) {",
+        "    await schema.dropTable('email_verification_tokens')",
+        "  },",
+        "})",
+        ""
+      ].join("\n");
+  }
+}
+function createAuthMigrationFiles(date = /* @__PURE__ */ new Date()) {
+  return AUTH_MIGRATION_SLUGS.map((slug, index) => ({
+    path: createMigrationFileName(slug, new Date(date.getTime() + index * 1e3)),
+    contents: renderAuthMigration(slug)
+  }));
+}
+function renderNotificationsMigration() {
+  return [
+    "import { defineMigration, type MigrationContext } from '@holo-js/db'",
+    "",
+    "export default defineMigration({",
+    "  async up({ schema }: MigrationContext) {",
+    "    await schema.createTable('notifications', (table) => {",
+    "      table.string('id').primaryKey()",
+    "      table.string('type').nullable()",
+    "      table.string('notifiable_type')",
+    "      table.string('notifiable_id')",
+    "      table.json('data')",
+    "      table.timestamp('read_at').nullable()",
+    "      table.timestamp('created_at')",
+    "      table.timestamp('updated_at')",
+    "      table.index(['notifiable_type', 'notifiable_id'])",
+    "      table.index(['read_at'])",
+    "    })",
+    "  },",
+    "  async down({ schema }: MigrationContext) {",
+    "    await schema.dropTable('notifications')",
+    "  },",
+    "})",
+    ""
+  ].join("\n");
+}
+function createNotificationsMigrationFiles(date = /* @__PURE__ */ new Date()) {
+  return [{
+    path: createMigrationFileName("create_notifications", date),
+    contents: renderNotificationsMigration()
+  }];
+}
+function resolveFrameworkDefaultUrl(framework) {
+  return framework === "sveltekit" ? "http://localhost:5173" : "http://localhost:3000";
+}
+function renderScaffoldAppConfig(projectName, framework) {
+  const defaultUrl = resolveFrameworkDefaultUrl(framework);
+  return [
+    "import { defineAppConfig, env } from '@holo-js/config'",
+    "",
+    "const appEnv = env('APP_ENV') === 'production'",
+    "  ? 'production'",
+    "  : env('APP_ENV') === 'test'",
+    "    ? 'test'",
+    "    : 'development'",
+    "",
+    "export default defineAppConfig({",
+    `  name: env('APP_NAME', ${JSON.stringify(projectName)}),`,
+    "  key: env('APP_KEY'),",
+    `  url: env('APP_URL', '${defaultUrl}'),`,
+    "  env: appEnv,",
+    "  debug: env('APP_DEBUG', true),",
+    "  paths: {",
+    "    models: 'server/models',",
+    "    migrations: 'server/db/migrations',",
+    "    seeders: 'server/db/seeders',",
+    "    commands: 'server/commands',",
+    "    jobs: 'server/jobs',",
+    "    events: 'server/events',",
+    "    listeners: 'server/listeners',",
+    "    generatedSchema: '.holo-js/generated/schema.generated.ts',",
+    "  },",
+    "})",
+    ""
+  ].join("\n");
+}
+function renderScaffoldDatabaseConfig(options) {
+  const packageName = sanitizePackageName(options.projectName) || "holo-app";
+  if (options.databaseDriver === "sqlite") {
+    return [
+      "import { defineDatabaseConfig, env } from '@holo-js/config'",
+      "",
+      "export default defineDatabaseConfig({",
+      "  defaultConnection: 'main',",
+      "  connections: {",
+      "    main: {",
+      "      driver: 'sqlite',",
+      "      url: env('DB_URL', './storage/database.sqlite'),",
+      "    },",
+      "  },",
+      "})",
+      ""
+    ].join("\n");
+  }
+  const port = options.databaseDriver === "mysql" ? "3306" : "5432";
+  const username = options.databaseDriver === "mysql" ? "root" : "postgres";
+  const schemaLine = options.databaseDriver === "postgres" ? "      schema: env('DB_SCHEMA', 'public')," : void 0;
+  return [
+    "import { defineDatabaseConfig, env } from '@holo-js/config'",
+    "",
+    "export default defineDatabaseConfig({",
+    "  defaultConnection: 'main',",
+    "  connections: {",
+    "    main: {",
+    `      driver: '${options.databaseDriver}',`,
+    "      host: env('DB_HOST', '127.0.0.1'),",
+    `      port: env('DB_PORT', '${port}'),`,
+    `      username: env('DB_USERNAME', '${username}'),`,
+    "      password: env('DB_PASSWORD'),",
+    `      database: env('DB_DATABASE', '${packageName}'),`,
+    ...schemaLine ? [schemaLine] : [],
+    "    },",
+    "  },",
+    "})",
+    ""
+  ].join("\n");
+}
+function resolveDefaultDatabaseUrl(driver) {
+  if (driver === "sqlite") {
+    return "./storage/database.sqlite";
+  }
+  return void 0;
+}
+function renderScaffoldEnvFiles(options) {
+  const defaultDatabaseConnection = "main";
+  const defaultUrl = resolveFrameworkDefaultUrl(options.framework);
+  const optionalPackageNames = normalizeScaffoldOptionalPackages(options.optionalPackages);
+  const baseLines = [
+    "APP_NAME=",
+    "APP_KEY=",
+    `APP_URL=${defaultUrl}`,
+    "APP_ENV=development",
+    "APP_DEBUG=true",
+    `DB_DRIVER=${options.databaseDriver}`
+  ];
+  const driverLines = options.databaseDriver === "sqlite" ? [
+    `DB_URL=${resolveDefaultDatabaseUrl(options.databaseDriver)}`
+  ] : [
+    "DB_HOST=127.0.0.1",
+    `DB_PORT=${options.databaseDriver === "mysql" ? "3306" : "5432"}`,
+    `DB_USERNAME=${options.databaseDriver === "mysql" ? "root" : "postgres"}`,
+    "DB_PASSWORD=",
+    `DB_DATABASE=${sanitizePackageName(options.projectName) || "holo_app"}`,
+    ...options.databaseDriver === "postgres" ? ["DB_SCHEMA=public"] : []
+  ];
+  const storageLines = optionalPackageNames.includes("storage") ? [
+    `STORAGE_DEFAULT_DISK=${options.storageDefaultDisk}`,
+    "STORAGE_ROUTE_PREFIX=/storage"
+  ] : [];
+  const authLines = optionalPackageNames.includes("auth") ? [...renderAuthEnvFiles({}, defaultDatabaseConnection).env] : [];
+  const cacheLines = optionalPackageNames.includes("cache") ? [...renderCacheEnvFiles("file").env] : [];
+  const mailLines = optionalPackageNames.includes("mail") ? [...renderMailEnvFiles().env] : [];
+  const mailExampleLines = optionalPackageNames.includes("mail") ? [...renderMailEnvFiles().example] : [];
+  const envGroups = [
+    baseLines,
+    driverLines,
+    storageLines,
+    authLines,
+    cacheLines,
+    mailLines
+  ];
+  const exampleGroups = [
+    baseLines.map(renderEnvExampleLine),
+    driverLines.map(renderEnvExampleLine),
+    storageLines.map(renderEnvExampleLine),
+    authLines.map(renderEnvExampleLine),
+    cacheLines.map(renderEnvExampleLine),
+    mailExampleLines.map(renderEnvExampleLine)
+  ];
+  const env = renderEnvGroups(envGroups);
+  const example = [
+    "# Copy this file to .env and fill in your local values.",
+    "# Supported layered env files: .env.local, .env.development, .env.production, .env.prod, .env.test",
+    renderEnvGroups(exampleGroups).trimEnd(),
+    ""
+  ].join("\n");
+  return { env, example };
+}
+function renderEnvGroups(groups) {
+  return `${groups.filter((group) => group.length > 0).map((group) => group.join("\n")).join("\n\n")}
+`;
+}
+function renderEnvExampleLine(line) {
+  const [key] = line.split("=");
+  return `${key ?? line}=`;
+}
+function renderMailEnvFiles() {
+  return {
+    env: [
+      "MAIL_MAILER=preview",
+      "MAIL_FROM_ADDRESS=hello@app.test",
+      "MAIL_FROM_NAME=Holo App",
+      "MAIL_LOG_BODIES=false",
+      "MAIL_HOST=127.0.0.1",
+      "MAIL_PORT=1025",
+      "MAIL_SECURE=false",
+      "MAIL_USERNAME=",
+      "MAIL_PASSWORD="
+    ],
+    example: [
+      "MAIL_MAILER=",
+      "MAIL_FROM_ADDRESS=",
+      "MAIL_FROM_NAME=",
+      "MAIL_LOG_BODIES=",
+      "MAIL_HOST=",
+      "MAIL_PORT=",
+      "MAIL_SECURE=",
