@mars-stack/cli 0.2.0 → 1.0.2

package/template/prisma/generated/prisma/models.ts

@@ -0,0 +1,17 @@
+
+/* !!! This is code generated by Prisma. Do not edit directly. !!! */
+/* eslint-disable */
+// biome-ignore-all lint: generated file
+// @ts-nocheck 
+/*
+ * This is a barrel export file for all models and their related types.
+ *
+ * 🟢 You can import this file directly.
+ */
+export type * from './models/User'
+export type * from './models/Account'
+export type * from './models/Session'
+export type * from './models/VerificationToken'
+export type * from './models/File'
+export type * from './models/Subscription'
+export type * from './commonInputTypes'

package/template/prisma/schema/auth.prisma

@@ -0,0 +1,69 @@
+model User {
+  id            String    @id @default(cuid())
+  email         String    @unique
+  name          String?
+  password      String?
+  role          String    @default("user")
+  emailVerified DateTime?
+  image         String?
+  createdAt     DateTime  @default(now())
+  updatedAt     DateTime  @updatedAt
+
+  failedLoginAttempts Int       @default(0)
+  lastFailedLogin     DateTime?
+  lockedUntil         DateTime?
+
+  termsAcceptedAt   DateTime?
+  privacyAcceptedAt DateTime?
+  marketingOptIn    Boolean   @default(false)
+  marketingOptInAt  DateTime?
+
+  accounts     Account[]
+  sessions     Session[]
+  files        File[]
+  subscription Subscription?
+
+  @@index([email])
+  @@index([role])
+}
+
+model Account {
+  id                String  @id @default(cuid())
+  userId            String
+  provider          String
+  providerAccountId String
+  refreshToken      String?
+  accessToken       String?
+  expiresAt         Int?
+  tokenType         String?
+  scope             String?
+
+  user User @relation(fields: [userId], references: [id], onDelete: Cascade)
+
+  @@unique([provider, providerAccountId])
+  @@index([userId])
+}
+
+model Session {
+  id        String   @id @default(cuid())
+  userId    String
+  token     String   @unique
+  expiresAt DateTime
+  createdAt DateTime @default(now())
+  ipAddress String?
+  userAgent String?
+
+  user User @relation(fields: [userId], references: [id], onDelete: Cascade)
+
+  @@index([userId])
+  @@index([token])
+  @@index([expiresAt])
+}
+
+model VerificationToken {
+  identifier String
+  token      String   @unique
+  expires    DateTime
+
+  @@unique([identifier, token])
+}

package/template/prisma/schema/base.prisma

@@ -0,0 +1,8 @@
+datasource db {
+  provider = "postgresql"
+}
+
+generator client {
+  provider = "prisma-client"
+  output   = "../generated/prisma"
+}

package/template/prisma/schema/file.prisma

@@ -0,0 +1,15 @@
+model File {
+  id          String   @id @default(cuid())
+  userId      String
+  filename    String
+  url         String
+  contentType String
+  size        Int
+  access      String   @default("private")
+  createdAt   DateTime @default(now())
+  updatedAt   DateTime @updatedAt
+
+  user User @relation(fields: [userId], references: [id], onDelete: Cascade)
+
+  @@index([userId])
+}

package/template/prisma/schema/subscription.prisma

@@ -0,0 +1,17 @@
+model Subscription {
+  id                   String    @id @default(cuid())
+  userId               String    @unique
+  stripeCustomerId     String    @unique
+  stripePriceId        String?
+  stripeSubscriptionId String?   @unique
+  status               String    @default("inactive")
+  currentPeriodEnd     DateTime?
+  cancelAtPeriodEnd    Boolean   @default(false)
+  createdAt            DateTime  @default(now())
+  updatedAt            DateTime  @updatedAt
+
+  user User @relation(fields: [userId], references: [id], onDelete: Cascade)
+
+  @@index([stripeCustomerId])
+  @@index([stripeSubscriptionId])
+}

