@suluk/platform - v0.6.0
    Preparing search index...

    Variable appServiceConst

    appService: {
        id: "app";
        mount: { kind: "base" };
        env: [
            {
                name: "TRUSTED_ORIGINS";
                hint: "comma-separated browser origins allowed on /api/* (CORS)";
            },
            {
                name: "CLOUDFLARE_API_TOKEN";
                required: true;
                secret: true;
                provisioning: true;
                hint: "CF account-scoped master token (Workers Scripts + D1 + KV Edit) — mints the scoped tokens + provisions, then DELETED (never in git)";
            },
            {
                name: "CLOUDFLARE_ACCOUNT_ID";
                required: true;
                secret: true;
                surface: "local";
                hint: "CF account id — a KEEPER (routine scoped-token ops need it), kept encrypted in .env";
            },
            {
                name: "CLOUDFLARE_D1_TOKEN";
                secret: true;
                minted: true;
                hint: "scoped: D1 Write (migrations)";
            },
            {
                name: "CLOUDFLARE_WORKERS_TOKEN";
                secret: true;
                minted: true;
                hint: "scoped: Workers Scripts Write (deploy + secret put)";
            },
            {
                name: "CLOUDFLARE_KV_TOKEN";
                secret: true;
                minted: true;
                hint: "scoped: KV Write (rate-limit / rate-credit namespaces)";
            },
        ];
    } = ...

    The 19 CORE services, expressed through the common interface (the dogfood). Ported field-for-field from the C051 CATALOG; auth and credits additionally declare their composition surface (the auth.onUserCreated port + the credits.grantOnSignup capability) — inert until the Phase-3 engine consumes them, and the render/build templates are PROVISIONAL (Phase 3 pins them against the real auth seam signature, see ADR C053 open question #1).

    Type Declaration

    • Readonlyid: "app"
    • Readonlymount: { kind: "base" }
    • Readonlyenv: [
          {
              name: "TRUSTED_ORIGINS";
              hint: "comma-separated browser origins allowed on /api/* (CORS)";
          },
          {
              name: "CLOUDFLARE_API_TOKEN";
              required: true;
              secret: true;
              provisioning: true;
              hint: "CF account-scoped master token (Workers Scripts + D1 + KV Edit) — mints the scoped tokens + provisions, then DELETED (never in git)";
          },
          {
              name: "CLOUDFLARE_ACCOUNT_ID";
              required: true;
              secret: true;
              surface: "local";
              hint: "CF account id — a KEEPER (routine scoped-token ops need it), kept encrypted in .env";
          },
          {
              name: "CLOUDFLARE_D1_TOKEN";
              secret: true;
              minted: true;
              hint: "scoped: D1 Write (migrations)";
          },
          {
              name: "CLOUDFLARE_WORKERS_TOKEN";
              secret: true;
              minted: true;
              hint: "scoped: Workers Scripts Write (deploy + secret put)";
          },
          {
              name: "CLOUDFLARE_KV_TOKEN";
              secret: true;
              minted: true;
              hint: "scoped: KV Write (rate-limit / rate-credit namespaces)";
          },
      ]