memory-journal-mcp 7.7.1 → 8.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +126 -56
- package/dist/chunk-6OHRCNYW.js +3231 -0
- package/dist/chunk-JFMITANR.js +5168 -0
- package/dist/{chunk-6LPTBIB6.js → chunk-MWNLAEHR.js} +309 -4332
- package/dist/{chunk-ARLYSFSI.js → chunk-UHSO65A4.js} +4242 -6092
- package/dist/cli.js +21 -3
- package/dist/index.d.ts +16 -13
- package/dist/index.js +4 -2
- package/dist/resources-IJVKDFGS.js +2 -0
- package/dist/tools-44DGXE3V.js +2 -0
- package/dist/worker-script.js +201 -20
- package/package.json +6 -4
- package/skills/README.md +62 -25
- package/skills/adversarial-performance/SKILL.md +139 -0
- package/skills/adversarial-performance/references/audit-categories.md +462 -0
- package/skills/adversarial-performance/references/copilot-performance-prompts.md +44 -0
- package/skills/adversarial-performance/references/copilot-usage.md +16 -0
- package/skills/adversarial-performance/references/feedback-loop.md +177 -0
- package/skills/adversarial-performance/references/multi-pass-performance-protocol.md +398 -0
- package/skills/adversarial-planner/SKILL.md +23 -54
- package/skills/adversarial-planner/references/copilot-integration.md +25 -40
- package/skills/adversarial-planner/references/copilot-usage.md +16 -0
- package/skills/adversarial-planner/references/multi-pass-protocol.md +4 -0
- package/skills/adversarial-security/SKILL.md +149 -0
- package/skills/adversarial-security/references/adversarial-base-protocol.md +44 -0
- package/skills/adversarial-security/references/audit-categories.md +723 -0
- package/skills/adversarial-security/references/copilot-security-prompts.md +142 -0
- package/skills/adversarial-security/references/copilot-usage.md +16 -0
- package/skills/adversarial-security/references/feedback-loop.md +206 -0
- package/skills/adversarial-security/references/journal-opt-out.md +7 -0
- package/skills/adversarial-security/references/multi-pass-security-protocol.md +403 -0
- package/skills/adversarial-skill-audit/SKILL.md +118 -0
- package/skills/adversarial-skill-audit/references/audit-categories.md +308 -0
- package/skills/adversarial-skill-audit/references/copilot-skill-prompts.md +68 -0
- package/skills/adversarial-skill-audit/references/copilot-usage.md +16 -0
- package/skills/adversarial-skill-audit/references/feedback-loop.md +155 -0
- package/skills/adversarial-skill-audit/references/multi-pass-skill-protocol.md +367 -0
- package/skills/adversarial-skill-audit/scripts/check-skills.ps1 +48 -0
- package/skills/adversarial-skill-audit/scripts/run-copilot.ps1 +52 -0
- package/skills/adversarial-workflow-audit/SKILL.md +82 -0
- package/skills/adversarial-workflow-audit/references/audit-categories.md +28 -0
- package/skills/adversarial-workflow-audit/references/copilot-usage.md +16 -0
- package/skills/adversarial-workflow-audit/scripts/check-workflows.ps1 +24 -0
- package/skills/agents-sdk/SKILL.md +220 -0
- package/skills/agents-sdk/references/callable.md +92 -0
- package/skills/agents-sdk/references/codemode.md +209 -0
- package/skills/agents-sdk/references/email.md +144 -0
- package/skills/agents-sdk/references/mcp/SKILL.md +65 -0
- package/skills/agents-sdk/references/mcp/code-mode-reference.md +245 -0
- package/skills/agents-sdk/references/mcp/oauth-reference.md +359 -0
- package/skills/agents-sdk/references/mcp/references/architecture-reference.md +208 -0
- package/skills/agents-sdk/references/mcp/references/cloudflare-quickstart.md +156 -0
- package/skills/agents-sdk/references/mcp/references/error-handling.md +343 -0
- package/skills/agents-sdk/references/mcp/references/http-security.md +164 -0
- package/skills/agents-sdk/references/mcp/references/implementation-guide.md +507 -0
- package/skills/agents-sdk/references/mcp/references/testing-reference.md +171 -0
- package/skills/agents-sdk/references/mcp.md +157 -0
- package/skills/agents-sdk/references/state-scheduling.md +164 -0
- package/skills/agents-sdk/references/streaming-chat.md +168 -0
- package/skills/agents-sdk/references/workflows.md +136 -0
- package/skills/auth-identity/SKILL.md +48 -0
- package/skills/autonomous-dev/SKILL.md +46 -23
- package/skills/autonomous-dev/references/workflow_orchestration.md +22 -0
- package/skills/aws/SKILL.md +39 -0
- package/skills/azure/SKILL.md +38 -0
- package/skills/bin/sync.js +7 -1
- package/skills/biome/SKILL.md +59 -0
- package/skills/bun/SKILL.md +8 -2
- package/skills/cloudflare/SKILL.md +37 -0
- package/skills/cloudflare/references/agents-sdk/README.md +95 -0
- package/skills/cloudflare/references/agents-sdk/api.md +195 -0
- package/skills/cloudflare/references/agents-sdk/configuration.md +178 -0
- package/skills/cloudflare/references/agents-sdk/gotchas.md +173 -0
- package/skills/cloudflare/references/agents-sdk/patterns.md +215 -0
- package/skills/cloudflare/references/ai-gateway/README.md +176 -0
- package/skills/cloudflare/references/ai-gateway/configuration.md +117 -0
- package/skills/cloudflare/references/ai-gateway/dynamic-routing.md +88 -0
- package/skills/cloudflare/references/ai-gateway/features.md +96 -0
- package/skills/cloudflare/references/ai-gateway/sdk-integration.md +110 -0
- package/skills/cloudflare/references/ai-gateway/troubleshooting.md +90 -0
- package/skills/cloudflare/references/ai-search/README.md +145 -0
- package/skills/cloudflare/references/ai-search/api.md +87 -0
- package/skills/cloudflare/references/ai-search/configuration.md +91 -0
- package/skills/cloudflare/references/ai-search/gotchas.md +92 -0
- package/skills/cloudflare/references/ai-search/patterns.md +87 -0
- package/skills/cloudflare/references/analytics-engine/README.md +96 -0
- package/skills/cloudflare/references/analytics-engine/api.md +112 -0
- package/skills/cloudflare/references/analytics-engine/configuration.md +107 -0
- package/skills/cloudflare/references/analytics-engine/gotchas.md +87 -0
- package/skills/cloudflare/references/analytics-engine/patterns.md +83 -0
- package/skills/cloudflare/references/api/README.md +66 -0
- package/skills/cloudflare/references/api/api.md +205 -0
- package/skills/cloudflare/references/api/configuration.md +158 -0
- package/skills/cloudflare/references/api/gotchas.md +231 -0
- package/skills/cloudflare/references/api/patterns.md +208 -0
- package/skills/cloudflare/references/api-shield/README.md +44 -0
- package/skills/cloudflare/references/api-shield/api.md +153 -0
- package/skills/cloudflare/references/api-shield/configuration.md +210 -0
- package/skills/cloudflare/references/api-shield/gotchas.md +132 -0
- package/skills/cloudflare/references/api-shield/patterns.md +185 -0
- package/skills/cloudflare/references/argo-smart-routing/README.md +96 -0
- package/skills/cloudflare/references/argo-smart-routing/api.md +253 -0
- package/skills/cloudflare/references/argo-smart-routing/configuration.md +205 -0
- package/skills/cloudflare/references/argo-smart-routing/gotchas.md +115 -0
- package/skills/cloudflare/references/argo-smart-routing/patterns.md +107 -0
- package/skills/cloudflare/references/bindings/README.md +127 -0
- package/skills/cloudflare/references/bindings/api.md +214 -0
- package/skills/cloudflare/references/bindings/configuration.md +200 -0
- package/skills/cloudflare/references/bindings/gotchas.md +210 -0
- package/skills/cloudflare/references/bindings/patterns.md +205 -0
- package/skills/cloudflare/references/bot-management/README.md +95 -0
- package/skills/cloudflare/references/bot-management/api.md +175 -0
- package/skills/cloudflare/references/bot-management/configuration.md +175 -0
- package/skills/cloudflare/references/bot-management/gotchas.md +116 -0
- package/skills/cloudflare/references/bot-management/patterns.md +181 -0
- package/skills/cloudflare/references/browser-rendering/README.md +84 -0
- package/skills/cloudflare/references/browser-rendering/api.md +108 -0
- package/skills/cloudflare/references/browser-rendering/configuration.md +78 -0
- package/skills/cloudflare/references/browser-rendering/gotchas.md +91 -0
- package/skills/cloudflare/references/browser-rendering/patterns.md +93 -0
- package/skills/cloudflare/references/c3/README.md +111 -0
- package/skills/cloudflare/references/c3/api.md +71 -0
- package/skills/cloudflare/references/c3/configuration.md +85 -0
- package/skills/cloudflare/references/c3/gotchas.md +97 -0
- package/skills/cloudflare/references/c3/patterns.md +84 -0
- package/skills/cloudflare/references/cache-reserve/README.md +150 -0
- package/skills/cloudflare/references/cache-reserve/api.md +184 -0
- package/skills/cloudflare/references/cache-reserve/configuration.md +170 -0
- package/skills/cloudflare/references/cache-reserve/gotchas.md +136 -0
- package/skills/cloudflare/references/cache-reserve/patterns.md +197 -0
- package/skills/cloudflare/references/containers/README.md +87 -0
- package/skills/cloudflare/references/containers/api.md +197 -0
- package/skills/cloudflare/references/containers/configuration.md +191 -0
