odac 1.1.0 → 1.2.0

package/.agent/rules/coding.md

@@ -0,0 +1,27 @@
+---
+trigger: always_on
+---
+
+# Coding Standards & Best Practices
+
+## 1. Testing Strategy
+- **Rule:** No feature is complete without tests.
+- **Goal:** Maintain stability and prevent regressions.
+- **Action:** Write unit tests for logic and integration tests for API endpoints.
+
+## 2. Dependency Management
+- **Philosophy:** "Less is more."
+- **Rule:** Avoid external dependencies unless absolutely necessary.
+- **Preference:** Prioritize native Node.js modules (`fs`, `http`, `crypto`, etc.) to reduce bundle size and security attack surface.
+
+## 3. Error Handling
+- **Rule:** Fail loudly and clearly.
+- **Practice:** Use custom Error classes where possible.
+- **Message:** Error messages should guide the developer on how to fix the issue, not just say "Error".
+
+## 4. Modern JavaScript
+- **Standard:** Use ES6+ features (Async/Await, Arrow functions, Destructuring).
+- **Modules:** Strict adherence to ES Modules (import/export).
+
+## 5. Route & Session Logic
+- **Session Initialization:** `Odac.Request.setSession()` MUST be called before any logic that attempts to access `Odac.Request.session()`. This includes global middleware or form processing logic in `Route.js` that runs before the specific controller is resolved.

package/.agent/rules/memory.md

@@ -0,0 +1,33 @@
+---
+trigger: always_on
+---
+
+# Project Memory & Rules
+
+## Configuration & Environment
+- **Debug Mode Logic:** The `debug` configuration in `src/Config.js` defaults to `process.env.NODE_ENV !== 'production'`. This ensures that `odac dev` (undefined NODE_ENV) enables debug/hot-reload, while `odac start` (NODE_ENV=production) disables it to use caching.
+- **Logging Strategy:** 
+    - **Development (`debug: true`):** Enable verbose logging, hot-reloading notifications, and detailed stack traces for easier debugging.
+    - **Production (`debug: false`):** Minimize logging to essential operational events (Start/Stop) and Fatal Errors only. Avoid `console.log` for per-request information to preserve performance and disk space. Sensitive error details must not be exposed to the user.
+
+## Development Standards & Integrity
+- **NO QUICK/LAZY FIXES:** Explicitly prohibited. 
+    - Never implement truncated solutions (e.g., `substring(0, 32)` on a hash) or temporary workarounds just to make code run.
+    - Always implement the mathematically and architecturally correct "Enterprise-Grade" solution (e.g., using raw `Buffer` for crypto keys instead of hex strings).
+    - If a proper solution requires refactoring, do the refactoring. Do not patch holes.
+    - **Prioritize Correctness over Speed:** It is better to verify documentation or think for a minute than to output a sub-par patch.
+
+## Code Quality & Modern Standards
+- **No Legacy Syntax:** 
+    - **Strictly Prohibited:** The use of `var` is forbidden. Use `const` (preferred) or `let` (only if mutation is needed).
+    - **Variable Scope:** Ensure variables are block-scoped to prevent leakage.
+- **Anti-Spaghetti Code:**
+    - **Fail-Fast Pattern:** Avoid deeply nested `if/else` logic. Use early returns (`return`, `break`, `continue`) to handle negative cases immediately.
+    - **Promise Handling:** Resolve Promises upfront (e.g., `Promise.all` or strict `await` before loops) rather than mixing `await` inside deep logic or mutating input objects.
+    - **Strict Equality:** Always use strict equality checks (`===`) instead of loose ones.
+    - **Loop Optimization:** Use labeled loops (`label: for`) for efficient control flow in nested structures. Eliminate intermediate "flag" variables (`isMatch`, `found`) by using direct `return` or `continue label`.
+    - **Direct Returns:** Return a value as soon as it is determined. Avoid assigning to a temporary variable (e.g. `matchedUser`) and breaking the loop, unless post-loop processing is strictly necessary.
+    - **Async State Safety:** When an async function depends on mutable class state (like `pendingMiddlewares`), capture that state into a local `const` *synchronously* before triggering any async operations. This prevents race conditions where the state changes before the async task consumes it.
+
+## Dependency Management
+- **Prefer Native Fetch:** Use the native `fetch` API for network requests in both Node.js (18+) and browser environments to reduce dependencies and bundle size.

