create-prisma-php-app 4.4.4-beta → 4.4.4

package/dist/src/Lib/Auth/Auth.php

@@ -15,11 +15,12 @@ use PP\Request;
 use Exception;
 use InvalidArgumentException;
 use ArrayObject;
+use PP\Env;
 
 class Auth
 {
     public const PAYLOAD_NAME = 'payload_name_8639D';
-    public const ROLE_NAME = '';
+    public const ROLE_NAME = 'role';
     public const PAYLOAD_SESSION_KEY = 'payload_session_key_2183A';
 
     public static string $cookieName = '';
@@ -27,23 +28,14 @@ class Auth
     private static ?Auth $instance = null;
     private const PPAUTH = 'ppauth';
     private string $secretKey;
-    private string $defaultTokenValidity = '1h'; // Default to 1 hour
+    private string $defaultTokenValidity = AuthConfig::DEFAULT_TOKEN_VALIDITY;
 
-    /**
-     * Private constructor to prevent direct instantiation.
-     * Use Auth::getInstance() to get the singleton instance.
-     */
     private function __construct()
     {
-        $this->secretKey = $_ENV['AUTH_SECRET'] ?? 'CD24eEv4qbsC5LOzqeaWbcr58mBMSvA4Mkii8GjRiHkt';
+        $this->secretKey = Env::string('AUTH_SECRET', 'CD24eEv4qbsC5LOzqeaWbcr58mBMSvA4Mkii8GjRiHkt');
         self::$cookieName = self::getCookieName();
     }
 
-    /**
-     * Returns the singleton instance of the Auth class.
-     * 
-     * @return Auth The singleton instance.
-     */
     public static function getInstance(): Auth
     {
         if (self::$instance === null) {
@@ -53,33 +45,20 @@ class Auth
     }
 
     /**
-     * Authenticates a user and generates a JWT (JSON Web Token) based on the specified user data
-     * and token validity duration. The method first checks if the secret key is set, calculates
-     * the token's expiration time, sets the necessary payload, and encodes it into a JWT.
-     * If possible (HTTP headers not yet sent), it also sets cookies with the JWT for client-side storage.
+     * Authenticates a user and generates a JWT.
+     * Optionally redirects the user to a default or custom URL.
      *
-     * @param mixed $data User data which can be a simple string or an instance of AuthRole.
-     *                    If an instance of AuthRole is provided, its `value` property will be used as the role in the token.
-     * @param string|null $tokenValidity Optional parameter specifying the duration the token is valid for (e.g., '10m', '1h').
-     *                                   If null, the default validity period set in the class property is used, which is 1 hour.
-     *                                   The format should be a number followed by a time unit ('s' for seconds, 'm' for minutes,
-     *                                   'h' for hours, 'd' for days), and this is parsed to calculate the exact expiration time.
+     * @param mixed $data User data (string or AuthRole).
+     * @param string|null $tokenValidity Duration token is valid for (e.g., '1h'). Default is '1h'.
+     * @param bool|string $redirect 
+     * - If `false` (default): No redirect occurs; returns the JWT.
+     * - If `true`: Redirects to `AuthConfig::DEFAULT_SIGNIN_REDIRECT`.
+     * - If `string`: Redirects to the specified URL (e.g., '/dashboard').
      *
      * @return string Returns the encoded JWT as a string.
-     *
-     * @throws InvalidArgumentException Thrown if the secret key is not set or if the duration format is invalid.
-     *
-     * Example:
-     *   $auth = Auth::getInstance();
-     *   $auth->setSecretKey('your_secret_key');
-     *   try {
-     *       $jwt = $auth->signIn('Admin', '1h');
-     *       echo "JWT: " . $jwt;
-     *   } catch (InvalidArgumentException $e) {
-     *       echo "Error: " . $e->getMessage();
-     *   }
+     * @throws InvalidArgumentException
      */
-    public function signIn($data, ?string $tokenValidity = null): string
+    public function signIn($data, ?string $tokenValidity = null, bool|string $redirect = false): string
     {
         if (!$this->secretKey) {
             throw new InvalidArgumentException("Secret key is required for authentication.");
@@ -96,14 +75,20 @@ class Auth
             'exp' => $expirationTime,
         ];
 
