feat: Add support for AI dev agents plugin#869
Conversation
…nts/ directory, and conditionally CLAUDE.md for Baseplate projects
…erification model IDs
🦋 Changeset detectedLatest commit: 93ae7fd The changes in this PR will be included in the next version bump. This PR includes changesets to release 24 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
✅ Files skipped from review due to trivial changes (1)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthroughAdds a new Changes
Sequence DiagramsequenceDiagram
participant RPC as RootPackageCompiler
participant PC as PluginStore
participant RCS as rootCompilerSpec
participant PLC as PluginRootCompiler
participant GB as GeneratorBundles
RPC->>RCS: use(rootCompilerSpec)
RCS->>PC: request configured compilers
PC->>PLC: iterate PluginRootCompiler instances
loop per plugin compiler
PLC->>PLC: compile(options)
PLC-->>GB: return Record<string, GeneratorBundle>
end
GB->>RCS: collect bundles
RCS->>RCS: safeMerge all bundles
RCS-->>RPC: aggregated pluginChildren
RPC->>RPC: merge pluginChildren into root nodeGenerator children
Estimated code review effort🎯 4 (Complex) | ⏱️ ~55 minutes Possibly related PRs
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 6
🧹 Nitpick comments (9)
plugins/plugin-ai/CHANGELOG.md (1)
1-1: Consider adding an initial version entry.While the package header is present, the changelog would benefit from documenting the initial release. Consider adding a version entry that describes the features being introduced.
Example structure:
# `@baseplate-dev/plugin-ai` ## 0.1.0 Initial release - Add support for AI dev agents plugin - Add AI agent documentation and configuration generation🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@plugins/plugin-ai/CHANGELOG.md` at line 1, Add an initial release entry to the CHANGELOG.md under the existing package header by inserting a version section (e.g., "## 0.1.0") and a short "Initial release" description plus bullet points summarizing the features introduced (for example: "Add support for AI dev agents plugin", "Add AI agent documentation and configuration generation"); update the header block in CHANGELOG.md accordingly so the file lists the package name followed by the 0.1.0 entry and its feature bullets.plugins/plugin-ai/.gitignore (1)
65-81: Minor: Duplicate.cacheentries.The
.cachepattern appears multiple times (lines 65, 77, 81). While harmless, consider consolidating to reduce noise.🧹 Suggested cleanup
# parcel-bundler cache (https://parceljs.org/) -.cache .parcel-cache # Next.js build output .next out # Nuxt.js build / generate output .nuxt dist # Gatsby files -.cache/ +# Caches (Parcel, Gatsby, VuePress, etc.) +.cache # vuepress v2.x temp and cache directory .temp -.cache🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@plugins/plugin-ai/.gitignore` around lines 65 - 81, Remove duplicate .cache entries in the .gitignore by keeping a single .cache pattern and deleting the redundant occurrences (refer to the .cache entries in the current diff); ensure other distinct ignore patterns like .parcel-cache, .next, out, .nuxt, dist, .temp remain untouched to preserve intended exclusions.plugins/plugin-ai/index.html (1)
14-14: Consider updatinges-module-shimsto the latest version for consistency and future enhancements.The current version (1.5.17) from 2022 is outdated and should be upgraded to 2.8.0. The newer version maintains full backward compatibility and is safe to deploy. Note: all 8 plugin index.html files use this version—updating one requires updating all for consistency.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@plugins/plugin-ai/index.html` at line 14, Update the es-module-shims script tag to use the new 2.8.0 release: locate the <script src="...es-module-shims@1.5.17..."> occurrences (e.g., in plugins/plugin-ai/index.html) and replace the version number 1.5.17 with 2.8.0 in that src URL; repeat the same change in all eight plugin index.html files so they remain consistent.plugins/plugin-ai/src/styles.css (1)
3-4: Consider aligning the CSS prefix with plugin naming conventions.The Tailwind prefix
devagentsis used here, while the coding guidelines suggest plugin prefixes should match the plugin name (e.g.,auth:,storage:). Forplugin-ai, the expected prefix would beai:.If
devagentsis intentional for this submodule, this is fine—just ensure all componentclassNameattributes in this plugin consistently use the same prefix.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@plugins/plugin-ai/src/styles.css` around lines 3 - 4, The Tailwind prefix in plugins/plugin-ai/src/styles.css currently uses "devagents" in the `@import` lines (the prefix(devagents) on the imports); update the prefix to match the plugin naming convention by replacing that prefix with "ai" (i.e., use prefix(ai)) or, if "devagents" is intentionally required, ensure all component className values across this plugin consistently use the devagents: prefix; locate the prefix in the two import statements in styles.css and make the change or validate consistency accordingly.examples/blog-with-auth/baseplate/project-definition.json (1)
656-657: Consider: Partial UUID v7 migration.Only auth-related models (
User,UserAccount,UserSession) are updated touuidv7, while other models (Article,Blog,BlogPost,AuthVerification) remain onuuidv4. If the intent is to migrate all models to v7 for time-ordered IDs, consider updating the remaining models for consistency. Otherwise, this selective change is reasonable if auth models specifically benefit from time-ordering.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@examples/blog-with-auth/baseplate/project-definition.json` around lines 656 - 657, The project-definition currently sets "options": { "defaultGeneration": "uuidv7" } and "type": "uuid" for only the auth models (User, UserAccount, UserSession); to make ID generation consistent, update the remaining models (Article, Blog, BlogPost, AuthVerification) to use the same "options": { "defaultGeneration": "uuidv7" } and "type": "uuid" entry in their model definitions, or explicitly document in the schema why only the auth models use uuidv7 if you intend to keep them mixed; locate and modify the model objects named Article, Blog, BlogPost, and AuthVerification in the JSON and add the same defaultGeneration setting as used for User/UserAccount/UserSession.examples/todo-with-better-auth/apps/backend/prisma/schema.prisma (1)
74-80: Inconsistent UUID generation strategy across models.
