npm - @beignet/core - Versions diffs - 0.0.1 - Mend

@beignet/core 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (331) hide show

package/CHANGELOG.md +5 -0
package/README.md +288 -0
package/dist/application/index.d.ts +260 -0
package/dist/application/index.d.ts.map +1 -0
package/dist/application/index.js +324 -0
package/dist/application/index.js.map +1 -0
package/dist/client/client.d.ts +241 -0
package/dist/client/client.d.ts.map +1 -0
package/dist/client/client.js +531 -0
package/dist/client/client.js.map +1 -0
package/dist/client/index.d.ts +10 -0
package/dist/client/index.d.ts.map +1 -0
package/dist/client/index.js +8 -0
package/dist/client/index.js.map +1 -0
package/dist/client/types.d.ts +139 -0
package/dist/client/types.d.ts.map +1 -0
package/dist/client/types.js +2 -0
package/dist/client/types.js.map +1 -0
package/dist/config/index.d.ts +122 -0
package/dist/config/index.d.ts.map +1 -0
package/dist/config/index.js +216 -0
package/dist/config/index.js.map +1 -0
package/dist/contracts/contract-builder.d.ts +121 -0
package/dist/contracts/contract-builder.d.ts.map +1 -0
package/dist/contracts/contract-builder.js +346 -0
package/dist/contracts/contract-builder.js.map +1 -0
package/dist/contracts/contract-group.d.ts +106 -0
package/dist/contracts/contract-group.d.ts.map +1 -0
package/dist/contracts/contract-group.js +240 -0
package/dist/contracts/contract-group.js.map +1 -0
package/dist/contracts/contract-like.d.ts +21 -0
package/dist/contracts/contract-like.d.ts.map +1 -0
package/dist/contracts/contract-like.js +9 -0
package/dist/contracts/contract-like.js.map +1 -0
package/dist/contracts/index.d.ts +15 -0
package/dist/contracts/index.d.ts.map +1 -0
package/dist/contracts/index.js +11 -0
package/dist/contracts/index.js.map +1 -0
package/dist/contracts/openapi-meta.d.ts +23 -0
package/dist/contracts/openapi-meta.d.ts.map +1 -0
package/dist/contracts/openapi-meta.js +2 -0
package/dist/contracts/openapi-meta.js.map +1 -0
package/dist/contracts/path-template.d.ts +17 -0
package/dist/contracts/path-template.d.ts.map +1 -0
package/dist/contracts/path-template.js +50 -0
package/dist/contracts/path-template.js.map +1 -0
package/dist/contracts/rate-limit.d.ts +50 -0
package/dist/contracts/rate-limit.d.ts.map +1 -0
package/dist/contracts/rate-limit.js +2 -0
package/dist/contracts/rate-limit.js.map +1 -0
package/dist/contracts/types.d.ts +97 -0
package/dist/contracts/types.d.ts.map +1 -0
package/dist/contracts/types.js +54 -0
package/dist/contracts/types.js.map +1 -0
package/dist/contracts/utils.d.ts +3 -0
package/dist/contracts/utils.d.ts.map +1 -0
package/dist/contracts/utils.js +44 -0
package/dist/contracts/utils.js.map +1 -0
package/dist/domain/entity.d.ts +87 -0
package/dist/domain/entity.d.ts.map +1 -0
package/dist/domain/entity.js +155 -0
package/dist/domain/entity.js.map +1 -0
package/dist/domain/events.d.ts +41 -0
package/dist/domain/events.d.ts.map +1 -0
package/dist/domain/events.js +21 -0
package/dist/domain/events.js.map +1 -0
package/dist/domain/index.d.ts +14 -0
package/dist/domain/index.d.ts.map +1 -0
package/dist/domain/index.js +14 -0
package/dist/domain/index.js.map +1 -0
package/dist/domain/value-object.d.ts +60 -0
package/dist/domain/value-object.d.ts.map +1 -0
package/dist/domain/value-object.js +87 -0
package/dist/domain/value-object.js.map +1 -0
package/dist/errors/catalog.d.ts +71 -0
package/dist/errors/catalog.d.ts.map +1 -0