-        // Set the payload in the session
         $_SESSION[self::PAYLOAD_SESSION_KEY] = $payload;
 
-        // Encode the JWT
         $jwt = JWT::encode($payload, $this->secretKey, 'HS256');
 
         if (!headers_sent()) {
             $this->setCookies($jwt, $expirationTime);
+
+            $this->rotateCsrfToken();
+        }
+
+        if ($redirect === true) {
+            Request::redirect(AuthConfig::DEFAULT_SIGNIN_REDIRECT);
+        } elseif (is_string($redirect) && !empty($redirect)) {
+            Request::redirect($redirect);
         }
 
         return $jwt;
@@ -184,21 +169,14 @@ class Auth
     public function verifyToken(?string $jwt): ?object
     {
         try {
-            if (!$jwt) {
-                return null;
-            }
+            if (!$jwt) return null;
 
             $token = JWT::decode($jwt, new Key($this->secretKey, 'HS256'));
 
-            if (empty($token->{Auth::PAYLOAD_NAME})) {
-                return null;
-            }
-
-            if (isset($token->exp) && time() >= $token->exp) {
-                return null;
-            }
+            if (empty($token->{Auth::PAYLOAD_NAME})) return null;
+            if (isset($token->exp) && time() >= $token->exp) return null;
 
-            return $token;
+            return $token->{Auth::PAYLOAD_NAME};
         } catch (Exception) {
             return null;
         }
@@ -211,9 +189,9 @@ class Auth
      * 
      * @param string $jwt The JWT token to refresh.
      * @param string|null $tokenValidity Optional parameter specifying the duration the token is valid for (e.g., '10m', '1h').
-     *                                   If null, the default validity period set in the class property is used.
-     *                                   The format should be a number followed by a time unit ('s' for seconds, 'm' for minutes,
-     *                                   'h' for hours, 'd' for days), and this is parsed to calculate the exact expiration time.
+     * If null, the default validity period set in the class property is used.
+     * The format should be a number followed by a time unit ('s' for seconds, 'm' for minutes,
+     * 'h' for hours, 'd' for days), and this is parsed to calculate the exact expiration time.
      * 
      * @return string Returns the refreshed JWT as a string.
      * 
@@ -221,16 +199,20 @@ class Auth
      */
     public function refreshToken(string $jwt, ?string $tokenValidity = null): string
     {
-        $decodedToken = $this->verifyToken($jwt);
+        $decodedData = $this->verifyToken($jwt);
 
-        if (!$decodedToken) {
+        if (!$decodedData) {
             throw new InvalidArgumentException("Invalid token.");
         }
 
         $expirationTime = $this->calculateExpirationTime($tokenValidity ?? $this->defaultTokenValidity);
 
-        $decodedToken->exp = $expirationTime;
-        $newJwt = JWT::encode((array)$decodedToken, $this->secretKey, 'HS256');
+        $payload = [
+            self::PAYLOAD_NAME => $decodedData,
+            'exp' => $expirationTime,
+        ];
+
+        $newJwt = JWT::encode($payload, $this->secretKey, 'HS256');
 
         if (!headers_sent()) {
             $this->setCookies($newJwt, $expirationTime);
@@ -239,18 +221,62 @@ class Auth
         return $newJwt;
     }
 
