Skip to content

fix: 🐛 fix zipped templates not unzipped using bun #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
truehazker merged 1 commit into from
Jan 4, 2026
Merged

fix: 🐛 fix zipped templates not unzipped using bun #5

truehazker merged 1 commit into from
Jan 4, 2026

Conversation

@truehazker
Copy link
Owner

@truehazker truehazker commented Jan 4, 2026
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Bug Fixes
    • Fixed templates not being extracted when using bunx create-ely with Bun due to default-secure lifecycle scripts policy
    • Added automatic runtime template extraction to ensure templates are available regardless of postinstall script execution

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link

coderabbitai bot commented Jan 4, 2026
edited
Loading

📝 Walkthrough

Walkthrough

This pull request adds runtime template extraction to address a Bun security policy issue that prevents postinstall scripts from executing. A new ensureTemplatesExtracted() function validates and extracts templates.zip into the templates directory when needed, called automatically at the start of template setup operations.

Changes

Cohort / File(s) Summary
Documentation
CHANGELOG.md		 Added "Fixed" section under Unreleased documenting two related fixes: prevention of template extraction failures with Bun's default-secure lifecycle scripts, and runtime template extraction guarantee.
Template Runtime Extraction
src/template.ts		 Introduced ensureTemplatesExtracted() function that extracts templates.zip into the templates directory when templates are absent, with validation and error handling. Function is invoked at the start of setupTemplate() to ensure templates are available regardless of postinstall script execution.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

Poem

🐰 Templates tucked in templates.zip,
Now extracted when the scripts won't trip,
At runtime we ensure they're there,
No Bun security scare! 📦✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title directly addresses the main change: fixing zipped templates not being extracted when using Bun, which matches the core problem solved in this PR.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
✨ Finishing touches
  • 📝 Generate docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Jan 4, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
src/template.ts (1)

20-50: The zip structure concern is unfounded, but the validation robustness suggestion has merit.

The templates.zip is created by scripts/prepare.ts using zip.addLocalFolder(templatesPath), which adds the contents of the templates folder (not the folder itself). This means the zip contains backend/ and monorepo/ at the root level, and extracting with extractAllTo(templatesPath, true) correctly produces templates/backend/... and templates/monorepo/.... There is no risk of creating a templates/templates/... structure.

However, the validation improvement suggestion is valid. The current check at lines 41-43 only verifies that the templatesPath directory exists, not that the expected template subdirectories (backend and monorepo) were created. While the downstream copyRecursive call would fail if the template subdirectory is missing, adding early validation as suggested would improve error clarity and fail fast:

🔎 Suggested improvement for validation 
  if (!existsSync(templatesPath)) {
    throw new Error('Templates folder was not created after extraction');
  }
+
+ // Validate expected template directories exist
+ const expectedTemplates = ['backend', 'monorepo'];
+ const missingTemplates = expectedTemplates.filter(
+   (t) => !existsSync(join(templatesPath, t))
+ );
+ if (missingTemplates.length > 0) {
+   throw new Error(
+     `Missing template directories after extraction: ${missingTemplates.join(', ')}`
+   );
+ }
📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 898ad3c and b04d90c.

📒 Files selected for processing (2)
  • CHANGELOG.md
  • src/template.ts
🧰 Additional context used
📓 Path-based instructions (4)
**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.{ts,tsx,js,jsx}: Use bun <file> instead of node <file> or ts-node <file>
Bun automatically loads .env files, so don't use the dotenv package
Use Bun.serve() with built-in WebSocket, HTTPS, and route support instead of express
Use bun:sqlite for SQLite instead of better-sqlite3
Use Bun.redis for Redis instead of ioredis
Use Bun.sql for Postgres instead of pg or postgres.js
Use built-in WebSocket instead of ws package
Prefer Bun.file over node:fs readFile/writeFile for file operations
Use Bun.$ template literals for shell commands instead of execa

Files:

  • src/template.ts
**/*.{ts,tsx,css,html}

📄 CodeRabbit inference engine (CLAUDE.md)

Use bun build <file.html|file.ts|file.css> instead of webpack or esbuild

Files:

  • src/template.ts
**/*.{html,ts,tsx,js,jsx}

📄 CodeRabbit inference engine (CLAUDE.md)

Use HTML imports with Bun.serve() and don't use vite for frontend bundling

Files:

  • src/template.ts
**/*.ts

📄 CodeRabbit inference engine (CLAUDE.md)

Use bun --hot <file.ts> to run TypeScript files with hot module reloading enabled

Files:

  • src/template.ts
🧠 Learnings (1)
📚 Learning: 2026-01-03T07:00:32.832Z 
Learnt from: truehazker
Repo: truehazker/create-elysiajs PR: 2
File: templates/backend:1-1
Timestamp: 2026-01-03T07:00:32.832Z
Learning: In git diffs, symlinks (mode 120000) appear as added files containing the link target (e.g., +monorepo/apps/backend). Do not flag symlinks as placeholder files or accidental commits. This applies broadly; when reviewing files like templates/backend, verify whether it is a symlink and treat accordingly.

Applied to files:

  • CHANGELOG.md
🔇 Additional comments (2)
CHANGELOG.md (1)

10-13: LGTM! Clear documentation of the fix.

The changelog entries accurately describe the issue with Bun's default-secure lifecycle scripts policy and the solution using runtime template extraction.

src/template.ts (1)

65-66: LGTM! Correct placement of template extraction.

The call to ensureTemplatesExtracted() is correctly placed at the start of setupTemplate(), ensuring templates are available before they're accessed at line 68. The synchronous extraction is acceptable for a CLI tool, and the spinner provides user feedback during the operation.

@truehazker truehazker merged commit 2367ab6 into develop Jan 4, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@truehazker