package/dist/errors/catalog.js +71 -0
package/dist/errors/catalog.js.map +1 -0
package/dist/errors/http.d.ts +77 -0
package/dist/errors/http.d.ts.map +1 -0
package/dist/errors/http.js +74 -0
package/dist/errors/http.js.map +1 -0
package/dist/errors/index.d.ts +10 -0
package/dist/errors/index.d.ts.map +1 -0
package/dist/errors/index.js +14 -0
package/dist/errors/index.js.map +1 -0
package/dist/errors/response.d.ts +26 -0
package/dist/errors/response.d.ts.map +1 -0
package/dist/errors/response.js +34 -0
package/dist/errors/response.js.map +1 -0
package/dist/errors/validation.d.ts +18 -0
package/dist/errors/validation.d.ts.map +1 -0
package/dist/errors/validation.js +21 -0
package/dist/errors/validation.js.map +1 -0
package/dist/events/index.d.ts +58 -0
package/dist/events/index.d.ts.map +1 -0
package/dist/events/index.js +102 -0
package/dist/events/index.js.map +1 -0
package/dist/jobs/index.d.ts +56 -0
package/dist/jobs/index.d.ts.map +1 -0
package/dist/jobs/index.js +89 -0
package/dist/jobs/index.js.map +1 -0
package/dist/mail/index.d.ts +75 -0
package/dist/mail/index.d.ts.map +1 -0
package/dist/mail/index.js +84 -0
package/dist/mail/index.js.map +1 -0
package/dist/openapi/index.d.ts +207 -0
package/dist/openapi/index.d.ts.map +1 -0
package/dist/openapi/index.js +449 -0
package/dist/openapi/index.js.map +1 -0
package/dist/openapi/schema-introspector.d.ts +38 -0
package/dist/openapi/schema-introspector.d.ts.map +1 -0
package/dist/openapi/schema-introspector.js +67 -0
package/dist/openapi/schema-introspector.js.map +1 -0
package/dist/ports/audit.d.ts +58 -0
package/dist/ports/audit.d.ts.map +1 -0
package/dist/ports/audit.js +74 -0
package/dist/ports/audit.js.map +1 -0
package/dist/ports/auth.d.ts +23 -0
package/dist/ports/auth.d.ts.map +1 -0
package/dist/ports/auth.js +31 -0
package/dist/ports/auth.js.map +1 -0
package/dist/ports/builder.d.ts +61 -0
package/dist/ports/builder.d.ts.map +1 -0
package/dist/ports/builder.js +48 -0
package/dist/ports/builder.js.map +1 -0
package/dist/ports/cache.d.ts +15 -0
package/dist/ports/cache.d.ts.map +1 -0
package/dist/ports/cache.js +57 -0
package/dist/ports/cache.js.map +1 -0
package/dist/ports/clock.d.ts +10 -0
package/dist/ports/clock.d.ts.map +1 -0
package/dist/ports/clock.js +21 -0
package/dist/ports/clock.js.map +1 -0
package/dist/ports/events.d.ts +71 -0
package/dist/ports/events.d.ts.map +1 -0
package/dist/ports/events.js +2 -0
package/dist/ports/events.js.map +1 -0
package/dist/ports/id-generator.d.ts +12 -0
package/dist/ports/id-generator.d.ts.map +1 -0
package/dist/ports/id-generator.js +22 -0
package/dist/ports/id-generator.js.map +1 -0
package/dist/ports/index.d.ts +98 -0
package/dist/ports/index.d.ts.map +1 -0
package/dist/ports/index.js +67 -0
package/dist/ports/index.js.map +1 -0
package/dist/ports/logger.d.ts +22 -0
package/dist/ports/logger.d.ts.map +1 -0
package/dist/ports/logger.js +34 -0
package/dist/ports/logger.js.map +1 -0
package/dist/ports/mailer.d.ts +6 -0
package/dist/ports/mailer.d.ts.map +1 -0
package/dist/ports/mailer.js +2 -0
package/dist/ports/mailer.js.map +1 -0
package/dist/ports/policy.d.ts +53 -0
package/dist/ports/policy.d.ts.map +1 -0
package/dist/ports/policy.js +81 -0
package/dist/ports/policy.js.map +1 -0
package/dist/ports/rate-limit.d.ts +41 -0
package/dist/ports/rate-limit.d.ts.map +1 -0
package/dist/ports/rate-limit.js +37 -0
package/dist/ports/rate-limit.js.map +1 -0
