glashjs
The Postgres-native full-stack framework for builders who want to ship without DevOps. Your real edge is Framework + Hosting + Database + Auth + Deploy.
npx glashjs create my-app cd my-app npm run dev
CSS setup: tailwind / plain / none Postgres by default: yes glashAuth routes: yes SQL runner: yes AI deployment prompts: yes
npm run build npm run deploy # glashjs builds the framework app # glashDB handles env sync, upload, hosting, logs, and live URL
File-based routing with dynamic [param] and catch-all segments, server-side rendering, per-method API routes, file-based middleware, typed route generation, and SEO metadata.
Author pages as JSX components, server-render, then hydrate so hooks work — real interactivity. Hydration is CSP-safe (per-request nonce, no inline scripts). Ships <Image>, <Video>, and <Link> (SPA navigation).
New projects include glashjs/postgres, a checked-in SQL schema, local env files, and SQL runner support so app data starts in Postgres instead of being bolted on later.
The auth helper talks to the real GlashDB auth API with project ID and anon key envs. Starters include signup, signin, and session-aware /api/auth/me routes.
Put trusted server work under routes/api/functions, wrap it with serverFunction(), then call it from hydrated UI.
glashjs deploy builds the app, prepares scripts, and hands off to the GlashDB CLI for upload, env sync, build logs, status tracking, and live URL.
Build-time Brotli/Gzip for SVG/JS/CSS/HTML and AVIF/WebP/AV1 for images & video. The browser decompresses transparently — that's “compress on build, decompress when live,” done correctly.
A generated service worker precaches the app shell + hashed assets into tiny files. Live/streaming data stays network-first, so the site keeps working offline — just without fresh data.
Every build emits an animated tab icon — the bundled glash mark, your own animated SVG/GIF, or cycling frames. It pauses while the tab is hidden.
Ships headers aligned with OWASP and modern web-security baselines — strict CSP (no inline scripts), Subresource Integrity, HSTS, and COOP/COEP/CORP isolation — so security reviews and compliance checks pass out of the box.
Starters include a deployment prompt under .glash/prompts so AI agents review env vars, SQL, build output, large assets, and deploy logs before changing code.
import { glash } from "glashjs/db";
import { sql } from "glashjs/postgres";
import { serverFunction } from "glashjs/server-functions";
const db = glash();
export const POST = serverFunction(async ({ email }) => {
await sql`insert into contacts(email) values (${email}) on conflict do nothing`;
const { data } = await db.from("contacts").select("id,email").eq("email", email);
return { saved: true, contact: data?.[0] ?? null };
});glashjs 0.15.2 · Framework + Hosting + Database + Auth + Deploy · MIT licensed · built by GlashDB