create-prisma-php-app 2.0.0-alpha.9 → 2.0.0-beta.10

package/composer.json

@@ -22,6 +22,6 @@
     "guzzlehttp/guzzle": "^7.9.2",
     "ezyang/htmlpurifier": "^4.18.0",
     "symfony/uid": "^7.2.0",
-    "brick/math": "^0.12.1"
+    "brick/math": "^0.13.0"
   }
 }

package/dist/.htaccess

@@ -1,11 +1,11 @@
 # Turn on rewrite engine
 RewriteEngine On
 
-# Deny access to .env file for security
-<Files .env>
+# Prevent access to sensitive files
+<FilesMatch "(^\.htaccess|\.git|\.env|composer\.(json|lock)|package(-lock)?\.json|phpunit\.xml)$">
     Order allow,deny
     Deny from all
-</Files>
+</FilesMatch>
 
 # Allow cross-origin requests (CORS) for all routes
 <IfModule mod_headers.c>
@@ -32,11 +32,38 @@ RewriteEngine On
     </FilesMatch>
 </IfModule>
 
+# Add important security headers
+<IfModule mod_headers.c>
+    # Enforce HTTPS and prevent protocol downgrade attacks
+    Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+
+    # Protect against Cross-Site Scripting (XSS) attacks
+    Header set X-XSS-Protection "1; mode=block"
+
+    # Prevent MIME-type sniffing
+    Header set X-Content-Type-Options "nosniff"
+
+    # Clickjacking protection
+    Header always set X-Frame-Options "DENY"
+
+    # Implement a basic Content Security Policy (CSP)
+    Header set Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' data:;"
+
+    # Restrict form submissions
+    Header set Content-Security-Policy "form-action 'self'"
+
+    # Set a strict Referrer Policy
+    Header set Referrer-Policy "strict-origin-when-cross-origin"
+
+    # Control browser permissions (optional but recommended)
+    Header set Permissions-Policy "geolocation=(), microphone=(), camera=(), autoplay=()"
+</IfModule>
+
 # Exclude static files from being redirected
 RewriteCond %{REQUEST_URI} !\.(css|js|png|jpe?g|gif|svg|webp|woff2?|ttf|eot|ico|pdf|mp4|webm|mp3|ogg)$ [NC]
 RewriteCond %{REQUEST_URI} !^/bootstrap.php
 RewriteRule ^(.*)$ bootstrap.php [QSA,L]
 
-# Add this to ensure OPTIONS requests are handled correctly
+# Ensure OPTIONS requests are handled correctly
 RewriteCond %{REQUEST_METHOD} OPTIONS
 RewriteRule ^ - [R=200,L]

package/dist/bootstrap.php

@@ -627,7 +627,6 @@ final class Bootstrap
 
     public static function getLoadingsFiles(): string
     {
-        // Gather all loading.php files
         $loadingFiles = array_filter(PrismaPHPSettings::$routeFiles, function ($route) {
             $normalizedRoute = str_replace('\\', '/', $route);
             return preg_match('/\/loading\.php$/', $normalizedRoute);

