generatesaas 1.2.1 → 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js CHANGED
@@ -1,17 +1,17 @@
1
1
  #!/usr/bin/env node
2
- import{Command as Qo}from"commander";import*as En from"@clack/prompts";import{existsSync as Ao,readdirSync as ko,rmSync as Po}from"fs";import{join as _o,resolve as Ro}from"path";import{Option as j}from"commander";import*as E from"@clack/prompts";import*as Be from"@clack/prompts";import vt from"picocolors";function Ft(e){let t=e?` GenerateSaaS v${e} `:" GenerateSaaS ";Be.intro(vt.bgYellow(vt.black(t)))}function Bt(){Be.outro(vt.yellow("Happy building!"))}import*as u from"@clack/prompts";import f from"picocolors";var Oe={nextjs:{label:"Next.js",hint:"React 19 + Next.js 16"},nuxt:{label:"Nuxt",hint:"Vue 3 + Nuxt 4"}},De={fullstack:{label:"Fullstack",hint:"Frontend hosts the API \u2014 works on serverless or long-running"},separate:{label:"Separate",hint:"Standalone Hono backend \u2014 long-running runtimes only (Docker, Render, Fly.io, Railway, Coolify, Dokploy)"}},Ge={stripe:{label:"Stripe"},polar:{label:"Polar"},none:{label:"None",hint:"disable payments"}},Ke={smtp:{label:"SMTP",hint:"Mailpit for local dev"},ses:{label:"Amazon SES"},resend:{label:"Resend"}},ze={user:{label:"Per user",hint:"each user has their own subscription"},organization:{label:"Per organization",hint:"org subscription shared by members"}},ye={postgres:{label:"PostgreSQL",hint:"port 5432",port:5432},redis:{label:"Redis",hint:"port 6379",port:6379},inngest:{label:"Inngest",hint:"port 8288",port:8288},mailpit:{label:"Mailpit",hint:"port 1025",port:1025}},xe={"claude-code":{label:"Claude Code"},cursor:{label:"Cursor"},codex:{label:"Codex"},"gemini-cli":{label:"Gemini CLI"},windsurf:{label:"Windsurf"}};var ie={USD:{symbol:"$",name:"US Dollar",place:"left",space:!1},EUR:{symbol:"\u20AC",name:"Euro",place:"right",space:!1},GBP:{symbol:"\xA3",name:"British Pound",place:"left",space:!1},CAD:{symbol:"CA$",name:"Canadian Dollar",place:"left",space:!1},AUD:{symbol:"A$",name:"Australian Dollar",place:"left",space:!1},BRL:{symbol:"R$",name:"Brazilian Real",place:"left",space:!1},JPY:{symbol:"\xA5",name:"Japanese Yen",place:"left",space:!1}};var F={node:{label:"Node.js / Docker",hint:"long-running runtime \u2014 Render, Fly.io, Railway, Coolify, Dokploy, VPS",edgeRuntime:!1},vercel:{label:"Vercel",hint:"serverless functions",edgeRuntime:!0}},x={postgres:{label:"PostgreSQL (self-hosted)",hint:"local Docker, drizzle-orm/node-postgres",managed:!1,envVars:[{key:"DATABASE_URL",defaultValue:"postgres://postgres:postgres@localhost:5432/saas"}]},neon:{label:"Neon",hint:"serverless Postgres",managed:!0,envVars:[{key:"DATABASE_URL",comment:"# TODO: Add your Neon connection string"}]},supabase:{label:"Supabase",hint:"managed Postgres",managed:!0,envVars:[{key:"DATABASE_URL",comment:"# TODO: Add your Supabase connection string"}]}},B={redis:{label:"Redis (self-hosted)",hint:"local Docker, ioredis",managed:!1,envVars:[{key:"REDIS_URL",defaultValue:"redis://localhost:6379"}]},upstash:{label:"Upstash",hint:"serverless Redis",managed:!0,envVars:[{key:"UPSTASH_REDIS_REST_URL",comment:"# TODO: Add your Upstash REST URL"},{key:"UPSTASH_REDIS_REST_TOKEN",comment:"# TODO: Add your Upstash REST token"}]}},Ce=[{target:"vercel",provider:"redis",reason:"Vercel serverless cannot maintain persistent Redis connections. Consider Upstash."}],Ne=[{architecture:"separate",target:"vercel",reason:"Standalone backends need a long-running runtime. Vercel's per-function TypeScript check conflicts with pnpm's isolated install. Use --architecture fullstack for serverless, or deploy the standalone backend to a long-running runtime (Render, Fly.io, Railway, Coolify, Dokploy, or your own VPS via Docker)."}],Gt=["Local file storage (sharp, geoip-lite)","SMTP email (use Resend or SES instead)","Content API git integration"];function He(e){let t=x[e.databaseProvider].managed,r=B[e.cacheProvider].managed;return e.dockerServices.some(i=>!(i==="postgres"&&t||i==="redis"&&r))}var Y={google:{label:"Google",envVars:[{name:"GOOGLE_CLIENT_ID",secret:!1},{name:"GOOGLE_CLIENT_SECRET",secret:!0}]},github:{label:"GitHub",envVars:[{name:"GITHUB_CLIENT_ID",secret:!1},{name:"GITHUB_CLIENT_SECRET",secret:!0}]},facebook:{label:"Facebook",envVars:[{name:"FACEBOOK_CLIENT_ID",secret:!1},{name:"FACEBOOK_CLIENT_SECRET",secret:!0}]},discord:{label:"Discord",envVars:[{name:"DISCORD_CLIENT_ID",secret:!1},{name:"DISCORD_CLIENT_SECRET",secret:!0}]},x:{label:"X",envVars:[{name:"TWITTER_CLIENT_ID",secret:!1},{name:"TWITTER_CLIENT_SECRET",secret:!0}]}};var Le=["nextjs","nuxt"],Ye=["fullstack","separate"],Je=["stripe","polar","none"],qe=["smtp","ses","resend"],We=["postgres","redis","inngest","mailpit"],Xe=["claude-code","cursor","codex","gemini-cli","windsurf"],Ze=["user","organization"],oe=["USD","EUR","GBP","CAD","AUD","BRL","JPY"],se=["node","vercel"],ae=["postgres","neon","supabase"],ce=["redis","upstash"],Qe=["google","github","facebook","discord","x"];function et(e){return e.split("-").map(t=>t.charAt(0).toUpperCase()+t.slice(1)).join(" ")}function tt(e){return/^[a-z][a-z0-9-]*$/.test(e)}function I(e){return e instanceof Error?e.message:String(e)}function w(e){u.isCancel(e)&&(u.cancel("Setup cancelled."),process.exit(0))}function St(e){let t=[];e.databaseProvider==="neon"&&t.push({key:"DATABASE_URL",message:"Neon connection string (optional):",placeholder:"postgres://...",secret:!0}),e.databaseProvider==="supabase"&&t.push({key:"DATABASE_URL",message:"Supabase connection string (optional):",placeholder:"postgres://...",secret:!0}),e.cacheProvider==="upstash"&&(t.push({key:"UPSTASH_REDIS_REST_URL",message:"Upstash REST URL (optional):",placeholder:"https://...",secret:!1}),t.push({key:"UPSTASH_REDIS_REST_TOKEN",message:"Upstash REST token (optional):",secret:!0})),e.paymentProvider==="stripe"&&(t.push({key:"STRIPE_SECRET_KEY",message:"Stripe secret key (optional):",placeholder:"sk_test_...",secret:!0}),t.push({key:"STRIPE_WEBHOOK_SECRET",message:"Stripe webhook secret (optional):",placeholder:"whsec_...",secret:!0})),e.paymentProvider==="polar"&&(t.push({key:"POLAR_ACCESS_TOKEN",message:"Polar access token (optional):",secret:!0}),t.push({key:"POLAR_WEBHOOK_SECRET",message:"Polar webhook secret (optional):",secret:!0})),e.emailProvider==="resend"&&t.push({key:"RESEND_API_KEY",message:"Resend API key (optional):",placeholder:"re_...",secret:!0}),e.emailProvider==="ses"&&(t.push({key:"AMAZON_SES_REGION",message:"Amazon SES region (optional):",placeholder:"us-east-1",secret:!1}),t.push({key:"AMAZON_SES_KEY",message:"Amazon SES access key (optional):",secret:!0}),t.push({key:"AMAZON_SES_SECRET",message:"Amazon SES secret (optional):",secret:!0}));for(let r of e.socialProviders){let i=Y[r];for(let n of i.envVars)t.push({key:n.name,message:`${n.name} (${i.label}, optional):`,secret:n.secret})}return e.demo&&t.push({key:"TURNSTILE_SECRET_KEY",message:"Cloudflare Turnstile secret key (optional):",secret:!0}),t}async function Kt(e){let t=!1;u.log.info(f.bold("Project"));let r=e?.projectName??await(async()=>{t=!0;let c=await u.text({message:"Project name:",placeholder:"my-saas",validate:p=>{if(!p?.trim())return"Project name is required.";if(!tt(p))return"Use lowercase letters, numbers, and hyphens only. Must start with a letter."}});return w(c),c})(),i=e?.appName??await(async()=>{t=!0;let c=await u.text({message:"App name:",initialValue:et(r),validate:p=>{if(!p?.trim())return"App name is required."}});return w(c),c})(),n=e?.projectDir??await(async()=>{t=!0;let c=await u.text({message:"Project location:",initialValue:`./${r}`});return w(c),c==="."?process.cwd():c})(),o=e?.frontend??await(async()=>{t=!0;let c=Object.keys(Oe),p=await u.select({message:"Frontend framework:",options:c.map(y=>({value:y,label:Oe[y].label,hint:Oe[y].hint}))});return w(p),p})();u.log.info(f.bold("Infrastructure"));let s=e?.deploymentTarget??"node";if(e?.deploymentTarget===void 0){t=!0;let c=await u.select({message:"Deployment target:",options:se.map(p=>({value:p,label:F[p].label,hint:F[p].hint}))});w(c),s=c}let a=e?.architecture?Ne.find(c=>c.architecture===e.architecture&&c.target===s):void 0;if(a)throw new Error(`Incompatible: --architecture ${a.architecture} + --deploy ${a.target}. ${a.reason}`);let d=new Set(Ne.filter(c=>c.target===s).map(c=>c.architecture)),h=Ye.filter(c=>!d.has(c)),g=e?.architecture??await(async()=>{if(h.length===1){let p=h[0];return u.log.info(`Auto-selected ${De[p].label} architecture (only compatible option for ${F[s].label}).`),p}t=!0;let c=await u.select({message:"Architecture:",options:h.map(p=>({value:p,label:De[p].label,hint:De[p].hint}))});return w(c),c})(),m=e?.databaseProvider??await(async()=>{t=!0;let c=ae.filter(y=>!Ce.some(O=>O.target===s&&O.provider===y));if(c.length===1){let y=c[0];return u.log.info(`Auto-selected ${x[y].label} (only compatible option for ${F[s].label}).`),y}let p=await u.select({message:"Database provider:",options:c.map(y=>({value:y,label:x[y].label,hint:x[y].hint}))});return w(p),p})(),v=e?.cacheProvider??await(async()=>{t=!0;let c=ce.filter(y=>!Ce.some(O=>O.target===s&&O.provider===y));if(c.length===1){let y=c[0];return u.log.info(`Auto-selected ${B[y].label} (only compatible option for ${F[s].label}).`),y}let p=await u.select({message:"Cache provider:",options:c.map(y=>({value:y,label:B[y].label,hint:B[y].hint}))});return w(p),p})();if(F[s]?.edgeRuntime){let c=Gt.map(p=>` - ${p}`).join(`
3
- `);u.note(c,"Unavailable on edge runtime")}u.log.info(f.bold("Features"));let b=e?.paymentProvider??await(async()=>{t=!0;let c=await u.select({message:"Payment provider:",options:Je.map(p=>({value:p,label:Ge[p].label,hint:Ge[p].hint}))});return w(c),c})(),H=e?.defaultCurrency??await(async()=>{if(b==="none")return"USD";t=!0;let c=await u.select({message:"Default currency:",options:oe.map(p=>({value:p,label:p,hint:ie[p].name}))});return w(c),c})(),R=e?.emailProvider??await(async()=>{t=!0;let c=await u.select({message:"Email provider:",options:qe.map(p=>({value:p,label:Ke[p].label,hint:Ke[p].hint}))});return w(c),c})(),te=e?.multiTenancy??await(async()=>{t=!0;let c=await u.confirm({message:"Enable multi-tenancy (organizations)?",initialValue:!1});return w(c),c})(),re=e?.billingScope??"user";if(te&&e?.billingScope===void 0){t=!0;let c=await u.select({message:"Billing scope:",options:Ze.map(p=>({value:p,label:ze[p].label,hint:ze[p].hint}))});w(c),re=c}let A=e?.blog??await(async()=>{t=!0;let c=await u.confirm({message:"Enable blog?",initialValue:!0});return w(c),c})(),S=e?.docs??await(async()=>{t=!0;let c=await u.confirm({message:"Include docs app? (self-hosted Fumadocs documentation site)",initialValue:!1});return w(c),c})(),P=e?.revenueSharing??await(async()=>{t=!0;let c=await u.confirm({message:"Enable revenue sharing? (opt-in MRR leaderboard with dofollow backlinks)",initialValue:!1});return w(c),c})(),_e=b==="none"?!1:e?.credits??await(async()=>{t=!0;let c=await u.confirm({message:"Enable credits? (metered usage on top of subscription plans)",initialValue:!0});return w(c),c})(),he=e?.socialProviders??await(async()=>{t=!0;let c=Qe.map(y=>({value:y,label:Y[y].label,hint:`requires ${Y[y].envVars.map(O=>O.name).join(" / ")}`})),p=await u.multiselect({message:"Which social login providers should the sign-in screen show?",options:c,initialValues:[],required:!1});return w(p),p})();u.log.info(f.bold("Tooling"));let gt=e?.dockerServices??await(async()=>{t=!0;let c=[...We].filter(D=>D!=="mailpit");R==="smtp"&&c.push("mailpit");let p=c.map(D=>({value:D,label:ye[D].label,hint:ye[D].hint})),y=p.map(D=>D.value).filter(D=>!(D==="postgres"&&(m==="neon"||m==="supabase")||D==="redis"&&v==="upstash")),O=await u.multiselect({message:"Which services should we set up in Docker for you?",options:p,initialValues:y,required:!1});return w(O),O})(),ht=e?.aiTools??await(async()=>{t=!0;let c=Xe.map(y=>({value:y,label:xe[y].label})),p=await u.multiselect({message:"Which AI coding tools do you use?",options:c,initialValues:[],required:!1});return w(p),p})(),yt=e?.demo,Fe=St({databaseProvider:m,cacheProvider:v,paymentProvider:b,emailProvider:R,socialProviders:he,demo:yt}),Re={};if(Fe.length>0&&t){u.log.info(f.bold("Credentials")+f.dim(" all optional \u2014 press Enter to skip, fill in .env later"));for(let c of Fe)if(t=!0,c.secret){let p=await u.password({message:c.message,mask:"*"});w(p),typeof p=="string"&&p.trim()&&(Re[c.key]=p.trim())}else{let p=await u.text({message:c.message,placeholder:c.placeholder});w(p),typeof p=="string"&&p.trim()&&(Re[c.key]=p.trim())}}if(t){let c=[` Name: ${f.cyan(r)}`,` App name: ${f.cyan(i)}`,` Location: ${f.cyan(n)}`,` Frontend: ${f.cyan(Oe[o].label)}`,` Architecture: ${f.cyan(De[g].label)}`].join(`
2
+ import{Command as Qo}from"commander";import*as En from"@clack/prompts";import{existsSync as Ao,readdirSync as ko,rmSync as Po}from"fs";import{join as _o,resolve as Ro}from"path";import{Option as j}from"commander";import*as E from"@clack/prompts";import*as Be from"@clack/prompts";import vt from"picocolors";function Ft(e){let t=e?` GenerateSaaS v${e} `:" GenerateSaaS ";Be.intro(vt.bgYellow(vt.black(t)))}function Bt(){Be.outro(vt.yellow("Happy building!"))}import*as u from"@clack/prompts";import f from"picocolors";var Oe={nextjs:{label:"Next.js",hint:"React 19 + Next.js 16"},nuxt:{label:"Nuxt",hint:"Vue 3 + Nuxt 4"}},De={fullstack:{label:"Fullstack",hint:"Frontend hosts the API - works on serverless or long-running"},separate:{label:"Separate",hint:"Standalone Hono backend - long-running runtimes only (Docker, Render, Fly.io, Railway, Coolify, Dokploy)"}},Ge={stripe:{label:"Stripe"},polar:{label:"Polar"},none:{label:"None",hint:"disable payments"}},Ke={smtp:{label:"SMTP",hint:"Mailpit for local dev"},ses:{label:"Amazon SES"},resend:{label:"Resend"}},ze={user:{label:"Per user",hint:"each user has their own subscription"},organization:{label:"Per organization",hint:"org subscription shared by members"}},ye={postgres:{label:"PostgreSQL",hint:"port 5432",port:5432},redis:{label:"Redis",hint:"port 6379",port:6379},inngest:{label:"Inngest",hint:"port 8288",port:8288},mailpit:{label:"Mailpit",hint:"port 1025",port:1025}},xe={"claude-code":{label:"Claude Code"},cursor:{label:"Cursor"},codex:{label:"Codex"},"gemini-cli":{label:"Gemini CLI"},windsurf:{label:"Windsurf"}};var ie={USD:{symbol:"$",name:"US Dollar",place:"left",space:!1},EUR:{symbol:"\u20AC",name:"Euro",place:"right",space:!1},GBP:{symbol:"\xA3",name:"British Pound",place:"left",space:!1},CAD:{symbol:"CA$",name:"Canadian Dollar",place:"left",space:!1},AUD:{symbol:"A$",name:"Australian Dollar",place:"left",space:!1},BRL:{symbol:"R$",name:"Brazilian Real",place:"left",space:!1},JPY:{symbol:"\xA5",name:"Japanese Yen",place:"left",space:!1}};var F={node:{label:"Node.js / Docker",hint:"long-running runtime - Render, Fly.io, Railway, Coolify, Dokploy, VPS",edgeRuntime:!1},vercel:{label:"Vercel",hint:"serverless functions",edgeRuntime:!0}},x={postgres:{label:"PostgreSQL (self-hosted)",hint:"local Docker, drizzle-orm/node-postgres",managed:!1,envVars:[{key:"DATABASE_URL",defaultValue:"postgres://postgres:postgres@localhost:5432/saas"}]},neon:{label:"Neon",hint:"serverless Postgres",managed:!0,envVars:[{key:"DATABASE_URL",comment:"# TODO: Add your Neon connection string"}]},supabase:{label:"Supabase",hint:"managed Postgres",managed:!0,envVars:[{key:"DATABASE_URL",comment:"# TODO: Add your Supabase connection string"}]}},B={redis:{label:"Redis (self-hosted)",hint:"local Docker, ioredis",managed:!1,envVars:[{key:"REDIS_URL",defaultValue:"redis://localhost:6379"}]},upstash:{label:"Upstash",hint:"serverless Redis",managed:!0,envVars:[{key:"UPSTASH_REDIS_REST_URL",comment:"# TODO: Add your Upstash REST URL"},{key:"UPSTASH_REDIS_REST_TOKEN",comment:"# TODO: Add your Upstash REST token"}]}},Ce=[{target:"vercel",provider:"redis",reason:"Vercel serverless cannot maintain persistent Redis connections. Consider Upstash."}],Ne=[{architecture:"separate",target:"vercel",reason:"Standalone backends need a long-running runtime. Vercel's per-function TypeScript check conflicts with pnpm's isolated install. Use --architecture fullstack for serverless, or deploy the standalone backend to a long-running runtime (Render, Fly.io, Railway, Coolify, Dokploy, or your own VPS via Docker)."}],Gt=["Local file storage (sharp, geoip-lite)","SMTP email (use Resend or SES instead)","Content API git integration"];function He(e){let t=x[e.databaseProvider].managed,r=B[e.cacheProvider].managed;return e.dockerServices.some(i=>!