package/dist/ports/redaction.d.ts +26 -0
package/dist/ports/redaction.d.ts.map +1 -0
package/dist/ports/redaction.js +126 -0
package/dist/ports/redaction.js.map +1 -0
package/dist/ports/schedules.d.ts +9 -0
package/dist/ports/schedules.d.ts.map +1 -0
package/dist/ports/schedules.js +2 -0
package/dist/ports/schedules.js.map +1 -0
package/dist/ports/storage.d.ts +47 -0
package/dist/ports/storage.d.ts.map +1 -0
package/dist/ports/storage.js +185 -0
package/dist/ports/storage.js.map +1 -0
package/dist/ports/testing.d.ts +73 -0
package/dist/ports/testing.d.ts.map +1 -0
package/dist/ports/testing.js +105 -0
package/dist/ports/testing.js.map +1 -0
package/dist/ports/unit-of-work.d.ts +56 -0
package/dist/ports/unit-of-work.d.ts.map +1 -0
package/dist/ports/unit-of-work.js +64 -0
package/dist/ports/unit-of-work.js.map +1 -0
package/dist/providers/index.d.ts +8 -0
package/dist/providers/index.d.ts.map +1 -0
package/dist/providers/index.js +8 -0
package/dist/providers/index.js.map +1 -0
package/dist/providers/instrumentation.d.ts +91 -0
package/dist/providers/instrumentation.d.ts.map +1 -0
package/dist/providers/instrumentation.js +93 -0
package/dist/providers/instrumentation.js.map +1 -0
package/dist/providers/provider.d.ts +146 -0
package/dist/providers/provider.d.ts.map +1 -0
package/dist/providers/provider.js +31 -0
package/dist/providers/provider.js.map +1 -0
package/dist/schedules/index.d.ts +105 -0
package/dist/schedules/index.d.ts.map +1 -0
package/dist/schedules/index.js +178 -0
package/dist/schedules/index.js.map +1 -0
package/dist/server/contract-like.d.ts +5 -0
package/dist/server/contract-like.d.ts.map +1 -0
package/dist/server/contract-like.js +5 -0
package/dist/server/contract-like.js.map +1 -0
package/dist/server/health.d.ts +41 -0
package/dist/server/health.d.ts.map +1 -0
package/dist/server/health.js +46 -0
package/dist/server/health.js.map +1 -0
package/dist/server/hooks/auth.d.ts +42 -0
package/dist/server/hooks/auth.d.ts.map +1 -0
package/dist/server/hooks/auth.js +61 -0
package/dist/server/hooks/auth.js.map +1 -0
package/dist/server/hooks/cors.d.ts +13 -0
package/dist/server/hooks/cors.d.ts.map +1 -0
package/dist/server/hooks/cors.js +70 -0
package/dist/server/hooks/cors.js.map +1 -0
package/dist/server/hooks/errors.d.ts +66 -0
package/dist/server/hooks/errors.d.ts.map +1 -0
package/dist/server/hooks/errors.js +83 -0
package/dist/server/hooks/errors.js.map +1 -0
package/dist/server/hooks/index.d.ts +12 -0
package/dist/server/hooks/index.d.ts.map +1 -0
package/dist/server/hooks/index.js +12 -0
package/dist/server/hooks/index.js.map +1 -0
package/dist/server/hooks/logging.d.ts +33 -0
package/dist/server/hooks/logging.d.ts.map +1 -0
package/dist/server/hooks/logging.js +90 -0
package/dist/server/hooks/logging.js.map +1 -0
package/dist/server/hooks/rate-limit.d.ts +29 -0
package/dist/server/hooks/rate-limit.d.ts.map +1 -0
package/dist/server/hooks/rate-limit.js +93 -0
package/dist/server/hooks/rate-limit.js.map +1 -0
package/dist/server/hooks/utils.d.ts +9 -0
package/dist/server/hooks/utils.d.ts.map +1 -0
package/dist/server/hooks/utils.js +16 -0
package/dist/server/hooks/utils.js.map +1 -0
package/dist/server/hooks.d.ts +2 -0
package/dist/server/hooks.d.ts.map +1 -0
package/dist/server/hooks.js +2 -0
package/dist/server/hooks.js.map +1 -0
package/dist/server/http.d.ts +124 -0
package/dist/server/http.d.ts.map +1 -0
package/dist/server/http.js +2 -0
package/dist/server/http.js.map +1 -0