package/dist/index.js

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import{execSync}from"child_process";import fs from"fs";import{fileURLToPath}from"url";import path from"path";import chalk from"chalk";import prompts from"prompts";import https from"https";import{randomBytes}from"crypto";const __filename=fileURLToPath(import.meta.url),__dirname=path.dirname(__filename);let updateAnswer=null;const nonBackendFiles=["favicon.ico","\\src\\app\\index.php","metadata.php","not-found.php"],dockerFiles=[".dockerignore","docker-compose.yml","Dockerfile","apache.conf"];function bsConfigUrls(e){const s=e.indexOf("\\htdocs\\");if(-1===s)return{bsTarget:"",bsPathRewrite:{}};const t=e.substring(0,s+"\\htdocs\\".length).replace(/\\/g,"\\\\"),n=e.replace(new RegExp(`^${t}`),"").replace(/\\/g,"/");let c=`http://localhost/${n}`;c=c.endsWith("/")?c.slice(0,-1):c;const i=c.replace(/(?<!:)(\/\/+)/g,"/"),o=n.replace(/\/\/+/g,"/");return{bsTarget:`${i}/`,bsPathRewrite:{"^/":`/${o.startsWith("/")?o.substring(1):o}/`}}}async function updatePackageJson(e,s){const t=path.join(e,"package.json");if(checkExcludeFiles(t))return;const n=JSON.parse(fs.readFileSync(t,"utf8"));n.scripts={...n.scripts,projectName:"tsx settings/project-name.ts"};let c=[];if(s.tailwindcss&&(n.scripts={...n.scripts,tailwind:"postcss src/app/css/tailwind.css -o src/app/css/styles.css --watch"},c.push("tailwind")),s.websocket&&(n.scripts={...n.scripts,websocket:"tsx settings/restart-websocket.ts"},c.push("websocket")),s.docker&&(n.scripts={...n.scripts,docker:"docker-compose up"},c.push("docker")),s.swaggerDocs){const e=s.prisma?"tsx settings/auto-swagger-docs.ts":"tsx settings/swagger-config.ts";n.scripts={...n.scripts,"create-swagger-docs":e}}let i={...n.scripts};i.browserSync="tsx settings/bs-config.ts",i.dev=`npm-run-all projectName -p browserSync ${c.join(" ")}`,n.scripts=i,n.type="module",s.prisma&&(n.prisma={seed:"tsx prisma/seed.ts"}),fs.writeFileSync(t,JSON.stringify(n,null,2))}async function updateComposerJson(e,s){const t=path.join(e,"composer.json");if(checkExcludeFiles(t))return;let n;if(fs.existsSync(t)){{const e=fs.readFileSync(t,"utf8");n=JSON.parse(e)}s.websocket&&(n.require={...n.require,"cboden/ratchet":"^0.4.4"}),s.prisma&&(n.require={...n.require,"calicastle/cuid":"^2.0.0"}),fs.writeFileSync(t,JSON.stringify(n,null,2))}}async function updateIndexJsForWebSocket(e,s){if(!s.websocket)return;const t=path.join(e,"src","app","js","index.js");if(checkExcludeFiles(t))return;let n=fs.readFileSync(t,"utf8");n+='\n// WebSocket initialization\nvar ws = new WebSocket("ws://localhost:8080");\n',fs.writeFileSync(t,n,"utf8")}function generateAuthSecret(){return randomBytes(33).toString("base64")}function generateLocalStoreKey(){return randomBytes(16).toString("hex")}function copyRecursiveSync(e,s,t){const n=fs.existsSync(e),c=n&&fs.statSync(e);if(n&&c&&c.isDirectory()){const n=s.toLowerCase();if(!t.websocket&&n.includes("src\\lib\\websocket"))return;if(!t.prisma&&n.includes("src\\lib\\prisma"))return;if(t.backendOnly&&n.includes("src\\app\\js")||t.backendOnly&&n.includes("src\\app\\css")||t.backendOnly&&n.includes("src\\app\\assets"))return;if(!t.swaggerDocs&&n.includes("src\\app\\swagger-docs"))return;const c=s.replace(/\\/g,"/");if(updateAnswer?.excludeFilePath?.includes(c))return;fs.existsSync(s)||fs.mkdirSync(s,{recursive:!0}),fs.readdirSync(e).forEach((n=>{copyRecursiveSync(path.join(e,n),path.join(s,n),t)}))}else{if(checkExcludeFiles(s))return;if(!t.tailwindcss&&(s.includes("tailwind.css")||s.includes("styles.css")))return;if(!t.websocket&&(s.includes("restart-websocket.ts")||s.includes("restart-websocket.bat")))return;if(!t.docker&&dockerFiles.some((e=>s.includes(e))))return;if(t.backendOnly&&nonBackendFiles.some((e=>s.includes(e))))return;if(!t.backendOnly&&s.includes("route.php"))return;if(t.backendOnly&&!t.swaggerDocs&&s.includes("layout.php"))return;if(!t.swaggerDocs&&s.includes("swagger-config.ts"))return;if(t.tailwindcss&&s.includes("index.css"))return;if(!t.prisma&&(s.includes("prisma-sdk.ts")||s.includes("prisma-schema.json")))return;if((!t.swaggerDocs||!t.prisma)&&(s.includes("auto-swagger-docs.ts")||s.includes("prisma-schema-config.json")))return;fs.copyFileSync(e,s,0)}}async function executeCopy(e,s,t){s.forEach((({src:s,dest:n})=>{copyRecursiveSync(path.join(__dirname,s),path.join(e,n),t)}))}function modifyPostcssConfig(e){const s=path.join(e,"postcss.config.js");if(checkExcludeFiles(s))return;fs.writeFileSync(s,'export default {\n  plugins: {\n    "@tailwindcss/postcss": {},\n  },\n};',{flag:"w"})}function modifyLayoutPHP(e,s){const t=path.join(e,"src","app","layout.php");if(!checkExcludeFiles(t))try{let e=fs.readFileSync(t,"utf8"),n="";s.backendOnly||(s.tailwindcss||(n='\n    <link href="<?= Request::baseUrl; ?>/css/index.css" rel="stylesheet" />'),n+='\n    <script src="<?= Request::baseUrl; ?>/js/json5.min.js"><\/script>\n    <script src="<?= Request::baseUrl; ?>/js/index.js"><\/script>');let c="";s.backendOnly||(c=s.tailwindcss?`    <link href="<?= Request::baseUrl; ?