(i==="postgres"&&t||i==="redis"&&r))}var Y={google:{label:"Google",envVars:[{name:"GOOGLE_CLIENT_ID",secret:!1},{name:"GOOGLE_CLIENT_SECRET",secret:!0}]},github:{label:"GitHub",envVars:[{name:"GITHUB_CLIENT_ID",secret:!1},{name:"GITHUB_CLIENT_SECRET",secret:!0}]},facebook:{label:"Facebook",envVars:[{name:"FACEBOOK_CLIENT_ID",secret:!1},{name:"FACEBOOK_CLIENT_SECRET",secret:!0}]},discord:{label:"Discord",envVars:[{name:"DISCORD_CLIENT_ID",secret:!1},{name:"DISCORD_CLIENT_SECRET",secret:!0}]},x:{label:"X",envVars:[{name:"TWITTER_CLIENT_ID",secret:!1},{name:"TWITTER_CLIENT_SECRET",secret:!0}]}};var Le=["nextjs","nuxt"],Ye=["fullstack","separate"],Je=["stripe","polar","none"],qe=["smtp","ses","resend"],We=["postgres","redis","inngest","mailpit"],Xe=["claude-code","cursor","codex","gemini-cli","windsurf"],Ze=["user","organization"],oe=["USD","EUR","GBP","CAD","AUD","BRL","JPY"],se=["node","vercel"],ae=["postgres","neon","supabase"],ce=["redis","upstash"],Qe=["google","github","facebook","discord","x"];function et(e){return e.split("-").map(t=>t.charAt(0).toUpperCase()+t.slice(1)).join(" ")}function tt(e){return/^[a-z][a-z0-9-]*$/.test(e)}function I(e){return e instanceof Error?e.message:String(e)}function w(e){u.isCancel(e)&&(u.cancel("Setup cancelled."),process.exit(0))}function St(e){let t=[];e.databaseProvider==="neon"&&t.push({key:"DATABASE_URL",message:"Neon connection string (optional):",placeholder:"postgres://...",secret:!0}),e.databaseProvider==="supabase"&&t.push({key:"DATABASE_URL",message:"Supabase connection string (optional):",placeholder:"postgres://...",secret:!0}),e.cacheProvider==="upstash"&&(t.push({key:"UPSTASH_REDIS_REST_URL",message:"Upstash REST URL (optional):",placeholder:"https://...",secret:!1}),t.push({key:"UPSTASH_REDIS_REST_TOKEN",message:"Upstash REST token (optional):",secret:!0})),e.paymentProvider==="stripe"&&(t.push({key:"STRIPE_SECRET_KEY",message:"Stripe secret key (optional):",placeholder:"sk_test_...",secret:!0}),t.push({key:"STRIPE_WEBHOOK_SECRET",message:"Stripe webhook secret (optional):",placeholder:"whsec_...",secret:!0})),e.paymentProvider==="polar"&&(t.push({key:"POLAR_ACCESS_TOKEN",message:"Polar access token (optional):",secret:!0}),t.push({key:"POLAR_WEBHOOK_SECRET",message:"Polar webhook secret (optional):",secret:!0})),e.emailProvider==="resend"&&t.push({key:"RESEND_API_KEY",message:"Resend API key (optional):",placeholder:"re_...",secret:!0}),e.emailProvider==="ses"&&(t.push({key:"AMAZON_SES_REGION",message:"Amazon SES region (optional):",placeholder:"us-east-1",secret:!1}),t.push({key:"AMAZON_SES_KEY",message:"Amazon SES access key (optional):",secret:!0}),t.push({key:"AMAZON_SES_SECRET",message:"Amazon SES secret (optional):",secret:!0}));for(let r of e.socialProviders){let i=Y[r];for(let n of i.envVars)t.push({key:n.name,message:`${n.name} (${i.label}, optional):`,secret:n.secret})}return e.demo&&t.push({key:"TURNSTILE_SECRET_KEY",message:"Cloudflare Turnstile secret key (optional):",secret:!0}),t}async function Kt(e){let t=!1;u.log.info(f.bold("Project"));let r=e?.projectName??await(async()=>{t=!0;let c=await u.text({message:"Project name:",placeholder:"my-saas",validate:p=>{if(!p?.trim())return"Project name is required.";if(!tt(p))return"Use lowercase letters, numbers, and hyphens only. Must start with a letter."}});return w(c),c})(),i=e?.appName??await(async()=>{t=!0;let c=await u.text({message:"App name:",initialValue:et(r),validate:p=>{if(!p?.trim())return"App name is required."}});return w(c),c})(),n=e?.projectDir??await(async()=>{t=!0;let c=await u.text({message:"Project location:",initialValue:`./${r}`});return w(c),c==="."?process.cwd():c})(),o=e?.frontend??await(async()=>{t=!0;let c=Object.keys(Oe),p=await u.select({message:"Frontend framework:",options:c.map(y=>({value:y,label:Oe[y].label,hint:Oe[y].hint}))});return w(p),p})();u.log.info(f.bold("Infrastructure"));let s=e?.deploymentTarget??"node";if(e?.deploymentTarget===void 0){t=!0;let c=await u.select({message:"Deployment target:",options:se.map(p=>({value:p,label:F[p].label,hint:F[p].hint}))});w(c),s=c}let a=e?.architecture?Ne.find(c=>c.architecture===e.architecture&&c.target===s):void 0;if(a)throw new Error(`Incompatible: --architecture ${a.architecture} + --deploy ${a.target}. ${a.reason}`);let d=new Set(Ne.filter(c=>c.target===s).map(c=>c.architecture)),h=Ye.filter(c=>!d.has(c)),g=e?.architecture??await(async()=>{if(h.length===1){let p=h[0];return u.log.info(`Auto-selected ${De[p].label} architecture (only compatible option for ${F[s].label}).`),p}t=!0;let c=await u.select({message:"Architecture:",options:h.map(p=>({value:p,label:De[p].label,hint:De[p].hint}))});return w(c),c})(),m=e?.databaseProvider??await(async()=>{t=!0;let c=ae.filter(y=>!Ce.some(O=>O.target===s&&O.provider===y));if(c.length===1){let y=c[0];return u.log.info(`Auto-selected ${x[y].label} (only compatible option for ${F[s].label}).`),y}let p=await u.select({message:"Database provider:",options:c.map(y=>({value:y,label:x[y].label,hint:x[y].hint}))});return w(p),p})(),v=e?.cacheProvider??await(async()=>{t=!0;let c=ce.filter(y=>!Ce.some(O=>O.target===s&&O.provider===y));if(c.length===1){let y=c[0];return u.log.info(`Auto-selected ${B[y].label} (only compatible option for ${F[s].label}).`),y}let p=await u.select({message:"Cache provider:",options:c.map(y=>({value:y,label:B[y].label,hint:B[y].hint}))});return w(p),p})();if(F[s]?.edgeRuntime){let c=Gt.map(p=>` - ${p}`).join(`
3
+ `);u.note(c,"Unavailable on edge runtime")}u.log.info(f.bold("Features"));let b=e?.paymentProvider??await(async()=>{t=!0;let c=await u.select({message:"Payment provider:",options:Je.map(p=>({value:p,label:Ge[p].label,hint:Ge[p].hint}))});return w(c),c})(),H=e?.defaultCurrency??await(async()=>{if(b==="none")return"USD";t=!0;let c=await u.select({message:"Default currency:",options:oe.map(p=>({value:p,label:p,hint:ie[p].name}))});return w(c),c})(),R=e?.emailProvider??await(async()=>{t=!0;let c=await u.select({message:"Email provider:",options:qe.map(p=>({value:p,label:Ke[p].label,hint:Ke[p].hint}))});return w(c),c})(),te=e?.multiTenancy??await(async()=>{t=!0;let c=await u.confirm({message:"Enable multi-tenancy (organizations)?",initialValue:!1});return w(c),c})(),re=e?.billingScope??"user";if(te&&e?.billingScope===void 0){t=!0;let c=await u.select({message:"Billing scope:",options:Ze.map(p=>({value:p,label:ze[p].label,hint:ze[p].hint}))});w(c),re=c}let A=e?.blog??await(async()=>{t=!0;let c=await u.confirm({message:"Enable blog?",initialValue:!0});return w(c),c})(),S=e?.docs??await(async()=>{t=!0;let c=await u.confirm({message:"Include docs app? (self-hosted Fumadocs documentation site)",initialValue:!1});return w(c),c})(),P=e?.revenueSharing??await(async()=>{t=!0;let c=await u.confirm({message:"Enable revenue sharing? (opt-in MRR leaderboard with dofollow backlinks)",initialValue:!1});return w(c),c})(),_e=b==="none"?!1:e?.credits??await(async()=>{t=!0;let c=await u.confirm({message:"Enable credits? (metered usage on top of subscription plans)",initialValue:!0});return w(c),c})(),he=e?.socialProviders??await(async()=>{t=!0;let c=Qe.map(y=>({value:y,label:Y[y].label,hint:`requires ${Y[y].envVars.map(O=>O.name).join(" / ")}`})),p=await u.multiselect({message:"Which social login providers should the sign-in screen show?",options:c,initialValues:[],required:!1});return w(p),p})();u.log.info(f.bold("Tooling"));let gt=e?.dockerServices??await(async()=>{t=!0;let c=[...We].filter(D=>D!=="mailpit");R==="smtp"&&c.push("mailpit");let p=c.map(D=>({value:D,label:ye[D].label,hint:ye[D].hint})),y=p.map(D=>D.value).filter(D=>!(D==="postgres"&&(m==="neon"||m==="supabase")||D==="redis"&&v==="upstash")),O=await u.multiselect({message:"Which services should we set up in Docker for you?",options:p,initialValues:y,required:!1});return w(O),O})(),ht=e?.aiTools??await(async()=>{t=!0;let c=Xe.map(y=>({value:y,label:xe[y].label})),p=await u.multiselect({message:"Which AI coding tools do you use?",options:c,initialValues:[],required:!1});return w(p),p})(),yt=e?.demo,Fe=St({databaseProvider:m,cacheProvider:v,paymentProvider:b,emailProvider:R,socialProviders:he,demo:yt}),Re={};if(Fe.length>0&&t){u.log.info(f.bold("Credentials")+f.dim(" all optional - press Enter to skip, fill in .env later"));for(let c of Fe)if(t=!0,c.secret){let p=await u.password({message:c.message,mask:"*"});w(p),typeof p=="string"&&p.trim()&&(Re[c.key]=p.trim())}else{let p=await u.text({message:c.message,placeholder:c.placeholder});w(p),typeof p=="string"&&p.trim()&&(Re[c.key]=p.trim())}}if(t){let c=[` Name: ${f.cyan(r)}`,` App name: ${f.cyan(i)}`,` Location: ${f.cyan(n)}`,` Frontend: ${f.cyan(Oe[o].label)}`,` Architecture: ${f.cyan(De[g].label)}`].join(`
4
4
  `),p=[` Deploy target: ${f.cyan(F[s]?.label??"Node.js / Docker")}`,` Database: ${f.cyan(x[m].label)}`,` Cache: ${f.cyan(B[v].label)}`,gt.length>0?` Docker: ${f.cyan(gt.map(ne=>ye[ne].label).join(", "))}`:` Docker: ${f.dim("none")}`].filter(Boolean).join(`
5
5
  `),y=[b!=="none"?` Payment: ${f.cyan(Ge[b].label)} (${H})`:` Payment: ${f.dim("none")}`,` Credits: ${_e?f.cyan("Yes"):f.dim("No")}`,` Email: ${f.cyan(Ke[R].label)}`,` Multi-tenancy: ${te?f.cyan("Yes")+` (billing: ${ze[re].label})`:f.dim("No")}`,` Blog: ${A?f.cyan("Yes"):f.dim("No")}`,` Docs app: ${S?f.cyan("Yes"):f.dim("No")}`,` Rev. sharing: ${P?f.cyan("Yes"):f.dim("No")}`,he.length>0?` Social login: ${f.cyan(he.map(ne=>Y[ne].label).join(", "))}`:` Social login: ${f.dim("none")}`,ht.length>0?` AI tools: ${f.cyan(ht.map(ne=>xe[ne].label).join(", "))}`:` AI tools: ${f.dim("none")}`].join(`
6
6
  `),O=[f.bold("Project"),c,"",f.bold("Infrastructure"),p,"",f.bold("Features"),y];if(Fe.length>0){let ne=Fe.map(Vt=>{let wn=Re[Vt.key]?f.green("provided"):f.dim("skipped");return` ${Vt.key}: ${wn}`}).join(`
7
7
  `);O.push("",f.bold("Credentials"),ne)}u.note(O.join(`
8
8
  `),"Summary");let D=await u.confirm({message:"Proceed with these settings?"});(u.isCancel(D)||!D)&&(u.cancel("Setup cancelled."),process.exit(0))}return{projectName:r,appName:i,projectDir:n,frontend:o,architecture:g,deploymentTarget:s,databaseProvider:m,cacheProvider:v,paymentProvider:b,emailProvider:R,multiTenancy:te,billingScope:re,blog:A,docs:S,revenueSharing:P,credits:_e,dockerServices:gt,aiTools:ht,socialProviders:he,defaultCurrency:H,...Object.keys(Re).length>0?{credentials:Re}:{},...e?.baseUrl!==void 0?{baseUrl:e.baseUrl}:{},...yt!==void 0?{demo:yt}:{}}}import{createReadStream as On}from"fs";import{mkdir as Dn}from"fs/promises";import{Readable as xn}from"stream";import{pipeline as Qt}from"stream/promises";import{extract as Cn}from"tar";import{join as le}from"path";import{homedir as bn}from"os";var rt=process.env.GENERATESAAS_API_URL??"https://cli.generatesaas.com",U=".generatesaas",W=le(U,"manifest.json"),zt=le(U,"hashes.json"),nt=le(U,"template-hashes.json"),it=le(U,"template"),Ht=le(U,"staging"),Yt=le(U,"staging.json"),J=le(bn(),".generatesaas");var _=class extends Error{constructor(r,i){super(i);this.status=r}status;name="ApiError"};function q(e){return{apiKey:e,baseUrl:rt}}async function X(e,t,r){let i=`${e.baseUrl}${t}`,n=await fetch(i,{...r,headers:{...r?.headers,Authorization:`Bearer ${e.apiKey}`,"User-Agent":"generatesaas-cli"}});if(!n.ok){let o;try{o=(await n.json()).error??`API ${n.status}: ${t}`}catch{o=`API ${n.status}: ${t}`}throw new _(n.status,o)}return n}import{existsSync as Tn,readFileSync as In,writeFileSync as An,mkdirSync as kn}from"fs";import{dirname as Pn}from"path";import*as Z from"@clack/prompts";function Et(){if(!Tn(J))return null;try{let e=JSON.parse(In(J,"utf-8"));return e.apiKey?e.apiKey:(e.token&&!e.apiKey&&Z.log.warning(`Found old GitHub token in ${J}. Run 'generatesaas init' to set up your API key.`),null)}catch{return null}}function pe(e){kn(Pn(J),{recursive:!0}),An(J,JSON.stringify({apiKey:e},null," ")+`
9
9
  `,{mode:384})}async function ve(e){if(e?.apiKey)return e.apiKey;let t=process.env.GENERATESAAS_API_KEY;if(t)return t;let r=Et();if(r)return r;if(!e?.prompt)throw new Error("API key not found. Set GENERATESAAS_API_KEY or run 'generatesaas init' to configure.");return Ue()}async function Ue(){let e=await Z.text({message:"Enter your GenerateSaaS API key:",placeholder:"gs_live_...",validate:t=>{if(!t?.trim())return"API key is required."}});return Z.isCancel(e)&&(Z.cancel("Setup cancelled."),process.exit(0)),e.trim()}async function Q(e){return process.env.GENERATESAAS_OFFLINE_LICENSE==="1"?{latest:"0.0.0-ci",versions:[{version:"0.0.0-ci",date:new Date().toISOString(),breaking:!1}]}:await(await X(e,"/versions")).json()}async function Jt(e,t){try{return await(await X(e,`/changelog/${encodeURIComponent(t)}`)).text()}catch(r){if(r instanceof _&&r.status===404)return null;throw r}}async function qt(e,t){return await(await X(e,`/skill/${encodeURIComponent(t)}`)).json()}async function Wt(e,t){return process.env.GENERATESAAS_OFFLINE_LICENSE==="1"?{token:"offline-test-token",licenseId:"offline-test-license-id"}:await(await X(e,"/license/sign",{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(t)})).json()}async function Xt(e,t){return await(await X(e,"/license/refresh",{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(t)})).json()}async function Zt(e,t){let r=await fetch(`${e}/license/verify`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({token:t})});if(!r.ok)throw new Error(`Verification service returned ${r.status}`);return await r.json()}var wt=new Set([".git","node_modules",".pnpm-store",".env",".env.test",".turbo",".nuxt",".output",".data","dist",".next",".svelte-kit",".devcontainer","playwright-report","test-results"]),_n=new Set(["data","mksaas","references","scripts",".cursor",".agents",".codex",".generatesaas",".vscode",".mcp.json","AGENTS.md","CLAUDE.md","README.md","TODO.md","OVERVIEW.md"]),Rn=["docs/superpowers","packages/cli","packages/cli-api","infra/docker-compose.yml",".claude/commands",".claude/skills/web-next-port",".claude/skills/web-next-port-workspace",".claude/settings.local.json",".claude/worktrees"];function Se(e){let t=e.split("/");for(let r of t)if(wt.has(r))return!0;if(_n.has(t[0]))return!0;for(let r of Rn)if(e===r||e.startsWith(r+"/"))return!0;return!1}async function ot(e,t,r){await Dn(r,{recursive:!0});let i=process.env.GENERATESAAS_TEMPLATE_TARBALL;if(i){await Qt(On(i),er(r));return}let n=await X(e,`/template/${encodeURIComponent(t)}`);if(!n.body)throw new Error("Empty response body");let o=xn.fromWeb(n.body);await Qt(o,er(r))}function er(e){return Cn({cwd:e,strip:1,filter:t=>{let r=t.replace(/^[^/]+\//,"");return r?!Se(r):!0},sync:!1})}import{readFile as Nn,rm as tr,writeFile as Ln}from"fs/promises";import{join as bt}from"path";var Un=["apps/web-nuxt/public/images/blog","apps/web-next/public/images/blog"];async function rr(e){await Promise.all(Un.map(t=>tr(bt(e,t),{recursive:!0,force:!0})))}async function nr(e,t){t.includes("claude-code")||await tr(bt(e,".claude"),{recursive:!0,force:!0})}async function ir(e,t){let r=bt(e,".claude","settings.json"),i;try{i=await Nn(r,"utf8")}catch{return}let n=JSON.parse(i);delete n.alwaysThinkingEnabled,delete n.enableAllProjectMcpServers,n.env&&(delete n.env.CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS,Object.keys(n.env).length===0&&delete n.env),n.permissions?.allow&&(n.permissions.allow=n.permissions.allow.filter(o=>$n(o,t))),await Ln(r,JSON.stringify(n,null," ")+`
10
- `)}function $n(e,t){return!(e.startsWith("mcp__")||t!=="nuxt"&&e.includes("nuxt"))}import{join as zn}from"path";import{mkdir as jn,readdir as Mn,rm as Vn,rmdir as Fn,writeFile as Bn}from"fs/promises";import{dirname as st,join as Gn,relative as Kn}from"path";async function at(e){await jn(e,{recursive:!0})}async function l(e,t){await at(st(e)),await Bn(e,t,"utf-8")}async function Tt(e,t){await Vn(e,{force:!0});let r=st(e);for(;r!==t&&r!==st(r);){try{await Fn(r)}catch{return}r=st(r)}}async function de(e,t,r){let i=[],n=await Mn(e,{withFileTypes:!0});for(let o of n){let s=Gn(e,o.name),a=Kn(t,s);r(a)||(o.isDirectory()?i.push(...await de(s,t,r)):o.isFile()&&i.push(s))}return i}var Hn={postgres:"Postgres",neon:"Neon (managed Postgres)",supabase:"Supabase (managed Postgres)"},Yn={resend:"Resend",ses:"Amazon SES",smtp:"SMTP"},Jn={redis:"Redis",upstash:"Upstash Redis"},qn={node:"Node.js / Docker",vercel:"Vercel"},Wn={stripe:"Stripe",polar:"Polar"};function Xn(e){let t=e.frontend==="nuxt",r=t?"Nuxt 4":"Next.js 16",i=t?"apps/web-nuxt":"apps/web-next",n=t?"`app/` pages + components + composables":"`app/` routes, `components/`, `lib/`",o=e.architecture==="fullstack",s=o?"(fullstack \u2014 Hono API mounted inside the app)":"(separate \u2014 standalone Hono backend)",a=o?`Mounted inside \`${i}\`. A standalone \`apps/backend\` is also kept (inert) so you can switch to separate later.`:"Runs from `apps/backend`; the frontend reaches it over HTTP.",d=Jn[e.cacheProvider],h=qn[e.deploymentTarget],g=e.paymentProvider==="none"?"":`
10
+ `)}function $n(e,t){return!(e.startsWith("mcp__")||t!=="nuxt"&&e.includes("nuxt"))}import{join as zn}from"path";import{mkdir as jn,readdir as Mn,rm as Vn,rmdir as Fn,writeFile as Bn}from"fs/promises";import{dirname as st,join as Gn,relative as Kn}from"path";async function at(e){await jn(e,{recursive:!0})}async function l(e,t){await at(st(e)),await Bn(e,t,"utf-8")}async function Tt(e,t){await Vn(e,{force:!0});let r=st(e);for(;r!==t&&r!==st(r);){try{await Fn(r)}catch{return}r=st(r)}}async function de(e,t,r){let i=[],n=await Mn(e,{withFileTypes:!0});for(let o of n){let s=Gn(e,o.name),a=Kn(t,s);r(a)||(o.isDirectory()?i.push(...await de(s,t,r)):o.isFile()&&i.push(s))}return i}var Hn={postgres:"Postgres",neon:"Neon (managed Postgres)",supabase:"Supabase (managed Postgres)"},Yn={resend:"Resend",ses:"Amazon SES",smtp:"SMTP"},Jn={redis:"Redis",upstash:"Upstash Redis"},qn={node:"Node.js / Docker",vercel:"Vercel"},Wn={stripe:"Stripe",polar:"Polar"};function Xn(e){let t=e.frontend==="nuxt",r=t?"Nuxt 4":"Next.js 16",i=t?"apps/web-nuxt":"apps/web-next",n=t?"`app/` pages + components + composables":"`app/` routes, `components/`, `lib/`",o=e.architecture==="fullstack",s=o?"(fullstack - Hono API mounted inside the app)":"(separate - standalone Hono backend)",a=o?`Mounted inside \`${i}\`. A standalone \`apps/backend\` is also kept (inert) so you can switch to separate later.`:"Runs from `apps/backend`; the frontend reaches it over HTTP.",d=Jn[e.cacheProvider],h=qn[e.deploymentTarget],g=e.paymentProvider==="none"?"":`
11
11
  - **Payments:** ${Wn[e.paymentProvider]}`,m=t?"`$t('key')` in templates (global helper); `useI18n()` from `vue-i18n` in `<script setup>` for `locale`/`setLocale`/`t()`.":"`useTranslations()` from `next-intl` in components; messages are loaded in `apps/web-next/i18n/request.ts`.",v=t?"**Navigation:** always use `localePath()` for paths (hardcoded paths break non-default locales); `await navigateTo()` in SSR.":"**Navigation:** `next/link` for links; `redirect()` from `next/navigation` for programmatic redirects in Server Components.";return`# AGENTS.md
12
12
 
