@launchframe/mcp 1.1.4 → 1.1.6

package/.claude/settings.local.json

@@ -2,7 +2,10 @@
   "permissions": {
     "allow": [
       "Bash(wc:*)",
-      "Bash(grep:*)"
+      "Bash(grep:*)",
+      "Bash(python3:*)",
+      "Bash(xargs cat:*)",
+      "Bash(git:*)"
     ]
   }
 }

package/dist/content/auth/overview.md

@@ -15,14 +15,14 @@ All routes are protected by default via the global `BetterAuthGuard` (registered
 |------|-------------|
 | `business_user` | Default role for all registered users |
 | `superadmin` | Granted via admin panel; full access |
-| `regular_user` | B2B2C variant only — end-customer of the SaaS |
+| `customer` | B2B2C variant only — end-customer of the SaaS |
 
 ## Session Flow
 
 1. Request hits `BetterAuthGuard`
 2. Guard checks for `@AllowAnonymous` / `@OptionalAuth` metadata
 3. Calls `auth.api.getSession({ headers })` via Better Auth
-4. Rejects `regular_user` on non-`@CustomerPortal` routes
+4. Rejects `customer` on non-`@CustomerPortal` routes
 5. Attaches `request.session` and `request.user`
 
 ## Decorators
@@ -32,7 +32,7 @@ All routes are protected by default via the global `BetterAuthGuard` (registered
 | `@AllowAnonymous()` | Route is fully public — no auth check |
 | `@Public()` | Alias for `@AllowAnonymous()` |
 | `@OptionalAuth()` | Auth checked but not required; `request.user` may be undefined |
-| `@CustomerPortal()` | Allows `regular_user` role (B2B2C variant) |
+| `@CustomerPortal()` | Allows `customer` role (B2B2C variant) |
 | `@UserSession()` | Param decorator — injects the `User` from session |
 | `@Session()` | Param decorator — injects full `{ user, session }` object |
 

package/dist/content/{content/database → database}/schema.md

@@ -58,18 +58,6 @@ Roles: `business_user`, `superadmin`, `customer` (B2B2C variant)
 | created_at | timestamp | NO |
 | updated_at | timestamp | NO |
 
-#### `oauth_tokens`
-| Column | Type | Nullable | Default |
-|--------|------|----------|---------|
-| id | integer (PK, serial) | NO | nextval |
-| token_type | text | NO | |
-| user_id | integer (FK → users.id) | NO | |
-| access_token | text | NO | |
-| refresh_token | text | NO | |
-| expires_at | timestamp | NO | |
-| created_at | timestamp | NO | CURRENT_TIMESTAMP |
-| updated_at | timestamp | NO | CURRENT_TIMESTAMP |
-
 ---
 
 ### Subscriptions

package/dist/content/variants/overview.md

@@ -20,7 +20,7 @@ Extends Base by adding workspace/project isolation.
 
 ### B2B2C
 Extends Base by adding a separate customer-facing experience (end-users of your customers).
-- Adds `regular_user` role
+- Adds `customer` role
 - Adds `customers-portal` frontend service
 - Adds `@CustomerPortal()` route decorator for customer-only endpoints
 - B2B2C can also be combined with multi-tenancy

package/package.json

@@ -1,13 +1,13 @@
 {
   "name": "@launchframe/mcp",
-  "version": "1.1.4",
+  "version": "1.1.6",
   "description": "LaunchFrame MCP Server — knowledge tools for AI agents building LaunchFrame projects",
   "bin": {
     "launchframe-mcp": "dist/index.js"
   },
   "main": "dist/index.js",
   "scripts": {
-    "build": "tsc && cp -r src/content dist/content",
+    "build": "rm -rf dist && tsc && cp -r src/content dist/content",
     "start": "node dist/index.js",
     "prepublishOnly": "npm run build"
   },