- package/skills/cloudflare/references/containers/gotchas.md +182 -0
- package/skills/cloudflare/references/containers/patterns.md +204 -0
- package/skills/cloudflare/references/cron-triggers/README.md +101 -0
- package/skills/cloudflare/references/cron-triggers/api.md +224 -0
- package/skills/cloudflare/references/cron-triggers/configuration.md +190 -0
- package/skills/cloudflare/references/cron-triggers/gotchas.md +207 -0
- package/skills/cloudflare/references/cron-triggers/patterns.md +274 -0
- package/skills/cloudflare/references/d1/README.md +137 -0
- package/skills/cloudflare/references/d1/api.md +213 -0
- package/skills/cloudflare/references/d1/configuration.md +198 -0
- package/skills/cloudflare/references/d1/gotchas.md +98 -0
- package/skills/cloudflare/references/d1/patterns.md +240 -0
- package/skills/cloudflare/references/ddos/README.md +42 -0
- package/skills/cloudflare/references/ddos/api.md +158 -0
- package/skills/cloudflare/references/ddos/configuration.md +94 -0
- package/skills/cloudflare/references/ddos/gotchas.md +114 -0
- package/skills/cloudflare/references/ddos/patterns.md +220 -0
- package/skills/cloudflare/references/decision-trees.md +95 -0
- package/skills/cloudflare/references/do-storage/README.md +79 -0
- package/skills/cloudflare/references/do-storage/api.md +107 -0
- package/skills/cloudflare/references/do-storage/configuration.md +114 -0
- package/skills/cloudflare/references/do-storage/gotchas.md +153 -0
- package/skills/cloudflare/references/do-storage/patterns.md +210 -0
- package/skills/cloudflare/references/do-storage/testing.md +186 -0
- package/skills/cloudflare/references/durable-objects/README.md +194 -0
- package/skills/cloudflare/references/durable-objects/api.md +205 -0
- package/skills/cloudflare/references/durable-objects/configuration.md +160 -0
- package/skills/cloudflare/references/durable-objects/gotchas.md +200 -0
- package/skills/cloudflare/references/durable-objects/patterns.md +205 -0
- package/skills/cloudflare/references/email-routing/README.md +89 -0
- package/skills/cloudflare/references/email-routing/api.md +192 -0
- package/skills/cloudflare/references/email-routing/configuration.md +187 -0
- package/skills/cloudflare/references/email-routing/gotchas.md +203 -0
- package/skills/cloudflare/references/email-routing/patterns.md +241 -0
- package/skills/cloudflare/references/email-workers/README.md +153 -0
- package/skills/cloudflare/references/email-workers/api.md +227 -0
- package/skills/cloudflare/references/email-workers/configuration.md +115 -0
- package/skills/cloudflare/references/email-workers/gotchas.md +133 -0
- package/skills/cloudflare/references/email-workers/patterns.md +108 -0
- package/skills/cloudflare/references/graphql-api/README.md +147 -0
- package/skills/cloudflare/references/graphql-api/api.md +175 -0
- package/skills/cloudflare/references/graphql-api/configuration.md +151 -0
- package/skills/cloudflare/references/graphql-api/gotchas.md +111 -0
- package/skills/cloudflare/references/graphql-api/patterns.md +276 -0
- package/skills/cloudflare/references/hyperdrive/README.md +84 -0
- package/skills/cloudflare/references/hyperdrive/api.md +149 -0
- package/skills/cloudflare/references/hyperdrive/configuration.md +166 -0
- package/skills/cloudflare/references/hyperdrive/gotchas.md +77 -0
- package/skills/cloudflare/references/hyperdrive/patterns.md +203 -0
- package/skills/cloudflare/references/images/README.md +65 -0
- package/skills/cloudflare/references/images/api.md +101 -0
- package/skills/cloudflare/references/images/configuration.md +206 -0
- package/skills/cloudflare/references/images/gotchas.md +106 -0
- package/skills/cloudflare/references/images/patterns.md +126 -0
- package/skills/cloudflare/references/kv/README.md +90 -0
- package/skills/cloudflare/references/kv/api.md +163 -0
- package/skills/cloudflare/references/kv/configuration.md +148 -0
- package/skills/cloudflare/references/kv/gotchas.md +133 -0
- package/skills/cloudflare/references/kv/patterns.md +195 -0
- package/skills/cloudflare/references/miniflare/README.md +113 -0
- package/skills/cloudflare/references/miniflare/api.md +204 -0
- package/skills/cloudflare/references/miniflare/configuration.md +174 -0
- package/skills/cloudflare/references/miniflare/gotchas.md +179 -0
- package/skills/cloudflare/references/miniflare/patterns.md +187 -0
- package/skills/cloudflare/references/network-interconnect/README.md +104 -0
- package/skills/cloudflare/references/network-interconnect/api.md +220 -0
- package/skills/cloudflare/references/network-interconnect/configuration.md +123 -0
- package/skills/cloudflare/references/network-interconnect/gotchas.md +175 -0
- package/skills/cloudflare/references/network-interconnect/patterns.md +174 -0
- package/skills/cloudflare/references/observability/README.md +93 -0
- package/skills/cloudflare/references/observability/api.md +168 -0
- package/skills/cloudflare/references/observability/configuration.md +178 -0
- package/skills/cloudflare/references/observability/gotchas.md +125 -0
- package/skills/cloudflare/references/observability/patterns.md +105 -0
- package/skills/cloudflare/references/pages/README.md +92 -0
- package/skills/cloudflare/references/pages/api.md +205 -0
- package/skills/cloudflare/references/pages/configuration.md +216 -0
- package/skills/cloudflare/references/pages/gotchas.md +218 -0
- package/skills/cloudflare/references/pages/patterns.md +215 -0
- package/skills/cloudflare/references/pages-functions/README.md +104 -0
- package/skills/cloudflare/references/pages-functions/api.md +159 -0
- package/skills/cloudflare/references/pages-functions/configuration.md +130 -0
- package/skills/cloudflare/references/pages-functions/gotchas.md +102 -0
- package/skills/cloudflare/references/pages-functions/patterns.md +148 -0
- package/skills/cloudflare/references/pipelines/README.md +109 -0
- package/skills/cloudflare/references/pipelines/api.md +214 -0
- package/skills/cloudflare/references/pipelines/configuration.md +98 -0
- package/skills/cloudflare/references/pipelines/gotchas.md +84 -0
- package/skills/cloudflare/references/pipelines/patterns.md +87 -0
- package/skills/cloudflare/references/product-index.md +112 -0
- package/skills/cloudflare/references/pulumi/README.md +113 -0
- package/skills/cloudflare/references/pulumi/api.md +230 -0
- package/skills/cloudflare/references/pulumi/configuration.md +213 -0
- package/skills/cloudflare/references/pulumi/gotchas.md +205 -0
- package/skills/cloudflare/references/pulumi/patterns.md +260 -0
- package/skills/cloudflare/references/queues/README.md +99 -0
- package/skills/cloudflare/references/queues/api.md +211 -0
- package/skills/cloudflare/references/queues/configuration.md +151 -0
- package/skills/cloudflare/references/queues/gotchas.md +210 -0
- package/skills/cloudflare/references/queues/patterns.md +220 -0
- package/skills/cloudflare/references/r2/README.md +97 -0
- package/skills/cloudflare/references/r2/api.md +235 -0
- package/skills/cloudflare/references/r2/configuration.md +176 -0
- package/skills/cloudflare/references/r2/gotchas.md +190 -0
- package/skills/cloudflare/references/r2/patterns.md +203 -0
- package/skills/cloudflare/references/r2-data-catalog/README.md +157 -0
- package/skills/cloudflare/references/r2-data-catalog/api.md +199 -0
- package/skills/cloudflare/references/r2-data-catalog/configuration.md +205 -0
- package/skills/cloudflare/references/r2-data-catalog/gotchas.md +170 -0
- package/skills/cloudflare/references/r2-data-catalog/patterns.md +191 -0
- package/skills/cloudflare/references/r2-sql/README.md +138 -0
- package/skills/cloudflare/references/r2-sql/SKILL.md.backup +512 -0
- package/skills/cloudflare/references/r2-sql/api.md +159 -0
- package/skills/cloudflare/references/r2-sql/configuration.md +152 -0
- package/skills/cloudflare/references/r2-sql/gotchas.md +228 -0
- package/skills/cloudflare/references/r2-sql/patterns.md +230 -0
- package/skills/cloudflare/references/realtime-sfu/README.md +66 -0
- package/skills/cloudflare/references/realtime-sfu/api.md +164 -0
- package/skills/cloudflare/references/realtime-sfu/configuration.md +141 -0
- package/skills/cloudflare/references/realtime-sfu/gotchas.md +138 -0
- package/skills/cloudflare/references/realtime-sfu/patterns.md +187 -0
- package/skills/cloudflare/references/realtimekit/README.md +118 -0
- package/skills/cloudflare/references/realtimekit/api.md +234 -0
- package/skills/cloudflare/references/realtimekit/configuration.md +226 -0
- package/skills/cloudflare/references/realtimekit/gotchas.md +206 -0
- package/skills/cloudflare/references/realtimekit/patterns.md +240 -0
- package/skills/cloudflare/references/sandbox/README.md +104 -0
- package/skills/cloudflare/references/sandbox/api.md +200 -0
- package/skills/cloudflare/references/sandbox/configuration.md +154 -0
- package/skills/cloudflare/references/sandbox/gotchas.md +201 -0
