npm - create-githat-app - Versions diffs - 1.6.0 → 1.7.0 - Mend

create-githat-app 1.6.0 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/dist/cli.js CHANGED Viewed

@@ -21,7 +21,7 @@ var DEPS = {
       next: "^16.0.0",
       react: "^19.0.0",
       "react-dom": "^19.0.0",
-      "@githat/nextjs": "^0.11.0",
+      "@githat/nextjs": "^0.12.0",
       "@githat/ui": "^1.0.0"
     },
     devDependencies: {
@@ -36,7 +36,7 @@ var DEPS = {
       react: "^19.0.0",
       "react-dom": "^19.0.0",
       "react-router-dom": "^7.0.0",
-      "@githat/nextjs": "^0.11.0",
+      "@githat/nextjs": "^0.12.0",
       "@githat/ui": "^1.0.0"
     },
     devDependencies: {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "create-githat-app",
-  "version": "1.6.0",
+  "version": "1.7.0",
   "description": "GitHat CLI — scaffold apps and manage the skills marketplace",
   "type": "module",
   "bin": {

package/templates/agent/app/api/githat/[...path]/route.ts.hbs ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Same-origin GitHat API proxy.
+ *
+ * Forwards every request to api.githat.io and re-emits upstream Set-Cookie
+ * headers on this app's domain. Without this bridge, the auth cookie set
+ * by api.githat.io is invisible to the consumer's proxy.ts and getAuth(),
+ * which produces a sign-in → app-page → "session expired" loop.
+ *
+ * The SDK is wired to this URL via `apiUrl: "/api/githat"` on
+ * GitHatProvider, so every fetch becomes same-origin and cookies land
+ * on this app's domain.
+ *
+ * Implementation lives in @githat/nextjs/server.githatApiProxy().
+ */
+import { githatApiProxy } from "@githat/nextjs/server";
+export const { GET, POST, PUT, PATCH, DELETE, OPTIONS } = githatApiProxy();
+// Auth flows are stateful — never cache the proxied responses.
+export const dynamic = "force-dynamic";
+export const revalidate = 0;

package/templates/agent/app/layout.tsx.hbs CHANGED Viewed

@@ -19,6 +19,7 @@ export default function RootLayout({ children }{{#if typescript}}: { children: R
         */}
         <GitHatProvider config=\{{
           publishableKey: process.env.NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY || '',
+          apiUrl: '/api/githat',
           signInUrl: '/sign-in',
           signUpUrl: '/sign-up',
           afterSignInUrl: '/',

package/templates/base/githat/config.ts.hbs CHANGED Viewed

@@ -2,7 +2,14 @@
 export const githatConfig = {
   appName: '{{businessName}}',
   publishableKey: {{#ifEquals framework "nextjs"}}process.env.NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY{{else}}import.meta.env.VITE_GITHAT_PUBLISHABLE_KEY{{/ifEquals}} || '',
-  apiUrl: {{#ifEquals framework "nextjs"}}process.env.NEXT_PUBLIC_GITHAT_API_URL{{else}}import.meta.env.VITE_GITHAT_API_URL{{/ifEquals}} || '{{apiUrl}}',
+  // For nextjs we point at the same-origin proxy mounted at
+  // src/app/api/githat/[...path]/route.ts — that proxy forwards to the
+  // real api.githat.io upstream and re-emits Set-Cookie on this app's
+  // domain so cookies are visible to proxy.ts and getAuth(). For
+  // react-vite (no Next.js API routes) we hit api.githat.io directly,
+  // which only works for browser-token auth flows that don't depend on
+  // cookies.
+  apiUrl: {{#ifEquals framework "nextjs"}}process.env.NEXT_PUBLIC_GITHAT_API_URL || '/api/githat'{{else}}import.meta.env.VITE_GITHAT_API_URL || '{{apiUrl}}'{{/ifEquals}},
   signInUrl: '/sign-in',
   signUpUrl: '/sign-up',
   afterSignInUrl: '/dashboard',

