forgedev 1.3.0 → 1.4.1

package/templates/database/sqlalchemy-postgres/backend/alembic/env.py.template

@@ -1,40 +1,39 @@
-import asyncio
-from logging.config import fileConfig
-
-from alembic import context
-from sqlalchemy.ext.asyncio import create_async_engine
-
-from app.core.config import settings
-from app.db.base import Base
-
-config = context.config
-if config.config_file_name is not None:
-    fileConfig(config.config_file_name)
-
-target_metadata = Base.metadata
-
-
-def run_migrations_offline() -> None:
-    url = settings.database_url
-    context.configure(url=url, target_metadata=target_metadata, literal_binds=True)
-    with context.begin_transaction():
-        context.run_migrations()
-
-
-def do_run_migrations(connection):
-    context.configure(connection=connection, target_metadata=target_metadata)
-    with context.begin_transaction():
-        context.run_migrations()
-
-
-async def run_migrations_online() -> None:
-    connectable = create_async_engine(settings.database_url)
-    async with connectable.connect() as connection:
-        await connection.run_sync(do_run_migrations)
-    await connectable.dispose()
-
-
-if context.is_offline_mode():
-    run_migrations_offline()
-else:
-    asyncio.run(run_migrations_online())
+import asyncio
+from logging.config import fileConfig
+
+from alembic import context
+
+from app.core.config import settings
+from app.db.base import Base
+from app.db.session import engine
+
+config = context.config
+if config.config_file_name is not None:
+    fileConfig(config.config_file_name)
+
+target_metadata = Base.metadata
+
+
+def run_migrations_offline() -> None:
+    url = settings.database_url
+    context.configure(url=url, target_metadata=target_metadata, literal_binds=True)
+    with context.begin_transaction():
+        context.run_migrations()
+
+
+def do_run_migrations(connection):
+    context.configure(connection=connection, target_metadata=target_metadata)
+    with context.begin_transaction():
+        context.run_migrations()
+
+
+async def run_migrations_online() -> None:
+    async with engine.connect() as connection:
+        await connection.run_sync(do_run_migrations)
+    await engine.dispose()
+
+
+if context.is_offline_mode():
+    run_migrations_offline()
+else:
+    asyncio.run(run_migrations_online())

package/templates/database/sqlalchemy-postgres/backend/alembic.ini.template

@@ -1,36 +1,38 @@
-[alembic]
-script_location = alembic
-sqlalchemy.url = postgresql+asyncpg://postgres:postgres@localhost:5432/{{PROJECT_NAME_SNAKE}}
-
-[loggers]
-keys = root,sqlalchemy,alembic
-
-[handlers]
-keys = console
-
-[formatters]
-keys = generic
-
-[logger_root]
-level = WARN
-handlers = console
-
-[logger_sqlalchemy]
-level = WARN
-handlers =
-qualname = sqlalchemy.engine
-
-[logger_alembic]
-level = INFO
-handlers =
-qualname = alembic
-
-[handler_console]
-class = StreamHandler
-args = (sys.stderr,)
-level = NOTSET
-formatter = generic
-
-[formatter_generic]
-format = %(levelname)-5.5s [%(name)s] %(message)s
-datefmt = %H:%M:%S
+[alembic]
+script_location = alembic
+# Overridden at runtime by env.py — see app/db/session.py for connection config
+# Do not put real credentials here; env.py reads from settings.database_url
+sqlalchemy.url = driver://user:pass@localhost/dbname
+
+[loggers]
+keys = root,sqlalchemy,alembic
+
+[handlers]
+keys = console
+
+[formatters]
+keys = generic
+
+[logger_root]
+level = WARN
+handlers = console
+
+[logger_sqlalchemy]
+level = WARN
+handlers =
+qualname = sqlalchemy.engine
+
+[logger_alembic]
+level = INFO
+handlers =
+qualname = alembic
+
+[handler_console]
+class = StreamHandler
+args = (sys.stderr,)
+level = NOTSET
+formatter = generic
+
+[formatter_generic]
+format = %(levelname)-5.5s [%(name)s] %(message)s
+datefmt = %H:%M:%S

package/templates/database/sqlalchemy-postgres/backend/app/db/session.py.template