package/.agent/rules/project.md

@@ -0,0 +1,30 @@
+---
+trigger: always_on
+---
+
+# Project Context & Design Philosophy
+
+## Project Identity
+- **Type:** Node.js Framework
+- **Goal:** To provide a robust, enterprise-ready backbone for web applications.
+
+## Core Priorities (The "Big 3")
+1.  **Enterprise-Level Security:** 
+    - Security is not an afterthought; it is foundational. 
+    - Default to secure settings. 
+    - Validate all inputs. 
+    - Sanitize outputs. 
+    - Use established cryptographic standards.
+2.  **Zero-Config:** 
+    - The framework should work "out of the box" with sensible defaults. 
+    - Configuration should be optional, not mandatory for getting started. 
+    - "Convention over Configuration" is key.
+3.  **High Performance:** 
+    - Code must be optimized for throughput and low latency. 
+    - Avoid unnecessary overhead. 
+    - Profile and benchmark critical paths. 
+    - Memory management is crucial.
+
+## Interaction Guidelines for AI
+- Always assume the user wants the most efficient and secure solution unless specified otherwise.
+- When suggesting architecture, prioritize scalability and maintainability.

package/.agent/rules/workflow.md

@@ -0,0 +1,16 @@
+---
+trigger: always_on
+---
+
+# Development Workflow Rules
+
+## 1. Quality Assurance (Linting)
+- **Rule:** **ALWAYS** runs lint checks after writing or modifying code.
+- **Action:** Execute the project's linting command (e.g., `npm run lint` or `eslint .`) to verify code compliance.
+- **Strictness:** Do not mark a task as complete if lint errors persist. Fix them immediately.
+
+## 2. Documentation Hygiene
+- **Rule:** Documentation must be kept in sync with code changes.
+- **Trigger:** Adding a new feature, modifying an API, or changing configuration behavior.
+- **Action:** Update the relevant `.md` files (README, API docs, etc.) or JSDoc comments.
+- **Goal:** Ensure that the documentation is never stale and accurately reflects the current state of the codebase.

package/.github/workflows/release.yml

@@ -7,6 +7,7 @@ on:
     paths-ignore:
       - 'CHANGELOG.md'
       - 'package.json'
+      - '.github/workflows/test-publish.yml'
   workflow_dispatch:
 
 jobs:
@@ -27,9 +28,12 @@ jobs:
       - name: Setup Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: '22'
+          node-version: '24'
           registry-url: 'https://registry.npmjs.org'
 
+      - name: Update npm
+        run: npm install -g npm@latest
+
       - name: Install dependencies
         run: npm install
 
@@ -37,3 +41,40 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: npx semantic-release
+
+      - name: Publish to npm
+        run: npm publish --provenance --access public
+      
+      - name: Get version
+        id: version
+        run: echo "version=$(node -p "require('./package.json').version")" >> $GITHUB_OUTPUT
+
+      - name: Checkout Actions
+        if: steps.version.outputs.version != ''
+        uses: actions/checkout@v4
+        with:
+          repository: odac-run/actions
+          token: ${{ secrets.GH_PAT }}
+          path: .github/odac-actions
+
+      - name: Generate Release Notes
+        id: ai_notes
+        if: steps.version.outputs.version != ''
+        uses: ./.github/odac-actions/actions/release-notes
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          michelangelo: ${{ secrets.MICHELANGELO }}
+        timeout-minutes: 15
+        continue-on-error: true
+
+      - name: Cleanup Actions
+        if: always()
+        run: rm -rf .github/odac-actions
+      - name: Update Release
+        uses: softprops/action-gh-release@v1
+        if: steps.ai_notes.outcome == 'success' && steps.version.outputs.version != ''
+        with:
+          tag_name: v${{ steps.version.outputs.version }}
+          body_path: RELEASE_NOTE.md
+          draft: false
+          prerelease: false

package/.github/workflows/test-coverage.yml

@@ -20,7 +20,7 @@ jobs:
 
     strategy:
       matrix:
-        node-version: 22.x
+        node-version: [18.x, 24.x]
 
     steps:
       - name: Checkout code
@@ -41,19 +41,20 @@ jobs:
         run: npm test
 
