create-nextblock 0.10.9 → 0.11.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. package/package.json +1 -1
  2. package/templates/nextblock-template/app/actions/interactions.test.ts +301 -0
  3. package/templates/nextblock-template/app/actions/interactions.ts +372 -0
  4. package/templates/nextblock-template/app/api/ai/cortex/build-widget/route.ts +4 -4
  5. package/templates/nextblock-template/app/api/ai/generate-blocks/route.ts +2 -2
  6. package/templates/nextblock-template/app/api/ai/global-agent/route.ts +56 -57
  7. package/templates/nextblock-template/app/api/cron/reset-sandbox/route.ts +1 -1
  8. package/templates/nextblock-template/app/api/cron/reset-sandbox/sandboxResetSql.ts +837 -0
  9. package/templates/nextblock-template/app/article/[slug]/PostClientContent.tsx +6 -0
  10. package/templates/nextblock-template/app/cms/CmsClientLayout.tsx +4 -0
  11. package/templates/nextblock-template/app/cms/components/ConnectGitHubButton.tsx +122 -0
  12. package/templates/nextblock-template/app/cms/components/github-connect-actions.ts +102 -0
  13. package/templates/nextblock-template/app/cms/dashboard/components/DashboardOnboarding.tsx +18 -13
  14. package/templates/nextblock-template/app/cms/interactions/InteractionsModerationClient.tsx +408 -0
  15. package/templates/nextblock-template/app/cms/interactions/page.tsx +51 -0
  16. package/templates/nextblock-template/app/cms/settings/cortex-ai/SandboxCortexAiSettingsClient.tsx +4 -3
  17. package/templates/nextblock-template/app/cms/settings/cortex-ai/StoredCortexAiSettingsClient.tsx +1 -1
  18. package/templates/nextblock-template/app/cms/settings/cortex-ai/actions.ts +3 -5
  19. package/templates/nextblock-template/app/cms/settings/cortex-ai/page.tsx +1 -1
  20. package/templates/nextblock-template/app/page.tsx +2 -2
  21. package/templates/nextblock-template/app/product/[slug]/page.tsx +2 -0
  22. package/templates/nextblock-template/components/AppShell.tsx +1 -1
  23. package/templates/nextblock-template/components/PostCommentsSection.tsx +369 -0
  24. package/templates/nextblock-template/components/ProductReviewsSection.tsx +419 -0
  25. package/templates/nextblock-template/components/blocks/renderers/ProductDetailsBlockRenderer.tsx +2 -0
  26. package/templates/nextblock-template/components/privacy/ConsentBanner.tsx +62 -19
  27. package/templates/nextblock-template/docs/08-NEXTBLOCK-CORTEX-AI-ARCHITECTURE.md +19 -19
  28. package/templates/nextblock-template/docs/10-CUSTOM-BLOCKS.md +4 -4
  29. package/templates/nextblock-template/docs/12-VERCEL-DEPLOYMENT.md +9 -8
  30. package/templates/nextblock-template/docs/13-STAYING-UP-TO-DATE.md +38 -9
  31. package/templates/nextblock-template/lib/blocks/ProductGridBlock.tsx +2 -0
  32. package/templates/nextblock-template/lib/onboarding/status.ts +13 -6
  33. package/templates/nextblock-template/lib/setup/actions.ts +3 -1
  34. package/templates/nextblock-template/lib/setup/migrations-bundle.ts +30 -0
  35. package/templates/nextblock-template/lib/updates/check-upstream.ts +44 -7
  36. package/templates/nextblock-template/lib/updates/github-device.ts +206 -0
  37. package/templates/nextblock-template/lib/updates/repo-identity.ts +11 -1
  38. package/templates/nextblock-template/package.json +2 -1
  39. package/templates/nextblock-template/scripts/verify-cortex-ai-build-widget.tsx +2 -4
  40. package/templates/nextblock-template/scripts/verify-cortex-ai-generate-blocks.ts +1 -1
  41. package/templates/nextblock-template/scripts/verify-cortex-ai-global-tools.ts +1 -1
  42. package/templates/nextblock-template/scripts/verify-cortex-ai-routing.ts +1 -1
  43. package/templates/nextblock-template/tsconfig.tsbuildinfo +1 -1
  44. package/templates/nextblock-template/lib/ai-block-generation.ts +0 -339
  45. package/templates/nextblock-template/lib/ai-client.ts +0 -247
  46. package/templates/nextblock-template/lib/ai-config.ts +0 -98
  47. package/templates/nextblock-template/lib/ai-cortex-widget-builder.ts +0 -125
  48. package/templates/nextblock-template/lib/ai-global-agent-custom-block-tools.ts +0 -363
  49. package/templates/nextblock-template/lib/ai-global-agent-db-tools.test.ts +0 -405
  50. package/templates/nextblock-template/lib/ai-global-agent-db-tools.ts +0 -1228
  51. package/templates/nextblock-template/lib/ai-global-agent-ecommerce.ts +0 -5
  52. package/templates/nextblock-template/lib/ai-global-agent-tools-stats.test.ts +0 -223
  53. package/templates/nextblock-template/lib/ai-global-agent-tools.test.ts +0 -2183
  54. package/templates/nextblock-template/lib/ai-global-agent-tools.ts +0 -4807