- package/skills/cloudflare/references/sandbox/patterns.md +195 -0
- package/skills/cloudflare/references/secrets-store/README.md +77 -0
- package/skills/cloudflare/references/secrets-store/api.md +199 -0
- package/skills/cloudflare/references/secrets-store/configuration.md +187 -0
- package/skills/cloudflare/references/secrets-store/gotchas.md +97 -0
- package/skills/cloudflare/references/secrets-store/patterns.md +218 -0
- package/skills/cloudflare/references/smart-placement/README.md +143 -0
- package/skills/cloudflare/references/smart-placement/api.md +192 -0
- package/skills/cloudflare/references/smart-placement/configuration.md +202 -0
- package/skills/cloudflare/references/smart-placement/gotchas.md +180 -0
- package/skills/cloudflare/references/smart-placement/patterns.md +190 -0
- package/skills/cloudflare/references/snippets/README.md +74 -0
- package/skills/cloudflare/references/snippets/api.md +214 -0
- package/skills/cloudflare/references/snippets/configuration.md +239 -0
- package/skills/cloudflare/references/snippets/gotchas.md +104 -0
- package/skills/cloudflare/references/snippets/patterns.md +135 -0
- package/skills/cloudflare/references/spectrum/README.md +52 -0
- package/skills/cloudflare/references/spectrum/api.md +184 -0
- package/skills/cloudflare/references/spectrum/configuration.md +203 -0
- package/skills/cloudflare/references/spectrum/gotchas.md +155 -0
- package/skills/cloudflare/references/spectrum/patterns.md +206 -0
- package/skills/cloudflare/references/static-assets/README.md +65 -0
- package/skills/cloudflare/references/static-assets/api.md +201 -0
- package/skills/cloudflare/references/static-assets/configuration.md +186 -0
- package/skills/cloudflare/references/static-assets/gotchas.md +164 -0
- package/skills/cloudflare/references/static-assets/patterns.md +189 -0
- package/skills/cloudflare/references/stream/README.md +123 -0
- package/skills/cloudflare/references/stream/api-live.md +202 -0
- package/skills/cloudflare/references/stream/api.md +206 -0
- package/skills/cloudflare/references/stream/configuration.md +151 -0
- package/skills/cloudflare/references/stream/gotchas.md +139 -0
- package/skills/cloudflare/references/stream/patterns.md +217 -0
- package/skills/cloudflare/references/tail-workers/README.md +92 -0
- package/skills/cloudflare/references/tail-workers/api.md +203 -0
- package/skills/cloudflare/references/tail-workers/configuration.md +178 -0
- package/skills/cloudflare/references/tail-workers/gotchas.md +206 -0
- package/skills/cloudflare/references/tail-workers/patterns.md +190 -0
- package/skills/cloudflare/references/terraform/README.md +100 -0
- package/skills/cloudflare/references/terraform/api.md +178 -0
- package/skills/cloudflare/references/terraform/configuration.md +197 -0
- package/skills/cloudflare/references/terraform/gotchas.md +150 -0
- package/skills/cloudflare/references/terraform/patterns.md +174 -0
- package/skills/cloudflare/references/tunnel/README.md +137 -0
- package/skills/cloudflare/references/tunnel/api.md +205 -0
- package/skills/cloudflare/references/tunnel/configuration.md +163 -0
- package/skills/cloudflare/references/tunnel/gotchas.md +159 -0
- package/skills/cloudflare/references/tunnel/networking.md +174 -0
- package/skills/cloudflare/references/tunnel/patterns.md +199 -0
- package/skills/cloudflare/references/turn/README.md +86 -0
- package/skills/cloudflare/references/turn/api.md +236 -0
- package/skills/cloudflare/references/turn/configuration.md +181 -0
- package/skills/cloudflare/references/turn/gotchas.md +236 -0
- package/skills/cloudflare/references/turn/patterns.md +228 -0
- package/skills/cloudflare/references/turnstile/README.md +102 -0
- package/skills/cloudflare/references/turnstile/api.md +253 -0
- package/skills/cloudflare/references/turnstile/configuration.md +242 -0
- package/skills/cloudflare/references/turnstile/gotchas.md +253 -0
- package/skills/cloudflare/references/turnstile/patterns.md +195 -0
- package/skills/cloudflare/references/vectorize/README.md +133 -0
- package/skills/cloudflare/references/vectorize/api.md +89 -0
- package/skills/cloudflare/references/vectorize/configuration.md +91 -0
- package/skills/cloudflare/references/vectorize/gotchas.md +83 -0
- package/skills/cloudflare/references/vectorize/patterns.md +92 -0
- package/skills/cloudflare/references/waf/README.md +125 -0
- package/skills/cloudflare/references/waf/api.md +203 -0
- package/skills/cloudflare/references/waf/configuration.md +215 -0
- package/skills/cloudflare/references/waf/gotchas.md +208 -0
- package/skills/cloudflare/references/waf/patterns.md +236 -0
- package/skills/cloudflare/references/web-analytics/README.md +149 -0
- package/skills/cloudflare/references/web-analytics/configuration.md +81 -0
- package/skills/cloudflare/references/web-analytics/gotchas.md +86 -0
- package/skills/cloudflare/references/web-analytics/integration.md +63 -0
- package/skills/cloudflare/references/web-analytics/patterns.md +98 -0
- package/skills/cloudflare/references/workerd/README.md +85 -0
- package/skills/cloudflare/references/workerd/api.md +219 -0
- package/skills/cloudflare/references/workerd/configuration.md +200 -0
- package/skills/cloudflare/references/workerd/gotchas.md +151 -0
- package/skills/cloudflare/references/workerd/patterns.md +205 -0
- package/skills/cloudflare/references/workers/README.md +110 -0
- package/skills/cloudflare/references/workers/api.md +197 -0
- package/skills/cloudflare/references/workers/configuration.md +184 -0
- package/skills/cloudflare/references/workers/frameworks.md +200 -0
- package/skills/cloudflare/references/workers/gotchas.md +145 -0
- package/skills/cloudflare/references/workers/patterns.md +220 -0
- package/skills/cloudflare/references/workers-ai/README.md +206 -0
- package/skills/cloudflare/references/workers-ai/api.md +115 -0
- package/skills/cloudflare/references/workers-ai/configuration.md +98 -0
- package/skills/cloudflare/references/workers-ai/gotchas.md +130 -0
- package/skills/cloudflare/references/workers-ai/patterns.md +122 -0
- package/skills/cloudflare/references/workers-for-platforms/README.md +95 -0
- package/skills/cloudflare/references/workers-for-platforms/api.md +212 -0
- package/skills/cloudflare/references/workers-for-platforms/configuration.md +178 -0
- package/skills/cloudflare/references/workers-for-platforms/gotchas.md +134 -0
- package/skills/cloudflare/references/workers-for-platforms/patterns.md +210 -0
- package/skills/cloudflare/references/workers-playground/README.md +131 -0
- package/skills/cloudflare/references/workers-playground/api.md +101 -0
- package/skills/cloudflare/references/workers-playground/configuration.md +169 -0
- package/skills/cloudflare/references/workers-playground/gotchas.md +88 -0
- package/skills/cloudflare/references/workers-playground/patterns.md +134 -0
- package/skills/cloudflare/references/workers-vpc/README.md +130 -0
- package/skills/cloudflare/references/workers-vpc/api.md +196 -0
- package/skills/cloudflare/references/workers-vpc/configuration.md +151 -0
- package/skills/cloudflare/references/workers-vpc/gotchas.md +171 -0
- package/skills/cloudflare/references/workers-vpc/patterns.md +235 -0
- package/skills/cloudflare/references/workflows/README.md +72 -0
- package/skills/cloudflare/references/workflows/api.md +237 -0
- package/skills/cloudflare/references/workflows/configuration.md +158 -0
- package/skills/cloudflare/references/workflows/gotchas.md +97 -0
- package/skills/cloudflare/references/workflows/patterns.md +245 -0
- package/skills/cloudflare/references/wrangler/README.md +143 -0
- package/skills/cloudflare/references/wrangler/api.md +188 -0
- package/skills/cloudflare/references/wrangler/configuration.md +198 -0
- package/skills/cloudflare/references/wrangler/gotchas.md +212 -0
- package/skills/cloudflare/references/wrangler/patterns.md +211 -0
- package/skills/cloudflare/references/zaraz/IMPLEMENTATION_SUMMARY.md +131 -0
- package/skills/cloudflare/references/zaraz/README.md +114 -0
- package/skills/cloudflare/references/zaraz/api.md +118 -0
- package/skills/cloudflare/references/zaraz/configuration.md +94 -0
- package/skills/cloudflare/references/zaraz/gotchas.md +88 -0
- package/skills/cloudflare/references/zaraz/patterns.md +77 -0
- package/skills/docker/SKILL.md +7 -101
- package/skills/docker/references/advanced-examples.md +71 -0
- package/skills/docker/references/templates.md +34 -0
- package/skills/docs-marketer/SKILL.md +178 -0
- package/skills/docs-marketer/references/audit-categories.md +328 -0
- package/skills/docs-marketer/references/copilot-docs-prompts.md +88 -0
- package/skills/docs-marketer/references/copilot-usage.md +16 -0
- package/skills/docs-marketer/references/feedback-loop.md +155 -0
- package/skills/docs-marketer/references/multi-pass-docs-protocol.md +410 -0
- package/skills/drizzle-orm/SKILL.md +82 -0
- package/skills/durable-objects/SKILL.md +167 -0