+      "MAIL_USERNAME=",
+      "MAIL_PASSWORD="
+    ]
+  };
+}
+function renderRedisConnectionEnvFiles() {
+  return {
+    env: [
+      "REDIS_URL=",
+      "REDIS_HOST=127.0.0.1",
+      "REDIS_PORT=6379",
+      "REDIS_USERNAME=",
+      "REDIS_PASSWORD=",
+      "REDIS_DB=0"
+    ],
+    example: [
+      "REDIS_URL=",
+      "REDIS_HOST=",
+      "REDIS_PORT=",
+      "REDIS_USERNAME=",
+      "REDIS_PASSWORD=",
+      "REDIS_DB="
+    ]
+  };
+}
+function renderQueueEnvFiles(driver) {
+  if (driver !== "redis") {
+    return {
+      env: [],
+      example: []
+    };
+  }
+  return renderRedisConnectionEnvFiles();
+}
+function renderCacheEnvFiles(driver) {
+  if (driver === "redis") {
+    const redis = renderRedisConnectionEnvFiles();
+    return {
+      env: [
+        "CACHE_PREFIX=",
+        ...redis.env
+      ],
+      example: [
+        "CACHE_PREFIX=",
+        ...redis.example
+      ]
+    };
+  }
+  return {
+    env: [
+      "CACHE_PREFIX="
+    ],
+    example: [
+      "CACHE_PREFIX="
+    ]
+  };
+}
+function parseEnvKey(line) {
+  const trimmed = line.trim();
+  if (!trimmed || trimmed.startsWith("#")) {
+    return void 0;
+  }
+  const normalized = trimmed.startsWith("export ") ? trimmed.slice(7).trim() : trimmed;
+  const separatorIndex = normalized.indexOf("=");
+  if (separatorIndex <= 0) {
+    return void 0;
+  }
+  return normalized.slice(0, separatorIndex).trim();
+}
+function renderEnvFileContents(segments) {
+  const normalized = segments.map((segment) => segment.replace(/\n+$/, "")).filter((segment) => segment.length > 0);
+  return normalized.length > 0 ? `${normalized.join("\n")}
+` : "";
+}
+function normalizeScaffoldEnvSegments(segments) {
+  return segments.split("\n").map((segment) => segment.trim()).filter((segment) => segment.length > 0);
+}
+function upsertEnvContents(existingContents, additions) {
+  if (additions.length === 0) {
+    return {
+      contents: existingContents,
+      changed: false
+    };
+  }
+  const nextLines = existingContents ? existingContents.replace(/\r\n/g, "\n").split("\n") : [];
+  const existingKeys = new Set(nextLines.map(parseEnvKey).filter((value) => typeof value === "string"));
+  const additionKeys = /* @__PURE__ */ new Set();
+  const missingLines = additions.flatMap((line) => {
+    const normalizedLine = line.trim();
+    if (normalizedLine.length === 0 || normalizedLine.startsWith("#")) {
+      return [];
+    }
+    const key = parseEnvKey(normalizedLine);
+    if (!key || additionKeys.has(key) || existingKeys.has(key)) {
+      return [];
+    }
+    additionKeys.add(key);
+    return [normalizedLine];
+  });
+  if (missingLines.length === 0) {
+    return {
+      contents: existingContents,
+      changed: false
+    };
+  }
+  if (nextLines.length > 0 && nextLines[nextLines.length - 1]?.trim() !== "") {
+    nextLines.push("");
+  }
+  nextLines.push(...missingLines);
+  return {
+    contents: `${nextLines.join("\n").replace(/\n*$/, "")}
+`,
+    changed: true
+  };
+}
+// src/project/scaffold/workspace-renderers.ts
+function renderScaffoldGitignore() {
+  return [
+    "# Dependencies",
+    "node_modules",
+    "",
+    "# Environment",
+    ".env",
+    ".env.local",
+    ".env.development",
+    ".env.production",
+    ".env.prod",
+    ".env.test",
+    ".env.*.local",
+    "",
+    "# Holo",
+    ".holo-js/generated",
+    ".holo-js/runtime",
+    ".holo-cli",
+    "",
+    "# Nuxt",
+    ".nuxt",
+    ".output",
+    ".nitro",
+    ".data",
+    ".netlify",
+    ".vercel",
+    "",
+    "# Next.js",
+    ".next",
+    "out",
+    "next-env.d.ts",
+    "",
+    "# SvelteKit",
+    ".svelte-kit",
+    "build",
+    "",
+    "# Build / Misc",
+    "dist",
+    "coverage",
+    "*.log",
+    "*.tsbuildinfo",
+    "",
+    "# Database",
+    "*.db",
+    "*.sqlite",
+    "*.sqlite3",
+    "*.sqlite-wal",
+    "*.sqlite-shm",
+    "",
+    "# Storage",
+    "storage",
+    "",
+    "# OS",
+    ".DS_Store",
+    "Thumbs.db",
+    ""
+  ].join("\n");
+}
+function renderScaffoldTsconfig(options) {
+  if (options.framework === "nuxt") {
+    return `${JSON.stringify({
+      extends: "./.nuxt/tsconfig.json"
+    }, null, 2)}
+`;
+  }
+  if (options.framework === "sveltekit") {
+    return `${JSON.stringify({
+      extends: "./.svelte-kit/tsconfig.json",
+      compilerOptions: {
+        strict: true,
+        noEmit: true,
+        skipLibCheck: true
+      },
+      include: [
+        "src/**/*.ts",
+        "src/**/*.svelte",
+        "server/**/*.ts",
+        "config/**/*.ts",
+        ".holo-js/generated/**/*.ts",
+        ".holo-js/generated/**/*.d.ts",
+        "vite.config.ts"
+      ]
+    }, null, 2)}
+`;
+  }
+  const include = ["next-env.d.ts", "app/**/*.ts", "app/**/*.tsx", "server/**/*.ts", "config/**/*.ts", ".holo-js/generated/**/*.ts", ".holo-js/generated/**/*.d.ts"];
+  return `${JSON.stringify({
+    compilerOptions: {
+      target: "ES2022",
+      module: "ESNext",
+      moduleResolution: "Bundler",
+      strict: true,
+      noEmit: true,
+      skipLibCheck: true,
+      baseUrl: ".",
+      jsx: "preserve",
+      paths: {
+        "~/*": ["./*"],
+        "@/*": ["./*"]
+      }
+    },
+    include
+  }, null, 2)}
+`;
+}
+function renderVSCodeSettings(options) {
+  if (options.framework !== "nuxt" && options.framework !== "sveltekit") {
+    return void 0;
+  }
+  const settings = {
+    "typescript.tsdk": "node_modules/typescript/lib",
+    "typescript.enablePromptUseWorkspaceTsdk": true
+  };
+  if (options.framework === "nuxt") {
+    settings["vue.server.hybridMode"] = true;
+  }
+  return `${JSON.stringify(settings, null, 2)}
+`;
+}
+// src/project/scaffold/framework.ts
+function resolvePackageManagerVersion(value) {
+  return SCAFFOLD_PACKAGE_MANAGER_VERSIONS[value];
+}
+function renderScaffoldPackageJson(options) {
+  const packageName = sanitizePackageName(options.projectName) || "holo-app";
+  const optionalPackages = normalizeScaffoldOptionalPackages(options.optionalPackages);
+  const dependencies = {
+    "@holo-js/cli": `^${HOLO_PACKAGE_VERSION}`,
+    "@holo-js/config": `^${HOLO_PACKAGE_VERSION}`,
+    "@holo-js/core": `^${HOLO_PACKAGE_VERSION}`,
+    "@holo-js/db": `^${HOLO_PACKAGE_VERSION}`,
+    [DB_DRIVER_PACKAGE_NAMES[options.databaseDriver]]: `^${HOLO_PACKAGE_VERSION}`,
+    esbuild: ESBUILD_PACKAGE_VERSION
+  };
+  const devDependencies = {
+    typescript: SCAFFOLD_BASE_DEV_DEPENDENCY_VERSIONS.typescript,
+    "@types/node": SCAFFOLD_BASE_DEV_DEPENDENCY_VERSIONS["@types/node"],
+    eslint: SCAFFOLD_BASE_DEV_DEPENDENCY_VERSIONS.eslint
+  };
+  if (options.framework === "nuxt") {
+    dependencies.nuxt = SCAFFOLD_FRAMEWORK_VERSIONS.nuxt;
+    dependencies.vue = SCAFFOLD_NUXT_DEPENDENCY_VERSIONS.vue;
+    dependencies["vue-router"] = SCAFFOLD_NUXT_DEPENDENCY_VERSIONS["vue-router"];
+    dependencies["@holo-js/adapter-nuxt"] = SCAFFOLD_FRAMEWORK_ADAPTER_VERSIONS.nuxt;
+    devDependencies["vue-tsc"] = SCAFFOLD_NUXT_DEPENDENCY_VERSIONS["vue-tsc"];
+  }
+  if (options.framework === "next") {
+    dependencies.next = SCAFFOLD_FRAMEWORK_VERSIONS.next;
+    dependencies.react = SCAFFOLD_NEXT_REACT_VERSIONS.react;
+    dependencies["react-dom"] = SCAFFOLD_NEXT_REACT_VERSIONS["react-dom"];
+    dependencies["@holo-js/adapter-next"] = SCAFFOLD_FRAMEWORK_ADAPTER_VERSIONS.next;
+    devDependencies["@types/react"] = SCAFFOLD_NEXT_REACT_VERSIONS["@types/react"];
