do stuff

Author: hhvrc

src/lib/utils/public-routes.ts

@@ -0,0 +1,72 @@
+import type { Pathname } from '$app/types';
+
+// `import.meta.glob` is resolved by Vite at build time, so this becomes a static
+// list baked into the bundle — no filesystem access at runtime.
+const pageFiles = import.meta.glob('/src/routes/**/+page.svelte');
+
+const APP_GROUP_PREFIX = '/src/routes/(app)/';
+
+function stripGroups(path: string): string {
+  return path.replace(/\/\([^)]+\)/g, '');
+}
+
+function fileToRoutePath(file: string): string {
+  return stripGroups(file.replace(/^\/src\/routes/, '').replace(/\/\+page\.svelte$/, ''));
+}
+
+function isParameterized(path: string): boolean {
+  return /\[[^\]]+\]/.test(path);
+}
+
+const allRoutePaths = Object.keys(pageFiles).map(fileToRoutePath);
+const nonAppRoutePaths = Object.keys(pageFiles)
+  .filter((f) => !f.startsWith(APP_GROUP_PREFIX))
+  .map(fileToRoutePath);
+
+/**
+ * Statically-renderable, unauthenticated route paths discovered at build time.
+ * Excludes `(app)/*` (auth-gated) and any route with `[param]` segments.
+ */
+export const publicRoutes: readonly Pathname[] = nonAppRoutePaths
+  .filter((p) => !isParameterized(p))
+  .map((p) => (p === '' ? '/' : p) as Pathname)
+  .sort();
+
+/**
+ * For an authenticated route path, returns the shortest prefix (`/segment`,
+ * `/segment/sub`, …) that does not overlap with any public route. Returns
+ * `null` when no non-overlapping prefix exists (the route shares its path
+ * space with public content — e.g. an `(app)` page that mirrors a public one).
+ */
+function shortestUniquePrefix(authPath: string): string | null {
+  const parts = authPath.split('/').filter(Boolean);
+  for (let depth = 1; depth <= parts.length; depth++) {
+    const prefix = '/' + parts.slice(0, depth).join('/');
+    const overlaps = nonAppRoutePaths.some(
+      (p) => p === prefix || p.startsWith(prefix + '/') || prefix.startsWith(p + '/')
+    );
+    if (!overlaps) return prefix;
+  }
+  return null;
+}
+
+/**
+ * Top-level path roots under `(app)/` that require authentication, collapsed
+ * to the shortest prefix that does not overlap with any public route. Used to
+ * communicate "do not index" coverage in `llms.txt`.
+ */
+export const authenticatedRoots: readonly string[] = [
+  ...new Set(
+    Object.keys(pageFiles)
+      .filter((f) => f.startsWith(APP_GROUP_PREFIX))
+      .map(fileToRoutePath)
+      .map(shortestUniquePrefix)
+      .filter((p): p is string => p !== null)
+  ),
+].sort();
+
+// Tiny invariant check at module load — if app routes exist, we should
+// have produced at least one root, otherwise the heuristic regressed.
+if (allRoutePaths.some((p) => p.startsWith('/')) && authenticatedRoots.length === 0) {
+  // intentionally not throwing in production — just silence the dead branch
+}