package/template/prisma.config.ts

@@ -0,0 +1,13 @@
+import 'dotenv/config';
+import { defineConfig } from 'prisma/config';
+
+export default defineConfig({
+  schema: 'prisma/schema',
+  migrations: {
+    path: 'prisma/migrations',
+    seed: 'tsx scripts/seed.ts',
+  },
+  datasource: {
+    url: process.env.DATABASE_URL ?? 'postgresql://',
+  },
+});

package/template/scripts/check-architecture.ts

@@ -0,0 +1,221 @@
+/**
+ * Scans imports and validates architectural invariants.
+ *
+ * Checks:
+ * 1. No cross-feature imports (features must not import from other features)
+ * 2. Server modules have `server-only` import
+ * 3. Protected API routes use auth middleware
+ * 4. Design tokens used instead of raw Tailwind colors in .tsx files
+ *
+ * Exit code 0 if clean, 1 if violations found.
+ *
+ * Usage: tsx scripts/check-architecture.ts
+ */
+
+import * as fs from 'fs';
+import * as path from 'path';
+
+const ROOT = path.resolve(__dirname, '..');
+const FEATURES_DIR = path.join(ROOT, 'src', 'features');
+const API_DIR = path.join(ROOT, 'src', 'app', 'api');
+
+interface Violation {
+  file: string;
+  rule: string;
+  message: string;
+  remediation: string;
+}
+
+function collectFiles(dir: string, ext: string[]): string[] {
+  const results: string[] = [];
+  if (!fs.existsSync(dir)) return results;
+
+  const entries = fs.readdirSync(dir, { withFileTypes: true });
+  for (const entry of entries) {
+    const full = path.join(dir, entry.name);
+    if (entry.isDirectory()) {
+      results.push(...collectFiles(full, ext));
+    } else if (ext.some((e) => entry.name.endsWith(e))) {
+      results.push(full);
+    }
+  }
+  return results;
+}
+
+function getFeatureName(filePath: string): string | null {
+  const rel = path.relative(FEATURES_DIR, filePath);
+  if (rel.startsWith('..')) return null;
+  return rel.split(path.sep)[0];
+}
+
+function checkCrossFeatureImports(violations: Violation[]): void {
+  if (!fs.existsSync(FEATURES_DIR)) return;
+
+  const featureFiles = collectFiles(FEATURES_DIR, ['.ts', '.tsx']);
+
+  for (const file of featureFiles) {
+    const featureName = getFeatureName(file);
+    if (!featureName) continue;
+
+    const content = fs.readFileSync(file, 'utf-8');
+    const _importRegex = /(?:import|from)\s+['"](@\/features\/|\.\.\/\.\.\/|\.\.\.\/)/g;
+    const lines = content.split('\n');
+
+    for (let i = 0; i < lines.length; i++) {
+      const line = lines[i];
+
+      const featureImportMatch = line.match(
+        /(?:import|from)\s+['"]@\/features\/(\w+)/,
+      );
+      if (featureImportMatch && featureImportMatch[1] !== featureName) {
+        violations.push({
+          file: path.relative(ROOT, file),
+          rule: 'no-cross-feature-imports',
+          message: `Feature "${featureName}" imports from feature "${featureImportMatch[1]}" (line ${i + 1})`,
+          remediation: `Move shared logic to src/lib/ or @mars-stack/* packages. Features must only import from @/lib/, @mars-stack/*, and @/config/.`,
+        });
+      }
+
+      const relativeMatch = line.match(
+        /(?:import|from)\s+['"](\.\.\/(?:\.\.\/)*)/,
+      );
+      if (relativeMatch) {
+        const resolved = path.resolve(path.dirname(file), relativeMatch[1]);
+        const resolvedFeature = getFeatureName(resolved);
+        if (
+          resolvedFeature &&
+          resolvedFeature !== featureName &&
+          resolved.startsWith(FEATURES_DIR)
+        ) {
+          violations.push({
+            file: path.relative(ROOT, file),
+            rule: 'no-cross-feature-imports',
+            message: `Feature "${featureName}" has relative import reaching into feature "${resolvedFeature}" (line ${i + 1})`,
+            remediation: `Refactor shared logic into src/lib/ instead of importing across features.`,
+          });
+        }
+      }
+    }
+  }
+}
+
+function checkServerOnlyImport(violations: Violation[]): void {
+  const serverDirs: string[] = [];
+
+  function findServerDirs(dir: string): void {
+    if (!fs.existsSync(dir)) return;
