gencow 0.1.63 → 0.1.65

package/bin/gencow.mjs

@@ -343,9 +343,26 @@ process.exit(0);
         let out = `/**\n * Generated by Gencow\n * Do not edit this file manually.\n */\n`;
         out += `import { defineQuery, defineMutation } from "@gencow/react";\n\n`;
 
-        // Add import statements for each namespace file
+        // Add import statements — 실제 파일 존재 여부 확인 후 import 경로 결정
+        // 네임스페이스별 파일(e.g. products.ts)이 있으면 개별 import,
+        // 없으면 단일 파일(index.ts) 프로젝트로 판단하여 index.ts에서 import
+        const nsFileMap = new Map();
         for (const ns of Object.keys(apiObj)) {
-            out += `import type * as ${ns} from "./${ns}.ts";\n`;
+            const nsFile = resolve(absoluteFunctions, `${ns}.ts`);
+            if (existsSync(nsFile)) {
+                nsFileMap.set(ns, `./${ns}.ts`);
+            }
+        }
+        const hasNamespaceFiles = nsFileMap.size > 0;
+
+        if (hasNamespaceFiles) {
+            for (const [ns, path] of nsFileMap) {
+                out += `import type * as ${ns} from "${path}";\n`;
+            }
+            // 네임스페이스 파일이 없는 namespace는 타입 생략 (typeof 참조 제거)
+        } else {
+            // 단일 파일 프로젝트 — index.ts에서 모든 export를 import
+            out += `import type * as _all from "./index.ts";\n`;
         }
 
         out += `\nexport const api = {\n`;
@@ -353,11 +370,24 @@ process.exit(0);
             out += `    ${ns}: {\n`;
             for (const q of fns.queries) {
                 const tsExport = q === "delete" ? "_delete" : q;
-                out += `        ${q}: defineQuery<typeof ${ns}.${tsExport}>("${ns}.${q}"),\n`;
+                if (hasNamespaceFiles && nsFileMap.has(ns)) {
+                    out += `        ${q}: defineQuery<typeof ${ns}.${tsExport}>("${ns}.${q}"),\n`;
+                } else if (!hasNamespaceFiles) {
+                    out += `        ${q}: defineQuery<typeof _all.${tsExport}>("${ns}.${q}"),\n`;
+                } else {
+                    // 네임스페이스 파일이 일부만 있고 이 ns에는 없는 경우
+                    out += `        ${q}: defineQuery("${ns}.${q}"),\n`;
+                }
             }
             for (const m of fns.mutations) {
                 const tsExport = m === "delete" ? "_delete" : m;
-                out += `        ${m}: defineMutation<typeof ${ns}.${tsExport}>("${ns}.${m}"),\n`;
+                if (hasNamespaceFiles && nsFileMap.has(ns)) {
+                    out += `        ${m}: defineMutation<typeof ${ns}.${tsExport}>("${ns}.${m}"),\n`;
+                } else if (!hasNamespaceFiles) {
+                    out += `        ${m}: defineMutation<typeof _all.${tsExport}>("${ns}.${m}"),\n`;
+                } else {
+                    out += `        ${m}: defineMutation("${ns}.${m}"),\n`;
+                }
             }
             out += `    },\n`;
         }
@@ -552,12 +582,13 @@ function generateReadmeMd(config, apiObj) {
     md += `### 백엔드에서 AI 호출\n\n`;
     md += `\`\`\`typescript\n`;
     md += `// gencow/ai.ts\n`;
-    md += `import { mutation } from "@gencow/core";\n\n`;
-    md += `export const chat = mutation({\n`;
-    md += `    handler: async (ctx, { message }) => {\n`;
+    md += `import { mutation, v } from "@gencow/core";\n\n`;
+    md += `export const chat = mutation("ai.chat", {\n`;
+    md += `    args: { message: v.string() },\n`;
+    md += `    handler: async (ctx, args) => {\n`;
     md += `        const result = await ctx.ai.chat({\n`;
     md += `            model: "gpt-4o-mini",  // 또는 "gpt-4o"\n`;
-    md += `            messages: [{ role: "user", content: message }],\n`;
+    md += `            messages: [{ role: "user", content: args.message }],\n`;
     md += `        });\n`;
     md += `        return result.text;\n`;
     md += `    },\n`;
@@ -880,7 +911,7 @@ const commands = {
 `);
         success("Created gencow.config.ts");
 
-        // 4.5. drizzle.config.ts (standalone db:generate에 필요)
+        // 4.5. drizzle.config.ts (Cloud-first: DATABASE_URL 있으면 Cloud DB, 없으면 --local PGlite)
         writeFileSync(resolve(projectDir, "drizzle.config.ts"),
             `import { defineConfig } from "drizzle-kit";
 