+    /**
+     * Refreshes the current user's session if the provided User ID matches the currently authenticated user.
+     * This allows silent updates of permissions or profile data without requiring a logout.
+     * @param string $targetUserId The ID of the user being updated.
+     * @param mixed $newUserData The fresh user object (e.g. from Prisma) to replace the session payload.
+     * @return bool Returns true if the session was updated, false if the IDs did not match or no session exists.
+     */
+    public function refreshUserSession(string $targetUserId, mixed $newUserData): bool
+    {
+        $currentUser = $this->getPayload();
+
+        if ($currentUser && isset($currentUser->id) && $currentUser->id === $targetUserId) {
+            $this->signIn($newUserData, null, false);
+            return true;
+        }
+
+        return false;
+    }
+
     protected function setCookies(string $jwt, int $expirationTime)
     {
         if (!headers_sent()) {
             setcookie(self::$cookieName, $jwt, [
                 'expires' => $expirationTime,
-                'path' => '/', // Set the path to '/' to make the cookie available site-wide
-                'domain' => '', // Specify your domain
-                'secure' => true, // Set to true if using HTTPS
-                'httponly' => true, // Prevent JavaScript access to the cookie
-                'samesite' => 'Lax', // or 'Strict' depending on your requirements
+                'path' => '/',
+                'domain' => '',
+                'secure' => true,
+                'httponly' => true,
+                'samesite' => 'Lax',
+            ]);
+        }
+    }
+
+    public function rotateCsrfToken(): void
+    {
+        $secret = Env::string('FUNCTION_CALL_SECRET', '');
+
+        if (empty($secret)) {
+            return;
+        }
+
+        $nonce = bin2hex(random_bytes(16));
+        $signature = hash_hmac('sha256', $nonce, $secret);
+        $token = $nonce . '.' . $signature;
+
+        if (!headers_sent()) {
+            setcookie('prisma_php_csrf', $token, [
+                'expires'  => time() + 3600, // 1 hour validity
+                'path'     => '/',
+                'secure'   => true,
+                'httponly' => false, // Must be FALSE so client JS can read it
+                'samesite' => 'Lax',
             ]);
         }
+
+        $_COOKIE['prisma_php_csrf'] = $token;
     }
 
     /**
@@ -260,7 +286,7 @@ class Auth
      * @param string|null $redirect Optional parameter specifying the URL to redirect to after logging out.
      * 
      * Example:
-     *  $auth = Auth::getInstance();
+     * $auth = Auth::getInstance();
      * $auth->signOut('/login');
      * 
      * @return void
@@ -276,6 +302,8 @@ class Auth
             unset($_SESSION[self::PAYLOAD_SESSION_KEY]);
         }
 
+        $this->rotateCsrfToken();
+
         if ($redirect) {
             Request::redirect($redirect);
         }
@@ -342,8 +370,8 @@ class Auth
      * @param mixed ...$providers An array of provider objects such as GoogleProvider or GithubProvider.
      * 
      * Example:
-     *   $auth = Auth::getInstance();
-     *   $auth->authProviders(new GoogleProvider('client_id', 'client_secret', 'redirect_uri'));
+     * $auth = Auth::getInstance();
+     * $auth->authProviders(new GoogleProvider('client_id', 'client_secret', 'redirect_uri'));
      */
     public function authProviders(...$providers)
     {
@@ -519,7 +547,7 @@ class Auth
 
     private static function getCookieName(): string
     {
-        $authCookieName = $_ENV['AUTH_COOKIE_NAME'] ?? 'auth_cookie_name_d36e5';
+        $authCookieName = Env::string('AUTH_COOKIE_NAME', 'auth_cookie_name_d36e5');
         return strtolower(preg_replace('/\s+/', '_', trim($authCookieName)));
     }
 }

package/dist/src/Lib/Auth/AuthConfig.php

@@ -23,6 +23,7 @@ final class AuthConfig
     public const IS_ROLE_BASE = false;
     public const IS_TOKEN_AUTO_REFRESH = false;
     public const IS_ALL_ROUTES_PRIVATE = false;
+    public const DEFAULT_TOKEN_VALIDITY = "1h"; // Default to 1 hour
 
     /**
      * This is the (default) option for authentication. If IS_ALL_ROUTES_PRIVATE is set to false, 

package/dist/src/Lib/MCP/mcp-server.php

@@ -12,20 +12,21 @@ use Dotenv\Dotenv;
 use PhpMcp\Server\Server;
 use PhpMcp\Server\Transports\StreamableHttpServerTransport;
 use Throwable;
+use PP\Env;
 