- package/skills/durable-objects/references/advanced_features.md +29 -0
- package/skills/durable-objects/references/rules.md +300 -0
- package/skills/durable-objects/references/testing.md +261 -0
- package/skills/durable-objects/references/workers.md +336 -0
- package/skills/gcp/SKILL.md +37 -0
- package/skills/github-actions/SKILL.md +5 -58
- package/skills/github-actions/references/templates.md +65 -0
- package/skills/github-commander/SKILL.md +13 -21
- package/skills/github-commander/workflows/copilot-audit.md +12 -12
- package/skills/github-copilot-cli/SKILL.md +21 -26
- package/skills/github-repo-setup/SKILL.md +136 -0
- package/skills/github-repo-setup/references/community-standards.md +136 -0
- package/skills/github-repo-setup/references/github-automation.md +490 -0
- package/skills/github-repo-setup/references/inline-templates.md +205 -0
- package/skills/github-repo-setup/references/project-config.md +320 -0
- package/skills/gitlab/SKILL.md +7 -2
- package/skills/gitlab/package-lock.json +389 -389
- package/skills/golang/SKILL.md +8 -1
- package/skills/graphql/SKILL.md +30 -0
- package/skills/hono/SKILL.md +82 -0
- package/skills/journal-optimizer/SKILL.md +206 -0
- package/skills/journal-optimizer/references/optimizer-scripts.md +169 -0
- package/skills/llm-app-engineering/SKILL.md +18 -0
- package/skills/monorepo/SKILL.md +56 -0
- package/skills/multi-agent-orchestration/SKILL.md +14 -0
- package/skills/mysql/SKILL.md +6 -2
- package/skills/next-best-practices/SKILL.md +86 -0
- package/skills/next-best-practices/references/cache-components-examples.md +234 -0
- package/skills/next-best-practices/references/cache-components.md +210 -0
- package/skills/next-best-practices/references/upgrade-decision-tree.md +33 -0
- package/skills/next-best-practices/references/upgrade.md +43 -0
- package/skills/next-cache-components/SKILL.md +441 -0
- package/skills/next-upgrade/SKILL.md +43 -0
- package/skills/next-upgrade/references/decision-tree.md +33 -0
- package/skills/nodejs/SKILL.md +46 -0
- package/skills/opentelemetry/SKILL.md +62 -0
- package/skills/package.json +39 -4
- package/skills/playwright-standard/SKILL.md +6 -11
- package/skills/playwright-standard/references/locators.md +7 -0
- package/skills/postgres/SKILL.md +6 -1
- package/skills/python/SKILL.md +8 -70
- package/skills/python/references/advanced-patterns.md +37 -0
- package/skills/python/references/config-templates.md +48 -0
- package/skills/rag-pipelines/SKILL.md +14 -0
- package/skills/redis/SKILL.md +31 -0
- package/skills/render/SKILL.md +35 -0
- package/skills/rust/SKILL.md +15 -25
- package/skills/rust/references/borrow-checker.md +13 -0
- package/skills/rust/references/ecosystem.md +11 -0
- package/skills/sandbox-sdk/SKILL.md +186 -0
- package/skills/sandbox-sdk/references/api-quick-ref.md +113 -0
- package/skills/sandbox-sdk/references/examples.md +52 -0
- package/skills/shadcn-ui/SKILL.md +22 -57
- package/skills/skill-builder/SKILL.md +23 -424
- package/skills/skill-builder/references/tutorial.md +457 -0
- package/skills/sqlite/SKILL.md +16 -5
- package/skills/table.md +59 -0
- package/skills/tailwind-css/SKILL.md +11 -60
- package/skills/tailwind-css/references/component-patterns.md +52 -0
- package/skills/trpc/SKILL.md +56 -0
- package/skills/typescript/SKILL.md +30 -433
- package/skills/typescript/references/tutorial.md +453 -0
- package/skills/vercel-ai-sdk/SKILL.md +48 -0
- package/skills/vitest-standard/SKILL.md +5 -11
- package/skills/vitest-standard/references/assertions.md +11 -0
- package/skills/web-perf/SKILL.md +207 -0
- package/skills/workers-best-practices/SKILL.md +120 -0
- package/skills/workers-best-practices/references/anti-patterns.md +18 -0
- package/skills/workers-best-practices/references/review.md +174 -0
- package/skills/workers-best-practices/references/rules.md +485 -0
- package/skills/wrangler/SKILL.md +43 -0
- package/skills/wrangler/references/cli-commands.md +861 -0
- package/skills/zod/SKILL.md +48 -0
- package/dist/tools-P4VGG4FH.js +0 -1
- package/skills/react-best-practices/AGENTS.md +0 -2883
- package/skills/react-best-practices/SKILL.md +0 -138
- /package/skills/{react-best-practices → next-best-practices}/README.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/metadata.json +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/_sections.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/_template.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/advanced-event-handler-refs.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/advanced-init-once.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/advanced-use-latest.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/async-api-routes.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/async-defer-await.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/async-dependencies.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/async-parallel.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/async-suspense-boundaries.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/bundle-barrel-imports.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/bundle-conditional.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/bundle-defer-third-party.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/bundle-dynamic-imports.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/bundle-preload.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/client-event-listeners.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/client-localstorage-schema.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/client-passive-event-listeners.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/client-swr-dedup.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/js-batch-dom-css.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/js-cache-function-results.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/js-cache-property-access.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/js-cache-storage.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/js-combine-iterations.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/js-early-exit.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/js-hoist-regexp.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/js-index-maps.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/js-length-check-first.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/js-min-max-loop.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/js-set-map-lookups.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/js-tosorted-immutable.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rendering-activity.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rendering-animate-svg-wrapper.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rendering-conditional-render.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rendering-content-visibility.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rendering-hoist-jsx.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rendering-hydration-no-flicker.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rendering-hydration-suppress-warning.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rendering-svg-precision.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rendering-usetransition-loading.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rerender-defer-reads.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rerender-dependencies.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rerender-derived-state-no-effect.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rerender-derived-state.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rerender-functional-setstate.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rerender-lazy-state-init.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rerender-memo-with-default-value.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rerender-memo.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rerender-move-effect-to-event.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rerender-simple-expression-in-memo.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rerender-transitions.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/rerender-use-ref-transient-values.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/server-after-nonblocking.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/server-auth-actions.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/server-cache-lru.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/server-cache-react.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/server-dedup-props.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/server-parallel-fetching.md +0 -0
- /package/skills/{react-best-practices → next-best-practices}/rules/server-serialization.md +0 -0
|
@@ -0,0 +1,236 @@
|
|
|
1
|
+
# TURN Gotchas & Troubleshooting
|
|
2
|
+
|
|
3
|
+
Common mistakes, security best practices, and troubleshooting for Cloudflare TURN.