package/dist/content/content/auth/overview.md

@@ -1,64 +0,0 @@
-# LaunchFrame Auth Overview
-
-## Guard Architecture
-
-All routes are protected by default via the global `BetterAuthGuard` (registered in `app.module.ts` as `APP_GUARD`).
-
-**Import paths:**
-- Decorators: `src/modules/auth/auth.decorator.ts`
-- Guard: `src/modules/auth/better-auth.guard.ts`
-- Base guard: `src/modules/auth/guards/base-auth.guard.ts`
-
-## Roles
-
-| Role | Description |
-|------|-------------|
-| `business_user` | Default role for all registered users |
-| `superadmin` | Granted via admin panel; full access |
-| `customer` | B2B2C variant only — end-customer of the SaaS |
-
-## Session Flow
-
-1. Request hits `BetterAuthGuard`
-2. Guard checks for `@AllowAnonymous` / `@OptionalAuth` metadata
-3. Calls `auth.api.getSession({ headers })` via Better Auth
-4. Rejects `customer` on non-`@CustomerPortal` routes
-5. Attaches `request.session` and `request.user`
-
-## Decorators
-
-| Decorator | Effect |
-|-----------|--------|
-| `@AllowAnonymous()` | Route is fully public — no auth check |
-| `@Public()` | Alias for `@AllowAnonymous()` |
-| `@OptionalAuth()` | Auth checked but not required; `request.user` may be undefined |
-| `@CustomerPortal()` | Allows `customer` role (B2B2C variant) |
-| `@UserSession()` | Param decorator — injects the `User` from session |
-| `@Session()` | Param decorator — injects full `{ user, session }` object |
-
-## Example Usage
-
-```typescript
-import { Controller, Get } from '@nestjs/common';
-import { AllowAnonymous, UserSession } from '../auth/auth.decorator';
-import { User } from '../users/user.entity';
-
-@Controller('example')
-export class ExampleController {
-  // Public — no auth
-  @Get('public')
-  @AllowAnonymous()
-  getPublic() { ... }
-
-  // Protected (default) — business_user or superadmin
-  @Get('me')
-  getMe(@UserSession() user: User) { ... }
-}
-```
-
-## Better Auth Setup
-
-Better Auth instance: `src/modules/auth/auth.ts`
-- Adapts to TypeORM via `betterAuthTypeOrmAdapter`
-- Plugins: email/password, Google OAuth, API keys, admin
-- Session stored in `sessions` table; user in `user` table (Better Auth schema)

package/dist/content/content/credits/deduction.md

@@ -1,27 +0,0 @@
-# Credits Deduction Pattern
-
-Add `@DeductCredits(n)` + `@UseGuards(CreditsGuard)` to any route that should cost credits.
-
-```typescript
-import { UseGuards } from '@nestjs/common';
-import { CreditsGuard } from '../credits/guards/credits.guard';
-import { DeductCredits } from '../credits/decorators/deduct-credits.decorator';
-
-@DeductCredits(10)
-@UseGuards(CreditsGuard)
-@Post('ai-operation')
-async handler(@UserSession() user: User) {
-  // CreditsGuard runs before the handler and deducts based on monetization strategy
-  // Handler only runs if credits check passes
-}
-```
-
-## Rules
-
-- **Both** `@DeductCredits(n)` and `@UseGuards(CreditsGuard)` are required together — neither works alone.
-- `n` is the number of credits to deduct per call.
-- `CreditsGuard` reads the active monetization strategy from `MonetizationConfigService` (cached 24h in Redis).
-- The guard behaviour depends on strategy (see `credits_get_monetization_strategies`).
-- Source files:
-  - `src/modules/credits/decorators/deduct-credits.decorator.ts`
-  - `src/modules/credits/guards/credits.guard.ts`

