@alexfalconflores/safe-fetch 1.0.0

package/CHANGELOG.md

@@ -0,0 +1,21 @@
+# Changelog
+
+## [1.0.0] - 2025-04-20
+
+### 🛡️ The Journey Begins: safeFetch Rises
+
+- First stable release of `safeFetch`.
+- Introduces a safer and more expressive wrapper around the native `fetch` API.
+- Full typing for `HeadersType`, `HttpMethod`, `ContentType`, `AuthorizationType`, and other common HTTP headers.
+- Support for:
+  - Fully Promise-based, designed for async/await flow.
+  - Automatic `body` serialization in JSON format if `Content-Type` is `application/json`.
+  - `RequestInitExt` extension that overrides the original type `headers` to use a custom, typed one.
+- `toHeaders()` function:
+  - Converts flat objects to valid `Headers`, ignoring undefined values.
+- `Join(separator, ...args)` function:
+  - Auxiliary utility to concatenate strings/numbers or arrays of these.
+- Types Added
+  - `HttpMethod`: Type support for all standard and custom HTTP methods.
+  - `ContentType`, `AcceptType`, `AuthorizationType`, `CacheControlType`, `UserAgentType`, among other common headers.
+  - `HeadersType`: Extensible object with validations for the most common HTTP request headers.

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Alex Stefano Falcon Flores
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,131 @@
+<h1 align="center">
+    safeFetch
+  <br />
+  <img src="https://github.com/alexfalconflores/safe-fetch/blob/4fd0a9af158b69fa3bab5861ce13c552203845d9/logo.svg" alt="safeFetch logo" width="150"/>
+</h1>
+
+<p align="center">
+  <strong><code>safeFetch</code> is a typed enhancement to the JavaScript <code>fetch</code> method.</strong><br />
+  This function is designed to facilitate the sending of HTTP requests with greater security and typed control over headers, including automatic handling of the body if <code>Content-Type: application/json</code> is specified.
+</p>
+
+---
+
+## 🚀 Installation
+
+```bash
+npm install @alexfalconflores/safe-fetch
+```
+
+✨ Features
+
+- Auto-conversion from body to JSON if Content-Type: application/json is specified
+- Strong typing for HTTP methods, headers and common network values
+- Accepts extended and custom headers
+- Supports standard fetch (can completely replace it)
+
+## 📦 Examples of use
+
+### ⚙️ Basic Example
+
+```ts
+import safeFetch from "@alexfalconflores/safe-fetch";
+
+const response = await safeFetch("/api/users", {
+  method: "POST",
+  headers: {
+    "Content-Type": "application/json",
+    Authorization: "Bearer abc123",
+  },
+  body: { name: "Alex", email: "alex@correo.com" },
+});
+
+const data = await response.json();
+```
+
+### ⚙️ Advanced Example
+
+```ts
+import safeFetch from "@alexfalconflores/safe-fetch";
+
+const response = await safeFetch("/api/users", {
+  method: "POST",
+  headers: {
+    "Content-Type": "application/json",
+    Accept: "application/json",
+    Authorization: "Bearer 123token",
+    "Cache-Control": "no-cache",
+  },
+  body: { name: "Alex", email: "alex@correo.com" },
+});
+
+const data = await response.json();
+```
+
+## 📦 API
+
+`safeFetch(url: string, init?: RequestInitExt): Promise<Response>`
+
+- `url`: Destination URL of the request.
+- `init`: Optional object extending RequestInit, with typed headers.
+
+## 🧩 Extended typing
+
+- `RequestInitExt`
+
+```ts
+interface RequestInitExt extends Omit<RequestInit, "headers"> {
+  method?: HttpMethod;
+  headers?: HeadersType;
+}
+```
+
+- `HttpMethod`
+
+```ts
+type HttpMethod = "GET" | "POST" | "PUT" | "DELETE" | "PATCH" | ...;
+```
+
+- `HeadersType`
+
+```ts
+{
+  "Content-Type"?: ContentType;
+  Authorization?: AuthorizationType;
+  Accept?: AcceptType;
+  ...
+}
+```
+
+Extendable types are included for:
+
+- `AuthorizationType` (Bearer, Basic, ApiKey, etc.)
+- `ContentType` (application/json, text/html, etc.)
+- `AcceptType`
+- `CacheControlType`
+- `AcceptLanguageType`
+- `UserAgentType`, y muchos más.
+
+## 🛠️ Auxiliary function: `Join`
+```ts
+Join("-", "2025", "04", "19"); // "2025-04-19"
+```
+
+## 🧩 Compatibility
+Compatible with environments where fetch is available: modern browsers, Deno and Node.js (v18+ or with polyfill).
+
+## 👤 Autor
+
+Alex Stefano Falcon Flores
+
+- 🐙 GitHub: [alexstefano](https://github.com/alexfalconflores)
+- 💼 LinkedIn: [alexsfalconflores](https://www.linkedin.com/in/alexfalconflores/)
+
+## 📄 License
+
+This project is licensed under the MIT license. See the [LICENSE](./LICENSE) file for more details.
+
+## ⭐ Do you like it?
+
+Give the repo a star to support the project!
+And if you use it in your projects, I'd love to see it! 🎉