|
|
4
|
+
|
|
5
|
+
## Quick Reference
|
|
6
|
+
|
|
7
|
+
| Issue | Solution | Details |
|
|
8
|
+
| ---------------------------------- | ---------------------------- | -------------------------------------------------------------- |
|
|
9
|
+
| Credentials not working | Check TTL ≤ 48hrs | [See Troubleshooting](#issue-turn-credentials-not-working) |
|
|
10
|
+
| Connection drops after ~48hrs | Implement credential refresh | [See Connection Drops](#issue-connection-drops-after-48-hours) |
|
|
11
|
+
| Port 53 fails in browser | Filter server-side | [See Port 53](#using-port-53-in-browsers) |
|
|
12
|
+
| High packet loss | Check rate limits | [See Rate Limits](#limits-per-turn-allocation) |
|
|
13
|
+
| Connection fails after maintenance | Implement ICE restart | [See ICE Restart](#ice-restart-required-scenarios) |
|
|
14
|
+
|
|
15
|
+
## Critical Constraints
|
|
16
|
+
|
|
17
|
+
| Constraint | Value | Consequence if Violated |
|
|
18
|
+
| --------------------------- | -------------------------- | --------------------------------------------------- |
|
|
19
|
+
| Max credential TTL | 48 hours (172800s) | API rejects request |
|
|
20
|
+
| Credential revocation delay | ~seconds | Billing stops immediately, connection drops shortly |
|
|
21
|
+
| IP allowlist update window | 14 days (if IPs change) | Connection fails if IPs change |
|
|
22
|
+
| Packet rate | 5-10k pps per allocation | Packet drops |
|
|
23
|
+
| Data rate | 50-100 Mbps per allocation | Packet drops |
|
|
24
|
+
| Unique IP rate | >5 new IPs/sec | Packet drops |
|
|
25
|
+
|
|
26
|
+
## Limits Per TURN Allocation
|
|
27
|
+
|
|
28
|
+
**Per user** (not account-wide):
|
|
29
|
+
|
|
30
|
+
- **IP addresses**: >5 new unique IPs per second
|
|
31
|
+
- **Packet rate**: 5-10k packets per second (inbound/outbound)
|
|
32
|
+
- **Data rate**: 50-100 Mbps (inbound/outbound)
|
|
33
|
+
- **MTU**: No specific limit
|
|
34
|
+
- **Burst rates**: Higher than documented
|
|
35
|
+
|
|
36
|
+
Exceeding limits results in **packet drops**.
|
|
37
|
+
|
|
38
|
+
## Common Mistakes
|
|
39
|
+
|
|
40
|
+
### Setting TTL > 48 hours
|
|
41
|
+
|
|
42
|
+
```typescript
|
|
43
|
+
// ❌ BAD: API will reject
|
|
44
|
+
const creds = await generate({ ttl: 604800 }) // 7 days
|
|
45
|
+
|
|
46
|
+
// ✅ GOOD:
|
|
47
|
+
const creds = await generate({ ttl: 86400 }) // 24 hours
|
|
48
|
+
```
|
|
49
|
+
|
|
50
|
+
### Hardcoding IPs without monitoring
|
|
51
|
+
|
|
52
|
+
```typescript
|
|
53
|
+
// ❌ BAD: IPs can change with 14-day notice
|
|
54
|
+
const iceServers = [{ urls: 'turn:141.101.90.1:3478' }]
|
|
55
|
+
|
|
56
|
+
// ✅ GOOD: Use DNS
|
|
57
|
+
const iceServers = [{ urls: 'turn:turn.cloudflare.com:3478' }]
|
|
58
|
+
```
|
|
59
|
+
|
|
60
|
+
### Using port 53 in browsers
|
|
61
|
+
|
|
62
|
+
```typescript
|
|
63
|
+
// ❌ BAD: Blocked by Chrome/Firefox
|
|
64
|
+
urls: ['turn:turn.cloudflare.com:53']
|
|
65
|
+
|
|
66
|
+
// ✅ GOOD: Filter port 53
|
|
67
|
+
urls: urls.filter((url) => !url.includes(':53'))
|
|
68
|
+
```
|
|
69
|
+
|
|
70
|
+
### Not handling credential expiry
|
|
71
|
+
|
|
72
|
+
```typescript
|
|
73
|
+
// ❌ BAD: Credentials expire but call continues → connection drops
|
|
74
|
+
const creds = await fetchCreds()
|
|
75
|
+
const pc = new RTCPeerConnection({ iceServers: creds })
|
|
76
|
+
|
|
77
|
+
// ✅ GOOD: Refresh before expiry
|
|
78
|
+
setInterval(() => refreshCredentials(pc), 3000000) // 50 min
|
|
79
|
+
```
|
|
80
|
+
|
|
81
|
+
### Missing ICE restart support
|
|
82
|
+
|
|
83
|
+
```typescript
|
|
84
|
+
// ❌ BAD: No recovery from TURN maintenance
|
|
85
|
+
pc.addEventListener('iceconnectionstatechange', () => {
|
|
86
|
+
console.log('State changed:', pc.iceConnectionState)
|
|
87
|
+
})
|
|
88
|
+
|
|
89
|
+
// ✅ GOOD: Implement ICE restart
|
|
90
|
+
pc.addEventListener('iceconnectionstatechange', async () => {
|
|
91
|
+
if (pc.iceConnectionState === 'failed') {
|
|
92
|
+
await refreshCredentials(pc)
|
|
93
|
+
pc.restartIce()
|
|
94
|
+
}
|
|
95
|
+
})
|
|
96
|
+
```
|
|
97
|
+
|
|
98
|
+
### Exposing TURN key secret client-side
|
|
99
|
+
|
|
100
|
+
```typescript
|
|
101
|
+
// ❌ BAD: Secret exposed to client
|
|
102
|
+
const secret = 'your-turn-key-secret'
|
|
103
|
+
const response = await fetch(`https://rtc.live.cloudflare.com/v1/turn/...`, {
|
|
104
|
+
headers: { Authorization: `Bearer ${secret}` },
|
|
105
|
+
})
|
|
106
|
+
|
|
107
|
+
// ✅ GOOD: Generate credentials server-side
|
|
108
|
+
const response = await fetch('/api/turn-credentials')
|
|
109
|
+
```
|
|
110
|
+
|
|
111
|
+
## ICE Restart Required Scenarios
|
|
112
|
+
|
|
113
|
+
These events require ICE restart (see [patterns.md](./patterns.md#ice-restart-pattern)):
|
|
114
|
+
|
|
115
|
+
1. **TURN server maintenance** (occasional on Cloudflare's network)
|
|
116
|
+
2. **Network topology changes** (anycast routing changes)
|
|
117
|
+
3. **Credential refresh** during long sessions (>1 hour)
|
|
118
|
+
4. **Connection failure** (iceConnectionState === 'failed')
|
|
119
|
+
|
|
120
|
+
Implement in all production apps:
|
|
121
|
+
|
|
122
|
+
```typescript
|
|
123
|
+
pc.addEventListener('iceconnectionstatechange', async () => {
|
|
124
|
+
if (pc.iceConnectionState === 'failed' || pc.iceConnectionState === 'disconnected') {
|
|
125
|
+
await refreshTURNCredentials(pc)
|
|
126
|
+
pc.restartIce()
|
|
127
|
+
const offer = await pc.createOffer({ iceRestart: true })
|
|
128
|
+
await pc.setLocalDescription(offer)
|
|
129
|
+
// Send offer to peer via signaling...
