feat: add visibility config field (public/private) to CLI

[base44-os-gremlins]

Note

Description

Adds a visibility field ("public" | "private") to the project config schema, allowing users to control app access directly from base44/config.jsonc. During deploy, if visibility is set, the CLI sends a PATCH request to update the app's public_settings on the server. New projects are now created as private by default instead of public_without_login.

Related Issue

None

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Refactoring (no functional changes)
• Other (please describe):

Changes Made

• Added VisibilitySchema ("public" | "private") and Visibility type to core/project/schema.ts
• Added optional visibility field to ProjectConfigSchema
• Added updateProjectVisibility() API function in core/project/api.ts that PATCHes public_settings on the app endpoint
• Wired visibility sync into deployAll() in core/project/deploy.ts — runs after resources are pushed, before site deploy
• Changed default public_settings for new projects from "public_without_login" to "private"
• Added mockUpdateAppVisibility / mockUpdateAppVisibilityError helpers and PATCH method support to TestAPIServer
• Added tests/fixtures/with-visibility/ fixture project with visibility: "public" config
• Added integration tests in deploy.spec.ts covering: visibility sync success, API error propagation, and no-op when field is omitted
• Added unit tests in project-schema.spec.ts for visibility field validation

Testing

• I have tested these changes locally
• I have added/updated tests as needed
• All tests pass (npm test)

Checklist

• My code follows the project's style guidelines
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation (if applicable)
• My changes generate no new warnings
• I have updated docs/ (AGENTS.md) if I made architectural changes

Additional Notes

The visibility field is optional — omitting it from config is a no-op (no PATCH is sent), so existing projects are unaffected. The mapping between the user-facing "public" / "private" values and the API's public_settings string is encapsulated in VISIBILITY_TO_PUBLIC_SETTINGS in api.ts.

---

_{🤖 Generated by Claude | 2026-03-17 08:17 UTC}

[github-actions]

🚀 Package Preview Available!

---

Install this PR's preview build with npm:

npm i @base44-preview/cli@0.0.45-pr.370.7a9aac7

Prefer not to change any import paths? Install using npm alias so your code still imports base44:

npm i "base44@npm:@base44-preview/cli@0.0.45-pr.370.7a9aac7"

Or add it to your package.json dependencies:

{
  "dependencies": {
    "base44": "npm:@base44-preview/cli@0.0.45-pr.370.7a9aac7"
  }
}

• 📦 Preview Package: @base44-preview/cli@0.0.45-pr.370.7a9aac7
• 🔗 View this commit on GitHub

---

_{Preview published to npm registry — try new features instantly!}

[kfirstri]

Small change for the api.ts,
And I want to also think and take into consideration the link / create commands from a template.. can we have templates that are private by default and not public as default?

[kfirstri]

We don't need to update the readme

[kfirstri]

Use 'getAppClient' to get an app scoped http client, no need to pass the appid arg

[kfirstri]

Maybe we also want to support this somewhere son the create / link commands?
Do we want to support this config in our templates?

[base44-os-gremlins]

Thanks for the review! Changes pushed in 2c6c99b:

Addressed:

• api.ts: removed projectId arg, now uses getAppClient() internally — no more arg passing
• deploy.ts: removed getAppConfig() call (no longer needed), fixed import order for Biome
• schema.ts: fixed inline formatting for Biome formatter
• createProject: changed default public_settings from public_without_login to private (per your question about templates defaulting to private)
• README.md: reverted (removed the config reference table)

On templates/create/link: The createProject default is now private. For explicit visibility support in base44 create or base44 link, that could be a follow-up — happy to add it in this PR or a separate one, whichever you prefer.

[kfirstri]

This needs to be rebased after the monorepo change

[kfirstri]

@netanelgilad you own this?

[netanelgilad]

yes

[netanelgilad]

@claude merge the main branch in and resolve conflicts after the monorepo change

[claude]

Claude finished @netanelgilad's task in 7m 37s —— View job

---

Merged main into feat/visibility-config ✓

The monorepo restructure on main was an orphan commit (completely new git history). The branch was reset to origin/main and all visibility changes were re-applied to the new packages/cli/ paths.

What changed:

• Old paths (src/, tests/) → New paths (packages/cli/src/, packages/cli/tests/)
• Base44APIMock.ts (MSW-based) was replaced by TestAPIServer.ts (Express-based) — adapted mock helpers accordingly
• Added "PATCH" to the Method type in TestAPIServer

Files updated:

File	Change
packages/cli/src/core/project/schema.ts	Added VisibilitySchema + Visibility type
packages/cli/src/core/project/api.ts	Added updateProjectVisibility(), default private
packages/cli/src/core/project/deploy.ts	Calls updateProjectVisibility when visibility set
packages/cli/tests/cli/testkit/TestAPIServer.ts	Added PATCH support + mock helpers
packages/cli/tests/cli/deploy.spec.ts	3 new visibility sync integration tests
packages/cli/tests/core/project-schema.spec.ts	New unit test file (created)
packages/cli/tests/fixtures/with-visibility/	New test fixture (created)

Typecheck passes. Force-pushed to feat/visibility-config.