package/dist/server/index.d.ts +19 -0
package/dist/server/index.d.ts.map +1 -0
package/dist/server/index.js +15 -0
package/dist/server/index.js.map +1 -0
package/dist/server/openapi.d.ts +32 -0
package/dist/server/openapi.d.ts.map +1 -0
package/dist/server/openapi.js +43 -0
package/dist/server/openapi.js.map +1 -0
package/dist/server/providers/index.d.ts +4 -0
package/dist/server/providers/index.d.ts.map +1 -0
package/dist/server/providers/index.js +4 -0
package/dist/server/providers/index.js.map +1 -0
package/dist/server/providers/loadProviderConfig.d.ts +7 -0
package/dist/server/providers/loadProviderConfig.d.ts.map +1 -0
package/dist/server/providers/loadProviderConfig.js +42 -0
package/dist/server/providers/loadProviderConfig.js.map +1 -0
package/dist/server/server.d.ts +86 -0
package/dist/server/server.d.ts.map +1 -0
package/dist/server/server.js +1031 -0
package/dist/server/server.js.map +1 -0
package/dist/server/types.d.ts +3 -0
package/dist/server/types.d.ts.map +1 -0
package/dist/server/types.js +3 -0
package/dist/server/types.js.map +1 -0
package/package.json +129 -0
package/src/application/index.ts +747 -0
package/src/client/client.ts +1105 -0
package/src/client/index.ts +45 -0
package/src/client/types.ts +305 -0
package/src/config/index.ts +497 -0
package/src/contracts/contract-builder.ts +583 -0
package/src/contracts/contract-group.ts +502 -0
package/src/contracts/contract-like.ts +29 -0
package/src/contracts/index.ts +53 -0
package/src/contracts/openapi-meta.ts +22 -0
package/src/contracts/path-template.ts +91 -0
package/src/contracts/rate-limit.ts +50 -0
package/src/contracts/types.ts +207 -0
package/src/contracts/utils.ts +56 -0
package/src/domain/entity.ts +256 -0
package/src/domain/events.ts +52 -0
package/src/domain/index.ts +18 -0
package/src/domain/value-object.ts +135 -0
package/src/errors/catalog.ts +149 -0
package/src/errors/http.ts +80 -0
package/src/errors/index.ts +28 -0
package/src/errors/response.ts +54 -0
package/src/errors/validation.ts +35 -0
package/src/events/index.ts +246 -0
package/src/jobs/index.ts +211 -0
package/src/mail/index.ts +177 -0
package/src/openapi/index.ts +865 -0
package/src/openapi/schema-introspector.ts +107 -0
package/src/ports/audit.ts +176 -0
package/src/ports/auth.ts +76 -0
package/src/ports/builder.ts +97 -0
package/src/ports/cache.ts +94 -0
package/src/ports/clock.ts +34 -0
package/src/ports/events.ts +100 -0
package/src/ports/id-generator.ts +36 -0
package/src/ports/index.ts +221 -0
package/src/ports/logger.ts +67 -0
package/src/ports/policy.ts +242 -0
package/src/ports/rate-limit.ts +91 -0
package/src/ports/redaction.ts +199 -0
package/src/ports/storage.ts +282 -0
package/src/ports/testing.ts +234 -0
package/src/ports/unit-of-work.ts +134 -0
package/src/providers/index.ts +40 -0
package/src/providers/instrumentation.ts +248 -0
package/src/providers/provider.ts +191 -0
package/src/schedules/index.ts +442 -0
package/src/server/contract-like.ts +8 -0
package/src/server/health.ts +82 -0
package/src/server/hooks/auth.ts +147 -0
package/src/server/hooks/cors.ts +87 -0
package/src/server/hooks/errors.ts +126 -0
package/src/server/hooks/index.ts +43 -0
package/src/server/hooks/logging.ts +121 -0
package/src/server/hooks/rate-limit.ts +171 -0
package/src/server/hooks/utils.ts +16 -0
package/src/server/hooks.ts +1 -0
package/src/server/http.ts +189 -0
package/src/server/index.ts +35 -0
