piezas 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +309 -0
- package/package.json +27 -0
- package/src/index.js +2000 -0
- package/src/templates/piezas-instructions.md +674 -0
- package/src/templates/piezas-spec.md +164 -0
package/README.md
ADDED
|
@@ -0,0 +1,309 @@
|
|
|
1
|
+
# piezas
|
|
2
|
+
|
|
3
|
+
Set up [Piezas](https://piezas.ai) in your project with one command. Installs the SDK and configures your AI coding agent (Claude Code, Cursor, Codex, Windsurf) to use Piezas as your backend.
|
|
4
|
+
|
|
5
|
+
## Quick Start
|
|
6
|
+
|
|
7
|
+
```bash
|
|
8
|
+
npx piezas init
|
|
9
|
+
```
|
|
10
|
+
|
|
11
|
+
Then generate a spec before coding:
|
|
12
|
+
|
|
13
|
+
```bash
|
|
14
|
+
# Claude Code
|
|
15
|
+
/piezas-spec "booking app for a small consulting team"
|
|
16
|
+
|
|
17
|
+
# Cursor, Codex, Windsurf, or other agents
|
|
18
|
+
/piezas-spec booking app for a small consulting team
|
|
19
|
+
```
|
|
20
|
+
|
|
21
|
+
Or create and initialize a new folder:
|
|
22
|
+
|
|
23
|
+
```bash
|
|
24
|
+
npx piezas init my-app
|
|
25
|
+
```
|
|
26
|
+
|
|
27
|
+
Choose a deployment mode when you already know it:
|
|
28
|
+
|
|
29
|
+
```bash
|
|
30
|
+
npx piezas init --mode next-bff # "frontend with a small server layer" — any framework
|
|
31
|
+
```
|
|
32
|
+
|
|
33
|
+
Piezas is framework-agnostic: the platform is plain HTTPS/OpenAPI, and the
|
|
34
|
+
generated agent instructions tell your coding agent to honor *your* framework
|
|
35
|
+
choice (Vite+Express, Remix, SvelteKit, Next.js, or a non-JS stack) rather
|
|
36
|
+
than prescribing one. Mode names are historical labels, not requirements.
|
|
37
|
+
|
|
38
|
+
(`--mode static` also exists for server-less static hosting, but is **not
|
|
39
|
+
recommended yet**: static apps must rely on public guest tokens, and per-token
|
|
40
|
+
permission enforcement hasn't shipped platform-wide. Prefer a server-capable
|
|
41
|
+
mode like `next-bff` until it does.)
|
|
42
|
+
|
|
43
|
+
For server-capable apps, add an SDK-backed MCP route for agent tool access:
|
|
44
|
+
|
|
45
|
+
```bash
|
|
46
|
+
npx piezas init --mode next-bff --mcp
|
|
47
|
+
```
|
|
48
|
+
|
|
49
|
+
Add recipe guidance for common product shapes:
|
|
50
|
+
|
|
51
|
+
```bash
|
|
52
|
+
npx piezas init --recipe booking-site
|
|
53
|
+
npx piezas init --recipe crm-project-finance --recipe client-services-os
|
|
54
|
+
```
|
|
55
|
+
|
|
56
|
+
Bring your API key from the dashboard (any one of these):
|
|
57
|
+
|
|
58
|
+
```bash
|
|
59
|
+
npx piezas init --key sk_live_xxx # pass it directly
|
|
60
|
+
npx piezas init # paste it at the prompt (TTY only)
|
|
61
|
+
npx piezas init --wait # watch the folder for the dashboard's downloaded .env
|
|
62
|
+
npx piezas init --wait --wait-timeout 600 # ... for up to 10 minutes
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
`init` looks for a key in this order: `--key` (replaces an existing `.env`
|
|
66
|
+
value — passing it explicitly means you want it set), an existing
|
|
67
|
+
`PIEZAS_API_KEY` in the project's `.env` (kept as-is), `PIEZAS_API_KEY` in
|
|
68
|
+
your environment (never overrides an already-configured project), an
|
|
69
|
+
interactive paste prompt, then `--wait` (polls every 2s for a dropped-in
|
|
70
|
+
`.env`, `.env.download`, or `env.txt`; the drop file is removed once the key
|
|
71
|
+
is moved into `.env`). A missing key is not an error — the project is still
|
|
72
|
+
scaffolded and the summary tells you where to put the key.
