create-z3 0.0.47 → 0.0.49

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Isaiah
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/dist/index.js

@@ -37,7 +37,7 @@ async function isDirectoryEmpty(dirPath) {
     return true;
   }
 }
-function resolveProjectName(input2, cwd) {
+function resolveProjectName(input2, _cwd) {
   return input2;
 }
 
@@ -1730,26 +1730,28 @@ function getAdditionalProviders() {
 
 // src/installers/string-utils.ts
 import fs3 from "fs-extra";
-var DEFAULT_THEME = `--background: 100% 0.000 0;
---foreground: 3.9% 0.006 240;
---card: 100% 0.000 0;
---card-foreground: 3.9% 0.006 240;
---popover: 100% 0.000 0;
---popover-foreground: 3.9% 0.006 240;
---primary: 10% 0.003 240;
---primary-foreground: 98% 0.000 0;
---secondary: 95.9% 0.002 240;
---secondary-foreground: 10% 0.003 240;
---muted: 95.9% 0.002 240;
---muted-foreground: 46.1% 0.002 240;
---accent: 95.9% 0.002 240;
---accent-foreground: 10% 0.003 240;
---destructive: 60.2% 0.168 0;
---destructive-foreground: 98% 0.000 0;
---border: 90% 0.003 240;
---input: 90% 0.003 240;
---ring: 10% 0.003 240;
---radius: 0.5rem;`;
+var DEFAULT_THEME = `:root {
+  --background: 100% 0.000 0;
+  --foreground: 3.9% 0.006 240;
+  --card: 100% 0.000 0;
+  --card-foreground: 3.9% 0.006 240;
+  --popover: 100% 0.000 0;
+  --popover-foreground: 3.9% 0.006 240;
+  --primary: 10% 0.003 240;
+  --primary-foreground: 98% 0.000 0;
+  --secondary: 95.9% 0.002 240;
+  --secondary-foreground: 10% 0.003 240;
+  --muted: 95.9% 0.002 240;
+  --muted-foreground: 46.1% 0.002 240;
+  --accent: 95.9% 0.002 240;
+  --accent-foreground: 10% 0.003 240;
+  --destructive: 60.2% 0.168 0;
+  --destructive-foreground: 98% 0.000 0;
+  --border: 90% 0.003 240;
+  --input: 90% 0.003 240;
+  --ring: 10% 0.003 240;
+  --radius: 0.5rem;
+}`;
 function detectIndentation(line) {
   const match = line.match(/^(\s*)/);
   return match ? match[1] : "";
@@ -1798,9 +1800,11 @@ function generateCredentialsValue(enabled) {
 }
 function generateAuthProvidersBlock(oauthProviders, emailPasswordEnabled) {
   const parts = [];
-  parts.push(`emailAndPassword: {
-      enabled: ${emailPasswordEnabled}
+  if (emailPasswordEnabled) {
+    parts.push(`emailAndPassword: {
+      enabled: true
     },`);
+  }
   if (oauthProviders.length > 0) {
     const providersObject = oauthProviders.map((providerId) => {
       const provider = getProvider(providerId);
@@ -2300,13 +2304,12 @@ var TanStackInstaller = class extends FrameworkInstaller {
   async updateEnvExample(selectedProviders) {
     const envFilePath = join2(this.targetPath, ".env.example");
     const envVarsBlock = generateEnvVarsBlock(selectedProviders, "tanstack");
-    if (envVarsBlock) {
-      await replacePlaceholder(
-        envFilePath,
-        "# {{ENV_OAUTH_VARS}}",
-        envVarsBlock
-      );
-    }
+    await replacePlaceholder(
+      envFilePath,
+      "# {{ENV_OAUTH_VARS}}",
+      envVarsBlock,
+      { graceful: true }
+    );
   }
   /**
    * Update README with OAuth provider setup guides
@@ -2319,14 +2322,12 @@ var TanStackInstaller = class extends FrameworkInstaller {
   async updateReadme(selectedProviders) {
     const readmeFilePath = join2(this.targetPath, "README.md");
     const readmeSection = generateReadmeSection(selectedProviders);
-    if (readmeSection) {
-      await replacePlaceholder(
-        readmeFilePath,
-        "<!-- {{OAUTH_SETUP_GUIDE}} -->",
-        readmeSection,
-        { graceful: true }
-      );
-    }
+    await replacePlaceholder(
+      readmeFilePath,
+      "<!-- {{OAUTH_SETUP_GUIDE}} -->",
+      readmeSection,
+      { graceful: true }
+    );
   }
   /**
    * Apply TweakCN theme to global CSS file

