@vurb/core 3.8.2 → 3.8.3

package/dist/cli/templates/readme.js

@@ -11,162 +11,162 @@ export function readme(config) {
     const sseNote = config.transport === 'sse'
         ? `\n> **Note:** Streamable HTTP transport requires the server to be running first. Run \\\`npm start\\\` before connecting.`
         : '';
-    return `# ${config.name}
-
-MCP Server built with [Vurb.ts](https://vurb.vinkius.com/) — the TypeScript framework for MCP servers.
-
-## Quick Start
-
-\`\`\`bash
-npm install
-vurb dev
-\`\`\`
-${config.testing ? `
-## Testing
-
-\`\`\`bash
-npm test
-\`\`\`
-` : ''}
-## Project Structure
-
-\`\`\`
-src/
-├── vurb.ts          # initVurb<AppContext>() — context center
-├── context.ts         # AppContext type + factory
-├── server.ts          # Bootstrap with autoDiscover
-├── tools/             # Drop a file → it's a tool (autoDiscover)
-│   └── system/
-│       ├── health.ts  # Health check with Presenter
-│       └── echo.ts    # Echo for connectivity testing
-├── models/            # MVA Model Layer (defineModel)
-│   └── SystemModel.ts
-├── presenters/        # MVA View Layer (Egress Firewall)
-│   └── SystemPresenter.ts
-├── prompts/           # MCP Prompt Engine
-│   └── greet.ts
-└── middleware/        # RBAC guards
-    └── auth.ts
-\`\`\`
-
-## Client Configuration
-
-### Cursor Editor
-
-> **Already configured!** The \`.cursor/mcp.json\` file was generated automatically.
-> Just open this folder in Cursor and the server connects instantly.
-${sseNote}
-
-### Claude Desktop
-
-Add to your \`claude_desktop_config.json\`:
-
-\`\`\`json
-${clientConfig}
-\`\`\`
-${vectorReadmeSection(config)}
-## Adding New Tools
-
-Create a new file in \`src/tools/\`. It's automatically discovered:
-
-\`\`\`typescript
-// src/tools/my-domain/my-tool.ts
-import { f } from '../../vurb.js';
-
-export default f.query('my_domain.my_tool')
-    .describe('What this tool does')
-    .withString('query', 'Search query')
-    .handle(async (input, ctx) => {
-        return { result: input.query };
-    });
-\`\`\`
-
-No registration needed. The \`autoDiscover()\` system picks it up automatically.
-
-## Documentation
-
-- [Vurb Docs](https://vurb.vinkius.com/)
-- [Presenter — Egress Firewall](https://vurb.vinkius.com/presenter)
-- [DX Guide — initVurb()](https://vurb.vinkius.com/dx-guide)
-- [Testing](https://vurb.vinkius.com/testing)
+    return `# ${config.name}
+
+MCP Server built with [Vurb.ts](https://vurb.vinkius.com/) — the TypeScript framework for MCP servers.
+
+## Quick Start
+
+\`\`\`bash
+npm install
+vurb dev
+\`\`\`
+${config.testing ? `
+## Testing
+
+\`\`\`bash
+npm test
+\`\`\`
+` : ''}
+## Project Structure
+
+\`\`\`
+src/
+├── vurb.ts          # initVurb<AppContext>() — context center
+├── context.ts         # AppContext type + factory
+├── server.ts          # Bootstrap with autoDiscover
+├── tools/             # Drop a file → it's a tool (autoDiscover)
+│   └── system/
+│       ├── health.ts  # Health check with Presenter
+│       └── echo.ts    # Echo for connectivity testing
+├── models/            # MVA Model Layer (defineModel)
+│   └── SystemModel.ts
+├── presenters/        # MVA View Layer (Egress Firewall)
+│   └── SystemPresenter.ts
+├── prompts/           # MCP Prompt Engine
+│   └── greet.ts
+└── middleware/        # RBAC guards
+    └── auth.ts
+\`\`\`
+
+## Client Configuration
+
+### Cursor Editor
+
+> **Already configured!** The \`.cursor/mcp.json\` file was generated automatically.