package/dist/index.d.mts

@@ -0,0 +1,53 @@
+declare function safeFetch(url: string, init?: RequestInitExt): Promise<Response>;
+
+interface RequestInitExt extends Omit<RequestInit, "headers"> {
+    method?: HttpMethod;
+    headers?: HeadersType;
+}
+declare function Join(separator?: string, ...args: (string | number | (string | number)[])[]): string;
+type HttpMethod = "GET" | "POST" | "PUT" | "DELETE" | "PATCH" | "OPTIONS" | "HEAD" | "CONNECT" | (string & {});
+type ContentType = "application/json" | "application/xml" | "application/x-www-form-urlencoded" | "multipart/form-data" | "text/plain" | "text/html" | "text/css" | "text/javascript" | "text/xml" | "image/png" | "image/jpeg" | "image/gif" | "image/webp" | "audio/mpeg" | "audio/wav" | "video/mp4" | "application/pdf" | "application/msword" | "application/vnd.openxmlformats-officedocument.wordprocessingml.document" | "application/vnd.ms-excel" | "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet" | "application/octet-stream" | "application/javascript" | "application/graphql" | "application/yaml" | "application/zip" | (string & {});
+type AuthorizationType = `Bearer ${string}` | `Basic ${string}` | `Digest ${string}` | `ApiKey ${string}` | `OAuth oauth_consumer_key="${string}", oauth_token="${string}", oauth_signature="${string}"` | `Hawk id="${string}", ts="${string}", nonce="${string}", mac="${string}"` | `AWS4-HMAC-SHA256 Credential=${string}, SignedHeaders=${string}, Signature=${string}` | (string & {});
+type AcceptType = "application/json" | "application/xml" | "text/html" | "text/plain" | "text/css" | "text/javascript" | "image/png" | "image/jpeg" | "image/gif" | "image/webp" | "audio/mpeg" | "audio/ogg" | "video/mp4" | "video/webm" | "multipart/form-data" | "application/x-www-form-urlencoded" | "application/pdf" | "application/vnd.ms-excel" | "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet" | "application/vnd.ms-powerpoint" | "application/vnd.openxmlformats-officedocument.presentationml.presentation" | "application/vnd.ms-word" | "application/vnd.openxmlformats-officedocument.wordprocessingml.document" | "*/*" | `${string}/${string}`;
+type AcceptEncodingType = "gzip" | "compress" | "deflate" | "br" | "identity" | "*" | `${string}`;
+type AcceptLanguageType = "en" | "en-US" | "en-GB" | "es" | "es-ES" | "es-MX" | "fr" | "fr-FR" | "de" | "de-DE" | "it" | "it-IT" | "ja" | "ja-JP" | "zh" | "zh-CN" | "zh-TW" | "ru" | "ru-RU" | "*" | `${string}`;
+type CacheControlType = "no-cache" | "no-store" | "must-revalidate" | "public" | "private" | "max-age=0" | `max-age=${number}` | `s-maxage=${number}` | "proxy-revalidate" | "immutable" | "stale-while-revalidate" | "stale-if-error" | `${string}`;
+type ContentEncodingType = "gzip" | "compress" | "deflate" | "br" | "identity" | "zstd" | `${string}`;
+type ContentLanguageType = "en" | "es" | "fr" | "de" | "it" | "pt" | "zh" | "ja" | "ko" | "ru" | "ar" | "hi" | "nl" | "sv" | "no" | "da" | "fi" | "pl" | "tr" | "cs" | "el" | "he" | "vi" | "th" | "id" | "ms" | string;
+type ETagType = `W/"${string}"` | `"${string}"` | string;
+type HostType = `${string}.${string}` | `${string}.${string}:${number}` | string;
+type OriginType = `${"http" | "https"}://${string}.${string}` | `${"http" | "https"}://${string}.${string}:${number}`;
+type RefererType = `${"http" | "https"}://${string}`;
+type UserAgentType = `Mozilla/5.0 (${string}) AppleWebKit/${string} (KHTML, like Gecko) ${string}` | `curl/${string}` | `PostmanRuntime/${string}` | `okhttp/${string}` | string;
+type AccessControlAllowOriginType = "*" | "null" | `${string}`;
+type AccessControlAllowMethodsType = "*" | HttpMethod | `${HttpMethod}, ${HttpMethod}` | `${HttpMethod}, ${HttpMethod}, ${HttpMethod}` | `${HttpMethod}, ${HttpMethod}, ${HttpMethod}, ${HttpMethod}` | `${HttpMethod}, ${HttpMethod}, ${HttpMethod}, ${HttpMethod}, ${HttpMethod}` | string;
+type AccessControlAllowHeadersType = string;
+type HeadersType = {
+    "Content-Type"?: ContentType;
+    Authorization?: AuthorizationType;
+    Accept?: AcceptType;
+    "Accept-Encoding"?: AcceptEncodingType;
+    "Accept-Language"?: AcceptLanguageType;
+    "Cache-Control"?: CacheControlType;
+    Connection?: "keep-alive" | "close";
+    "Content-Length"?: `${number}`;
+    "Content-Encoding"?: ContentEncodingType;
+    "Content-Language"?: ContentLanguageType;
+    "Content-Disposition"?: string;
+    ETag?: ETagType;
+    Host?: HostType;
+    Origin?: OriginType;
+    Referer?: RefererType;
+    "User-Agent"?: UserAgentType;
+    "Access-Control-Allow-Origin"?: AccessControlAllowOriginType;
+    "Access-Control-Allow-Methods"?: AccessControlAllowMethodsType;
+    "Access-Control-Allow-Headers"?: AccessControlAllowHeadersType;
+    "X-Frame-Options"?: "DENY" | "SAMEORIGIN";
+    "X-XSS-Protection"?: "0" | "1; mode=block";
+    "X-Content-Type-Options"?: "nosniff";
+    "Content-Security-Policy"?: string;
+    "Strict-Transport-Security"?: string;
+    [key: string]: string | undefined;
+};
+
+export { type AcceptEncodingType, type AcceptLanguageType, type AcceptType, type AccessControlAllowHeadersType, type AccessControlAllowMethodsType, type AccessControlAllowOriginType, type AuthorizationType, type CacheControlType, type ContentEncodingType, type ContentLanguageType, type ContentType, type ETagType, type HeadersType, type HostType, type HttpMethod, Join, type OriginType, type RefererType, type RequestInitExt, type UserAgentType, safeFetch as default, safeFetch };