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-z3",
-  "version": "0.0.47",
+  "version": "0.0.49",
   "type": "module",
   "description": "CLI for scaffolding Z3 Stack applications (TanStack/Next.js + Convex + Better Auth)",
   "bin": {
@@ -10,13 +10,6 @@
     "dist",
     "templates"
   ],
-  "scripts": {
-    "build": "tsup src/index.ts --format esm --dts",
-    "dev": "tsup src/index.ts --format esm --watch",
-    "typecheck": "tsc --noEmit",
-    "test": "vitest run",
-    "test:watch": "vitest"
-  },
   "dependencies": {
     "commander": "^12.0.0",
     "@inquirer/prompts": "^7.2.0",
@@ -55,7 +48,14 @@
   ],
   "repository": {
     "type": "git",
-    "url": "https://github.com/zayecq/create-z3-app"
+    "url": "https://github.com/ianyimi/create-z3-app"
   },
-  "license": "MIT"
-}
+  "license": "MIT",
+  "scripts": {
+    "build": "tsup src/index.ts --format esm --dts",
+    "dev": "tsup src/index.ts --format esm --watch",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run",
+    "test:watch": "vitest"
+  }
+}

package/templates/nextjs/convex/auth/adapter/index.ts

@@ -50,6 +50,12 @@ export const convexAdapter = <DataModel extends GenericDataModel>(
 
       return {
         id: "convex",
+        // Tell the convex() plugin this context supports mutations. It checks
+        // ctx.context.adapter.options?.isRunMutationCtx — if falsy it replaces all
+        // adapter writes with silent no-ops. HTTP actions always have runMutation.
+        options: {
+          isRunMutationCtx: "runMutation" in ctx,
+        },
 
         create: async ({ data, model, select }): Promise<any> => {
           return await ctx.runMutation(internal.auth.db.dbCreate, {
@@ -189,34 +195,12 @@ export const convexAdapter = <DataModel extends GenericDataModel>(
         if (data && fieldAttributes.type === "date") {
           return new Date(data).getTime();
         }
-        // Handle array fields - Better Auth may send single values or arrays
-        if ((fieldAttributes.type as string)?.endsWith("[]")) {
-          // If already an array, return as-is
-          if (Array.isArray(data)) {
-            return data
-          }
-          // If it's a string that looks like JSON array, parse it
-          if (typeof data === "string") {
-            try {
-              const parsed = JSON.parse(data)
-              return Array.isArray(parsed) ? parsed : [data]
-            } catch {
-              // If parsing fails, wrap the string in an array
-              return [data]
-            }
-          }
-          // For any other value type, wrap in array
-          if (data !== null && data !== undefined) {
-            return [data]
-          }
-        }
         return data;
       },
       customTransformOutput: ({ data, fieldAttributes }) => {
         if (data && fieldAttributes.type === "date") {
           return new Date(data).getTime();
         }
-        // Arrays are stored natively in Convex, no transformation needed for output
         return data;
       },
       debugLogs: config.debugLogs ?? false,
@@ -230,6 +214,7 @@ export const convexAdapter = <DataModel extends GenericDataModel>(
       supportsDates: false,
       supportsJSON: true,
       supportsNumericIds: false,
+      supportsArrays: true,
       transaction: false,
       usePlural: false,
     },

package/templates/nextjs/convex/auth/index.ts

@@ -39,7 +39,7 @@ export const createAuth = (
     trustedOrigins: [process.env.SITE_URL!],
     user: {
       additionalFields: {
-        role: {
+        roles: {
           type: "string[]",
           defaultValue: [USER_ROLES.user],
           required: true

