npm - create-tigra - Versions diffs - 2.1.5 → 2.3.0 - Mend

create-tigra 2.1.5 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

package/bin/create-tigra.js CHANGED Viewed

@@ -21,6 +21,8 @@ const FILES_TO_REPLACE = [
   'server/docker-compose.yml',
   'client/package.json',
   'client/.env.example',
+  'server/postman/collection.json',
+  'server/postman/environment.json',
 ];
 // Directories/files to skip when copying

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "create-tigra",
-  "version": "2.1.5",
+  "version": "2.3.0",
   "type": "module",
   "description": "Create a production-ready full-stack app with Next.js 16 + Fastify 5 + Prisma + Redis",
   "bin": {
@@ -39,6 +39,9 @@
     "url": "https://github.com/blessandsoul/create-tigra/issues"
   },
   "homepage": "https://github.com/blessandsoul/create-tigra#readme",
+  "scripts": {
+    "create:test": "node -e \"import('fs').then(f=>f.rmSync('testapp',{recursive:true,force:true}))\" && node bin/create-tigra.js testapp"
+  },
   "dependencies": {
     "chalk": "^5.4.1",
     "commander": "^13.1.0",

package/template/_claude/commands/create-client.md CHANGED Viewed

@@ -180,8 +180,6 @@ export const API_ENDPOINTS = {
     LOGOUT: '/auth/logout',
     REFRESH: '/auth/refresh',
     ME: '/auth/me',
-    VERIFY_EMAIL: '/auth/verify-email',
-    RESEND_VERIFICATION: '/auth/resend-verification',
     REQUEST_PASSWORD_RESET: '/auth/request-password-reset',
     RESET_PASSWORD: '/auth/reset-password',
   },
@@ -199,7 +197,6 @@ export const ROUTES = {
   HOME: '/',
   LOGIN: '/login',
   REGISTER: '/register',
-  VERIFY_EMAIL: '/verify-email',
   RESET_PASSWORD: '/reset-password',
   DASHBOARD: '/dashboard',
   PROFILE: '/profile',
@@ -369,7 +366,7 @@ Auth types from `02-components-and-types.md`:
 #### `src/features/auth/services/auth.service.ts`
 Auth service class from `03-data-and-state.md`:
-- `register`, `login`, `logout`, `refreshToken`, `getMe`, `verifyEmail`, `requestPasswordReset`, `resetPassword`
+- `register`, `login`, `logout`, `refreshToken`, `getMe`, `requestPasswordReset`, `resetPassword`
 - Uses `apiClient` and `API_ENDPOINTS`
 - Singleton export: `export const authService = new AuthService();`

package/template/_claude/commands/create-server.md CHANGED Viewed

@@ -325,7 +325,6 @@ model User {
   lastName      String
   role          String    @default("USER")
   isActive      Boolean   @default(true)
-  emailVerified Boolean   @default(false)
   deletedAt     DateTime?
   createdAt     DateTime  @default(now())
   updatedAt     DateTime  @updatedAt

package/template/_claude/rules/client/01-project-structure.md CHANGED Viewed

@@ -78,8 +78,6 @@ export const API_ENDPOINTS = {
     LOGOUT: '/auth/logout',
     REFRESH: '/auth/refresh',
     ME: '/auth/me',
-    VERIFY_EMAIL: '/auth/verify-email',
-    RESEND_VERIFICATION: '/auth/resend-verification',
     REQUEST_PASSWORD_RESET: '/auth/request-password-reset',
     RESET_PASSWORD: '/auth/reset-password',
   },
@@ -103,7 +101,6 @@ export const ROUTES = {
   HOME: '/',
   LOGIN: '/login',
   REGISTER: '/register',
-  VERIFY_EMAIL: '/verify-email',
   RESET_PASSWORD: '/reset-password',
   DASHBOARD: '/dashboard',
   PROFILE: '/profile',