Customer,TodoItem,TodoItemAttachment,TodoList,UserImage,UserProfile, andVerificationstill usegen_random_uuid()while auth-related models now useuuidv7(). If this inconsistency is intentional (e.g., only auth models need time-ordered UUIDs), consider adding a comment documenting this design decision.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@examples/todo-with-better-auth/apps/backend/prisma/schema.prisma` around lines 74 - 80, The schema shows mixed UUID generation strategies: models Customer, TodoItem, TodoItemAttachment, TodoList, UserImage, UserProfile, and Verification use gen_random_uuid() while auth-related models use uuidv7(); either standardize by replacing gen_random_uuid() with uuidv7() across those models (e.g., update the `@default`(dbgenerated("gen_random_uuid()")) usage in model Customer and the other listed models to `@default`(dbgenerated("uuidv7()"))) or, if the difference is intentional, add a clear comment above the affected models (Customer, TodoItem, TodoItemAttachment, TodoList, UserImage, UserProfile, Verification) documenting why auth models use uuidv7() and others use gen_random_uuid() so the design decision is explicit.plugins/plugin-ai/package.json (1)
35-49: Missingtestscript despitevitestbeing in devDependencies.The package includes
vitestbut doesn't define atestscript. If tests are planned, consider adding the script for consistency with other packages.💡 Add test script
"watch": "concurrently pnpm:watch:*", "watch:static": "pnpm build:static --watch", - "watch:vite": "nodemon --watch vite.config.ts --watch src --ignore \"**/generators/**\" -e ts,tsx,css,json --exec \"vite build\"" + "watch:vite": "nodemon --watch vite.config.ts --watch src --ignore \"**/generators/**\" -e ts,tsx,css,json --exec \"vite build\"", + "test": "vitest run" },🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@plugins/plugin-ai/package.json` around lines 35 - 49, The scripts section in package.json is missing a test script even though vitest is present in devDependencies; update the "scripts" object to add a "test" entry that runs vitest (e.g., "test": "vitest") and optionally add a watch variant like "test:watch": "vitest --watch" so tests can be run consistently; modify the existing "scripts" block (where build, watch, etc. are defined) to include these new keys.plugins/plugin-ai/src/dev-agents/core/generators/dev-agents-config/dev-agents-config.generator.ts (1)
83-90: The.filter(Boolean)is redundant.Since
MCP_SETUP_COMMANDShas an entry for everyDevAgentValue, the map will never produce falsy values. The filter can be removed for clarity.♻️ Remove redundant filter
export function buildMcpSetupInstructions( enabledAgents: DevAgentValue[], ): string { return enabledAgents .map((agent) => MCP_SETUP_COMMANDS[agent]) - .filter(Boolean) .join('\n\n'); }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@plugins/plugin-ai/src/dev-agents/core/generators/dev-agents-config/dev-agents-config.generator.ts` around lines 83 - 90, The .filter(Boolean) in buildMcpSetupInstructions is redundant because MCP_SETUP_COMMANDS contains an entry for every DevAgentValue; remove the .filter(Boolean) call so the function simply maps enabledAgents to MCP_SETUP_COMMANDS[agent] and .join('\n\n') the results directly in buildMcpSetupInstructions, referencing the buildMcpSetupInstructions function and the MCP_SETUP_COMMANDS lookup to locate the change.packages/project-builder-lib/src/compiler/root-compiler-spec.ts (1)
39-43: Consider wrapping individual compiler invocations for better error diagnostics.If a plugin's
compile()throws, the error won't indicate which plugin failed. Wrapping the call could improve debuggability.💡 Suggested improvement for error context
let result: Record<string, GeneratorBundle> = {}; for (const compiler of values.compilers) { - result = safeMerge(result, compiler.compile(options)); + try { + result = safeMerge(result, compiler.compile(options)); + } catch (error) { + throw new Error( + `Root compiler '${compiler.pluginKey}' failed: ${error instanceof Error ? error.message : String(error)}`, + { cause: error }, + ); + } } return result;🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@packages/project-builder-lib/src/compiler/root-compiler-spec.ts` around lines 39 - 43, Wrap each plugin invocation of compiler.compile inside a try/catch so you can add context about which compiler failed before rethrowing; specifically, in the loop that iterates values.compilers and calls compiler.compile(options) (and then safeMerge into result), catch errors from compile and augment the error message or throw a new Error that includes an identifier such as compiler.name || compiler.constructor?.name || String(compiler) to indicate which compiler/plugin failed, then rethrow the enriched error so callers get actionable diagnostics.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In
`@examples/todo-with-better-auth/apps/backend/prisma/migrations/20260323154537_add_uuid_v7_defaults/migration.sql`:
- Around line 1-17: The migration uses the non‑standard function uuidv7() in
multiple ALTER TABLE statements (affecting
"account","billing_account","billing_subscription","file","session","user");
ensure uuidv7() exists before running this file by adding a prior migration or
initialization step that installs the pg_uuidv7 extension or defines a uuidv7()
wrapper function, or document that requirement; update the migration sequence so
the CREATE EXTENSION or CREATE FUNCTION for uuidv7 runs before these ALTER TABLE
... SET DEFAULT uuidv7() statements.