 // ── Load .env (optional) and timezone ──────────────────────────────────────────
 if (file_exists(DOCUMENT_PATH . '/.env')) {
     Dotenv::createImmutable(DOCUMENT_PATH)->safeLoad();
 }
-date_default_timezone_set($_ENV['APP_TIMEZONE'] ?? 'UTC');
+date_default_timezone_set(Env::string('APP_TIMEZONE', 'UTC'));
 
 // ── Resolve settings (with sane defaults) ─────────────────────────────────────
-$appName    = $_ENV['MCP_NAME']         ?? 'prisma-php-mcp';
-$appVersion = $_ENV['MCP_VERSION']      ?? '0.0.1';
-$host       = $_ENV['MCP_HOST']         ?? '127.0.0.1';
-$port       = (int)($_ENV['MCP_PORT']   ?? 4000);
-$prefix     = trim($_ENV['MCP_PATH_PREFIX'] ?? 'mcp', '/');
-$enableJson = filter_var($_ENV['MCP_JSON_RESPONSE'] ?? 'false', FILTER_VALIDATE_BOOLEAN);
+$appName    = Env::string('MCP_NAME', 'prisma-php-mcp');
+$appVersion = Env::string('MCP_VERSION', '0.0.1');
+$host       = Env::string('MCP_HOST', '127.0.0.1');
+$port       = Env::int('MCP_PORT', 4000);
+$prefix     = trim(Env::string('MCP_PATH_PREFIX', 'mcp'), '/');
+$enableJson = Env::bool('MCP_JSON_RESPONSE', false);
 
 // ── Build server and discover tools ───────────────────────────────────────────
 $server = Server::make()

package/dist/src/Lib/Middleware/AuthMiddleware.php

@@ -7,6 +7,7 @@ namespace Lib\Middleware;
 use Lib\Auth\Auth;
 use Lib\Auth\AuthConfig;
 use PP\Request;
+use Throwable;
 
 final class AuthMiddleware
 {
@@ -24,9 +25,18 @@ final class AuthMiddleware
             // Check if the user is authenticated and refresh the token if necessary
             if (AuthConfig::IS_TOKEN_AUTO_REFRESH) {
                 $auth = Auth::getInstance();
-                if (isset($_COOKIE[Auth::$cookieName])) {
-                    $jwt = $_COOKIE[Auth::$cookieName];
-                    $jwt = $auth->refreshToken($jwt);
+
+                $jwt = $_COOKIE[Auth::$cookieName] ?? Request::getBearerToken();
+
+                if ($jwt) {
+                    try {
+                        $newJwt = $auth->refreshToken($jwt);
+                        if (!isset($_COOKIE[Auth::$cookieName])) {
+                            header('Authorization: Bearer ' . $newJwt);
+                            header('X-Refreshed-Token: ' . $newJwt);
+                        }
+                    } catch (Throwable) {
+                    }
                 }
             }
 
@@ -89,29 +99,35 @@ final class AuthMiddleware
     protected static function isAuthorized(): bool
     {
         $auth = Auth::getInstance();
-        if (!isset($_COOKIE[Auth::$cookieName])) {
-            unset($_SESSION[Auth::PAYLOAD_SESSION_KEY]);
+        $jwt = $_COOKIE[Auth::$cookieName] ?? Request::getBearerToken();
+
+        if (!$jwt) {
+            if (isset($_SESSION[Auth::PAYLOAD_SESSION_KEY])) {
+                unset($_SESSION[Auth::PAYLOAD_SESSION_KEY]);
+            }
             return false;
         }
 
