@adaptic/backend-legacy 0.0.986 → 0.0.987

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/package.json +4 -4
  2. package/server.cjs +42 -1
  3. package/esm/utils/index.d.ts +0 -24
  4. package/esm/utils/index.d.ts.map +0 -1
  5. package/esm/utils/index.js.map +0 -1
  6. package/esm/utils/index.mjs +0 -78
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@adaptic/backend-legacy",
3
- "version": "0.0.986",
3
+ "version": "0.0.987",
4
4
  "description": "Backend executable CRUD functions with dynamic variables construction, and type definitions for the Adaptic AI platform.",
5
5
  "type": "module",
6
6
  "types": "index.d.ts",
@@ -49,9 +49,9 @@
49
49
  "cross-fetch": "^4.0.0"
50
50
  },
51
51
  "devDependencies": {
52
- "prisma": "^5.17.0",
53
- "typegraphql-prisma": "^0.27.2",
54
- "typescript": "^5.6.2"
52
+ "prisma": "^6.19.2",
53
+ "typegraphql-prisma": "^0.28.0",
54
+ "typescript": "^5.9.2"
55
55
  },
56
56
  "engines": {
57
57
  "node": ">=20.0.0"
package/server.cjs CHANGED
@@ -39,6 +39,12 @@ Object.defineProperty(exports, "__esModule", { value: true });
39
39
  require("reflect-metadata");
40
40
  const dotenv_1 = __importDefault(require("dotenv"));
41
41
  dotenv_1.default.config();
42
+ // IMPORTANT: tracing initialization must happen before any other instrumented
43
+ // import is loaded. `initTracing()` is a no-op unless `OTEL_TRACING_ENABLED=true`
44
+ // (or NODE_ENV ∈ {production, staging}), so this remains safe in development.
45
+ // See: src/config/tracing.ts and docs/ENVIRONMENT_SETUP.md.
46
+ const tracing_1 = require("./config/tracing.cjs");
47
+ (0, tracing_1.initTracing)();
42
48
  const express_1 = __importDefault(require("express"));
43
49
  const server_1 = require("@apollo/server");
44
50
  const express4_1 = require("@as-integrations/express4");
@@ -55,10 +61,13 @@ const ws_2 = require("graphql-ws/lib/use/ws");
55
61
  const auth_1 = require("./middleware/auth.cjs");
56
62
  const audit_logger_1 = require("./middleware/audit-logger.cjs");
57
63
  const http_status_mapper_1 = require("./plugins/http-status-mapper.cjs");
64
+ const graphql_validation_plugin_1 = require("./middleware/graphql-validation-plugin.cjs");
65
+ const query_complexity_1 = require("./middleware/query-complexity.cjs");
66
+ const metrics_1 = require("./config/metrics.cjs");
67
+ const persisted_queries_1 = require("./config/persisted-queries.cjs");
58
68
  const prismaClient_1 = __importStar(require("./prismaClient.cjs"));
59
69
  const health_1 = require("./health.cjs");
60
70
  const logger_1 = require("./utils/logger.cjs");
61
- const tracing_1 = require("./config/tracing.cjs");
62
71
  const token_verifier_1 = require("./auth/token-verifier.cjs");
63
72
  /**
64
73
  * Adapt a verified `BackendPrincipal` to the legacy `user` context shape used
@@ -96,13 +105,25 @@ const startServer = async () => {
96
105
  // would surface a per-request `misconfigured` error indefinitely. Refuse to
97
106
  // boot with broken identity configuration.
98
107
  (0, token_verifier_1.assertGoogleAudienceConfiguredForProd)();
108
+ // Prometheus metrics initialization. No-op unless `PROMETHEUS_METRICS_ENABLED`
109
+ // is on (defaults on in production/staging). Registers default Node.js metrics
110
+ // and starts the uptime gauge ticker. See: src/config/metrics.ts.
111
+ (0, metrics_1.initMetrics)();
99
112
  const schema = await (0, type_graphql_1.buildSchema)({
100
113
  resolvers: [...typegraphql_prisma_1.resolvers, custom_1.OptionsGreeksHistoryCustomResolver],
101
114
  validate: false,
102
115
  });
103
116
  const app = (0, express_1.default)();
104
117
  const httpServer = (0, http_1.createServer)(app);
118
+ // HTTP request metrics — must be mounted early to capture every request.
119
+ // The middleware is a no-op when metrics are disabled.
120
+ app.use(metrics_1.metricsMiddleware);
105
121
  app.use('/api', (req, res, next) => (0, auth_1.authMiddleware)(req, res, next));
122
+ // APQ cache: in-memory LRU, gated by `APQ_ENABLED` (default on). The
123
+ // Apollo Server option only accepts a value when a cache is provided;
124
+ // omit the option when APQ is disabled rather than passing `false` so
125
+ // Apollo's default in-memory cache can take over if needed.