In `@packages/project-builder-web/src/routes/index.tsx`:
- Around line 267-269: The badge truncation currently appends "..." to a 30-char
slice (using pkg.type), resulting in up to 33 characters; change the logic so
the ellipsis is included within the 30-char limit by slicing pkg.type to 27
characters before adding "..." (i.e., use pkg.type.length > 30 ?
`...${pkg.type.slice(-27)}` or use a front/trailing strategy that ensures the
final string length is 30), update the expression that renders pkg.type
accordingly so any displayed badge text never exceeds 30 characters.
In `@plugins/plugin-ai/LICENSE`:
- Around line 5-8: The LICENSE file embeds a non-standard "Generated Code
Exception" that conflicts with MPL-2.0 and tooling; remove that exception from
the LICENSE and restore the canonical MPL-2.0 text, then create a separate
policy file (e.g., GENERATED_CODE_POLICY.md or NOTICE) containing the "Generated
Code Exception" text and any explanatory terms; update README.md and
package.json metadata to reference the new policy document so downstream users
and license scanners see the canonical license in LICENSE and the exception
documented separately.
In
`@plugins/plugin-ai/src/dev-agents/core/components/dev-agents-definition-editor.tsx`:
- Around line 84-98: The JSX in the DevAgentsDefinitionEditor component is using
CSS classes prefixed with "devagents:" which violates the plugin naming
convention; update all className values in this file (e.g., occurrences like
"devagents:relative", "devagents:flex", "devagents:h-full", "devagents:flex-1",
"devagents:gap-4", "devagents:overflow-hidden",
"devagents:mb-[--action-bar-height]", "devagents:overflow-y-auto",
"devagents:max-w-6xl", "devagents:pb-16") to use the plugin prefix "ai:" instead
of "devagents:" so every class string begins with "ai:" to match the plugin-ai
naming guideline.
In `@plugins/plugin-ai/src/dev-agents/plugin.json`:
- Line 5: The description field in plugins/plugin-ai/src/dev-agents/plugin.json
incorrectly claims the plugin generates ".mcp.json"; update the description
string (the "description" property) to list the actual generated artifacts
(AGENTS.md, CLAUDE.md, .agents/baseplate.md) or remove the .mcp.json entry so it
matches the mapped/generated outputs in this PR.
In `@plugins/plugin-auth/src/local-auth/core/schema/models.ts`:
- Line 232: The authVerification.id field is using defaultGeneration: 'uuidv4'
which regresses from the repo's auth model defaults; update the options for
authVerification.id in models.ts to use defaultGeneration: 'uuidv7' so it
matches other auth IDs and the PR intent (look for the authVerification.id
declaration and the options: { defaultGeneration: 'uuidv4' } entry and change
the value to 'uuidv7').
---
Nitpick comments:
In `@examples/blog-with-auth/baseplate/project-definition.json`:
- Around line 656-657: The project-definition currently sets "options": {
"defaultGeneration": "uuidv7" } and "type": "uuid" for only the auth models
(User, UserAccount, UserSession); to make ID generation consistent, update the
remaining models (Article, Blog, BlogPost, AuthVerification) to use the same
"options": { "defaultGeneration": "uuidv7" } and "type": "uuid" entry in their
model definitions, or explicitly document in the schema why only the auth models
use uuidv7 if you intend to keep them mixed; locate and modify the model objects
named Article, Blog, BlogPost, and AuthVerification in the JSON and add the same
defaultGeneration setting as used for User/UserAccount/UserSession.
In `@examples/todo-with-better-auth/apps/backend/prisma/schema.prisma`:
- Around line 74-80: The schema shows mixed UUID generation strategies: models
Customer, TodoItem, TodoItemAttachment, TodoList, UserImage, UserProfile, and
Verification use gen_random_uuid() while auth-related models use uuidv7();
either standardize by replacing gen_random_uuid() with uuidv7() across those
models (e.g., update the `@default`(dbgenerated("gen_random_uuid()")) usage in
model Customer and the other listed models to `@default`(dbgenerated("uuidv7()")))
or, if the difference is intentional, add a clear comment above the affected
models (Customer, TodoItem, TodoItemAttachment, TodoList, UserImage,
UserProfile, Verification) documenting why auth models use uuidv7() and others
use gen_random_uuid() so the design decision is explicit.