+> Just open this folder in Cursor and the server connects instantly.
+${sseNote}
+
+### Claude Desktop
+
+Add to your \`claude_desktop_config.json\`:
+
+\`\`\`json
+${clientConfig}
+\`\`\`
+${vectorReadmeSection(config)}
+## Adding New Tools
+
+Create a new file in \`src/tools/\`. It's automatically discovered:
+
+\`\`\`typescript
+// src/tools/my-domain/my-tool.ts
+import { f } from '../../vurb.js';
+
+export default f.query('my_domain.my_tool')
+    .describe('What this tool does')
+    .withString('query', 'Search query')
+    .handle(async (input, ctx) => {
+        return { result: input.query };
+    });
+\`\`\`
+
+No registration needed. The \`autoDiscover()\` system picks it up automatically.
+
+## Documentation
+
+- [Vurb Docs](https://vurb.vinkius.com/)
+- [Presenter — Egress Firewall](https://vurb.vinkius.com/presenter)
+- [DX Guide — initVurb()](https://vurb.vinkius.com/dx-guide)
+- [Testing](https://vurb.vinkius.com/testing)
 `;
 }
 /** Vector-specific README section */
 function vectorReadmeSection(config) {
     switch (config.vector) {
         case 'prisma':
-            return `
-## Database Setup (Prisma)
-
-1. Configure your database URL in \`.env\`:
-   \`\`\`
-   DATABASE_URL="postgresql://user:password@localhost:5432/mydb"
-   \`\`\`
-
-2. Edit \`prisma/schema.prisma\` to define your models
-
-3. Generate the Prisma client and Vurb tools:
-   \`\`\`bash
-   npm run db:generate
-   \`\`\`
-
-4. Push the schema to your database:
-   \`\`\`bash
-   npm run db:push
-   \`\`\`
-
-Use \`/// @vurb.hide\` on sensitive fields to strip them from the Egress Firewall.
+            return `
+## Database Setup (Prisma)
+
+1. Configure your database URL in \`.env\`:
+   \`\`\`
+   DATABASE_URL="postgresql://user:password@localhost:5432/mydb"
+   \`\`\`
+
+2. Edit \`prisma/schema.prisma\` to define your models
+
+3. Generate the Prisma client and Vurb tools:
+   \`\`\`bash
+   npm run db:generate
+   \`\`\`
+
+4. Push the schema to your database:
+   \`\`\`bash
+   npm run db:push
+   \`\`\`
+
+Use \`/// @vurb.hide\` on sensitive fields to strip them from the Egress Firewall.
 `;
         case 'n8n':
-            return `
-## n8n Workflow Setup
-
-1. Configure your n8n instance in \`.env\`:
-   \`\`\`
-   N8N_BASE_URL=http://localhost:5678
-   N8N_API_KEY=your-api-key
-   \`\`\`
-
-2. The connector in \`src/n8n.ts\` auto-discovers webhook workflows
-   and registers them as MCP tools.
+            return `
+## n8n Workflow Setup
+
+1. Configure your n8n instance in \`.env\`:
+   \`\`\`
+   N8N_BASE_URL=http://localhost:5678
+   N8N_API_KEY=your-api-key
+   \`\`\`
+
+2. The connector in \`src/n8n.ts\` auto-discovers webhook workflows
+   and registers them as MCP tools.