package/templates/classroom/app/api/githat/[...path]/route.ts.hbs ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Same-origin GitHat API proxy.
+ *
+ * Forwards every request to api.githat.io and re-emits upstream Set-Cookie
+ * headers on this app's domain. Without this bridge, the auth cookie set
+ * by api.githat.io is invisible to the consumer's proxy.ts and getAuth(),
+ * which produces a sign-in → app-page → "session expired" loop.
+ *
+ * The SDK is wired to this URL via `apiUrl: "/api/githat"` on
+ * GitHatProvider, so every fetch becomes same-origin and cookies land
+ * on this app's domain.
+ *
+ * Implementation lives in @githat/nextjs/server.githatApiProxy().
+ */
+import { githatApiProxy } from "@githat/nextjs/server";
+export const { GET, POST, PUT, PATCH, DELETE, OPTIONS } = githatApiProxy();
+// Auth flows are stateful — never cache the proxied responses.
+export const dynamic = "force-dynamic";
+export const revalidate = 0;

package/templates/classroom/app/layout.tsx.hbs CHANGED Viewed

@@ -19,6 +19,7 @@ export default function RootLayout({ children }{{#if typescript}}: { children: R
         */}
         <GitHatProvider config=\{{
           publishableKey: process.env.NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY || '',
+          apiUrl: '/api/githat',
           signInUrl: '/sign-in',
           signUpUrl: '/sign-up',
           afterSignInUrl: '/',

package/templates/content/app/api/githat/[...path]/route.ts.hbs ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Same-origin GitHat API proxy.
+ *
+ * Forwards every request to api.githat.io and re-emits upstream Set-Cookie
+ * headers on this app's domain. Without this bridge, the auth cookie set
+ * by api.githat.io is invisible to the consumer's proxy.ts and getAuth(),
+ * which produces a sign-in → app-page → "session expired" loop.
+ *
+ * The SDK is wired to this URL via `apiUrl: "/api/githat"` on
+ * GitHatProvider, so every fetch becomes same-origin and cookies land
+ * on this app's domain.
+ *
+ * Implementation lives in @githat/nextjs/server.githatApiProxy().
+ */
+import { githatApiProxy } from "@githat/nextjs/server";
+export const { GET, POST, PUT, PATCH, DELETE, OPTIONS } = githatApiProxy();
+// Auth flows are stateful — never cache the proxied responses.
+export const dynamic = "force-dynamic";
+export const revalidate = 0;

package/templates/content/app/layout.tsx.hbs CHANGED Viewed

@@ -19,6 +19,7 @@ export default function RootLayout({ children }{{#if typescript}}: { children: R
         */}
         <GitHatProvider config=\{{
           publishableKey: process.env.NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY || '',
+          apiUrl: '/api/githat',
           signInUrl: '/sign-in',
           signUpUrl: '/sign-up',
           afterSignInUrl: '/',

package/templates/dashboard/app/api/githat/[...path]/route.ts.hbs ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Same-origin GitHat API proxy.
+ *
+ * Forwards every request to api.githat.io and re-emits upstream Set-Cookie
+ * headers on this app's domain. Without this bridge, the auth cookie set
+ * by api.githat.io is invisible to the consumer's proxy.ts and getAuth(),
+ * which produces a sign-in → app-page → "session expired" loop.
+ *
+ * The SDK is wired to this URL via `apiUrl: "/api/githat"` on
+ * GitHatProvider, so every fetch becomes same-origin and cookies land
+ * on this app's domain.
+ *
+ * Implementation lives in @githat/nextjs/server.githatApiProxy().
+ */
+import { githatApiProxy } from "@githat/nextjs/server";
+export const { GET, POST, PUT, PATCH, DELETE, OPTIONS } = githatApiProxy();
+// Auth flows are stateful — never cache the proxied responses.
+export const dynamic = "force-dynamic";
+export const revalidate = 0;

package/templates/dashboard/app/layout.tsx.hbs CHANGED Viewed

@@ -19,6 +19,7 @@ export default function RootLayout({ children }{{#if typescript}}: { children: R
         */}
         <GitHatProvider config=\{{
           publishableKey: process.env.NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY || '',
+          apiUrl: '/api/githat',
           signInUrl: '/sign-in',
           signUpUrl: '/sign-up',
           afterSignInUrl: '/',

