npm - create-tigra - Versions diffs - 1.0.0 - Mend

create-tigra 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (131) hide show

package/LICENSE +21 -0
package/README.md +87 -0
package/bin/create-tigra.js +292 -0
package/package.json +41 -0
package/template/.agent/rules/client/01-project-structure.md +326 -0
package/template/.agent/rules/client/02-component-patterns.md +249 -0
package/template/.agent/rules/client/03-typescript-rules.md +226 -0
package/template/.agent/rules/client/04-state-management.md +474 -0
package/template/.agent/rules/client/05-api-integration.md +129 -0
package/template/.agent/rules/client/06-forms-validation.md +129 -0
package/template/.agent/rules/client/07-common-patterns.md +150 -0
package/template/.agent/rules/client/08-color-system.md +93 -0
package/template/.agent/rules/client/09-security-rules.md +97 -0
package/template/.agent/rules/client/10-testing-strategy.md +370 -0
package/template/.agent/rules/global/ai-edit-safety.md +38 -0
package/template/.agent/rules/server/01-db-and-migrations.md +242 -0
package/template/.agent/rules/server/02-general-rules.md +111 -0
package/template/.agent/rules/server/03-migrations.md +20 -0
package/template/.agent/rules/server/04-pagination.md +130 -0
package/template/.agent/rules/server/05-project-conventions.md +71 -0
package/template/.agent/rules/server/06-response-handling.md +173 -0
package/template/.agent/rules/server/07-testing-strategy.md +506 -0
package/template/.agent/rules/server/08-observability.md +180 -0
package/template/.agent/rules/server/09-api-documentation-v2.md +168 -0
package/template/.agent/rules/server/10-background-jobs-v2.md +185 -0
package/template/.agent/rules/server/11-rate-limiting-v2.md +210 -0
package/template/.agent/rules/server/12-performance-optimization.md +567 -0
package/template/.claude/rules/client-01-project-structure.md +327 -0
package/template/.claude/rules/client-02-component-patterns.md +250 -0
package/template/.claude/rules/client-03-typescript-rules.md +227 -0
package/template/.claude/rules/client-04-state-management.md +475 -0
package/template/.claude/rules/client-05-api-integration.md +130 -0
package/template/.claude/rules/client-06-forms-validation.md +130 -0
package/template/.claude/rules/client-07-common-patterns.md +151 -0
package/template/.claude/rules/client-08-color-system.md +94 -0
package/template/.claude/rules/client-09-security-rules.md +98 -0
package/template/.claude/rules/client-10-testing-strategy.md +371 -0
package/template/.claude/rules/global-ai-edit-safety.md +39 -0
package/template/.claude/rules/server-01-db-and-migrations.md +243 -0
package/template/.claude/rules/server-02-general-rules.md +112 -0
package/template/.claude/rules/server-03-migrations.md +21 -0
package/template/.claude/rules/server-04-pagination.md +131 -0
package/template/.claude/rules/server-05-project-conventions.md +72 -0
package/template/.claude/rules/server-06-response-handling.md +174 -0
package/template/.claude/rules/server-07-testing-strategy.md +507 -0
package/template/.claude/rules/server-08-observability.md +181 -0
package/template/.claude/rules/server-09-api-documentation-v2.md +169 -0
package/template/.claude/rules/server-10-background-jobs-v2.md +186 -0
package/template/.claude/rules/server-11-rate-limiting-v2.md +211 -0
package/template/.claude/rules/server-12-performance-optimization.md +568 -0
package/template/.cursor/rules/client-01-project-structure.mdc +327 -0
package/template/.cursor/rules/client-02-component-patterns.mdc +250 -0
package/template/.cursor/rules/client-03-typescript-rules.mdc +227 -0
package/template/.cursor/rules/client-04-state-management.mdc +475 -0
package/template/.cursor/rules/client-05-api-integration.mdc +130 -0
package/template/.cursor/rules/client-06-forms-validation.mdc +130 -0
package/template/.cursor/rules/client-07-common-patterns.mdc +151 -0
package/template/.cursor/rules/client-08-color-system.mdc +94 -0
package/template/.cursor/rules/client-09-security-rules.mdc +98 -0
package/template/.cursor/rules/client-10-testing-strategy.mdc +371 -0
package/template/.cursor/rules/global-ai-edit-safety.mdc +39 -0