       - name: Upload coverage reports
-        if: matrix.node-version == '22.x'
-        uses: codecov/codecov-action@v3
+        if: matrix.node-version == '18.x'
+        uses: codecov/codecov-action@v4
         with:
           files: ./coverage/lcov.info
           flags: unittests
           name: codecov-umbrella
           fail_ci_if_error: false
+          token: ${{ secrets.CODECOV_TOKEN }}
 
       - name: Coverage Summary
-        if: matrix.node-version == '22.x'
+        if: matrix.node-version == '18.x'
         run: |
           echo "## Test Coverage Summary" >> $GITHUB_STEP_SUMMARY
           echo "" >> $GITHUB_STEP_SUMMARY
           echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
-          npx nyc report --reporter=text-summary >> $GITHUB_STEP_SUMMARY || echo "Coverage report not available" >> $GITHUB_STEP_SUMMARY
+          npx nyc report --reporter=text-summary --temp-directory=coverage >> $GITHUB_STEP_SUMMARY || echo "Coverage report not available" >> $GITHUB_STEP_SUMMARY
           echo "\`\`\`" >> $GITHUB_STEP_SUMMARY

package/.github/workflows/test-publish.yml

@@ -0,0 +1,36 @@
+name: Test Publish Authentication
+
+on:
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  id-token: write
+
+jobs:
+  test-publish:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '24'
+
+      - name: Update npm
+        run: npm install -g npm@latest
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Debug Environment
+        run: |
+          npm --version
+          node --version
+          npm config list
+          ls -la .npmrc || echo "No local .npmrc"
+
+      - name: Test Publish (Real Attempt)
+        run: npm publish --provenance --access public --registry https://registry.npmjs.org/

package/.husky/pre-commit

@@ -0,0 +1,10 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+echo "🔍 Running Pre-commit Hooks..."
+
+# Run linting and formatting on staged files
+npx lint-staged
+
+# Run tests for changed files to ensure no regressions
+node test/scripts/check-coverage.js

package/.husky/pre-push

@@ -0,0 +1,13 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+# Prevent pushing code with High/Critical vulnerabilities
+echo "🛡️  Running Security Gate (npm audit)..."
+
+npm audit --audit-level=high
+
+if [ $? -ne 0 ]; then
+    echo "❌ Security Check Failed! High vulnerabilities detected."
+    echo "Run 'npm audit fix' or add overrides before pushing."
+    exit 1
+fi

package/.releaserc.js

@@ -122,16 +122,16 @@ Powered by [⚡ ODAC](https://odac.run)
     [
       '@semantic-release/npm',
       {
-        provenance: true
+        npmPublish: false
       }
     ],
     [
       '@semantic-release/git',
       {
         assets: ['package.json', 'CHANGELOG.md'],
-        message: '⚡ ODAC v${nextRelease.version} Released'
+        message: '⚡ ODAC.JS v${nextRelease.version} Released'
       }
     ],
     '@semantic-release/github'
   ]
-}
+}