package/template/_claude/rules/client/03-data-and-state.md CHANGED Viewed

@@ -92,7 +92,7 @@ class ItemService {
 export const itemService = new ItemService();
 ```
-Auth service methods: `register`, `login`, `logout`, `refreshToken`, `getMe`, `verifyEmail`, `requestPasswordReset`, `resetPassword`.
+Auth service methods: `register`, `login`, `logout`, `refreshToken`, `getMe`, `requestPasswordReset`, `resetPassword`.
 ---

package/template/_claude/rules/server/project-conventions.md CHANGED Viewed

@@ -212,3 +212,16 @@ const apiClient = axios.create({ ...httpClient.defaults, baseURL: 'https://api.e
 - Always use `httpClient` — never `fetch`, `node:http`, or inline `axios.create()`.
 - Never add auth headers, cookies, or credentials to the singleton itself.
 - Never log response bodies (may contain PII or secrets).
+## File Storage
+Upload directory structure: `uploads/users/{userId}/<media-type>/`
+| Media type | Path | Example |
+|---|---|---|
+| Avatar | `uploads/users/{userId}/avatar/` | `uploads/users/abc123/avatar/john-doe-avatar.webp` |
+- All user media lives under `uploads/users/{userId}/` for easy per-user cleanup.
+- On account purge, delete the entire `uploads/users/{userId}/` directory via `deleteUserMedia()`.
+- Public URL pattern: `/uploads/users/{userId}/<media-type>/{filename}`
+- New media types follow the same pattern: add a subfolder under the user directory.

package/template/client/package.json CHANGED Viewed

@@ -6,7 +6,8 @@
     "dev": "next dev",
     "build": "next build",
     "start": "next start",
-    "lint": "eslint src/"
+    "lint": "eslint src/",
+    "generate:env": "node -e \"import('fs').then(f=>{if(f.existsSync('.env'))console.log('.env already exists, skipping');else{f.copyFileSync('.env.example','.env');console.log('.env created from .env.example')}})\""
   },
   "dependencies": {
     "@hookform/resolvers": "^5.2.2",

package/template/server/.env.example CHANGED Viewed

@@ -39,6 +39,29 @@ REDIS_MAX_RETRIES=3
 # Connection timeout in milliseconds
 REDIS_CONNECT_TIMEOUT=10000
+# ===================================================================
+# RATE LIMITING
+# ===================================================================
+# Master switch to enable/disable rate limiting (default: true)
+# Set to false in development to disable all rate limits
+RATE_LIMIT_ENABLED=true
+# Multiply all rate limit max values by this factor (default: 1)
+# Set to 10 in development for 10x headroom, or 0.5 for tighter limits
+RATE_LIMIT_MULTIPLIER=1
+# Optional: Override specific critical route limits (uses defaults if not set)
+# RATE_LIMIT_AUTH_LOGIN_MAX=10
+# RATE_LIMIT_AUTH_REGISTER_MAX=5
+# ===================================================================
+# FILE UPLOAD
+# ===================================================================
+# Maximum file upload size in MB (default: 10)
+MAX_FILE_SIZE_MB=10
 # ===================================================================
 # DOCKER PORTS (auto-generated, unique per project)
 # ===================================================================

package/template/server/.env.example.production CHANGED Viewed

@@ -39,6 +39,27 @@ REDIS_URL="redis://:REDIS_PASSWORD@redis.internal:6379"
 REDIS_MAX_RETRIES=5
 REDIS_CONNECT_TIMEOUT=5000
+# ===================================================================
+# RATE LIMITING
+# ===================================================================
+# Always enabled in production
+RATE_LIMIT_ENABLED=true
+# Production: keep at 1 (default limits are tuned for production)
+RATE_LIMIT_MULTIPLIER=1
+# Tight limits for sensitive auth routes in production
+RATE_LIMIT_AUTH_LOGIN_MAX=10
+RATE_LIMIT_AUTH_REGISTER_MAX=5
+# ===================================================================
+# FILE UPLOAD
+# ===================================================================
+# Maximum file upload size in MB
+MAX_FILE_SIZE_MB=10
 # ===================================================================
 # JWT AUTHENTICATION
 # ===================================================================

package/template/server/package.json CHANGED Viewed

@@ -22,7 +22,8 @@
     "redis:flush": "tsx scripts/flush-redis.ts",
     "docker:up": "docker compose up -d",
     "docker:down": "docker compose down",
-    "docker:logs": "docker compose logs -f"
+    "docker:logs": "docker compose logs -f",
+    "generate:env": "node -e \"import('fs').then(f=>{if(f.existsSync('.env'))console.log('.env already exists, skipping');else{f.copyFileSync('.env.example','.env');console.log('.env created from .env.example')}})\""
   },
   "prisma": {
     "seed": "tsx prisma/seed.ts"