package/template/.cursor/rules/server-01-db-and-migrations.mdc +243 -0
package/template/.cursor/rules/server-02-general-rules.mdc +112 -0
package/template/.cursor/rules/server-03-migrations.mdc +21 -0
package/template/.cursor/rules/server-04-pagination.mdc +131 -0
package/template/.cursor/rules/server-05-project-conventions.mdc +72 -0
package/template/.cursor/rules/server-06-response-handling.mdc +174 -0
package/template/.cursor/rules/server-07-testing-strategy.mdc +507 -0
package/template/.cursor/rules/server-08-observability.mdc +181 -0
package/template/.cursor/rules/server-09-api-documentation-v2.mdc +169 -0
package/template/.cursor/rules/server-10-background-jobs-v2.mdc +186 -0
package/template/.cursor/rules/server-11-rate-limiting-v2.mdc +211 -0
package/template/.cursor/rules/server-12-performance-optimization.mdc +568 -0
package/template/CLAUDE.md +207 -0
package/template/server/.env.example +148 -0
package/template/server/.tsc-aliasrc.json +12 -0
package/template/server/README.md +175 -0
package/template/server/SECURITY.md +190 -0
package/template/server/biome.json +42 -0
package/template/server/docker-compose.yml +111 -0
package/template/server/package.json +83 -0
package/template/server/postman_collection.json +733 -0
package/template/server/prisma/schema.prisma +92 -0
package/template/server/prisma/seed.ts +142 -0
package/template/server/scripts/wait-for-db.js +60 -0
package/template/server/src/app.ts +74 -0
package/template/server/src/config/env.ts +101 -0
package/template/server/src/hooks/request-timing.hook.ts +26 -0
package/template/server/src/libs/auth/authenticate.middleware.ts +22 -0
package/template/server/src/libs/auth/rbac.middleware.test.ts +134 -0
package/template/server/src/libs/auth/rbac.middleware.ts +147 -0
package/template/server/src/libs/db.ts +76 -0
package/template/server/src/libs/error-handler.ts +89 -0
package/template/server/src/libs/logger.ts +60 -0
package/template/server/src/libs/queue.ts +79 -0
package/template/server/src/libs/redis.ts +79 -0
package/template/server/src/libs/swagger-schemas.ts +16 -0
package/template/server/src/modules/admin/admin.controller.ts +122 -0
package/template/server/src/modules/admin/admin.routes.ts +100 -0
package/template/server/src/modules/admin/admin.schemas.ts +35 -0
package/template/server/src/modules/admin/admin.service.ts +167 -0
package/template/server/src/modules/auth/auth.controller.ts +141 -0
package/template/server/src/modules/auth/auth.integration.test.ts +150 -0
package/template/server/src/modules/auth/auth.repo.ts +218 -0
package/template/server/src/modules/auth/auth.routes.ts +204 -0
package/template/server/src/modules/auth/auth.schemas.ts +137 -0
package/template/server/src/modules/auth/auth.service.test.ts +119 -0
package/template/server/src/modules/auth/auth.service.ts +329 -0
package/template/server/src/modules/auth/auth.types.ts +97 -0
package/template/server/src/modules/resources/resources.controller.ts +218 -0
package/template/server/src/modules/resources/resources.repo.ts +253 -0
package/template/server/src/modules/resources/resources.routes.ts +355 -0
package/template/server/src/modules/resources/resources.schemas.ts +146 -0
package/template/server/src/modules/resources/resources.service.ts +218 -0
package/template/server/src/modules/resources/resources.types.ts +73 -0
package/template/server/src/plugins/rate-limit.plugin.ts +21 -0
package/template/server/src/plugins/security.plugin.ts +21 -0
package/template/server/src/plugins/swagger.plugin.ts +41 -0
package/template/server/src/routes/health.routes.ts +31 -0
package/template/server/src/server.ts +142 -0
package/template/server/src/test/setup.ts +38 -0
package/template/server/src/types/fastify.d.ts +36 -0
package/template/server/src/utils/errors.ts +108 -0
package/template/server/src/utils/pagination.ts +120 -0
package/template/server/src/utils/response.ts +110 -0
package/template/server/src/workers/file.worker.ts +106 -0
package/template/server/tsconfig.build.json +30 -0
package/template/server/tsconfig.build.tsbuildinfo +1 -0
package/template/server/tsconfig.json +89 -0
package/template/server/tsconfig.test.json +22 -0
package/template/server/vitest.config.ts +98 -0