package/dist/index.js

@@ -0,0 +1,110 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getOwnPropSymbols = Object.getOwnPropertySymbols;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __propIsEnum = Object.prototype.propertyIsEnumerable;
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __spreadValues = (a, b) => {
+  for (var prop in b || (b = {}))
+    if (__hasOwnProp.call(b, prop))
+      __defNormalProp(a, prop, b[prop]);
+  if (__getOwnPropSymbols)
+    for (var prop of __getOwnPropSymbols(b)) {
+      if (__propIsEnum.call(b, prop))
+        __defNormalProp(a, prop, b[prop]);
+    }
+  return a;
+};
+var __objRest = (source, exclude) => {
+  var target = {};
+  for (var prop in source)
+    if (__hasOwnProp.call(source, prop) && exclude.indexOf(prop) < 0)
+      target[prop] = source[prop];
+  if (source != null && __getOwnPropSymbols)
+    for (var prop of __getOwnPropSymbols(source)) {
+      if (exclude.indexOf(prop) < 0 && __propIsEnum.call(source, prop))
+        target[prop] = source[prop];
+    }
+  return target;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __async = (__this, __arguments, generator) => {
+  return new Promise((resolve, reject) => {
+    var fulfilled = (value) => {
+      try {
+        step(generator.next(value));
+      } catch (e) {
+        reject(e);
+      }
+    };
+    var rejected = (value) => {
+      try {
+        step(generator.throw(value));
+      } catch (e) {
+        reject(e);
+      }
+    };
+    var step = (x) => x.done ? resolve(x.value) : Promise.resolve(x.value).then(fulfilled, rejected);
+    step((generator = generator.apply(__this, __arguments)).next());
+  });
+};
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  Join: () => Join,
+  default: () => index_default,
+  safeFetch: () => safeFetch
+});
+module.exports = __toCommonJS(index_exports);
+function safeFetch(url, init) {
+  return __async(this, null, function* () {
+    const _a = init || {}, { method = "GET", headers, body } = _a, props = __objRest(_a, ["method", "headers", "body"]);
+    const contentTypeJson = "application/json";
+    let newBody = body;
+    if (body && typeof body === "object" && (headers == null ? void 0 : headers["Content-Type"]) === contentTypeJson) {
+      newBody = JSON.stringify(body);
+    }
+    const response = yield fetch(url, __spreadValues({
+      method,
+      headers: toHeaders(__spreadValues({}, headers)),
+      body: newBody
+    }, props));
+    return response;
+  });
+}
+var index_default = safeFetch;
+function Join(separator = "", ...args) {
+  return args.flat().join(separator);
+}
+var toHeaders = (headers) => {
+  if (headers instanceof Headers) return headers;
+  return new Headers(
+    Object.entries(headers).reduce((acc, [key, value]) => {
+      if (value !== void 0) {
+        acc.push([key, String(value)]);
+      }
+      return acc;
+    }, [])
+  );
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  Join,
+  safeFetch
+});
+//# sourceMappingURL=index.js.map

package/dist/index.mjs

@@ -0,0 +1,87 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropSymbols = Object.getOwnPropertySymbols;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __propIsEnum = Object.prototype.propertyIsEnumerable;
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __spreadValues = (a, b) => {
+  for (var prop in b || (b = {}))
+    if (__hasOwnProp.call(b, prop))
+      __defNormalProp(a, prop, b[prop]);
+  if (__getOwnPropSymbols)
+    for (var prop of __getOwnPropSymbols(b)) {
+      if (__propIsEnum.call(b, prop))
+        __defNormalProp(a, prop, b[prop]);
+    }
+  return a;
+};
+var __objRest = (source, exclude) => {
+  var target = {};
+  for (var prop in source)
+    if (__hasOwnProp.call(source, prop) && exclude.indexOf(prop) < 0)
+      target[prop] = source[prop];
+  if (source != null && __getOwnPropSymbols)
+    for (var prop of __getOwnPropSymbols(source)) {
+      if (exclude.indexOf(prop) < 0 && __propIsEnum.call(source, prop))
+        target[prop] = source[prop];
+    }
+  return target;
+};
+var __async = (__this, __arguments, generator) => {
+  return new Promise((resolve, reject) => {
+    var fulfilled = (value) => {
+      try {
+        step(generator.next(value));
+      } catch (e) {
+        reject(e);
+      }
+    };
+    var rejected = (value) => {
+      try {
+        step(generator.throw(value));
+      } catch (e) {
+        reject(e);
+      }
+    };
+    var step = (x) => x.done ? resolve(x.value) : Promise.resolve(x.value).then(fulfilled, rejected);
+    step((generator = generator.apply(__this, __arguments)).next());
+  });
+};
+
+// src/index.ts
+function safeFetch(url, init) {
+  return __async(this, null, function* () {
+    const _a = init || {}, { method = "GET", headers, body } = _a, props = __objRest(_a, ["method", "headers", "body"]);
+    const contentTypeJson = "application/json";
+    let newBody = body;
+    if (body && typeof body === "object" && (headers == null ? void 0 : headers["Content-Type"]) === contentTypeJson) {
+      newBody = JSON.stringify(body);
+    }
+    const response = yield fetch(url, __spreadValues({
+      method,
+      headers: toHeaders(__spreadValues({}, headers)),
+      body: newBody
+    }, props));
+    return response;
+  });
+}
+var index_default = safeFetch;
+function Join(separator = "", ...args) {
+  return args.flat().join(separator);
+}
+var toHeaders = (headers) => {
+  if (headers instanceof Headers) return headers;
+  return new Headers(
+    Object.entries(headers).reduce((acc, [key, value]) => {
+      if (value !== void 0) {
+        acc.push([key, String(value)]);
+      }
+      return acc;
+    }, [])
+  );
+};
+export {
+  Join,
+  index_default as default,
+  safeFetch
+};
+//# sourceMappingURL=index.mjs.map