package/CHANGELOG.md

@@ -1,3 +1,70 @@
+### agent
+
+- Clarify logging strategies for development and production environments
+
+### deps
+
+- update `tar` override version and add `@semantic-release/npm` override.
+
+### ⚙️ Engine Tuning
+
+- add JSDoc and default parameter to `Auth.user` method for improved clarity and robustness.
+- enable method chaining for cron job condition definitions
+- Enhance cryptographic security by using CSPRNG for token generation, SHA-256 for encryption key derivation, and adding clarifying configuration comments.
+- Improve authentication logic by adopting fail-fast patterns, upfront promise resolution, and optimized loop control, aligning with new code quality guidelines.
+- Improve view file reading by using `fsPromises.open` for better resource management and atomic operations.
+- Migrate route and middleware loading to asynchronous file system operations for improved performance.
+- Remove redundant `fs.existsSync` checks before `fs.mkdirSync` and add `EEXIST` handling for `fs.writeFileSync`.
+- remove unused nodeCrypto import from Config.test.js
+- rename config.json to odac.json for brand consistency
+- Streamline default CSS file creation using `fs.writeFileSync` 'wx' flag.
+- Use raw Buffer for encryption key hashing, aligning with enterprise-grade development standards.
+
+### ⚡️ Performance Upgrades
+
+- Implement enterprise-grade HTTP server performance configurations
+- Optimize file serving by eliminating redundant `fs.stat` calls and deriving content length directly from the read file.
+- **route:** implementation of async I/O and metadata caching for static assets
+- **view:** switch to async I/O and implement aggressive production caching
+
+### ✨ What's New
+
+- add built-in tailwindcss v4 support with zero-config
+- Enhance cron job scheduling with new `.at()` and `.raw()` methods, update cron documentation.
+- Enhance Tailwind CSS watcher to prioritize local CLI over npx for improved reliability and adjust shell option accordingly.
+- **framework:** add Odac.session() helper and update docs
+- implement Class-Based Controllers support and update docs
+- Implement conditional environment variable loading, configure server workers based on debug mode
+- Replaced bcrypt with native Node.js crypto.scrypt for hashing, removed bcrypt and axios dependencies, and updated related validation checks.
+- support multiple Tailwind CSS entry points in build and dev processes.
+
+### 📚 Documentation
+
+- add documentation for multiple CSS file support
+- add project structure overview to README
+- Add Tailwind CSS v4 integration to README features list
+- Introduce architectural and cluster safety notes to Token, Ipc, and Storage modules.
+
+### 🛠️ Fixes & Improvements
+
+- Add null safety checks for `odac.Request` and its `header` method when determining the default language.
+- add options support to authenticated routes (GET/POST)
+- Conditionally initialize Odac request-dependent components and provide a dedicated Odac instance with cleanup to cron jobs.
+- Enhance server port configuration to prioritize command-line arguments and environment variables
+- Initialize session in Route.js during form processing to ensure proper session availability before access, aligning with new coding standards.
+- **package:** resolve high severity npm vulnerabilities
+- Prevent form token expiration errors by dynamically generating forms at runtime.
+- Prevent middleware race conditions by synchronously capturing state and improve Tailwind CSS watcher robustness with auto-restart.
+- Refine error message styling in form validation
+- Replace insecure token generation with cryptographically secure random bytes for `token_x` and `token_y`.
+- **session:** change cookie SameSite policy to Lax for OAuth support
+
+
+
+---
+
+Powered by [⚡ ODAC](https://odac.run)
+
 ### Fix
 
 - Resolve WebSocket handshake error by echoing subprotocol header

package/README.md

@@ -6,6 +6,7 @@
 ## ✨ Key Features
 
 *   🚀 **Developer Friendly:** Simple setup and intuitive API design let you start building immediately.
+*   🎨 **Built-in Tailwind CSS:** Zero-config integration with Tailwind CSS v4. Automatic compilation and optimization out of the box.
 *   🔗 **Powerful Routing:** Create clean, custom URLs and manage infinite pages with a flexible routing system.
 *   ✨ **Seamless SPA Experience:** Automatic AJAX handling for forms and page transitions eliminates the need for complex client-side code.
 *   🛡️ **Built-in Security:** Automatic CSRF protection and secure default headers keep your application safe.
@@ -13,6 +14,7 @@
 *   🗄️ **Database Agnostic:** Integrated support for major databases (PostgreSQL, MySQL, SQLite) and Redis via Knex.js.
 *   🌍 **i18n Support:** Native multi-language support to help you reach a global audience.
 *   ⏰ **Task Scheduling:** Built-in Cron job system for handling background tasks and recurring operations.
+*   ⚡ **Zero-Config Early Hints:** Intelligent HTTP 103 implementation that requires **no setup**. ODAC automatically analyzes your views and serves assets instantly, drastically improving load times without a single line of code.
 