  55. package/templates/nextblock-template/lib/ai-key-crypto.test.ts +0 -70
  56. package/templates/nextblock-template/lib/ai-key-crypto.ts +0 -132
  57. package/templates/nextblock-template/lib/ai-model-catalog.test.ts +0 -49
  58. package/templates/nextblock-template/lib/ai-model-catalog.ts +0 -41
  59. package/templates/nextblock-template/lib/ai-model-registry.test.ts +0 -231
  60. package/templates/nextblock-template/lib/ai-model-registry.ts +0 -522
  61. package/templates/nextblock-template/lib/cortex-widget-registry.test.ts +0 -199
  62. package/templates/nextblock-template/lib/cortex-widget-registry.ts +0 -88
  63. package/templates/nextblock-template/lib/cortex-widget-schema.test.tsx +0 -237
  64. package/templates/nextblock-template/lib/cortex-widget-schema.ts +0 -393
@@ -0,0 +1,206 @@
1
+ import 'server-only';
2
+ // GitHub OAuth Device Flow — the one auth model that works across every NextBlock install
3
+ // domain without a per-site callback URL or a user-created PAT. Powers the onboarding
4
+ // "Connect GitHub" button, which installs the upstream-sync workflow into the user's repo
5
+ // (Vercel's 1-click clone strips .github/workflows because its token lacks the `workflow`
6
+ // scope, so the file must be added with a token that has it — which Connect obtains).
7
+ //
8
+ // The Client ID is PUBLIC (device flow uses no client secret), so it's baked in as the
9
+ // default for every install; NEXTBLOCK_GITHUB_CLIENT_ID overrides it for self-run forks.
10
+ import { resolveSelfRepo } from './repo-identity';
11
+
12
+ // Shared NextBlock OAuth App (org: nextblock-cms), Device Flow enabled. Public value.
13
+ const DEFAULT_GITHUB_CLIENT_ID = 'Ov23liVYp5Tpmq7CUnGf';
14
+ const UPSTREAM_REPO = 'nextblock-cms/nextblock';
15
+ const WORKFLOW_PATH = '.github/workflows/nextblock-sync.yml';
16
+ // Writing a workflow file requires `workflow`; `repo` covers contents on private repos.
17
+ const SCOPES = 'repo workflow';
18
+
19
+ const DEVICE_CODE_URL = 'https://github.com/login/device/code';
20
+ const TOKEN_URL = 'https://github.com/login/oauth/access_token';
21
+
22
+ export function getGithubClientId(): string {
23
+ return process.env.NEXTBLOCK_GITHUB_CLIENT_ID?.trim() || DEFAULT_GITHUB_CLIENT_ID;
24
+ }
25
+
26
+ /** Connect is offered only when we know the repo and have a client id to authorize with. */
27
+ export function isGithubConnectAvailable(): boolean {
28
+ return Boolean(getGithubClientId()) && resolveSelfRepo() !== null;
29
+ }
30
+
31
+ function apiHeaders(token?: string): Record<string, string> {
32
+ const headers: Record<string, string> = {
33
+ Accept: 'application/vnd.github+json',
34
+ 'X-GitHub-Api-Version': '2022-11-28',
35
+ 'User-Agent': 'nextblock-update-checker',
36
+ };
37
+ if (token) headers.Authorization = `Bearer ${token}`;
38
+ return headers;
39
+ }
40
+
41
+ export interface DeviceFlowStart {
42
+ deviceCode: string;
43
+ userCode: string;
44
+ verificationUri: string;
45
+ interval: number;
46
+ expiresIn: number;
47
+ }
48
+
49
+ /** Begin the device flow. Throws on a hard failure (the caller surfaces the message). */
50
+ export async function startDeviceFlow(): Promise<DeviceFlowStart> {
51
+ const res = await fetch(DEVICE_CODE_URL, {
52
+ method: 'POST',
53
+ headers: { Accept: 'application/json', 'Content-Type': 'application/json' },
54
+ body: JSON.stringify({ client_id: getGithubClientId(), scope: SCOPES }),
55
+ signal: AbortSignal.timeout(15_000),
56
+ cache: 'no-store',
57
+ });
58
+ if (!res.ok) {
59
+ throw new Error(`GitHub device-code request failed (HTTP ${res.status}).`);
60
+ }
61
+ const data = await res.json();
62
+ if (data.error || !data.device_code) {
63
+ throw new Error(
64
+ data.error_description || data.error || 'GitHub did not return a device code.',
65
+ );
66
+ }
67
+ return {
68
+ deviceCode: data.device_code,
69
+ userCode: data.user_code,
70
+ verificationUri: data.verification_uri,
71
+ interval: typeof data.interval === 'number' ? data.interval : 5,
72
+ expiresIn: typeof data.expires_in === 'number' ? data.expires_in : 900,
73
+ };
74
+ }
75
+
76
+ export type DevicePollResult =
77
+ | { status: 'authorized'; token: string }
78
+ | { status: 'pending'; slowDown?: boolean }
79
+ | { status: 'expired' }
80
+ | { status: 'denied' }
81
+ | { status: 'error'; error: string };
82
+
83
+ /** Poll once for the user's authorization. Never throws. */
84
+ export async function pollDeviceFlowOnce(deviceCode: string): Promise<DevicePollResult> {
85
+ try {
86
+ const res = await fetch(TOKEN_URL, {
87
+ method: 'POST',
88