package/templates/nextjs/convex/auth/plugins/index.ts

@@ -1,14 +1,18 @@
 import { nextCookies } from "better-auth/next-js"
-import { admin, apiKey } from "better-auth/plugins"
+import { admin } from "better-auth/plugins"
+import { apiKey } from "@better-auth/api-key"
+import { convex } from "@convex-dev/better-auth/plugins"
 import { USER_ROLES } from "~/db/constants"
+import authConfig from "@convex/auth.config"
 
 const plugins = [
   admin({
     adminRoles: [USER_ROLES.admin],
-    defaultRole: USER_ROLES.user
+    defaultRole: USER_ROLES.user,
   }),
   apiKey(),
   nextCookies(),
+  convex({ authConfig }),
 ]
 
 export default plugins

package/templates/nextjs/convex/auth/sessions.ts

@@ -53,7 +53,7 @@ export const getSessionWithUser = query({
 				email: user.email,
 				emailVerified: user.emailVerified,
 				image: user.image,
-				role: user.role,
+				roles: user.roles,
 			},
 		};
 	},

package/templates/nextjs/convex/auth.config.ts

@@ -0,0 +1,7 @@
+import type { AuthConfig } from "convex/server"
+
+import { getAuthConfigProvider } from "@convex-dev/better-auth/auth-config"
+
+export default {
+  providers: [getAuthConfigProvider()],
+} satisfies AuthConfig

package/templates/nextjs/convex/schema.ts

@@ -1,7 +1,7 @@
 import { defineSchema, defineTable } from "convex/server";
 import { v } from "convex/values"
 
-import { TABLE_SLUG_ACCOUNTS, TABLE_SLUG_JWKS, TABLE_SLUG_SESSIONS, TABLE_SLUG_USERS, TABLE_SLUG_VERIFICATIONS } from "~/db/constants";
+import { TABLE_SLUG_ACCOUNTS, TABLE_SLUG_API_KEYS, TABLE_SLUG_JWKS, TABLE_SLUG_SESSIONS, TABLE_SLUG_USERS, TABLE_SLUG_VERIFICATIONS } from "~/db/constants";
 
 export default defineSchema({
   // Better Auth component tables (type definitions only - actual tables are in component)
@@ -19,7 +19,8 @@ export default defineSchema({
     isAnonymous: v.optional(v.union(v.null(), v.boolean())),
     phoneNumber: v.optional(v.union(v.null(), v.string())),
     phoneNumberVerified: v.optional(v.union(v.null(), v.boolean())),
-    role: v.array(v.string()), // admin plugin
+    role: v.optional(v.string()), // admin plugin — single string in BA 1.5
+    roles: v.array(v.string()), // our multi-role field via additionalFields
     twoFactorEnabled: v.optional(v.union(v.null(), v.boolean())),
     updatedAt: v.number(),
     userId: v.optional(v.union(v.null(), v.string()))
@@ -70,4 +71,31 @@ export default defineSchema({
     privateKey: v.optional(v.string()),
     publicKey: v.string(),
   }),
+
+  // Better Auth 1.5 — apiKey plugin (@better-auth/api-key)
+  [TABLE_SLUG_API_KEYS]: defineTable({
+    configId: v.string(),
+    name: v.optional(v.string()),
+    start: v.optional(v.string()),
+    referenceId: v.string(),
+    prefix: v.optional(v.string()),
+    key: v.string(),
+    refillInterval: v.optional(v.number()),
+    refillAmount: v.optional(v.number()),
+    lastRefillAt: v.optional(v.number()),
+    enabled: v.optional(v.boolean()),
+    rateLimitEnabled: v.optional(v.boolean()),
+    rateLimitTimeWindow: v.optional(v.number()),
+    rateLimitMax: v.optional(v.number()),
+    requestCount: v.optional(v.number()),
+    remaining: v.optional(v.number()),
+    lastRequest: v.optional(v.number()),
+    expiresAt: v.optional(v.number()),
+    createdAt: v.number(),
+    updatedAt: v.number(),
+    permissions: v.optional(v.string()),
+    metadata: v.optional(v.string()),
+  })
+    .index("by_referenceId", ["referenceId"])
+    .index("by_key", ["key"]),
 })