+    devDependencies["@types/react-dom"] = SCAFFOLD_NEXT_REACT_VERSIONS["@types/react-dom"];
+  }
+  if (options.framework === "sveltekit") {
+    dependencies["@holo-js/adapter-sveltekit"] = SCAFFOLD_FRAMEWORK_ADAPTER_VERSIONS.sveltekit;
+    dependencies["@sveltejs/adapter-node"] = SCAFFOLD_SVELTEKIT_DEPENDENCY_VERSIONS["@sveltejs/adapter-node"];
+    dependencies["@sveltejs/kit"] = SCAFFOLD_FRAMEWORK_VERSIONS.sveltekit;
+    dependencies["@sveltejs/vite-plugin-svelte"] = SCAFFOLD_SVELTEKIT_DEPENDENCY_VERSIONS["@sveltejs/vite-plugin-svelte"];
+    dependencies.svelte = SCAFFOLD_SVELTEKIT_DEPENDENCY_VERSIONS.svelte;
+    dependencies.vite = SCAFFOLD_SVELTEKIT_DEPENDENCY_VERSIONS.vite;
+    devDependencies["svelte-check"] = SCAFFOLD_SVELTEKIT_DEPENDENCY_VERSIONS["svelte-check"];
+  }
+  if (optionalPackages.includes("storage")) {
+    dependencies["@holo-js/storage"] = SCAFFOLD_FRAMEWORK_RUNTIME_VERSIONS[options.framework]["@holo-js/storage"];
+  }
+  if (optionalPackages.includes("events")) {
+    dependencies["@holo-js/events"] = `^${HOLO_PACKAGE_VERSION}`;
+    dependencies["@holo-js/queue"] = `^${HOLO_PACKAGE_VERSION}`;
+  }
+  if (optionalPackages.includes("queue")) {
+    dependencies["@holo-js/queue"] = `^${HOLO_PACKAGE_VERSION}`;
+  }
+  if (optionalPackages.includes("validation")) {
+    dependencies["@holo-js/validation"] = `^${HOLO_PACKAGE_VERSION}`;
+  }
+  if (optionalPackages.includes("forms")) {
+    dependencies["@holo-js/forms"] = `^${HOLO_PACKAGE_VERSION}`;
+  }
+  if (optionalPackages.includes("auth")) {
+    dependencies["@holo-js/auth"] = `^${HOLO_PACKAGE_VERSION}`;
+    dependencies["@holo-js/session"] = `^${HOLO_PACKAGE_VERSION}`;
+    dependencies["@holo-js/security"] = `^${HOLO_PACKAGE_VERSION}`;
+  }
+  if (optionalPackages.includes("authorization")) {
+    dependencies["@holo-js/authorization"] = `^${HOLO_PACKAGE_VERSION}`;
+  }
+  if (optionalPackages.includes("notifications")) {
+    dependencies["@holo-js/notifications"] = `^${HOLO_PACKAGE_VERSION}`;
+  }
+  if (optionalPackages.includes("mail")) {
+    dependencies["@holo-js/mail"] = `^${HOLO_PACKAGE_VERSION}`;
+  }
+  if (optionalPackages.includes("broadcast") || optionalPackages.includes("realtime")) {
+    dependencies["@holo-js/broadcast"] = `^${HOLO_PACKAGE_VERSION}`;
+    dependencies["@holo-js/flux"] = `^${HOLO_PACKAGE_VERSION}`;
+    if (options.framework === "next") {
+      dependencies["@holo-js/flux-react"] = `^${HOLO_PACKAGE_VERSION}`;
+    } else if (options.framework === "nuxt") {
+      dependencies["@holo-js/flux-vue"] = `^${HOLO_PACKAGE_VERSION}`;
+    } else if (options.framework === "sveltekit") {
+      dependencies["@holo-js/flux-svelte"] = `^${HOLO_PACKAGE_VERSION}`;
+    }
+  }
+  if (optionalPackages.includes("realtime")) {
+    dependencies["@holo-js/realtime"] = `^${HOLO_PACKAGE_VERSION}`;
+  }
+  if (optionalPackages.includes("security")) {
+    dependencies["@holo-js/security"] = `^${HOLO_PACKAGE_VERSION}`;
+  }
+  if (optionalPackages.includes("cache")) {
+    dependencies["@holo-js/cache"] = `^${HOLO_PACKAGE_VERSION}`;
+  }
+  return `${JSON.stringify({
+    name: packageName,
+    private: true,
+    type: "module",
+    packageManager: resolvePackageManagerVersion(options.packageManager),
+    scripts: {
+      ...options.framework === "nuxt" ? { postinstall: "nuxt prepare" } : {},
+      prepare: "holo key:generate && holo prepare",
+      dev: "holo dev",
+      build: "holo build",
+      start: "holo start",
+      lint: options.framework === "nuxt" ? "eslint app config server shared tests *.d.ts --fix --no-warn-ignored --no-error-on-unmatched-pattern" : options.framework === "next" ? "eslint app config server tests --fix --no-warn-ignored --no-error-on-unmatched-pattern" : "eslint src config server tests --fix --no-warn-ignored --no-error-on-unmatched-pattern",
+      typecheck: options.framework === "nuxt" ? "nuxt typecheck" : options.framework === "next" ? "tsc -p tsconfig.json --noEmit" : "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
+      ["config:cache"]: "holo config:cache",
+      ["config:clear"]: "holo config:clear",
+      ["holo:dev"]: "node ./.holo-js/framework/run.mjs dev",
+      ["holo:build"]: "node ./.holo-js/framework/run.mjs build",
+      ["holo:start"]: "node ./.holo-js/framework/run.mjs start"
+    },
+    dependencies,
+    devDependencies
+  }, null, 2)}
+`;
+}
+function appendScaffoldEnvGroup(contents, group) {
+  const normalizedGroup = group?.map((line) => line.trim()).filter((line) => line.length > 0) ?? [];
+  if (normalizedGroup.length === 0) {
+    return contents;
+  }
+  const normalizedContents = contents.trimEnd();
+  if (normalizedContents.length === 0) {
+    return `${normalizedGroup.join("\n")}
+`;
+  }
+  return `${normalizedContents}
+${normalizedGroup.join("\n")}
+`;
+}
+async function scaffoldProject(projectRoot, options) {
+  const existingEntries = await readdir(projectRoot).catch(() => []);
+  if (existingEntries.length > 0) {
+    throw new Error(`Refusing to scaffold into a non-empty directory: ${projectRoot}`);
+  }
+  const { env, example } = renderScaffoldEnvFiles(options);
+  const config = normalizeHoloProjectConfig();
+  const generatedSchemaPath = resolveGeneratedSchemaPath(projectRoot, config);
+  const optionalPackages = normalizeScaffoldOptionalPackages(options.optionalPackages);
+  const storageEnabled = optionalPackages.includes("storage");
+  const queueEnabled = optionalPackages.includes("queue");
+  const eventsEnabled = optionalPackages.includes("events");
+  const authEnabled = optionalPackages.includes("auth");
+  const authorizationEnabled = optionalPackages.includes("authorization");
+  const notificationsEnabled = optionalPackages.includes("notifications");
+  const mailEnabled = optionalPackages.includes("mail");
+  const broadcastEnabled = optionalPackages.includes("broadcast");
+  const realtimeEnabled = optionalPackages.includes("realtime");
+  const securityEnabled = optionalPackages.includes("security");
+  const cacheEnabled = optionalPackages.includes("cache");
+  const broadcastEnvFiles = broadcastEnabled ? renderBroadcastEnvFiles() : void 0;
+  const scaffoldEnv = appendScaffoldEnvGroup(env, broadcastEnvFiles?.env);
+  const scaffoldEnvExample = appendScaffoldEnvGroup(example, broadcastEnvFiles?.example);
+  await mkdir2(projectRoot, { recursive: true });
+  await mkdir2(resolve3(projectRoot, "config"), { recursive: true });
+  await mkdir2(resolve3(projectRoot, ".holo-js", "framework"), { recursive: true });
+  await mkdir2(resolve3(projectRoot, config.paths.models), { recursive: true });
+  await mkdir2(resolve3(projectRoot, config.paths.commands), { recursive: true });
+  if (queueEnabled) {
+    await mkdir2(resolve3(projectRoot, config.paths.jobs), { recursive: true });
+  }
+  if (eventsEnabled) {
+    await mkdir2(resolve3(projectRoot, config.paths.events), { recursive: true });
+    await mkdir2(resolve3(projectRoot, config.paths.listeners), { recursive: true });
+  }
+  if (authorizationEnabled) {
+    await mkdir2(resolve3(projectRoot, "server/policies"), { recursive: true });
+    await mkdir2(resolve3(projectRoot, "server/abilities"), { recursive: true });
+  }
+  if (mailEnabled) {
+    await mkdir2(resolve3(projectRoot, "server/mail"), { recursive: true });
+  }
+  if (broadcastEnabled) {
+    await mkdir2(resolve3(projectRoot, "server/broadcast"), { recursive: true });
+    await mkdir2(resolve3(projectRoot, "server/channels"), { recursive: true });