 `;
         case 'openapi':
-            return `
-## OpenAPI Generator Setup
-
-1. Replace \`openapi.yaml\` with your actual OpenAPI 3.x spec
-
-2. Generate the MCP server from the spec:
-   \`\`\`bash
-   npx @vurb/openapi-gen ./openapi.yaml --outDir ./src/generated
-   \`\`\`
-
-3. Import and register the generated tools in \`src/server.ts\`
+            return `
+## OpenAPI Generator Setup
+
+1. Replace \`openapi.yaml\` with your actual OpenAPI 3.x spec
+
+2. Generate the MCP server from the spec:
+   \`\`\`bash
+   npx @vurb/openapi-gen ./openapi.yaml --outDir ./src/generated
+   \`\`\`
+
+3. Import and register the generated tools in \`src/server.ts\`
 `;
         case 'oauth':
-            return `
-## OAuth Device Flow Setup
-
-1. Configure your OAuth provider in \`.env\`:
-   \`\`\`
-   OAUTH_CLIENT_ID=your-client-id
-   OAUTH_AUTH_ENDPOINT=https://api.example.com/oauth/device/code
-   OAUTH_TOKEN_ENDPOINT=https://api.example.com/oauth/device/token
-   \`\`\`
-
-2. The auth tool in \`src/auth.ts\` is pre-configured with login, complete, status, and logout actions.
-
-3. Protect any tool with the \`withAuth\` middleware from \`src/middleware/auth.ts\`:
-   \`\`\`ts
-   import { withAuth } from '../middleware/auth.js';
-
-   export default f.query('protected.action')
-       .describe('A protected query')
-       .use(withAuth)
-       .handle(async (input, ctx) => {
-           // ctx is authenticated
-       });
-   \`\`\`
+            return `
+## OAuth Device Flow Setup
+
+1. Configure your OAuth provider in \`.env\`:
+   \`\`\`
+   OAUTH_CLIENT_ID=your-client-id
+   OAUTH_AUTH_ENDPOINT=https://api.example.com/oauth/device/code
+   OAUTH_TOKEN_ENDPOINT=https://api.example.com/oauth/device/token
+   \`\`\`
+
+2. The auth tool in \`src/auth.ts\` is pre-configured with login, complete, status, and logout actions.
+
+3. Protect any tool with the \`withAuth\` middleware from \`src/middleware/auth.ts\`:
+   \`\`\`ts
+   import { withAuth } from '../middleware/auth.js';
+
+   export default f.query('protected.action')
+       .describe('A protected query')
+       .use(withAuth)
+       .handle(async (input, ctx) => {
+           // ctx is authenticated
+       });
+   \`\`\`
 `;
         default:
             return '';

package/dist/cli/templates/testing.js

@@ -4,98 +4,98 @@
  */
 /** Generate `vitest.config.ts` */
 export function vitestConfig() {
-    return `import { defineConfig } from 'vitest/config';
-
-export default defineConfig({
-    test: {
-        include: ['tests/**/*.test.ts'],
-    },
-});
+    return `import { defineConfig } from 'vitest/config';
+
+export default defineConfig({
+    test: {
+        include: ['tests/**/*.test.ts'],
+    },
+});
 `;
 }
 /** Generate `tests/setup.ts` — Test infrastructure */
 export function testSetupTs() {
-    return `/**
- * Test Setup — In-Memory MVA Emulator
- *
- * Creates a VurbTester that runs the full pipeline
- * (Zod → Middleware → Handler → Egress Firewall)
- * without any network transport.
- *
- * 2ms per test. $0.00 in tokens. Zero servers.
- */
-import { fileURLToPath } from 'node:url';
-import { createVurbTester } from '@vurb/testing';
-import { autoDiscover } from '@vurb/core';
-import { f } from '../src/vurb.js';
-
-const registry = f.registry();
-await autoDiscover(registry, fileURLToPath(new URL('../src/tools', import.meta.url)));
-
-export const tester = createVurbTester(registry, {
-    contextFactory: () => ({
-        role: 'ADMIN' as const,
-        tenantId: 'test-tenant',
-    }),
-});
+    return `/**
+ * Test Setup — In-Memory MVA Emulator
+ *
+ * Creates a VurbTester that runs the full pipeline
+ * (Zod → Middleware → Handler → Egress Firewall)
+ * without any network transport.
+ *
+ * 2ms per test. $0.00 in tokens. Zero servers.