package/template/server/SECURITY.md ADDED Viewed

@@ -0,0 +1,190 @@
+# Security Considerations
+## Overview
+This document outlines known security considerations for this project. We take security seriously and regularly audit our dependencies for vulnerabilities.
+**Last Security Audit**: January 10, 2026
+**Next Scheduled Audit**: February 10, 2026
+---
+## Current Security Status
+**Production Dependencies**: 100% Secure (0 vulnerabilities)
+**Development Dependencies**: 100% Secure (0 vulnerabilities)
+**Overall Security Score**: 100/100
+---
+## Known Issues
+**None** - All dependencies are currently secure with no known vulnerabilities.
+---
+## Security Best Practices
+### Dependency Management
+1. **Monthly Security Audits**
+   ```bash
+   npm audit
+   npm outdated
+   ```
+2. **Automated Monitoring**
+   - Enable GitHub Dependabot
+   - Subscribe to security advisories
+   - Monitor npm security feeds
+3. **Update Strategy**
+   - Patch versions: Update immediately
+   - Minor versions: Update monthly
+   - Major versions: Review and test before updating
+### Environment Variables
+1. **Never Commit Secrets**
+   - Use `.env` files (gitignored)
+   - Use environment-specific configurations
+   - Rotate secrets regularly
+2. **Required Environment Variables**
+   ```bash
+   # See .env.example for full list
+   DATABASE_URL=mysql://...
+   JWT_SECRET=<minimum-32-characters>
+   REDIS_HOST=localhost
+   ```
+3. **Validation**
+   - All environment variables are validated at startup
+   - See `src/config/env.ts` for schema
+### Authentication & Authorization
+1. **JWT Security**
+   - Tokens include issuer validation
+   - Access tokens expire in 15 minutes
+   - Refresh tokens expire in 7 days
+   - Secure secret (minimum 32 characters)
+2. **Password Security**
+   - bcrypt with 10 rounds
+   - Minimum password requirements enforced
+   - No password storage in logs
+3. **Role-Based Access Control (RBAC)**
+   - Implemented via middleware
+   - Three roles: USER, ORGANIZATION, ADMIN
+   - Route-level permission checks
+### API Security
+1. **Rate Limiting**
+   - Global: 100 requests per 15 minutes
+   - Login: 5 requests per 15 minutes
+   - Configurable per route
+2. **Input Validation**
+   - All inputs validated with Zod schemas
+   - Type-safe validation
+   - Automatic error responses
+3. **Security Headers**
+   - Helmet.js for security headers
+   - CORS properly configured
+   - CSP enabled in production
+### Database Security
+1. **SQL Injection Prevention**
+   - Prisma ORM (parameterized queries)
+   - No raw SQL with user input
+   - Type-safe database access
+2. **Connection Security**
+   - Encrypted connections (SSL/TLS)
+   - Connection pooling
+   - Credential rotation
+### Monitoring & Logging
+1. **Structured Logging**
+   - Pino for high-performance logging
+   - Sensitive data redaction
+   - Request ID tracking
+2. **Error Handling**
+   - No stack traces in production responses
+   - Internal errors logged securely
+   - User-friendly error messages
+---
+## Reporting Security Issues
+If you discover a security vulnerability, please follow responsible disclosure:
+1. **Do NOT** open a public GitHub issue
+2. Email security concerns to: [itorn9777@gmail.com]
+3. Include:
+   - Description of the vulnerability
+   - Steps to reproduce
+   - Potential impact
+   - Suggested fix (if any)
+We will respond within 48 hours and work with you to address the issue.
+---
+## Security Audit History
+### January 10, 2026
+- **Action**: Comprehensive dependency update
+- **Vulnerabilities Fixed**: 8 out of 8 (100%)
+- **Status**: All dependencies 100% secure
+- **Remaining**: None
+- **Next Review**: February 10, 2026
+### Previous Audits
+- Initial security setup and configuration
+---
+## Compliance & Standards
+This project follows security best practices including:
+- OWASP Top 10 guidelines
+- Secure coding standards
+- Regular dependency audits
+- Input validation and sanitization
+- Secure authentication and authorization
+- Encrypted data transmission
+- Comprehensive logging and monitoring
+---
+## Additional Resources
+**Security Tools:**
+- npm audit: Built-in vulnerability scanner
+- Snyk: https://snyk.io/
+- GitHub Dependabot: Automated dependency updates
+**Security Guides:**
+- OWASP: https://owasp.org/
+- Node.js Security Best Practices: https://nodejs.org/en/docs/guides/security/
+- Fastify Security: https://www.fastify.io/docs/latest/Guides/Security/
+**Monitoring:**
+- npm Security Advisories: https://github.com/advisories
+- Node.js Security Releases: https://nodejs.org/en/blog/vulnerability/
+---
+**Last Updated**: January 10, 2026
+**Maintained By**: Development Team
+**Review Schedule**: Monthly