@@ -1,48 +1,50 @@
-import asyncio
-import logging
-
-from sqlalchemy.ext.asyncio import AsyncSession, async_sessionmaker, create_async_engine
-
-from app.core.config import settings
-
-logger = logging.getLogger(__name__)
-
-engine = create_async_engine(
-    settings.database_url,
-    echo=settings.debug,
-    pool_size=5,
-    max_overflow=10,
-    pool_pre_ping=True,
-)
-
-async_session = async_sessionmaker(engine, class_=AsyncSession, expire_on_commit=False)
-
-
-async def connect_with_retry(
-    engine, max_retries: int = 3, base_delay: float = 1.0
-) -> None:
-    """Attempt database connection with exponential backoff."""
-    for attempt in range(1, max_retries + 1):
-        try:
-            async with engine.connect() as conn:
-                await conn.execute(
-                    __import__("sqlalchemy").text("SELECT 1")
-                )
-            logger.info("Database connected successfully")
-            return
-        except Exception as e:
-            if attempt == max_retries:
-                logger.error(f"Database connection failed after {max_retries} attempts: {e}")
-                raise
-            delay = base_delay * (2 ** (attempt - 1))
-            logger.warning(
-                f"Database connection attempt {attempt}/{max_retries} failed. "
-                f"Retrying in {delay:.1f}s..."
-            )
-            await asyncio.sleep(delay)
-
-
-async def get_db():
-    """Dependency for FastAPI endpoints."""
-    async with async_session() as session:
-        yield session
+import asyncio
+import logging
+
+from sqlalchemy import text
+from sqlalchemy.ext.asyncio import AsyncSession, async_sessionmaker, create_async_engine
+
+from app.core.config import settings
+
+logger = logging.getLogger(__name__)
+
+engine = create_async_engine(
+    settings.database_url,
+    echo=settings.debug,
+    pool_size=5,
+    max_overflow=10,
+    pool_pre_ping=True,
+    pool_recycle=300,  # Recycle connections before cloud provider timeout
+)
+
+async_session = async_sessionmaker(engine, class_=AsyncSession, expire_on_commit=False)
+
+
+async def connect_with_retry(
+    engine, max_retries: int = 3, base_delay: float = 1.0
+) -> None:
+    """Attempt database connection with exponential backoff."""
+    for attempt in range(1, max_retries + 1):
+        try:
+            async with engine.connect() as conn:
+                await conn.execute(
+                    text("SELECT 1")
+                )
+            logger.info("Database connected successfully")
+            return
+        except Exception as e:
+            if attempt == max_retries:
+                logger.error(f"Database connection failed after {max_retries} attempts: {e}")
+                raise
+            delay = base_delay * (2 ** (attempt - 1))
+            logger.warning(
+                f"Database connection attempt {attempt}/{max_retries} failed. "
+                f"Retrying in {delay:.1f}s..."
+            )
+            await asyncio.sleep(delay)
+
+
+async def get_db():
+    """Dependency for FastAPI endpoints."""
+    async with async_session() as session:
+        yield session