13
13
  Guidelines for AI coding agents (Claude Code, Codex, Cursor, \u2026) in this project.
14
- Keep this file tight: add a rule only when it prevents a recurring mistake \u2014 too
14
+ Keep this file tight: add a rule only when it prevents a recurring mistake - too
15
15
  much standing context makes the agent rigid and stops it checking the real code.
16
16
 
17
17
  ## Before you build anything (read this first)
@@ -20,11 +20,11 @@ This boilerplate already ships ~30 features, every one config-gated and wired en
20
20
  end. Before writing a new file, route, table, or component, assume it ALREADY EXISTS
21
21
  and go find it:
22
22
 
23
- 1. \`docs/${t?"nuxt":"next"}/index.mdx\` \u2014 the catalog of every shipped feature and its config flag.
24
- 2. \`packages/config/src/index.ts\` \u2014 the flag that turns the feature on/off (check it before rendering).
23
+ 1. \`docs/${t?"nuxt":"next"}/index.mdx\` - the catalog of every shipped feature and its config flag.
24
+ 2. \`packages/config/src/index.ts\` - the flag that turns the feature on/off (check it before rendering).
25
25
  3. Search \`packages/\` and \`${i}/\` for the name before creating anything.
26
26
 
27
- Already built \u2014 extend these, never re-implement: auth (email / OAuth / 2FA / passkeys),
27
+ Already built - extend these, never re-implement: auth (email / OAuth / 2FA / passkeys),
28
28
  billing & subscriptions, credits, organizations & teams, notifications, email, SMS,
29
29
  storage & uploads, admin panel, user settings, audit logs, API keys, onboarding,
30
30
  waitlist, blog, banners, i18n, theming, dashboard shell, marketing site, background jobs.
@@ -42,32 +42,32 @@ flag, route, or translation is the most common and most costly mistake in this r
42
42
  - **Email:** ${Yn[e.emailProvider]}
43
43
  - **Deploy:** ${h}
44
44
 
45
- ## Where things live (extend these \u2014 don't reinvent)
45
+ ## Where things live (extend these - don't reinvent)
46
46
 
47
- - \`packages/config/src\` \u2014 feature flags, routes, site/pricing config. **Check the flag before building or rendering a toggleable feature.**
48
- - \`packages/api/src\` \u2014 Hono routes (\`routes/\`), business logic (\`services/\`), background jobs (\`functions/\`, Inngest).
49
- - \`packages/database/src\` \u2014 Drizzle schema + queries (\`db/auth.ts\` is generated \u2014 see *Don't modify*).
50
- - \`packages/auth/src/config.ts\` \u2014 Better Auth config.
51
- - \`packages/runtime/src/env.ts\` \u2014 the validated (Zod) env schema. New env var \u2192 add it here **and** to \`.env.example\` (the committed reference); set the local value in \`.env\`.
52
- - \`packages/{payments,mail,sms,storage,notifications}\` \u2014 config-gated integrations. Every provider's files stay even when its feature is off, so flipping a flag is enough to enable it.
53
- - \`${i}\` \u2014 the ${r} app (${n}).
54
- - \`docs/${t?"nuxt":"next"}/\` \u2014 feature & architecture documentation for this stack (Markdown). Consult it before searching from scratch; it cites real config keys, package names, and file paths you can act on.
47
+ - \`packages/config/src\` - feature flags, routes, site/pricing config. **Check the flag before building or rendering a toggleable feature.**
48
+ - \`packages/api/src\` - Hono routes (\`routes/\`), business logic (\`services/\`), background jobs (\`functions/\`, Inngest).
49
+ - \`packages/database/src\` - Drizzle schema + queries (\`db/auth.ts\` is generated - see *Don't modify*).
50
+ - \`packages/auth/src/config.ts\` - Better Auth config.
51
+ - \`packages/runtime/src/env.ts\` - the validated (Zod) env schema. New env var \u2192 add it here **and** to \`.env.example\` (the committed reference); set the local value in \`.env\`.
52
+ - \`packages/{payments,mail,sms,storage,notifications}\` - config-gated integrations. Every provider's files stay even when its feature is off, so flipping a flag is enough to enable it.
53
+ - \`${i}\` - the ${r} app (${n}).
54
+ - \`docs/${t?"nuxt":"next"}/\` - feature & architecture documentation for this stack (Markdown). Consult it before searching from scratch; it cites real config keys, package names, and file paths you can act on.
55
55
 
56
56
  ## Code style
57
57
 
58
- - TypeScript strict \u2014 no \`any\`, no unsafe casts (\`as any\`, \`as unknown as\`).
58
+ - TypeScript strict - no \`any\`, no unsafe casts (\`as any\`, \`as unknown as\`).
59
59
  - JSDoc on exported functions/composables/utilities; no inline comments unless asked.
60
- - Reach for the existing libs (Better Auth, Drizzle, Hono) before hand-rolling \u2014 check their docs first.
60
+ - Reach for the existing libs (Better Auth, Drizzle, Hono) before hand-rolling - check their docs first.
61
61
 
62
62
  ## Don't modify
63
63
 
64
- - \`pnpm-lock.yaml\` (you own lockfile changes intentionally \u2014 use \`pnpm add\`/\`pnpm remove\`, not hand edits) and don't hand-edit \`package.json\` deps.
65
- - \`packages/database/src/db/auth.ts\` \u2014 regenerated by \`pnpm auth:generate\`. Add user fields via \`additionalFields\` in \`packages/auth/src/config.ts\`, never here.
64
+ - \`pnpm-lock.yaml\` (you own lockfile changes intentionally - use \`pnpm add\`/\`pnpm remove\`, not hand edits) and don't hand-edit \`package.json\` deps.
65
+ - \`packages/database/src/db/auth.ts\` - regenerated by \`pnpm auth:generate\`. Add user fields via \`additionalFields\` in \`packages/auth/src/config.ts\`, never here.
66
66
 
67
67
  ## Gotchas (where agents trip)
68
68
 
69
- - **Hono routes:** keep the method chain (\`.get().post()\`) \u2014 RPC type inference depends on it. Validate with \`sValidator\` from \`@hono/standard-validator\`.
70
- - **Feature flags:** respect \`config.*\` \u2014 hide/skip a feature when its flag is off (the files stay so you can flip it later).
69
+ - **Hono routes:** keep the method chain (\`.get().post()\`) - RPC type inference depends on it. Validate with \`sValidator\` from \`@hono/standard-validator\`.
70
+ - **Feature flags:** respect \`config.*\` - hide/skip a feature when its flag is off (the files stay so you can flip it later).
71
71
  - **i18n:** strings live in \`packages/i18n/translations/{locale}/{scope}.json\`; edit \`en/\` only, keep keys generic. ${m} A pre-commit hook runs \`pnpm translate\` (needs \`OPENROUTER_API_KEY\`) to sync other locales from \`en\`; without the key it skips.
72
72
  - ${v}
73
73
  - **Routes:** use \`config.routes.*\`, never hardcoded path strings.
@@ -103,7 +103,7 @@ ${a}
103
103
 
104
104
  \`\`\`bash
105
105
  pnpm install
106
- # A ready-to-run \`.env\` was generated for you \u2014 open it and fill in the
106
+ # A ready-to-run \`.env\` was generated for you - open it and fill in the
107
107
  # values marked \`# TODO\` (provider API keys). \`.env.example\` is the committed
108
108
  # reference. All apps load the single root \`.env\`.
109
109
  ${h}pnpm dev
@@ -428,7 +428,7 @@ ${o?" credits: { enabled: true }":" credits: { enabled: false }"},
428
428
  items: []
429
429
  }
430
430
  };
431
- `;await l(t,g)}var ni={smtp:[{key:"SMTP_HOST",defaultValue:"localhost"},{key:"SMTP_PORT",defaultValue:"1025"}],ses:[{key:"AMAZON_SES_REGION",comment:"# TODO: Configure Amazon SES credentials (e.g. us-east-1)"},{key:"AMAZON_SES_KEY"},{key:"AMAZON_SES_SECRET"}],resend:[{key:"RESEND_API_KEY",comment:"# TODO: Add your Resend API key"}]};function ii(e){let t=Y[e];return t.envVars.map((r,i)=>({key:r.name,...i===0?{comment:`# TODO: Add your ${t.label} OAuth credentials`}:{}}))}var oi={stripe:[{key:"STRIPE_SECRET_KEY",comment:"# TODO: Add your Stripe keys"},{key:"STRIPE_WEBHOOK_SECRET"}],polar:[{key:"POLAR_ACCESS_TOKEN",comment:"# TODO: Add your Polar keys"},{key:"POLAR_WEBHOOK_SECRET"}]};function Ee(e,t){return t?e.map(r=>{let i=t[r.key];return i?{...r,defaultValue:i,comment:void 0}:r}):e}function we(e,t){for(let r of e)r.comment&&t.push(r.comment),r.defaultValue!==void 0?t.push(`${r.key}=${r.defaultValue}`):t.push(`#${r.key}=`)}function At(e){return Array.from(crypto.getRandomValues(new Uint8Array(e))).map(t=>t.toString(16).padStart(2,"0")).join("")}function pr(e){return e.architecture==="fullstack"?{apiUrl:"http://localhost:3000/api",baseUrl:"http://localhost:3000"}:{apiUrl:"http://localhost:3010",baseUrl:"http://localhost:3000"}}function si(e){let{architecture:t,deploymentTarget:r}=e;return t==="fullstack"?r==="vercel"?{frontend:"https://your-app.vercel.app",backend:"https://your-app.vercel.app"}:r==="node"?{frontend:"https://your-app.example.com",backend:"https://your-app.example.com"}:null:{frontend:"https://your-app.example.com",backend:"https://your-app.example.com/api"}}function ct(e,t,r,i){e.push(i==="example"?`${t}=`:`${t}=${r}`)}function lr(e,t){let r=t==="example"?void 0:e.credentials,{apiUrl:i,baseUrl:n}=pr(e),o=[];e.architecture==="separate"?o.push("# API Configuration","# Standalone backend's own URL (the frontend reaches it via the public var above).",`API_URL=${i}`,`BASE_URL=${n}`):o.push("# App","# (API_URL is derived from the frontend's *_PUBLIC_API_URL by the runtime env schema.)",`BASE_URL=${n}`),o.push("","# Database"),we(Ee(x[e.databaseProvider].envVars,r),o),o.push("","# Cache"),we(Ee(B[e.cacheProvider].envVars,r),o),o.push("","# Authentication"),t==="example"&&o.push("# Generate a strong secret, e.g. `openssl rand -hex 32`"),ct(o,"BETTER_AUTH_SECRET",crypto.randomUUID(),t),o.push("","# Content API (random secret; required when contentApi feature is enabled in @repo/config)"),ct(o,"CONTENT_API_KEY",At(32),t),o.push("","# Job Queue - Inngest","INNGEST_APP_ID=api"),ct(o,"INNGEST_EVENT_KEY",At(32),t),ct(o,"INNGEST_SIGNING_KEY",At(32),t),o.push("INNGEST_BASE_URL=http://127.0.0.1:8288"),e.architecture==="separate"&&(o.push("","# API Port (standalone backend)","API_PORT=3010"),o.push("","# CORS + cross-subdomain cookies (production only \u2014 leave unset for local dev)","# TRUSTED_ORIGINS=https://your-app.example.com","# AUTH_COOKIE_DOMAIN=.example.com"));let s=ni[e.emailProvider];if(s&&(o.push("","# Email"),we(Ee(s,r),o)),e.paymentProvider!=="none"){let a=oi[e.paymentProvider];a&&(o.push("","# Payment"),we(Ee(a,r),o))}if(e.socialProviders.length>0){o.push("","# Social auth");for(let a of e.socialProviders)we(Ee(ii(a),r),o)}return e.demo&&(o.push("","# Captcha (Cloudflare Turnstile)"),we(Ee([{key:"TURNSTILE_SECRET_KEY",comment:"# TODO: Add your Cloudflare Turnstile secret key"}],r),o)),o.push("","# Translations - OpenRouter (optional)","# Set to auto-translate en/* into your other locales with `pnpm translate`.","# The pre-commit hook runs it on commit; without a key it skips and untranslated","# locales fall back to the default locale. Get a key: https://openrouter.ai/keys","#OPENROUTER_API_KEY="),o.push(""),o.join(`
431
+ `;await l(t,g)}var ni={smtp:[{key:"SMTP_HOST",defaultValue:"localhost"},{key:"SMTP_PORT",defaultValue:"1025"}],ses:[{key:"AMAZON_SES_REGION",comment:"# TODO: Configure Amazon SES credentials (e.g. us-east-1)"},{key:"AMAZON_SES_KEY"},{key:"AMAZON_SES_SECRET"}],resend:[{key:"RESEND_API_KEY",comment:"# TODO: Add your Resend API key"}]};function ii(e){let t=Y[e];return t.envVars.map((r,i)=>({key:r.name,...i===0?{comment:`# TODO: Add your ${t.label} OAuth credentials`}:{}}))}var oi={stripe:[{key:"STRIPE_SECRET_KEY",comment:"# TODO: Add your Stripe keys"},{key:"STRIPE_WEBHOOK_SECRET"}],polar:[{key:"POLAR_ACCESS_TOKEN",comment:"# TODO: Add your Polar keys"},{key:"POLAR_WEBHOOK_SECRET"}]};function Ee(e,t){return t?e.map(r=>{let i=t[r.key];return i?{...r,defaultValue:i,comment:void 0}:r}):e}function we(e,t){for(let r of e)r.comment&&t.push(r.comment),r.defaultValue!==void 0?t.push(`${r.key}=${r.defaultValue}`):t.push(`#${r.key}=`)}function At(e){return Array.from(crypto.getRandomValues(new Uint8Array(e))).map(t=>t.toString(16).padStart(2,"0")).join("")}function pr(e){return e.architecture==="fullstack"?{apiUrl:"http://localhost:3000/api",baseUrl:"http://localhost:3000"}:{apiUrl:"http://localhost:3010",baseUrl:"http://localhost:3000"}}function si(e){let{architecture:t,deploymentTarget:r}=e;return t==="fullstack"?r==="vercel"?{frontend:"https://your-app.vercel.app",backend:"https://your-app.vercel.app"}:r==="node"?{frontend:"https://your-app.example.com",backend:"https://your-app.example.com"}:null:{frontend:"https://your-app.example.com",backend:"https://your-app.example.com/api"}}function ct(e,t,r,i){e.push(i==="example"?`${t}=`:`${t}=${r}`)}function lr(e,t){let r=t==="example"?void 0:e.credentials,{apiUrl:i,baseUrl:n}=pr(e),o=[];e.architecture==="separate"?o.push("# API Configuration","# Standalone backend's own URL (the frontend reaches it via the public var above).",`API_URL=${i}`,`BASE_URL=${n}`):o.push("# App","# (API_URL is derived from the frontend's *_PUBLIC_API_URL by the runtime env schema.)",`BASE_URL=${n}`),o.push("","# Database"),we(Ee(x[e.databaseProvider].envVars,r),o),o.push("","# Cache"),we(Ee(B[e.cacheProvider].envVars,r),o),o.push("","# Authentication"),t==="example"&&o.push("# Generate a strong secret, e.g. `openssl rand -hex 32`"),ct(o,"BETTER_AUTH_SECRET",crypto.randomUUID(),t),o.push("","# Content API (random secret; required when contentApi feature is enabled in @repo/config)"),ct(o,"CONTENT_API_KEY",At(32),t),o.push("","# Job Queue - Inngest","INNGEST_APP_ID=api"),ct(o,"INNGEST_EVENT_KEY",At(32),t),ct(o,"INNGEST_SIGNING_KEY",At(32),t),o.push("INNGEST_BASE_URL=http://127.0.0.1:8288"),e.architecture==="separate"&&(o.push("","# API Port (standalone backend)","API_PORT=3010"),o.push("","# CORS + cross-subdomain cookies (production only - leave unset for local dev)","# TRUSTED_ORIGINS=https://your-app.example.com","# AUTH_COOKIE_DOMAIN=.example.com"));let s=ni[e.emailProvider];if(s&&(o.push("","# Email"),we(Ee(s,r),o)),e.paymentProvider!=="none"){let a=oi[e.paymentProvider];a&&(o.push("","# Payment"),we(Ee(a,r),o))}if(e.socialProviders.length>0){o.push("","# Social auth");for(let a of e.socialProviders)we(Ee(ii(a),r),o)}return e.demo&&(o.push("","# Captcha (Cloudflare Turnstile)"),we(Ee([{key:"TURNSTILE_SECRET_KEY",comment:"# TODO: Add your Cloudflare Turnstile secret key"}],r),o)),o.push("","# Translations - OpenRouter (optional)","# Set to auto-translate en/* into your other locales with `pnpm translate`.","# The pre-commit hook runs it on commit; without a key it skips and untranslated","# locales fall back to the default locale. Get a key: https://openrouter.ai/keys","#OPENROUTER_API_KEY="),o.push(""),o.join(`
432
432
  `)}function ai(e){let{apiUrl:t}=pr(e),r=e.frontend==="nextjs"?"NEXT_PUBLIC_API_URL":"NUXT_PUBLIC_API_URL",i=["# API Configuration",`${r}=${t}`],n=si(e);return n&&e.architecture==="separate"&&i.push("","# Production (uncomment and replace with your deployed hostnames):",`# ${r}=${n.backend}`),i.push(""),i.join(`
433
433
  `)}async function dr(e){let t=ai(e);await l(`${e.projectDir}/.env`,t+`
434
434
  `+lr(e,"env")),await l(`${e.projectDir}/.env.example`,t+`
@@ -585,7 +585,7 @@ export interface CacheSetOptions {
585
585
  * Three small helpers extended onto the native \`redis\` client for the SDK
586
586
  * methods whose signatures differ between ioredis and Upstash. Use these in
587
587
  * your own code when you want a uniform API; everything else on \`redis\` is
588
- * the native ioredis surface (or Upstash, on that backend) \u2014 use those
588
+ * the native ioredis surface (or Upstash, on that backend) - use those
589
589
  * directly with their native syntax.
590
590
  */
591
591
  export interface BoilerplateRedisHelpers {
@@ -602,7 +602,7 @@ const ioredis = new Redis(env.REDIS_URL);
602
602
  /**
603
603
  * Native ioredis client + the three boilerplate helpers. Every native
604
604
  * ioredis method (\`zadd\`, \`hset\`, \`pubsub\`, \`eval\`, etc.) is available
605
- * directly on this object \u2014 see ioredis's docs for usage. The three
605
+ * directly on this object - see ioredis's docs for usage. The three
606
606
  * \`cache*\` helpers cover the SDK calls whose signatures differ between
607
607
  * ioredis and Upstash.
608
608
  */
@@ -724,7 +724,7 @@ export interface CacheSetOptions {
724
724
  * Three small helpers extended onto the native \`redis\` client for the SDK
725
725
  * methods whose signatures differ between ioredis and Upstash. Use these in
726
726
  * your own code when you want a uniform API; everything else on \`redis\` is
727
- * the native Upstash surface (or ioredis, on that backend) \u2014 use those
727
+ * the native Upstash surface (or ioredis, on that backend) - use those
728
728
  * directly with their native syntax.
729
729
  */
730
730
  export interface BoilerplateRedisHelpers {
@@ -751,7 +751,7 @@ const upstash = new Redis({
751
751
  /**
752
752
  * Native Upstash REST client + the three boilerplate helpers. Every native
753
753
  * Upstash method (\`zadd\`, \`hset\`, \`json.*\`, \`eval\`, etc.) is available
754
- * directly on this object \u2014 see Upstash's docs for usage. The three
754
+ * directly on this object - see Upstash's docs for usage. The three
755
755
  * \`cache*\` helpers cover the SDK calls whose signatures differ between
756
756
  * Upstash and ioredis.
757
757
  */
@@ -831,7 +831,7 @@ export class MutexTimeoutError extends Error {
831
831
 