In `@packages/project-builder-lib/src/compiler/root-compiler-spec.ts`:
- Around line 39-43: Wrap each plugin invocation of compiler.compile inside a
try/catch so you can add context about which compiler failed before rethrowing;
specifically, in the loop that iterates values.compilers and calls
compiler.compile(options) (and then safeMerge into result), catch errors from
compile and augment the error message or throw a new Error that includes an
identifier such as compiler.name || compiler.constructor?.name ||
String(compiler) to indicate which compiler/plugin failed, then rethrow the
enriched error so callers get actionable diagnostics.
In `@plugins/plugin-ai/.gitignore`:
- Around line 65-81: Remove duplicate .cache entries in the .gitignore by
keeping a single .cache pattern and deleting the redundant occurrences (refer to
the .cache entries in the current diff); ensure other distinct ignore patterns
like .parcel-cache, .next, out, .nuxt, dist, .temp remain untouched to preserve
intended exclusions.
In `@plugins/plugin-ai/CHANGELOG.md`:
- Line 1: Add an initial release entry to the CHANGELOG.md under the existing
package header by inserting a version section (e.g., "## 0.1.0") and a short
"Initial release" description plus bullet points summarizing the features
introduced (for example: "Add support for AI dev agents plugin", "Add AI agent
documentation and configuration generation"); update the header block in
CHANGELOG.md accordingly so the file lists the package name followed by the
0.1.0 entry and its feature bullets.
In `@plugins/plugin-ai/index.html`:
- Line 14: Update the es-module-shims script tag to use the new 2.8.0 release:
locate the <script src="...es-module-shims@1.5.17..."> occurrences (e.g., in
plugins/plugin-ai/index.html) and replace the version number 1.5.17 with 2.8.0
in that src URL; repeat the same change in all eight plugin index.html files so
they remain consistent.
In `@plugins/plugin-ai/package.json`:
- Around line 35-49: The scripts section in package.json is missing a test
script even though vitest is present in devDependencies; update the "scripts"
object to add a "test" entry that runs vitest (e.g., "test": "vitest") and
optionally add a watch variant like "test:watch": "vitest --watch" so tests can
be run consistently; modify the existing "scripts" block (where build, watch,
etc. are defined) to include these new keys.
In
`@plugins/plugin-ai/src/dev-agents/core/generators/dev-agents-config/dev-agents-config.generator.ts`:
- Around line 83-90: The .filter(Boolean) in buildMcpSetupInstructions is
redundant because MCP_SETUP_COMMANDS contains an entry for every DevAgentValue;
remove the .filter(Boolean) call so the function simply maps enabledAgents to
MCP_SETUP_COMMANDS[agent] and .join('\n\n') the results directly in
buildMcpSetupInstructions, referencing the buildMcpSetupInstructions function
and the MCP_SETUP_COMMANDS lookup to locate the change.
In `@plugins/plugin-ai/src/styles.css`:
- Around line 3-4: The Tailwind prefix in plugins/plugin-ai/src/styles.css
currently uses "devagents" in the `@import` lines (the prefix(devagents) on the
imports); update the prefix to match the plugin naming convention by replacing
that prefix with "ai" (i.e., use prefix(ai)) or, if "devagents" is intentionally
required, ensure all component className values across this plugin consistently
use the devagents: prefix; locate the prefix in the two import statements in
styles.css and make the change or validate consistency accordingly.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: cfc567be-9c11-4b75-81bc-90ab1ca2c1a4
⛔ Files ignored due to path filters (13)
examples/blog-with-auth/apps/backend/baseplate/generated/prisma/schema.prismais excluded by!**/generated/**,!**/generated/**examples/blog-with-auth/baseplate/generated/.agents/baseplate.mdis excluded by!**/generated/**,!**/generated/**examples/blog-with-auth/baseplate/generated/AGENTS.mdis excluded by!**/generated/**,!**/generated/**examples/blog-with-auth/baseplate/generated/CLAUDE.mdis excluded by!**/generated/**,!**/generated/**examples/blog-with-auth/baseplate/snapshots/root/diffs/pnpm-workspace.yaml.diffis excluded by!**/baseplate/snapshots/**examples/blog-with-auth/baseplate/snapshots/root/manifest.jsonis excluded by!**/baseplate/snapshots/**examples/todo-with-better-auth/apps/backend/baseplate/generated/prisma/schema.prismais excluded by!**/generated/**,!**/generated/**plugins/plugin-ai/src/dev-agents/core/generators/dev-agents-config/generated/index.tsis excluded by!**/generated/**,!**/generated/**plugins/plugin-ai/src/dev-agents/core/generators/dev-agents-config/generated/template-paths.tsis excluded by!**/generated/**,!**/generated/**plugins/plugin-ai/src/dev-agents/core/generators/dev-agents-config/generated/template-renderers.tsis excluded by!**/generated/**,!**/generated/**plugins/plugin-ai/src/dev-agents/core/generators/dev-agents-config/generated/typed-templates.tsis excluded by!**/generated/**,!**/generated/**plugins/plugin-ai/src/dev-agents/static/icon.svgis excluded by!**/*.svgpnpm-lock.yamlis excluded by!**/pnpm-lock.yaml
📒 Files selected for processing (57)