package/templates/frontend/nextjs/package.json.template

@@ -1,43 +1,45 @@
-{
-  "name": "{{PROJECT_NAME}}",
-  "version": "0.1.0",
-  "private": true,
-  "scripts": {
-    "dev": "next dev",
-    "build": "next build",
-    "start": "next start",
-    "lint": "eslint .",
-    "typecheck": "tsc --noEmit",
-    "test": "vitest run",
-    "test:watch": "vitest",
-    "test:e2e": "playwright test",
-    "db:push": "prisma db push",
-    "db:studio": "prisma studio",
-    "db:generate": "prisma generate"
-  },
-  "dependencies": {
-    "next": "^15.3.0",
-    "react": "^19.1.0",
-    "react-dom": "^19.1.0",
-    "@prisma/client": "^6.6.0",
-    "clsx": "^2.1.1",
-    "tailwind-merge": "^3.2.0",
-    "react-markdown": "^9.0.3",
-    "remark-gfm": "^4.0.0"
-  },
-  "devDependencies": {
-    "typescript": "^5.8.3",
-    "@types/node": "^22.14.0",
-    "@types/react": "^19.1.0",
-    "@types/react-dom": "^19.1.0",
-    "tailwindcss": "^4.1.3",
-    "@tailwindcss/postcss": "^4.1.3",
-    "postcss": "^8.5.3",
-    "eslint": "^9.25.0",
-    "eslint-config-next": "^15.3.0",
-    "prisma": "^6.6.0",
-    "vitest": "^3.1.1",
-    "@playwright/test": "^1.52.0",
-    "@testing-library/react": "^16.3.0"
-  }
-}
+{
+  "name": "{{PROJECT_NAME}}",
+  "version": "0.1.0",
+  "private": true,
+  "scripts": {
+    "dev": "next dev",
+    "build": "next build",
+    "start": "next start",
+    "lint": "eslint .",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "test:e2e": "playwright test",
+    "db:push": "prisma db push",
+    "db:migrate": "prisma migrate dev",
+    "db:migrate:deploy": "prisma migrate deploy",
+    "db:studio": "prisma studio",
+    "db:generate": "prisma generate"
+  },
+  "dependencies": {
+    "next": "^15.3.0",
+    "react": "^19.1.0",
+    "react-dom": "^19.1.0",
+    "@prisma/client": "^6.6.0",
+    "clsx": "^2.1.1",
+    "tailwind-merge": "^3.2.0",
+    "react-markdown": "^9.0.3",
+    "remark-gfm": "^4.0.0"
+  },
+  "devDependencies": {
+    "typescript": "^5.8.3",
+    "@types/node": "^22.14.0",
+    "@types/react": "^19.1.0",
+    "@types/react-dom": "^19.1.0",
+    "tailwindcss": "^4.1.3",
+    "@tailwindcss/postcss": "^4.1.3",
+    "postcss": "^8.5.3",
+    "eslint": "^9.25.0",
+    "eslint-config-next": "^15.3.0",
+    "prisma": "^6.6.0",
+    "vitest": "^3.1.1",
+    "@playwright/test": "^1.52.0",
+    "@testing-library/react": "^16.3.0"
+  }
+}

package/templates/frontend/remix/package.json.template

@@ -1,39 +1,41 @@
-{
-  "name": "{{PROJECT_NAME}}",
-  "version": "0.1.0",
-  "private": true,
-  "type": "module",
-  "scripts": {
-    "dev": "remix vite:dev",
-    "build": "remix vite:build",
-    "start": "remix-serve ./build/server/index.js",
-    "lint": "eslint .",
-    "typecheck": "tsc --noEmit",
-    "test": "vitest run",
-    "test:watch": "vitest",
-    "db:push": "prisma db push",
-    "db:studio": "prisma studio",
-    "db:generate": "prisma generate"
-  },
-  "dependencies": {
-    "@remix-run/node": "^2.16.0",
-    "@remix-run/react": "^2.16.0",
-    "@remix-run/serve": "^2.16.0",
-    "react": "^19.1.0",
-    "react-dom": "^19.1.0",
-    "isbot": "^5.1.0",
-    "@prisma/client": "^6.6.0"
-  },
-  "devDependencies": {
-    "@remix-run/dev": "^2.16.0",
-    "typescript": "^5.8.3",
-    "@types/react": "^19.1.0",
-    "@types/react-dom": "^19.1.0",
-    "vite": "^6.3.0",
-    "tailwindcss": "^4.1.3",
-    "@tailwindcss/vite": "^4.1.3",
-    "eslint": "^9.25.0",
-    "prisma": "^6.6.0",
-    "vitest": "^3.1.1"
-  }
-}
+{
+  "name": "{{PROJECT_NAME}}",
+  "version": "0.1.0",
+  "private": true,
+  "type": "module",
+  "scripts": {
+    "dev": "remix vite:dev",
+    "build": "remix vite:build",
+    "start": "remix-serve ./build/server/index.js",
+    "lint": "eslint .",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "db:push": "prisma db push",
+    "db:migrate": "prisma migrate dev",
+    "db:migrate:deploy": "prisma migrate deploy",
+    "db:studio": "prisma studio",
+    "db:generate": "prisma generate"
+  },
+  "dependencies": {
+    "@remix-run/node": "^2.16.0",
+    "@remix-run/react": "^2.16.0",
+    "@remix-run/serve": "^2.16.0",
+    "react": "^19.1.0",
+    "react-dom": "^19.1.0",
+    "isbot": "^5.1.0",
+    "@prisma/client": "^6.6.0"
+  },
+  "devDependencies": {
+    "@remix-run/dev": "^2.16.0",
+    "typescript": "^5.8.3",
+    "@types/react": "^19.1.0",
+    "@types/react-dom": "^19.1.0",
+    "vite": "^6.3.0",
+    "tailwindcss": "^4.1.3",
+    "@tailwindcss/vite": "^4.1.3",
+    "eslint": "^9.25.0",
+    "prisma": "^6.6.0",
+    "vitest": "^3.1.1"
+  }
+}