832
832
  /**
833
833
  * Execute \`fn\` while holding a distributed mutex on \`key\`. Backed by
834
- * \`@upstash/lock\`, Upstash's official distributed-lock library \u2014 uses
834
+ * \`@upstash/lock\`, Upstash's official distributed-lock library - uses
835
835
  * Lua EVAL for atomic compare-and-delete on release (no TOCTOU race) and
836
836
  * exposes \`extend()\` for long-running operations (not wired here; pick a
837
837
  * generous \`lockTimeout\` if you need it).
@@ -961,7 +961,7 @@ ${e.cacheProvider==="upstash"?` UPSTASH_REDIS_REST_URL: z.string(),
961
961
  export const env = (() => {
962
962
  // Compute API_URL fallback BEFORE Zod sees the input. Zod 4.4 ignores
963
963
  // \`z.preprocess\` output when the input key is absent from the parent
964
- // object \u2014 this guarantees the key is always present and avoids the regression.
964
+ // object - this guarantees the key is always present and avoids the regression.
965
965
  const rawEnv = { ...process.env };
966
966
  rawEnv.API_URL =
967
967
  rawEnv.API_URL ||
@@ -985,8 +985,8 @@ export const apiOrigin = parsedApiUrl.origin;
985
985
  `}import{readFile as bi}from"fs/promises";import{join as G}from"path";var lt={"@upstash/redis":"^1.37.0","@upstash/lock":"^0.2.1","@neondatabase/serverless":"^1.0.1",postgres:"^3.4.7"};async function Te(e){let t=await bi(e,"utf-8");return JSON.parse(t)}async function Ie(e,t){await l(e,JSON.stringify(t,null," ")+`
986
986
  `)}function $e(e,t){for(let r of t)delete e.dependencies?.[r],delete e.devDependencies?.[r]}function be(e,t,r,i=!1){let n=i?"devDependencies":"dependencies";e[n]||(e[n]={}),e[n][t]=r}async function vr(e){await Ti(e),await Ii(e),await Ai(e),await ki(e),e.frontend==="nextjs"?await _i(e):await Pi(e)}async function Ti(e){let t=G(e.projectDir,"packages/api/package.json"),r=await Te(t);$e(r,["sharp","@types/sharp"]),await Ie(t,r)}async function Ii(e){let t=G(e.projectDir,"packages/runtime/package.json"),r=await Te(t);e.cacheProvider==="upstash"&&($e(r,["ioredis","rate-limit-redis","redis-semaphore"]),be(r,"@upstash/redis",lt["@upstash/redis"]),be(r,"@upstash/lock",lt["@upstash/lock"])),await Ie(t,r)}async function Ai(e){let t=G(e.projectDir,"packages/database/package.json"),r=await Te(t);e.databaseProvider==="neon"?($e(r,["pg","@types/pg"]),be(r,"@neondatabase/serverless",lt["@neondatabase/serverless"])):e.databaseProvider==="supabase"&&($e(r,["pg","@types/pg"]),be(r,"postgres",lt.postgres)),await Ie(t,r)}async function ki(e){if(e.architecture!=="separate")return;let t=G(e.projectDir,"apps/backend/package.json"),r=await Te(t);e.deploymentTarget!=="node"&&$e(r,["@hono/node-server"]),await Ie(t,r)}async function Pi(e){if(e.architecture!=="separate")return;let t=G(e.projectDir,"apps/web-nuxt");await Tt(G(t,"server/api/[...paths].ts"),t);let r=G(t,"package.json"),i=await Te(r),n=i.dependencies?.["@repo/api"];n&&(delete i.dependencies?.["@repo/api"],be(i,"@repo/api",n,!0)),await Ie(r,i)}async function _i(e){if(e.architecture!=="separate")return;let t=G(e.projectDir,"apps/web-next");await Tt(G(t,"app/api/[[...rest]]/route.ts"),t);let r=G(t,"package.json"),i=await Te(r),n=i.dependencies?.["@repo/api"];n&&(delete i.dependencies?.["@repo/api"],be(i,"@repo/api",n,!0)),await Ie(r,i)}import{readFile as Er}from"fs/promises";import{join as wr}from"path";async function br(e){let t=wr(e.projectDir,"turbo.json"),r;try{r=await Er(t,"utf-8")}catch{return}let i=JSON.parse(r),n=i.tasks?.build;if(!n)return;let o=e.frontend==="nextjs"?"NUXT_PUBLIC_*":"NEXT_PUBLIC_*",s=e.frontend==="nextjs"?new Set([".nuxt/**",".output/**"]):new Set([".next/**","!.next/cache/**"]),a=!1;if(Array.isArray(n.env)){let d=n.env.filter(h=>h!==o);d.length!==n.env.length&&(n.env=d,a=!0)}if(Array.isArray(n.outputs)){let d=n.outputs.filter(h=>!s.has(h));d.length!==n.outputs.length&&(n.outputs=d,a=!0)}a&&await l(t,JSON.stringify(i,null," ")+`
987
987
  `)}var Ri=["base.json","node.json","next.json"],Sr="GenerateSaaS ";async function Tr(e){if(!e.demo)for(let t of Ri){let r=wr(e.projectDir,"tooling/typescript",t),i;try{i=await Er(r,"utf-8")}catch{continue}let n=JSON.parse(i);typeof n.display!="string"||!n.display.startsWith(Sr)||(n.display=n.display.slice(Sr.length),await l(r,JSON.stringify(n,null," ")+`
988
- `))}}import{readFile as Oi,rm as Di}from"fs/promises";import{existsSync as Ir}from"fs";import{join as Ar}from"path";async function kr(e){if(e.frontend==="nuxt")return;let t=Ar(e.projectDir,"packages/i18n/package.json");if(!Ir(t))throw new Error(`pruneI18nNuxt: expected ${t} to exist \u2014 did the i18n package move?`);let r=JSON.parse(await Oi(t,"utf-8")),i=!!(r.exports?.["./module"]??r.exports?.["./nuxt"]),n=!1;if(r.exports)for(let s of["./module","./nuxt"])s in r.exports&&(delete r.exports[s],n=!0);r.devDependencies&&"@nuxt/kit"in r.devDependencies&&(delete r.devDependencies["@nuxt/kit"],n=!0),n&&await l(t,JSON.stringify(r,null," ")+`
989
- `);let o=Ar(e.projectDir,"packages/i18n/nuxt");if(i&&!Ir(o))throw new Error(`pruneI18nNuxt: packages/i18n declares a Nuxt export surface but ${o} is missing \u2014 did the i18n Nuxt module move?`);await Di(o,{recursive:!0,force:!0})}import{readFile as Pr,rm as xi}from"fs/promises";import{join as Pt}from"path";async function _r(e){e.cacheProvider==="upstash"&&await Promise.all([Ci(e.projectDir),Ni(e.projectDir),xi(Pt(e.projectDir,"packages/runtime/tests/redis.test.ts"),{force:!0})])}async function Ci(e){let t=Pt(e,"packages/runtime/tests/setup.ts"),r;try{r=await Pr(t,"utf-8")}catch{return}let i=r.replace(/\tREDIS_URL:\s*"[^"]*",?\n/,` UPSTASH_REDIS_REST_URL: "https://test.upstash.io",
988
+ `))}}import{readFile as Oi,rm as Di}from"fs/promises";import{existsSync as Ir}from"fs";import{join as Ar}from"path";async function kr(e){if(e.frontend==="nuxt")return;let t=Ar(e.projectDir,"packages/i18n/package.json");if(!Ir(t))throw new Error(`pruneI18nNuxt: expected ${t} to exist - did the i18n package move?`);let r=JSON.parse(await Oi(t,"utf-8")),i=!!(r.exports?.["./module"]??r.exports?.["./nuxt"]),n=!1;if(r.exports)for(let s of["./module","./nuxt"])s in r.exports&&(delete r.exports[s],n=!0);r.devDependencies&&"@nuxt/kit"in r.devDependencies&&(delete r.devDependencies["@nuxt/kit"],n=!0),n&&await l(t,JSON.stringify(r,null," ")+`
989
+ `);let o=Ar(e.projectDir,"packages/i18n/nuxt");if(i&&!Ir(o))throw new Error(`pruneI18nNuxt: packages/i18n declares a Nuxt export surface but ${o} is missing - did the i18n Nuxt module move?`);await Di(o,{recursive:!0,force:!0})}import{readFile as Pr,rm as xi}from"fs/promises";import{join as Pt}from"path";async function _r(e){e.cacheProvider==="upstash"&&await Promise.all([Ci(e.projectDir),Ni(e.projectDir),xi(Pt(e.projectDir,"packages/runtime/tests/redis.test.ts"),{force:!0})])}async function Ci(e){let t=Pt(e,"packages/runtime/tests/setup.ts"),r;try{r=await Pr(t,"utf-8")}catch{return}let i=r.replace(/\tREDIS_URL:\s*"[^"]*",?\n/,` UPSTASH_REDIS_REST_URL: "https://test.upstash.io",
990
990
  UPSTASH_REDIS_REST_TOKEN: "test-token",
991
991
  `);i!==r&&await l(t,i)}async function Ni(e){let t=Pt(e,"packages/api/tests/setup.ts"),r;try{r=await Pr(t,"utf-8")}catch{return}let i=r;i=i.replace(/\tREDIS_URL:\s*"[^"]*",?\n/g,` UPSTASH_REDIS_REST_URL: "https://test.upstash.io",
992
992
  UPSTASH_REDIS_REST_TOKEN: "test-token",
@@ -1095,7 +1095,7 @@ ${n} env:
1095
1095
  `))}async function $r(e){let t=Bi(e.demo===!0),r=Gi(e.architecture,e.frontend),i=_t(e.projectDir,"apps",r);switch(e.deploymentTarget){case"node":await Ki(_t(i,"package.json"),"start",t);return;case"vercel":await zi(_t(i,"vercel.json"),t);return;default:{let n=e.deploymentTarget;throw new Error(`generateDeployScripts: unhandled deployment target "${String(n)}"`)}}}import{readFile as Hi}from"fs/promises";import{existsSync as Yi}from"fs";import{join as dt}from"path";var Ji=["stripe","polar"];async function jr(e){let t=dt(e.projectDir,"packages/payments/src"),r=e.paymentProvider,i=`// Active payment provider. To switch, change the path below to
1096
1096
  // "./polar/index" or "./none/index" (other folders are kept in place).
1097
1097
  export { ops } from "./${r}/index";
1098
- `;await l(dt(t,"providers/index.ts"),i),await l(dt(t,"index.ts"),await qi(t,r))}async function qi(e,t){let r=dt(e,"index.ts");if(!Yi(r))throw new Error(`generatePaymentBarrel: expected ${r} to exist \u2014 did packages/payments move?`);let i=await Hi(r,"utf-8"),n=Ji.filter(s=>s!==t);return i.split(`
1098
+ `;await l(dt(t,"providers/index.ts"),i),await l(dt(t,"index.ts"),await qi(t,r))}async function qi(e,t){let r=dt(e,"index.ts");if(!Yi(r))throw new Error(`generatePaymentBarrel: expected ${r} to exist - did packages/payments move?`);let i=await Hi(r,"utf-8"),n=Ji.filter(s=>s!==t);return i.split(`
1099
1099
  `).filter(s=>!n.some(a=>s.includes(`./providers/${a}/`))).join(`
1100
1100
  `)}import{readdir as Wi,readFile as Xi}from"fs/promises";import{join as Mr}from"path";async function Vr(e){if(e.demo)return;let t=e.appName.trim()||e.projectName,r=JSON.stringify(t).slice(1,-1),i=Mr(e.projectDir,"packages/i18n/translations"),n;try{n=await Wi(i)}catch{return}for(let o of n){let s=Mr(i,o,"web.json"),a;try{a=await Xi(s,"utf-8")}catch{continue}let d=a.replaceAll("GenerateSaaS",r);d!==a&&await l(s,d)}}import{readFile as Zi}from"fs/promises";import{join as Fr}from"path";var Qi=[".nuxt/",".nuxt",".nitro/",".nitro",".output/",".output","_locales/"],eo=[".next/",".next",".svelte-kit/",".svelte-kit",".wrangler/",".wrangler",".dev.vars"];async function Gr(e){let r=e.frontend==="nuxt"?eo:Qi;await Br(Fr(e.projectDir,".gitignore"),r),await Br(Fr(e.projectDir,".dockerignore"),r)}async function Br(e,t){let r;try{r=await Zi(e,"utf-8")}catch{return}let i=new Set(t),n=r.split(`
1101
1101
  `).filter(o=>!i.has(o.trim()));n.length!==r.split(`
@@ -1107,21 +1107,21 @@ export { ops } from "./${r}/index";
1107
1107
  ${m}`:s.message))}else n()})})}async function tn(e){if(!me("pnpm"))return T.log.warn("pnpm not found. Skipping lockfile regeneration."),!1;try{return await ue("pnpm",["install","--lockfile-only","--no-frozen-lockfile","--config.minimumReleaseAge=0"],e),!0}catch(t){let r=t instanceof Error?t.message:String(t);return T.log.warn(`Lockfile regeneration failed: ${r}`),T.log.warn("Deploys using --frozen-lockfile may fail."),!1}}async function rn(e){if(!me("pnpm"))return T.log.warn("pnpm not found. Skipping dependency installation."),T.log.info("Install pnpm: https://pnpm.io/installation"),!1;let t=T.spinner();t.start("Installing dependencies (this may take a minute)...");try{return await ue("pnpm",["install","--config.minimumReleaseAge=0"],e),t.stop("Dependencies installed."),!0}catch(r){t.stop("Dependency installation failed.");let i=r instanceof Error?r.message:String(r);return T.log.warn(`pnpm install failed: ${i}`),T.log.warn("You can run it manually later."),!1}}async function nn(e){if(!me("pnpm"))return!1;let t=T.spinner();t.start("Generating baseline database migration...");try{return await ue("pnpm",["-F","@repo/database","generate"],e),t.stop("Baseline migration generated."),!0}catch(r){t.stop("Baseline migration generation failed.");let i=r instanceof Error?r.message:String(r);return T.log.warn(`Could not generate baseline migration: ${i}`),T.log.warn("Run 'pnpm -F @repo/database generate' before your first deploy."),!1}}async function on(e){try{return await en(Nt(e,".git")),T.log.info("Git repository already exists, skipping init."),!0}catch{}if(!me("git"))return T.log.warn("git not found. Skipping repository initialization."),!1;let t=T.spinner();t.start("Initializing git repository...");try{return await ue("git",["init"],e),await ue("git",["add","-A"],e),await ue("git",["commit","--no-verify","-m","Initial commit from GenerateSaaS"],e),t.stop("Git repository initialized."),!0}catch{return t.stop("Git initialization failed."),T.log.warn("You can run git init manually later."),!1}}async function sn(e){if(!me("pnpm"))return!1;try{await en(Nt(e,".git"))}catch{return!1}try{let t=JSON.parse(await bo(Nt(e,"package.json"),"utf-8")),r=!!t.devDependencies?.["simple-git-hooks"],i=!!t["simple-git-hooks"];if(!r||!i)return!1}catch{return!1}try{return await ue("pnpm",["exec","simple-git-hooks"],e),!0}catch{return T.log.warn("Could not install git hooks. Run 'pnpm exec simple-git-hooks' manually."),!1}}import*as ke from"@clack/prompts";import $ from"picocolors";function an(e,t){t.dockerComposeGenerated&&!t.dockerAvailable&&ke.log.warn("Docker not found. Install Docker to run local services: https://docs.docker.com/get-docker/");let r=[];if(r.push(`cd ${e.projectDir}`),t.pnpmInstalled||r.push("pnpm install"),t.dockerComposeGenerated){let o=e.dockerServices.map(s=>ye[s].label).join(", ");r.push(`pnpm infra ${$.dim(`# ${o}`)}`)}if(r.push(`pnpm dev ${$.dim("# http://localhost:3000")}`),t.skippedCredentials.length>0&&(r.push(""),r.push($.dim("Fill in remaining TODO values in .env"))),ke.note(r.join(`
1108
1108
  `),$.yellow("Start Development")),t.dockerComposeGenerated){let o=[];o.push(`App ${$.cyan("http://localhost:3000")}`),e.architecture==="separate"&&o.push(`API ${$.cyan("http://localhost:3010")}`),e.dockerServices.includes("mailpit")&&o.push(`Mailpit ${$.cyan("http://localhost:8025")}`),e.dockerServices.includes("inngest")&&o.push(`Inngest ${$.cyan("http://localhost:8288")}`),ke.note(o.join(`
1109
1109
  `),$.yellow("Dev Tools"))}let i=[],n=To(e);n.length>0&&i.push(`Set in production: ${$.dim(n.join(", "))}`),i.push("pnpm db:push # Run database migrations"),i.push(Io(e)),ke.note(i.join(`
1110
- `),$.yellow("Deployment"))}function To(e){let t=["DATABASE_URL","BETTER_AUTH_SECRET"];return e.cacheProvider==="upstash"?t.push("UPSTASH_REDIS_REST_URL","UPSTASH_REDIS_REST_TOKEN"):t.push("REDIS_URL"),e.paymentProvider==="stripe"?t.push("STRIPE_SECRET_KEY","STRIPE_WEBHOOK_SECRET"):e.paymentProvider==="polar"&&t.push("POLAR_ACCESS_TOKEN","POLAR_WEBHOOK_SECRET"),e.emailProvider==="ses"?t.push("AMAZON_SES_REGION","AMAZON_SES_KEY","AMAZON_SES_SECRET"):e.emailProvider==="resend"?t.push("RESEND_API_KEY"):t.push("SMTP_HOST","SMTP_PORT"),t}function Io(e){switch(e.deploymentTarget){case"node":return"Deploy with Docker or your preferred Node.js host";case"vercel":return"vercel deploy # Deploy to Vercel"}}function cn(e){let t={};if(e.name!==void 0){if(!tt(e.name))throw new Error(`Invalid project name "${e.name}". Use lowercase letters, numbers, and hyphens only. Must start with a letter.`);t.projectName=e.name}if(e.appName!==void 0){if(!e.appName.trim())throw new Error("App name cannot be empty.");t.appName=e.appName}if(e.location!==void 0?t.projectDir=e.location==="."?process.cwd():e.location:t.projectName!==void 0&&(t.projectDir=`./${t.projectName}`),e.frontend!==void 0){if(!Le.includes(e.frontend))throw new Error(`Invalid frontend "${e.frontend}". Valid values: ${Le.join(", ")}`);t.frontend=e.frontend}if(e.architecture!==void 0&&(t.architecture=e.architecture),e.payment!==void 0&&(t.paymentProvider=e.payment),e.email!==void 0&&(t.emailProvider=e.email),e.org!==void 0&&(t.multiTenancy=e.org),e.billingScope!==void 0){if(e.org===!1)throw new Error("--billing-scope requires --org to be enabled.");t.billingScope=e.billingScope}if(e.blog!==void 0&&(t.blog=e.blog),e.docs!==void 0&&(t.docs=e.docs),e.revenueSharing!==void 0&&(t.revenueSharing=e.revenueSharing),e.credits!==void 0){if(e.credits===!0&&e.payment==="none")throw new Error("--credits requires a payment provider (got --payment none).");t.credits=e.credits}if(e.docker!==void 0&&(t.dockerServices=Lt(e.docker,We,"docker service")),e.aiTools!==void 0&&(t.aiTools=Lt(e.aiTools,Xe,"AI tool")),e.socialProviders!==void 0&&(t.socialProviders=Lt(e.socialProviders,Qe,"social provider")),e.currency!==void 0){if(!oe.includes(e.currency))throw new Error(`Invalid currency "${e.currency}". Valid values: ${oe.join(", ")}`);t.defaultCurrency=e.currency}if(e.deploy!==void 0){if(!se.includes(e.deploy))throw new Error(`Invalid deployment target "${e.deploy}". Valid values: ${se.join(", ")}`);t.deploymentTarget=e.deploy}if(e.database!