-        $jwt = $_COOKIE[Auth::$cookieName];
-
         if (AuthConfig::IS_TOKEN_AUTO_REFRESH) {
-            $jwt = $auth->refreshToken($jwt);
-            $verifyToken = $auth->verifyToken($jwt);
+            try {
+                $jwt = $auth->refreshToken($jwt);
+
+                if (!isset($_COOKIE[Auth::$cookieName]) && !headers_sent()) {
+                    header('Authorization: Bearer ' . $jwt);
+                    header('X-Refreshed-Token: ' . $jwt);
+                }
+            } catch (Throwable) {
+                return false;
+            }
         }
 
         $verifyToken = $auth->verifyToken($jwt);
+
         if ($verifyToken === false) {
             return false;
         }
 
-        // Access the PAYLOAD_NAME property using the -> operator instead of array syntax
-        if (isset($verifyToken->{Auth::PAYLOAD_NAME})) {
-            return true;
-        }
-
-        return false;
+        return isset($verifyToken->{Auth::PAYLOAD_NAME});
     }
 
     protected static function hasRequiredRole(string $requestPathname): string

package/dist/src/Lib/Middleware/CorsMiddleware.php

@@ -4,6 +4,8 @@ declare(strict_types=1);
 
 namespace Lib\Middleware;
 
+use PP\Env;
+
 final class CorsMiddleware
 {
     public static function handle(?array $overrides = null): void
@@ -58,14 +60,14 @@ final class CorsMiddleware
 
     private static function buildConfig(?array $overrides): array
     {
-        $allowed = self::parseList($_ENV['CORS_ALLOWED_ORIGINS'] ?? '');
+        $allowed = self::parseList(Env::string('CORS_ALLOWED_ORIGINS', ''));
         $cfg = [
             'allowedOrigins'   => $allowed,
-            'allowCredentials' => filter_var($_ENV['CORS_ALLOW_CREDENTIALS'] ?? 'false', FILTER_VALIDATE_BOOLEAN),
-            'allowedMethods'   => $_ENV['CORS_ALLOWED_METHODS'] ?? 'GET, POST, PUT, PATCH, DELETE, OPTIONS',
-            'allowedHeaders'   => trim($_ENV['CORS_ALLOWED_HEADERS'] ?? ''),
-            'exposeHeaders'    => trim($_ENV['CORS_EXPOSE_HEADERS'] ?? ''),
-            'maxAge'           => (int)($_ENV['CORS_MAX_AGE'] ?? 86400),
+            'allowCredentials' => Env::bool('CORS_ALLOW_CREDENTIALS', false),
+            'allowedMethods'   => Env::string('CORS_ALLOWED_METHODS', 'GET, POST, PUT, PATCH, DELETE, OPTIONS'),
+            'allowedHeaders'   => trim(Env::string('CORS_ALLOWED_HEADERS', '')),
+            'exposeHeaders'    => trim(Env::string('CORS_EXPOSE_HEADERS', '')),
+            'maxAge'           => Env::int('CORS_MAX_AGE', 86400),
         ];
 
         if (is_array($overrides)) {

package/dist/src/Lib/Websocket/ConnectionManager.php

@@ -15,12 +15,12 @@ class ConnectionManager implements MessageComponentInterface
 
     public function __construct()
     {
-        $this->clients = new SplObjectStorage;
+        $this->clients = new SplObjectStorage();
     }
 
     public function onOpen(ConnectionInterface $conn): void
     {
-        $this->clients->attach($conn);
+        $this->clients->offsetSet($conn, true);
         echo "New connection! ({$conn->resourceId})";
     }
 
@@ -35,7 +35,7 @@ class ConnectionManager implements MessageComponentInterface
 
     public function onClose(ConnectionInterface $conn): void
     {
-        $this->clients->detach($conn);
+        $this->clients->offsetUnset($conn);
         echo "Connection {$conn->resourceId} has disconnected";
     }
 

package/dist/src/Lib/Websocket/websocket-server.php

@@ -15,14 +15,15 @@ use Ratchet\WebSocket\WsServer;
 use Lib\Websocket\ConnectionManager;
 use React\EventLoop\LoopInterface;
 use Throwable;
+use PP\Env;
 