package/template/server/biome.json ADDED Viewed

@@ -0,0 +1,42 @@
+{
+  "$schema": "https://biomejs.dev/schemas/1.9.0/schema.json",
+  "organizeImports": {
+    "enabled": true
+  },
+  "linter": {
+    "enabled": true,
+    "rules": {
+      "recommended": true,
+      "complexity": {
+        "noForEach": "off"
+      },
+      "suspicious": {
+        "noExplicitAny": "warn"
+      },
+      "style": {
+        "noNonNullAssertion": "off"
+      }
+    }
+  },
+  "formatter": {
+    "enabled": true,
+    "indentStyle": "space",
+    "indentWidth": 4,
+    "lineWidth": 100
+  },
+  "javascript": {
+    "formatter": {
+      "quoteStyle": "single",
+      "trailingCommas": "es5",
+      "semicolons": "always"
+    }
+  },
+  "files": {
+    "ignore": [
+      "node_modules",
+      "dist",
+      "coverage",
+      "*.json"
+    ]
+  }
+}

package/template/server/docker-compose.yml ADDED Viewed

@@ -0,0 +1,111 @@
+version: '3.8'
+name: {{PROJECT_NAME}}
+services:
+  # ==============================================
+  # MySQL Database Service
+  # ==============================================
+  mysql:
+    image: mysql:8.0
+    container_name: {{PROJECT_NAME}}-mysql
+    restart: unless-stopped
+    ports:
+      - '3306:3306'
+    environment:
+      MYSQL_ROOT_PASSWORD: {{DATABASE_PASSWORD}}
+      MYSQL_DATABASE: {{DATABASE_NAME}}
+      # Performance tuning
+      MYSQL_INNODB_BUFFER_POOL_SIZE: 256M
+      MYSQL_MAX_CONNECTIONS: 100
+    volumes:
+      # Persist MySQL data
+      - {{PROJECT_NAME}}_mysql_data:/var/lib/mysql
+      # Custom MySQL configuration (optional)
+      # - ./docker/mysql/my.cnf:/etc/mysql/conf.d/my.cnf
+    networks:
+      - {{PROJECT_NAME}}-network
+    healthcheck:
+      test: [ 'CMD', 'mysqladmin', 'ping', '-h', 'localhost', '-u', 'root', '-p{{DATABASE_PASSWORD}}' ]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+      start_period: 30s
+    command:
+      - --character-set-server=utf8mb4
+      - --collation-server=utf8mb4_unicode_ci
+      - --default-authentication-plugin=mysql_native_password
+  # ==============================================
+  # Redis Cache Service
+  # ==============================================
+  redis:
+    image: redis:7-alpine
+    container_name: {{PROJECT_NAME}}-redis
+    restart: unless-stopped
+    ports:
+      - '6379:6379'
+    volumes:
+      # Persist Redis data
+      - {{PROJECT_NAME}}_redis_data:/data
+      # Custom Redis configuration (optional)
+      # - ./docker/redis/redis.conf:/usr/local/etc/redis/redis.conf
+    networks:
+      - {{PROJECT_NAME}}-network
+    healthcheck:
+      test: [ 'CMD', 'redis-cli', 'ping' ]
+      interval: 10s
+      timeout: 3s
+      retries: 5
+      start_period: 10s
+    command: redis-server --appendonly yes --maxmemory 256mb --maxmemory-policy noeviction
+  # ==============================================
+  # phpMyAdmin (Database Management UI)
+  # ==============================================
+  # Access at: http://localhost:8080
+  phpmyadmin:
+    image: phpmyadmin/phpmyadmin:latest
+    container_name: {{PROJECT_NAME}}-phpmyadmin
+    restart: unless-stopped
+    ports:
+      - '8080:80'
+    environment:
+      PMA_HOST: mysql
+      PMA_ARBITRARY: 1
+      # PMA_USER: root       <-- Removed to allow manual login
+      # PMA_PASSWORD: password <-- Removed to allow manual login
+    networks:
+      - {{PROJECT_NAME}}-network
+    depends_on:
+      - mysql
+  # ==============================================
+  # Redis Commander (Redis Management UI)
+  # ==============================================
+  # Access at: http://localhost:8081
+  redis-commander:
+    image: rediscommander/redis-commander:latest
+    container_name: {{PROJECT_NAME}}-redis-commander
+    restart: unless-stopped
+    ports:
+      - '8081:8081'
+    environment:
+      REDIS_HOSTS: local:redis:6379
+    networks:
+      - {{PROJECT_NAME}}-network
+    depends_on:
+      - redis
+  # ==============================================
+  # Named Volumes for Data Persistence
+  # ==============================================
+volumes:
+  {{PROJECT_NAME}}_mysql_data:
+    driver: local
+  {{PROJECT_NAME}}_redis_data:
+    driver: local
+# ==============================================
+# Network Configuration
+# ==============================================
+networks:
+  {{PROJECT_NAME}}-network:
+    driver: bridge