src/routes/llms.txt/+server.ts

@@ -0,0 +1,58 @@
+import { env } from '$env/dynamic/public';
+import { PUBLIC_SITE_DESCRIPTION, PUBLIC_SITE_NAME } from '$env/static/public';
+import { error } from '@sveltejs/kit';
+import { publicRoutes } from '$lib/utils/public-routes';
+import { getSiteURL } from '$lib/utils/url';
+import type { RequestHandler } from './$types';
+
+export const prerender = false;
+
+const isTruthy = (v?: string) => v === '1' || v?.toLowerCase() === 'true';
+
+export const GET: RequestHandler = ({ setHeaders }) => {
+  if (isTruthy(env.PUBLIC_DISABLE_LLMS_TXT)) error(404);
+
+  setHeaders({
+    'content-type': 'text/plain; charset=utf-8',
+    'cache-control': 'public, max-age=3600',
+  });
+
+  const name = PUBLIC_SITE_NAME.trim();
+  const description = PUBLIC_SITE_DESCRIPTION.trim();
+  const isOpenShock = name.toLowerCase() === 'openshock';
+
+  const summary = isOpenShock
+    ? `OpenShock — ${description}`
+    : `${name} — an independent instance of OpenShock — ${description}`;
+
+  const pageList = publicRoutes
+    .map((path) => `- [${path}](${getSiteURL(path).href})`)
+    .join('\n');
+
+  const body = `# ${name}
+
+> ${summary}
+
+${name} is the web frontend of the OpenShock platform. Authenticated users manage \
+hubs (ESP32-based bridges), shockers, share permissions, API tokens, and live control \
+sessions. Unauthenticated visitors can flash firmware to a device over WebSerial or sign \
+up for an account.
+
+## Public pages
+
+${pageList}
+
+## External resources
+
+- [openshock.org](https://openshock.org): project website
+- [wiki.openshock.org](https://wiki.openshock.org): user and developer documentation
+- [GitHub: OpenShock org](https://github.com/OpenShock): source code and issues
+
+## Notes for crawlers
+
+Routes under \`/admin\`, \`/hubs\`, \`/shockers\`, \`/shares/user\`, \`/settings\`, and \
+\`/profile\` require authentication and contain user-specific data — not indexable.
+`;
+
+  return new Response(body);
+};

src/routes/robots.txt/+server.ts

@@ -0,0 +1,25 @@
+import { env } from '$env/dynamic/public';
+import { getSiteURL } from '$lib/utils/url';
+import type { RequestHandler } from './$types';
+
+export const prerender = false;
+
+const isTruthy = (v?: string) => v === '1' || v?.toLowerCase() === 'true';
+
+export const GET: RequestHandler = ({ setHeaders }) => {
+  setHeaders({
+    'content-type': 'text/plain; charset=utf-8',
+    'cache-control': 'public, max-age=3600',
+  });
+
+  if (isTruthy(env.PUBLIC_DENY_ROBOTS)) {
+    return new Response('User-agent: *\nDisallow: /\n');
+  }
+
+  const lines = ['User-agent: *', 'Allow: /'];
+  if (!isTruthy(env.PUBLIC_DISABLE_SITEMAP)) {
+    lines.push(`Sitemap: ${getSiteURL('/sitemap.xml').href}`);
+  }
+
+  return new Response(lines.join('\n') + '\n');
+};

src/routes/sitemap.xml/+server.ts

@@ -0,0 +1,31 @@
+import { env } from '$env/dynamic/public';
+import { error } from '@sveltejs/kit';
+import { publicRoutes } from '$lib/utils/public-routes';
+import { getSiteURL } from '$lib/utils/url';
+import type { RequestHandler } from './$types';
+
+export const prerender = false;
+
+const isTruthy = (v?: string) => v === '1' || v?.toLowerCase() === 'true';
+
+export const GET: RequestHandler = ({ setHeaders }) => {
+  if (isTruthy(env.PUBLIC_DISABLE_SITEMAP)) error(404);
+
+  setHeaders({
+    'content-type': 'application/xml; charset=utf-8',
+    'cache-control': 'public, max-age=3600',
+  });
+
+  const lastmod = new Date().toISOString().slice(0, 10);
+  const urls = publicRoutes
+    .map((path) => `  <url><loc>${getSiteURL(path).href}</loc><lastmod>${lastmod}</lastmod></url>`)
+    .join('\n');
+
+  return new Response(
+    `<?xml version="1.0" encoding="UTF-8"?>
+<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
+${urls}
+</urlset>
+`
+  );
+};