+ */
+import { fileURLToPath } from 'node:url';
+import { createVurbTester } from '@vurb/testing';
+import { autoDiscover } from '@vurb/core';
+import { f } from '../src/vurb.js';
+
+const registry = f.registry();
+await autoDiscover(registry, fileURLToPath(new URL('../src/tools', import.meta.url)));
+
+export const tester = createVurbTester(registry, {
+    contextFactory: () => ({
+        role: 'ADMIN' as const,
+        tenantId: 'test-tenant',
+    }),
+});
 `;
 }
 /** Generate `tests/system.test.ts` — Egress Firewall + RBAC tests */
 export function systemTestTs() {
-    return `/**
- * System Tools — Egress Firewall & RBAC Tests
- *
- * Proves that:
- * 1. The Presenter strips undeclared fields (SOC2 CC6.1)
- * 2. RBAC middleware blocks GUEST access (SOC2 CC6.3)
- * 3. System rules from .describe() are injected
- */
-import { describe, it, expect } from 'vitest';
-import { tester } from './setup.js';
-
-describe('System Tools', () => {
-    describe('Egress Firewall', () => {
-        it('should return validated health data through the Presenter', async () => {
-            const result = await tester.callAction('system', 'health');
-
-            expect(result.isError).toBe(false);
-            expect(result.data).toHaveProperty('status');
-            expect(result.data).toHaveProperty('uptime');
-            expect(result.data).toHaveProperty('version');
-            expect(result.data).toHaveProperty('timestamp');
-        });
-
-        it('should strip undeclared fields (tenant must NOT leak)', async () => {
-            const result = await tester.callAction('system', 'health');
-
-            expect(result.isError).toBe(false);
-            // The handler returns 'tenant' but the Presenter schema
-            // does not declare it → stripped by Egress Firewall
-            expect(result.data).not.toHaveProperty('tenant');
-        });
-
-        it('should include JIT system rules from .describe()', async () => {
-            const result = await tester.callAction('system', 'health');
-
-            expect(result.systemRules.length).toBeGreaterThan(0);
-            expect(result.systemRules.some(
-                (r: string) => r.includes('uptime') || r.includes('Uptime')
-            )).toBe(true);
-        });
-    });
-
-    describe('Echo Tool', () => {
-        it('should echo the message back', async () => {
-            const result = await tester.callAction('system', 'echo', {
-                message: 'hello vurb',
-            });
-
-            expect(result.isError).toBe(false);
-            expect(result.data).toHaveProperty('echo', 'hello vurb');
-            expect(result.data).toHaveProperty('receivedAt');
-        });
-    });
-});
+    return `/**
+ * System Tools — Egress Firewall & RBAC Tests
+ *
+ * Proves that:
+ * 1. The Presenter strips undeclared fields (SOC2 CC6.1)
+ * 2. RBAC middleware blocks GUEST access (SOC2 CC6.3)
+ * 3. System rules from .describe() are injected
+ */
+import { describe, it, expect } from 'vitest';
+import { tester } from './setup.js';
+
+describe('System Tools', () => {
+    describe('Egress Firewall', () => {
+        it('should return validated health data through the Presenter', async () => {
+            const result = await tester.callAction('system', 'health');
+
+            expect(result.isError).toBe(false);
+            expect(result.data).toHaveProperty('status');
+            expect(result.data).toHaveProperty('uptime');
+            expect(result.data).toHaveProperty('version');
+            expect(result.data).toHaveProperty('timestamp');
+        });
+
+        it('should strip undeclared fields (tenant must NOT leak)', async () => {
+            const result = await tester.callAction('system', 'health');
+
+            expect(result.isError).toBe(false);
+            // The handler returns 'tenant' but the Presenter schema
+            // does not declare it → stripped by Egress Firewall
+            expect(result.data).not.toHaveProperty('tenant');
+        });
+
+        it('should include JIT system rules from .describe()', async () => {
+            const result = await tester.callAction('system', 'health');
+
+            expect(result.systemRules.length).toBeGreaterThan(0);