 // ── Load .env (optional) and timezone ─────────────────────────────────────────
 if (file_exists(DOCUMENT_PATH . '/.env')) {
     Dotenv::createImmutable(DOCUMENT_PATH)->safeLoad();
 }
-date_default_timezone_set($_ENV['APP_TIMEZONE'] ?? 'UTC');
+date_default_timezone_set(Env::string('APP_TIMEZONE', 'UTC'));
 
-// ── Tiny argv parser: allows --host=0.0.0.0 --port=8080 ──────────────────────
+// ── Tiny argv parser: allows --host=0.0.0.0 --port=9001 ──────────────────────
 $cli = [];
 foreach ($argv ?? [] as $arg) {
     if (preg_match('/^--([^=]+)=(.*)$/', $arg, $m)) {
@@ -31,11 +32,11 @@ foreach ($argv ?? [] as $arg) {
 }
 
 // ── Resolve settings (env → cli defaults) ────────────────────────────────────
-$appName = $_ENV['WS_NAME']       ?? 'prisma-php-ws';
-$appVer  = $_ENV['WS_VERSION']    ?? '0.0.1';
-$host    = $cli['host']           ?? ($_ENV['WS_HOST'] ?? '127.0.0.1');
-$port    = (int)($cli['port']     ?? ($_ENV['WS_PORT'] ?? 8080));
-$verbose = filter_var($cli['verbose'] ?? ($_ENV['WS_VERBOSE'] ?? 'true'), FILTER_VALIDATE_BOOLEAN);
+$appName = Env::string('WS_NAME', 'prisma-php-ws');
+$appVer  = Env::string('WS_VERSION', '0.0.1');
+$host    = $cli['host']           ?? Env::string('WS_HOST', '127.0.0.1');
+$port    = (int)($cli['port']     ?? Env::int('WS_PORT', 9001));
+$verbose = filter_var($cli['verbose'] ?? Env::bool('WS_VERBOSE', true), FILTER_VALIDATE_BOOLEAN);
 
 // ── Console helpers ──────────────────────────────────────────────────────────
 $color = static fn(string $t, string $c) => "\033[{$c}m{$t}\033[0m";

package/dist/src/app/index.php

@@ -8,7 +8,7 @@
         <ol class="list-inside list-decimal text-sm/6 text-center sm:text-left">
             <li class="mb-2 tracking-[-.01em]">
                 Get started by editing
-                <code class="bg-text-foreground/[.05] dark:bg-white/[.06] px-1 py-0.5 rounded font-semibold">
+                <code class="bg-text-foreground/[.05] dark:bg-white/6 px-1 py-0.5 rounded font-semibold">
                     src/app/index.php
                 </code>
                 .
@@ -46,7 +46,7 @@
         </div>
     </main>
 
-    <footer class="row-start-3 flex gap-[24px] flex-wrap items-center justify-center">
+    <footer class="row-start-3 flex gap-6 flex-wrap items-center justify-center">
         <a
             class="flex items-center gap-2 hover:underline hover:underline-offset-4"
             href="https://prismaphp.tsnc.tech/docs?doc=learning-path"

package/dist/src/app/layout.php

@@ -15,7 +15,7 @@ MainLayout::$description = !empty(MainLayout::$description) ? MainLayout::$descr
     <!-- Dynamic Header Scripts -->
 </head>
 
-<body pp-spa="true">
+<body pp-spa="true" style="opacity:0;pointer-events:none;user-select:none;transition:opacity .18s ease-out;">
     <?= MainLayout::$children; ?>
     <!-- Dynamic Footer Scripts -->
 </body>

package/dist/src/app/not-found.php

@@ -1,7 +1,7 @@
-<div class="flex flex-col min-h-[100vh] items-center justify-center space-y-4 text-center">
+<div class="flex flex-col min-h-screen items-center justify-center space-y-4 text-center">
     <div class="space-y-2">
         <h1 class="text-4xl font-bold tracking-tighter sm:text-5xl md:text-6xl">404 Not Found</h1>
-        <p class="max-w-[600px] text-gray-500 md:text-xl/relaxed lg:text-base/relaxed xl:text-xl/relaxed dark:text-gray-400">
+        <p class="max-w-150 text-gray-500 md:text-xl/relaxed lg:text-base/relaxed xl:text-xl/relaxed dark:text-gray-400">
             Sorry, we couldn't find the page you're looking for.
         </p>
     </div>