package/dist/content/content/credits/strategies.md

@@ -1,25 +0,0 @@
-# Credits Monetization Strategies
-
-The active strategy is stored in `AdminSettings` and cached for 24h in Redis via `MonetizationConfigService`.
-
-## Strategies
-
-| Strategy | Behaviour |
-|----------|-----------|
-| `free` | All credit checks bypass — no deduction ever |
-| `subscription` | Credit checks bypass — use feature gates to restrict instead |
-| `credits` | Deduct `n` credits from user balance; 402 if insufficient |
-| `hybrid` | Deduct from `subscription.plan.monthlyCredits` allowance first; bill Polar overage when exhausted |
-
-## Hybrid details
-
-- Monthly allowance: `subscription.plan.monthlyCredits` (column on `SubscriptionPlan` entity, NOT a feature code)
-- Overage rate: `subscription.plan.overageRate` (column on `SubscriptionPlan` entity)
-- Overage is charged via Polar meter API
-
-## Choosing a strategy
-
-- **SaaS with flat plans** → `subscription` (gates control feature access, no per-call cost)
-- **API / AI product** → `credits` (pay-as-you-go balance)
-- **AI + subscription tiers** → `hybrid` (included monthly quota + Polar overage billing)
-- **Early stage / free tier** → `free` (disable all metering)

package/dist/content/content/crons/pattern.md

@@ -1,51 +0,0 @@
-# Cron Jobs — LaunchFrame Pattern
-
-## Key Rules
-
-- **Single service**: All cron jobs live in `src/jobs/cron.service.ts`. Do NOT create new cron services unless the job is genuinely complex enough to warrant its own service.
-- **Lightweight methods**: Cron methods should enqueue work to Bull and return. Never do heavy processing inline.
-- `ScheduleModule.forRoot()` is already registered in `app.module.ts` — do not add it again.
-
-## Imports
-
-```typescript
-import { Cron, CronExpression } from '@nestjs/schedule';
-import { InjectQueue } from '@nestjs/bull';
-import { Queue } from 'bull';
-```
-
-## Available CronExpression values
-
-```
-CronExpression.EVERY_MINUTE
-CronExpression.EVERY_30_MINUTES
-CronExpression.EVERY_HOUR
-CronExpression.EVERY_DAY_AT_MIDNIGHT
-CronExpression.EVERY_WEEK
-```
-
-Use a raw cron string (e.g. `'0 9 * * 1-5'`) if no preset fits.
-
-## Example method
-
-```typescript
-@Cron(CronExpression.EVERY_HOUR)
-async processWebhooks() {
-  this.logger.log('Starting webhook processing job...');
-  try {
-    const items = await this.repo.find({ where: { processed: false } });
-    for (const item of items) {
-      await this.queue.add({ id: item.id }, {
-        attempts: 3,
-        backoff: { type: 'exponential', delay: 2000 },
-      });
-    }
-  } catch (error) {
-    this.logger.error('Error in processWebhooks:', error);
-  }
-}
-```
-
-## Module registration
-
-`CronService` is already a provider in `JobsModule`. If you inject a new queue or repository, add the corresponding `BullModule.registerQueue` / `TypeOrmModule.forFeature` to `JobsModule` imports.