package/templates/infra/docker/.dockerignore.template

@@ -0,0 +1,16 @@
+node_modules
+npm-debug.log*
+.git
+.gitignore
+.env
+.env.*
+*.md
+!README.md
+tests
+coverage
+.nyc_output
+.vscode
+.idea
+.claude
+docs
+dist

package/templates/infra/docker-compose/docker-compose.yml.template

@@ -1,19 +1,22 @@
-services:
-  postgres:
-    image: postgres:17-alpine
-    environment:
-      POSTGRES_DB: {{PROJECT_NAME_SNAKE}}
-      POSTGRES_USER: postgres
-      POSTGRES_PASSWORD: postgres
-    ports:
-      - "5432:5432"
-    volumes:
-      - postgres_data:/var/lib/postgresql/data
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U postgres"]
-      interval: 5s
-      timeout: 5s
-      retries: 5
-
-volumes:
-  postgres_data:
+# WARNING: Default credentials below are for local development only.
+# For production, use secrets management (e.g. Docker secrets, Vault, or env vars).
+services:
+  postgres:
+    image: postgres:17-alpine
+    shm_size: '256mb'
+    environment:
+      POSTGRES_DB: {{PROJECT_NAME_SNAKE}}
+      POSTGRES_USER: ${POSTGRES_USER:-postgres}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres}
+    ports:
+      - "5432:5432"
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-postgres}"]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+
+volumes:
+  postgres_data:

package/templates/infra/github-actions/.github/workflows/ci.yml.template

@@ -1,52 +1,61 @@
-name: CI
-
-on:
-  push:
-    branches: [main]
-  pull_request:
-    branches: [main]
-
-jobs:
-  lint-and-test:
-    runs-on: ubuntu-latest
-
-    services:
-      postgres:
-        image: postgres:17-alpine
-        env:
-          POSTGRES_DB: {{PROJECT_NAME_SNAKE}}
-          POSTGRES_USER: postgres
-          POSTGRES_PASSWORD: postgres
-        ports:
-          - 5432:5432
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: '22'
-          cache: 'npm'
-
-      - name: Install dependencies
-        run: npm ci
-
-      - name: Lint
-        run: {{LINT_COMMAND}}
-
-      - name: Type check
-        run: {{TYPE_CHECK_COMMAND}}
-
-      - name: Build
-        run: {{BUILD_COMMAND}}
-
-      - name: Test
-        run: {{TEST_COMMAND}}
-        env:
-          DATABASE_URL: postgresql://postgres:postgres@localhost:5432/{{PROJECT_NAME_SNAKE}}
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  lint-and-test:
+    runs-on: ubuntu-latest
+
+    services:
+      postgres:
+        image: postgres:17-alpine
+        env:
+          POSTGRES_DB: {{PROJECT_NAME_SNAKE}}
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Lint
+        run: {{LINT_COMMAND}}
+
+      - name: Type check
+        run: {{TYPE_CHECK_COMMAND}}
+
+      - name: Build
+        run: {{BUILD_COMMAND}}
+
+      - name: Test
+        run: {{TEST_COMMAND}}
+        env:
+          DATABASE_URL: postgresql://postgres:postgres@localhost:5432/{{PROJECT_NAME_SNAKE}}
+
+      - name: Security audit (npm)
+        run: npm audit --audit-level=high
+        continue-on-error: true
+
+      - name: Security audit (pip)
+        if: hashFiles('**/requirements.txt') != ''
+        run: pip install pip-audit && pip-audit -r requirements.txt
+        continue-on-error: true