package/dist/tsconfig.json

@@ -106,6 +106,6 @@
     // "skipDefaultLibCheck": true,                      /* Skip type checking .d.ts files that are included with TypeScript. */
     "skipLibCheck": true /* Skip type checking all .d.ts files. */
   },
-  "include": ["**/*.ts"],
+    "include": ["**/*.ts", ".pp/**/*.d.ts"],
   "exclude": ["node_modules", "vendor"]
 }

package/dist/vite.config.ts

@@ -2,6 +2,7 @@ import { defineConfig, Plugin } from "vite";
 import path from "path";
 import fg from "fast-glob";
 import { writeFileSync } from "fs";
+import { generateGlobalTypes } from "./settings/vite-plugins/generate-global-types.js";
 
 const entries = Object.fromEntries(
   fg.sync("ts/**/*.ts", { ignore: ["**/*.test.ts"] }).map((f) => {
@@ -10,6 +11,13 @@ const entries = Object.fromEntries(
   })
 );
 
+const VITE_WATCH_EXCLUDE = [
+  "public/js/**",
+  "node_modules/**",
+  "vendor/**",
+  ".pp/**",
+];
+
 function browserSyncNotify(): Plugin {
   const flagFile = path.resolve(__dirname, ".pp", ".vite-build-complete");
 
@@ -28,9 +36,10 @@ export default defineConfig(({ command, mode }) => ({
     emptyOutDir: false,
     minify: "esbuild",
     sourcemap: false,
+    chunkSizeWarningLimit: 1000,
     watch:
       command === "build" && mode === "development"
-        ? { exclude: ["public/**", "node_modules/**"] }
+        ? { exclude: VITE_WATCH_EXCLUDE }
         : undefined,
     rollupOptions: {
       input: entries,
@@ -39,11 +48,24 @@ export default defineConfig(({ command, mode }) => ({
         entryFileNames: "[name].js",
         chunkFileNames: "chunks/[name]-[hash].js",
         assetFileNames: "assets/[name]-[hash][extname]",
+        manualChunks(id) {
+          if (id.includes("node_modules")) {
+            return id
+              .toString()
+              .split("node_modules/")[1]
+              .split("/")[0]
+              .toString();
+          }
+        },
       },
     },
   },
-  plugins:
-    command === "build" && mode === "development" ? [browserSyncNotify()] : [],
+  plugins: [
+    generateGlobalTypes(),
+    ...(command === "build" && mode === "development"
+      ? [browserSyncNotify()]
+      : []),
+  ],
   esbuild: { legalComments: "none" },
   define: { "process.env.NODE_ENV": '"production"' },
 }));

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-prisma-php-app",
-  "version": "4.4.4-beta",
+  "version": "4.4.4",
   "description": "Prisma-PHP: A Revolutionary Library Bridging PHP with Prisma ORM",
   "main": "dist/index.js",
   "type": "module",
@@ -32,15 +32,15 @@
   "author": "Jefferson Abraham Omier <thesteelninjacode@gmail.com>",
   "license": "MIT",
   "dependencies": {
-    "chalk": "^5.3.0",
+    "chalk": "^5.6.2",
     "crypto-js": "^4.2.0",
     "prompts": "^2.4.2"
   },
   "devDependencies": {
     "@types/crypto-js": "^4.2.2",
-    "@types/node": "^20.11.7",
+    "@types/node": "^25.0.3",
     "@types/prompts": "^2.4.9",
     "ts-node": "^10.9.2",
-    "typescript": "^5.3.3"
+    "typescript": "^5.9.3"
   }
 }