|
|
73
|
+
|
|
74
|
+
## Sign In From the Terminal
|
|
75
|
+
|
|
76
|
+
No dashboard needed — sign in once, then let `init` create the app and key:
|
|
77
|
+
|
|
78
|
+
```bash
|
|
79
|
+
npx piezas login # prints a short code and opens your browser to approve it
|
|
80
|
+
npx piezas whoami # shows the signed-in tenant and email (exit 1 when logged out)
|
|
81
|
+
npx piezas logout # removes the saved session
|
|
82
|
+
```
|
|
83
|
+
|
|
84
|
+
`login` starts a device-code sign-in: it shows a short code, opens
|
|
85
|
+
`app.piezas.ai/device` in your browser (the URL is always printed in case the
|
|
86
|
+
browser does not open), and waits for you to approve the code — sign-up works
|
|
87
|
+
on the same page. The session is saved to `~/.piezas/credentials.json`
|
|
88
|
+
(permissions `600`; override the directory with `PIEZAS_HOME`). The API base
|
|
89
|
+
is `https://api.piezas.ai` by default; override with `--api-base <url>` or
|
|
90
|
+
`PIEZAS_API_BASE`. All three commands support `--json`.
|
|
91
|
+
|
|
92
|
+
Once signed in, `init` can finish the whole setup from the terminal. When no
|
|
93
|
+
API key is found by the intake order above, `init` offers to create an app
|
|
94
|
+
named after your folder (or `--app <name>`) and mint a live key bound to it,
|
|
95
|
+
writing the key straight into `.env`:
|
|
96
|
+
|
|
97
|
+
```bash
|
|
98
|
+
npx piezas login
|
|
99
|
+
npx piezas init --from-login # non-interactive: always use the saved login
|
|
100
|
+
npx piezas init # interactive: you'll be offered the same thing
|
|
101
|
+
```
|
|
102
|
+
|
|
103
|
+
If the app name already exists in your account, the existing app is reused
|
|
104
|
+
and a fresh key is minted for it. If the saved session has expired, `init`
|
|
105
|
+
says so and continues without a key — run `npx piezas login` again. Without a
|
|
106
|
+
saved session, `init` behaves exactly as before.
|
|
107
|
+
|
|
108
|
+
Agent-friendly flags: `--yes` never prompts, `--app <name>` records the app
|
|
109
|
+
name in `piezas.manifest.json`, `--from-login` mints a key with the saved
|
|
110
|
+
`piezas login` session when none is found, and `--json` prints a
|
|
111
|
+
machine-readable summary (`apiKey`, `apiKeySource`, `envPath`,
|
|
112
|
+
`gitignoreUpdated`, `cursorRulesPath`, `appName`) on stdout. Exit codes: `0`
|
|
113
|
+
success (even without a key), `1` failure, `2` usage error.
|
|
114
|
+
|
|
115
|
+
This will:
|
|
116
|
+
|
|
117
|
+
- Install `@piezas/sdk`
|
|
118
|
+
- Create `package.json` when one does not exist
|
|
119
|
+
- Create `piezas.manifest.json` as the app/Piezas ownership and deployment-mode source of truth (records `appName` and `apiBaseUrl`)
|
|
120
|
+
- Write `PIEZAS_API_KEY` into `.env` and make sure `.gitignore` covers `.env` (existing patterns like `*.env` are respected)
|
|
121
|
+
- Add recipe ownership and setup-order guidance when `--recipe` is provided
|
|
122
|
+
- Optionally scaffold `app/api/piezas/mcp/route.ts` when `--mcp` is used with a server-capable mode
|
|
123
|
+
- Add Piezas instructions to `CLAUDE.md`, `.cursor/rules/piezas.mdc`, `.cursorrules`, `AGENTS.md`, and `.windsurfrules`
|
|
124
|
+
- Create a `.claude/commands/piezas.md` slash command for Claude Code
|
|
125
|
+
- Create `.claude/commands/piezas-spec.md` and `.piezas/spec-builder.md` for spec-first app generation
|
|
126
|
+
|
|
127
|
+
The generated instructions are an operating manual for AI coding agents. They
|
|
128
|
+
cover the init -> spec -> code workflow, the Piezas/app ownership boundary,
|
|
129
|
+
static vs server-runtime deployment mode, server-side API key handling, SDK
|
|
130
|
+
usage, live OpenAPI specs, integration OAuth rules, app-scoped connector
|
|
131
|
+
configuration, public sessions, durable access logs, durable/sync jobs, document
|
|
132
|
+
extraction, e-signature state, accounting posting helpers, search/import/export,
|
|
133
|
+
reconciliation helpers, thin server adapters, SDK-backed MCP routes, and common
|
|
134
|
+
CRM, public intake, booking, finance, and project-tracker patterns.
