Full app templates & install-anywhere blocks.

Design tokens (light/dark + 15 color palettes), density and font scaling, plus the Tailwind preset that maps them to class names. The visual foundation.

A ThemeProvider (color theme, dark mode, density, font — persisted to localStorage) plus a drop-in Appearance settings panel. Depends on the theme item.

The app frame: top navbar (logo + title + dark toggle + user menu with logout) and a grouped, collapsible sidebar with a react-router outlet. All branding lives in app.config.jsx for one-file rebranding. Pulls in the theme block.

Foundation auth: a resilient Supabase client (in-tab lock + auto-refresh + a refresh coalescer & callWithAuthRetry 401-retry helper in sessionRefresh.js), AuthProvider/useAuth (password + magic link + Google), AuthGate (with requireAdmin), and a themed LoginPage. Decoupled from any app logic. Ships .env.example. Everything that needs a signed-in user builds on this.

Foundation backend: a Cloudflare Worker dispatcher with per-route auth levels (default-deny none/user/admin), JWT validation, load-time route validation, HTML sanitizer + injection block-list, CORS, baseline security headers, best-effort tiered rate limiting, an example route, and the resilient callWorker client (401-refresh-retry). Ships wrangler.toml + worker-secrets templates. Pulls the auth block (shares the Supabase client).

Stops the 'dead button after deploy' problem: staleChunkReload (force-reload on Vite preloadError), WebUpdateBanner (polls /version.json, prompts refresh on a new build), and gen-version.mjs (writes public/version.json at build time).

Global client error + unhandled-rejection capture that ships to the worker route logClientError (provided by the admin errors panel). Fire-and-forget; fails quietly if the route isn't installed yet.

Document versioning + a blocking re-acceptance modal. Bump TERMS_VERSION/PRIVACY_VERSION on a material change to re-prompt everyone. localStorage-backed by default; wire to your DB for durable per-user acceptance.

Zero-dependency internationalization: a LocaleProvider + useT()/t() (with {token} interpolation, { one, other } pluralization, and array/object values for prose lists) over per-locale dictionaries in src/locales/<lang>/ (one module per namespace, merged in index.js; missing keys fall back to the default locale then the key). A secondary language is served at a /<lang>/ PATH PREFIX (default /es) — mount the router under basename={basenameFor(locale)} so every existing absolute <Link to="/x"> auto-prefixes with no per-link plumbing; the LanguageSwitcher is a full navigation so the server serves correct metadata. Ships a Worker SEO helper (worker/lib/i18nMeta.js) to emit <html lang>, a locale-correct canonical/og:url, and reciprocal hreflang. Defaults to en+es; edit the prefix + dicts to localize elsewhere.

A Ctrl/Cmd+K command palette. Commands (navigate or run-an-action) are defined in commandbar.config.jsx. Uses react-router for navigation.

Anonymous/edge visitor telemetry (IP + Cloudflare geo) for security review, with blocked-attempt triage and a load-race de-noiser. Vertical slice: VisitorSecurityView + visitorEvents route (logAccessAttempt public beacon + getVisitorLogs/purgeResolvedAccessEvents admin) + accessEvents helpers (extractGeo/logAccessEvent/90-day cron purge) + kit_access_events migration (RLS + revoked grants → service-role only). No map dependency. Register routes in ROUTES.

A full-page, code-authored changelog: release entries are React components (a manifest of meta + component) rendered with a sticky IntersectionObserver table-of-contents, a version dropdown, click-to-zoom image/video lightboxes, and before/after compare pairs. Frontend-only (publish state is per-entry meta status; pass isAdmin to preview drafts). The heavier alternative to the lightweight whats-new dialog.

A configured TanStack Query client (refetchOnWindowFocus off, sane staleTime/gcTime) with a global MutationCache.onError toast fallback, frozen EMPTY sentinels for stable select() returns, and a useRealtimeInvalidate hook that maps Supabase postgres_changes to query-key invalidation.

Scaffolds a Cloudflare Worker scheduled() job runner: a cron.js dispatcher with an example job, a wrangler [triggers] example, and wiring docs — the home for retention purges (e.g. the access-logs / visitor-security 90-day cleanups) the kit otherwise can't run.

Transactional email via Resend: a server-side sendEmail(env, {...}) helper, a worker route that renders a named template (so raw HTML never hits the sanitizer), and a tiny brand-neutral template library (welcome / notification / security-notice).