.changeset/add-ai-dev-agents-plugin.md.changeset/auth-verification-uuid-v4.mdexamples/blog-with-auth/.agents/.templates-info.jsonexamples/blog-with-auth/.agents/baseplate.mdexamples/blog-with-auth/.templates-info.jsonexamples/blog-with-auth/AGENTS.mdexamples/blog-with-auth/CLAUDE.mdexamples/blog-with-auth/apps/backend/prisma/migrations/20260323154517_add_uuid_v7_defaults/migration.sqlexamples/blog-with-auth/apps/backend/prisma/schema.prismaexamples/blog-with-auth/baseplate/file-id-map.jsonexamples/blog-with-auth/baseplate/project-definition.jsonexamples/blog-with-auth/pnpm-workspace.yamlexamples/todo-with-better-auth/apps/backend/prisma/migrations/20260323154537_add_uuid_v7_defaults/migration.sqlexamples/todo-with-better-auth/apps/backend/prisma/schema.prismaexamples/todo-with-better-auth/baseplate/project-definition.jsonpackages/project-builder-common/package.jsonpackages/project-builder-lib/src/compiler/index.tspackages/project-builder-lib/src/compiler/root-compiler-spec.tspackages/project-builder-server/src/compiler/root/root-package-compiler.tspackages/project-builder-web/src/routes/index.tsxplugins/plugin-ai/.gitignoreplugins/plugin-ai/.prettierignoreplugins/plugin-ai/CHANGELOG.mdplugins/plugin-ai/LICENSEplugins/plugin-ai/README.mdplugins/plugin-ai/eslint.config.jsplugins/plugin-ai/index.htmlplugins/plugin-ai/oxlint.config.tsplugins/plugin-ai/package.jsonplugins/plugin-ai/prettier.config.jsplugins/plugin-ai/src/dev-agents/core/common.tsplugins/plugin-ai/src/dev-agents/core/components/dev-agents-definition-editor.tsxplugins/plugin-ai/src/dev-agents/core/generators/dev-agents-config/dev-agents-config.generator.tsplugins/plugin-ai/src/dev-agents/core/generators/dev-agents-config/extractor.jsonplugins/plugin-ai/src/dev-agents/core/generators/dev-agents-config/index.tsplugins/plugin-ai/src/dev-agents/core/generators/dev-agents-config/templates/package/AGENTS.mdplugins/plugin-ai/src/dev-agents/core/generators/dev-agents-config/templates/package/CLAUDE.mdplugins/plugin-ai/src/dev-agents/core/generators/dev-agents-config/templates/package/agents/baseplate.mdplugins/plugin-ai/src/dev-agents/core/generators/index.tsplugins/plugin-ai/src/dev-agents/core/index.tsplugins/plugin-ai/src/dev-agents/core/node.tsplugins/plugin-ai/src/dev-agents/core/schema/plugin-definition.tsplugins/plugin-ai/src/dev-agents/core/web.tsplugins/plugin-ai/src/dev-agents/index.tsplugins/plugin-ai/src/dev-agents/plugin.jsonplugins/plugin-ai/src/index.tsplugins/plugin-ai/src/styles.cssplugins/plugin-ai/src/vite-env.d.tsplugins/plugin-ai/src/web-export.tsplugins/plugin-ai/tsconfig.build.jsonplugins/plugin-ai/tsconfig.jsonplugins/plugin-ai/tsconfig.node.jsonplugins/plugin-ai/vite.config.tsplugins/plugin-ai/vitest.config.jsplugins/plugin-auth/src/better-auth/core/schema/models.tsplugins/plugin-auth/src/local-auth/core/schema/models.tstsconfig.build.json
| -- AlterTable | ||
| ALTER TABLE "account" ALTER COLUMN "id" SET DEFAULT uuidv7(); | ||
|
|
||
| -- AlterTable | ||
| ALTER TABLE "billing_account" ALTER COLUMN "id" SET DEFAULT uuidv7(); | ||
|
|
||
| -- AlterTable | ||
| ALTER TABLE "billing_subscription" ALTER COLUMN "id" SET DEFAULT uuidv7(); | ||
|
|
||
| -- AlterTable | ||
| ALTER TABLE "file" ALTER COLUMN "id" SET DEFAULT uuidv7(); | ||
|
|
||
| -- AlterTable | ||
| ALTER TABLE "session" ALTER COLUMN "id" SET DEFAULT uuidv7(); | ||
|
|
||
| -- AlterTable | ||
| ALTER TABLE "user" ALTER COLUMN "id" SET DEFAULT uuidv7(); |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Search for uuidv7 extension or function setup in the project
rg -n 'uuidv7|pg_uuidv7' --type sql -g '!**/migrations/**'
rg -n 'uuidv7|pg_uuidv7' -g '*.ts' -g '*.js'Repository: halfdomelabs/baseplate
Length of output: 9210
🏁 Script executed:
#!/bin/bash
# Find schema.prisma and earlier migrations in the todo-with-better-auth backend
find examples/todo-with-better-auth/apps/backend -name "schema.prisma" -type f
# List all migrations in chronological order
ls -la examples/todo-with-better-auth/apps/backend/prisma/migrations/ | head -20
# Search for any migration that creates the uuidv7 function
grep -r "CREATE FUNCTION uuidv7" examples/todo-with-better-auth/apps/backend/prisma/migrations/ 2>/dev/null || echo "No uuidv7 function creation found"
# Search for extension setup
grep -r "CREATE EXTENSION" examples/todo-with-better-auth/apps/backend/prisma/migrations/ 2>/dev/null || echo "No extension creation found"Repository: halfdomelabs/baseplate
Length of output: 1776
🏁 Script executed:
#!/bin/bash
# Check the schema.prisma for provider and previewFeatures
cat examples/todo-with-better-auth/apps/backend/prisma/schema.prisma | head -50
# Check for docker-compose or database setup
find examples/todo-with-better-auth -name "docker-compose*" -o -name "*.sql" | grep -v migrations | head -20
# Check if there's any readme or setup documentation
find examples/todo-with-better-auth -name "README*" -o -name "SETUP*" | head -10Repository: halfdomelabs/baseplate
Length of output: 2772
🏁 Script executed:
#!/bin/bash
# Check docker-compose for PostgreSQL and extension setup
cat examples/todo-with-better-auth/docker/docker-compose.yml
# Also check for any SQL initialization files
find examples/todo-with-better-auth -name "*.sql" | grep -v migrations | xargs ls -la 2>/dev/nullRepository: halfdomelabs/baseplate
Length of output: 5034
The migration requires uuidv7() function to be available in the database before execution.