+            expect(result.systemRules.some(
+                (r: string) => r.includes('uptime') || r.includes('Uptime')
+            )).toBe(true);
+        });
+    });
+
+    describe('Echo Tool', () => {
+        it('should echo the message back', async () => {
+            const result = await tester.callAction('system', 'echo', {
+                message: 'hello vurb',
+            });
+
+            expect(result.isError).toBe(false);
+            expect(result.data).toHaveProperty('echo', 'hello vurb');
+            expect(result.data).toHaveProperty('receivedAt');
+        });
+    });
+});
 `;
 }
 //# sourceMappingURL=testing.js.map

package/dist/cli/templates/tools.js

@@ -8,56 +8,56 @@
  */
 /** Generate `src/tools/system/health.ts` — Health check with Presenter */
 export function healthToolTs() {
-    return `/**
- * System Health Tool — Full MVA Pipeline (Fluent API)
- *
- * Demonstrates:
- * - f.query() — read-only semantic verb (auto-sets readOnlyHint)
- * - .describe() — LLM-facing description
- * - .returns() — Presenter (Egress Firewall + system rules + UI)
- * - .handle(input, ctx) — fully typed handler
- * - export default for autoDiscover()
- */
-import { f } from '../../vurb.js';
-import { SystemPresenter } from '../../presenters/SystemPresenter.js';
-
-export default f.query('system.health')
-    .describe('Real-time server health status')
-    .returns(SystemPresenter)
-    .handle(async (_input, ctx) => {
-        // Return raw data — the Presenter validates, strips
-        // undeclared fields, injects rules, and renders UI.
-        return {
-            status: 'healthy',
-            uptime: process.uptime(),
-            version: '0.1.0',
-            timestamp: new Date().toISOString(),
-            tenant: ctx.tenantId,
-        };
-    });
+    return `/**
+ * System Health Tool — Full MVA Pipeline (Fluent API)
+ *
+ * Demonstrates:
+ * - f.query() — read-only semantic verb (auto-sets readOnlyHint)
+ * - .describe() — LLM-facing description
+ * - .returns() — Presenter (Egress Firewall + system rules + UI)
+ * - .handle(input, ctx) — fully typed handler
+ * - export default for autoDiscover()
+ */
+import { f } from '../../vurb.js';
+import { SystemPresenter } from '../../presenters/SystemPresenter.js';
+
+export default f.query('system.health')
+    .describe('Real-time server health status')
+    .returns(SystemPresenter)
+    .handle(async (_input, ctx) => {
+        // Return raw data — the Presenter validates, strips
+        // undeclared fields, injects rules, and renders UI.
+        return {
+            status: 'healthy',
+            uptime: process.uptime(),
+            version: '0.1.0',
+            timestamp: new Date().toISOString(),
+            tenant: ctx.tenantId,
+        };
+    });
 `;
 }
 /** Generate `src/tools/system/echo.ts` — Simple echo tool */
 export function echoToolTs() {
-    return `/**
- * Echo Tool — Connectivity Testing (Fluent API)
- *
- * Demonstrates:
- * - f.query() with .withString() typed parameter
- * - .handle(input, ctx) — input.message is typed as string
- * - Implicit success() wrapping — return raw data, framework wraps it
- */
-import { f } from '../../vurb.js';
-
-export default f.query('system.echo')
-    .describe('Echo a message back (connectivity test)')
-    .withString('message', 'Message to echo back')
-    .handle(async (input) => {
-        return {
-            echo: input['message'],
-            receivedAt: new Date().toISOString(),
-        };
-    });
+    return `/**
+ * Echo Tool — Connectivity Testing (Fluent API)
+ *
+ * Demonstrates:
+ * - f.query() with .withString() typed parameter
+ * - .handle(input, ctx) — input.message is typed as string
+ * - Implicit success() wrapping — return raw data, framework wraps it
+ */
+import { f } from '../../vurb.js';
+
+export default f.query('system.echo')
+    .describe('Echo a message back (connectivity test)')
+    .withString('message', 'Message to echo back')
+    .handle(async (input) => {
+        return {
+            echo: input['message'],
+            receivedAt: new Date().toISOString(),
+        };
+    });
 `;
 }
 //# sourceMappingURL=tools.js.map