File uploads via Supabase Storage: a worker route that mints owner-scoped signed upload/download URLs (service role), a useUpload hook, a drag-and-drop FileDropzone component, and a migration creating an owner-scoped bucket policy.

Self-service account data: a worker route to export all of a user's rows as JSON and to delete the account (rows + auth user via service role), plus a Settings panel with download + type-to-confirm delete. The table set is a config the consumer fills in.

A useFormDraft hook that mirrors in-progress form state to localStorage so a tab close, crash, or deploy mid-edit never loses typed-but-unsaved input.

A generic Claude API integration: a thin Anthropic Messages client worker lib, an invokeLLM worker route (auth'd, optional usage metering), and a minimal chat AssistantPanel — bring your own ANTHROPIC_API_KEY and system prompt.

A dismissable getting-started checklist that drives new-user activation: steps come from onboarding.config.jsx (label + href + optional done-predicate), progress + per-user dismissal persist to localStorage.

A single source of truth for mobile/tablet/desktop breakpoints, shared by Tailwind AND JS so they never drift. The two numbers live in responsive.breakpoints.json; responsive.config.cjs require()s it to expose a Tailwind `screens` map + ready `tailwindPreset` (adds `tablet:`/`desktop:` variants), and responsive.js (ESM) imports the same json for SSR-safe, tear-free hooks: useMediaQuery/useIsMobile/useIsTablet/useIsDesktop/useDeviceType + MIN_WIDTH/MEDIA_QUERIES/BREAKPOINTS. Json (not the .cjs) is the shared format because browser ESM can import it in both `vite dev` and the prod build. Ships a use-mobile.jsx shim so shadcn's `@/hooks/use-mobile` keeps working off the one source. Wiring: add `presets: [require('./responsive.config.cjs').tailwindPreset]` (or merge `.screens`) into tailwind.config.

Admin-only frame: an admin sidebar built from admin.config.jsx (register panels there) + a react-router outlet + a shared AdminPanel chrome (title/loading/error + table helpers) that panel blocks reuse. Self-gates on useAuth().isAdmin; always also enforce admin server-side. Pulls the auth block.

Lists auth users (email, joined, last sign-in). Vertical slice: UsersView + getAdminUsers worker route (uses worker-kit db.js listAuthUsers). Register the route in worker/index.js ROUTES.

High-level counts (total users, new this week, active 7d, opens 7d). Vertical slice: AnalyticsView + getAdminAnalytics route. active/opens read the access-logs table if installed. Register the route in ROUTES.

Recent client errors. Vertical slice: ErrorsView + clientErrors route (logClientError write + getClientErrors read) + kit_client_errors migration. Pairs with the error-capture block. Register both routes in ROUTES.

Metered API/LLM call counts by endpoint. Vertical slice: ApiUsageView + apiUsage route (logApiUsage helper + getApiUsage read) + kit_api_usage migration. Register getApiUsage in ROUTES; call logApiUsage() from metered routes.

App-open log per user. Vertical slice: AccessLogsView + accessLogs route (logAppOpen write + getAccessLogs read) + kit_access_logs migration. Call callWorker('logAppOpen') on login; register both routes in ROUTES.

Audit-run history. Vertical slice: AuditsView (recursive details renderer) + manageAuditRun route (op-based list/create/update/delete, audit_id-keyed, completed_by stamped server-side, provenance immutable on update) + kit_audit_runs migration. Register the route in ROUTES.

User feedback triage inbox (status filter pills + counts, expandable cards, status dropdown, admin notes, rating stars). Vertical slice: FeedbackView + feedback routes (submitFeedback user with category/rating validation + manageFeedback admin: op list/update/delete) + kit_feedback migration (status/rating/admin_notes columns + owner RLS policies). Register routes in ROUTES.

Support tickets with status triage. Vertical slice: SupportView + support routes (createSupportTicket user, captures user_name + getSupportTickets/updateSupportTicket/deleteSupportTicket admin) + kit_support_tickets migration. Register routes in ROUTES.

Compose + manage broadcasts shown in users' bell, with active/inactive toggle, edit, and draft/scheduled delivery states. Vertical slice: SystemNotificationsView + systemNotifications routes (create/get/delete/toggle/update/send, admin) + kit_system_notifications migration (service-role writes; RLS lets users read only active rows). Register routes in ROUTES.

Author changelog entries shown by the whats-new viewer block. Vertical slice: WhatsNewAdminView + whatsNew route (publish/get/delete, admin) + kit_whats_new migration (RLS lets users read published). Register routes in ROUTES.