package/logo.svg

@@ -0,0 +1,6 @@
+<svg width="32" height="32" viewBox="0 0 32 32" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M3 13C3 11.3431 4.34315 10 6 10H8L9.5 9L10.5 10H17.5L19 9L20 10H22C23.6569 10 25 11.3431 25 13V26C25 27.6569 23.6569 29 22 29H6C4.34315 29 3 27.6569 3 26V13Z" fill="#F9C23C"/>
+<path d="M15.5 19.5002C16.1072 19.0441 16.5 18.3179 16.5 17.5C16.5 16.1193 15.3807 15 14 15C12.6193 15 11.5 16.1193 11.5 17.5C11.5 18.3179 11.8928 19.0441 12.5 19.5002V23C12.5 23.8284 13.1716 24.5 14 24.5C14.8284 24.5 15.5 23.8284 15.5 23V19.5002Z" fill="#433B6B"/>
+<path d="M14 1C10.6863 1 8 3.68629 8 7V10H10.5V7C10.5 5.067 12.067 3.5 14 3.5C15.933 3.5 17.5 5.067 17.5 7V10H20V7C20 3.68629 17.3137 1 14 1Z" fill="#D3D3D3"/>
+<path d="M30 9.5C30 11.4593 28.7478 13.1262 27 13.7439V22.5C27 23.3284 26.3284 24 25.5 24C24.6716 24 24 23.3284 24 22.5L24 20.7458C24 20.5458 24.0785 20.3558 24.2157 20.2258L24.5294 19.9158C24.8236 19.6258 24.8236 19.1558 24.5294 18.8758C24.2353 18.5958 24.2353 18.1258 24.5294 17.8458C24.8236 17.5558 24.8236 17.0858 24.5294 16.8058L24.2157 16.4958C24.0785 16.3558 24 16.1758 24 15.9758L24 13.7439C22.2522 13.1262 21 11.4593 21 9.5C21 7.01472 23.0147 5 25.5 5C27.9853 5 30 7.01472 30 9.5ZM25.5 8C26.0523 8 26.5 7.55228 26.5 7C26.5 6.44772 26.0523 6 25.5 6C24.9477 6 24.5 6.44772 24.5 7C24.5 7.55228 24.9477 8 25.5 8Z" fill="#D3D3D3"/>
+</svg>

package/package.json

@@ -0,0 +1,41 @@
+{
+  "name": "@alexfalconflores/safe-fetch",
+  "version": "1.0.0",
+  "description": "A safe and customizable fetch wrapper for secure HTTP requests.",
+  "main": "dist/index.js",
+  "module": "dist/index.mjs",
+  "types": "dist/index.d.ts",
+  "exports": {
+    "import": "./dist/index.mjs",
+    "require": "./dist/index.js",
+    "types": "./dist/index.d.ts"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/alexfalconflores/safe-fetch.git"
+  },
+  "bugs": {
+    "url": "https://github.com/alexfalconflores/safe-fetch/issues"
+  },
+  "homepage": "https://github.com/alexfalconflores/safe-fetch#readme",
+  "keywords": [
+    "fetch",
+    "http",
+    "secure",
+    "api",
+    "http-client",
+    "request-wrapper"
+  ],
+  "author": "Alex Stefano Falcon Flores",
+  "license": "MIT",
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup src/index.ts --watch --dts",
+    "clean": "rm -rf dist",
+    "publish": "npm publish --access public"
+  },
+  "devDependencies": {
+    "tsup": "^8.4.0",
+    "typescript": "^5.8.3"
+  }
+}