>/css/styles.css" rel="stylesheet" /> ${n}`:n),e=e.replace("</head>",`${c}\n</head>`),fs.writeFileSync(t,e,{flag:"w"})}catch(e){}}async function createOrUpdateEnvFile(e,s){const t=path.join(e,".env");checkExcludeFiles(t)||fs.writeFileSync(t,s,{flag:"w"})}function checkExcludeFiles(e){return!!updateAnswer?.isUpdate&&(updateAnswer?.excludeFilePath?.includes(e.replace(/\\/g,"/"))??!1)}async function createDirectoryStructure(e,s){const t=[{src:"/bootstrap.php",dest:"/bootstrap.php"},{src:"/.htaccess",dest:"/.htaccess"},{src:"/../composer.json",dest:"/composer.json"},{src:"/tsconfig.json",dest:"/tsconfig.json"},{src:"/app-gitignore",dest:"/.gitignore"}];s.tailwindcss&&t.push({src:"/postcss.config.js",dest:"/postcss.config.js"});const n=[{src:"/settings",dest:"/settings"},{src:"/src",dest:"/src"}];s.prisma&&n.push({src:"/prisma",dest:"/prisma"}),s.docker&&n.push({src:"/.dockerignore",dest:"/.dockerignore"},{src:"/docker-compose.yml",dest:"/docker-compose.yml"},{src:"/Dockerfile",dest:"/Dockerfile"},{src:"/apache.conf",dest:"/apache.conf"}),t.forEach((({src:s,dest:t})=>{const n=path.join(__dirname,s),c=path.join(e,t);if(checkExcludeFiles(c))return;const i=fs.readFileSync(n,"utf8");fs.writeFileSync(c,i,{flag:"w"})})),await executeCopy(e,n,s),await updatePackageJson(e,s),await updateComposerJson(e,s),s.backendOnly||await updateIndexJsForWebSocket(e,s),s.tailwindcss&&modifyPostcssConfig(e),(s.tailwindcss||!s.backendOnly||s.swaggerDocs)&&modifyLayoutPHP(e,s);const c=`# Prisma PHP Auth Secret Key For development only - Change this in production\nAUTH_SECRET="${generateAuthSecret()}"\n\n# PHPMailer\n# SMTP_HOST="smtp.gmail.com" or your SMTP host\n# SMTP_USERNAME="john.doe@gmail.com" or your SMTP username\n# SMTP_PASSWORD="123456"\n# SMTP_PORT="587" for TLS, 465 for SSL or your SMTP port\n# SMTP_ENCRYPTION="ssl" or tls\n# MAIL_FROM="john.doe@gmail.com"\n# MAIL_FROM_NAME="John Doe"\n\n# SHOW ERRORS - Set to true to show errors in the browser for development only - Change this in production to false\nSHOW_ERRORS="true"\n\n# APP TIMEZONE - Set your application timezone - Default is "UTC"\nAPP_TIMEZONE="UTC"\n\n# APP ENV - Set your application environment - Default is "development" - Change this in production to "production"\nAPP_ENV="development"\n\n# APP CACHE ENABLED - Set to true to enable caching - Default is false\nCACHE_ENABLED="false"\n# APP CACHE TTL - Set the cache time to live in seconds - Default is 600 seconds (10 minutes)\nCACHE_TTL="600"\n\n# LOCAL STORAGE KEY - Define a custom key for local storage.\n# If not set, it defaults to "pphp_local_store_59e13".\n# Spaces in the value will be replaced with underscores, and the key will be converted to lowercase automatically.\nLOCALSTORE_KEY="${generateLocalStoreKey()}"`;if(s.prisma){const s=`${'# Environment variables declared in this file are automatically made available to Prisma.\n# See the documentation for more detail: https://pris.ly/d/prisma-schema#accessing-environment-variables-from-the-schema\n\n# Prisma supports the native connection string format for PostgreSQL, MySQL, SQLite, SQL Server, MongoDB and CockroachDB.\n# See the documentation for all the connection string options: https://pris.ly/d/connection-strings\n\nDATABASE_URL="postgresql://johndoe:randompassword@localhost:5432/mydb?schema=public"'}\n\n${c}`;await createOrUpdateEnvFile(e,s)}else await createOrUpdateEnvFile(e,c)}async function getAnswer(e={}){const s=[];e.projectName||s.push({type:"text",name:"projectName",message:"What is your project named?",initial:"my-app"}),e.backendOnly||s.push({type:"toggle",name:"backendOnly",message:`Would you like to create a ${chalk.blue("backend-only project")}?`,initial:!1,active:"Yes",inactive:"No"});const t=()=>{process.exit(0)},n=await prompts(s,{onCancel:t}),c=[];n.backendOnly||e.backendOnly?(e.swaggerDocs||c.push({type:"toggle",name:"swaggerDocs",message:`Would you like to use ${chalk.blue("Swagger Docs")}?`,initial:!1,active:"Yes",inactive:"No"}),e.websocket||c.push({type:"toggle",name:"websocket",message:`Would you like to use ${chalk.blue("Websocket")}?`,initial:!0,active:"Yes",inactive:"No"}),e.prisma||c.push({type:"toggle",name:"prisma",message:`Would you like to use ${chalk.blue("Prisma PHP ORM")}?`,initial:!0,active:"Yes",inactive:"No"}),e.docker||c.push({type:"toggle",name:"docker",message:`Would you like to use ${chalk.blue("Docker")}?`,initial:!1,active:"Yes",inactive:"No"})):(e.swaggerDocs||c.push({type:"toggle",name:"swaggerDocs",message:`Would you like to use ${chalk.blue("Swagger Docs")}?`,initial:!1,active:"Yes",inactive:"No"}),e.tailwindcss||c.push({type:"toggle",name:"tailwindcss",message:`Would you like to use ${chalk.blue("Tailwind CSS")}?`,initial:!1,active:"Yes",inactive:"No"}),e.websocket||c.push({type:"toggle",name:"websocket",message:`Would you like to use ${chalk.blue("Websocket")}?`,initial:!1,active:"Yes",inactive:"No"}),e.prisma||c.push({type:"toggle",name:"prisma",message:`Would you like to use ${chalk.blue("Prisma PHP ORM")}?`,initial:!1,active:"Yes",inactive:"No"}),e.docker||c.push({type:"toggle",name:"docker",message:`Would you like to use ${chalk.blue("Docker")}?`,initial:!1,active:"Yes",inactive:"No"}));const i=await prompts(c,{onCancel:t});return{projectName:n.projectName?String(n.projectName).trim().replace(/ /g,"-"):e.projectName??"my-app",backendOnly:n.backendOnly??e.backendOnly??!1,swaggerDocs:i.swaggerDocs??e.swaggerDocs??!1,tailwindcss:i.tailwindcss??e.tailwindcss??!1,websocket:i.websocket??e.websocket??!1,prisma:i.prisma??e.prisma??!1,docker:i.docker??e.docker??!1}}async function uninstallDependencies(e,s,t=!1){s.forEach((e=>{}));const n=`npm uninstall ${t?"--save-dev":"--save"} ${s.join(" ")}`;execSync(n,{stdio:"inherit",cwd:e})}function fetchPackageVersion(e){return new Promise(((s,t)=>{https.get(`https://registry.npmjs.org/${e}`,(e=>{let n="";e.on("data",(e=>n+=e)),e.on("end",(()=>{try{const e=JSON.parse(n);s(e["dist-tags"].latest)}catch(e){t(new Error("Failed to parse JSON response"))}}))})).on("error",(e=>t(e)))}))}const readJsonFile=e=>{const s=fs.readFileSync(e,"utf8");return JSON.parse(s)};function compareVersions(e,s){const t=e.split(".").map(Number),n=s.split(".").map(Number);for(let e=0;e<t.length;e++){if(t[e]>n[e])return 1;if(t[e]<n[e])return-1}return 0}function getInstalledPackageVersion(e){try{const s=execSync(`npm list -g ${e} --depth=0`).toString().match(new RegExp(`${e}@(\\d+\\.\\d+\\.\\d+)`));return s?s[1]:null}catch(e){return null}}