The migration uses uuidv7() which is not a built-in PostgreSQL function. Ensure the database has either:
- The
pg_uuidv7extension installed via a separate migration or initialization, or - A custom
uuidv7()function defined
If this is managed externally or by a prior step in your database setup, add a note or documentation. Otherwise, add a migration to create the extension or function before applying these changes.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In
`@examples/todo-with-better-auth/apps/backend/prisma/migrations/20260323154537_add_uuid_v7_defaults/migration.sql`
around lines 1 - 17, The migration uses the non‑standard function uuidv7() in
multiple ALTER TABLE statements (affecting
"account","billing_account","billing_subscription","file","session","user");
ensure uuidv7() exists before running this file by adding a prior migration or
initialization step that installs the pg_uuidv7 extension or defines a uuidv7()
wrapper function, or document that requirement; update the migration sequence so
the CREATE EXTENSION or CREATE FUNCTION for uuidv7 runs before these ALTER TABLE
... SET DEFAULT uuidv7() statements.
| {pkg.type.length > 30 | ||
| ? `...${pkg.type.slice(-30)}` | ||
| : pkg.type} |
There was a problem hiding this comment.
Truncation can exceed the intended 30-character display limit.
On Line [267], the expression adds ... on top of 30 sliced characters, so badge text can be 33 chars. If the intent is a hard 30-char preview, include the ellipsis within that limit.
Proposed fix
- {pkg.type.length > 30
- ? `...${pkg.type.slice(-30)}`
- : pkg.type}
+ {pkg.type.length > 30
+ ? `...${pkg.type.slice(-27)}`
+ : pkg.type}📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| {pkg.type.length > 30 | |
| ? `...${pkg.type.slice(-30)}` | |
| : pkg.type} | |
| {pkg.type.length > 30 | |
| ? `...${pkg.type.slice(-27)}` | |
| : pkg.type} |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@packages/project-builder-web/src/routes/index.tsx` around lines 267 - 269,
The badge truncation currently appends "..." to a 30-char slice (using
pkg.type), resulting in up to 33 characters; change the logic so the ellipsis is
included within the 30-char limit by slicing pkg.type to 27 characters before
adding "..." (i.e., use pkg.type.length > 30 ? `...${pkg.type.slice(-27)}` or
use a front/trailing strategy that ensures the final string length is 30),
update the expression that renders pkg.type accordingly so any displayed badge
text never exceeds 30 characters.
| This project is licensed under the Mozilla Public License 2.0 (MPL-2.0) with the following exception: | ||
|
|
||
| **Generated Code Exception**: All code generated by Baseplate generators and templates belongs entirely to the user who generated it. Half Dome Labs LLC disclaims any copyright interest in generated code. Users may use, modify, distribute, and license generated code under any terms they choose, including proprietary licenses, with no restrictions or attribution requirements. | ||
|
|
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
# First, check if the LICENSE file exists and read its full content
if [ -f "plugins/plugin-ai/LICENSE" ]; then
echo "=== Full LICENSE file content ==="
cat -n "plugins/plugin-ai/LICENSE" | head -50
else
echo "File not found"
fiRepository: halfdomelabs/baseplate
Length of output: 2424
🏁 Script executed:
# Check for related policy/notice files
find . -type f \( -name "NOTICE*" -o -name "*POLICY*" -o -name "*GENERATED*" -o -name "LICENSE*" \) | head -20Repository: halfdomelabs/baseplate
Length of output: 729
🏁 Script executed:
# Check the broader repository structure for LICENSE patterns
find plugins -type f -name "LICENSE" -o -name "LICENSE.*" | xargs wc -l 2>/dev/null | head -20Repository: halfdomelabs/baseplate
Length of output: 380
🏁 Script executed:
# Check root LICENSE for the same exception pattern
head -20 ./LICENSERepository: halfdomelabs/baseplate
Length of output: 994
🏁 Script executed:
# Check a sample package LICENSE
head -20 ./packages/core-generators/LICENSERepository: halfdomelabs/baseplate
Length of output: 994
🏁 Script executed:
# Search for NOTICE or policy files
find . -type f \( -name "NOTICE*" -o -name "*POLICY*" \) | head -10Repository: halfdomelabs/baseplate
Length of output: 48
🏁 Script executed:
# Check if there are any references to generated code policy in README or package.json
find . -maxdepth 2 -name "README*" -o -name "package.json" | head -5Repository: halfdomelabs/baseplate
Length of output: 141
🌐 Web query:
MPL-2.0 custom exception format best practices license compliance
💡 Result:
MPL-2.0 does not use a separate "custom exception format" like GPL exceptions. Instead, it has built-in mechanisms for compatibility via Section 3.3 (Larger Works with Secondary Licenses like GPL/LGPL) and Exhibit B notices. Best practices for license compliance when combining licenses or handling special cases: 1. Standard MPL-2.0 header (Exhibit A) in each source file: /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at https://mozilla.org/MPL/2.0/. / Or SPDX: // SPDX-License-Identifier: MPL-2.0 2. To make code "Incompatible With Secondary Licenses" (disables Section 3.3 compatibility), add Exhibit B notice to files: This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. Use SPDX: MPL-2.0-no-copyleft-exception. This is an explicit declaration by the initial contributor, not a custom invention. 3. Combining with (L)GPL (using Section 3.3): - Keep MPL Exhibit A header. - Add GPL/LGPL notices below, preserving original notices, e.g.: This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. [...] It is also distributed under the GNU General Public License, version 2. [...] Copyright (c) 20xx GPL Contributor Preferred for dual-licensing files in Larger Works. 4. Incorporating permissive-licensed code (MIT/BSD/Apache) into MPL files: - Use boilerplate header: / This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. [...] * * This file incorporates work covered by the following copyright and * permission notice: * * Copyright 20xx Author * Licensed under the MIT License [...] */ Custom exceptions beyond these (e.g., user-defined additional permissions) are discouraged. MPL FAQ strongly advises against modifying the license itself, as it creates "crayon licenses" that reduce adoption and complicate compliance. Use standard headers and mechanisms for compatibility. Prefer relicensing permissive code or avoiding mixes when possible. For compliance: Preserve all notices (Section 3.4), distribute source with binaries (Section 3.2), ensure modifications stay MPL (file-level copyleft).
Citations:
- 1: https://www.mozilla.org/en-US/MPL/2.0/combining-mpl-and-gpl/
- 2: https://www.mozilla.org/en-US/MPL/2.0/FAQ/
- 3: http://www.mozilla.org/MPL/2.0/permissive-code-into-mpl.html
- 4: https://spdx.org/licenses/MPL-2.0-no-copyleft-exception.html
- 5: https://www.mozilla.org/en-US/MPL/2.0
- 6: https://www.mozilla.org/en-US/MPL/headers/
- 7: https://www.mozilla.org/en-US/MPL/2.0/permissive-code-into-mpl/
- 8: https://www.mozilla.org/MPL/2.0/combining-mpl-and-gpl.html
- 9: MPL-2.0 exhibit B pikepdf/pikepdf#8
🌐 Web query:
SPDX license scanner embedded exception preamble LICENSE file format
💡 Result:
SPDX license scanners detect licenses and exceptions in LICENSE files using template matching based on SPDX License List templates. These templates account for variable preambles, headers, footers, and other non-substantive text through matching guidelines that allow omitting certain text (e.g., copyright notices, "END OF TERMS" sections) marked as omittable in blue on SPDX pages, and replacing variables (e.g., year, name) marked in red. Scanners like CycloneDX/license-scanner and ScanCode use these SPDX templates (tested up to v3.26) to identify licenses even with custom preambles. For exceptions like LLGPL (Lisp LGPL Preamble, identifier: LLGPL), which is a preamble clarifying LGPL for Lisp, SPDX treats it as an exception used with "WITH" (e.g., LGPL-2.1-only WITH LLGPL). Its template shows the preamble text with omittable italicized blue parts. Scanners match the substantive exception text in LICENSE files, ignoring omittable preamble variations per guidelines. Format in SPDX documents: Use license expressions like "LGPL-2.1-only WITH LLGPL" in SPDX-License-Identifier comments or file/package license fields. For non-list matches, use LicenseRef-[id] with extracted text. No special "embedded exception preamble" format beyond standard SPDX matching; scanners normalize and match against templates handling preambles.
Citations:
- 1: https://spdx.org/licenses/exceptions-index.html
- 2: https://spdx.github.io/spdx-spec/v3.0.1/annexes/spdx-license-expressions/
- 3: https://spdx.dev/learn/handling-license-info/
- 4: https://spdx.github.io/spdx-spec/v2.3/license-matching-guidelines-and-templates/
- 5: https://spdx.github.io/spdx-spec/v3.0.1/annexes/license-matching-guidelines-and-templates/
- 6: https://pkg.go.dev/github.com/CycloneDX/license-scanner
- 7: https://github.com/spdx/tools-java
- 8: https://github.com/CycloneDX/license-scanner
- 9: https://scancode-toolkit.readthedocs.io/en/stable/getting-started/home.html
- 10: https://spdx.org/licenses/LLGPL.html
🏁 Script executed:
# Check if the root README mentions anything about generated code or licensing
head -100 ./README.md | grep -i -A 5 -B 5 "license\|generated\|policy"Repository: halfdomelabs/baseplate
Length of output: 48
Custom license exception violates MPL-2.0 design principles and creates compliance ambiguity.