package/src/index.ts

@@ -0,0 +1,277 @@
+export async function safeFetch(
+  url: string,
+  init?: RequestInitExt,
+): Promise<Response> {
+  const { method = "GET", headers, body, ...props } = init || {};
+  const contentTypeJson: ContentType = "application/json";
+  let newBody = body;
+  if (
+    body &&
+    typeof body === "object" &&
+    headers?.["Content-Type"] === contentTypeJson
+  ) {
+    newBody = JSON.stringify(body);
+  }
+
+  const response = await fetch(url, {
+    method,
+    headers: toHeaders({
+      ...headers,
+    }),
+    body: newBody,
+    ...props,
+  });
+  return response;
+}
+
+export default safeFetch;
+
+export interface RequestInitExt extends Omit<RequestInit, "headers"> {
+  method?: HttpMethod;
+  headers?: HeadersType;
+}
+
+export function Join(
+  separator: string = "",
+  ...args: (string | number | (string | number)[])[]
+): string {
+  return args.flat().join(separator);
+}
+
+const toHeaders = (headers: HeadersType | Headers): Headers => {
+  if (headers instanceof Headers) return headers;
+  return new Headers(
+    Object.entries(headers).reduce<[string, string][]>((acc, [key, value]) => {
+      if (value !== undefined) {
+        acc.push([key, String(value)]);
+      }
+      return acc;
+    }, []),
+  );
+};
+
+export type HttpMethod =
+  | "GET"
+  | "POST"
+  | "PUT"
+  | "DELETE"
+  | "PATCH"
+  | "OPTIONS"
+  | "HEAD"
+  | "CONNECT"
+  | (string & {});
+
+export type ContentType =
+  | "application/json"
+  | "application/xml"
+  | "application/x-www-form-urlencoded"
+  | "multipart/form-data"
+  | "text/plain"
+  | "text/html"
+  | "text/css"
+  | "text/javascript"
+  | "text/xml"
+  | "image/png"
+  | "image/jpeg"
+  | "image/gif"
+  | "image/webp"
+  | "audio/mpeg"
+  | "audio/wav"
+  | "video/mp4"
+  | "application/pdf"
+  | "application/msword"
+  | "application/vnd.openxmlformats-officedocument.wordprocessingml.document"
+  | "application/vnd.ms-excel"
+  | "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"
+  | "application/octet-stream"
+  | "application/javascript"
+  | "application/graphql"
+  | "application/yaml"
+  | "application/zip"
+  | (string & {});
+
+export type AuthorizationType =
+  | `Bearer ${string}` // OAuth 2.0, JWT
+  | `Basic ${string}` // Usuario:Contraseña en base64
+  | `Digest ${string}` // Digest Auth con hash
+  | `ApiKey ${string}` // Clave de API
+  | `OAuth oauth_consumer_key="${string}", oauth_token="${string}", oauth_signature="${string}"` // OAuth 1.0
+  | `Hawk id="${string}", ts="${string}", nonce="${string}", mac="${string}"` // Hawk Auth
+  | `AWS4-HMAC-SHA256 Credential=${string}, SignedHeaders=${string}, Signature=${string}` // AWS Signature
+  | (string & {});
+
+export type AcceptType =
+  | "application/json"
+  | "application/xml"
+  | "text/html"
+  | "text/plain"
+  | "text/css"
+  | "text/javascript"
+  | "image/png"
+  | "image/jpeg"
+  | "image/gif"
+  | "image/webp"
+  | "audio/mpeg"
+  | "audio/ogg"
+  | "video/mp4"
+  | "video/webm"
+  | "multipart/form-data"
+  | "application/x-www-form-urlencoded"