+    const entries = fs.readdirSync(dir, { withFileTypes: true });
+    for (const entry of entries) {
+      if (entry.isDirectory()) {
+        const full = path.join(dir, entry.name);
+        if (entry.name === 'server') {
+          serverDirs.push(full);
+        }
+        findServerDirs(full);
+      }
+    }
+  }
+
+  findServerDirs(path.join(ROOT, 'src'));
+
+  for (const serverDir of serverDirs) {
+    const files = collectFiles(serverDir, ['.ts', '.tsx']);
+    for (const file of files) {
+      const content = fs.readFileSync(file, 'utf-8');
+      if (!content.includes("import 'server-only'") && !content.includes('import "server-only"')) {
+        violations.push({
+          file: path.relative(ROOT, file),
+          rule: 'server-only-import',
+          message: `Server module missing "server-only" import`,
+          remediation: `Add \`import 'server-only'\` as the first import in this file to prevent client-side bundling.`,
+        });
+      }
+    }
+  }
+}
+
+function checkProtectedRouteAuth(violations: Violation[]): void {
+  const protectedDir = path.join(API_DIR, 'protected');
+  if (!fs.existsSync(protectedDir)) return;
+
+  const routeFiles = collectFiles(protectedDir, ['.ts', '.tsx']);
+  const authPatterns = ['withAuth', 'withAuthNoParams', 'withRole', 'withOwnership'];
+
+  for (const file of routeFiles) {
+    if (!file.endsWith('route.ts') && !file.endsWith('route.tsx')) continue;
+
+    const content = fs.readFileSync(file, 'utf-8');
+    const hasAuth = authPatterns.some((pattern) => content.includes(pattern));
+
+    if (!hasAuth) {
+      violations.push({
+        file: path.relative(ROOT, file),
+        rule: 'protected-route-auth',
+        message: `Protected API route does not use auth middleware`,
+        remediation: `Wrap the handler with withAuth, withRole, or withOwnership from @/lib/mars.`,
+      });
+    }
+  }
+}
+
+const RAW_COLOR_PATTERN = /(?:bg|text|border|ring|outline|shadow|accent|fill|stroke)-(?:red|blue|green|yellow|orange|purple|pink|indigo|violet|teal|cyan|emerald|lime|amber|fuchsia|rose|sky|slate|gray|zinc|neutral|stone)-\d{2,3}/g;
+
+function checkDesignTokenUsage(violations: Violation[]): void {
+  const tsxFiles = collectFiles(path.join(ROOT, 'src'), ['.tsx']);
+
+  for (const file of tsxFiles) {
+    const content = fs.readFileSync(file, 'utf-8');
+    const lines = content.split('\n');
+
+    for (let i = 0; i < lines.length; i++) {
+      const matches = lines[i].match(RAW_COLOR_PATTERN);
+      if (matches) {
+        for (const match of matches) {
+          violations.push({
+            file: path.relative(ROOT, file),
+            rule: 'design-tokens-only',
+            message: `Raw Tailwind color "${match}" found (line ${i + 1})`,
+            remediation: `Replace with a semantic design token (e.g., bg-surface-primary, text-content-primary). See @mars-stack/ui/styles for available tokens.`,
+          });
+        }
+      }
+    }
+  }
+}
+
+function main(): void {
+  const violations: Violation[] = [];
+
+  console.log('Checking architectural invariants...\n');
+
+  checkCrossFeatureImports(violations);
+  checkServerOnlyImport(violations);
+  checkProtectedRouteAuth(violations);
+  checkDesignTokenUsage(violations);
+
+  if (violations.length === 0) {
+    console.log('All checks passed. No architectural violations found.');
+    process.exit(0);
+  }
+
+  const grouped = new Map<string, Violation[]>();
+  for (const v of violations) {
+    const existing = grouped.get(v.rule) ?? [];
+    existing.push(v);
+    grouped.set(v.rule, existing);
+  }
+
+  for (const [rule, ruleViolations] of grouped) {
+    console.log(`\n--- ${rule} (${ruleViolations.length} violation${ruleViolations.length > 1 ? 's' : ''}) ---\n`);
+    for (const v of ruleViolations) {
+      console.log(`  ${v.file}`);
+      console.log(`    ${v.message}`);
+      console.log(`    Fix: ${v.remediation}\n`);
+    }
+  }
+
+  console.log(`\nTotal: ${violations.length} violation${violations.length > 1 ? 's' : ''} found.`);
+  process.exit(1);
+}
+
+main();

