@techstream/quark-create-app 1.7.0 → 1.9.0

package/templates/config/src/index.js

@@ -1,8 +1,6 @@
 export const config = {
 	appName: process.env.APP_NAME || "Quark",
-	appDescription:
-		process.env.APP_DESCRIPTION ||
-		"A modern monorepo with Next.js, React, and Prisma",
+	appDescription: process.env.APP_DESCRIPTION || "A Quark-powered application",
 };
 
 export { getAllowedOrigins, getAppUrl, syncNextAuthUrl } from "./app-url.js";
@@ -13,4 +11,4 @@ export {
 	resolveEnvironment,
 } from "./environment.js";
 export { getConfig, loadConfig, resetConfig } from "./load-config.js";
-export { loadEnv, validateEnv } from "./validate-env.js";
+export { loadEnv } from "./validate-env.js";

package/templates/config/src/validate-env.js

@@ -37,10 +37,16 @@ const envSchema = {
 	// Email provider
 	EMAIL_PROVIDER: {
 		required: false,
-		description: 'Email provider — "smtp" (default) or "resend"',
+		description: 'Email provider — "smtp" (default), "resend", or "zeptomail"',
 	},
 	EMAIL_FROM: { required: false, description: "Sender email address" },
 	RESEND_API_KEY: { required: false, description: "Resend API key" },
+	ZEPTOMAIL_TOKEN: { required: false, description: "Zeptomail API token" },
+	ZEPTOMAIL_URL: { required: false, description: "Zeptomail API base URL" },
+	ZEPTOMAIL_BOUNCE_EMAIL: {
+		required: false,
+		description: "Zeptomail bounce email address",
+	},
 
 	// NextAuth
 	NEXTAUTH_SECRET: {
@@ -58,6 +64,11 @@ const envSchema = {
 		required: false,
 		description: "Application name — used in metadata, emails, and page titles",
 	},
+	APP_DESCRIPTION: {
+		required: false,
+		description:
+			"Application description — used for SEO metadata and social previews",
+	},
 	APP_URL: {
 		required: false,
 		description:
@@ -69,6 +80,12 @@ const envSchema = {
 	},
 	PORT: { required: false, description: "Web server port" },
 
+	// Worker
+	WORKER_CONCURRENCY: {
+		required: false,
+		description: "Number of concurrent jobs per queue (default: 5)",
+	},
+
 	// Storage
 	STORAGE_PROVIDER: {
 		required: false,
@@ -80,10 +97,19 @@ const envSchema = {
 	},
 	S3_BUCKET: { required: false, description: "S3 bucket name" },
 	S3_REGION: { required: false, description: "S3 region" },
-	S3_ENDPOINT: { required: false, description: "S3-compatible endpoint URL" },
+	S3_ENDPOINT: {
+		required: false,
+		description:
+			"S3-compatible endpoint URL (required for non-AWS providers: R2, MinIO, etc.)",
+	},
 	S3_ACCESS_KEY_ID: { required: false, description: "S3 access key" },
 	S3_SECRET_ACCESS_KEY: { required: false, description: "S3 secret key" },
 	S3_PUBLIC_URL: { required: false, description: "S3 public URL prefix" },
+	ASSET_CDN_URL: {
+		required: false,
+		description:
+			"Public CDN base URL for asset delivery — provider-agnostic (CloudFront, Cloudflare, Bunny, etc.). Falls back to /api/files when unset.",
+	},
 };
 
 /**
@@ -129,6 +155,25 @@ export function validateEnv(service = "web") {
 
 	// --- Cross-field validation ---
 
+	// Placeholder value security check
+	const placeholderPattern = /^CHANGE_ME_/i;
+	const criticalKeys = [
+		"NEXTAUTH_SECRET",
+		"POSTGRES_PASSWORD",
+		"RESEND_API_KEY",
+		"ZEPTOMAIL_TOKEN",
+		"S3_SECRET_ACCESS_KEY",
+		"SMTP_PASSWORD",
+	];
+	for (const key of criticalKeys) {
+		const value = process.env[key];
+		if (value && placeholderPattern.test(value)) {
+			errors.push(
+				`${key} contains a placeholder value — replace with a real secret (${envSchema[key]?.description || ""})`,
+			);
+		}
+	}
+
 	// Database: either DATABASE_URL or POSTGRES_USER must be set (skip in test)
 	if (!isTest) {
 		const hasDbUrl = !!process.env.DATABASE_URL;
@@ -141,16 +186,33 @@ export function validateEnv(service = "web") {
 	}
 
 	// Redis: warn if not configured (defaults to localhost in dev, will fail in prod)
+	const currentEnv = (process.env.NODE_ENV || "").toLowerCase();
 	if (
 		!process.env.REDIS_URL &&
 		!process.env.REDIS_HOST &&
-		process.env.NODE_ENV === "production"
+		(currentEnv === "production" || currentEnv === "staging")
 	) {
 		warnings.push(
 			"Redis not configured: set REDIS_URL or REDIS_HOST (defaults to localhost)",
 		);
 	}
 
+	// SEO metadata: APP_DESCRIPTION should be explicitly set before production
+	const isProductionLike =
+		currentEnv === "production" || currentEnv === "staging";
+	if (!isTest && isProductionLike) {
+		const appDescription = process.env.APP_DESCRIPTION;
+		if (!appDescription) {
+			warnings.push(
+				"APP_DESCRIPTION not set: metadata description will fall back to a generic value. Set APP_DESCRIPTION before production.",
+			);
+		} else if (/^CHANGE_ME_|^TODO_/i.test(appDescription)) {
+			warnings.push(
+				"APP_DESCRIPTION appears to be a placeholder value. Update it before production.",
+			);
+		}
+	}
+
 	// Conditional: S3 storage requires bucket + credentials
 	if (process.env.STORAGE_PROVIDER === "s3") {
 		for (const key of [
@@ -171,6 +233,20 @@ export function validateEnv(service = "web") {
 		errors.push("Missing RESEND_API_KEY — required when EMAIL_PROVIDER=resend");
 	}
 
+	// Conditional: Zeptomail provider requires token and URL
+	if (process.env.EMAIL_PROVIDER === "zeptomail") {
+		if (!process.env.ZEPTOMAIL_TOKEN) {
+			errors.push(
+				"Missing ZEPTOMAIL_TOKEN — required when EMAIL_PROVIDER=zeptomail",
+			);
+		}
+		if (!process.env.ZEPTOMAIL_URL) {
+			errors.push(
+				"Missing ZEPTOMAIL_URL — required when EMAIL_PROVIDER=zeptomail",
+			);
+		}
+	}
+
 	// Log warnings (non-fatal)
 	for (const warning of warnings) {
 		console.warn(`[env] ⚠️  ${warning}`);

package/templates/jobs/package.json

@@ -3,6 +3,6 @@
 	"version": "1.0.0",
 	"type": "module",
 	"dependencies": {
-		"bullmq": "^5.69.3"
+		"bullmq": "^5.70.2"
 	}
 }