+  | "application/pdf"
+  | "application/vnd.ms-excel"
+  | "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"
+  | "application/vnd.ms-powerpoint"
+  | "application/vnd.openxmlformats-officedocument.presentationml.presentation"
+  | "application/vnd.ms-word"
+  | "application/vnd.openxmlformats-officedocument.wordprocessingml.document"
+  | "*/*" // Para aceptar cualquier tipo de contenido
+  | `${string}/${string}`; // Permite valores personalizados
+
+export type AcceptEncodingType =
+  | "gzip"
+  | "compress"
+  | "deflate"
+  | "br" // Brotli, usado en HTTP/2
+  | "identity" // Sin compresión
+  | "*" // Aceptar cualquier codificación
+  | `${string}`; // Permite valores personalizados
+
+export type AcceptLanguageType =
+  | "en" // Inglés
+  | "en-US"
+  | "en-GB"
+  | "es" // Español
+  | "es-ES"
+  | "es-MX"
+  | "fr" // Francés
+  | "fr-FR"
+  | "de" // Alemán
+  | "de-DE"
+  | "it" // Italiano
+  | "it-IT"
+  | "ja" // Japonés
+  | "ja-JP"
+  | "zh" // Chino
+  | "zh-CN"
+  | "zh-TW"
+  | "ru" // Ruso
+  | "ru-RU"
+  | "*" // Aceptar cualquier idioma
+  | `${string}`; // Permite valores personalizados como "pt-BR", "ar-SA", etc.
+
+export type CacheControlType =
+  | "no-cache" // Siempre debe validar en el servidor antes de usar la caché
+  | "no-store" // No almacenar en caché ni en el cliente ni en el servidor
+  | "must-revalidate" // Debe validar en el servidor antes de usar la caché
+  | "public" // Puede ser almacenado en cualquier caché intermedia
+  | "private" // Solo puede ser almacenado en la caché del cliente
+  | "max-age=0" // La respuesta es inmediatamente obsoleta
+  | `max-age=${number}` // Se puede usar hasta cierto número de segundos
+  | `s-maxage=${number}` // Similar a `max-age`, pero solo para cachés compartidas (CDN)
+  | "proxy-revalidate" // Similar a `must-revalidate`, pero para proxies
+  | "immutable" // Indica que la respuesta nunca cambiará (ideal para archivos estáticos)
+  | "stale-while-revalidate" // Permite servir una respuesta caducada mientras se obtiene una nueva en segundo plano
+  | "stale-if-error" // Permite servir una respuesta caducada si hay un error en la solicitud
+  | `${string}`; // Permite valores personalizados.
+
+export type ContentEncodingType =
+  | "gzip"
+  | "compress"
+  | "deflate"
+  | "br"
+  | "identity"
+  | "zstd"
+  | `${string}`; // Nuevo estándar para compresión
+
+export type ContentLanguageType =
+  | "en" // Inglés
+  | "es" // Español
+  | "fr" // Francés
+  | "de" // Alemán
+  | "it" // Italiano
+  | "pt" // Portugués
+  | "zh" // Chino
+  | "ja" // Japonés
+  | "ko" // Coreano
+  | "ru" // Ruso
+  | "ar" // Árabe
+  | "hi" // Hindi
+  | "nl" // Neerlandés
+  | "sv" // Sueco
+  | "no" // Noruego
+  | "da" // Danés
+  | "fi" // Finés
+  | "pl" // Polaco
+  | "tr" // Turco
+  | "cs" // Checo
+  | "el" // Griego
+  | "he" // Hebreo
+  | "vi" // Vietnamita
+  | "th" // Tailandés
+  | "id" // Indonesio
+  | "ms" // Malayo
+  | string; // Permite otros idiomas personalizados
+
+export type ETagType =
+  | `W/"${string}"` // Weak ETag (ejemplo: W/"123456")