+  }
+  if (realtimeEnabled) {
+    await mkdir2(resolve3(projectRoot, "server/realtime"), { recursive: true });
+  }
+  await mkdir2(resolve3(projectRoot, "server/db/factories"), { recursive: true });
+  await mkdir2(resolve3(projectRoot, "server/db/migrations"), { recursive: true });
+  await mkdir2(resolve3(projectRoot, "server/db/seeders"), { recursive: true });
+  await mkdir2(resolve3(projectRoot, "server/db/schema"), { recursive: true });
+  await mkdir2(resolve3(projectRoot, config.paths.observers), { recursive: true });
+  await mkdir2(resolve3(projectRoot, "storage"), { recursive: true });
+  if (storageEnabled) {
+    await mkdir2(resolve3(projectRoot, "storage/app/public"), { recursive: true });
+  }
+  await writeFile(resolve3(projectRoot, "package.json"), renderScaffoldPackageJson(options), "utf8");
+  await writeFile(resolve3(projectRoot, ".gitignore"), renderScaffoldGitignore(), "utf8");
+  await writeFile(resolve3(projectRoot, ".env"), scaffoldEnv, "utf8");
+  await writeFile(resolve3(projectRoot, ".env.example"), scaffoldEnvExample, "utf8");
+  await writeFile(resolve3(projectRoot, "config/app.ts"), renderScaffoldAppConfig(options.projectName, options.framework), "utf8");
+  await writeFile(resolve3(projectRoot, "config/database.ts"), renderScaffoldDatabaseConfig(options), "utf8");
+  await writeFile(resolve3(projectRoot, "config/redis.ts"), renderRedisConfig(), "utf8");
+  if (queueEnabled) {
+    await writeFile(resolve3(projectRoot, "config/queue.ts"), renderQueueConfig({
+      driver: "sync",
+      defaultDatabaseConnection: "main"
+    }), "utf8");
+  }
+  if (notificationsEnabled) {
+    await writeFile(resolve3(projectRoot, "config/notifications.ts"), renderNotificationsConfig(), "utf8");
+    for (const migrationFile of createNotificationsMigrationFiles()) {
+      await writeFile(resolve3(projectRoot, config.paths.migrations, migrationFile.path), migrationFile.contents, "utf8");
+    }
+  }
+  if (mailEnabled) {
+    await writeFile(resolve3(projectRoot, "config/mail.ts"), renderMailConfig(), "utf8");
+  }
+  if (broadcastEnabled) {
+    await writeFile(resolve3(projectRoot, "config/broadcast.ts"), renderBroadcastConfig("esm", false, true), "utf8");
+  }
+  if (securityEnabled) {
+    await writeFile(resolve3(projectRoot, "config/security.ts"), renderSecurityConfig(), "utf8");
+    await writeFile(resolve3(projectRoot, "config/cors.ts"), renderCorsConfig(), "utf8");
+    await ensureRateLimitStorageIgnore(projectRoot);
+  }
+  if (cacheEnabled) {
+    await writeFile(resolve3(projectRoot, "config/cache.ts"), renderCacheConfig("file", "main"), "utf8");
+  }
+  if (authEnabled) {
+    await writeFile(resolve3(projectRoot, "config/auth.ts"), renderAuthConfig(), "utf8");
+    await writeFile(resolve3(projectRoot, "config/session.ts"), renderSessionConfig("main"), "utf8");
+    if (!securityEnabled) {
+      await writeFile(resolve3(projectRoot, "config/security.ts"), renderSecurityConfig(), "utf8");
+      await writeFile(resolve3(projectRoot, "config/cors.ts"), renderCorsConfig(), "utf8");
+      await ensureRateLimitStorageIgnore(projectRoot);
+    }
+    const userModelPath = resolve3(projectRoot, config.paths.models, "User.ts");
+    await writeFile(
+      userModelPath,
+      renderAuthUserModel(resolveAuthUserModelSchemaImportPath(
+        userModelPath,
+        generatedSchemaPath
+      )),
+      "utf8"
+    );
+    for (const migrationFile of createAuthMigrationFiles()) {
+      await writeFile(resolve3(projectRoot, config.paths.migrations, migrationFile.path), migrationFile.contents, "utf8");
+    }
+  }
+  if (authEnabled && notificationsEnabled) {
+    await mkdir2(resolve3(projectRoot, "server/notifications/auth"), { recursive: true });
+    await writeFile(
+      resolve3(projectRoot, "server/notifications/auth/email-verification.ts"),
+      renderAuthEmailVerificationNotification(),
+      "utf8"
+    );
+    await writeFile(
+      resolve3(projectRoot, "server/notifications/auth/password-reset.ts"),
+      renderAuthPasswordResetNotification(),
+      "utf8"
+    );
+  }
+  if (broadcastEnabled && authEnabled) {
+    await syncBroadcastAuthSupportAfterAuthInstall(projectRoot);
+  }
+  if (authorizationEnabled) {
+    await writeFile(resolve3(projectRoot, "server/policies/README.md"), renderAuthorizationPoliciesReadme(), "utf8");
+    await writeFile(resolve3(projectRoot, "server/abilities/README.md"), renderAuthorizationAbilitiesReadme(), "utf8");
+  }
+  if (storageEnabled) {
+    await writeFile(resolve3(projectRoot, "config/storage.ts"), renderStorageConfig(), "utf8");
+  }
+  await writeFile(resolve3(projectRoot, ".holo-js/framework/run.mjs"), renderFrameworkRunner(options), "utf8");
+  await writeFile(resolve3(projectRoot, ".holo-js/framework/project.json"), `${JSON.stringify(options, null, 2)}
+`, "utf8");
+  await writeFile(resolve3(projectRoot, "tsconfig.json"), renderScaffoldTsconfig(options), "utf8");
+  const vscodeSettings = renderVSCodeSettings(options);
+  if (vscodeSettings) {
+    await mkdir2(resolve3(projectRoot, ".vscode"), { recursive: true });
+    await writeFile(resolve3(projectRoot, ".vscode/settings.json"), vscodeSettings, "utf8");
+  }
+  await mkdir2(dirname(generatedSchemaPath), { recursive: true });
+  await writeFile(generatedSchemaPath, renderGeneratedSchemaPlaceholder(), "utf8");
+  await writeFile(resolve3(projectRoot, GENERATED_MODEL_TYPES_PATH), renderGeneratedModelTypes([]), "utf8");
+  for (const file of renderFrameworkFiles(options)) {
+    await writeTextFile(resolve3(projectRoot, file.path), file.contents);
+  }
+  if (options.databaseDriver === "sqlite") {
+    await writeFile(resolve3(projectRoot, "storage/database.sqlite"), "", "utf8");
+  }
+}
+// src/project/scaffold.ts
+async function resolveExistingModelPath(modelsRoot, modelName) {
+  const supportedExtensions = [".ts", ".mts", ".js", ".mjs", ".cts", ".cjs"];
+  for (const extension of supportedExtensions) {
+    const candidate = resolve4(modelsRoot, `${modelName}${extension}`);
+    if (await pathExists(candidate)) {
+      return candidate;
+    }
+  }
+  return void 0;
+}
+function injectSvelteRealtimeVitePlugin(viteConfigContents) {
+  if (/\bholoSvelteKitRealtime\b/.test(viteConfigContents)) {
+    return void 0;
+  }
+  const adapterImportPattern = /import\s*\{([^}]*)\}\s*from\s*(['"])@holo-js\/adapter-sveltekit\/vite\2/;
+  const svelteKitImportPattern = /(import\s*\{[^}]*\bsveltekit\b[^}]*\}\s*from\s*(['"])@sveltejs\/kit\/vite\2)/;
+  const existingAdapterImport = adapterImportPattern.exec(viteConfigContents);
+  let withImport = viteConfigContents;
+  if (existingAdapterImport) {
+    const imports = existingAdapterImport[1]?.split(",").map((value) => value.trim()).filter(Boolean) ?? [];
+    withImport = viteConfigContents.replace(adapterImportPattern, `import { ${["holoSvelteKitRealtime", ...imports].join(", ")} } from ${existingAdapterImport[2]}@holo-js/adapter-sveltekit/vite${existingAdapterImport[2]}`);
+  } else {
+    withImport = viteConfigContents.replace(
+      svelteKitImportPattern,
+      [
+        "$1",
+        "import { holoSvelteKitRealtime } from '@holo-js/adapter-sveltekit/vite'"
+      ].join("\n")
+    );
+  }
+  if (withImport === viteConfigContents && !existingAdapterImport) {
+    return {
+      error: "Unable to add holoSvelteKitRealtime() to vite.config.ts because the SvelteKit Vite import could not be found."