126
+ const apqCache = (0, persisted_queries_1.createAPQCache)();
106
127
  const server = new server_1.ApolloServer({
107
128
  schema,
108
129
  introspection: process.env.NODE_ENV !== 'production',
@@ -110,7 +131,20 @@ const startServer = async () => {
110
131
  (0, drainHttpServer_1.ApolloServerPluginDrainHttpServer)({ httpServer }),
111
132
  (0, audit_logger_1.createAuditLogPlugin)(),
112
133
  (0, http_status_mapper_1.createHttpStatusMapperPlugin)(),
134
+ // Validation plugin — runs on `didResolveOperation` and rejects
135
+ // mutations whose input variables fail pattern-based validation
136
+ // (percentages, positive numbers, non-empty strings).
137
+ (0, graphql_validation_plugin_1.createValidationPlugin)(),
138
+ // Query complexity + depth guard. No-op unless
139
+ // `GRAPHQL_COMPLEXITY_ENABLED` is on (defaults on in production /
140
+ // staging). Tunable via `GRAPHQL_MAX_DEPTH`,
141
+ // `GRAPHQL_MAX_COMPLEXITY_AUTH`, `GRAPHQL_MAX_COMPLEXITY_UNAUTH`.
142
+ (0, query_complexity_1.createQueryComplexityPlugin)(schema),
143
+ // GraphQL operation metrics (count, duration, error counts).
144
+ // No-op when metrics are disabled.
145
+ (0, metrics_1.createMetricsPlugin)(),
113
146
  ],
147
+ ...(apqCache && (0, persisted_queries_1.isAPQEnabled)() ? { persistedQueries: { cache: apqCache } } : {}),
114
148
  formatError: (err) => {
115
149
  var _a, _b;
116
150
  const message = err.message || '';
@@ -165,6 +199,13 @@ const startServer = async () => {
165
199
  await server.start();
166
200
  // Health check endpoint - mounted before Apollo middleware so it's not behind GraphQL or auth
167
201
  app.use((0, health_1.createHealthRouter)());
202
+ // Prometheus metrics endpoint — GET /metrics returns metrics in the
203
+ // Prometheus text exposition format. Mounted outside of Apollo and auth
204
+ // so a scraper can pull metrics without a Bearer token. In production
205
+ // this endpoint should be protected via firewall / Cloud Run ingress
206
+ // rules rather than at the application layer. No-op response if
207
+ // `PROMETHEUS_METRICS_ENABLED` is off (the registry is simply empty).
208
+ app.use((0, metrics_1.createMetricsRouter)());
168
209
  // Configure CORS with allowed origins
169
210
  const defaultOrigins = [
170
211
  'http://localhost:3000',
package/esm/utils/index.d.ts DELETED
@@ -1,24 +0,0 @@
1
- /**
2
- * Utils module index
3
- * Re-exports utility functions for CRUD operations
4
- *
5
- * This file provides a utils/index.mjs export path for ESM imports
6
- * from generated CRUD files that import from './utils/index.mjs'
7
- */
8
- /**
9
- * Recursively removes undefined and null properties from an object or array.
10
- *
11
- * This utility is called by generated CRUD functions to clean GraphQL variables
12
- * before passing them to Apollo Client. The input objects contain Prisma-typed
13
- * fields (Date, Decimal, bigint, JsonValue, nested relations, etc.) which cannot
14
- * be enumerated exhaustively. The return value is used as Apollo OperationVariables.
15
- *
16
- * Class instances (Date, Decimal, etc.) are preserved as leaf values — only plain
17
- * objects and arrays are recursed into. This prevents Decimal objects (which have
18
- * no own enumerable keys) from being incorrectly stripped as "empty objects".
19
- *
20
- * We use Record<string, unknown> for the parameter to accept all generated Prisma
21
- * input shapes without needing to enumerate every possible field type.