@@ -888,8 +919,9 @@ export default defineConfig({
     dialect: "postgresql",
     schema: ["./gencow/schema.ts", "./gencow/auth-schema.ts"],
     out: "./migrations",
-    driver: "pglite",
-    dbCredentials: { url: "./.gencow/data" },
+    ...(process.env.DATABASE_URL
+        ? { dbCredentials: { url: process.env.DATABASE_URL } }
+        : { driver: "pglite", dbCredentials: { url: "./.gencow/data" } }),
 });
 `);
         success("Created drizzle.config.ts");
@@ -3246,10 +3278,11 @@ process.exit(0);
             log(`
 ${BOLD}${CYAN}🚀 Gencow Cloud Dev${RESET}
 
-  ${GREEN}▸${RESET} App:      ${BOLD}${appName}${RESET}
-  ${GREEN}▸${RESET} URL:      ${DIM}${appUrl}${RESET}
-  ${GREEN}▸${RESET} Watching: ${DIM}${functionsDir}/ (${watchedFiles.join(", ") || "*.ts"})${RESET}
-  ${GREEN}▸${RESET} Mode:     ${DIM}Cloud (PostgreSQL)${RESET}
+  ${GREEN}▸${RESET} App:       ${BOLD}${appName}${RESET}
+  ${GREEN}▸${RESET} URL:       ${DIM}${appUrl}${RESET}
+  ${GREEN}▸${RESET} Dashboard: ${DIM}https://gencow.app/_cloud/apps/${appName}${RESET}
+  ${GREEN}▸${RESET} Watching:  ${DIM}${functionsDir}/ (${watchedFiles.join(", ") || "*.ts"})${RESET}
+  ${GREEN}▸${RESET} Mode:      ${DIM}Cloud (PostgreSQL)${RESET}
 
   ${DIM}Ctrl+C to stop${RESET}
 

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "gencow",
-    "version": "0.1.63",
+    "version": "0.1.65",
     "description": "Gencow — AI Backend Engine",
     "type": "module",
     "bin": {

package/server/index.js

@@ -72569,6 +72569,7 @@ async function main() {
   }
   const mutations = getRegisteredMutations();
   const mutationMap = new Map(mutations.map((m) => [m.name, m]));
+  const publicQueryWarned = /* @__PURE__ */ new Set();
   const apiRouter = new Hono2().post("/query", async (c) => {
     const body = await c.req.json().catch(() => ({}));
     const { name: name21, args } = body;
@@ -72585,6 +72586,13 @@ async function main() {
     try {
       const validatedArgs = parseArgs(queryDef.argsSchema, args);
       const result = await queryDef.handler(ctx, validatedArgs);
+      if (queryDef.isPublic && !IS_BAAS && Array.isArray(result) && result.length >= 100) {
+        if (!publicQueryWarned.has(name21)) {
+          publicQueryWarned.add(name21);
+          console.warn(`[gencow] \u26A0\uFE0F  "${name21}" (public) returned ${result.length} rows without pagination.`);
+          console.warn(`[gencow]    \u{1F4A1} Add .limit(100) to prevent full table scans. See SECURITY.md`);
+        }
+      }
       return c.json(result);
     } catch (err) {
       const status = err instanceof GencowValidationError ? 400 : 500;
@@ -72641,11 +72649,15 @@ async function main() {
     console.log(`[gencow] \u26A0\uFE0F  PUBLIC FUNCTIONS (no auth required):`);
     if (publicQueries.length > 0) {
       console.log(`[gencow]   queries:   ${publicQueries.join(", ")}`);
+      console.log(`[gencow]   \u{1F513} These queries return data WITHOUT authentication.`);
+      console.log(`[gencow]      Ensure no PII (personal data) is exposed.`);
+      console.log(`[gencow]      Add .limit() to prevent full table scans on large datasets.`);
     }
     if (publicMutations.length > 0) {
       console.log(`[gencow]   mutations: ${publicMutations.join(", ")}`);
     }
-    console.log(`[gencow]   \u2192 Use { public: true } only for intentionally open endpoints.`);
+    console.log(`[gencow]   \u2192 Remove { public: true } if auth is intended.`);
+    console.log(`[gencow]   \u2192 \u{1F4C4} gencow/SECURITY.md \uCC38\uACE0`);
   }
   console.log(`[gencow] \u{1F512} Secure by Default: ${protectedQueryCount} queries + ${protectedMutationCount} mutations require auth`);
   const _aiKey = process.env.OPENAI_API_KEY;