==void 0){if(!ae.includes(e.database))throw new Error(`Invalid database provider "${e.database}". Valid values: ${ae.join(", ")}`);t.databaseProvider=e.database}if(e.cache!==void 0){if(!ce.includes(e.cache))throw new Error(`Invalid cache provider "${e.cache}". Valid values: ${ce.join(", ")}`);t.cacheProvider=e.cache}if(e.demo===!0&&(t.demo=!0),e.baseUrl!==void 0){let r=e.baseUrl.trim();if(r==="")throw new Error("--base-url cannot be empty. Provide an absolute URL like https://example.com.");let i;try{i=new URL(r)}catch{throw new Error(`Invalid --base-url "${e.baseUrl}". Must be an absolute URL like https://example.com.`)}if(i.protocol!=="http:"&&i.protocol!=="https:")throw new Error(`Invalid --base-url "${e.baseUrl}". Must use http or https.`);t.baseUrl=`${i.protocol}//${i.host}`}return t}var ee={projectName:"my-saas",frontend:"nextjs",architecture:"fullstack",paymentProvider:"stripe",emailProvider:"smtp",multiTenancy:!1,billingScope:"user",blog:!0,docs:!1,revenueSharing:!1,credits:!0,dockerServices:["postgres","redis","inngest"],aiTools:[],socialProviders:[],defaultCurrency:"USD",deploymentTarget:"node",databaseProvider:"postgres",cacheProvider:"redis"};function ln(e){let t=e.projectName??ee.projectName,r=e.projectDir??`./${t}`,i=e.appName??et(t),n=e.deploymentTarget??ee.deploymentTarget,o=F[n]?.edgeRuntime??!1,s=e.databaseProvider??(o?"neon":ee.databaseProvider),a=e.cacheProvider??(o?"upstash":ee.cacheProvider),d=e.emailProvider??(o?"resend":ee.emailProvider),h=e.dockerServices??(o?ee.dockerServices.filter(m=>m!=="postgres"&&m!=="redis"):ee.dockerServices),g={...ee,...e,projectName:t,appName:i,projectDir:r,deploymentTarget:n,databaseProvider:s,cacheProvider:a,emailProvider:d,dockerServices:h};g.paymentProvider==="none"&&(g.credits=!1);for(let m of Ce){if(g.deploymentTarget!==m.target)continue;let v=g.databaseProvider===m.provider?"database":"cache";if(g.databaseProvider===m.provider||g.cacheProvider===m.provider)throw new Error(`Incompatible: --deploy ${m.target} + --${v} ${m.provider}. ${m.reason}`)}for(let m of Ne)if(g.architecture===m.architecture&&g.deploymentTarget===m.target)throw new Error(`Incompatible: --architecture ${m.architecture} + --deploy ${m.target}. ${m.reason}`);return g}function Lt(e,t,r){if(e.trim()==="")return[];let i=e.split(",").map(o=>o.trim()).filter(Boolean),n=i.filter(o=>!t.includes(o));if(n.length>0)throw new Error(`Invalid ${r}(s): ${n.join(", ")}. Valid values: ${t.join(", ")}`);return i}import Oo from"picocolors";var Do="c81635e3715dc7274f33a745e24a394d93d3d081a4004408585c3de86e1aac35";function xo(e){if(e===void 0)return;let t=e.trim().replace(/^v/,"");if(!/^\d+\.\d+\.\d+$/.test(t))throw new Error(`Invalid template version "${e}". Use semver like 1.2.3.`);return t}function pn(e){e.command("init").description("Scaffold a new GenerateSaaS project").option("-n, --name <name>","project name (lowercase, hyphens, starts with letter)").option("--app-name <name>","display name for the app").option("-l, --location <path>","project directory (default: ./{name})").addOption(new j("--frontend <type>","frontend framework").choices([...Le])).addOption(new j("--architecture <type>","fullstack or separate").choices([...Ye])).addOption(new j("--payment <provider>","payment provider").choices([...Je])).addOption(new j("--email <provider>","email provider").choices([...qe])).option("--org","enable multi-tenancy (organizations)").option("--no-org","disable multi-tenancy").addOption(new j("--billing-scope <scope>","billing scope (requires --org)").choices([...Ze])).option("--blog","enable blog").option("--no-blog","disable blog").option("--docs","include the docs app (apps/docs, Fumadocs)").option("--no-docs","exclude the docs app").option("--revenue-sharing","enable revenue sharing").option("--no-revenue-sharing","disable revenue sharing").option("--credits","enable credits system").option("--no-credits","disable credits system (subscription-only)").option("--docker <services>","comma-separated: postgres,redis,inngest,mailpit").option("--ai-tools <tools>","comma-separated: claude-code,cursor,codex,gemini-cli,windsurf").option("--social-providers <providers>","comma-separated: google,github,facebook,discord,x").addOption(new j("--currency <code>","default currency for billing").choices([...oe])).addOption(new j("--deploy <target>","deployment target").choices([...se])).addOption(new j("--database <provider>","database provider").choices([...ae])).addOption(new j("--cache <provider>","cache provider").choices([...ce])).option("--template-version <version>","specific template version to scaffold").option("--api-key <key>","API key (skips interactive prompt)").option("--base-url <url>","public base URL (e.g. https://example.com) \u2014 bakes into canonical/og/sitemap").option("-y, --yes","accept defaults for unspecified options (non-interactive)").addOption(new j("--demo","first-party demo build: keep sample content, mark site non-indexable \u2014 requires CI API key").hideHelp()).addOption(new j("--no-db-migration","skip generating the baseline DB migration (internal: demos/CI/playground)").hideHelp()).action(async t=>{await Co(t)})}async function Co(e){let t=performance.now();Ft("1.2.1");let r,i;try{r=cn(e),i=xo(e.templateVersion)}catch(S){E.cancel(I(S)),process.exit(1)}let n=E.spinner(),o;try{o=await ve({apiKey:e.apiKey,prompt:!e.yes})}catch(S){E.cancel(I(S)),process.exit(1)}e.demo&&Rt(o)!==Do&&(E.cancel("--demo is restricted to first-party demo deployments."),process.exit(1));let s=q(o),a=async()=>{let S=await Q(s),P=S.latest,_e=i??P;if(i&&!S.versions.some(he=>he.version===_e))throw new Error(`Template version "${i}" is not available.`);return{latestVersion:P,selectedVersion:_e}};n.start("Verifying access...");let d,h;try{({latestVersion:d,selectedVersion:h}=await a()),n.stop("Access verified."),pe(o)}catch(S){if(n.stop("Access verification failed."),S instanceof _&&S.status===401){e.yes&&(E.cancel("Invalid API key. Cannot prompt in non-interactive mode."),process.exit(1)),E.log.warning("Invalid API key."),o=await Ue(),s=q(o),n.start("Verifying access...");try{({latestVersion:d,selectedVersion:h}=await a()),n.stop("Access verified."),pe(o)}catch(P){n.stop("Access verification failed."),E.cancel(P instanceof _&&P.status===401?"Invalid API key.":I(P)),process.exit(1)}}else E.cancel(I(S)),process.exit(1)}E.log.success(`Latest version: ${d}`),h!==d&&E.log.success(`Using template version: ${h}`);let g;e.yes?g=ln(r):g=await Kt(r);let m;n.start("Activating license...");try{let S=crypto.randomUUID();m={token:(await Wt(s,{frontend:g.frontend,version:h,installId:S})).token,keyHash:Rt(o),installId:S},n.stop("License activated.")}catch(S){n.stop("License activation failed."),E.cancel(I(S)),process.exit(1)}let v=Ro(g.projectDir);if(Ao(v)&&ko(v).length>0)if(e.yes)E.log.info(`Directory ${v} is not empty. Merging (keeping existing files, overwriting conflicts).`);else{let P=await E.select({message:`Directory ${v} is not empty.`,options:[{value:"merge",label:"Merge",hint:"keep existing files, overwrite conflicts"},{value:"overwrite",label:"Overwrite",hint:"delete everything and start fresh"},{value:"cancel",label:"Cancel"}]});(E.isCancel(P)||P==="cancel")&&(E.cancel("Setup cancelled."),process.exit(0)),P==="overwrite"&&Po(v,{recursive:!0,force:!0})}let b={...g,projectDir:v,version:h,...e.demo?{docs:!1}:{}};n.start("Downloading template...");try{await ot(s,h,v),n.stop("Template downloaded.")}catch(S){n.stop("Download failed."),E.cancel(I(S)),process.exit(1)}let H;n.start("Generating project files...");try{if({dockerComposeGenerated:H}=await ut(b),!e.demo){let S=await je(v);await l(_o(v,nt),JSON.stringify(S,null," ")+`
1110
+ `),$.yellow("Deployment"))}function To(e){let t=["DATABASE_URL","BETTER_AUTH_SECRET"];return e.cacheProvider==="upstash"?t.push("UPSTASH_REDIS_REST_URL","UPSTASH_REDIS_REST_TOKEN"):t.push("REDIS_URL"),e.paymentProvider==="stripe"?t.push("STRIPE_SECRET_KEY","STRIPE_WEBHOOK_SECRET"):e.paymentProvider==="polar"&&t.push("POLAR_ACCESS_TOKEN","POLAR_WEBHOOK_SECRET"),e.emailProvider==="ses"?t.push("AMAZON_SES_REGION","AMAZON_SES_KEY","AMAZON_SES_SECRET"):e.emailProvider==="resend"?t.push("RESEND_API_KEY"):t.push("SMTP_HOST","SMTP_PORT"),t}function Io(e){switch(e.deploymentTarget){case"node":return"Deploy with Docker or your preferred Node.js host";case"vercel":return"vercel deploy # Deploy to Vercel"}}function cn(e){let t={};if(e.name!==void 0){if(!tt(e.name))throw new Error(`Invalid project name "${e.name}". Use lowercase letters, numbers, and hyphens only. Must start with a letter.`);t.projectName=e.name}if(e.appName!==void 0){if(!e.appName.trim())throw new Error("App name cannot be empty.");t.appName=e.appName}if(e.location!==void 0?t.projectDir=e.location==="."?process.cwd():e.location:t.projectName!==void 0&&(t.projectDir=`./${t.projectName}`),e.frontend!==void 0){if(!Le.includes(e.frontend))throw new Error(`Invalid frontend "${e.frontend}". Valid values: ${Le.join(", ")}`);t.frontend=e.frontend}if(e.architecture!==void 0&&(t.architecture=e.architecture),e.payment!==void 0&&(t.paymentProvider=e.payment),e.email!==void 0&&(t.emailProvider=e.email),e.org!==void 0&&(t.multiTenancy=e.org),e.billingScope!==void 0){if(e.org===!1)throw new Error("--billing-scope requires --org to be enabled.");t.billingScope=e.billingScope}if(e.blog!==void 0&&(t.blog=e.blog),e.docs!==void 0&&(t.docs=e.docs),e.revenueSharing!==void 0&&(t.revenueSharing=e.revenueSharing),e.credits!==void 0){if(e.credits===!0&&e.payment==="none")throw new Error("--credits requires a payment provider (got --payment none).");t.credits=e.credits}if(e.docker!==void 0&&(t.dockerServices=Lt(e.docker,We,"docker service")),e.aiTools!==void 0&&(t.aiTools=Lt(e.aiTools,Xe,"AI tool")),e.socialProviders!==void 0&&(t.socialProviders=Lt(e.socialProviders,Qe,"social provider")),e.currency!==void 0){if(!oe.includes(e.currency))throw new Error(`Invalid currency "${e.currency}". Valid values: ${oe.join(", ")}`);t.defaultCurrency=e.currency}if(e.deploy!==void 0){if(!se.includes(e.deploy))throw new Error(`Invalid deployment target "${e.deploy}". Valid values: ${se.join(", ")}`);t.deploymentTarget=e.deploy}if(e.database!==void 0){if(!ae.includes(e.database))throw new Error(`Invalid database provider "${e.database}". Valid values: ${ae.join(", ")}`);t.databaseProvider=e.database}if(e.cache!==void 0){if(!ce.includes(e.cache))throw new Error(`Invalid cache provider "${e.cache}". Valid values: ${ce.join(", ")}`);t.cacheProvider=e.cache}if(e.demo===!0&&(t.demo=!0),e.baseUrl!==void 0){let r=e.baseUrl.trim();if(r==="")throw new Error("--base-url cannot be empty. Provide an absolute URL like https://example.com.");let i;try{i=new URL(r)}catch{throw new Error(`Invalid --base-url "${e.baseUrl}". Must be an absolute URL like https://example.com.`)}if(i.protocol!=="http:"&&i.protocol!=="https:")throw new Error(`Invalid --base-url "${e.baseUrl}". Must use http or https.`);t.baseUrl=`${i.protocol}//${i.host}`}return t}var ee={projectName:"my-saas",frontend:"nextjs",architecture:"fullstack",paymentProvider:"stripe",emailProvider:"smtp",multiTenancy:!1,billingScope:"user",blog:!0,docs:!1,revenueSharing:!1,credits:!0,dockerServices:["postgres","redis","inngest"],aiTools:[],socialProviders:[],defaultCurrency:"USD",deploymentTarget:"node",databaseProvider:"postgres",cacheProvider:"redis"};function ln(e){let t=e.projectName??ee.projectName,r=e.projectDir??`./${t}`,i=e.appName??et(t),n=e.deploymentTarget??ee.deploymentTarget,o=F[n]?.edgeRuntime??!1,s=e.databaseProvider??(o?"neon":ee.databaseProvider),a=e.cacheProvider??(o?"upstash":ee.cacheProvider),d=e.emailProvider??(o?"resend":ee.emailProvider),h=e.dockerServices??(o?ee.dockerServices.filter(m=>m!=="postgres"&&m!=="redis"):ee.dockerServices),g={...ee,...e,projectName:t,appName:i,projectDir:r,deploymentTarget:n,databaseProvider:s,cacheProvider:a,emailProvider:d,dockerServices:h};g.paymentProvider==="none"&&(g.credits=!1);for(let m of Ce){if(g.deploymentTarget!==m.target)continue;let v=g.databaseProvider===m.provider?"database":"cache";if(g.databaseProvider===m.provider||g.cacheProvider===m.provider)throw new Error(`Incompatible: --deploy ${m.target} + --${v} ${m.provider}. ${m.reason}`)}for(let m of Ne)if(g.architecture===m.architecture&&g.deploymentTarget===m.target)throw new Error(`Incompatible: --architecture ${m.architecture} + --deploy ${m.target}. ${m.reason}`);return g}function Lt(e,t,r){if(e.trim()==="")return[];let i=e.split(",").map(o=>o.trim()).filter(Boolean),n=i.filter(o=>!t.includes(o));if(n.length>0)throw new Error(`Invalid ${r}(s): ${n.join(", ")}. Valid values: ${t.join(", ")}`);return i}import Oo from"picocolors";var Do="c81635e3715dc7274f33a745e24a394d93d3d081a4004408585c3de86e1aac35";function xo(e){if(e===void 0)return;let t=e.trim().replace(/^v/,"");if(!/^\d+\.\d+\.\d+$/.test(t))throw new Error(`Invalid template version "${e}". Use semver like 1.2.3.`);return t}function pn(e){e.command("init").description("Scaffold a new GenerateSaaS project").option("-n, --name <name>","project name (lowercase, hyphens, starts with letter)").option("--app-name <name>","display name for the app").option("-l, --location <path>","project directory (default: ./{name})").addOption(new j("--frontend <type>","frontend framework").choices([...Le])).addOption(new j("--architecture <type>","fullstack or separate").choices([...Ye])).addOption(new j("--payment <provider>","payment provider").choices([...Je])).addOption(new j("--email <provider>","email provider").choices([...qe])).option("--org","enable multi-tenancy (organizations)").option("--no-org","disable multi-tenancy").addOption(new j("--billing-scope <scope>","billing scope (requires --org)").choices([...Ze])).option("--blog","enable blog").option("--no-blog","disable blog").option("--docs","include the docs app (apps/docs, Fumadocs)").option("--no-docs","exclude the docs app").option("--revenue-sharing","enable revenue sharing").option("--no-revenue-sharing","disable revenue sharing").option("--credits","enable credits system").option("--no-credits","disable credits system (subscription-only)").option("--docker <services>","comma-separated: postgres,redis,inngest,mailpit").option("--ai-tools <tools>","comma-separated: claude-code,cursor,codex,gemini-cli,windsurf").option("--social-providers <providers>","comma-separated: google,github,facebook,discord,x").addOption(new j("--currency <code>","default currency for billing").choices([...oe])).addOption(new j("--deploy <target>","deployment target").choices([...se])).addOption(new j("--database <provider>","database provider").choices([...ae])).addOption(new j("--cache <provider>","cache provider").choices([...ce])).option("--template-version <version>","specific template version to scaffold").option("--api-key <key>","API key (skips interactive prompt)").option("--base-url <url>","public base URL (e.g. https://example.com) - bakes into canonical/og/sitemap").option("-y, --yes","accept defaults for unspecified options (non-interactive)").addOption(new j("--demo","first-party demo build: keep sample content, mark site non-indexable - requires CI API key").hideHelp()).addOption(new j("--no-db-migration","skip generating the baseline DB migration (internal: demos/CI/playground)").hideHelp()).action(async t=>{await Co(t)})}async function Co(e){let t=performance.now();Ft("1.2.2");let r,i;try{r=cn(e),i=xo(e.templateVersion)}catch(S){E.cancel(I(S)),process.exit(1)}let n=E.spinner(),o;try{o=await ve({apiKey:e.apiKey,prompt:!e.yes})}catch(S){E.cancel(I(S)),process.exit(1)}e.demo&&Rt(o)!==Do&&(E.cancel("--demo is restricted to first-party demo deployments."),process.exit(1));let s=q(o),a=async()=>{let S=await Q(s),P=S.latest,_e=i??P;if(i&&!S.versions.some(he=>he.version===_e))throw new Error(`Template version "${i}" is not available.`);return{latestVersion:P,selectedVersion:_e}};n.start("Verifying access...");let d,h;try{({latestVersion:d,selectedVersion:h}=await a()),n.stop("Access verified."),pe(o)}catch(S){if(n.stop("Access verification failed."),S instanceof _&&S.status===401){e.yes&&(E.cancel("Invalid API key. Cannot prompt in non-interactive mode."),process.exit(1)),E.log.warning("Invalid API key."),o=await Ue(),s=q(o),n.start("Verifying access...");try{({latestVersion:d,selectedVersion:h}=await a()),n.stop("Access verified."),pe(o)}catch(P){n.stop("Access verification failed."),E.cancel(P instanceof _&&P.status===401?"Invalid API key.":I(P)),process.exit(1)}}else E.cancel(I(S)),process.exit(1)}E.log.success(`Latest version: ${d}`),h!==d&&E.log.success(`Using template version: ${h}`);let g;e.yes?g=ln(r):g=await Kt(r);let m;n.start("Activating license...");try{let S=crypto.randomUUID();m={token:(await Wt(s,{frontend:g.frontend,version:h,installId:S})).token,keyHash:Rt(o),installId:S},n.stop("License activated.")}catch(S){n.stop("License activation failed."),E.cancel(I(S)),process.exit(1)}let v=Ro(g.projectDir);if(Ao(v)&&ko(v).length>0)if(e.yes)E.log.info(`Directory ${v} is not empty. Merging (keeping existing files, overwriting conflicts).`);else{let P=await E.select({message:`Directory ${v} is not empty.`,options:[{value:"merge",label:"Merge",hint:"keep existing files, overwrite conflicts"},{value:"overwrite",label:"Overwrite",hint:"delete everything and start fresh"},{value:"cancel",label:"Cancel"}]});(E.isCancel(P)||P==="cancel")&&(E.cancel("Setup cancelled."),process.exit(0)),P==="overwrite"&&Po(v,{recursive:!0,force:!0})}let b={...g,projectDir:v,version:h,...e.demo?{docs:!1}:{}};n.start("Downloading template...");try{await ot(s,h,v),n.stop("Template downloaded.")}catch(S){n.stop("Download failed."),E.cancel(I(S)),process.exit(1)}let H;n.start("Generating project files...");try{if({dockerComposeGenerated:H}=await ut(b),!e.demo){let S=await je(v);await l(_o(v,nt),JSON.stringify(S,null," ")+`