Manage rotating tips a user-facing widget reads, with edit + active toggle. Vertical slice: TipsManagerView + tips route (create/get/delete/update, admin) + kit_app_tips migration (RLS read for active). Register routes in ROUTES.

Manage help/onboarding videos user-facing surfaces read, with edit + visibility toggle + provider allow-list. Vertical slice: VideoLibraryView + videos route (create/get/delete/update, admin) + kit_app_videos migration (RLS read for active). Register routes in ROUTES.

Launch-readiness kanban (To Do / In Progress / Done) with typed, prioritized cards — move with ←/→, edit inline, add via form. Dependency-light (no drag-drop lib). Vertical slice: LaunchBoardView + launchTasks route (get + manage op create/update/delete) + kit_launch_tasks migration. Register routes in ROUTES.

User-facing changelog dialog. Reads published whats_new_entries directly via Supabase (RLS). Pairs with the admin-whats-new authoring panel. Pulls dialog, button, and the auth block (Supabase client).

HelpTip (touch-friendly Popover help affordance) + HelpCenter (searchable topics from help.config.jsx). Pulls popover + theme.

Subscription management vertical slice: PlanPage + useSubscription hook + Stripe worker routes (getSubscription/createCheckout/createPortalSession) + stripeWebhook (register with raw:true) + kit_user_subscriptions migration. Needs STRIPE_SECRET_KEY + STRIPE_WEBHOOK_SECRET secrets and STRIPE_PRICE_ID var. Register routes in ROUTES.

NotificationBell + useNotifications (per-user notifications) and a minimal 1:1 Inbox. Vertical slice: views + worker routes (getNotifications/markRead/markAllRead + sendDm/listConversations/getMessages) + kit_notifications & kit_messaging migrations. Create notifications server-side via createNotification(). Register routes in ROUTES.

Turns a kit web app into an installable Windows desktop app: an Electron main process (window, deep links, license IPC, electron-updater) + a sandboxed preload bridge (window.appDesktop), system-browser Google OAuth completed via a <scheme>://auth-callback deep link, tokenless JWT-bound licensing (desktopLicense worker routes + kit_desktop_licenses migration + a useDesktopLicense context), DesktopGate/DesktopSignIn/FirstRunDialog/UpdateBanner surfaces, a DesktopPage download-and-activate page, and a desktop-publish.mjs release script (pack + upload to GitHub releases for auto-update). Config seams: electron/desktop.config.js (main) and src/lib/desktop/desktop.config.js (renderer) — the deep-link scheme must match in both AND electron-builder.yml. Wiring (see main.js's header for the exact lines): add "main": "electron/main.js" + the desktop:* scripts to package.json, `npm i -D electron electron-builder concurrently wait-on cross-env`, register activateDesktopLicense/checkDesktopLicenseStatus in ROUTES, run the migration. COMPANION: most desktop apps also want the powersync block (offline local-SQLite data layer + sync status pill) — it is a separate block and easy to forget, so when installing desktop, recommend powersync alongside it and ask whether the app needs offline data; skip it only for online-only apps.

Offline-first local SQLite + bidirectional Supabase sync for the Electron desktop app — the web build is untouched because everything goes through a provider-switched data layer: src/db/index.js picks the Supabase provider (web) or the PowerSync provider (desktop) at build time via VITE_PLATFORM, both implementing the TableAccessor contract in types.js. Ships the PowerSyncDatabase singleton (wa-sqlite WASM), a connector using token-reuse auth (fetchCredentials hands PowerSync the live Supabase JWT; uploadData replays the local CRUD queue against Supabase), PowerSyncProvider runtime boot (React.lazy it — a static import drags PowerSync into web bundles) + a navbar SyncStatusPill/useSyncStatus. schema.js is meant to be GENERATED: run scripts/gen-powersync-schema.py against an information_schema dump + powersync/sync_rules.yaml (the checked-in review mirror of the dashboard sync rules) so the client schema and the sync rules can never drift. Example projects/notes schema included — replace via the generator. Requires the desktop block (preload bridge / isElectron).

Installs a Claude Code skill that teaches the AI assistant about armstrong-kit in this app: the full block catalog, install commands, `~/` vs `src/` target convention, wiring rules, and known gotchas. The skill body is auto-generated from registry.json each build, so it never drifts. Install once per app; re-run after the kit gains new blocks.