package/templates/nextjs/package.json

@@ -13,13 +13,14 @@
   },
   "dependencies": {
     "@base-ui/react": "^1.1.0",
-    "@convex-dev/better-auth": "^0.10.10",
+    "@better-auth/api-key": "^1.0.0",
+    "@convex-dev/better-auth": "^0.11.0",
     "@convex-dev/react-query": "^0.1.0",
     "@daveyplate/better-auth-ui": "^3.3.15",
     "@t3-oss/env-nextjs": "^0.13.10",
     "@tanstack/react-form": "^1.27.7",
     "@tanstack/react-query": "^5.90.17",
-    "better-auth": "^1.4.9",
+    "better-auth": "^1.5.0",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
     "convex": "^1.31.5",

package/templates/nextjs/src/app/(frontend)/layout.tsx

@@ -1,46 +1,40 @@
-import type { Metadata } from "next";
-import { Geist, Geist_Mono, Inter } from "next/font/google";
-import "./globals.css";
-import ServerProviders from "~/components/providers/server";
-import ClientProviders from "~/components/providers/client";
-import Head from "next/head";
+import type { Metadata } from "next"
 
-const inter = Inter({ subsets: ['latin'], variable: '--font-sans' });
+import { Geist, Geist_Mono, Inter } from "next/font/google"
+
+import "./globals.css"
+
+import ClientProviders from "~/components/providers/client"
+import ServerProviders from "~/components/providers/server"
+
+const inter = Inter({ subsets: ["latin"], variable: "--font-sans" })
 
 const geistSans = Geist({
-  variable: "--font-geist-sans",
   subsets: ["latin"],
-});
+  variable: "--font-geist-sans",
+})
 
 const geistMono = Geist_Mono({
-  variable: "--font-geist-mono",
   subsets: ["latin"],
-});
+  variable: "--font-geist-mono",
+})
 
 export const metadata: Metadata = {
-  title: "Create Next App",
   description: "Generated by create next app",
-};
+  icons: { icon: "/favicons/favicon.ico" },
+  title: "Create Next App",
+}
 
 export default function RootLayout({
   auth,
   children,
 }: Readonly<{
-  auth: React.ReactNode;
-  children: React.ReactNode;
+  auth: React.ReactNode
+  children: React.ReactNode
 }>) {
   return (
-    <html lang="en" className={inter.variable}>
-      <Head>
-        <link
-          href="/favicons/favicon.ico"
-          rel="shortcut icon"
-          type="image/x-icon"
-        />
-      </Head>
-      <body
-        className={`${geistSans.variable} ${geistMono.variable} antialiased`}
-      >
+    <html className={inter.variable} lang="en" suppressHydrationWarning>
+      <body className={`${geistSans.variable} ${geistMono.variable} antialiased`}>
         <ServerProviders>
           <ClientProviders>
             {children}
@@ -49,5 +43,5 @@ export default function RootLayout({
         </ServerProviders>
       </body>
     </html>
-  );
+  )
 }

package/templates/nextjs/src/auth/client.tsx

@@ -2,10 +2,8 @@ import type { ReactNode } from "react";
 
 import { convexClient } from "@convex-dev/better-auth/client/plugins";
 import { AuthUIProvider } from "@daveyplate/better-auth-ui";
-import {
-  adminClient,
-  apiKeyClient,
-} from "better-auth/client/plugins";
+import { apiKeyClient } from "@better-auth/api-key/client";
+import { adminClient } from "better-auth/client/plugins";
 import { createAuthClient } from 'better-auth/react'
 import Link from "next/link";
 import { useRouter } from "next/navigation";

package/templates/nextjs/src/auth/permissions.ts

@@ -80,9 +80,9 @@ export function hasPermission<Resource extends keyof Permissions>({
   resource: Resource;
   user?: null | User;
 }): boolean {
-  if (!user?.role) { return false; }
+  if (!user?.roles) { return false; }
 
-  return user.role.some((role) => {
+  return user.roles.some((role) => {
     const permission = (ROLES as RolesWithPermissions)[role as UserRole][resource]?.[action]
 
     if (!permission) { return false }