|
|
130
|
+
}
|
|
131
|
+
})
|
|
132
|
+
```
|
|
133
|
+
|
|
134
|
+
Reference: [RFC 8445 Section 2.4](https://datatracker.ietf.org/doc/html/rfc8445#section-2.4)
|
|
135
|
+
|
|
136
|
+
## Security Checklist
|
|
137
|
+
|
|
138
|
+
- [ ] Credentials generated server-side only (never client-side)
|
|
139
|
+
- [ ] TURN_KEY_SECRET in wrangler secrets, not vars
|
|
140
|
+
- [ ] TTL ≤ expected session duration (and ≤ 48 hours)
|
|
141
|
+
- [ ] Rate limiting on credential generation endpoint
|
|
142
|
+
- [ ] Client authentication before issuing credentials
|
|
143
|
+
- [ ] Credential revocation API for compromised sessions
|
|
144
|
+
- [ ] No hardcoded IPs (or DNS monitoring in place)
|
|
145
|
+
- [ ] Port 53 filtered for browser clients
|
|
146
|
+
|
|
147
|
+
## Troubleshooting
|
|
148
|
+
|
|
149
|
+
### Issue: TURN credentials not working
|
|
150
|
+
|
|
151
|
+
**Check:**
|
|
152
|
+
|
|
153
|
+
- Key ID and secret are correct
|
|
154
|
+
- Credentials haven't expired (check TTL)
|
|
155
|
+
- TTL doesn't exceed 172800 seconds (48 hours)
|
|
156
|
+
- Server can reach rtc.live.cloudflare.com
|
|
157
|
+
- Network allows outbound HTTPS
|
|
158
|
+
|
|
159
|
+
**Solution:**
|
|
160
|
+
|
|
161
|
+
```typescript
|
|
162
|
+
// Validate before using
|
|
163
|
+
if (ttl > 172800) {
|
|
164
|
+
throw new Error('TTL cannot exceed 48 hours')
|
|
165
|
+
}
|
|
166
|
+
```
|
|
167
|
+
|
|
168
|
+
### Issue: Slow connection establishment
|
|
169
|
+
|
|
170
|
+
**Solutions:**
|
|
171
|
+
|
|
172
|
+
- Ensure proper ICE candidate gathering
|
|
173
|
+
- Check network latency to Cloudflare edge
|
|
174
|
+
- Verify firewall allows WebRTC ports (3478, 5349, 443)
|
|
175
|
+
- Consider using TURN over TLS (port 443) for corporate networks
|
|
176
|
+
|
|
177
|
+
### Issue: High packet loss
|
|
178
|
+
|
|
179
|
+
**Check:**
|
|
180
|
+
|
|
181
|
+
- Not exceeding rate limits (5-10k pps)
|
|
182
|
+
- Not exceeding bandwidth limits (50-100 Mbps)
|
|
183
|
+
- Not connecting to too many unique IPs (>5/sec)
|
|
184
|
+
- Client network quality
|
|
185
|
+
|
|
186
|
+
### Issue: Connection drops after ~48 hours
|
|
187
|
+
|
|
188
|
+
**Cause**: Credentials expired (48hr max)
|
|
189
|
+
|
|
190
|
+
**Solution**:
|
|
191
|
+
|
|
192
|
+
- Set TTL to expected session duration
|
|
193
|
+
- Implement credential refresh with setConfiguration()
|
|
194
|
+
- Use ICE restart if connection fails
|
|
195
|
+
|
|
196
|
+
```typescript
|
|
197
|
+
// Refresh credentials before expiry
|
|
198
|
+
const refreshInterval = ttl * 1000 - 60000 // 1 min early
|
|
199
|
+
setInterval(async () => {
|
|
200
|
+
await refreshTURNCredentials(pc)
|
|
201
|
+
}, refreshInterval)
|
|
202
|
+
```
|
|
203
|
+
|
|
204
|
+
### Issue: Port 53 URLs in browser fail silently
|
|
205
|
+
|
|
206
|
+
**Cause**: Chrome/Firefox block port 53
|
|
207
|
+
|
|
208
|
+
**Solution**: Filter port 53 URLs server-side:
|
|
209
|
+
|
|
210
|
+
```typescript
|
|
211
|
+
const filtered = urls.filter((url) => !url.includes(':53'))
|
|
212
|
+
```
|
|
213
|
+
|
|
214
|
+
### Issue: Hardcoded IPs stop working
|
|
215
|
+
|
|
216
|
+
**Cause**: Cloudflare changed IP addresses (14-day notice)
|
|
217
|
+
|
|
218
|
+
**Solution**:
|
|
219
|
+
|
|
220
|
+
- Use DNS hostnames (`turn.cloudflare.com`)
|
|
221
|
+
- Monitor DNS changes with automated alerts
|
|
222
|
+
- Update allowlists within 14 days if using IP allowlisting
|
|
223
|
+
|
|
224
|
+
## Cost Optimization
|
|
225
|
+
|
|
226
|
+
1. Use appropriate TTLs (don't over-provision)
|
|
227
|
+
2. Implement credential caching
|
|
228
|
+
3. Set `iceTransportPolicy: 'all'` to try direct first (use `'relay'` only when necessary)
|
|
229
|
+
4. Monitor bandwidth usage
|
|
230
|
+
5. Free when used with Cloudflare Calls SFU
|
|
231
|
+
|
|
232
|
+
## See Also
|
|
233
|
+
|
|
234
|
+
- [api.md](./api.md) - Credential generation API, revocation
|
|
235
|
+
- [configuration.md](./configuration.md) - IP allowlisting, monitoring
|
|
236
|
+
- [patterns.md](./patterns.md) - ICE restart, credential refresh patterns
|
|
@@ -0,0 +1,228 @@
|
|
|
1
|
+
# TURN Implementation Patterns
|
|
2
|
+
|
|
3
|
+
Production-ready patterns for implementing Cloudflare TURN in WebRTC applications.