package/dist/content/content/entities/conventions.md

@@ -1,97 +0,0 @@
-# TypeORM Entity Conventions in LaunchFrame
-
-## Required Decorators
-
-Every entity must have these four:
-
-```typescript
-@Entity('snake_case_table_name')
-export class MyEntity {
-  @PrimaryGeneratedColumn()
-  id: number;
-
-  // ... domain columns ...
-
-  @CreateDateColumn()
-  createdAt: Date;
-
-  @UpdateDateColumn()
-  updatedAt: Date;
-}
-```
-
-## Naming Strategy
-
-A global `SnakeNamingStrategy` is configured in TypeORM. This means:
-- `createdAt` → `created_at` automatically
-- `userId` → `user_id` automatically
-- Do NOT add `name: 'column_name'` unless you need to deviate from the convention.
-
-Exception: some legacy entities specify explicit `name:` — that is acceptable but not required for new entities.
-
-## Column Types
-
-```typescript
-// String
-@Column() name: string;
-@Column({ type: 'text', nullable: true }) description: string;
-@Column({ type: 'varchar', length: 255, nullable: true }) slug: string;
-
-// Number
-@Column({ type: 'int' }) count: number;
-@Column({ type: 'decimal', precision: 10, scale: 2, nullable: true }) amount: number;
-
-// Boolean
-@Column({ default: false }) isActive: boolean;
-
-// JSON
-@Column({ type: 'jsonb' }) metadata: Record<string, any>;
-@Column({ type: 'jsonb', nullable: true }) options: Record<string, any>;
-
-// Enum (define enum in same file)
-export enum MyStatus { ACTIVE = 'active', INACTIVE = 'inactive' }
-@Column({ type: 'enum', enum: MyStatus }) status: MyStatus;
-
-// UUID primary key
-@PrimaryGeneratedColumn('uuid') id: string;
-```
-
-## Relations
-
-```typescript
-// Foreign key column + relation (preferred pattern)
-@Column({ type: 'int' })
-userId: number;
-
-@ManyToOne(() => User, { onDelete: 'CASCADE' })
-user: User;
-
-// One-to-many
-@OneToMany(() => CreditTransaction, (tx) => tx.user)
-transactions: CreditTransaction[];
-```
-
-## Multi-Tenancy
-
-For multi-tenant variants, add `projectId` to every domain entity:
-
-```typescript
-// MULTI_TENANT_FIELDS_START
-@Column() projectId: number;
-// MULTI_TENANT_FIELDS_END
-```
-
-Leave the section markers in place — the CLI uses them to splice in multi-tenant fields.
-
-## File Location
-
-```
-src/modules/<domain>/entities/<entity-name>.entity.ts
-```
-
-Register in the module via `TypeOrmModule.forFeature([MyEntity])`.
-
-## Migration
-
-Migrations live in `src/migrations/`. Name format: `<timestamp>-<PascalCaseDescription>.ts`.
-Run inside the backend container: `npm run migration:run`.

package/dist/content/content/env/conventions.md

@@ -1,123 +0,0 @@
-# Environment Variable Conventions
-
-## Single Centralized `.env`
-
-All environment variables live in **one file**: `infrastructure/.env`
-
-Docker Compose mounts it into every container via `env_file:` — **never create per-service `.env` files**.
-
-## Variable Naming
-
-Variables are **canonical** (no service-specific prefixes like `REACT_APP_`, `VITE_`, or `NEXT_PUBLIC_`).
-The `docker-compose.yml` files map canonical names to the appropriate prefixed versions for each service.
-
-Example mapping in docker-compose:
-```yaml
-environment:
-  - VITE_API_BASE_URL=${API_BASE_URL}
-  - NEXT_PUBLIC_PRIMARY_DOMAIN=${PRIMARY_DOMAIN}
-```
-
-## Key Variables Reference
-
-### Application
-```
-NODE_ENV=production
-APP_NAME=
-PRIMARY_DOMAIN=
-```
-
-### Database (PostgreSQL)
-```
-DB_HOST=database
-DB_PORT=5432
-DB_USERNAME=postgres
-DB_PASSWORD=
-DB_DATABASE=
-DATABASE_URL=postgresql://${DB_USERNAME}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_DATABASE}
-```
-
-### Redis
-```
-REDIS_HOST=redis
-REDIS_PORT=6379
-REDIS_PASSWORD=
-REDIS_URL=redis://${REDIS_HOST}:${REDIS_PORT}
-```
-
-### Service URLs & Ports
-```
-BACKEND_PORT=4000
-API_BASE_URL=http://localhost:4000
-BACKEND_API_URL=http://backend:4000
-
-ADMIN_FRONTEND_PORT=3001
-ADMIN_BASE_URL=http://localhost:3001
-
-CUSTOMERS_FRONTEND_PORT=3000
-FRONTEND_BASE_URL=http://localhost:3000
-
-WEBSITE_PORT=8080
-WEBSITE_BASE_URL=http://localhost:8080
-```
-
-### Authentication & Security
-```
-BETTER_AUTH_SECRET=          # min 32 chars, generate: openssl rand -base64 32
-INITIAL_CREDITS=100          # credits granted to new users
-BULL_ADMIN_TOKEN=            # Bull Board dashboard access
-```
-
-### Email
-```
-RESEND_API_KEY=              # production email (Resend)
-MAIL_HOST=                   # SMTP host (dev: Mailtrap)
-MAIL_USER=
-MAIL_PASSWORD=
-MAIL_FROM=noreply@${PRIMARY_DOMAIN}
-```
-
-### Payments (Polar.sh)
-```
-POLAR_ACCESS_TOKEN=
-POLAR_SUCCESS_URL=${ADMIN_BASE_URL}/payments/success?checkout_id={CHECKOUT_ID}
-POLAR_WEBHOOK_SECRET=
-# POLAR_ENVIRONMENT=sandbox  # defaults to 'sandbox' in dev, 'production' in prod
-```
-
-### Google
-```
-GOOGLE_CLIENT_ID=
-GOOGLE_CLIENT_SECRET=
-GOOGLE_REDIRECT_URI=http://localhost:4000/auth/google/callback
-GOOGLE_ANALYTICS_ID=
-GOOGLE_CLOUD_STORAGE_BUCKET=
-```
-
-### Monitoring
-```
-BACKEND_SENTRY_DSN=
-ADMIN_FRONTEND_SENTRY_DSN=
-CUSTOMERS_PORTAL_SENTRY_DSN=
-MIXPANEL_PROJECT_TOKEN=
-```
-
-### Real-time
-```
-PUSHER_KEY=
-PUSHER_CLUSTER=
-```
-
-## Adding a New Variable
-
-1. Add it to `infrastructure/base/.env.example` with a comment
-2. Add it to `infrastructure/.env` (your local copy, never committed)
-3. Reference it in the relevant `docker-compose.yml` `environment:` section if a prefix is needed
-4. Access in NestJS via `process.env.VAR_NAME` or via `ConfigService`
-
-## Rules
-
-- **NEVER** commit `.env` — it is gitignored
-- **NEVER** create per-service `.env` files
-- All secrets (auth, DB, API keys) go in `infrastructure/.env` only
-- Use `base/.env.example` as the template — it has all variables with placeholder values