+import{execSync}from"child_process";import fs from"fs";import{fileURLToPath}from"url";import path from"path";import chalk from"chalk";import prompts from"prompts";import https from"https";import{randomBytes}from"crypto";const __filename=fileURLToPath(import.meta.url),__dirname=path.dirname(__filename);let updateAnswer=null;const nonBackendFiles=["favicon.ico","\\src\\app\\index.php","metadata.php","not-found.php","error.php"],dockerFiles=[".dockerignore","docker-compose.yml","Dockerfile","apache.conf"];function bsConfigUrls(e){const s=e.indexOf("\\htdocs\\");if(-1===s)return{bsTarget:"",bsPathRewrite:{}};const t=e.substring(0,s+"\\htdocs\\".length).replace(/\\/g,"\\\\"),n=e.replace(new RegExp(`^${t}`),"").replace(/\\/g,"/");let c=`http://localhost/${n}`;c=c.endsWith("/")?c.slice(0,-1):c;const o=c.replace(/(?<!:)(\/\/+)/g,"/"),i=n.replace(/\/\/+/g,"/");return{bsTarget:`${o}/`,bsPathRewrite:{"^/":`/${i.startsWith("/")?i.substring(1):i}/`}}}async function updatePackageJson(e,s){const t=path.join(e,"package.json");if(checkExcludeFiles(t))return;const n=JSON.parse(fs.readFileSync(t,"utf8"));n.scripts={...n.scripts,projectName:"tsx settings/project-name.ts"};let c=[];if(s.tailwindcss&&(n.scripts={...n.scripts,tailwind:"postcss src/app/css/tailwind.css -o src/app/css/styles.css --watch"},c.push("tailwind")),s.websocket&&(n.scripts={...n.scripts,websocket:"tsx settings/restart-websocket.ts"},c.push("websocket")),s.docker&&(n.scripts={...n.scripts,docker:"docker-compose up"},c.push("docker")),s.swaggerDocs){const e=s.prisma?"tsx settings/auto-swagger-docs.ts":"tsx settings/swagger-config.ts";n.scripts={...n.scripts,"create-swagger-docs":e}}let o={...n.scripts};o.browserSync="tsx settings/bs-config.ts",o.dev=`npm-run-all projectName -p browserSync ${c.join(" ")}`,n.scripts=o,n.type="module",s.prisma&&(n.prisma={seed:"tsx prisma/seed.ts"}),fs.writeFileSync(t,JSON.stringify(n,null,2))}async function updateComposerJson(e,s){const t=path.join(e,"composer.json");if(checkExcludeFiles(t))return;let n;if(fs.existsSync(t)){{const e=fs.readFileSync(t,"utf8");n=JSON.parse(e)}s.websocket&&(n.require={...n.require,"cboden/ratchet":"^0.4.4"}),s.prisma&&(n.require={...n.require,"calicastle/cuid":"^2.0.0"}),fs.writeFileSync(t,JSON.stringify(n,null,2))}}async function updateIndexJsForWebSocket(e,s){if(!s.websocket)return;const t=path.join(e,"src","app","js","index.js");if(checkExcludeFiles(t))return;let n=fs.readFileSync(t,"utf8");n+='\n// WebSocket initialization\nvar ws = new WebSocket("ws://localhost:8080");\n',fs.writeFileSync(t,n,"utf8")}function generateAuthSecret(){return randomBytes(33).toString("base64")}function generateLocalStoreKey(){return randomBytes(16).toString("hex")}function copyRecursiveSync(e,s,t){const n=fs.existsSync(e),c=n&&fs.statSync(e);if(n&&c&&c.isDirectory()){const n=s.toLowerCase();if(!t.websocket&&n.includes("src\\lib\\websocket"))return;if(t.backendOnly&&n.includes("src\\app\\js")||t.backendOnly&&n.includes("src\\app\\css")||t.backendOnly&&n.includes("src\\app\\assets"))return;if(!t.swaggerDocs&&n.includes("src\\app\\swagger-docs"))return;const c=s.replace(/\\/g,"/");if(updateAnswer?.excludeFilePath?.includes(c))return;fs.existsSync(s)||fs.mkdirSync(s,{recursive:!0}),fs.readdirSync(e).forEach((n=>{copyRecursiveSync(path.join(e,n),path.join(s,n),t)}))}else{if(checkExcludeFiles(s))return;if(!t.tailwindcss&&(s.includes("tailwind.css")||s.includes("styles.css")))return;if(!t.websocket&&(s.includes("restart-websocket.ts")||s.includes("restart-websocket.bat")))return;if(!t.docker&&dockerFiles.some((e=>s.includes(e))))return;if(t.backendOnly&&nonBackendFiles.some((e=>s.includes(e))))return;if(!t.backendOnly&&s.includes("route.php"))return;if(t.backendOnly&&!t.swaggerDocs&&s.includes("layout.php"))return;if(!t.swaggerDocs&&s.includes("swagger-config.ts"))return;if(t.tailwindcss&&s.includes("index.css"))return;if((!t.swaggerDocs||!t.prisma)&&(s.includes("auto-swagger-docs.ts")||s.includes("prisma-schema-config.json")))return;fs.copyFileSync(e,s,0)}}async function executeCopy(e,s,t){s.forEach((({src:s,dest:n})=>{copyRecursiveSync(path.join(__dirname,s),path.join(e,n),t)}))}function modifyPostcssConfig(e){const s=path.join(e,"postcss.config.js");if(checkExcludeFiles(s))return;fs.writeFileSync(s,'export default {\n  plugins: {\n    "@tailwindcss/postcss": {},\n    cssnano: {},\n  },\n};',{flag:"w"})}function modifyLayoutPHP(e,s){const t=path.join(e,"src","app","layout.php");if(!checkExcludeFiles(t))try{let e=fs.readFileSync(t,"utf8"),n="";s.backendOnly||(s.tailwindcss||(n='\n    <link href="<?= Request::baseUrl; ?>/css/index.css" rel="stylesheet" />'),n+='\n    <script src="<?= Request::baseUrl; ?>/js/json5.min.js"><\/script>\n    <script src="<?= Request::baseUrl; ?>/js/index.js"><\/script>');let c="";s.backendOnly||(c=s.tailwindcss?`    <link href="<?= Request::baseUrl; ?