 ## 🛠️ Advanced Capabilities
 
@@ -51,6 +53,20 @@ cd my-app
 npm run dev
 ```
 
+## 📂 Project Structure
+
+```
+project/
+├── class/          # Business logic classes
+├── controller/     # HTTP request handlers
+├── middleware/     # Route middlewares
+├── public/         # Static assets
+├── route/          # Route definitions
+├── view/           # HTML templates
+├── .env            # Environment variables
+└── odac.json       # App configuration
+```
+
 ## 📚 Documentation
 
 For detailed guides, API references, and examples, visit our [official documentation](https://docs.odac.run).

package/bin/odac.js

@@ -3,69 +3,211 @@
 const fs = require('node:fs')
 const path = require('node:path')
 const readline = require('node:readline')
-const { execSync } = require('node:child_process')
+const {execSync, spawn} = require('node:child_process')
+const cluster = require('node:cluster')
 
 const command = process.argv[2]
 const args = process.argv.slice(3)
 
 const rl = readline.createInterface({
-    input: process.stdin,
-    output: process.stdout
+  input: process.stdin,
+  output: process.stdout
 })
 
 const ask = question => new Promise(resolve => rl.question(question, answer => resolve(answer.trim())))
 
-async function run() {
-    if (command === 'init') {
-        const projectName = args[0] || '.'
-        const targetDir = path.resolve(process.cwd(), projectName)
+/**
+ * Resolves Tailwind CSS paths and ensures required directories/files exist.
+ * Supports multiple CSS entry points from 'view/css'.
+ * @returns {Array<{ input: string, cssOutput: string, isCustom: boolean, name: string }>}
+ */
+function getTailwindConfigs() {
+  const cssDir = path.join(process.cwd(), 'view/css')
+  const cacheDir = path.join(process.cwd(), 'storage/.cache')
+  const defaultCssInput = path.join(cacheDir, 'tailwind.css')
+  const defaultCssOutput = path.join(process.cwd(), 'public/assets/css/app.css')
+
+  const configs = []
+
+  // Scan for custom CSS files
+  if (fs.existsSync(cssDir) && fs.lstatSync(cssDir).isDirectory()) {
+    const files = fs.readdirSync(cssDir).filter(file => file.endsWith('.css'))
+
+    files.forEach(file => {
+      const input = path.join(cssDir, file)
+      const cssOutput = path.join(process.cwd(), 'public/assets/css', file)
+
+      // Ensure output directory exists
+      const cssOutputDir = path.dirname(cssOutput)
+      fs.mkdirSync(cssOutputDir, {recursive: true})
+
+      configs.push({
+        input,
+        cssOutput,
+        isCustom: true,
+        name: file
+      })
+    })
+  }
+
+  // Fallback to default if no custom files found
+  if (configs.length === 0) {
+    fs.mkdirSync(cacheDir, {recursive: true})
+    try {
+      fs.writeFileSync(defaultCssInput, '@import "tailwindcss";', {flag: 'wx'})
+    } catch (e) {
+      if (e.code !== 'EEXIST') throw e
+    }
 
-        if (!fs.existsSync(targetDir)) fs.mkdirSync(targetDir, { recursive: true })
+    const cssOutputDir = path.dirname(defaultCssOutput)
+    fs.mkdirSync(cssOutputDir, {recursive: true})
 
-        console.log(`🚀 Initializing new Odac project in: ${targetDir}`)
-        const templateDir = path.resolve(__dirname, '../template')
+    configs.push({
+      input: defaultCssInput,
+      cssOutput: defaultCssOutput,
+      isCustom: false,
+      name: 'Default'
+    })
+  }
 
-        try {
-            fs.cpSync(templateDir, targetDir, { recursive: true })
+  return configs
+}
 
-            const pkgPath = path.join(targetDir, 'package.json')
-            const frameworkPkg = require('../package.json')
+async function run() {
+  if (command === 'init') {
+    const projectName = args[0] || '.'
+    const targetDir = path.resolve(process.cwd(), projectName)
 
-            const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'))
-            pkg.name = projectName === '.' ? path.basename(targetDir) : projectName
-            pkg.version = '0.0.1'
+    fs.mkdirSync(targetDir, {recursive: true})
 
-            if (!pkg.dependencies) pkg.dependencies = {}
-            pkg.dependencies[frameworkPkg.name] = `^${frameworkPkg.version}`
+    console.log(`🚀 Initializing new Odac project in: ${targetDir}`)
+    const templateDir = path.resolve(__dirname, '../template')
 
-            fs.writeFileSync(pkgPath, JSON.stringify(pkg, null, 2))
+    try {
+      fs.cpSync(templateDir, targetDir, {recursive: true})
 
-            console.log('\n📦 Installing dependencies...')
-            try {
-                execSync('npm install', {
-                    stdio: 'inherit',
-                    cwd: targetDir
-                })
-            } catch (err) {
-                console.warn('⚠️  npm install failed. You might need to run it manually.')