+ headers: { Accept: 'application/json', 'Content-Type': 'application/json' },
89
+ body: JSON.stringify({
90
+ client_id: getGithubClientId(),
91
+ device_code: deviceCode,
92
+ grant_type: 'urn:ietf:params:oauth:grant-type:device_code',
93
+ }),
94
+ signal: AbortSignal.timeout(15_000),
95
+ cache: 'no-store',
96
+ });
97
+ const data = await res.json();
98
+ if (data.access_token) return { status: 'authorized', token: data.access_token };
99
+ switch (data.error) {
100
+ case 'authorization_pending':
101
+ return { status: 'pending' };
102
+ case 'slow_down':
103
+ return { status: 'pending', slowDown: true };
104
+ case 'expired_token':
105
+ return { status: 'expired' };
106
+ case 'access_denied':
107
+ return { status: 'denied' };
108
+ default:
109
+ return { status: 'error', error: data.error_description || data.error || 'Unknown error.' };
110
+ }
111
+ } catch (caught) {
112
+ return {
113
+ status: 'error',
114
+ error: caught instanceof Error ? caught.message : 'Could not reach GitHub.',
115
+ };
116
+ }
117
+ }
118
+
119
+ export interface InstallResult {
120
+ ok: boolean;
121
+ htmlUrl?: string;
122
+ error?: string;
123
+ }
124
+
125
+ /**
126
+ * Install (or update) the upstream-sync workflow in the connected repo, using the
127
+ * canonical file from the upstream repo so it never drifts. Never throws.
128
+ */
129
+ export async function installSyncWorkflow(token: string): Promise<InstallResult> {
130
+ const self = resolveSelfRepo();
131
+ if (!self) return { ok: false, error: 'Could not determine this deployment’s GitHub repository.' };
132
+
133
+ try {
134
+ // 1) Default branch of the target repo.
135
+ const repoRes = await fetch(`https://api.github.com/repos/${self.owner}/${self.repo}`, {
136
+ headers: apiHeaders(token),
137
+ signal: AbortSignal.timeout(15_000),
138
+ cache: 'no-store',
139
+ });
140
+ if (!repoRes.ok) {
141
+ return { ok: false, error: `Could not read the repository (HTTP ${repoRes.status}).` };
142
+ }
143
+ const repo = await repoRes.json();
144
+ const branch: string = repo.default_branch || 'main';
145
+
146
+ // 2) Canonical workflow content from upstream (base64), passed straight through.
147
+ const upstreamRes = await fetch(
148
+ `https://api.github.com/repos/${UPSTREAM_REPO}/contents/${WORKFLOW_PATH}`,
149
+ { headers: apiHeaders(token), signal: AbortSignal.timeout(15_000), cache: 'no-store' },
150
+ );
151
+ if (!upstreamRes.ok) {
152
+ return { ok: false, error: `Could not read the upstream workflow (HTTP ${upstreamRes.status}).` };
153
+ }
154
+ const upstream = await upstreamRes.json();
155
+ const contentBase64 = typeof upstream.content === 'string' ? upstream.content.replace(/\s/g, '') : '';
156
+ if (!contentBase64) return { ok: false, error: 'Upstream workflow content was empty.' };
157
+
158
+ // 3) Existing file sha (if the path already exists on the target branch).
159
+ let sha: string | undefined;
160
+ const existingRes = await fetch(
161
+ `https://api.github.com/repos/${self.owner}/${self.repo}/contents/${WORKFLOW_PATH}?ref=${encodeURIComponent(branch)}`,
162
+ { headers: apiHeaders(token), signal: AbortSignal.timeout(15_000), cache: 'no-store' },
163
+ );
164
+ if (existingRes.ok) {
165
+ const existing = await existingRes.json();
166
+ if (existing && typeof existing.sha === 'string') sha = existing.sha;
167
+ }
168
+
169
+ // 4) Create/update the workflow file.
170
+ const putRes = await fetch(
171
+ `https://api.github.com/repos/${self.owner}/${self.repo}/contents/${WORKFLOW_PATH}`,
172
+ {
173
+ method: 'PUT',
174
+ headers: { ...apiHeaders(token), 'Content-Type': 'application/json' },
175
+ body: JSON.stringify({
176
+ message: 'ci: add NextBlock upstream-sync workflow',
177
+ content: contentBase64,
178
+ branch,
179
+ ...(sha ? { sha } : {}),
180
+ }),
181
+ signal: AbortSignal.timeout(20_000),
182
+ cache: 'no-store',
183
+ },
184
+ );
185
+ if (!putRes.ok) {
186
+ let detail = `HTTP ${putRes.status}`;
187
+ try {
188
+ const body = await putRes.json();
189
+ if (body?.message) detail = body.message;
190
+ } catch {
191
+ /* ignore */
192
+ }
193
+ return { ok: false, error: `Could not install the workflow: ${detail}.` };
194
+ }
195
+
196
+ return {
197
+ ok: true,
198
+ htmlUrl: `https://github.com/${self.owner}/${self.repo}/actions`,
199
+ };
200
+ } catch (caught) {
201
+ return {
202
+ ok: false,
203
+ error: caught instanceof Error ? caught.message : 'Could not install the workflow.',
204
+ };
205
+ }
206
+ }
@@ -39,8 +39,18 @@ export function resolveSelfRepo(): SelfRepo | null {
39
39
  return null;
40
40
  }
41
41
 