|
|
135
|
+
|
|
136
|
+
## Spec-First Workflow
|
|
137
|
+
|
|
138
|
+
Use this sequence for broad product requests:
|
|
139
|
+
|
|
140
|
+
1. Run `npx piezas init`.
|
|
141
|
+
2. Run `/piezas-spec [idea]` in Claude Code, or ask Cursor/Codex/Windsurf for `/piezas-spec [idea]` or "Piezas spec mode".
|
|
142
|
+
3. The agent interviews the user one question at a time and writes `SPEC.md` or `specs/`.
|
|
143
|
+
4. Ask the agent to code from the finalized spec.
|
|
144
|
+
5. Run `npx piezas doctor` before deployment.
|
|
145
|
+
|
|
146
|
+
Spec mode does not implement code. It creates the buildable product/architecture
|
|
147
|
+
spec first so the coding agent has a concrete target and a Piezas service map.
|
|
148
|
+
|
|
149
|
+
## Guardrail Scan
|
|
150
|
+
|
|
151
|
+
After an AI coding agent generates or edits the app, run:
|
|
152
|
+
|
|
153
|
+
```bash
|
|
154
|
+
npx piezas doctor
|
|
155
|
+
```
|
|
156
|
+
|
|
157
|
+
`doctor` checks for architecture mistakes that sparse prompts often miss:
|
|
158
|
+
|
|
159
|
+
- `PIEZAS_API_KEY` exposed to browser/client code
|
|
160
|
+
- static deployments that accidentally contain server routes or server actions
|
|
161
|
+
- admin tokens/passwords passed through URL query params
|
|
162
|
+
- public booking flows that trust hidden time fields without server-side slot revalidation
|
|
163
|
+
- local database dependencies that may duplicate Piezas-owned business records
|
|
164
|
+
- OAuth token storage in app code
|
|
165
|
+
- dynamic route params that appear unused
|
|
166
|
+
- hardcoded integration action IDs without connector action discovery
|
|
167
|
+
- coverage configs that exclude app/API/server-action code
|
|
168
|
+
|
|
169
|
+
Use strict mode in CI when you want warnings to fail:
|
|
170
|
+
|
|
171
|
+
```bash
|
|
172
|
+
npx piezas doctor --strict
|
|
173
|
+
```
|
|
174
|
+
|
|
175
|
+
Print machine-readable output:
|
|
176
|
+
|
|
177
|
+
```bash
|
|
178
|
+
npx piezas doctor --json
|
|
179
|
+
```
|
|
180
|
+
|
|
181
|
+
## What is Piezas?
|
|
182
|
+
|
|
183
|
+
Piezas by [Softmax Data](https://softmaxdata.com) is a suite of backend services so you don't have to build your own. It includes:
|
|
184
|
+
|
|
185
|
+
- **Entity Records** — Store any business data (contacts, products, cases)
|
|
186
|
+
- **Pipeline Engine** — Kanban boards and stage workflows
|
|
187
|
+
- **Task Engine** — Task management with priorities and due dates
|
|
188
|
+
- **Notifications** — Email and in-app notifications
|
|
189
|
+
- **Calendar** — Event scheduling
|
|
190
|
+
- **Messaging** — Sequences and campaigns
|
|
191
|
+
- **Workflow** — Automation and triggers
|
|
192
|
+
- **Durable Jobs** — Deferred work, retries, stale-lock recovery, reminders, imports, and sync state
|
|
193
|
+
- **Forms** — Form builder and submissions
|
|
194
|
+
- **Documents** — File storage and management
|
|
195
|
+
- **Document Workflows** — Extraction jobs and signature request state
|
|
196
|
+
- **Reporting** — Analytics and dashboards
|
|
197
|
+
- **Pricing** — Product and pricing management
|
|
198
|
+
- **Discussion** — Threaded conversations
|
|
199
|
+
- **Knowledge Base** — Document ingestion, semantic search, and AI Q&A
|
|
200
|
+
- **Integrations** — OAuth connections, scoped grants, and provider actions
|
|
201
|
+
- **Connector Pack** — Google Calendar, Gmail, Google Drive, Zoom, HubSpot, DocuSign, QuickBooks, and AWS Textract-compatible proxy actions
|
|
202
|
+
- **Admin/access** — Tenant users, invite-only signup, app registry, public sessions, durable access logs, and audit events
|
|
203
|
+
- **MCP-ready SDK surface** — Server apps can expose Piezas entity, pipeline, and task tools to approved agents through `piezasMcp`
|
|
204
|
+
|
|
205
|
+
## App-Scoped Integrations
|
|
206
|
+
|
|
207
|
+
For products with multiple generated apps, domains, OAuth callback URLs, or provider permission sets, create one Piezas tenant app per app/use case. The tenant app stores allowed origins, redirect URIs, auth policy metadata, and connector/purpose policy. Integrations can then store provider client credentials with `appId` and `purpose`, and OAuth calls pass the same `appId`/`purpose`.