-                process.exit(1)
-            }
+      const pkgPath = path.join(targetDir, 'package.json')
+      const frameworkPkg = require('../package.json')
+
+      const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'))
+      pkg.name = projectName === '.' ? path.basename(targetDir) : projectName
+      pkg.version = '0.0.1'
+
+      if (!pkg.dependencies) pkg.dependencies = {}
+      pkg.dependencies[frameworkPkg.name] = `^${frameworkPkg.version}`
 
-            console.log('\n✨ Project initialized successfully!')
+      fs.writeFileSync(pkgPath, JSON.stringify(pkg, null, 2))
 
-        } catch (error) {
-            console.error('❌ Error initializing project:', error.message)
+      console.log('\n📦 Installing dependencies...')
+      try {
+        execSync('npm install', {
+          stdio: 'inherit',
+          cwd: targetDir
+        })
+      } catch (err) {
+        console.warn('⚠️  npm install failed. You might need to run it manually.')
+        process.exit(1)
+      }
+
+      console.log('\n✨ Project initialized successfully!')
+    } catch (error) {
+      console.error('❌ Error initializing project:', error.message)
+    }
+  } else if (command === 'dev') {
+    if (cluster.isPrimary) {
+      const configs = getTailwindConfigs()
+      const tails = []
+
+      configs.forEach(({input, cssOutput, name, isCustom}) => {
+        let tailwindProcess = null
+
+        const startWatcher = () => {
+          const localCli = path.join(process.cwd(), 'node_modules', '.bin', 'tailwindcss')
+          const useLocal = fs.existsSync(localCli)
+          const cmd = useLocal ? localCli : 'npx'
+          const args = useLocal ? ['-i', input, '-o', cssOutput, '--watch'] : ['@tailwindcss/cli', '-i', input, '-o', cssOutput, '--watch']
+
+          console.log(`🎨 Starting Tailwind CSS for ${name} (${isCustom ? 'Custom' : 'Default'})...`)
+          console.log(`📂 Watching directory: ${process.cwd()}`)
+
+          tailwindProcess = spawn(cmd, args, {
+            stdio: 'inherit',
+            shell: !useLocal, // Valid for npm/npx compatibility if local not found
+            cwd: process.cwd()
+          })
+
+          tailwindProcess.on('error', err => {
+            console.error(`❌ Tailwind watcher failed to start for ${name}:`, err.message)
+          })
+
+          tailwindProcess.on('exit', code => {
+            if (code !== 0 && code !== null) {
+              console.warn(`⚠️  Tailwind watcher for ${name} exited unexpectedly (code ${code}). Restarting in 1s...`)
+              setTimeout(startWatcher, 1000)
+            }
+          })
         }
 
-    } else if (command === 'dev') {
-        require('../index.js')
-    } else {
-        console.log('Usage:')
-        console.log('  npx odac init            (Interactive mode)')
-        console.log('  npx odac init <project>  (Quick mode)')
+        startWatcher()
+
+        // Push a wrapper compatible with the cleanup function
+        tails.push({
+          kill: () => {
+            if (tailwindProcess) tailwindProcess.kill()
+          }
+        })
+      })
+
+      const cleanup = () => {
+        tails.forEach(t => {
+          try {
+            t.kill()
+          } catch (e) {}
+        })
+      }
+      process.on('SIGINT', cleanup)
+      process.on('SIGTERM', cleanup)
+      process.on('exit', cleanup)
     }
 
-    rl.close()
+    require('../index.js')
+  } else if (command === 'build') {
+    console.log('🏗️  Building for production...')
+
+    const configs = getTailwindConfigs()
+    let hasError = false
+
+    configs.forEach(({input, cssOutput, name, isCustom}) => {
+      console.log(`🎨 Compiling ${name} (${isCustom ? 'Custom' : 'Default'}) CSS...`)
+      try {
+        execSync(`npx @tailwindcss/cli -i "${input}" -o "${cssOutput}" --minify`, {
+          stdio: 'inherit',
+          cwd: process.cwd()
+        })
+      } catch (error) {
+        console.error(`❌ Build failed for ${name}:`, error.message)
+        hasError = true
+      }
+    })
+
+    if (hasError) {
+      process.exit(1)
+    } else {
+      console.log('✅ All builds completed successfully!')
+    }
+  } else if (command === 'start') {
+    process.env.NODE_ENV = 'production'
+    require('../index.js')
+  } else {
+    console.log('Usage:')
+    console.log('  npx odac init            (Interactive mode)')
+    console.log('  npx odac init <project>  (Quick mode)')
+    console.log('  npx odac dev             (Development mode)')
+    console.log('  npx odac build           (Production build)')
+    console.log('  npx odac start           (Start server)')
+  }
+
+  rl.close()
 }
 
 run()