1111
1111
  `),await Wr(v,v)}await Qr(v,b.aiTools),await Jr(b,m),n.stop("Project files generated.")}catch(S){n.stop("Generation failed."),E.cancel(I(S)),process.exit(1)}await tn(v);let R=await rn(v);R&&b.demo!==!0&&e.dbMigration!==!1&&await nn(v),await on(v),R&&await sn(v);let te=me("docker"),A=St(b).map(S=>S.key).filter(S=>!b.credentials?.[S]);an(b,{pnpmInstalled:R,dockerComposeGenerated:H,dockerAvailable:te,skippedCredentials:A}),Bt(),E.log.info(Oo.dim(`Done in ${((performance.now()-t)/1e3).toFixed(1)}s`))}import{existsSync as dn}from"fs";import{readFile as jo}from"fs/promises";import{join as Ve,resolve as Mo}from"path";import*as k from"@clack/prompts";import Pe from"picocolors";import{mkdtemp as No,rm as Lo}from"fs/promises";import{tmpdir as Uo}from"os";import{join as $o}from"path";async function Ut(e,t,r,i){let n=await No($o(Uo(),"generatesaas-stage-"));try{await ot(e,t,n),await ut({...r,projectDir:n}),await Ot(n,i)}finally{await Lo(n,{recursive:!0,force:!0})}}function un(e){e.command("update").description("Update AI skill files and stage template updates").option("--cwd <path>","project directory (default: current directory)").action(async t=>{let r=Mo(t.cwd??process.cwd()),i=Ve(r,W),n;try{n=JSON.parse(await jo(i,"utf-8"))}catch{k.cancel(".generatesaas/manifest.json not found. Run this from a GenerateSaaS project."),process.exit(1)}let o;try{o=await ve()}catch(d){k.cancel(I(d)),process.exit(1)}let s=q(o),a=k.spinner();try{a.start("Verifying access...");let d;try{d=await Q(s)}catch(A){throw A instanceof _&&A.status===401?new Error("Your saved API key was rejected. Run `generatesaas auth` to update it, or set GENERATESAAS_API_KEY."):A}a.stop("Access verified."),pe(o),a.start("Fetching latest skill files...");let h=await qt(s,d.latest);await Ct(r,h.skillMd,h.scripts,n.aiTools);let g=xt(n.aiTools);if(a.stop("Skills updated."),k.log.success(`Skill files installed to ${Pe.cyan(g.length.toString())} locations.`),n.version===d.latest){k.log.info(`Already on the latest version (${n.version}).`);return}if(n.licenseToken)try{let A=await Xt(s,{currentToken:n.licenseToken,newVersion:n.version});n.licenseToken=A.token,await l(i,JSON.stringify(n,null," ")+`
1112
1112
  `),k.log.success("License refreshed.")}catch{k.log.warn("License refresh skipped.")}let m=Yr(n,r),v=Ve(r,Ht);a.start(`Staging v${d.latest} (shaped for your config)...`),await Ut(s,d.latest,m,v),a.stop("Template staged.");let b=await Jt(s,d.latest);b&&k.note(b,`Changelog v${d.latest}`);let H=Ve(r,nt),R=Ve(r,it),te=!dn(R),re=!dn(H);if(te){if(a.start("Building baseline template (one-time migration)..."),await Ut(s,n.version,m,R),re){let A=await je(R);await l(H,JSON.stringify(A,null," ")+`
1113
1113
  `)}a.stop("Baseline template stored.")}else if(re){a.start("Computing baseline template hashes...");let A=await je(R);await l(H,JSON.stringify(A,null," ")+`
1114
1114
  `),a.stop("Baseline hashes computed.")}if(await l(Ve(r,Yt),JSON.stringify({currentVersion:n.version,targetVersion:d.latest,changelog:b,stagedAt:new Date().toISOString()},null," ")+`
1115
1115
  `),k.log.info(`Update staged: ${Pe.cyan(n.version)} \u2192 ${Pe.cyan(d.latest)}`),n.aiTools&&n.aiTools.length>0){let A=n.aiTools[0],S=xe[A].label;k.log.info(`Open your project in ${Pe.cyan(S)} and ask: ${Pe.cyan("'update my GenerateSaaS project'")}`)}else k.log.info(`Ask your AI coding assistant to ${Pe.cyan("'update my GenerateSaaS project'")}.`)}catch(d){a.stop("Failed."),k.cancel(`Update failed: ${I(d)}`),process.exit(1)}})}import*as C from"@clack/prompts";import M from"picocolors";import{readFile as Vo}from"fs/promises";import{join as Fo,resolve as Bo}from"path";function mn(e){e.command("status").description("Show project status and check for updates").option("--cwd <path>","project directory (default: current directory)").action(async t=>{let r=Bo(t.cwd??process.cwd()),i=Fo(r,W),n;try{n=JSON.parse(await Vo(i,"utf-8"))}catch{C.cancel(".generatesaas/manifest.json not found. Run this from a GenerateSaaS project."),process.exit(1)}let o=[`Version: ${M.cyan(n.version)}`,`Frontend: ${M.cyan(n.frontend)}`,n.deploymentTarget?`Deploy target: ${M.cyan(n.deploymentTarget)}`:null,n.databaseProvider?`Database: ${M.cyan(n.databaseProvider)}`:null,n.cacheProvider?`Cache: ${M.cyan(n.cacheProvider)}`:null,n.aiTools&&n.aiTools.length>0?`AI tools: ${M.cyan(n.aiTools.join(", "))}`:null].filter(Boolean).join(`
1116
1116
  `);C.note(o,M.bold("Project Status"));let s=C.spinner();s.start("Checking for updates...");try{let a=await ve(),d=q(a),g=(await Q(d)).latest;n.version===g?(s.stop("Up to date."),C.log.success(`Already on the latest version (${M.green(g)})`)):(s.stop("Update available."),C.log.warning(`Update available: ${M.yellow(n.version)} \u2192 ${M.green(g)}`),C.log.info(`Run ${M.cyan("generatesaas update")} to update skill files, then ask your AI assistant to apply the update.`))}catch(a){s.stop("Check failed."),a instanceof _&&a.status===401?C.log.warning("Invalid API key. Run `generatesaas auth` to update it, or set GENERATESAAS_API_KEY."):C.log.warning(`Could not check for updates: ${I(a)}`)}})}import{readFile as Go}from"fs/promises";import*as N from"@clack/prompts";import z from"picocolors";function Ko(e){let t=e.split(".");if(t.length!==3||!t[1])throw new Error("Invalid JWT format");let r=Buffer.from(t[1],"base64url").toString("utf-8");return JSON.parse(r)}function $t(e){return typeof e!="number"?"unknown":new Date(e*1e3).toISOString().split("T")[0]}function fn(e){N.note([`License ID: ${z.cyan(String(e.lid??"unknown"))}`,`Version: ${z.cyan(String(e.ver??"unknown"))}`,`Init version: ${String(e.iver??"unknown")}`,`Frontend: ${String(e.fe??"unknown")}`,`Created: ${$t(e.pat)}`,`Last updated: ${$t(e.uat)}`,`Expires: ${$t(e.exp)}`,`Install ID: ${String(e.nid??"unknown")}`].join(`
1117
- `),z.yellow("License Details"))}async function gn(e){let t=N.spinner(),r=e.replace(/\/+$/,"");t.start(`Checking ${r}/license...`);let i;try{let o=await fetch(`${r}/license`);if(!o.ok)return t.stop(`${z.red("Not found")} \u2014 ${r}/license returned ${o.status}`),!1;if(i=await o.text(),!i||i.split(".").length!==3)return t.stop(`${z.red("Invalid")} \u2014 response is not a JWT`),!1;t.stop(`${z.green("Found")} \u2014 license endpoint responded`)}catch(o){return t.stop(`${z.red("Failed")} \u2014 ${I(o)}`),!1}let n;try{n=Ko(i)}catch{return N.log.error("Could not decode JWT payload."),!1}t.start("Verifying signature...");try{let o=process.env.GENERATESAAS_API_URL??rt,s=await Zt(o,i);if(s.valid)t.stop(`${z.green("Valid")} \u2014 signature verified`);else return t.stop(`${z.red("Invalid")} \u2014 ${s.reason}`),!1}catch{return t.stop(`${z.yellow("Skipped")} \u2014 could not reach verification service`),N.log.warn("Signature not verified. Displaying unverified claims:"),fn(n),!1}return fn(n),!0}function hn(e){e.command("verify").description("Verify a GenerateSaaS license on a deployed site").argument("[url]","URL of the site to verify (e.g. https://example.com/api)").option("--file <path>","file with URLs to check, one per line").action(async(t,r)=>{if(!t&&!r.file&&(N.cancel("Provide a URL or --file <path>."),process.exit(1)),r.file){let n=(await Go(r.file,"utf-8")).split(`
1117
+ `),z.yellow("License Details"))}async function gn(e){let t=N.spinner(),r=e.replace(/\/+$/,"");t.start(`Checking ${r}/license...`);let i;try{let o=await fetch(`${r}/license`);if(!o.ok)return t.stop(`${z.red("Not found")} - ${r}/license returned ${o.status}`),!1;if(i=await o.text(),!i||i.split(".").length!==3)return t.stop(`${z.red("Invalid")} - response is not a JWT`),!1;t.stop(`${z.green("Found")} - license endpoint responded`)}catch(o){return t.stop(`${z.red("Failed")} - ${I(o)}`),!1}let n;try{n=Ko(i)}catch{return N.log.error("Could not decode JWT payload."),!1}t.start("Verifying signature...");try{let o=process.env.GENERATESAAS_API_URL??rt,s=await Zt(o,i);if(s.valid)t.stop(`${z.green("Valid")} - signature verified`);else return t.stop(`${z.red("Invalid")} - ${s.reason}`),!1}catch{return t.stop(`${z.yellow("Skipped")} - could not reach verification service`),N.log.warn("Signature not verified. Displaying unverified claims:"),fn(n),!1}return fn(n),!0}function hn(e){e.command("verify").description("Verify a GenerateSaaS license on a deployed site").argument("[url]","URL of the site to verify (e.g. https://example.com/api)").option("--file <path>","file with URLs to check, one per line").action(async(t,r)=>{if(!t&&!r.file&&(N.cancel("Provide a URL or --file <path>."),process.exit(1)),r.file){let n=(await Go(r.file,"utf-8")).split(`
1118
1118
  `).map(s=>s.trim()).filter(s=>s&&!s.startsWith("#"));n.length===0&&(N.cancel("No URLs found in file."),process.exit(1));let o=0;for(let s of n)await gn(s)&&o++,N.log.info("");N.log.success(`${o}/${n.length} sites verified.`)}else await gn(t)||process.exit(1)})}import{existsSync as zo,rmSync as Ho}from"fs";import*as V from"@clack/prompts";function yn(e){e.command("auth").description("Set or update your GenerateSaaS API key").option("--clear","remove saved API key").action(async t=>{if(t.clear){zo(J)?(Ho(J),V.log.success("API key removed.")):V.log.info("No API key configured.");return}let r=Et();r?V.log.info(`Current API key: ****${r.slice(-4)}`):V.log.info("No API key configured.");let i=await Ue(),n=q(i),o=V.spinner();o.start("Verifying API key...");try{await Q(n),o.stop("API key verified."),pe(i),V.log.success("API key saved.")}catch(s){o.stop("Verification failed."),s instanceof _&&s.status===401?V.cancel("Invalid API key."):V.cancel(I(s)),process.exit(1)}})}import{existsSync as ft,rmSync as Yo,readFileSync as Mt,writeFileSync as vn}from"fs";import{join as fe}from"path";import*as L from"@clack/prompts";var Jo=["packages/api/src/functions/maintenance/license-heartbeat.ts","packages/api/src/lib/manifest.ts","packages/api/src/routes/internal/license.ts"],qo=[{file:"packages/api/src/routes/inngest.ts",removals:[`import { licenseHeartbeatFunction } from "../functions/maintenance/license-heartbeat";
1119
1119
  `,` licenseHeartbeatFunction,
1120
1120
  `]},{file:"packages/api/src/routes/internal/index.ts",removals:[`import licenseRoutes from "./license";
1121
1121
  `,` .route("/license", licenseRoutes)
1122
1122
  `]}];function Wo(e){return(e&&e.length>0?e.map(r=>Me[r]):Object.values(Me)).map(r=>fe(r,Dt))}function jt(e){return ft(e)?(Yo(e,{recursive:!0}),!0):!1}function Xo(e,t){if(!ft(e))return!1;let r=Mt(e,"utf-8"),i=r;for(let n of t)i=i.replace(n,"");return i===r?!1:(vn(e,i,"utf-8"),!0)}function Zo(e){let t=fe(e,".gitignore");if(!ft(t))return!1;let r=Mt(t,"utf-8"),i=r.split(`
1123
1123
  `).filter(n=>!n.includes(".generatesaas")).join(`
1124
- `);return i===r?!1:(vn(t,i,"utf-8"),!0)}function Sn(e){e.command("eject").description("Remove all GenerateSaaS ties \u2014 manifest, license, heartbeat, skills").action(async()=>{let t=process.cwd(),r=fe(t,W),i;try{i=JSON.parse(Mt(r,"utf-8"))}catch{L.cancel("No GenerateSaaS project found in this directory."),process.exit(1)}let n=await L.text({message:'Type "eject" to confirm (this cannot be undone):',validate:a=>{if(a!=="eject")return'Type "eject" to confirm, or press Ctrl+C to cancel.'}});L.isCancel(n)&&(L.cancel("Eject cancelled."),process.exit(0));let o=[],s=[];for(let a of Wo(i.aiTools))jt(fe(t,a))&&o.push(a);for(let a of Jo)jt(fe(t,a))&&o.push(a);jt(fe(t,U))&&o.push(U+"/");for(let a of qo){let d=fe(t,a.file);Xo(d,a.removals)?s.push(a.file):ft(d)&&L.log.warn(`Could not auto-modify ${a.file} \u2014 manually remove license/heartbeat references.`)}Zo(t)&&s.push(".gitignore");for(let a of o)L.log.info(`Deleted ${a}`);for(let a of s)L.log.info(`Modified ${a}`);L.log.success("Ejected successfully. This project is now fully standalone.")})}var ge=new Qo().name("generatesaas").description("CLI for scaffolding and managing GenerateSaaS projects").version("1.2.1").addHelpText("after",`
1124
+ `);return i===r?!1:(vn(t,i,"utf-8"),!0)}function Sn(e){e.command("eject").description("Remove all GenerateSaaS ties - manifest, license, heartbeat, skills").action(async()=>{let t=process.cwd(),r=fe(t,W),i;try{i=JSON.parse(Mt(r,"utf-8"))}catch{L.cancel("No GenerateSaaS project found in this directory."),process.exit(1)}let n=await L.text({message:'Type "eject" to confirm (this cannot be undone):',validate:a=>{if(a!=="eject")return'Type "eject" to confirm, or press Ctrl+C to cancel.'}});L.isCancel(n)&&(L.cancel("Eject cancelled."),process.exit(0));let o=[],s=[];for(let a of Wo(i.aiTools))jt(fe(t,a))&&o.push(a);for(let a of Jo)jt(fe(t,a))&&o.push(a);jt(fe(t,U))&&o.push(U+"/");for(let a of qo){let d=fe(t,a.file);Xo(d,a.removals)?s.push(a.file):ft(d)&&L.log.warn(`Could not auto-modify ${a.file} - manually remove license/heartbeat references.`)}Zo(t)&&s.push(".gitignore");for(let a of o)L.log.info(`Deleted ${a}`);for(let a of s)L.log.info(`Modified ${a}`);L.log.success("Ejected successfully. This project is now fully standalone.")})}var ge=new Qo().name("generatesaas").description("CLI for scaffolding and managing GenerateSaaS projects").version("1.2.2").addHelpText("after",`
1125
1125
  Examples:
1126
1126
  $ generatesaas init Interactive setup
1127
1127
  $ generatesaas init -n my-app -y Quick setup with defaults
@@ -1,6 +1,6 @@
1
1
  ---
2
2
  name: update
3
- description: Update a GenerateSaaS project to the latest boilerplate version. Use this whenever the user asks to "update my GenerateSaaS project", update their GenerateSaaS boilerplate/template, or pull the latest GenerateSaaS changes. Fetches and stages the new version, classifies files, analyzes dependencies, and applies changes while preserving user customizations the user controls every decision.
3
+ description: Update a GenerateSaaS project to the latest boilerplate version. Use this whenever the user asks to "update my GenerateSaaS project", update their GenerateSaaS boilerplate/template, or pull the latest GenerateSaaS changes. Fetches and stages the new version, classifies files, analyzes dependencies, and applies changes while preserving user customizations - the user controls every decision.
4
4
  ---
5
5
 