>/css/styles.css" rel="stylesheet" /> ${n}`:n),e=e.replace("</head>",`${c}\n</head>`),fs.writeFileSync(t,e,{flag:"w"})}catch(e){}}async function createOrUpdateEnvFile(e,s){const t=path.join(e,".env");checkExcludeFiles(t)||fs.writeFileSync(t,s,{flag:"w"})}function checkExcludeFiles(e){return!!updateAnswer?.isUpdate&&(updateAnswer?.excludeFilePath?.includes(e.replace(/\\/g,"/"))??!1)}async function createDirectoryStructure(e,s){const t=[{src:"/bootstrap.php",dest:"/bootstrap.php"},{src:"/.htaccess",dest:"/.htaccess"},{src:"/../composer.json",dest:"/composer.json"},{src:"/tsconfig.json",dest:"/tsconfig.json"},{src:"/app-gitignore",dest:"/.gitignore"}];s.tailwindcss&&t.push({src:"/postcss.config.js",dest:"/postcss.config.js"});const n=[{src:"/settings",dest:"/settings"},{src:"/src",dest:"/src"}];s.docker&&n.push({src:"/.dockerignore",dest:"/.dockerignore"},{src:"/docker-compose.yml",dest:"/docker-compose.yml"},{src:"/Dockerfile",dest:"/Dockerfile"},{src:"/apache.conf",dest:"/apache.conf"}),t.forEach((({src:s,dest:t})=>{const n=path.join(__dirname,s),c=path.join(e,t);if(checkExcludeFiles(c))return;const o=fs.readFileSync(n,"utf8");fs.writeFileSync(c,o,{flag:"w"})})),await executeCopy(e,n,s),await updatePackageJson(e,s),await updateComposerJson(e,s),s.backendOnly||await updateIndexJsForWebSocket(e,s),s.tailwindcss&&modifyPostcssConfig(e),(s.tailwindcss||!s.backendOnly||s.swaggerDocs)&&modifyLayoutPHP(e,s);const c=`# Prisma PHP Auth Secret Key\nAUTH_SECRET="${generateAuthSecret()}"\n\n# PHPMailer\n# SMTP_HOST="smtp.gmail.com" or your SMTP host\n# SMTP_USERNAME="john.doe@gmail.com" or your SMTP username\n# SMTP_PASSWORD="123456"\n# SMTP_PORT="587" for TLS, 465 for SSL or your SMTP port\n# SMTP_ENCRYPTION="ssl" or tls\n# MAIL_FROM="john.doe@gmail.com"\n# MAIL_FROM_NAME="John Doe"\n\n# SHOW ERRORS - Set to true to show errors in the browser for development only - Change this in production to false\nSHOW_ERRORS="true"\n\n# APP TIMEZONE - Set your application timezone - Default is "UTC"\nAPP_TIMEZONE="UTC"\n\n# APP ENV - Set your application environment - Default is "development" - Change this in production to "production"\nAPP_ENV="development"\n\n# APP CACHE ENABLED - Set to true to enable caching - Default is false\nCACHE_ENABLED="false"\n# APP CACHE TTL - Set the cache time to live in seconds - Default is 600 seconds (10 minutes)\nCACHE_TTL="600"\n\n# LOCAL STORAGE KEY - Define a custom key for local storage.\n# If not set, it defaults to "pphp_local_store_59e13".\n# Spaces in the value will be replaced with underscores, and the key will be converted to lowercase automatically.\nLOCALSTORE_KEY="${generateLocalStoreKey()}"`;if(s.prisma){const s=`${'# Environment variables declared in this file are automatically made available to Prisma.\n# See the documentation for more detail: https://pris.ly/d/prisma-schema#accessing-environment-variables-from-the-schema\n\n# Prisma supports the native connection string format for PostgreSQL, MySQL, SQLite, SQL Server, MongoDB and CockroachDB.\n# See the documentation for all the connection string options: https://pris.ly/d/connection-strings\n\nDATABASE_URL="postgresql://johndoe:randompassword@localhost:5432/mydb?schema=public"'}\n\n${c}`;await createOrUpdateEnvFile(e,s)}else await createOrUpdateEnvFile(e,c)}async function getAnswer(e={}){const s=[];e.projectName||s.push({type:"text",name:"projectName",message:"What is your project named?",initial:"my-app"}),e.backendOnly||s.push({type:"toggle",name:"backendOnly",message:`Would you like to create a ${chalk.blue("backend-only project")}?`,initial:!1,active:"Yes",inactive:"No"});const t=()=>{process.exit(0)},n=await prompts(s,{onCancel:t}),c=[];n.backendOnly||e.backendOnly?(e.swaggerDocs||c.push({type:"toggle",name:"swaggerDocs",message:`Would you like to use ${chalk.blue("Swagger Docs")}?`,initial:!1,active:"Yes",inactive:"No"}),e.websocket||c.push({type:"toggle",name:"websocket",message:`Would you like to use ${chalk.blue("Websocket")}?`,initial:!0,active:"Yes",inactive:"No"}),e.prisma||c.push({type:"toggle",name:"prisma",message:`Would you like to use ${chalk.blue("Prisma PHP ORM")}?`,initial:!0,active:"Yes",inactive:"No"}),e.docker||c.push({type:"toggle",name:"docker",message:`Would you like to use ${chalk.blue("Docker")}?`,initial:!1,active:"Yes",inactive:"No"})):(e.swaggerDocs||c.push({type:"toggle",name:"swaggerDocs",message:`Would you like to use ${chalk.blue("Swagger Docs")}?`,initial:!1,active:"Yes",inactive:"No"}),e.tailwindcss||c.push({type:"toggle",name:"tailwindcss",message:`Would you like to use ${chalk.blue("Tailwind CSS")}?`,initial:!1,active:"Yes",inactive:"No"}),e.websocket||c.push({type:"toggle",name:"websocket",message:`Would you like to use ${chalk.blue("Websocket")}?`,initial:!1,active:"Yes",inactive:"No"}),e.prisma||c.push({type:"toggle",name:"prisma",message:`Would you like to use ${chalk.blue("Prisma PHP ORM")}?`,initial:!1,active:"Yes",inactive:"No"}),e.docker||c.push({type:"toggle",name:"docker",message:`Would you like to use ${chalk.blue("Docker")}?`,initial:!1,active:"Yes",inactive:"No"}));const o=await prompts(c,{onCancel:t});return{projectName:n.projectName?String(n.projectName).trim().replace(/ /g,"-"):e.projectName??"my-app",backendOnly:n.backendOnly??e.backendOnly??!1,swaggerDocs:o.swaggerDocs??e.swaggerDocs??!1,tailwindcss:o.tailwindcss??e.tailwindcss??!1,websocket:o.websocket??e.websocket??!1,prisma:o.prisma??e.prisma??!1,docker:o.docker??e.docker??!1}}async function uninstallDependencies(e,s,t=!1){s.forEach((e=>{}));const n=`npm uninstall ${t?"--save-dev":"--save"} ${s.join(" ")}`;execSync(n,{stdio:"inherit",cwd:e})}function fetchPackageVersion(e){return new Promise(((s,t)=>{https.get(`https://registry.npmjs.org/${e}`,(e=>{let n="";e.on("data",(e=>n+=e)),e.on("end",(()=>{try{const e=JSON.parse(n);s(e["dist-tags"].latest)}catch(e){t(new Error("Failed to parse JSON response"))}}))})).on("error",(e=>t(e)))}))}const readJsonFile=e=>{const s=fs.readFileSync(e,"utf8");return JSON.parse(s)};function compareVersions(e,s){const t=e.split(".").map(Number),n=s.split(".").map(Number);for(let e=0;e<t.length;e++){if(t[e]>n[e])return 1;if(t[e]<n[e])return-1}return 0}function getInstalledPackageVersion(e){try{const s=execSync(`npm list -g ${e} --depth=0`).toString().match(new RegExp(`${e}@(\\d+\\.\\d+\\.\\d+)`));return s?s[1]:null}catch(e){return null}}