+  | `"${string}"` // Strong ETag (ejemplo: "abcdef")
+  | string; // Permitir otros valores dinámicos
+
+export type HostType =
+  | `${string}.${string}`
+  | `${string}.${string}:${number}`
+  | string;
+
+export type OriginType =
+  | `${"http" | "https"}://${string}.${string}`
+  | `${"http" | "https"}://${string}.${string}:${number}`;
+
+export type RefererType = `${"http" | "https"}://${string}`;
+
+export type UserAgentType =
+  | `Mozilla/5.0 (${string}) AppleWebKit/${string} (KHTML, like Gecko) ${string}`
+  | `curl/${string}`
+  | `PostmanRuntime/${string}`
+  | `okhttp/${string}`
+  | string; // Para permitir valores personalizados
+
+export type AccessControlAllowOriginType = "*" | "null" | `${string}`;
+
+export type AccessControlAllowMethodsType =
+  | "*"
+  | HttpMethod
+  | `${HttpMethod}, ${HttpMethod}`
+  | `${HttpMethod}, ${HttpMethod}, ${HttpMethod}`
+  | `${HttpMethod}, ${HttpMethod}, ${HttpMethod}, ${HttpMethod}`
+  | `${HttpMethod}, ${HttpMethod}, ${HttpMethod}, ${HttpMethod}, ${HttpMethod}`
+  | string; // Permite cualquier combinación personalizada
+
+export type AccessControlAllowHeadersType = string; // Mantiene la flexibilidad y evita el error
+
+export type HeadersType = {
+  "Content-Type"?: ContentType;
+  Authorization?: AuthorizationType;
+  Accept?: AcceptType; // Tipos de contenido aceptados
+  "Accept-Encoding"?: AcceptEncodingType; // Métodos de compresión aceptados (gzip, br)
+  "Accept-Language"?: AcceptLanguageType; // Idiomas aceptados (es-ES, en-US)
+  "Cache-Control"?: CacheControlType; // Control de caché (no-cache, max-age=3600)
+  Connection?: "keep-alive" | "close";
+  "Content-Length"?: `${number}`; // Tamaño del cuerpo en bytes
+  "Content-Encoding"?: ContentEncodingType; // Método de codificación (gzip, deflate, br)
+  "Content-Language"?: ContentLanguageType; // Idioma del contenido (es, en, fr)
+  "Content-Disposition"?: string; // Manejo del contenido (attachment; filename="file.pdf")
+  ETag?: ETagType; // Identificador único para cacheo de recursos
+  Host?: HostType; // Nombre del servidor al que se envía la solicitud
+  Origin?: OriginType; // Origen de la solicitud (https://example.com)
+  Referer?: RefererType; // URL de referencia
+  "User-Agent"?: UserAgentType; // Información del navegador o cliente
+  "Access-Control-Allow-Origin"?: AccessControlAllowOriginType; // Permitir acceso desde ciertos dominios (*, https://example.com)
+  "Access-Control-Allow-Methods"?: AccessControlAllowMethodsType; // Métodos permitidos (GET, POST, PUT)
+  "Access-Control-Allow-Headers"?: AccessControlAllowHeadersType; // Headers permitidos en la solicitud
+  "X-Frame-Options"?: "DENY" | "SAMEORIGIN"; // Protección contra Clickjacking
+  "X-XSS-Protection"?: "0" | "1; mode=block"; // Protección contra ataques XSS
+  "X-Content-Type-Options"?: "nosniff"; // Evita detección automática de MIME
+  "Content-Security-Policy"?: string; // Política de seguridad del contenido
+  "Strict-Transport-Security"?: string; // Fuerza el uso de HTTPS
+  [key: string]: string | undefined;
+};

