Skip to content

docs: api v2 and examples app setup #27290

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
supalarry wants to merge 3 commits into
base: main
Choose a base branch
from
Open

docs: api v2 and examples app setup #27290

supalarry wants to merge 3 commits into from
+256 −98

Conversation

@supalarry
Copy link
Contributor

@supalarry supalarry commented Jan 27, 2026
edited by devin-ai-integration bot
Loading

What does this PR do?

Expands API v2 and platform examples app setup documentation to streamline local development, with clearer docs, pre-filled env examples, and a new secret generator script.

Summary of Changes

  • New README-PLATFORM.md: Step-by-step local setup guide for API v2 + atoms examples app (OAuth/OAuth2, Stripe, Apple Calendar)
  • New generate-secrets script: Creates OAuth2 client secrets and writes them to .generated-secrets file (not logged to console for security)
  • Updated API v2 README: Simplified to a concise local dev guide; fixed env file path typo (apps/api/v2/.env instead of apps/api/v2.env)
  • Enriched .env.example files: Pre-filled with sensible local defaults including DATABASE_DIRECT_URL and updated GET_LICENSE_KEY_URL

Mandatory Tasks (DO NOT REMOVE)

  • I have self-reviewed the code (A decent size PR without self-review might be rejected).
  • I have updated the developer docs in /docs if this PR makes changes that would require a documentation change. N/A - this PR is documentation itself.
  • I confirm automated tests are in place that prove my fix is effective or that my feature works. N/A - documentation only.

How should this be tested?

  1. Follow the steps in apps/api/v2/README.md to set up API v2 locally
  2. Run yarn generate-secrets in apps/api/v2 and verify secrets are written to .generated-secrets file (not logged to console)
  3. Follow apps/api/v2/README-PLATFORM.md to set up the platform examples app
  4. Verify the examples app can authenticate with API v2 using the generated secrets

Checklist

  • My code follows the style guidelines of this project
  • I have checked if my changes generate no new warnings
  • My PR is not too large

Link to Devin run: https://app.devin.ai/sessions/eac833c0aaf84b7a83c3885abf8a2f07
Requested by: unknown ()

@supalarry supalarry requested review from a team as code owners January 27, 2026 11:59
@linear
Copy link

linear bot commented Jan 27, 2026

CAL-7125 docs: api v2, atoms, examples app setup

@graphite-app graphite-app bot added the core area: core, team members only label Jan 27, 2026
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Jan 27, 2026
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

3 issues found across 6 files

Prompt for AI agents (all issues) 

Check if these issues are valid — if so, understand the root cause of each and fix them.


<file name="apps/api/v2/README-PLATFORM.md">

<violation number="1" location="apps/api/v2/README-PLATFORM.md:31">
P2: Replace the concrete OAuth secret values in the docs with placeholders (e.g., `<PLAINTEXT_SECRET>`). Shipping real-looking secrets in documentation can lead to accidental exposure or reuse.

(Based on your team's feedback about avoiding exposing actual OAuth client secrets.) [FEEDBACK_USED]</violation>
</file>

<file name="apps/api/v2/README.md">

<violation number="1" location="apps/api/v2/README.md:16">
P2: The env file rename path is incorrect (`apps/api/v2.env` instead of `apps/api/v2/.env`), which will mislead developers and cause the app to miss the env file. Update the path to include the directory separator.</violation>
</file>

<file name="apps/api/v2/scripts/generate-secrets.ts">

<violation number="1" location="apps/api/v2/scripts/generate-secrets.ts:5">
P1: Rule violated: **Avoid Logging Sensitive Information**

Remove logging of generated secrets to avoid exposing sensitive authentication data in logs.</violation>
</file>

Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.

@github-actions
Copy link
Contributor

github-actions bot commented Jan 27, 2026

Devin AI is addressing Cubic AI's review feedback

A Devin session has been created to address the issues identified by Cubic AI.

View Devin Session

@devin-ai-integration
fix: address Cubic AI review feedback
231c922 
- Fix env file path typo in README.md (apps/api/v2.env -> apps/api/v2/.env)
- Write generated secrets to file instead of logging to console
- Add .generated-secrets to gitignore
- Update README-PLATFORM.md to reflect new secret generation behavior

Co-Authored-By: unknown <>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

consumer core area: core, team members only size/L

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

docs: api v2, atoms, examples app setup

2 participants

@supalarry