42
- /** The fork's GitHub Actions tab, for the onboarding "enable Actions" reminder. */
42
+ /** The repo's GitHub Actions tab (shows the sync workflow + a "Run workflow" button). */
43
43
  export function selfActionsUrl(): string | null {
44
44
  const self = resolveSelfRepo();
45
45
  return self ? `https://github.com/${self.owner}/${self.repo}/actions` : null;
46
46
  }
47
+
48
+ /**
49
+ * Settings -> Actions -> General. The authoritative enable/permissions page — always
50
+ * renders a clear UI (unlike /actions, which redirects to the confusing "choose a
51
+ * workflow" chooser when no workflow has run yet). Used by the onboarding reminder.
52
+ */
53
+ export function selfActionsSettingsUrl(): string | null {
54
+ const self = resolveSelfRepo();
55
+ return self ? `https://github.com/${self.owner}/${self.repo}/settings/actions` : null;
56
+ }
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@nextblock-cms/template",
3
- "version": "0.10.9",
3
+ "version": "0.11.2",
4
4
  "private": true,
5
5
  "scripts": {
6
6
  "dev": "next dev",
@@ -30,6 +30,7 @@
30
30
  "@nextblock-cms/sdk": "workspace:*",
31
31
  "@nextblock-cms/ui": "workspace:*",
32
32
  "@nextblock-cms/utils": "workspace:*",
33
+ "@nextblock/cortex": "workspace:*",
33
34
  "@radix-ui/react-tooltip": "^1.2.8",
34
35
  "@supabase/ssr": "^0.10.2",
35
36
  "@supabase/supabase-js": "^2.105.1",
@@ -4,12 +4,10 @@ import { renderToStaticMarkup } from 'react-dom/server';
4
4
 