The "Generated Code Exception" at lines 5-8 embeds a non-standard exception directly in the LICENSE file. This is problematic because:
-
MPL-2.0 explicitly discourages custom exceptions — Mozilla's FAQ warns against modifying the license text ("crayon licenses"), as it creates adoption friction and compliance confusion. MPL-2.0 provides built-in mechanisms (Exhibit A/B notices, Section 3.3 for secondary license compatibility) but does not support user-defined exceptions the way GPL does.
-
License scanners cannot reliably identify this exception — The "Generated Code Exception" is not a recognized SPDX exception. Automated compliance tools will see the MPL-2.0 text but won't parse the custom preamble as a valid, trackable exception.
-
Unclear license scope for downstream users — Consumers cannot determine whether the full MPL-2.0 applies or if the exception modifies its terms.
Move the exception to a separate NOTICE or GENERATED_CODE_POLICY.md file and update the LICENSE to contain only the canonical MPL-2.0 text. Reference the policy document from README.md and/or package.json metadata for clarity.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@plugins/plugin-ai/LICENSE` around lines 5 - 8, The LICENSE file embeds a
non-standard "Generated Code Exception" that conflicts with MPL-2.0 and tooling;
remove that exception from the LICENSE and restore the canonical MPL-2.0 text,
then create a separate policy file (e.g., GENERATED_CODE_POLICY.md or NOTICE)
containing the "Generated Code Exception" text and any explanatory terms; update
README.md and package.json metadata to reference the new policy document so
downstream users and license scanners see the canonical license in LICENSE and
the exception documented separately.
| return ( | ||
| <div className="devagents:relative devagents:flex devagents:h-full devagents:flex-1 devagents:flex-col devagents:gap-4 devagents:overflow-hidden"> | ||
| <div | ||
| className="devagents:mb-[--action-bar-height] devagents:flex devagents:flex-1 devagents:overflow-y-auto" | ||
| style={ | ||
| { | ||
| '--action-bar-height': '52px', | ||
| } as React.CSSProperties | ||
| } | ||
| > | ||
| <form | ||
| onSubmit={onSubmit} | ||
| className="devagents:max-w-6xl devagents:flex-1" | ||
| > | ||
| <div className="devagents:pb-16"> |
There was a problem hiding this comment.
CSS class prefix should match the plugin name.
The CSS classes use devagents: prefix (e.g., devagents:relative), but the plugin is named plugin-ai. As per coding guidelines, CSS classes in plugin components must be prefixed with the plugin name to avoid style conflicts.
Consider using ai: prefix instead of devagents: for consistency with the plugin naming convention.
💡 Example fix for one element
- <div className="devagents:relative devagents:flex devagents:h-full devagents:flex-1 devagents:flex-col devagents:gap-4 devagents:overflow-hidden">
+ <div className="ai:relative ai:flex ai:h-full ai:flex-1 ai:flex-col ai:gap-4 ai:overflow-hidden">As per coding guidelines: "All CSS classes used in className attributes within plugin components MUST be prefixed with the plugin name (e.g., auth:flex, storage:grid) to avoid style conflicts between plugins and the main application"
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In
`@plugins/plugin-ai/src/dev-agents/core/components/dev-agents-definition-editor.tsx`
around lines 84 - 98, The JSX in the DevAgentsDefinitionEditor component is
using CSS classes prefixed with "devagents:" which violates the plugin naming
convention; update all className values in this file (e.g., occurrences like
"devagents:relative", "devagents:flex", "devagents:h-full", "devagents:flex-1",
"devagents:gap-4", "devagents:overflow-hidden",
"devagents:mb-[--action-bar-height]", "devagents:overflow-y-auto",
"devagents:max-w-6xl", "devagents:pb-16") to use the plugin prefix "ai:" instead
of "devagents:" so every class string begins with "ai:" to match the plugin-ai
naming guideline.
| name: 'id', | ||
| type: 'uuid', | ||
| options: { defaultGeneration: 'uuidv7' }, | ||
| options: { defaultGeneration: 'uuidv4' }, |
There was a problem hiding this comment.
Use uuidv7 here to stay consistent with the auth model defaults.
Line 232 switches authVerification.id to uuidv4, but the surrounding auth IDs and PR objective are moving to uuidv7. This looks like an accidental regression.
Suggested fix
- options: { defaultGeneration: 'uuidv4' },
+ options: { defaultGeneration: 'uuidv7' },📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| options: { defaultGeneration: 'uuidv4' }, | |
| options: { defaultGeneration: 'uuidv7' }, |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@plugins/plugin-auth/src/local-auth/core/schema/models.ts` at line 232, The
authVerification.id field is using defaultGeneration: 'uuidv4' which regresses
from the repo's auth model defaults; update the options for authVerification.id
in models.ts to use defaultGeneration: 'uuidv7' so it matches other auth IDs and
the PR intent (look for the authVerification.id declaration and the options: {
defaultGeneration: 'uuidv4' } entry and change the value to 'uuidv7').
Summary by CodeRabbit
New Features
Documentation
Other