package/templates/fullstack/apps-web-nextjs/app/api/githat/[...path]/route.ts.hbs ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Same-origin GitHat API proxy.
+ *
+ * Forwards every request to api.githat.io and re-emits upstream Set-Cookie
+ * headers on this app's domain. Without this bridge, the auth cookie set
+ * by api.githat.io is invisible to the consumer's proxy.ts and getAuth(),
+ * which produces a sign-in → app-page → "session expired" loop.
+ *
+ * The SDK is wired to this URL via `apiUrl: "/api/githat"` on
+ * GitHatProvider, so every fetch becomes same-origin and cookies land
+ * on this app's domain.
+ *
+ * Implementation lives in @githat/nextjs/server.githatApiProxy().
+ */
+import { githatApiProxy } from "@githat/nextjs/server";
+export const { GET, POST, PUT, PATCH, DELETE, OPTIONS } = githatApiProxy();
+// Auth flows are stateful — never cache the proxied responses.
+export const dynamic = "force-dynamic";
+export const revalidate = 0;

package/templates/fullstack/apps-web-nextjs/app/layout.tsx.hbs CHANGED Viewed

@@ -14,6 +14,7 @@ export default function RootLayout({ children }{{#if typescript}}: { children: R
       <body>
         <GitHatProvider config=\{{
           publishableKey: process.env.NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY || '',
+          apiUrl: '/api/githat',
           signInUrl: '/sign-in',
           signUpUrl: '/sign-up',
           afterSignInUrl: '/dashboard',

package/templates/marketplace/app/api/githat/[...path]/route.ts.hbs ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Same-origin GitHat API proxy.
+ *
+ * Forwards every request to api.githat.io and re-emits upstream Set-Cookie
+ * headers on this app's domain. Without this bridge, the auth cookie set
+ * by api.githat.io is invisible to the consumer's proxy.ts and getAuth(),
+ * which produces a sign-in → app-page → "session expired" loop.
+ *
+ * The SDK is wired to this URL via `apiUrl: "/api/githat"` on
+ * GitHatProvider, so every fetch becomes same-origin and cookies land
+ * on this app's domain.
+ *
+ * Implementation lives in @githat/nextjs/server.githatApiProxy().
+ */
+import { githatApiProxy } from "@githat/nextjs/server";
+export const { GET, POST, PUT, PATCH, DELETE, OPTIONS } = githatApiProxy();
+// Auth flows are stateful — never cache the proxied responses.
+export const dynamic = "force-dynamic";
+export const revalidate = 0;

package/templates/marketplace/app/layout.tsx.hbs CHANGED Viewed

@@ -25,6 +25,7 @@ export default function RootLayout({ children }{{#if typescript}}: { children: R
       <body>
         <GitHatProvider config=\{{
           publishableKey: process.env.NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY || '',
+          apiUrl: '/api/githat',
           signInUrl: '/sign-in',
           signUpUrl: '/sign-up',
           afterSignInUrl: '/',

package/templates/nextjs/app/api/githat/[...path]/route.ts.hbs ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Same-origin GitHat API proxy.
+ *
+ * Forwards every request to api.githat.io and re-emits upstream Set-Cookie
+ * headers on this app's domain. Without this bridge, the auth cookie set
+ * by api.githat.io is invisible to the consumer's proxy.ts and getAuth(),
+ * which produces a sign-in → app-page → "session expired" loop.
+ *
+ * The SDK is wired to this URL via `apiUrl: "/api/githat"` on
+ * GitHatProvider, so every fetch becomes same-origin and cookies land
+ * on this app's domain.
+ *
+ * Implementation lives in @githat/nextjs/server.githatApiProxy().
+ */
+import { githatApiProxy } from "@githat/nextjs/server";
+export const { GET, POST, PUT, PATCH, DELETE, OPTIONS } = githatApiProxy();
+// Auth flows are stateful — never cache the proxied responses.
+export const dynamic = "force-dynamic";
+export const revalidate = 0;

package/templates/nextjs/app/layout.tsx.hbs CHANGED Viewed

@@ -20,6 +20,7 @@ export default function RootLayout({ children }{{#if typescript}}: { children: R
           ...githatConfig,
 {{else}}
           publishableKey: process.env.NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY || '',
+          apiUrl: '/api/githat',
           signInUrl: '/sign-in',
           signUpUrl: '/sign-up',
           afterSignInUrl: '/dashboard',