|
|
208
|
+
|
|
209
|
+
That means a booking app that needs Google Calendar and Zoom can stay separate from an internal app that only needs Google identity or Gmail-backed sending. Generated apps should store only the Piezas tenant app slug/id, connection IDs, grant IDs, and business record references.
|
|
210
|
+
|
|
211
|
+
## MCP Route
|
|
212
|
+
|
|
213
|
+
`@piezas/sdk` includes `piezasMcp`, so there is no separate public MCP package to install. For Next.js/server-runtime apps:
|
|
214
|
+
|
|
215
|
+
```bash
|
|
216
|
+
npx piezas init --mode next-bff --mcp
|
|
217
|
+
```
|
|
218
|
+
|
|
219
|
+
This creates `app/api/piezas/mcp/route.ts`, wired to `piezasMcp` from `@piezas/sdk`. The generated route rejects anonymous requests until the app supplies auth plus tenant/user context. Replace the placeholder guard with your real session check before exposing it to users or agents. Static deployments should not host this route; use a separate server adapter if agent tool access is needed.
|
|
220
|
+
|
|
221
|
+
## Next Steps
|
|
222
|
+
|
|
223
|
+
1. Get an API key at [app.piezas.ai](https://app.piezas.ai)
|
|
224
|
+
2. Add `PIEZAS_API_KEY=sk_live_xxx` to your server-side environment
|
|
225
|
+
3. Run `/piezas-spec [idea]` or ask for Piezas spec mode
|
|
226
|
+
4. Tell your AI agent to code from `SPEC.md` or `specs/`
|
|
227
|
+
5. Run `npx piezas doctor` before deployment
|
|
228
|
+
|
|
229
|
+
## SDK Usage
|
|
230
|
+
|
|
231
|
+
```typescript
|
|
232
|
+
import { Piezas } from '@piezas/sdk';
|
|
233
|
+
|
|
234
|
+
const piezas = new Piezas({
|
|
235
|
+
apiKey: process.env.PIEZAS_API_KEY,
|
|
236
|
+
entitiesUrl: 'https://api.piezas.ai/entities',
|
|
237
|
+
pipelineUrl: 'https://api.piezas.ai/pipeline',
|
|
238
|
+
tasksUrl: 'https://api.piezas.ai/tasks',
|
|
239
|
+
notificationsUrl: 'https://api.piezas.ai/notify',
|
|
240
|
+
integrationsUrl: 'https://api.piezas.ai/integrations',
|
|
241
|
+
calendarUrl: 'https://api.piezas.ai/calendar',
|
|
242
|
+
workflowUrl: 'https://api.piezas.ai/workflow',
|
|
243
|
+
messagingUrl: 'https://api.piezas.ai/messaging',
|
|
244
|
+
formsUrl: 'https://api.piezas.ai/forms',
|
|
245
|
+
documentsUrl: 'https://api.piezas.ai/documents',
|
|
246
|
+
reportingUrl: 'https://api.piezas.ai/reporting',
|
|
247
|
+
pricingUrl: 'https://api.piezas.ai/pricing',
|
|
248
|
+
discussionUrl: 'https://api.piezas.ai/discussion',
|
|
249
|
+
knowledgeBaseUrl: 'https://api.piezas.ai/knowledge-base',
|
|
250
|
+
adminUrl: 'https://api.piezas.ai/admin',
|
|
251
|
+
});
|
|
252
|
+
|
|
253
|
+
// Define entity types (idempotent — safe to re-run)
|
|
254
|
+
await piezas.defineEntities({
|
|
255
|
+
contact: {
|
|
256
|
+
fields: {
|
|
257
|
+
email: { type: 'email', required: true },
|
|
258
|
+
status: { type: 'select', options: ['active', 'lead'] },
|
|
259
|
+
},
|
|
260
|
+
},
|
|
261
|
+
});
|
|
262
|
+
|
|
263
|
+
// CRUD
|