package/dist/content/content/feature-gates/overview.md

@@ -1,74 +0,0 @@
-# Feature Gate System Overview
-
-## Architecture
-
-Features are fully generic and defined in the database — there are no hardcoded feature codes.
-
-| Table | Purpose |
-|-------|---------|
-| `subscription_plan_features` | Feature definitions: `code`, `name`, `featureType` (boolean/numeric/text), `defaultValue` |
-| `subscription_plan_feature_values` | Per-plan feature values: links plan → feature → value (JSONB) |
-
-Features are created and managed via the admin portal. The template ships with a single `basic_access` feature for the free plan as a starting point.
-
-## Querying Features
-
-```typescript
-import { UserSubscriptionService } from '../subscriptions/services/user-subscription.service';
-
-// Returns Record<string, any> — keys are feature codes, values are the raw stored value
-const features = await this.userSubscriptionService.getCurrentFeatures(userId);
-
-// Example: check a boolean feature
-const hasFeature = features['your_feature_code'] === true;
-
-// Example: check a numeric feature (-1 means unlimited)
-const limit = features['your_feature_code'] as number ?? 0;
-const isUnlimited = limit === -1;
-```
-
-## Check Pattern (no decorator — manual check only)
-
-```typescript
-import { Injectable, ForbiddenException } from '@nestjs/common';
-import { UserSubscriptionService } from '../subscriptions/services/user-subscription.service';
-
-@Injectable()
-export class YourService {
-  constructor(
-    private readonly userSubscriptionService: UserSubscriptionService,
-  ) {}
-
-  async guardedOperation(userId: number) {
-    const features = await this.userSubscriptionService.getCurrentFeatures(userId);
-
-    // Boolean feature
-    if (!features['your_boolean_feature']) {
-      throw new ForbiddenException('Your plan does not include this feature');
-    }
-
-    // Numeric feature with limit
-    const limit = features['your_numeric_feature'] as number ?? 0;
-    const currentCount = await this.getCount(userId);
-    if (limit !== -1 && currentCount >= limit) {
-      throw new ForbiddenException(`Plan limit reached (${limit})`);
-    }
-  }
-}
-```
-
-## Unlimited Sentinel
-
-For numeric features, `-1` means unlimited. Always check for it:
-```typescript
-const isUnlimited = limit === -1;
-if (!isUnlimited && currentCount >= limit) { ... }
-```
-
-## Credits-specific Plan Fields
-
-Monthly credits and overage rate are NOT generic features — they live as dedicated columns on `SubscriptionPlan`:
-- `plan.monthlyCredits: number | null` — monthly credit allowance (null = not applicable)
-- `plan.overageRate: number | null` — per-credit overage cost (null = no overage)
-
-These are read directly from the subscription, not via `getCurrentFeatures()`.