package/step.md

@@ -0,0 +1,4 @@
+- UPDATE VERSION
+- npx tsup
+- npm login
+- npm publish --access public

package/tsconfig.json

@@ -0,0 +1,33 @@
+{
+  "compilerOptions": {
+    "target": "ES2016" /* Compilación a JavaScript ES2016 */,
+    "lib": [
+      "ES2016",
+      "ESNext",
+      "DOM"
+    ] /* Usa características de ES2016 y ESNext */,
+    "module": "NodeNext" /* Usa módulos Node16 para compatibilidad con Node.js 16 */,
+    "moduleResolution": "nodenext" /* Usa la resolución de módulos de Node.js v16 */,
+    "esModuleInterop": true /* Habilita interoperabilidad con módulos CommonJS */,
+    "skipLibCheck": true /* Omitir la verificación de los archivos de declaración */,
+    "forceConsistentCasingInFileNames": true /* Asegurar consistencia en las mayúsculas/minúsculas en los nombres de archivo */,
+    "strict": true /* Habilitar todas las opciones de verificación estricta */,
+    "resolveJsonModule": true /* Permite importar archivos JSON */,
+    "allowSyntheticDefaultImports": true /* Permite importar por defecto incluso si el módulo no tiene un export por defecto */,
+    "skipDefaultLibCheck": true /* Omitir la comprobación de la librería predeterminada */,
+    "outDir": "./dist" /* Directorio de salida para los archivos compilados */,
+    "declaration": true /* Generar archivos .d.ts */,
+    "declarationMap": true /* Generar mapas de declaración */,
+    "sourceMap": true /* Generar mapas fuente para depuración */,
+    "noEmit": false /* No evitar la generación de archivos de salida */,
+    "resolvePackageJsonExports": true /* Usa el campo `exports` en `package.json` cuando resuelvas importaciones */,
+    "paths": {
+      "safe-fetch": ["./node_modules/safe-fetch"]
+    }
+  },
+  "include": ["src/**/*" /* Incluir todos los archivos en la carpeta src */],
+  "exclude": [
+    "node_modules" /* Excluir node_modules */,
+    "dist" /* Excluir el directorio de salida */
+  ]
+}

package/tsup.config.ts

@@ -0,0 +1,10 @@
+import { defineConfig } from "tsup";
+
+export default defineConfig({
+  entry: ["src/index.ts"], // Cambia esto según la ubicación de tu archivo principal
+  format: ["esm", "cjs"], // Formatos de salida (ESM y CommonJS)
+  dts: true, // Genera los archivos de declaración .d.ts
+  sourcemap: true, // Genera mapas de origen
+  clean: true, // Limpia la carpeta de salida antes de generar
+  outDir: "dist", // Carpeta de salida
+});