package/template/server/package.json ADDED Viewed

@@ -0,0 +1,83 @@
+{
+  "name": "{{PROJECT_NAME}}",
+  "version": "1.0.0",
+  "description": "{{PROJECT_DESCRIPTION}}",
+  "main": "dist/server.js",
+  "type": "commonjs",
+  "engines": {
+    "node": ">=20.0.0"
+  },
+  "scripts": {
+    "dev": "tsx watch src/server.ts",
+    "build": "tsc -p tsconfig.build.json && tsc-alias -p tsconfig.build.json",
+    "build:debug": "tsc -p tsconfig.build.json --listFiles",
+    "start": "node dist/server.js",
+    "start:prod": "NODE_ENV=production node dist/server.js",
+    "lint": "biome check src",
+    "lint:fix": "biome check --write src",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "test:coverage": "vitest run --coverage",
+    "test:e2e": "vitest run --config vitest.e2e.config.ts",
+    "db:wait": "node scripts/wait-for-db.js",
+    "db:init": "npm run db:wait && npx prisma migrate dev --name init",
+    "prisma:generate": "prisma generate",
+    "prisma:migrate": "prisma migrate dev",
+    "prisma:migrate:deploy": "prisma migrate deploy",
+    "prisma:studio": "prisma studio",
+    "prisma:reset": "prisma migrate reset",
+    "prisma:seed": "tsx prisma/seed.ts",
+    "db:push": "prisma db push",
+    "format": "biome format --write src",
+    "format:check": "biome format src"
+  },
+  "keywords": [
+    "fastify",
+    "typescript",
+    "prisma",
+    "api",
+    "rest",
+    "mysql",
+    "redis"
+  ],
+  "author": "{{AUTHOR_NAME}}",
+  "license": "MIT",
+  "dependencies": {
+    "@fastify/compress": "^8.0.0",
+    "@fastify/cors": "^10.0.0",
+    "@fastify/helmet": "^13.0.0",
+    "@fastify/multipart": "^9.0.0",
+    "@fastify/rate-limit": "^10.2.0",
+    "@fastify/swagger": "^9.4.0",
+    "@fastify/swagger-ui": "^5.2.0",
+    "@prisma/client": "^6.2.0",
+    "bcryptjs": "^2.4.3",
+    "bullmq": "^5.34.0",
+    "dotenv": "^16.4.7",
+    "fastify": "^5.2.0",
+    "ioredis": "^5.4.2",
+    "jsonwebtoken": "^9.0.2",
+    "mysql2": "^3.11.5",
+    "pino": "^9.6.0",
+    "zod": "^3.24.0",
+    "zod-to-json-schema": "^3.24.0"
+  },
+  "devDependencies": {
+    "@biomejs/biome": "^1.9.0",
+    "@types/bcryptjs": "^2.4.6",
+    "@types/jsonwebtoken": "^9.0.5",
+    "@types/node": "^22.10.0",
+    "@types/supertest": "^6.0.2",
+    "pino-pretty": "^13.0.0",
+    "prisma": "^6.2.0",
+    "@vitest/coverage-v8": "^3.0.0",
+    "supertest": "^7.1.0",
+    "tsc-alias": "^1.8.16",
+    "tsx": "^4.19.0",
+    "typescript": "^5.7.0",
+    "vitest": "^3.0.0"
+  },
+  "prisma": {
+    "seed": "tsx prisma/seed.ts"
+  }
+}