zen/core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases Activity
457 Commits 1 Branch 0 Tags
3eeaebfa680c3de4118434517d316c3d13972c59
Commit Graph

6 Commits

Author SHA1 Message Date
hykocx b460ed0619 docs(modules): update server/client boundary docs and client manifest generation 
- update MODULES.md to document dual-entry pattern (main vs ./client) and explain why client entry must not import server-only code
- filter client manifest to only include modules exposing a `./client` subpath export
- add `moduleHasClientEntry` helper in discover.server.js to check package.json exports
- update cli.js to use `moduleHasClientEntry` when rendering the client manifest
- update init.js and modules/index.js to align with new client entry convention
 2026-04-25 14:43:00 -04:00
hykocx 7f89c35969 refactor(init): skip module register() call during db init to avoid next.js imports 
- update comment to clarify that only manifest.permissions are registered before seed
- remove register() invocation from loadModules() to prevent incompatible next.js imports in cli context
 2026-04-25 12:39:11 -04:00
hykocx a3aff9fa49 feat(modules): add external module system with auto-discovery and public pages support 
- add `src/core/modules/` with registry, discovery (server), and public index
- add `src/core/public-pages/` with registry, server component, and public index
- add `src/core/users/permissions-registry.js` for runtime permission registration
- expose `./modules`, `./public-pages`, and `./public-pages/server` package exports
- rename `registerFeatureRoutes` to `registerApiRoutes` with backward-compatible alias
- extend `seedDefaultRolesAndPermissions` to include module-registered permissions
- update `initializeZen` and shared init to wire module discovery and registration
- add `docs/MODULES.md` documenting the `@zen/module-*` authoring contract
- update `docs/DEV.md` with references to module system docs
 2026-04-25 10:50:13 -04:00
hykocx 0106bc4ea0 feat(core)!: introduce runtime extension registry and flat module conventions 
BREAKING CHANGE: sup config now derives entries from package.json#exports and a server/client glob instead of manual lists; module structure follows flat + barrel convention with .server.js/.client.js runtime suffixes
 2026-04-22 14:13:30 -04:00
hykocx 7ef37e3ebd refactor: reorganize package exports under namespaced paths 
- Prefix feature exports with `features/` (auth, admin, provider)
- Prefix shared exports with `shared/` (components, icons, lib, config, logger, rate-limit)
- Add new explicit exports for `shared/logger`, `shared/config`, and `shared/rate-limit`
- Update internal imports to use package self-referencing (`@zen/core/shared/*`) instead of relative paths
 2026-04-14 19:57:48 -04:00
hykocx a3921a0b98 feat(database): refactor CLI, add column whitelist, and SSL config 
- Add `ZEN_DB_SSL_DISABLED` env variable to allow disabling SSL for database connections
- Refactor database CLI to split init logic into `initFeatures` and `initModules` for modular table initialization, with graceful fallback when modules are absent
- Extract `printHelp` and `askConfirmation` helpers for cleaner CLI structure
- Ensure `closePool` is called on both success and error paths in CLI
- Add `filterAllowedColumns` utility in `crud.js` to enforce column whitelists, preventing mass-assignment of privileged fields (e.g. `role`, `email_verified`)
- Update drop command description from "auth tables" to "all tables"
 2026-04-13 16:35:23 -04:00