package/dist/content/content/modules/structure.md

@@ -1,44 +0,0 @@
-# NestJS Module Structure in LaunchFrame
-
-## Folder Layout
-
-Every domain lives under `src/modules/<domain>/`:
-
-```
-src/modules/<domain>/
-├── <domain>.module.ts       # Module definition
-├── <domain>.service.ts      # Business logic
-├── <domain>.controller.ts   # HTTP routes (if applicable)
-└── entities/
-    └── <entity>.entity.ts   # TypeORM entity
-```
-
-## Module Rules
-
-1. **Entity registration**: Use `TypeOrmModule.forFeature([...entities])` inside `imports`.
-2. **Circular deps**: Wrap with `forwardRef(() => OtherModule)` on both sides.
-3. **Bull queues**: Import `BullQueueModule` (shared forRoot) + `BullModule.registerQueue({ name })` — never re-declare `forRoot`.
-4. **Exports**: Only export what other modules actually need (service, guard, etc.).
-5. **Registering in AppModule**: Add your module to `app.module.ts` imports array.
-
-## Variant Section Markers
-
-Variant-specific code uses comment markers so the CLI can splice in additions:
-
-```typescript
-// MULTI_TENANT_IMPORTS_START
-// MULTI_TENANT_IMPORTS_END
-
-// MULTI_TENANT_ENTITIES_START
-// MULTI_TENANT_ENTITIES_END
-
-// MULTI_TENANT_PROVIDERS_START
-// MULTI_TENANT_PROVIDERS_END
-```
-
-Leave these markers in place even if empty — the CLI relies on them.
-
-## Placement in AppModule
-
-`app.module.ts` already bootstraps global modules (TypeORM, Bull, Schedule, etc.).
-Your module only needs to import what it directly depends on.

package/dist/content/content/queues/names.md

@@ -1,18 +0,0 @@
-# Bull Queues
-
-LaunchFrame registers 5 Bull queues via `BullQueueModule` (`src/modules/bull/bull.module.ts`).
-
-| Queue name   | Purpose                                      |
-|--------------|----------------------------------------------|
-| `emails`     | Transactional email sending via Resend       |
-| `api`        | Outbound HTTP API calls to third-party services |
-| `webhooks`   | Processing inbound webhook payloads          |
-
-## Usage rules
-
-- **Import `BullQueueModule`** (not `BullModule.forRoot`) in your feature module — it re-uses the shared Redis connection.
-- Register the queue in your module with `BullModule.registerQueue({ name: 'queue-name' })`, imported from `bull.module.ts`.
-- Inject with `@InjectQueue('queue-name') private queue: Queue` from `@nestjs/bull`.
-- Default job options: `{ attempts: 3, backoff: { type: 'exponential', delay: 2000 } }`.
-- **Always `throw error`** in processor catch blocks — Bull needs the error to trigger retries.
-- Keep cron/scheduler methods lightweight: enqueue to Bull, do heavy work in the processor.