5
5
  import { DynamicLayoutEngine } from '../components/renderers/DynamicLayoutEngine';
6
6
  import {
7
+ buildCortexWidgetDefinitionInsertPayload,
7
8
  buildCortexProfileCardVerificationDefinition,
8
9
  validateCortexWidgetDefinitionOutput,
9
- } from '../lib/cortex-widget-schema';
10
- import {
11
- buildCortexWidgetDefinitionInsertPayload,
12
- } from '../lib/cortex-widget-registry';
10
+ } from '@nextblock/cortex';
13
11
 
14
12
  dotenv.config({ path: '.env.local' });
15
13
 
@@ -1,6 +1,6 @@
1
1
  import dotenv from 'dotenv';
2
2
 
3
- import { generateEditorHtmlFragment } from '../lib/ai-block-generation';
3
+ import { generateEditorHtmlFragment } from '@nextblock/cortex';
4
4
 
5
5
  dotenv.config({ path: '.env.local' });
6
6
 
@@ -8,7 +8,7 @@ import {
8
8
  executeUpdateFooter,
9
9
  executeUpdateNavigationBar,
10
10
  executeUpdateSectionColumnBlock,
11
- } from '../lib/ai-global-agent-tools';
11
+ } from '@nextblock/cortex';
12
12
 
13
13
  type MockRow = Record<string, any>;
14
14
 
@@ -3,7 +3,7 @@ import dotenv from 'dotenv';
3
3
  import {
4
4
  CORTEX_AI_OPENROUTER_FREE_ROUTER_MODEL,
5
5
  generateCortexAiText,
6
- } from '../lib/ai-client';
6
+ } from '@nextblock/cortex';
7
7
 
8
8
  dotenv.config({ path: '.env.local' });
9
9