+    };
+  }
+  const withPlugin = withImport.replace(/plugins\s*:\s*\[([\s\S]*?)\]/, (_match, plugins) => {
+    const separator = plugins.trim() ? " " : "";
+    return `plugins: [holoSvelteKitRealtime(),${separator}${plugins}]`;
+  });
+  if (withPlugin === withImport) {
+    if (/\bplugins\s*:\s*(?!\[)|\bplugins\s*(?:,|})/.test(withImport)) {
+      return {
+        error: "Unable to add holoSvelteKitRealtime() to vite.config.ts because the plugins option is not an inline array."
+      };
+    }
+    return {
+      error: "Unable to add holoSvelteKitRealtime() to vite.config.ts because no plugins array was found."
+    };
+  }
+  return withPlugin;
+}
+var realtimeDefinitionExtensions = /* @__PURE__ */ new Set([".ts", ".mts", ".cts", ".js", ".mjs", ".cjs"]);
+async function collectRealtimeDefinitionFiles(root) {
+  const entries = await readdir2(root, { withFileTypes: true }).catch(() => []);
+  const files = await Promise.all(entries.map(async (entry) => {
+    const entryPath = resolve4(root, entry.name);
+    if (entry.isDirectory()) {
+      return await collectRealtimeDefinitionFiles(entryPath);
+    }
+    return realtimeDefinitionExtensions.has(extname2(entry.name)) ? [entryPath] : [];
+  }));
+  return files.flat().sort((left, right) => left.localeCompare(right));
+}
+async function renderNextRealtimeDefinitions(projectRoot) {
+  const generatedRoot = resolve4(projectRoot, ".holo-js/generated/next");
+  const files = await collectRealtimeDefinitionFiles(resolve4(projectRoot, "server/realtime"));
+  const importPaths = files.map((filePath) => {
+    const withoutExtension = filePath.slice(0, -extname2(filePath).length);
+    const importPath = relative(generatedRoot, withoutExtension).split(sep).join("/");
+    return importPath.startsWith(".") ? importPath : `./${importPath}`;
+  });
+  return renderNextGeneratedRealtimeDefinitions(importPaths);
+}
+async function resolveExistingAuthMigrationFiles(migrationsRoot) {
+  const entries = await readdir2(migrationsRoot).catch(() => []);
+  const resolved = /* @__PURE__ */ new Map();
+  for (const entry of entries) {
+    for (const slug of AUTH_MIGRATION_SLUGS) {
+      if (entry.endsWith(`_${slug}.ts`) || entry.endsWith(`_${slug}.mts`) || entry.endsWith(`_${slug}.js`) || entry.endsWith(`_${slug}.mjs`) || entry.endsWith(`_${slug}.cts`) || entry.endsWith(`_${slug}.cjs`)) {
+        resolved.set(slug, resolve4(migrationsRoot, entry));
+      }
+    }
+  }
+  return resolved;
+}
+async function resolveExistingNotificationsMigrationFiles(migrationsRoot) {
+  const entries = await readdir2(migrationsRoot).catch(() => []);
+  return entries.filter((entry) => entry.endsWith("_create_notifications.ts") || entry.endsWith("_create_notifications.mts") || entry.endsWith("_create_notifications.js") || entry.endsWith("_create_notifications.mjs") || entry.endsWith("_create_notifications.cts") || entry.endsWith("_create_notifications.cjs")).map((entry) => resolve4(migrationsRoot, entry));
+}
+var AUTH_NOTIFICATION_FILES = Object.freeze([
+  Object.freeze({
+    path: "server/notifications/auth/email-verification.ts",
+    render: renderAuthEmailVerificationNotification
+  }),
+  Object.freeze({
+    path: "server/notifications/auth/password-reset.ts",
+    render: renderAuthPasswordResetNotification
+  })
+]);
+async function writeAuthNotificationFiles(projectRoot) {
+  const createdFiles = [];
+  const skippedFiles = [];
+  await mkdir3(resolve4(projectRoot, "server/notifications/auth"), { recursive: true });
+  for (const file of AUTH_NOTIFICATION_FILES) {
+    const filePath = resolve4(projectRoot, file.path);
+    if (await pathExists(filePath)) {
+      skippedFiles.push(filePath);
+      continue;
+    }
+    await writeTextFile(filePath, file.render());
+    createdFiles.push(filePath);
+  }
+  return {
+    createdFiles,
+    skippedFiles
+  };
+}
+async function syncHostedAuthRouteFiles(projectRoot, features) {
+  if (!features.workos && !features.clerk) {
+    return;
+  }
+  const { dependencies, devDependencies } = await readPackageJsonDependencyState(projectRoot);
+  const framework = detectProjectFrameworkFromPackageJson(dependencies, devDependencies);
+  if (!framework) {
+    return;
+  }
+  for (const file of renderAuthProviderRouteFiles(framework, features)) {
+    const targetPath = resolve4(projectRoot, file.path);
+    if (await pathExists(targetPath)) {
+      continue;
+    }
+    await mkdir3(dirname2(targetPath), { recursive: true });
+    await writeTextFile(targetPath, file.contents);
+  }
+  if (framework === "next") {
+    for (const file of renderNextManagedHostedAuthRouteFiles(features)) {
+      await writeTextFile(resolve4(projectRoot, file.path), file.contents);
+    }
+  }
+}
+async function syncAuthRouteFiles(projectRoot) {
+  const { dependencies, devDependencies } = await readPackageJsonDependencyState(projectRoot);
+  const framework = detectProjectFrameworkFromPackageJson(dependencies, devDependencies);
+  if (!framework) {
+    return;
+  }
+  for (const file of renderAuthRouteFiles(framework)) {
+    const targetPath = resolve4(projectRoot, file.path);
+    if (await pathExists(targetPath)) {
+      continue;
+    }
+    await writeTextFile(targetPath, file.contents);
+  }
+}
+async function installAuthIntoProject(projectRoot, features = {}) {
+  const project = await loadProjectConfig(projectRoot);
+  const modelsRoot = resolve4(projectRoot, project.config.paths.models);
+  const migrationsRoot = resolve4(projectRoot, project.config.paths.migrations);
+  const defaultDatabaseConnection = project.config.database?.defaultConnection ?? "default";
+  const authConfigPath = await resolveFirstExistingPath(projectRoot, AUTH_CONFIG_FILE_NAMES);
+  const sessionConfigPath = await resolveFirstExistingPath(projectRoot, SESSION_CONFIG_FILE_NAMES);
+  const securityConfigPath = await resolveFirstExistingPath(projectRoot, SECURITY_CONFIG_FILE_NAMES);
+  const corsConfigPath = await resolveFirstExistingPath(projectRoot, CORS_CONFIG_FILE_NAMES);
+  const userModelPath = await resolveExistingModelPath(modelsRoot, "User");
+  const existingMigrationFiles = await resolveExistingAuthMigrationFiles(migrationsRoot);
+  const hasAllAuthMigrations = AUTH_MIGRATION_SLUGS.every((slug) => existingMigrationFiles.has(slug));
+  const existingAuthArtifacts = [
+    authConfigPath,
+    userModelPath,
+    ...AUTH_MIGRATION_SLUGS.map((slug) => existingMigrationFiles.get(slug))
+  ].filter((value) => typeof value === "string");
+  if (authConfigPath && userModelPath && hasAllAuthMigrations) {
+    const envPath2 = resolve4(projectRoot, ".env");
+    const envExamplePath2 = resolve4(projectRoot, ".env.example");
+    const currentAuthConfig = await readTextFile(authConfigPath) ?? "";
+    const currentAuthFeatures = detectAuthInstallFeaturesFromConfig(currentAuthConfig);
+    const nextAuthFeatures = mergeInstalledAuthFeatures(currentAuthFeatures, features);
+    const authConfigModuleFormat = resolveConfigModuleFormat(authConfigPath, currentAuthConfig);
+    const nextAuthConfig = renderAuthConfig(nextAuthFeatures, authConfigModuleFormat);
+    const authEnvFiles2 = renderAuthEnvFiles(nextAuthFeatures, defaultDatabaseConnection);
+    const nextEnv2 = upsertEnvContents(await readTextFile(envPath2), authEnvFiles2.env);
+    const nextEnvExample2 = upsertEnvContents(await readTextFile(envExamplePath2), authEnvFiles2.example);
+    const authConfigChanged = authFeaturesRequireConfigUpdate(features) && currentAuthConfig !== nextAuthConfig;
+    if (authConfigChanged) {
+      if (!canSafelyRewriteAuthConfig(currentAuthConfig, currentAuthFeatures, authConfigModuleFormat)) {
+        throw new Error(
+          `Auth support is already installed in ${projectRoot}, but ${authConfigPath} contains manual changes. Refusing to overwrite the existing auth config automatically.`
+        );
+      }
+      await writeTextFile(authConfigPath, nextAuthConfig);
+    }
+    if (nextEnv2.changed && typeof nextEnv2.contents === "string") {