 /**
  * Install dependencies in the specified directory.
  * @param {string} baseDir - The base directory where to install the dependencies.
@@ -32,26 +32,23 @@ async function installDependencies(baseDir, dependencies, isDev = false) {
   });
 }
 const pinnedVersions = {
-  "@prisma/client": "^6.4.0",
-  "@prisma/internals": "^6.4.0",
-  "@tailwindcss/postcss": "^4.0.7",
+  "@tailwindcss/postcss": "^4.0.12",
   "@types/browser-sync": "^2.29.0",
-  "@types/node": "^22.13.4",
+  "@types/node": "^22.13.10",
   "@types/prompts": "^2.4.9",
-  autoprefixer: "^10.4.20",
   "browser-sync": "^3.0.3",
   chalk: "^5.4.1",
   "chokidar-cli": "^3.0.0",
+  cssnano: "^7.0.6",
   "http-proxy-middleware": "^3.0.3",
   "npm-run-all": "^4.1.5",
   "php-parser": "^3.2.2",
-  postcss: "^8.5.2",
+  postcss: "^8.5.3",
   "postcss-cli": "^11.0.0",
-  prisma: "^6.4.0",
   prompts: "^2.4.2",
-  tailwindcss: "^4.0.7",
+  tailwindcss: "^4.0.12",
   tsx: "^4.19.3",
-  typescript: "^5.7.3",
+  typescript: "^5.8.2",
 };
 function pkg(name) {
   return pinnedVersions[name] ? `${name}@${pinnedVersions[name]}` : name;
@@ -84,26 +81,28 @@ async function main() {
       }
       const currentDir = process.cwd();
       const configPath = path.join(currentDir, "prisma-php.json");
-      const localSettings = readJsonFile(configPath);
-      let excludeFiles = [];
-      localSettings.excludeFiles?.map((file) => {
-        const filePath = path.join(currentDir, file);
-        if (fs.existsSync(filePath))
-          excludeFiles.push(filePath.replace(/\\/g, "/"));
-      });
-      updateAnswer = {
-        projectName,
-        backendOnly: answer?.backendOnly ?? false,
-        swaggerDocs: answer?.swaggerDocs ?? false,
-        tailwindcss: answer?.tailwindcss ?? false,
-        websocket: answer?.websocket ?? false,
-        prisma: answer?.prisma ?? false,
-        docker: answer?.docker ?? false,
-        isUpdate: true,
-        excludeFiles: localSettings.excludeFiles ?? [],
-        excludeFilePath: excludeFiles ?? [],
-        filePath: currentDir,
-      };
+      if (fs.existsSync(configPath)) {
+        const localSettings = readJsonFile(configPath);
+        let excludeFiles = [];
+        localSettings.excludeFiles?.map((file) => {
+          const filePath = path.join(currentDir, file);
+          if (fs.existsSync(filePath))
+            excludeFiles.push(filePath.replace(/\\/g, "/"));
+        });
+        updateAnswer = {
+          projectName,
+          backendOnly: answer?.backendOnly ?? false,
+          swaggerDocs: answer?.swaggerDocs ?? false,
+          tailwindcss: answer?.tailwindcss ?? false,
+          websocket: answer?.websocket ?? false,
+          prisma: answer?.prisma ?? false,
+          docker: answer?.docker ?? false,
+          isUpdate: true,
+          excludeFiles: localSettings.excludeFiles ?? [],
+          excludeFilePath: excludeFiles ?? [],
+          filePath: currentDir,
+        };
+      }
     } else {
       answer = await getAnswer();
     }
@@ -124,10 +123,10 @@ async function main() {
           latestVersionOfCreatePrismaPhpApp
         ) === -1
       ) {
-        execSync(`npm uninstall -g create-prisma-php-app`, {
+        execSync("npm uninstall -g create-prisma-php-app", {
           stdio: "inherit",
         });
-        execSync(`npm install -g create-prisma-php-app`, {
+        execSync("npm install -g create-prisma-php-app", {
           stdio: "inherit",
         });
       }
@@ -156,40 +155,31 @@ async function main() {
       dependencies.push(pkg("swagger-jsdoc"), pkg("@types/swagger-jsdoc"));
     }
     if (answer.swaggerDocs && answer.prisma) {
-      dependencies.push(
-        pkg("prompts"),
-        pkg("@types/prompts"),
-        pkg("@prisma/internals")
-      );
+      dependencies.push(pkg("prompts"), pkg("@types/prompts"));
     }
     if (answer.tailwindcss) {
       dependencies.push(
         pkg("tailwindcss"),
         pkg("postcss"),
         pkg("postcss-cli"),
-        pkg("@tailwindcss/postcss")
+        pkg("@tailwindcss/postcss"),
+        pkg("cssnano")
       );
     }
     if (answer.websocket) {
       dependencies.push(pkg("chokidar-cli"));
     }
     if (answer.prisma) {
-      dependencies.push(
-        pkg("prisma"),
-        pkg("@prisma/client"),
-        pkg("@prisma/internals")
-      );
       execSync("npm install -g prisma-client-php", { stdio: "inherit" });
     }
     await installDependencies(projectPath, dependencies, true);
     if (!projectName) {
-      execSync(`npx tsc --init`, { stdio: "inherit" });
+      execSync("npx tsc --init", { stdio: "inherit" });
     }
+    await createDirectoryStructure(projectPath, answer);
     if (answer.prisma) {
-      if (!fs.existsSync(path.join(projectPath, "prisma")))
-        execSync(`npx prisma init`, { stdio: "inherit" });
+      execSync("npx ppo init --prisma-php", { stdio: "inherit" });
     }
-    await createDirectoryStructure(projectPath, answer);
     if (answer.swaggerDocs) {
       const swaggerDocsPath = path.join(
         projectPath,
@@ -264,8 +254,7 @@ async function main() {
           "swagger-jsdoc",
           "@types/swagger-jsdoc",
           "prompts",
-          "@types/prompts",
-          "@prisma/internals"
+          "@types/prompts"
         );
       }
       if (!updateAnswer.tailwindcss) {
@@ -283,7 +272,8 @@ async function main() {
           "tailwindcss",
           "postcss",
           "postcss-cli",
-          "@tailwindcss/postcss"
+          "@tailwindcss/postcss",
+          "cssnano"
         );
       }
       if (!updateAnswer.websocket) {