package/dist/content/content/variants/overview.md

@@ -1,67 +0,0 @@
-# LaunchFrame Variants
-
-LaunchFrame generates projects in one of three variants. Each variant is a superset of the previous.
-
-## Variant Overview
-
-### Base (B2B, single-tenant)
-The simplest variant. One admin panel, one customer-facing portal, no multi-tenancy.
-- Single workspace per account
-- No `projectId` on entities
-- No `projects` module
-- Roles: `admin`, `user`
-
-### Multi-tenant
-Extends Base by adding workspace/project isolation.
-- `projects` module: CRUD, ownership guards
-- `projectId: number` column on all domain entities
-- Project ownership guard on all project-scoped routes
-- Roles: `admin`, `user` (scoped to project)
-
-### B2B2C
-Extends Base by adding a separate customer-facing experience (end-users of your customers).
-- Adds `customer` role
-- Adds `customers-portal` frontend service
-- Adds `@CustomerPortal()` route decorator for customer-only endpoints
-- B2B2C can also be combined with multi-tenancy
-
-## Section Marker Syntax
-
-Source files use markers so the CLI can strip/inject variant-specific code blocks:
-
-```
-// {{SECTION_NAME}}_START
-... variant-specific code ...
-// {{SECTION_NAME}}_END
-```
-
-Common section names:
-- `MULTI_TENANT_FIELDS` — `projectId` columns on entities
-- `MULTI_TENANT_GUARD` — project ownership guard imports/decorators
-- `CUSTOMER_PORTAL_ROUTES` — B2B2C customer route blocks
-
-The CLI strips sections that don't apply to the chosen variant and removes the markers from kept sections.
-
-## Coding Guidelines per Variant
-
-### When writing entities
-- **Base**: no `projectId`
-- **Multi-tenant**: add `@Column() projectId: number;` wrapped in `// MULTI_TENANT_FIELDS_START` / `_END`
-
-### When writing controllers
-- **Multi-tenant**: add project ownership guard
-  ```typescript
-  // MULTI_TENANT_GUARD_START
-  @UseGuards(ProjectOwnershipGuard)
-  // MULTI_TENANT_GUARD_END
-  ```
-- **B2B2C**: wrap customer-only routes with `@CustomerPortal()` and section markers
-
-### When scaffolding modules
-- Use section markers for any variant-specific imports, providers, or route decorators
-- Keep the base code path clean — markers are additive
-
-## Which Variant to Target
-
-When writing code for a LaunchFrame project, check the project's `VARIANT` env var or ask the user.
-Default assumption: **Base** (single-tenant B2B) unless told otherwise.

package/dist/content/content/webhooks/architecture.md

@@ -1,53 +0,0 @@
-# Webhook Architecture
-
-LaunchFrame uses a **receipt/processing separation** pattern for all inbound webhooks.
-
-## Flow
-
-```
-Webhook Provider → Controller (receipt) → WebhookLog (DB) → Bull queue → Processor (processing)
-                                                         ↑
-                                             Cron retries failed jobs
-```
-
-## 1. Controller (Receipt Layer)
-
-The controller saves the raw payload and returns 200 **immediately** — never process inline.
-
-```typescript
-import { Controller, Post, Req, Res } from '@nestjs/common';
-import { Public } from '../auth/auth.decorator';
-import { UseGuards } from '@nestjs/common';
-import { PolarWebhookGuard } from './guards/polar-webhook.guard';
-
-@Controller('webhooks')
-export class WebhooksController {
-  @Post('polar')
-  @Public()
-  @UseGuards(PolarWebhookGuard)
-  async handlePolar(@Req() req: Request, @Res() res: Response): Promise<void> {
-    // Save raw payload to WebhookLog, enqueue to 'webhooks' Bull queue
-    res.status(200).send(); // Always return 200 immediately
-  }
-}
-```
-
-## 2. WebhookLog Entity
-
-Fields: `provider` (enum: POLAR | PAYPAL | STRIPE), `eventType`, `webhookId`, `payload` (jsonb),
-`headers` (jsonb), `processed` (bool, default false), `retryCount` (int, default 0), `processingError`.
-
-## 3. Processor (Processing Layer)
-
-A Bull processor on the `webhooks` queue handles the actual logic. Always `throw error` in catch blocks.
-
-## 4. Retry Cron
-
-`CronService` runs `EVERY_HOUR`, fetches up to 100 `WebhookLog` records where `processed=false AND retryCount < 5`,
-and re-enqueues them to the `webhooks` Bull queue (which has its own 3-attempt exponential backoff).
-App-level max retries: **5** (enforced by the cron filter).
-
-## Guards
-
-- `PolarWebhookGuard` — validates Polar webhook signature
-- Add equivalent guards for other providers (PayPal, Stripe) as needed