Conversation
…act) Replace the local shadcn `@/components/ui/*` components with the Seven design system, consumed via the `@etus/seven-react` umbrella package. - Migrate 29 components (Button, Card, Dialog, Form, Tabs, Avatar, Badge, Label, …) across 12 client files to `@etus/seven-react`. - Delete the now-redundant local components (avatar, badge, button, card, dialog, form, label, tabs) and their orphaned unit tests. - Wire Seven: import `@etus/seven-react/styles.css` and `@source` the `@etus/ui` dist so Tailwind v4 generates the components' arbitrary-value utilities; drop the hand-pasted theme tokens that @etus/tokens now owns. - Align @etus/ui + @etus/tokens to 0.4.0-beta.2 (matches the umbrella). - Migrate Badge from the deprecated `variant` prop to `type` + `color`. - Update tests coupled to old component markup to be robust against Seven. Kept local (Seven has no standalone runtime export for these — present in its .d.ts but undefined at runtime): `Input`, `Separator`. Mapping them to Seven's Divider/Field is deferred. Verified: build, lint, 252 client + 309 server unit tests, and visual checks of the login + 5 authenticated pages.
…rides Neutralize the `.dark` block in index.css the same way the light `@theme` was: @etus/tokens ships a full `.dark` token set and maps the `--color-*` utilities to it via `@theme inline`, so the hand-pasted `.dark` overrides were redundant and were winning over Seven's official dark palette. Keep only the tokens Seven doesn't provide (`error*`, `*-solid*`). Verified: dark body background flips from the hand-pasted blue-tinted value to Seven's neutral `oklch(0.1448 0 0)`; dark mode renders correctly across the app. Addresses review follow-up #1 on the Seven migration.
feat(ui): migrate frontend to the Seven design system (@etus/seven-react)
…th 0.7.0) Migrates the boilerplate to @etus/auth 0.7.0 and wires gateway-as-authority: when enabled, permissions are derived from what the gateway resolved for the app (RBAC ∪ access_grants), mapped to local permissions via SCOPE_MAP. The app stays BFF (no user tokens stored) — it queries the gateway with its own integration key. - Bump @etus/auth ^0.5.0 -> ^0.7.0; sessions move off KV onto D1 (createSqlSessionStore); dev-login writes the session to D1 only (no KV mirror). - gatewayAuthority block in setup.ts, OFF by default via ETUS_GATEWAY_AUTHORITY so a freshly generated app boots before its gateway resource + integration key exist; SCOPE_MAP in matrix.ts; adminScopes kept in lockstep with SCOPE_MAP keys. - New env vars (ETUS_RESOURCE_ID, ETUS_INTEGRATION_KEY, ETUS_GATEWAY_AUTHORITY) in env.ts/validateEnv, wrangler.json, .dev.vars.example, .env.example; the key is a secret. SETUP-GUIDE onboarding checklist for registering the web_app resource. - ETUS_ADMIN_EMAILS stays required (package needs >=1 admin) as a bootstrap fallback; with authority on, the gateway grants the real admin role. - Template synced via pnpm sync:template. Validated: typecheck (server+client) + lint clean; 299 unit + 94 integration pass.
…rity-default # Conflicts: # package.json # packages/bhono-app/templates/base/package.json # pnpm-lock.yaml
feat: gateway-as-authority as the default authz model (@etus/auth 0.7.0)
…g/, not root .dev.vars The @cloudflare/vite-plugin (configPath ./config/wrangler.json) reads vars from config/wrangler.json and secrets from config/.dev.vars — not the root .dev.vars. Putting ETUS_GATEWAY_AUTHORITY/ETUS_RESOURCE_ID/ETUS_INTEGRATION_KEY in the root .dev.vars is silently ignored (app falls back to ETUS_GATEWAY_AUTHORITY=false), which is an easy hour-long trap when testing gateway-as-authority locally.
…rs-note docs(auth): gateway-authority dev-local config goes in config/, not root .dev.vars
…, not roles) 0.8.0 removes the Phase 2 role derivation. Admin is now expressed as a scope that maps to ["*"] in SCOPE_MAP (bhono:admin), gated via requirePermission — so a gateway revocation drops access on the next request. Drops the (now-removed) adminScopes from the gatewayAuthority config. Synced to templates/base.
Generated apps now ship gateway-as-authority by default (@etus/auth 0.8.0, Seven design system, D1 sessions). Minor bump: new-app output behavior changed. Also syncs the CLI --version (was a stale 0.1.5, now 0.3.0).
The previous commit bumped @etus/bhono manually, which would have left @etus/create-bhono (the public `npx` entrypoint) pinned to `@etus/bhono ^0.2.0` — the range excludes 0.3.0, so generated apps would still pull the old template. Replace the manual package.json/CHANGELOG bump with a changeset that bumps BOTH packages (minor) and lets the release workflow update the internal dep range and generate the CHANGELOGs. The cli.ts --version fix (0.1.5 -> 0.3.0) stays.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Promotes
develop→masterso newly generated apps ship with the current authz model.What this brings
@etus/auth0.7.0 → 0.8.0): generated apps derive permissions from the gateway (scopeMap), keeping BFF. Admin is a scope (bhono:admin → ['*']), gated viarequirePermission. The 0.8.0 bump removed the Phase 2 role-derivation after an adversarial review (it persisted a role that couldn't be revoked) — admin is now a permission, not a derived role.createSqlSessionStore), dev-login D1-only.@etus/seven-react).SETUP-GUIDE, dev-vars-in-config/note.After merge (publish — your step)
Generated apps already pin
@etus/auth ^0.8.0. To makenpx @etus/bhonoemit them, the generator (@etus/bhono, currently 0.2.0) needs a version bump +npm publish. I can prepare the bump if you want it in this PR.Notes
masteris 2 merge-commits ahead (historical develop→master merges); no content divergence, merges clean.ETUS_GATEWAY_AUTHORITY=true.