package/dist/postcss.config.js

@@ -1,5 +1,6 @@
 export default {
   plugins: {
     "@tailwindcss/postcss": {},
+    cssnano: {},
   },
 };

package/dist/src/Lib/AI/ChatGPTClient.php

@@ -16,7 +16,7 @@ class ChatGPTClient
     private string $apiKey = '';
     private array $cache = [];
 
-    public function __construct(Client $client = null)
+    public function __construct(?Client $client = null)
     {
         // Initialize the Guzzle HTTP client, allowing for dependency injection
         $this->client = $client ?: new Client();

package/dist/src/Lib/Auth/Auth.php

@@ -12,6 +12,9 @@ use Lib\Validator;
 use GuzzleHttp\Client;
 use GuzzleHttp\Exception\RequestException;
 use Lib\Request;
+use Exception;
+use InvalidArgumentException;
+use ArrayObject;
 
 class Auth
 {
@@ -70,14 +73,14 @@ class Auth
      *   try {
      *       $jwt = $auth->signIn('Admin', '1h');
      *       echo "JWT: " . $jwt;
-     *   } catch (\InvalidArgumentException $e) {
+     *   } catch (InvalidArgumentException $e) {
      *       echo "Error: " . $e->getMessage();
      *   }
      */
-    public function signIn($data, string $tokenValidity = null): string
+    public function signIn($data, ?string $tokenValidity = null): string
     {
         if (!$this->secretKey) {
-            throw new \InvalidArgumentException("Secret key is required for authentication.");
+            throw new InvalidArgumentException("Secret key is required for authentication.");
         }
 
         $expirationTime = $this->calculateExpirationTime($tokenValidity ?? $this->defaultTokenValidity);
@@ -131,6 +134,10 @@ class Auth
             return false;
         }
 
+        if (!isset($_SESSION[self::PAYLOAD_SESSION_KEY])) {
+            return false;
+        }
+
         return true;
     }
 
@@ -158,11 +165,11 @@ class Auth
                 case 'd':
                     return new DateInterval("P{$value}D");
                 default:
-                    throw new \InvalidArgumentException("Invalid duration format: {$duration}");
+                    throw new InvalidArgumentException("Invalid duration format: {$duration}");
             }
         }
 
-        throw new \InvalidArgumentException("Invalid duration format: {$duration}");
+        throw new InvalidArgumentException("Invalid duration format: {$duration}");
     }
 
     /**
@@ -190,7 +197,7 @@ class Auth
             }
 
             return $token;
-        } catch (\Exception) {
+        } catch (Exception) {
             return null;
         }
     }
@@ -210,12 +217,12 @@ class Auth
      * 
      * @throws InvalidArgumentException Thrown if the token is invalid.
      */
-    public function refreshToken(string $jwt, string $tokenValidity = null): string
+    public function refreshToken(string $jwt, ?string $tokenValidity = null): string
     {
         $decodedToken = $this->verifyToken($jwt);
 
         if (!$decodedToken) {
-            throw new \InvalidArgumentException("Invalid token.");
+            throw new InvalidArgumentException("Invalid token.");
         }
 
         $expirationTime = $this->calculateExpirationTime($tokenValidity ?? $this->defaultTokenValidity);
@@ -256,7 +263,7 @@ class Auth
      * 
      * @return void
      */
-    public function signOut(string $redirect = null)
+    public function signOut(?string $redirect = null)
     {
         if (isset($_COOKIE[self::COOKIE_NAME])) {
             unset($_COOKIE[self::COOKIE_NAME]);
@@ -282,7 +289,7 @@ class Auth
     {
         if (isset($_SESSION[self::PAYLOAD_SESSION_KEY])) {
             $value = $_SESSION[self::PAYLOAD_SESSION_KEY][self::PAYLOAD_NAME];
-            return is_array($value) ? new \ArrayObject($value, \ArrayObject::ARRAY_AS_PROPS) : $value;
+            return is_array($value) ? new ArrayObject($value, ArrayObject::ARRAY_AS_PROPS) : $value;
         }
 
         return null;
@@ -317,7 +324,7 @@ class Auth
     private function findProvider(array $providers, string $type): ?object
     {
         foreach ($providers as $provider) {
-            if ($provider instanceof $type) {
+            if (is_object($provider) && get_class($provider) === $type) {
                 return $provider;
             }
         }

package/dist/src/Lib/Auth/AuthConfig.php

@@ -4,6 +4,8 @@ declare(strict_types=1);
 
 namespace Lib\Auth;
 