|
|
4
|
+
|
|
5
|
+
## Prerequisites
|
|
6
|
+
|
|
7
|
+
Before implementing these patterns, ensure you have:
|
|
8
|
+
|
|
9
|
+
- TURN key created: see [api.md#create-turn-key](./api.md#create-turn-key)
|
|
10
|
+
- Worker configured: see [configuration.md#cloudflare-worker-integration](./configuration.md#cloudflare-worker-integration)
|
|
11
|
+
|
|
12
|
+
## Basic TURN Configuration (Browser)
|
|
13
|
+
|
|
14
|
+
```typescript
|
|
15
|
+
interface RTCIceServer {
|
|
16
|
+
urls: string | string[]
|
|
17
|
+
username?: string
|
|
18
|
+
credential?: string
|
|
19
|
+
credentialType?: 'password' | 'oauth'
|
|
20
|
+
}
|
|
21
|
+
|
|
22
|
+
async function getTURNConfig(): Promise<RTCIceServer[]> {
|
|
23
|
+
const response = await fetch('/api/turn-credentials')
|
|
24
|
+
const data = await response.json()
|
|
25
|
+
|
|
26
|
+
return [
|
|
27
|
+
{
|
|
28
|
+
urls: 'stun:stun.cloudflare.com:3478',
|
|
29
|
+
},
|
|
30
|
+
{
|
|
31
|
+
urls: [
|
|
32
|
+
'turn:turn.cloudflare.com:3478?transport=udp',
|
|
33
|
+
'turn:turn.cloudflare.com:3478?transport=tcp',
|
|
34
|
+
'turns:turn.cloudflare.com:5349?transport=tcp',
|
|
35
|
+
'turns:turn.cloudflare.com:443?transport=tcp',
|
|
36
|
+
],
|
|
37
|
+
username: data.username,
|
|
38
|
+
credential: data.credential,
|
|
39
|
+
credentialType: 'password',
|
|
40
|
+
},
|
|
41
|
+
]
|
|
42
|
+
}
|
|
43
|
+
|
|
44
|
+
// Use in RTCPeerConnection
|
|
45
|
+
const iceServers = await getTURNConfig()
|
|
46
|
+
const peerConnection = new RTCPeerConnection({ iceServers })
|
|
47
|
+
```
|
|
48
|
+
|
|
49
|
+
## Port Selection Strategy
|
|
50
|
+
|
|
51
|
+
Recommended order for browser clients:
|
|
52
|
+
|
|
53
|
+
1. **3478/udp** (primary, lowest latency)
|
|
54
|
+
2. **3478/tcp** (fallback for UDP-blocked networks)
|
|
55
|
+
3. **5349/tls** (corporate firewalls, most reliable)
|
|
56
|
+
4. **443/tls** (alternate TLS port, firewall-friendly)
|
|
57
|
+
|
|
58
|
+
**Avoid port 53**—blocked by Chrome and Firefox.
|
|
59
|
+
|
|
60
|
+
```typescript
|
|
61
|
+
function filterICEServersForBrowser(urls: string[]): string[] {
|
|
62
|
+
return urls
|
|
63
|
+
.filter((url) => !url.includes(':53')) // Remove port 53
|
|
64
|
+
.sort((a, b) => {
|
|
65
|
+
// Prioritize UDP over TCP over TLS
|
|
66
|
+
if (a.includes('transport=udp')) return -1
|
|
67
|
+
if (b.includes('transport=udp')) return 1
|
|
68
|
+
if (a.includes('transport=tcp') && !a.startsWith('turns:')) return -1
|
|
69
|
+
if (b.includes('transport=tcp') && !b.startsWith('turns:')) return 1
|
|
70
|
+
return 0
|
|
71
|
+
})
|
|
72
|
+
}
|
|
73
|
+
```
|
|
74
|
+
|
|
75
|
+
## Credential Refresh (Mid-Session)
|
|
76
|
+
|
|
77
|
+
When credentials expire during long calls:
|
|
78
|
+
|
|
79
|
+
```typescript
|
|
80
|
+
async function refreshTURNCredentials(pc: RTCPeerConnection): Promise<void> {
|
|
81
|
+
const newCreds = await fetch('/turn-credentials').then((r) => r.json())
|
|
82
|
+
const config = pc.getConfiguration()
|
|
83
|
+
config.iceServers = newCreds.iceServers
|
|
84
|
+
pc.setConfiguration(config)
|
|
85
|
+
// Note: setConfiguration() does NOT trigger ICE restart
|
|
86
|
+
// Combine with restartIce() if connection fails
|
|
87
|
+
}
|
|
88
|
+
|
|
89
|
+
// Auto-refresh before expiry
|
|
90
|
+
setInterval(async () => {
|
|
91
|
+
await refreshTURNCredentials(peerConnection)
|
|
92
|
+
}, 3000000) // 50 minutes if TTL is 1 hour
|
|
93
|
+
```
|
|
94
|
+
|
|
95
|
+
## ICE Restart Pattern
|
|
96
|
+
|
|
97
|
+
After network change, TURN server maintenance, or credential expiry:
|
|
98
|
+
|
|
99
|
+
```typescript
|
|
100
|
+
pc.addEventListener('iceconnectionstatechange', async () => {
|
|
101
|
+
if (pc.iceConnectionState === 'failed') {
|
|
102
|
+
console.warn('ICE connection failed, restarting...')
|
|
103
|
+
|
|
104
|
+
// Refresh credentials
|
|
105
|
+
await refreshTURNCredentials(pc)
|
|
106
|
+
|
|
107
|
+
// Trigger ICE restart
|
|
108
|
+
pc.restartIce()
|
|
109
|
+
const offer = await pc.createOffer({ iceRestart: true })
|
|
110
|
+
await pc.setLocalDescription(offer)
|
|
111
|
+
|
|
112
|
+
// Send offer to peer via signaling channel...
|
|
113
|
+
}
|
|
114
|
+
})
|
|
115
|
+
```
|
|
116
|
+
|
|
117
|
+
## Credentials Caching Pattern
|
|
118
|
+
|
|
119
|
+
```typescript
|
|
120
|
+
class TURNCredentialsManager {
|
|
121
|
+
private creds: {
|
|
122
|
+
username: string
|
|
123
|
+
credential: string
|
|
124
|
+
urls: string[]
|
|
125
|
+
expiresAt: number
|
|
126
|
+
} | null = null
|
|
127
|
+
|
|
128
|
+
async getCredentials(keyId: string, keySecret: string): Promise<RTCIceServer[]> {
|
|
129
|
+
const now = Date.now()
|
|
130
|
+
|
|
131
|
+
if (this.creds && this.creds.expiresAt > now) {
|
|
132
|
+
return this.buildIceServers(this.creds)
|
|
133
|
+
}
|
|
134
|
+
|
|
135
|
+
const ttl = 3600
|
|
136
|
+
if (ttl > 172800) throw new Error('TTL max 48hrs')
|
|
137
|
+
|
|
138
|
+
const res = await fetch(
|
|
139
|
+
`https://rtc.live.cloudflare.com/v1/turn/keys/${keyId}/credentials/generate`,
|
|
140
|
+
{
|
|
141
|
+
method: 'POST',
|
|
142
|
+
headers: { Authorization: `Bearer ${keySecret}`, 'Content-Type': 'application/json' },
|
|
143
|
+
body: JSON.stringify({ ttl }),
|
|
144
|
+
}
|
|
145
|
+
)
|
|
146
|
+
|
|
147
|
+
const data = await res.json()
|
|
148
|
+
const filteredUrls = data.iceServers.urls.filter((url: string) => !url.includes(':53'))
|
|
149
|
+
|
|
150
|
+
this.creds = {
|
|
151
|
+
username: data.iceServers.username,
|
|
152
|
+
credential: data.iceServers.credential,
|
|
153
|
+
urls: filteredUrls,
|
|
154
|
+
expiresAt: now + ttl * 1000 - 60000,
|
|
155
|
+
}
|
|
156
|
+
|
|
157
|
+
return this.buildIceServers(this.creds)
|
|
158
|
+
}
|
|
159
|
+
|
|
160
|
+
private buildIceServers(c: {
|
|
161
|
+
username: string
|
|
162
|
+
credential: string
|
|
163
|
+
urls: string[]
|
|
164
|
+
}): RTCIceServer[] {
|
|
165
|
+
return [
|
|
166
|
+
{ urls: 'stun:stun.cloudflare.com:3478' },
|
|
167
|
+
{
|
|
168
|
+
urls: c.urls,
|
|
169
|
+
username: c.username,
|
|
170
|
+
credential: c.credential,
|
|
171
|
+
credentialType: 'password' as const,
|
|
172
|
+
},
|
|
173
|
+
]
|
|
174
|
+
}
|
|
175
|
+
}
|
|
176
|
+
```
|
|
177
|
+
|
|
178
|
+
## Common Use Cases
|
|
179
|
+
|
|
180
|
+
```typescript
|
|
181
|
+
// Video conferencing: TURN as fallback
|
|
182
|
+
const config = { iceServers: await getTURNConfig(), iceTransportPolicy: 'all' }
|
|
183
|
+
|
|
184
|
+