22
- */
23
- export declare function removeUndefinedProps(obj: Record<string, unknown> | Record<string, unknown>[] | unknown): Record<string, unknown> | undefined;
24
- //# sourceMappingURL=index.d.ts.map
package/esm/utils/index.d.ts.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/utils/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAYH;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,oBAAoB,CAClC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,OAAO,GACjE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,CAuDrC"}
package/esm/utils/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/utils/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH;;;GAGG;AACH,SAAS,aAAa,CAAC,KAAc;IACnC,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IAC9D,MAAM,KAAK,GAAG,MAAM,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IAC3C,OAAO,KAAK,KAAK,MAAM,CAAC,SAAS,IAAI,KAAK,KAAK,IAAI,CAAC;AACtD,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,oBAAoB,CAClC,GAAkE;IAElE,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,GAAG;aACP,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC;aACzC,MAAM,CACL,CAAC,IAAI,EAAE,EAAE,CACP,IAAI,KAAK,SAAS;YAClB,IAAI,KAAK,IAAI;YACb,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CACnB,CAAC;IAC5C,CAAC;SAAM,IAAI,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;QAC9B,MAAM,MAAM,GAAG,GAAG,CAAC;QACnB,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,GAA4B,EAAE,GAAG,EAAE,EAAE;YACtE,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;YAE1B,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBAC1C,IAAI,YAAqB,CAAC;gBAE1B,IAAI,GAAG,KAAK,OAAO,IAAI,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC5C,MAAM,QAAQ,GAAG,KAAK,CAAC;oBACvB,IACE,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC;wBACpD,QAAQ,CAAC,EAAE,KAAK,SAAS,EACzB,CAAC;wBACD,4CAA4C;wBAC5C,YAAY,GAAG;4BACb,EAAE,EAAE,oBAAoB,CAAC,QAAQ,CAAC,EAA6B,CAAC;yBACjE,CAAC;oBACJ,CAAC;yBAAM,CAAC;wBACN,wEAAwE;wBACxE,YAAY,GAAG,oBAAoB,CACjC,KAAgC,CACjC,CAAC;oBACJ,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,8BAA8B;oBAC9B,YAAY,GAAG,oBAAoB,CAAC,KAAgC,CAAC,CAAC;gBACxE,CAAC;gBAED,IACE,YAAY,KAAK,SAAS;oBAC1B,YAAY,KAAK,IAAI;oBACrB,CAAC,CAAC,aAAa,CAAC,YAAY,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,EACtE,CAAC;oBACD,GAAG,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;gBAC1B,CAAC;YACH,CAAC;YAED,OAAO,GAAG,CAAC;QACb,CAAC,EAAE,EAAE,CAAC,CAAC;IACT,CAAC;IAED,OAAO,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI;QACtC,CAAC,CAAE,GAA+B;QAClC,CAAC,CAAC,SAAS,CAAC;AAChB,CAAC"}
package/esm/utils/index.mjs DELETED
@@ -1,78 +0,0 @@
1
- /**
2
- * Utils module index
3
- * Re-exports utility functions for CRUD operations
4
- *
5
- * This file provides a utils/index.mjs export path for ESM imports
6
- * from generated CRUD files that import from './utils/index.mjs'
7
- */
8
- /**
9
- * Check if a value is a plain object (created via {} or new Object()), as opposed
10
- * to a class instance (Date, Decimal, Buffer, etc.) that should be treated as a leaf.
11
- */
12
- function isPlainObject(value) {
13
- if (typeof value !== 'object' || value === null)
14
- return false;
15
- const proto = Object.getPrototypeOf(value);
16
- return proto === Object.prototype || proto === null;
17
- }
18
- /**
19
- * Recursively removes undefined and null properties from an object or array.
20
- *
21
- * This utility is called by generated CRUD functions to clean GraphQL variables
22
- * before passing them to Apollo Client. The input objects contain Prisma-typed
23
- * fields (Date, Decimal, bigint, JsonValue, nested relations, etc.) which cannot
24
- * be enumerated exhaustively. The return value is used as Apollo OperationVariables.
25
- *
26
- * Class instances (Date, Decimal, etc.) are preserved as leaf values — only plain
27
- * objects and arrays are recursed into. This prevents Decimal objects (which have
28
- * no own enumerable keys) from being incorrectly stripped as "empty objects".
29
- *
30
- * We use Record<string, unknown> for the parameter to accept all generated Prisma
31
- * input shapes without needing to enumerate every possible field type.
32
- */
33
- export function removeUndefinedProps(obj) {
34
- if (Array.isArray(obj)) {
35
- return obj
36
- .map((item) => removeUndefinedProps(item))
37
- .filter((item) => item !== undefined &&
38
- item !== null &&
39
- (!isPlainObject(item) || Object.keys(item).length > 0));
40
- }
41
- else if (isPlainObject(obj)) {
42
- const record = obj;
43
- return Object.keys(record).reduce((acc, key) => {
44
- const value = record[key];
45
- if (value !== undefined && value !== null) {
46
- let cleanedValue;
47
- if (key === 'where' && isPlainObject(value)) {
48
- const whereObj = value;
49
- if (Object.prototype.hasOwnProperty.call(whereObj, 'id') &&
50
- whereObj.id !== undefined) {
51
- // Retain only the 'id' field within 'where'
52
- cleanedValue = {
53
- id: removeUndefinedProps(whereObj.id),
54
- };
55
- }
56
- else {
57
- // Process 'where' object normally if 'id' is undefined or doesn't exist
58
- cleanedValue = removeUndefinedProps(value);
59
- }
60
- }
61
- else {
62
- // Process other keys normally
63
- cleanedValue = removeUndefinedProps(value);
64
- }
65
- if (cleanedValue !== undefined &&
66
- cleanedValue !== null &&
67
- (!isPlainObject(cleanedValue) || Object.keys(cleanedValue).length > 0)) {
68
- acc[key] = cleanedValue;
69
- }
70
- }
71
- return acc;
72
- }, {});
73
- }
74
- return obj !== undefined && obj !== null
75
- ? obj
76
- : undefined;
77
- }
78
- //# sourceMappingURL=index.js.map