6
6
  # GenerateSaaS Update
@@ -9,10 +9,10 @@ Update your project to the latest GenerateSaaS boilerplate version while preserv
9
9
 
10
10
  ## Core Principles
11
11
 
12
- 1. **User decides everything** Present clear information and options. Never make decisions that affect user code without explicit approval. Every meaningful change requires the user's input.
13
- 2. **Never break user code** If an upstream change conflicts with user modifications, present the situation and let the user choose. When in doubt, keep the user's version and explain what was skipped.
14
- 3. **Full transparency** For every change, explain: what changed upstream, why it changed, and how it affects the user's code. The user should always know exactly what is happening.
15
- 4. **Track everything** Every change is tracked in a checklist. Mark items as completed, skipped, or failed with clear reasons.
12
+ 1. **User decides everything** - Present clear information and options. Never make decisions that affect user code without explicit approval. Every meaningful change requires the user's input.
13
+ 2. **Never break user code** - If an upstream change conflicts with user modifications, present the situation and let the user choose. When in doubt, keep the user's version and explain what was skipped.
14
+ 3. **Full transparency** - For every change, explain: what changed upstream, why it changed, and how it affects the user's code. The user should always know exactly what is happening.
15
+ 4. **Track everything** - Every change is tracked in a checklist. Mark items as completed, skipped, or failed with clear reasons.
16
16
 
17
17
  ## Workflow Overview
18
18
 
@@ -22,25 +22,25 @@ Step 1: Fetch + stage + prepare update data (you run the CLI, then the script)
22
22
  Step 2: Present changelog to user
23
23
  Step 3: Classify files (script)
24
24
  Step 4: Analyze dependencies
25
- Step 5: Present update plan user chooses interaction mode
25
+ Step 5: Present update plan - user chooses interaction mode
26
26
  Step 6: Apply safe auto-updates (script)
27
- Step 7: Review modified files with user one by one
27
+ Step 7: Review modified files with user - one by one
28
28
  Step 8: Post-update validation
29
29
  Step 9: Complete update (script)
30
30
  ```
31
31
 
32
32
  **You own the whole flow.** When the user says "update my GenerateSaaS project," do
33
- everything end-to-end including fetching and staging the new version (Step 1).
33
+ everything end-to-end - including fetching and staging the new version (Step 1).
34
34
  The user does not run any CLI command themselves.
35
35
 
36
36
  **What the staged update contains (important):** `generatesaas update` re-shapes the
37
- new version's template into THIS project's exact configuration before staging same
37
+ new version's template into THIS project's exact configuration before staging - same
38
38
  frontend, payment provider, database, feature flags, etc. So everything in
39
39
  `.generatesaas/staging/` and the `.generatesaas/template/` baseline is buyer-shaped:
40
40
  you will never see another framework's files, a provider the project doesn't use, the
41
41
  boilerplate's internal tooling, or dev-only secrets. Every diff you surface already
42
42
  applies to this project. The 3-way merge baseline (`.generatesaas/template/`) is a
43
- faithful pristine copy of what this project started from trust it.
43
+ faithful pristine copy of what this project started from - trust it.
44
44
 
45
45
  ---
46
46
 
@@ -48,13 +48,13 @@ faithful pristine copy of what this project started from — trust it.
48
48
 
49
49
  Before starting the update:
50
50
 
51
- 1. **Check git status.** Run `git status --porcelain -- . ':(exclude).generatesaas'` (or otherwise ignore changes under `.generatesaas/`). The update process writes its own artifacts there `staging.json`, `manifest.json` (license refresh), `held-back.json`, hash files so those must NOT count as a dirty tree. If, ignoring `.generatesaas/`, there are ANY uncommitted changes (staged, unstaged, or untracked files in tracked directories), **STOP immediately**. Do NOT proceed with the update. Tell the user:
51
+ 1. **Check git status.** Run `git status --porcelain -- . ':(exclude).generatesaas'` (or otherwise ignore changes under `.generatesaas/`). The update process writes its own artifacts there - `staging.json`, `manifest.json` (license refresh), `held-back.json`, hash files - so those must NOT count as a dirty tree. If, ignoring `.generatesaas/`, there are ANY uncommitted changes (staged, unstaged, or untracked files in tracked directories), **STOP immediately**. Do NOT proceed with the update. Tell the user:
52
52
 
53
- > You have uncommitted changes. The update cannot proceed until your working tree is clean this ensures you have a safe rollback point if anything needs to be reverted.
53
+ > You have uncommitted changes. The update cannot proceed until your working tree is clean - this ensures you have a safe rollback point if anything needs to be reverted.
54
54
  >
55
55
  > **What would you like to do?**
56
- > 1. **I'll handle it myself** Stop the update so you can commit, stash, or discard changes on your own terms, then re-run the update
57
- > 2. **Help me commit** I'll help you create a commit with your current changes, then we continue
56
+ > 1. **I'll handle it myself** - Stop the update so you can commit, stash, or discard changes on your own terms, then re-run the update
57
+ > 2. **Help me commit** - I'll help you create a commit with your current changes, then we continue
58
58
 
59
59
  **NEVER** commit, stash, reset, or alter git state without the user's explicit choice. The user may have intentionally reverted work or have changes they don't want committed. Wait for their decision.
60
60
 
@@ -67,31 +67,31 @@ If the user chooses option 1, stop completely. Do not continue the update.
67
67
  > It looks like a previous update was started but not completed. The plan file shows progress from a prior attempt.
68
68
  >
69
69
  > **What would you like to do?**
70
- > 1. **Start fresh** Discard the old plan and begin the update from scratch
71
- > 2. **Stop** Let me review what happened before continuing
70
+ > 1. **Start fresh** - Discard the old plan and begin the update from scratch
71
+ > 2. **Stop** - Let me review what happened before continuing
72
72
 
73
- If starting fresh, delete the old plan file. Note: files that were auto-applied in the previous attempt may now have V2 content but template-hashes.json still has V1 hashes these will be correctly classified as "modified" (since they differ from the V1 template hash) and the AI will see they match the staging file, making them trivial merges.
73
+ If starting fresh, delete the old plan file. Note: files that were auto-applied in the previous attempt may now have V2 content but template-hashes.json still has V1 hashes - these will be correctly classified as "modified" (since they differ from the V1 template hash) and the AI will see they match the staging file, making them trivial merges.
74
74
 
75
75
  ### Step 1: Fetch, Stage, and Prepare Update Data
76
76
 
77
77
  **1a. Stage the new version yourself.** Unless a staged update already exists
78
78
  (`.generatesaas/staging.json` present), run the CLI to fetch the latest version and
79
- stage it re-shaped for this project's exact configuration:
79
+ stage it - re-shaped for this project's exact configuration:
80
80
 
81
81
  ```bash
82
82
  npx generatesaas@latest update
83
83
  ```
84
84
 
85
85
  This resolves the saved API key from `~/.generatesaas` (written at init), so it runs
86
- non-interactively it never prompts you for a key. It refreshes the skill files,
86
+ non-interactively - it never prompts you for a key. It refreshes the skill files,
87
87
  downloads the new version, shapes it into this project's configuration, and writes
88
88
  `.generatesaas/staging/` + `staging.json`. If it reports "Already on the latest
89
- version," there is nothing to update tell the user and stop. If it fails because the
89
+ version," there is nothing to update - tell the user and stop. If it fails because the
90
90
  API key is missing or rejected, ask the user to run `generatesaas auth` (which sets the
91
91
  key once and saves it), then re-run the update. For a network error, ask them to retry.
92
92
 
93
93
  > Note: this command also rewrites the skill scripts to their latest version. That is
94
- > expected the scripts you run in the following steps are the freshly-installed ones.
94
+ > expected - the scripts you run in the following steps are the freshly-installed ones.
95
95
 
96
96
  **1b. Prepare the diff/classification data:**
97
97
 
@@ -100,30 +100,30 @@ node __SKILL_ROOT__/generatesaas-update/scripts/prepare-update.js
100
100
  ```
101
101
 
102
102
  Creates:
103
- - `references/changelog.md` what changed and why
104
- - `references/diffs/<path>.diff` one unified diff per changed file, named by the
103
+ - `references/changelog.md` - what changed and why
104
+ - `references/diffs/<path>.diff` - one unified diff per changed file, named by the
105
105
  file's project-relative path with `.diff` appended (e.g.
106
106
  `references/diffs/packages/config/src/index.ts.diff`). Diffs cover `modified` +
107
107
  `added` files; `unmodified`, `deleted`, and `removed` files have none.
108
- - `references/update-manifest.json` lists of added, modified, and removed files
108
+ - `references/update-manifest.json` - lists of added, modified, and removed files
109
109
 
110
110
  ### Step 2: Present Changelog
111
111
 
112
112
  Read `references/changelog.md`. It may be one of two shapes:
113
113
 
114
- - **Curated** contains explicit `## Breaking`, `## Migration`, `## Features`, `## Fixes` (or similar) sections. Use those sections verbatim; they are authoritative.
115
- - **Raw** auto-generated release notes (a flat list of PR titles, no sections). This is the common case. You can group PR titles into features/fixes by reading them, but you **cannot** reliably infer breaking changes or migration steps from PR titles.
114
+ - **Curated** - contains explicit `## Breaking`, `## Migration`, `## Features`, `## Fixes` (or similar) sections. Use those sections verbatim; they are authoritative.
115
+ - **Raw** - auto-generated release notes (a flat list of PR titles, no sections). This is the common case. You can group PR titles into features/fixes by reading them, but you **cannot** reliably infer breaking changes or migration steps from PR titles.
116
116
 
117
117
  Present a clear, organized summary:
118
118
 
119
119
  > ## What's New in v{targetVersion}
120
120
  >
121
- > **Breaking changes:** {from a Breaking section, or "⚠️ Not specified in the changelog review the diffs in Step 7 carefully, especially database/schema and config files"}
121
+ > **Breaking changes:** {from a Breaking section, or "⚠️ Not specified in the changelog - review the diffs in Step 7 carefully, especially database/schema and config files"}
122
122
  > **New features:** {list}
123
123
  > **Bug fixes:** {list}
124
- > **Migration steps required:** {from a Migration section, or "⚠️ None listed if this update changes the database schema or required env vars, you may still need to migrate. I'll flag schema/config changes as we review them."}
124
+ > **Migration steps required:** {from a Migration section, or "⚠️ None listed - if this update changes the database schema or required env vars, you may still need to migrate. I'll flag schema/config changes as we review them."}
125
125
 
126
- **Be honest about uncertainty.** Never present an inferred "Breaking changes: None" or "Migration steps: None" as if it were authoritative when the changelog is raw PR titles say it's not specified and that you'll watch for schema/config/env changes during the file review. A silently-missed migration (e.g. a new DB column) is the worst failure mode.
126
+ **Be honest about uncertainty.** Never present an inferred "Breaking changes: None" or "Migration steps: None" as if it were authoritative when the changelog is raw PR titles - say it's not specified and that you'll watch for schema/config/env changes during the file review. A silently-missed migration (e.g. a new DB column) is the worst failure mode.
127
127
 
128
128
  Then ask: *"Ready to proceed with the file analysis?"*
129
129
 
@@ -137,27 +137,27 @@ node __SKILL_ROOT__/generatesaas-update/scripts/classify-files.js
137
137
 
138
138
  Read `references/classification.json`. It contains:
139
139
 
140
- - **unmodified** file matches the original template, safe to replace
141
- - **modified** user has customized this file, needs careful review
142
- - **deleted** user deleted this file, skip update for it
143
- - **new** file doesn't exist locally and its directory tree is genuinely new upstream, safe to create
144
- - **newInDeletedTree** file is new upstream BUT lives inside a directory tree the user intentionally deleted (the tree existed in the baseline and is now gone on disk). **Never auto-create these.** Ask the user whether to bring the tree back (see "For New Files In Deleted Trees" in Step 7).
145
- - **removed** file was removed upstream, user decides whether to delete
146
- - **crossDependencies** import relationships between categories (if detected)
140
+ - **unmodified** - file matches the original template, safe to replace
141
+ - **modified** - user has customized this file, needs careful review
142
+ - **deleted** - user deleted this file, skip update for it
143
+ - **new** - file doesn't exist locally and its directory tree is genuinely new upstream, safe to create
144
+ - **newInDeletedTree** - file is new upstream BUT lives inside a directory tree the user intentionally deleted (the tree existed in the baseline and is now gone on disk). **Never auto-create these.** Ask the user whether to bring the tree back (see "For New Files In Deleted Trees" in Step 7).
145
+ - **removed** - file was removed upstream, user decides whether to delete
146
+ - **crossDependencies** - import relationships between categories (if detected)
147
147
 
148
148
  ### Step 4: Analyze Dependencies
149
149
 
150
150
  This step prevents breaking the user's code through indirect effects.
151
151
 
152
152
  1. **Read `crossDependencies`** from classification.json (if present). This shows:
153
- - `modifiedImportsUnmodified` modified files that import from auto-apply files
154
- - `unmodifiedImportsModified` auto-apply files that import from modified files
155
- - `newImportsModified` new files that import from modified files
153
+ - `modifiedImportsUnmodified` - modified files that import from auto-apply files
154
+ - `unmodifiedImportsModified` - auto-apply files that import from modified files
155
+ - `newImportsModified` - new files that import from modified files
156
156
 
157
157
  2. **For each cross-dependency**, read the relevant diff at `references/diffs/<path>.diff`. Handle all three directions the classifier emits:
158
- - **`modifiedImportsUnmodified`** a modified file imports from an auto-apply (unmodified) file. If the auto-apply file's diff changes **exports, function signatures, types, or interfaces** that the modified file uses → promote it from `unmodified` to `modified` (it needs user review alongside its dependent, so the merge accounts for the new API).
159
- - **`unmodifiedImportsModified`** an auto-apply file imports from a modified file. After the modified file is handled in Step 7, re-check this auto-apply file: if the user kept their version of the modified file but the auto-apply file's new version expects the upstream API, the auto-apply file may not be compatible. Flag it and revisit in the Step 7 cascade-awareness check.
160
- - **`newImportsModified`** a new file imports from a modified file. The new file will be auto-created in Step 6. After the modified file is handled, verify the new file's imports resolve against whatever version of the modified file the user ended up with (their merge, their kept version, or upstream). If the new file expects the upstream API but the user kept their version, surface it.
158
+ - **`modifiedImportsUnmodified`** - a modified file imports from an auto-apply (unmodified) file. If the auto-apply file's diff changes **exports, function signatures, types, or interfaces** that the modified file uses → promote it from `unmodified` to `modified` (it needs user review alongside its dependent, so the merge accounts for the new API).
159
+ - **`unmodifiedImportsModified`** - an auto-apply file imports from a modified file. After the modified file is handled in Step 7, re-check this auto-apply file: if the user kept their version of the modified file but the auto-apply file's new version expects the upstream API, the auto-apply file may not be compatible. Flag it and revisit in the Step 7 cascade-awareness check.
160
+ - **`newImportsModified`** - a new file imports from a modified file. The new file will be auto-created in Step 6. After the modified file is handled, verify the new file's imports resolve against whatever version of the modified file the user ended up with (their merge, their kept version, or upstream). If the new file expects the upstream API but the user kept their version, surface it.
161
161
 
162
162
  3. **Update `references/classification.json`**: before making any changes, copy the file to `references/classification-original.json` as a backup. Then move any promoted files from the `unmodified` array to the `modified` array. This ensures `apply-auto.js` only touches truly safe files. If you need to redo the analysis, restore from the backup.
163
163
 
@@ -179,31 +179,31 @@ Date: {YYYY-MM-DD}
179
179
 
180
180
  ## Safe Auto-Updates ({count} files)
181
181
  These files haven't been customized and will be updated automatically:
182
- - [ ] `path/to/file.ts` {brief description of change}
182
+ - [ ] `path/to/file.ts` - {brief description of change}
183
183
 
184
184
  ## New Files ({count} files)
185
185
  New in this version:
186
- - [ ] `path/to/new-file.ts` {what this file does}
186
+ - [ ] `path/to/new-file.ts` - {what this file does}
187
187
 
188
188
  ## Files Needing Review ({count} files)
189
189
  These files have your customizations. Each one will be presented for your decision:
190
- - [ ] `path/to/modified.ts` Risk: {Low/Medium/High} {what changed}
190
+ - [ ] `path/to/modified.ts` - Risk: {Low/Medium/High} - {what changed}
191
191
 