package/template/scripts/check-doc-freshness.ts

@@ -0,0 +1,242 @@
+/**
+ * Compares generated docs against actual codebase state.
+ *
+ * Checks:
+ * 1. docs/generated/api-routes.md matches actual routes in src/app/api/
+ * 2. docs/generated/db-schema.md matches Prisma schema files
+ *
+ * Reports stale entries (in docs but not in code) and missing entries
+ * (in code but not in docs).
+ *
+ * Exit code 0 if fresh, 1 if stale.
+ *
+ * Usage: tsx scripts/check-doc-freshness.ts
+ */
+
+import * as fs from 'fs';
+import * as path from 'path';
+
+const ROOT = path.resolve(__dirname, '..');
+const GENERATED_DIR = path.join(ROOT, 'docs', 'generated');
+const API_DIR = path.join(ROOT, 'src', 'app', 'api');
+const SCHEMA_DIR = path.join(ROOT, 'prisma', 'schema');
+
+interface FreshnessIssue {
+  category: string;
+  type: 'stale' | 'missing';
+  entry: string;
+}
+
+function discoverApiRoutes(): Set<string> {
+  const routes = new Set<string>();
+  if (!fs.existsSync(API_DIR)) return routes;
+
+  function scan(dir: string, prefix: string): void {
+    const entries = fs.readdirSync(dir, { withFileTypes: true });
+    for (const entry of entries) {
+      if (entry.isDirectory()) {
+        scan(path.join(dir, entry.name), `${prefix}/${entry.name}`);
+      } else if (entry.name === 'route.ts' || entry.name === 'route.tsx') {
+        routes.add(`/api${prefix}`);
+      }
+    }
+  }
+
+  scan(API_DIR, '');
+  return routes;
+}
+
+function parseDocumentedRoutes(): Set<string> {
+  const documented = new Set<string>();
+  const docPath = path.join(GENERATED_DIR, 'api-routes.md');
+  if (!fs.existsSync(docPath)) return documented;
+
+  const content = fs.readFileSync(docPath, 'utf-8');
+  const routeRegex = /\|\s*`(\/api\/[^`]+)`/g;
+  let match: RegExpExecArray | null;
+
+  while ((match = routeRegex.exec(content)) !== null) {
+    documented.add(match[1]);
+  }
+
+  return documented;
+}
+
+function checkApiRoutes(issues: FreshnessIssue[]): void {
+  const actual = discoverApiRoutes();
+  const documented = parseDocumentedRoutes();
+
+  if (documented.size === 0 && actual.size > 0) {
+    issues.push({
+      category: 'api-routes',
+      type: 'missing',
+      entry: 'docs/generated/api-routes.md does not exist or is empty',
+    });
+    return;
+  }
+
+  for (const route of documented) {
+    if (!actual.has(route)) {
+      issues.push({
+        category: 'api-routes',
+        type: 'stale',
+        entry: `${route} is documented but no longer exists in codebase`,
+      });
+    }
+  }
+
+  for (const route of actual) {
+    if (!documented.has(route)) {
+      issues.push({
+        category: 'api-routes',
+        type: 'missing',
+        entry: `${route} exists in codebase but is not documented`,
+      });
+    }
+  }
+}
+
+function discoverPrismaModels(): Map<string, Set<string>> {
+  const models = new Map<string, Set<string>>();
+  if (!fs.existsSync(SCHEMA_DIR)) return models;
+
+  const schemaFiles = fs.readdirSync(SCHEMA_DIR).filter((f) => f.endsWith('.prisma'));
+
+  for (const file of schemaFiles) {
+    const content = fs.readFileSync(path.join(SCHEMA_DIR, file), 'utf-8');
+    const modelRegex = /model\s+(\w+)\s*\{/g;
+    let match: RegExpExecArray | null;
+    const fileModels = new Set<string>();
+
+    while ((match = modelRegex.exec(content)) !== null) {
+      fileModels.add(match[1]);
+    }
+
+    if (fileModels.size > 0) {
+      models.set(file, fileModels);