+      await writeTextFile(envPath2, nextEnv2.contents);
+    }
+    if (nextEnvExample2.changed && typeof nextEnvExample2.contents === "string") {
+      await writeTextFile(envExamplePath2, nextEnvExample2.contents);
+    }
+    let createdSecurityConfig2 = false;
+    if (!securityConfigPath) {
+      await writeTextFile(resolve4(projectRoot, "config/security.ts"), renderSecurityConfig());
+      createdSecurityConfig2 = true;
+    }
+    const createdCorsConfig2 = await ensureCorsConfigFile(projectRoot);
+    await syncBroadcastAuthSupportAfterAuthInstall(projectRoot);
+    await syncAuthRouteFiles(projectRoot);
+    await syncHostedAuthRouteFiles(projectRoot, nextAuthFeatures);
+    return {
+      updatedPackageJson: await upsertAuthPackageDependencies(projectRoot, nextAuthFeatures),
+      createdAuthConfig: authConfigChanged,
+      createdSessionConfig: false,
+      createdSecurityConfig: createdSecurityConfig2,
+      createdCorsConfig: createdCorsConfig2,
+      createdUserModel: false,
+      createdMigrationFiles: [],
+      updatedEnv: nextEnv2.changed,
+      updatedEnvExample: nextEnvExample2.changed
+    };
+  }
+  const collisions = sessionConfigPath && existingAuthArtifacts.length === 0 ? [] : [
+    ...existingAuthArtifacts,
+    ...sessionConfigPath && existingAuthArtifacts.length > 0 ? [sessionConfigPath] : []
+  ];
+  if (collisions.length > 0) {
+    throw new Error(
+      `Auth support is partially installed. Refusing to overwrite existing files in ${projectRoot}: ${collisions.join(", ")}`
+    );
+  }
+  const authConfigTargetPath = resolve4(projectRoot, "config/auth.ts");
+  const sessionConfigTargetPath = resolve4(projectRoot, "config/session.ts");
+  const userModelTargetPath = resolve4(modelsRoot, "User.ts");
+  const generatedSchemaPath = resolveGeneratedSchemaPath(projectRoot, project.config);
+  const migrationFiles = createAuthMigrationFiles();
+  const authEnvFiles = renderAuthEnvFiles(features, defaultDatabaseConnection);
+  await mkdir3(resolve4(projectRoot, "config"), { recursive: true });
+  await mkdir3(modelsRoot, { recursive: true });
+  await mkdir3(migrationsRoot, { recursive: true });
+  await ensureRedisConfigFile(projectRoot);
+  await writeTextFile(authConfigTargetPath, renderAuthConfig(features));
+  if (!sessionConfigPath) {
+    await writeTextFile(sessionConfigTargetPath, renderSessionConfig(defaultDatabaseConnection));
+  }
+  let createdSecurityConfig = false;
+  if (!securityConfigPath) {
+    await writeTextFile(resolve4(projectRoot, "config/security.ts"), renderSecurityConfig());
+    createdSecurityConfig = true;
+  }
+  const createdCorsConfig = corsConfigPath ? false : await ensureCorsConfigFile(projectRoot);
+  await writeTextFile(
+    userModelTargetPath,
+    renderAuthUserModel(resolveAuthUserModelSchemaImportPath(
+      userModelTargetPath,
+      generatedSchemaPath
+    ))
+  );
+  const createdMigrationFiles = [];
+  for (const migrationFile of migrationFiles) {
+    const migrationPath = resolve4(migrationsRoot, migrationFile.path);
+    await writeTextFile(migrationPath, migrationFile.contents);
+    createdMigrationFiles.push(migrationPath);
+  }
+  const envPath = resolve4(projectRoot, ".env");
+  const envExamplePath = resolve4(projectRoot, ".env.example");
+  const nextEnv = upsertEnvContents(await readTextFile(envPath), authEnvFiles.env);
+  const nextEnvExample = upsertEnvContents(await readTextFile(envExamplePath), authEnvFiles.example);
+  if (nextEnv.changed && typeof nextEnv.contents === "string") {
+    await writeTextFile(envPath, nextEnv.contents);
+  }
+  if (nextEnvExample.changed && typeof nextEnvExample.contents === "string") {
+    await writeTextFile(envExamplePath, nextEnvExample.contents);
+  }
+  await syncBroadcastAuthSupportAfterAuthInstall(projectRoot);
+  await syncAuthRouteFiles(projectRoot);
+  await syncHostedAuthRouteFiles(projectRoot, features);
+  return {
+    updatedPackageJson: await upsertAuthPackageDependencies(projectRoot, features),
+    createdAuthConfig: true,
+    createdSessionConfig: !sessionConfigPath,
+    createdSecurityConfig,
+    createdCorsConfig,
+    createdUserModel: true,
+    createdMigrationFiles,
+    updatedEnv: nextEnv.changed,
+    updatedEnvExample: nextEnvExample.changed
+  };
+}
+async function installAuthorizationIntoProject(projectRoot) {
+  await loadProjectConfig(projectRoot, { required: true });
+  const policiesRoot = resolve4(projectRoot, "server/policies");
+  const abilitiesRoot = resolve4(projectRoot, "server/abilities");
+  const policiesDirectoryExists = await pathExists(policiesRoot);
+  const abilitiesDirectoryExists = await pathExists(abilitiesRoot);
+  const policiesReadmePath = resolve4(policiesRoot, "README.md");
+  const abilitiesReadmePath = resolve4(abilitiesRoot, "README.md");
+  const policiesReadmeExists = await pathExists(policiesReadmePath);
+  const abilitiesReadmeExists = await pathExists(abilitiesReadmePath);
+  await mkdir3(policiesRoot, { recursive: true });
+  await mkdir3(abilitiesRoot, { recursive: true });
+  if (!policiesReadmeExists) {
+    await writeTextFile(policiesReadmePath, renderAuthorizationPoliciesReadme());
+  }
+  if (!abilitiesReadmeExists) {
+    await writeTextFile(abilitiesReadmePath, renderAuthorizationAbilitiesReadme());
+  }
+  return {
+    updatedPackageJson: await upsertAuthorizationPackageDependency(projectRoot),
+    createdPoliciesDirectory: !policiesDirectoryExists,
+    createdAbilitiesDirectory: !abilitiesDirectoryExists,
+    createdPoliciesReadme: !policiesReadmeExists,
+    createdAbilitiesReadme: !abilitiesReadmeExists
+  };
+}
+async function installQueueIntoProject(projectRoot, options = {}) {
+  const driver = options.driver ?? "sync";
+  if (!isSupportedQueueInstallerDriver(driver)) {
+    throw new Error(`Unsupported queue driver: ${driver}.`);
+  }
+  const project = await loadProjectConfig(projectRoot);
+  const defaultDatabaseConnection = project.config.database?.defaultConnection ?? "default";
+  const queueConfigPath = await resolveFirstExistingPath(projectRoot, QUEUE_CONFIG_FILE_NAMES) ?? resolve4(projectRoot, "config/queue.ts");
+  const queueConfigExists = await pathExists(queueConfigPath);
+  const jobsRoot = resolve4(projectRoot, project.config.paths.jobs);
+  const jobsDirectoryExists = await pathExists(jobsRoot);
+  const queueEnvFiles = renderQueueEnvFiles(driver);
+  if (!queueConfigExists) {
+    await writeTextFile(queueConfigPath, renderQueueConfig({
+      driver,
+      defaultDatabaseConnection
+    }));
+  }
+  if (driver === "redis") {
+    await ensureRedisConfigFile(projectRoot);
+  }
+  await mkdir3(jobsRoot, { recursive: true });
+  const updatedPackageJson = await upsertQueuePackageDependency(
+    projectRoot,
+    !queueConfigExists || driver !== "sync" ? driver : void 0
+  );
+  const envPath = resolve4(projectRoot, ".env");
+  const envExamplePath = resolve4(projectRoot, ".env.example");
+  const nextEnv = upsertEnvContents(await readTextFile(envPath), queueEnvFiles.env);
+  const nextEnvExample = upsertEnvContents(await readTextFile(envExamplePath), queueEnvFiles.example);
+  if (nextEnv.changed && typeof nextEnv.contents === "string") {
+    await writeTextFile(envPath, nextEnv.contents);
+  }
+  if (nextEnvExample.changed && typeof nextEnvExample.contents === "string") {
+    await writeTextFile(envExamplePath, nextEnvExample.contents);
+  }
+  return {
+    createdQueueConfig: !queueConfigExists,
+    updatedPackageJson,
+    updatedEnv: nextEnv.changed,
+    updatedEnvExample: nextEnvExample.changed,
+    createdJobsDirectory: !jobsDirectoryExists
+  };
+}
+async function installEventsIntoProject(projectRoot) {
+  const project = await loadProjectConfig(projectRoot);
+  const eventsRoot = resolve4(projectRoot, project.config.paths.events);
+  const listenersRoot = resolve4(projectRoot, project.config.paths.listeners);
+  const eventsDirectoryExists = await pathExists(eventsRoot);