|
264
|
+
const record = await piezas.contacts.create({ title: 'Jane', data: { email: 'jane@example.com' } });
|
|
265
|
+
const list = await piezas.contacts.list({ limit: 50 });
|
|
266
|
+
const search = await piezas.contacts.search({ q: 'jane' });
|
|
267
|
+
const slots = await piezas.calendar.getAvailableSlots({
|
|
268
|
+
calendarId: 'calendar-id',
|
|
269
|
+
dateFrom: '2026-05-25T00:00:00Z',
|
|
270
|
+
dateTo: '2026-05-26T00:00:00Z',
|
|
271
|
+
});
|
|
272
|
+
await piezas.workflow.enqueueJob({ type: 'followup.reminder', payload: { recordId: record.id } });
|
|
273
|
+
await piezas.workflow.enqueueSyncJob({ connector: 'gmail', resource: 'messages', direction: 'pull' });
|
|
274
|
+
await piezas.documents.createExtractionJob({
|
|
275
|
+
documentId: 'document-id',
|
|
276
|
+
provider: 'aws_textract',
|
|
277
|
+
requestedFields: ['invoice_number', 'total'],
|
|
278
|
+
});
|
|
279
|
+
await piezas.documents.createSignatureRequest({
|
|
280
|
+
title: 'MSA',
|
|
281
|
+
documentId: 'document-id',
|
|
282
|
+
provider: 'docusign',
|
|
283
|
+
signers: [{ name: 'Jane Client', email: 'jane@example.com' }],
|
|
284
|
+
});
|
|
285
|
+
await piezas.admin.createTenantApp('tenant-id', {
|
|
286
|
+
slug: 'booking-portal',
|
|
287
|
+
name: 'Booking portal',
|
|
288
|
+
allowedOrigins: ['https://book.example.com'],
|
|
289
|
+
allowedRedirectUris: ['https://book.example.com/integrations/connected'],
|
|
290
|
+
integrationPolicy: {
|
|
291
|
+
connectors: {
|
|
292
|
+
google_calendar: { purposes: ['calendar_availability'] },
|
|
293
|
+
zoom: { purposes: ['meeting_links'] },
|
|
294
|
+
},
|
|
295
|
+
},
|
|
296
|
+
});
|
|
297
|
+
const authUrl = await piezas.integrations.getAuthorizationUrl('google_calendar', {
|
|
298
|
+
appId: 'booking-portal',
|
|
299
|
+
purpose: 'calendar_availability',
|
|
300
|
+
userId: 'app-user-1',
|
|
301
|
+
returnUrl: 'https://book.example.com/integrations/connected',
|
|
302
|
+
});
|
|
303
|
+
```
|
|
304
|
+
|
|
305
|
+
See the [full SDK documentation](https://www.npmjs.com/package/@piezas/sdk) for more.
|
|
306
|
+
|
|
307
|
+
## License
|
|
308
|
+
|
|
309
|
+
MIT
|
package/package.json
ADDED
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "piezas",
|
|
3
|
+
"version": "0.2.0",
|
|
4
|
+
"description": "Set up Piezas in your project — installs the SDK and configures AI coding agents",
|
|
5
|
+
"type": "module",
|
|
6
|
+
"bin": {
|
|
7
|
+
"piezas": "src/index.js"
|
|
8
|
+
},
|
|
9
|
+
"scripts": {
|
|
10
|
+
"test": "node --test"
|
|
11
|
+
},
|
|
12
|
+
"files": [
|
|
13
|
+
"src",
|
|
14
|
+
"README.md"
|
|
15
|
+
],
|
|
16
|
+
"keywords": [
|
|
17
|
+
"piezas",
|
|
18
|
+
"claude-code",
|
|
19
|
+
"ai-assisted-coding",
|
|
20
|
+
"ai-generated-apps",
|
|
21
|
+
"backend",
|
|
22
|
+
"api",
|
|
23
|
+
"sdk"
|
|
24
|
+
],
|
|
25
|
+
"author": "Softmax Data Inc.",
|
|
26
|
+
"license": "MIT"
|
|
27
|
+
}
|