+    }
+  }
+
+  return models;
+}
+
+function parseDocumentedModels(): Map<string, Set<string>> {
+  const documented = new Map<string, Set<string>>();
+  const docPath = path.join(GENERATED_DIR, 'db-schema.md');
+  if (!fs.existsSync(docPath)) return documented;
+
+  const content = fs.readFileSync(docPath, 'utf-8');
+  let currentFile: string | null = null;
+
+  for (const line of content.split('\n')) {
+    const fileMatch = line.match(/^## (\S+\.prisma)/);
+    if (fileMatch) {
+      currentFile = fileMatch[1];
+      documented.set(currentFile, new Set());
+      continue;
+    }
+
+    const modelMatch = line.match(/^### (\w+)/);
+    if (modelMatch && currentFile) {
+      documented.get(currentFile)?.add(modelMatch[1]);
+    }
+  }
+
+  return documented;
+}
+
+function checkDbSchema(issues: FreshnessIssue[]): void {
+  const actual = discoverPrismaModels();
+  const documented = parseDocumentedModels();
+
+  if (documented.size === 0 && actual.size > 0) {
+    issues.push({
+      category: 'db-schema',
+      type: 'missing',
+      entry: 'docs/generated/db-schema.md does not exist or is empty',
+    });
+    return;
+  }
+
+  const allFiles = new Set([...actual.keys(), ...documented.keys()]);
+
+  for (const file of allFiles) {
+    const actualModels = actual.get(file) ?? new Set<string>();
+    const docModels = documented.get(file) ?? new Set<string>();
+
+    if (!actual.has(file) && documented.has(file)) {
+      issues.push({
+        category: 'db-schema',
+        type: 'stale',
+        entry: `Schema file "${file}" is documented but no longer exists`,
+      });
+      continue;
+    }
+
+    if (actual.has(file) && !documented.has(file)) {
+      issues.push({
+        category: 'db-schema',
+        type: 'missing',
+        entry: `Schema file "${file}" exists but is not documented`,
+      });
+      continue;
+    }
+
+    for (const model of docModels) {
+      if (!actualModels.has(model)) {
+        issues.push({
+          category: 'db-schema',
+          type: 'stale',
+          entry: `Model "${model}" in ${file} is documented but no longer exists`,
+        });
+      }
+    }
+
+    for (const model of actualModels) {
+      if (!docModels.has(model)) {
+        issues.push({
+          category: 'db-schema',
+          type: 'missing',
+          entry: `Model "${model}" in ${file} exists but is not documented`,
+        });
+      }
+    }
+  }
+}
+
+function main(): void {
+  const issues: FreshnessIssue[] = [];
+
+  console.log('Checking documentation freshness...\n');
+
+  checkApiRoutes(issues);
+  checkDbSchema(issues);
+
+  if (issues.length === 0) {
+    console.log('All documentation is up to date.');
+    process.exit(0);
+  }
+
+  const stale = issues.filter((i) => i.type === 'stale');
+  const missing = issues.filter((i) => i.type === 'missing');
+
+  if (stale.length > 0) {
+    console.log(`--- Stale entries (${stale.length}) ---\n`);
+    for (const issue of stale) {
+      console.log(`  [${issue.category}] ${issue.entry}`);
+    }
+  }
+
+  if (missing.length > 0) {
+    console.log(`\n--- Missing entries (${missing.length}) ---\n`);
+    for (const issue of missing) {
+      console.log(`  [${issue.category}] ${issue.entry}`);
+    }
+  }
+
+  console.log(`\nTotal: ${issues.length} freshness issue${issues.length > 1 ? 's' : ''}.`);
+  console.log('Run `yarn generate:docs` to regenerate documentation.');
+  process.exit(1);
+}
+
+main();