package/templates/plain/app/api/githat/[...path]/route.ts.hbs ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Same-origin GitHat API proxy.
+ *
+ * Forwards every request to api.githat.io and re-emits upstream Set-Cookie
+ * headers on this app's domain. Without this bridge, the auth cookie set
+ * by api.githat.io is invisible to the consumer's proxy.ts and getAuth(),
+ * which produces a sign-in → app-page → "session expired" loop.
+ *
+ * The SDK is wired to this URL via `apiUrl: "/api/githat"` on
+ * GitHatProvider, so every fetch becomes same-origin and cookies land
+ * on this app's domain.
+ *
+ * Implementation lives in @githat/nextjs/server.githatApiProxy().
+ */
+import { githatApiProxy } from "@githat/nextjs/server";
+export const { GET, POST, PUT, PATCH, DELETE, OPTIONS } = githatApiProxy();
+// Auth flows are stateful — never cache the proxied responses.
+export const dynamic = "force-dynamic";
+export const revalidate = 0;

package/templates/plain/app/layout.tsx.hbs CHANGED Viewed

@@ -19,6 +19,7 @@ export default function RootLayout({ children }{{#if typescript}}: { children: R
         */}
         <GitHatProvider config=\{{
           publishableKey: process.env.NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY || '',
+          apiUrl: '/api/githat',
           signInUrl: '/sign-in',
           signUpUrl: '/sign-up',
           afterSignInUrl: '/',

package/templates/portfolio/app/api/githat/[...path]/route.ts.hbs ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Same-origin GitHat API proxy.
+ *
+ * Forwards every request to api.githat.io and re-emits upstream Set-Cookie
+ * headers on this app's domain. Without this bridge, the auth cookie set
+ * by api.githat.io is invisible to the consumer's proxy.ts and getAuth(),
+ * which produces a sign-in → app-page → "session expired" loop.
+ *
+ * The SDK is wired to this URL via `apiUrl: "/api/githat"` on
+ * GitHatProvider, so every fetch becomes same-origin and cookies land
+ * on this app's domain.
+ *
+ * Implementation lives in @githat/nextjs/server.githatApiProxy().
+ */
+import { githatApiProxy } from "@githat/nextjs/server";
+export const { GET, POST, PUT, PATCH, DELETE, OPTIONS } = githatApiProxy();
+// Auth flows are stateful — never cache the proxied responses.
+export const dynamic = "force-dynamic";
+export const revalidate = 0;

package/templates/portfolio/app/layout.tsx.hbs CHANGED Viewed

@@ -19,6 +19,7 @@ export default function RootLayout({ children }{{#if typescript}}: { children: R
         */}
         <GitHatProvider config=\{{
           publishableKey: process.env.NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY || '',
+          apiUrl: '/api/githat',
           signInUrl: '/sign-in',
           signUpUrl: '/sign-up',
           afterSignInUrl: '/',

package/templates/saas/app/api/githat/[...path]/route.ts.hbs ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Same-origin GitHat API proxy.
+ *
+ * Forwards every request to api.githat.io and re-emits upstream Set-Cookie
+ * headers on this app's domain. Without this bridge, the auth cookie set
+ * by api.githat.io is invisible to the consumer's proxy.ts and getAuth(),
+ * which produces a sign-in → app-page → "session expired" loop.
+ *
+ * The SDK is wired to this URL via `apiUrl: "/api/githat"` on
+ * GitHatProvider, so every fetch becomes same-origin and cookies land
+ * on this app's domain.
+ *
+ * Implementation lives in @githat/nextjs/server.githatApiProxy().
+ */
+import { githatApiProxy } from "@githat/nextjs/server";
+export const { GET, POST, PUT, PATCH, DELETE, OPTIONS } = githatApiProxy();
+// Auth flows are stateful — never cache the proxied responses.
+export const dynamic = "force-dynamic";
+export const revalidate = 0;

package/templates/saas/app/layout.tsx.hbs CHANGED Viewed

@@ -19,6 +19,7 @@ export default function RootLayout({ children }{{#if typescript}}: { children: R
         */}
         <GitHatProvider config=\{{
           publishableKey: process.env.NEXT_PUBLIC_GITHAT_PUBLISHABLE_KEY || '',
+          apiUrl: '/api/githat',
           signInUrl: '/sign-in',
           signUpUrl: '/sign-up',
           afterSignInUrl: '/',