+  const listenersDirectoryExists = await pathExists(listenersRoot);
+  await mkdir3(eventsRoot, { recursive: true });
+  await mkdir3(listenersRoot, { recursive: true });
+  return {
+    updatedPackageJson: await upsertEventsPackageDependency(projectRoot),
+    createdEventsDirectory: !eventsDirectoryExists,
+    createdListenersDirectory: !listenersDirectoryExists
+  };
+}
+async function installRealtimeIntoProject(projectRoot) {
+  await loadProjectConfig(projectRoot, { required: true });
+  const realtimeRoot = resolve4(projectRoot, "server/realtime");
+  const realtimeDirectoryExists = await pathExists(realtimeRoot);
+  const { dependencies, devDependencies } = await readPackageJsonDependencyState(projectRoot);
+  const framework = detectProjectFrameworkFromPackageJson(dependencies, devDependencies);
+  let createdFrameworkSetup = false;
+  await mkdir3(realtimeRoot, { recursive: true });
+  if (framework === "next") {
+    const routes = [
+      { path: ".holo-js/generated/next/holo.ts", contents: renderNextHoloHelper() },
+      { path: ".holo-js/generated/next/bootstrap.mjs", contents: renderNextRuntimeBootstrap() },
+      { path: ".holo-js/generated/next/realtime-definitions.ts", contents: await renderNextRealtimeDefinitions(projectRoot) }
+    ];
+    for (const route of routes) {
+      const routePath = resolve4(projectRoot, route.path);
+      if (!await pathExists(routePath)) {
+        createdFrameworkSetup = true;
+      }
+      await writeTextFile(routePath, route.contents);
+    }
+  } else if (framework === "sveltekit") {
+    const viteConfigPath = resolve4(projectRoot, "vite.config.ts");
+    if (await pathExists(viteConfigPath)) {
+      const existingViteConfig = await readTextFile(viteConfigPath);
+      const viteConfigContents = existingViteConfig ? injectSvelteRealtimeVitePlugin(existingViteConfig) : void 0;
+      if (typeof viteConfigContents === "string") {
+        createdFrameworkSetup = true;
+        await writeTextFile(viteConfigPath, viteConfigContents);
+      } else if (viteConfigContents) {
+        throw new Error(viteConfigContents.error);
+      }
+    } else {
+      createdFrameworkSetup = true;
+      await writeTextFile(viteConfigPath, renderSvelteViteConfig(false, true));
+    }
+  }
+  return {
+    updatedPackageJson: await upsertRealtimePackageDependency(projectRoot),
+    createdRealtimeDirectory: !realtimeDirectoryExists,
+    createdFrameworkSetup
+  };
+}
+async function installNotificationsIntoProject(projectRoot) {
+  const project = await loadProjectConfig(projectRoot);
+  const migrationsRoot = resolve4(projectRoot, project.config.paths.migrations);
+  const notificationsConfigPath = await resolveFirstExistingPath(projectRoot, NOTIFICATIONS_CONFIG_FILE_NAMES);
+  const existingMigrationFiles = await resolveExistingNotificationsMigrationFiles(migrationsRoot);
+  await mkdir3(resolve4(projectRoot, "config"), { recursive: true });
+  await mkdir3(migrationsRoot, { recursive: true });
+  if (!notificationsConfigPath) {
+    await writeTextFile(resolve4(projectRoot, "config/notifications.ts"), renderNotificationsConfig());
+  }
+  const createdMigrationFiles = [];
+  if (existingMigrationFiles.length === 0) {
+    for (const migrationFile of createNotificationsMigrationFiles()) {
+      const migrationPath = resolve4(migrationsRoot, migrationFile.path);
+      await writeTextFile(migrationPath, migrationFile.contents);
+      createdMigrationFiles.push(migrationPath);
+    }
+  }
+  return {
+    updatedPackageJson: await upsertNotificationsPackageDependency(projectRoot),
+    createdNotificationsConfig: !notificationsConfigPath,
+    createdMigrationFiles
+  };
+}
+async function publishAuthNotificationsIntoProject(projectRoot) {
+  await loadProjectConfig(projectRoot, { required: true });
+  const dependencies = await readPackageJsonDependencyState(projectRoot);
+  if (!dependencies.dependencies["@holo-js/auth"] && !dependencies.devDependencies["@holo-js/auth"]) {
+    throw new Error(
+      "Auth notification publishing requires @holo-js/auth. Install auth first with `holo install auth`."
+    );
+  }
+  if (!dependencies.dependencies["@holo-js/notifications"] && !dependencies.devDependencies["@holo-js/notifications"]) {
+    throw new Error(
+      "Auth notification publishing requires @holo-js/notifications. Install notifications first with `holo install notifications`."
+    );
+  }
+  const result = await writeAuthNotificationFiles(projectRoot);
+  return {
+    ...result,
+    hasMailDependency: !!dependencies.dependencies["@holo-js/mail"] || !!dependencies.devDependencies["@holo-js/mail"]
+  };
+}
+async function installMailIntoProject(projectRoot) {
+  await loadProjectConfig(projectRoot, { required: true });
+  const mailConfigPath = await resolveFirstExistingPath(projectRoot, MAIL_CONFIG_FILE_NAMES);
+  const mailRoot = resolve4(projectRoot, "server/mail");
+  const mailDirectoryExists = await pathExists(mailRoot);
+  const envPath = resolve4(projectRoot, ".env");
+  const envExamplePath = resolve4(projectRoot, ".env.example");
+  await mkdir3(resolve4(projectRoot, "config"), { recursive: true });
+  await mkdir3(mailRoot, { recursive: true });
+  if (!mailConfigPath) {
+    await writeTextFile(resolve4(projectRoot, "config/mail.ts"), renderMailConfig());
+  }
+  const mailEnvFiles = renderMailEnvFiles();
+  const nextEnv = upsertEnvContents(await readTextFile(envPath), mailEnvFiles.env);
+  const nextEnvExample = upsertEnvContents(await readTextFile(envExamplePath), mailEnvFiles.example);
+  if (nextEnv.changed && typeof nextEnv.contents === "string") {
+    await writeTextFile(envPath, nextEnv.contents);
+  }
+  if (nextEnvExample.changed && typeof nextEnvExample.contents === "string") {
+    await writeTextFile(envExamplePath, nextEnvExample.contents);
+  }
+  return {
+    updatedPackageJson: await upsertMailPackageDependency(projectRoot),
+    createdMailConfig: !mailConfigPath,
+    createdMailDirectory: !mailDirectoryExists,
+    updatedEnv: nextEnv.changed,
+    updatedEnvExample: nextEnvExample.changed
+  };
+}
+async function installMediaIntoProject(projectRoot) {
+  await loadProjectConfig(projectRoot, { required: true });
+  const mediaConfigPath = await resolveFirstExistingPath(projectRoot, MEDIA_CONFIG_FILE_NAMES);
+  await mkdir3(resolve4(projectRoot, "config"), { recursive: true });
+  if (!mediaConfigPath) {
+    await writeTextFile(resolve4(projectRoot, "config/media.ts"), renderMediaConfig());
+  }
+  const { createMediaTableMigration } = await import("./media-migrations-NMUWBEKE.mjs");
+  const migrationFilePath = await createMediaTableMigration(projectRoot, {
+    skipIfExists: true
+  });
+  return {
+    updatedPackageJson: await upsertMediaPackageDependency(projectRoot),
+    createdMediaConfig: !mediaConfigPath,
+    createdMigrationFiles: migrationFilePath ? [migrationFilePath] : []
+  };
+}
+async function installSecurityIntoProject(projectRoot) {
+  await loadProjectConfig(projectRoot, { required: true });
+  const securityConfigPath = await resolveFirstExistingPath(projectRoot, SECURITY_CONFIG_FILE_NAMES);
+  const corsConfigPath = await resolveFirstExistingPath(projectRoot, CORS_CONFIG_FILE_NAMES);
+  await mkdir3(resolve4(projectRoot, "config"), { recursive: true });
+  await ensureRateLimitStorageIgnore(projectRoot);
+  await ensureRedisConfigFile(projectRoot);
+  if (!securityConfigPath) {
+    await writeTextFile(resolve4(projectRoot, "config/security.ts"), renderSecurityConfig());
+  }
+  const createdCorsConfig = corsConfigPath ? false : await ensureCorsConfigFile(projectRoot);
+  return {
+    updatedPackageJson: await upsertSecurityPackageDependency(projectRoot),
+    createdSecurityConfig: !securityConfigPath,
+    createdCorsConfig
+  };
+}
+async function installCacheIntoProject(projectRoot, options = {}) {
+  const project = await loadProjectConfig(projectRoot, { required: true });
+  const driver = options.driver ?? "file";
+  if (!isSupportedCacheInstallerDriver(driver)) {