// IoT/predictable connectivity: force TURN
|
|
185
|
+
const config = { iceServers: await getTURNConfig(), iceTransportPolicy: 'relay' }
|
|
186
|
+
|
|
187
|
+
// Screen sharing: reduce overhead
|
|
188
|
+
const pc = new RTCPeerConnection({ iceServers: await getTURNConfig(), bundlePolicy: 'max-bundle' })
|
|
189
|
+
```
|
|
190
|
+
|
|
191
|
+
## Integration with Cloudflare Calls SFU
|
|
192
|
+
|
|
193
|
+
```typescript
|
|
194
|
+
// TURN is automatically used when needed
|
|
195
|
+
// Cloudflare Calls handles TURN + SFU coordination
|
|
196
|
+
const session = await callsClient.createSession({
|
|
197
|
+
appId: 'your-app-id',
|
|
198
|
+
sessionId: 'meeting-123',
|
|
199
|
+
})
|
|
200
|
+
```
|
|
201
|
+
|
|
202
|
+
## Debugging ICE Connectivity
|
|
203
|
+
|
|
204
|
+
```typescript
|
|
205
|
+
pc.addEventListener('icecandidate', (event) => {
|
|
206
|
+
if (event.candidate) {
|
|
207
|
+
console.log('ICE candidate:', event.candidate.type, event.candidate.protocol)
|
|
208
|
+
}
|
|
209
|
+
})
|
|
210
|
+
|
|
211
|
+
pc.addEventListener('iceconnectionstatechange', () => {
|
|
212
|
+
console.log('ICE state:', pc.iceConnectionState)
|
|
213
|
+
})
|
|
214
|
+
|
|
215
|
+
// Check selected candidate pair
|
|
216
|
+
const stats = await pc.getStats()
|
|
217
|
+
stats.forEach((report) => {
|
|
218
|
+
if (report.type === 'candidate-pair' && report.selected) {
|
|
219
|
+
console.log('Selected:', report)
|
|
220
|
+
}
|
|
221
|
+
})
|
|
222
|
+
```
|
|
223
|
+
|
|
224
|
+
## See Also
|
|
225
|
+
|
|
226
|
+
- [api.md](./api.md) - Credential generation API, types
|
|
227
|
+
- [configuration.md](./configuration.md) - Worker setup, environment variables
|
|
228
|
+
- [gotchas.md](./gotchas.md) - Common mistakes, troubleshooting
|
|
@@ -0,0 +1,102 @@
|
|
|
1
|
+
# Cloudflare Turnstile Implementation Skill Reference
|
|
2
|
+
|
|
3
|
+
Expert guidance for implementing Cloudflare Turnstile - a smart CAPTCHA alternative that protects websites from bots without showing traditional CAPTCHA puzzles.
|
|
4
|
+
|
|
5
|
+
## Overview
|
|
6
|
+
|
|
7
|
+
Turnstile is a user-friendly CAPTCHA alternative that runs challenges in the background without user interaction. It validates visitors automatically using signals like browser behavior, device fingerprinting, and machine learning.
|
|
8
|
+
|
|
9
|
+
## Widget Types
|
|
10
|
+
|
|
11
|
+
| Type | Interaction | Use Case |
|
|
12
|
+
| --------------------- | ---------------------------------- | --------------------------------------- |
|
|
13
|
+
| **Managed** (default) | Shows checkbox when needed | Forms, logins - balance UX and security |
|
|
14
|
+
| **Non-Interactive** | Invisible, runs automatically | Frictionless UX, low-risk actions |
|
|
15
|
+
| **Invisible** | Hidden, triggered programmatically | Pre-clearance, API calls, headless |
|
|
16
|
+
|
|
17
|
+
## Quick Start
|
|
18
|
+
|
|
19
|
+
### Implicit Rendering (HTML-based)
|
|
20
|
+
|
|
21
|
+
```html
|
|
22
|
+
<!-- 1. Add script -->
|
|
23
|
+
<script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>
|
|
24
|
+
|
|
25
|
+
<!-- 2. Add widget to form -->
|
|
26
|
+
<form action="/submit" method="POST">
|
|
27
|
+
<div class="cf-turnstile" data-sitekey="YOUR_SITE_KEY"></div>
|
|
28
|
+
<button type="submit">Submit</button>
|
|
29
|
+
</form>
|
|
30
|
+
```
|
|
31
|
+
|
|
32
|
+
### Explicit Rendering (JavaScript-based)
|
|
33
|
+
|
|
34
|
+
```html
|
|
35
|
+
<div id="turnstile-container"></div>
|
|
36
|
+
<script src="https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit"></script>
|
|
37
|
+
<script>
|
|
38
|
+
window.turnstile.render('#turnstile-container', {
|
|
39
|
+
sitekey: 'YOUR_SITE_KEY',
|
|
40
|
+
callback: (token) => console.log('Token:', token),
|
|
41
|
+
})
|
|
42
|
+
</script>
|
|
43
|
+
```
|
|
44
|
+
|
|
45
|
+
### Server Validation (Required)
|
|
46
|
+
|
|
47
|
+
```javascript
|
|
48
|
+
// Cloudflare Workers
|
|
49
|
+
export default {
|
|
50
|
+
async fetch(request) {
|
|
51
|
+
const formData = await request.formData()
|
|
52
|
+
const token = formData.get('cf-turnstile-response')
|
|
53
|
+
|
|
54
|
+
const result = await fetch('https://challenges.cloudflare.com/turnstile/v0/siteverify', {
|
|
55
|
+
method: 'POST',
|
|
56
|
+
headers: { 'Content-Type': 'application/json' },
|
|
57
|
+
body: JSON.stringify({
|
|
58
|
+
secret: env.TURNSTILE_SECRET,
|
|
59
|
+
response: token,
|
|
60
|
+
remoteip: request.headers.get('CF-Connecting-IP'),
|
|
61
|
+
}),
|
|
62
|
+
})
|
|
63
|
+
|
|
64
|
+
const validation = await result.json()
|
|
65
|
+
if (!validation.success) {
|
|
66
|
+
return new Response('Invalid CAPTCHA', { status: 400 })
|
|
67
|
+
}
|
|
68
|
+
// Process form...
|
|
69
|
+
},
|
|
70
|
+
}
|
|
71
|
+
```
|
|
72
|
+
|
|
73
|
+
## Testing Keys
|
|
74
|
+
|
|
75
|
+
**Critical for development/testing:**
|
|
76
|
+
|
|
77
|
+
| Type | Key | Behavior |
|
|
78
|
+
| ------------------------------ | ------------------------------------- | ---------------------------------- |
|
|
79
|
+
| **Site Key (Always Passes)** | `1x00000000000000000000AA` | Widget succeeds, token validates |
|
|
80
|
+
| **Site Key (Always Blocks)** | `2x00000000000000000000AB` | Widget fails visibly |
|
|
81
|
+
| **Site Key (Force Challenge)** | `3x00000000000000000000FF` | Always shows interactive challenge |
|
|
82
|
+
| **Secret Key (Testing)** | `1x0000000000000000000000000000000AA` | Validates test tokens |
|
|
83
|
+
|
|
84
|
+
**Note:** Test keys work on `localhost` and any domain. Do NOT use in production.
|
|
85
|
+
|
|
86
|
+
## Key Constraints
|
|
87
|
+
|
|
88
|
+
- **Token expiry:** 5 minutes after generation
|
|
89
|
+
- **Single-use:** Each token can only be validated once
|
|
90
|
+
- **Server validation required:** Client-side checks are insufficient
|
|
91
|
+
|
|
92
|
+
## Reading Order
|
|
93
|
+
|
|
94
|
+
1. **[configuration.md](configuration.md)** - Setup, widget options, script loading
|
|
95
|
+
2. **[api.md](api.md)** - JavaScript API, siteverify endpoints, TypeScript types
|
|
96
|
+
3. **[patterns.md](patterns.md)** - Form integration, framework examples, validation patterns
|
|
97
|
+
4. **[gotchas.md](gotchas.md)** - Common errors, debugging, limitations
|
|
98
|
+
|
|
99
|
+
## See Also
|
|
100
|
+
|
|
101
|
+
- [Cloudflare Turnstile Docs](https://developers.cloudflare.com/turnstile/)
|
|
102
|
+
- [Dashboard](https://dash.cloudflare.com/?to=/:account/turnstile)
|