192
192
  ## Removed Upstream ({count} files)
193
- Removed in the new version you decide whether to delete:
194
- - [ ] `path/to/old-file.ts` {why it was removed}
193
+ Removed in the new version - you decide whether to delete:
194
+ - [ ] `path/to/old-file.ts` - {why it was removed}
195
195
 
196
196
  ## Skipped
197
- {Empty items move here during execution with reasons}
197
+ {Empty - items move here during execution with reasons}
198
198
  ```
199
199
 
200
200
  Then ask the user to choose their interaction level:
201
201
 
202
202
  > **How would you like to handle this update?**
203
203
  >
204
- > 1. **Recommended** Auto-apply safe files, then I'll walk you through each modified file with my recommendation. You approve or adjust each one.
205
- > 2. **Careful** I'll present every single change for your approval, including auto-updates. Nothing happens without your explicit OK.
206
- > 3. **Quick** Auto-apply safe files, auto-apply my recommended merges for low-risk files, and only ask you about medium/high-risk changes.
204
+ > 1. **Recommended** - Auto-apply safe files, then I'll walk you through each modified file with my recommendation. You approve or adjust each one.
205
+ > 2. **Careful** - I'll present every single change for your approval, including auto-updates. Nothing happens without your explicit OK.
206
+ > 3. **Quick** - Auto-apply safe files, auto-apply my recommended merges for low-risk files, and only ask you about medium/high-risk changes.
207
207
 
208
208
  **Wait for the user's choice.** Default to **Recommended** if they just say "proceed" or similar.
209
209
 
@@ -234,9 +234,9 @@ This is the most important step. Work through each file in the `modified` catego
234
234
 
235
235
  For each file, you have three versions available for proper three-way merge context:
236
236
 
237
- 1. **Old template:** `.generatesaas/template/<path>` the original boilerplate version
238
- 2. **New template:** `.generatesaas/staging/<path>` the updated boilerplate version
239
- 3. **User's version:** the current file on disk their customized version
237
+ 1. **Old template:** `.generatesaas/template/<path>` - the original boilerplate version
238
+ 2. **New template:** `.generatesaas/staging/<path>` - the updated boilerplate version
239
+ 3. **User's version:** the current file on disk - their customized version
240
240
 
241
241
  The diff at `references/diffs/<path>.diff` shows **pure upstream changes** (old template → new template), making it easy to see exactly what we changed and why.
242
242
 
@@ -248,7 +248,7 @@ If `.generatesaas/template/<path>` does not exist (backward compat), fall back t
248
248
  ### `{file path}`
249
249
 
250
250
  **What changed upstream:** {describe changes from old template → new template, referencing the diff and changelog}
251
- **What you changed:** {describe changes from old template → user's file compare the two to identify customizations}
251
+ **What you changed:** {describe changes from old template → user's file - compare the two to identify customizations}
252
252
  **Overlap:** {None / Partial / Significant}
253
253
  **Risk:** {Low / Medium / High}
254
254
 
@@ -262,11 +262,11 @@ If `.generatesaas/template/<path>` does not exist (backward compat), fall back t
262
262
  **Then present the user's options:**
263
263
 
264
264
  > **What would you like to do?**
265
- > 1. **Accept merge** {brief description of the merged result}
266
- > 2. **Keep my version** Skip this upstream change entirely
267
- > 3. **Use upstream version** Replace with the new template version (your changes will be lost)
268
- > 4. **Show me the diff** Display the raw upstream diff so I can review it
269
- > 5. **Let me customize** Tell me exactly what you want
265
+ > 1. **Accept merge** - {brief description of the merged result}
266
+ > 2. **Keep my version** - Skip this upstream change entirely
267
+ > 3. **Use upstream version** - Replace with the new template version (your changes will be lost)
268
+ > 4. **Show me the diff** - Display the raw upstream diff so I can review it
269
+ > 5. **Let me customize** - Tell me exactly what you want
270
270
 
271
271
  **In Quick mode:** For **Low risk** files, apply the recommended merge automatically and report what was done. For **Medium/High risk**, always ask.
272
272
 
@@ -276,25 +276,25 @@ If `.generatesaas/template/<path>` does not exist (backward compat), fall back t
276
276
 
277
277
  #### For Removed Files
278
278
 
279
- Before presenting each removed file, **search the entire project** for imports of it. Use grep to find `import ... from` or `require(...)` statements referencing the file's path (check relative paths, aliases, and package paths). This is critical the classification script only scans files in the update, not user-created files that may also depend on the removed file.
279
+ Before presenting each removed file, **search the entire project** for imports of it. Use grep to find `import ... from` or `require(...)` statements referencing the file's path (check relative paths, aliases, and package paths). This is critical - the classification script only scans files in the update, not user-created files that may also depend on the removed file.
280
280
 
281
281
  ```
282
- ### `{file path}` Removed Upstream
282
+ ### `{file path}` - Removed Upstream
283
283
 
284
284
  **Why it was removed:** {reason from changelog}
285
- **Your modifications:** {describe if the user modified it, or "None file is unmodified"}
285
+ **Your modifications:** {describe if the user modified it, or "None - file is unmodified"}
286
286
  **Files that import this:** {list ALL files found by searching, or "None found"}
287
287
 
288
288
  > **What would you like to do?**
289
- > 1. **Delete it** It's no longer needed upstream
290
- > 2. **Keep it** I still use this file
289
+ > 1. **Delete it** - It's no longer needed upstream
290
+ > 2. **Keep it** - I still use this file
291
291
  ```
292
292
 
293
293
  If ANY files import the removed file, always warn before deletion and explain what would break.
294
294
 
295
295
  #### For Deleted-by-User Files
296
296
 
297
- Files the user intentionally deleted skip silently. Just note in the plan: "Skipped user previously deleted this file."
297
+ Files the user intentionally deleted - skip silently. Just note in the plan: "Skipped - user previously deleted this file."
298
298
 
299
299
  #### For New Files In Deleted Trees (`newInDeletedTree`)
300
300
 
@@ -303,15 +303,15 @@ These are files the new version adds inside a directory the user previously dele
303
303
  ```
304
304
  ### New upstream files under `{deleted dir}/` (which you removed)
305
305
 
306
- The new version adds {N} files under `{deleted dir}/` a directory you previously deleted:
307
- - `{path}` {what it is}
306
+ The new version adds {N} files under `{deleted dir}/` - a directory you previously deleted:
307
+ - `{path}` - {what it is}
308
308
 
309
309
  > **What would you like to do?**
310
- > 1. **Keep it deleted** Skip these files (you removed this feature on purpose)
311
- > 2. **Bring the tree back** Create these files (you want this feature after all)
310
+ > 1. **Keep it deleted** - Skip these files (you removed this feature on purpose)
311
+ > 2. **Bring the tree back** - Create these files (you want this feature after all)
312
312
  ```
313
313
 
314
- Default to **keep deleted** unless the user says otherwise. If they keep it deleted, note in the plan and do nothing (the completion script handles the hashes correctly these files simply won't exist).
314
+ Default to **keep deleted** unless the user says otherwise. If they keep it deleted, note in the plan and do nothing (the completion script handles the hashes correctly - these files simply won't exist).
315
315
 
316
316
  #### After Each File
317
317
 
@@ -330,10 +330,10 @@ After processing ALL modified files, review the results:
330
330
  >
331
331
  > **Options:**
332
332
  > 1. **Revert `{auto-file}`** to the previous version
333
- > 2. **Keep it** I'll check if it still works
333
+ > 2. **Keep it** - I'll check if it still works
334
334
  > 3. **Let me look at both files** to decide
335
335
 
336
- Similarly, if an auto-applied file changed its exports and a modified file that imports from it was merged verify the merge accounts for the new API.
336
+ Similarly, if an auto-applied file changed its exports and a modified file that imports from it was merged - verify the merge accounts for the new API.
337
337
 
338
338
  ### Step 8: Post-Update Validation
339
339
 
@@ -342,15 +342,15 @@ After all files are processed:
342
342
  1. **Check for obvious issues:**
343
343
  - Scan merged files for syntax errors or broken imports
344
344
  - If the project has TypeScript, run the type check (`pnpm check-types`)
345
- - **Run the test suite (`pnpm test`) too do not rely on the type check alone.** Most packages scope `check-types` to `src/**` and exclude `tests/**`, so a type error introduced into a **test file** during a merge will pass `check-types` silently. If any of your merges landed in a `tests/` file, the test suite is the only gate that exercises it. When in doubt, also type-check the specific merged test files directly (e.g. `npx tsc --noEmit <file>` with the package's tsconfig settings).
345
+ - **Run the test suite (`pnpm test`) too - do not rely on the type check alone.** Most packages scope `check-types` to `src/**` and exclude `tests/**`, so a type error introduced into a **test file** during a merge will pass `check-types` silently. If any of your merges landed in a `tests/` file, the test suite is the only gate that exercises it. When in doubt, also type-check the specific merged test files directly (e.g. `npx tsc --noEmit <file>` with the package's tsconfig settings).
346
346
  - Note: auto-applied files may have changed their exports/API in ways that affect **user-created files** (files not part of the template). The classification script only scans template files for cross-dependencies. A type check + test run is the best way to catch breakage in user-created files.
347
347
 
348
- > All changes have been applied. I'll run the type check **and** the test suite to verify nothing is broken the type check alone skips test files, and some auto-applied files may have changed their API in ways that affect your custom code or tests.
348
+ > All changes have been applied. I'll run the type check **and** the test suite to verify nothing is broken - the type check alone skips test files, and some auto-applied files may have changed their API in ways that affect your custom code or tests.
349
349
 
350
350
  2. If issues are found, present them:
351
351
 
352
352
  > Found {N} issues after the update:
353
- > - `{file}:{line}` {description}
353
+ > - `{file}:{line}` - {description}
354
354
  >
355
355
  > These appear to be caused by the update. Want me to fix them?
356
356
 
@@ -367,7 +367,7 @@ After all files are processed:
367
367
 
368
368
  **Do NOT include:**
369
369
  - Files where the user accepted a merge or chose "Use upstream version" (template changes were applied)
370
- - Removed files (not in staging template-hashes handles these automatically)
370
+ - Removed files (not in staging - template-hashes handles these automatically)
371
371
  - New files, whether created or rejected (handled correctly by staging presence)
372
372
  - Any file where the template's intended change was successfully applied
373
373
 
@@ -403,7 +403,7 @@ This updates `.generatesaas/manifest.json` to the new version, regenerates file
403
403
  - {any other steps from the changelog}
404
404
 
405
405
  ### Skipped changes
406
- {For each skipped item: what was skipped and why so the user can revisit later}
406
+ {For each skipped item: what was skipped and why - so the user can revisit later}
407
407
  ```
408
408
 
409
409
  ---
@@ -438,7 +438,7 @@ Config files are the most commonly customized.
438
438
 
439
439
  ### Database (schema, migrations)
440
440
 
441
- - NEVER auto-merge schema files always present for user review
441
+ - NEVER auto-merge schema files - always present for user review
442
442
  - New migration files can be added directly
443
443
  - Warn about schema changes that may require new migrations
444
444
 
@@ -447,7 +447,7 @@ Config files are the most commonly customized.
447
447
  - Add new dependencies from upstream
448
448
  - Update version ranges only for intentional upstream changes (security, breaking change requirements)
449
449
  - Preserve user-added dependencies
450
- - Never touch `pnpm-lock.yaml` user runs `pnpm install` after
450
+ - Never touch `pnpm-lock.yaml` - user runs `pnpm install` after
451
451
 
452
452
  ### Translation Files (`en.json`)
453
453
 
@@ -1,6 +1,6 @@
1
1
  /**
2
2
  * Shared helpers for update scripts.
3
- * CommonJS module used by prepare-update.js, apply-auto.js, classify-files.js, complete-update.js.
3
+ * CommonJS module - used by prepare-update.js, apply-auto.js, classify-files.js, complete-update.js.
4
4
  */
5
5
 
6
6
  const fs = require("node:fs");
@@ -36,7 +36,7 @@ function main() {
36
36
  process.exit(1);
37
37
  }
38
38
 
39
- // `new` only ever contains genuinely-new trees files inside buyer-deleted
39
+ // `new` only ever contains genuinely-new trees - files inside buyer-deleted
40
40
  // trees land in `newInDeletedTree`, which the AI handles by prompt (never here).
41
41
  const filesToCopy = [...classification.unmodified, ...classification.new];
42
42
 
@@ -49,12 +49,12 @@ function main() {
49
49
  const unmodifiedSet = new Set(classification.unmodified);
50
50
 
51
51
  // Pre-flight: every source must exist in staging. Abort BEFORE touching the
52
- // project if any are missing never leave a half-applied tree (there is no
52
+ // project if any are missing - never leave a half-applied tree (there is no
53
53
  // rollback besides git). Buyer-shaped staging should always contain them; a
54
54
  // miss means staging is stale or incomplete.
55
55
  const missing = filesToCopy.filter((f) => !fs.existsSync(path.join(stagingDir, f)));
56
56
  if (missing.length > 0) {
57
- console.error(`Error: ${missing.length} file(s) not found in staging aborting without changes:`);
57
+ console.error(`Error: ${missing.length} file(s) not found in staging - aborting without changes:`);
58
58
  for (const f of missing) console.error(` - ${f}`);
59
59
  console.error("Re-stage the update (run 'npx generatesaas@latest update') and retry.");
60
60
  process.exit(1);
@@ -15,7 +15,7 @@ const { findProjectRoot, hashFile, TEMPLATE_HASHES_FILE, HASHES_FILE, STAGING_DI
15
15
 
16
16
  /**
17
17
  * Extract local import paths from file content.
18
- * Only captures relative (./, ../), alias (~/, @/), and # imports skips packages.
18
+ * Only captures relative (./, ../), alias (~/, @/), and # imports - skips packages.
19
19
  */
20
20
  function extractImports(content, filePath) {
21
21
  // For Vue SFCs, extract all script block contents (both <script> and <script setup>)
@@ -54,7 +54,7 @@ function matchImportToFile(importPath, fromFilePath, knownFileSet) {
54
54
  if (importPath.startsWith("./") || importPath.startsWith("../")) {
55
55
  basePath = path.normalize(path.join(path.dirname(fromFilePath), importPath));
56
56
  } else if (importPath.startsWith("~/") || importPath.startsWith("@/") || importPath.startsWith("#")) {
57
- // Alias strip prefix. ~ and @ typically resolve from the app root.
57
+ // Alias - strip prefix. ~ and @ typically resolve from the app root.
58
58
  basePath = importPath.replace(/^[~@#]\//, "");
59
59
  } else {
60
60
  return null;
@@ -163,7 +163,7 @@ function buildCrossDependencies(root, classification, stagingDir) {
163
163
  if (content) scanFileContent(f, content, "modified");
164
164
  }
165
165
 
166
- // Scan unmodified files both current AND staging versions
166
+ // Scan unmodified files - both current AND staging versions
167
167
  // (staging is what will actually be placed, so its imports matter)
168
168
  for (const f of classification.unmodified) {
169
169
  const content = readSafe(path.join(root, f));
@@ -250,15 +250,15 @@ function main() {
250
250
  if (!fs.existsSync(fullPath)) {
251
251
  classification.deleted.push(filePath);
252
252
  } else if (!baselineHash) {
253
- // No baseline hash treat as modified to be safe
253
+ // No baseline hash - treat as modified to be safe
254
254
  classification.modified.push(filePath);
255
255
  } else {
256
256
  const currentHash = hashFile(fullPath);
257
257
  if (currentHash === baselineHash) {
258
- // File matches the original template safe to auto-update
258
+ // File matches the original template - safe to auto-update
259
259
  classification.unmodified.push(filePath);
260
260
  } else {
261
- // File differs from template user has customized
261
+ // File differs from template - user has customized
262
262
  classification.modified.push(filePath);
263
263
  }
264
264
  }
@@ -271,7 +271,7 @@ function main() {
271
271
  classification.modified.push(filePath);
272
272
  } else if (deletedTreeAncestor(filePath, root, baselineFiles)) {
273
273
  // Upstream added a file inside a directory tree the buyer deleted on
274
- // purpose. Don't silently recreate the tree surface for a decision.
274
+ // purpose. Don't silently recreate the tree - surface for a decision.
275
275
  classification.newInDeletedTree.push(filePath);
276
276
  } else {
277
277
  classification.new.push(filePath);
@@ -314,7 +314,7 @@ function main() {
314
314
  console.log("");
315
315
 
316
316
  if (classification.newInDeletedTree.length > 0) {
317
- console.log("New files inside trees you deleted (do NOT auto-create ask the user):");
317
+ console.log("New files inside trees you deleted (do NOT auto-create - ask the user):");
318
318
  for (const f of classification.newInDeletedTree) {
319
319
  console.log(` - ${f}`);
320
320
  }
@@ -7,7 +7,7 @@
7
7
  * .generatesaas/manifest.json, and cleans up staging + references.
8
8
  *
9
9
  * Reads .generatesaas/held-back.json (if present) to skip updating template
10
- * files that were held back their old template version is preserved so the
10
+ * files that were held back - their old template version is preserved so the
11
11
  * next update generates correct diffs that include the missed changes.
12
12
  */
13
13
 
@@ -122,7 +122,7 @@ function main() {
122
122
  );
123
123
 
124
124
  if (heldBack.size > 0) {
125
- console.log(`${heldBack.size} files were held back preserving their old template versions.`);
125
+ console.log(`${heldBack.size} files were held back - preserving their old template versions.`);
126
126
  }
127
127
 
128
128
  // ── Update template directory from staging ──
@@ -134,23 +134,23 @@ function main() {
134
134
  const stagingFiles = new Set(walkDir(stagingDir, stagingDir));
135
135
 
136
136
  // Validate held-back entries (non-fatal). A held-back file is supposed to be
137
- // a real upstream change the user chose to skip preserving its old template
137
+ // a real upstream change the user chose to skip - preserving its old template
138
138
  // version so the next update re-surfaces the missed change. Warn on entries
139
139
  // that can't be that: a path not in staging (nothing to hold back), or a file
140
140
  // identical between old template and staging (no upstream change to preserve).
141
141
  // A wrong held-back entry silently corrupts the next update's diff baseline.
142
142
  for (const rel of heldBack) {
143
143
  if (!stagingFiles.has(rel)) {
144
- console.warn(` Warning: held-back "${rel}" is not in staging nothing to hold back. Check .generatesaas/held-back.json.`);
144
+ console.warn(` Warning: held-back "${rel}" is not in staging - nothing to hold back. Check .generatesaas/held-back.json.`);
145
145
  continue;
146
146
  }
147
147
  const oldTemplateFile = path.join(templateDir, rel);
148
148
  if (fs.existsSync(oldTemplateFile) && hashFile(oldTemplateFile) === hashFile(path.join(stagingDir, rel))) {
149
- console.warn(` Warning: held-back "${rel}" is identical in the old template and staging no upstream change to preserve.`);
149
+ console.warn(` Warning: held-back "${rel}" is identical in the old template and staging - no upstream change to preserve.`);
150
150
  }
151
151
  }
152
152
 
153
- // Copy staging files to template dir (skip held-back old version stays)
153
+ // Copy staging files to template dir (skip held-back - old version stays)
154
154
  let copied = 0;
155
155
  let skipped = 0;
156
156
  for (const rel of stagingFiles) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "generatesaas",
3
- "version": "1.2.1",
3
+ "version": "1.2.2",
4
4
  "type": "module",
5
5
  "description": "CLI for scaffolding and managing GenerateSaaS projects",
6
6
  "bin": {