+    throw new Error(`Unsupported cache driver: ${driver}.`);
+  }
+  const cacheConfigPath = await resolveFirstExistingPath(projectRoot, CACHE_CONFIG_FILE_NAMES);
+  const loadedConfig = await loadConfigDirectory2(projectRoot, {
+    preferCache: false,
+    processEnv: process.env
+  });
+  const defaultDatabaseConnection = project.config.database?.defaultConnection ?? "default";
+  const defaultRedisConnection = loadedConfig.redis.default;
+  const loadedCacheConfig = cacheConfigPath ? loadedConfig.cache : void 0;
+  if (loadedCacheConfig && !Object.values(loadedCacheConfig.drivers).some((entry) => entry.driver === driver)) {
+    throw new Error(
+      `config/cache.ts already exists and does not configure the "${driver}" cache driver. Update your cache config first, then rerun "holo install cache".`
+    );
+  }
+  await mkdir3(resolve4(projectRoot, "config"), { recursive: true });
+  if (!cacheConfigPath) {
+    await writeTextFile(
+      resolve4(projectRoot, "config/cache.ts"),
+      renderCacheConfig(driver, defaultDatabaseConnection, defaultRedisConnection)
+    );
+  }
+  let createdRedisConfig = false;
+  if (driver === "redis") {
+    createdRedisConfig = await ensureRedisConfigFile(projectRoot);
+  }
+  const cacheEnvFiles = renderCacheEnvFiles(driver);
+  const envPath = resolve4(projectRoot, ".env");
+  const envExamplePath = resolve4(projectRoot, ".env.example");
+  const nextEnv = upsertEnvContents(await readTextFile(envPath), cacheEnvFiles.env);
+  const nextEnvExample = upsertEnvContents(await readTextFile(envExamplePath), cacheEnvFiles.example);
+  if (nextEnv.changed && typeof nextEnv.contents === "string") {
+    await writeTextFile(envPath, nextEnv.contents);
+  }
+  if (nextEnvExample.changed && typeof nextEnvExample.contents === "string") {
+    await writeTextFile(envExamplePath, nextEnvExample.contents);
+  }
+  return {
+    updatedPackageJson: await upsertCachePackageDependencies(projectRoot, driver),
+    createdCacheConfig: !cacheConfigPath,
+    createdRedisConfig,
+    updatedEnv: nextEnv.changed,
+    updatedEnvExample: nextEnvExample.changed,
+    databaseDriver: driver === "database"
+  };
+}
+async function installBroadcastIntoProject(projectRoot) {
+  const project = await loadProjectConfig(projectRoot, { required: true });
+  const manifestPath = project.manifestPath;
+  const manifestContents = await readTextFile(manifestPath);
+  const manifestFormat = resolveConfigModuleFormat(manifestPath, manifestContents);
+  const broadcastConfigTargetPath = resolveBroadcastConfigTargetPath(projectRoot, manifestPath, manifestFormat);
+  const broadcastConfigIsTypeScript = [".ts", ".mts", ".cts"].includes(extname2(broadcastConfigTargetPath));
+  const broadcastConfigPath = await resolveFirstExistingPath(projectRoot, BROADCAST_CONFIG_FILE_NAMES);
+  const authConfigPath = await resolveFirstExistingPath(projectRoot, AUTH_CONFIG_FILE_NAMES);
+  const { dependencies, devDependencies } = await readPackageJsonDependencyState(projectRoot);
+  const framework = detectProjectFrameworkFromPackageJson(dependencies, devDependencies);
+  const canCreateBroadcastAuthRoute = framework === "next" || framework === "nuxt" || framework === "sveltekit";
+  const broadcastRoot = resolve4(projectRoot, "server/broadcast");
+  const channelsRoot = resolve4(projectRoot, "server/channels");
+  const broadcastDirectoryExists = await pathExists(broadcastRoot);
+  const channelsDirectoryExists = await pathExists(channelsRoot);
+  await mkdir3(resolve4(projectRoot, "config"), { recursive: true });
+  await mkdir3(broadcastRoot, { recursive: true });
+  await mkdir3(channelsRoot, { recursive: true });
+  await ensureRedisConfigFile(projectRoot);
+  if (!broadcastConfigPath) {
+    await writeTextFile(
+      broadcastConfigTargetPath,
+      renderBroadcastConfig(
+        manifestFormat,
+        Boolean(authConfigPath) && canCreateBroadcastAuthRoute,
+        broadcastConfigIsTypeScript
+      )
+    );
+  }
+  const broadcastEnvFiles = renderBroadcastEnvFiles();
+  const envPath = resolve4(projectRoot, ".env");
+  const envExamplePath = resolve4(projectRoot, ".env.example");
+  const nextEnv = upsertEnvContents(await readTextFile(envPath), broadcastEnvFiles.env);
+  const nextEnvExample = upsertEnvContents(await readTextFile(envExamplePath), broadcastEnvFiles.example);
+  const dependencyResult = await upsertBroadcastPackageDependencies(projectRoot);
+  let createdFrameworkSetup = false;
+  if (framework === "next") {
+    const holoHelperPath = resolve4(projectRoot, ".holo-js/generated/next/holo.ts");
+    const broadcastConfigRoutePath = resolve4(projectRoot, "app/broadcasting/config/route.ts");
+    const generatedBroadcastConfigRoutePath = resolve4(projectRoot, ".holo-js/generated/next/broadcast-config-route.ts");
+    if (!await pathExists(holoHelperPath)) {
+      await writeTextFile(holoHelperPath, renderNextHoloHelper());
+      createdFrameworkSetup = true;
+    }
+    if (!await pathExists(broadcastConfigRoutePath)) {
+      await writeTextFile(broadcastConfigRoutePath, renderNextBroadcastConfigRoute());
+      createdFrameworkSetup = true;
+    }
+    await writeTextFile(generatedBroadcastConfigRoutePath, renderNextGeneratedBroadcastConfigRoute());
+  } else if (framework === "sveltekit") {
+    const holoHelperPath = resolve4(projectRoot, ".holo-js/generated/sveltekit/holo.ts");
+    if (!await pathExists(holoHelperPath)) {
+      await writeTextFile(holoHelperPath, renderSvelteHoloHelper());
+      createdFrameworkSetup = true;
+    }
+  }
+  const broadcastAuthSupport = await syncBroadcastAuthSupportAfterAuthInstall(projectRoot);
+  if (nextEnv.changed && typeof nextEnv.contents === "string") {
+    await writeTextFile(envPath, nextEnv.contents);
+  }
+  if (nextEnvExample.changed && typeof nextEnvExample.contents === "string") {
+    await writeTextFile(envExamplePath, nextEnvExample.contents);
+  }
+  return {
+    updatedPackageJson: dependencyResult.updated,
+    createdBroadcastConfig: !broadcastConfigPath,
+    createdBroadcastDirectory: !broadcastDirectoryExists,
+    createdChannelsDirectory: !channelsDirectoryExists,
+    createdBroadcastAuthRoute: broadcastAuthSupport.createdBroadcastAuthRoute,
+    createdFrameworkSetup,
+    updatedEnv: nextEnv.changed,
+    updatedEnvExample: nextEnvExample.changed
+  };
+}
+export {
+  hasLoadedConfigFile,
+  inferDatabaseDriverFromUrl,
+  inferConnectionDriver,
+  syncManagedDriverDependencies,
+  upsertEventsPackageDependency,
+  upsertNotificationsPackageDependency,
+  upsertMailPackageDependency,
+  upsertMediaPackageDependency,
+  upsertSecurityPackageDependency,
+  upsertCachePackageDependencies,
+  upsertAuthPackageDependencies,
+  renderStorageConfig,
+  renderMediaConfig,
+  renderQueueConfig,
+  renderCacheConfig,
+  renderRedisConfig,
+  renderNotificationsConfig,
+  renderMailConfig,
+  renderSecurityConfig,
+  renderCorsConfig,
+  injectBroadcastAuthEndpoint,
+  resolveBroadcastConfigTargetPath,
+  renderSessionConfig,
+  renderAuthConfig,
+  authFeaturesRequireConfigUpdate,
+  detectAuthInstallFeaturesFromConfig,
+  renderAuthEnvFiles,
+  renderAuthUserModel,
+  renderAuthMigration,
+  renderNotificationsMigration,
+  renderScaffoldAppConfig,
+  renderScaffoldDatabaseConfig,
+  resolveDefaultDatabaseUrl,
+  renderScaffoldEnvFiles,
+  renderMailEnvFiles,
+  renderQueueEnvFiles,
+  renderCacheEnvFiles,
+  renderEnvFileContents,
+  normalizeScaffoldEnvSegments,
+  renderScaffoldGitignore,
+  renderScaffoldTsconfig,
+  renderVSCodeSettings,
+  resolvePackageManagerVersion,
+  renderScaffoldPackageJson,
+  scaffoldProject,
+  installAuthIntoProject,
+  installAuthorizationIntoProject,
+  installQueueIntoProject,
+  installEventsIntoProject,
+  installRealtimeIntoProject,
+  installNotificationsIntoProject,
+  publishAuthNotificationsIntoProject,
+  installMailIntoProject,
+  installMediaIntoProject,
+  installSecurityIntoProject,
+  installCacheIntoProject,
+  installBroadcastIntoProject
+};