+use ArrayObject;
+
 enum AuthRole: string
 {
     case Admin = 'Admin';
@@ -67,13 +69,13 @@ final class AuthConfig
     /**
      * Checks if the given user role is authorized to access a set of roles.
      * 
-     * @param \ArrayObject|string $userRole The user's role to check.
+     * @param ArrayObject|string $userRole The user's role to check.
      * @param array<AuthRole> $roles An array of AuthRole instances specifying allowed roles.
      * @return bool Returns true if the user's role matches any of the allowed roles, false otherwise.
      */
-    public static function checkAuthRole(\ArrayObject|string $userRole, array $roles): bool
+    public static function checkAuthRole(ArrayObject|string $userRole, array $roles): bool
     {
-        if ($userRole instanceof \ArrayObject) {
+        if ($userRole instanceof ArrayObject) {
             $userRole = $userRole[Auth::ROLE_NAME] ?? '';
         }
 

package/dist/src/Lib/ErrorHandler.php

@@ -93,6 +93,9 @@ class ErrorHandler
         }
 
         if ($errorFileExists) {
+            if (ob_get_level()) {
+                ob_end_clean();
+            }
             self::$content = $contentToAdd;
             if (Bootstrap::isAjaxOrXFileRequestOrRouteFile()) {
                 header('Content-Type: application/json');

package/dist/src/Lib/PHPMailer/Mailer.php

@@ -38,7 +38,8 @@ class Mailer
      * @param string $to The recipient's email address.
      * @param string $subject The subject of the email.
      * @param string $body The HTML body of the email.
-     * @param array $options (optional) Additional email options like name, altBody, CC, and BCC.
+     * @param array $options (optional) Additional email options like name, altBody, CC, BCC, and attachments.
+     *                       - attachments: A string or an array of file paths, or an array of associative arrays with keys 'path' and 'name'.
      *
      * @return bool Returns true if the email is sent successfully, false otherwise.
      *
@@ -50,7 +51,7 @@ class Mailer
             // Validate and sanitize inputs
             $to = Validator::email($to);
             if (!$to) {
-                throw new \Exception('Invalid email address for the main recipient');
+                throw new Exception('Invalid email address for the main recipient');
             }
 
             $subject = Validator::string($subject);
@@ -60,6 +61,7 @@ class Mailer
             $name = $options['name'] ?? '';
             $addCC = $options['addCC'] ?? [];
             $addBCC = $options['addBCC'] ?? [];
+            $attachments = $options['attachments'] ?? [];
 
             $name = Validator::string($name);
 
@@ -67,6 +69,10 @@ class Mailer
             $this->handleRecipients($addCC, 'CC');
             // Handle BCC recipients
             $this->handleRecipients($addBCC, 'BCC');
+            // Handle file attachments if provided
+            if (!empty($attachments)) {
+                $this->handleAttachments($attachments);
+            }
 
             // Set the main recipient and other email properties
             $this->mail->addAddress($to, $name);
@@ -77,8 +83,8 @@ class Mailer
 
             // Send the email
             return $this->mail->send();
-        } catch (\Exception $e) {
-            throw new \Exception($e->getMessage());
+        } catch (Exception $e) {
+            throw new Exception($e->getMessage());
         }
     }
 
@@ -101,7 +107,7 @@ class Mailer
                     if ($recipient) {
                         $this->mail->{$method}($recipient);
                     } else {
-                        throw new \Exception("Invalid email address in $type");
+                        throw new Exception("Invalid email address in $type");
                     }
                 }
             } else {
@@ -109,12 +115,47 @@ class Mailer
                 if ($recipient) {
                     $this->mail->{$method}($recipient);
                 } else {
-                    throw new \Exception("Invalid email address in $type");
+                    throw new Exception("Invalid email address in $type");
                 }
             }
         }
     }
 
+    /**
+     * Handle adding file attachments.
+     *
+     * @param string|array $attachments File path(s) to attach.
+     *                                  You can pass a string for a single file or an array of file paths.
+     *                                  Alternatively, each attachment can be an array with keys 'path' and 'name' for custom naming.
+     *
+     * @throws Exception Throws an exception if any attachment file is not found.
+     */
+    private function handleAttachments(string|array $attachments): void
+    {
+        if (is_array($attachments)) {
+            foreach ($attachments as $attachment) {
+                if (is_array($attachment)) {
+                    $file = $attachment['path'] ?? null;
+                    $name = $attachment['name'] ?? '';
+                    if (!$file || !file_exists($file)) {
+                        throw new Exception("Attachment file does not exist: " . ($file ?? 'unknown'));
+                    }
+                    $this->mail->addAttachment($file, $name);
+                } else {
+                    if (!file_exists($attachment)) {
+                        throw new Exception("Attachment file does not exist: $attachment");
+                    }
+                    $this->mail->addAttachment($attachment);
+                }
+            }
+        } else {
+            if (!file_exists($attachments)) {
+                throw new Exception("Attachment file does not exist: $attachments");
+            }
+            $this->mail->addAttachment($attachments);
+        }
+    }
+
     /**
      * Convert HTML content to plain text.
      *

package/dist/src/Lib/PHPX/TwMerge.php

@@ -167,6 +167,20 @@ class TwMerge
                     $splitClasses = preg_split("/\s+/", $item);
                     foreach ($splitClasses as $individualClass) {
                         $classKey = self::getClassGroup($individualClass);
+
+                        // If the class is non-responsive (no colon), remove any responsive variants for the same base
+                        if (strpos($classKey, ':') === false) {
+                            // The base group is the class key itself (e.g. "justify")
+                            $baseGroup = $classKey;
+                            // Remove any entries that end with the same base group but have a prefix (e.g. "sm:justify")
+                            foreach ($classArray as $existingKey => $existingClass) {
+                                if ($existingKey !== $baseGroup && substr($existingKey, -strlen($baseGroup)) === $baseGroup) {
+                                    unset($classArray[$existingKey]);
+                                }
+                            }
+                        }
+
+                        // Get the conflicting keys and remove them
                         $conflictingKeys = self::getConflictingKeys($classKey);
 
                         // Remove any conflicting classes