package/src/server/openapi.ts +72 -0
package/src/server/providers/index.ts +3 -0
package/src/server/providers/loadProviderConfig.ts +72 -0
package/src/server/server.ts +1521 -0
package/src/server/types.ts +2 -0

package/src/ports/redaction.ts ADDED Viewed

@@ -0,0 +1,199 @@
+export const DEFAULT_REDACTED_VALUE = "[redacted]";
+export const DEFAULT_TRUNCATED_VALUE = "[truncated]";
+export const DEFAULT_CIRCULAR_VALUE = "[circular]";
+export const DEFAULT_SENSITIVE_KEYS = [
+  "authorization",
+  "cookie",
+  "set-cookie",
+  "x-api-key",
+  "api-key",
+  "apikey",
+  "access-token",
+  "refresh-token",
+  "credentials",
+] as const;
+export const DEFAULT_SENSITIVE_KEY_TERMS = [
+  "token",
+  "password",
+  "secret",
+  "credential",
+  "private-key",
+  "privatekey",
+] as const;
+export interface RedactionDecisionContext {
+  key: string;
+  path: readonly string[];
+  value: unknown;
+}
+export interface RedactionOptions {
+  replacement?: string;
+  truncatedValue?: string;
+  circularValue?: string;
+  maxDepth?: number;
+  sensitiveKeys?: readonly string[];
+  sensitiveKeyTerms?: readonly string[];
+  shouldRedactKey?: (context: RedactionDecisionContext) => boolean;
+}
+export type Redactor<T = unknown> = (value: T) => T;
+export type RedactableHeaders =
+  | Headers
+  | Iterable<readonly [string, unknown]>
+  | Record<string, unknown>;
+function normalizeKey(key: string): string {
+  return key.toLowerCase();
+}
+export function isSensitiveKey(
+  key: string,
+  options: RedactionOptions = {},
+  context?: Omit<RedactionDecisionContext, "key">,
+): boolean {
+  const normalized = normalizeKey(key);
+  const exactKeys = new Set(
+    [...DEFAULT_SENSITIVE_KEYS, ...(options.sensitiveKeys ?? [])].map(
+      normalizeKey,
+    ),
+  );
+  if (exactKeys.has(normalized)) return true;
+  const terms = [
+    ...DEFAULT_SENSITIVE_KEY_TERMS,
+    ...(options.sensitiveKeyTerms ?? []),
+  ].map(normalizeKey);
+  if (terms.some((term) => normalized.includes(term))) return true;
+  return (
+    options.shouldRedactKey?.({
+      key,
+      path: context?.path ?? [],
+      value: context?.value,
+    }) ?? false
+  );
+}
+function redactUnknown(
+  value: unknown,
+  options: RedactionOptions,
+  path: readonly string[],
+  seen: WeakSet<object>,
+): unknown {
+  const maxDepth = options.maxDepth ?? 6;
+  if (path.length > maxDepth) {
+    return options.truncatedValue ?? DEFAULT_TRUNCATED_VALUE;
+  }
+  if (value === null || value === undefined) return value;
+  const valueType = typeof value;
+  if (
+    valueType === "string" ||
+    valueType === "number" ||
+    valueType === "boolean"
+  ) {
+    return value;
+  }
+  if (valueType === "bigint") {
+    return value.toString();
+  }
+  if (value instanceof Date) {
+    return value;
+  }
+  if (value instanceof Error) {
+    return {
+      name: value.name,
+      message: value.message,
+      stack: value.stack,
+    };
+  }
+  if (valueType !== "object") {
+    return String(value);
+  }
+  const objectValue = value as object;
+  if (seen.has(objectValue)) {
+    return options.circularValue ?? DEFAULT_CIRCULAR_VALUE;
+  }
+  seen.add(objectValue);
+  if (Array.isArray(value)) {
+    const output = value.map((item, index) =>
+      redactUnknown(item, options, [...path, String(index)], seen),
+    );
+    seen.delete(objectValue);
+    return output;
+  }
+  const output: Record<string, unknown> = {};
+  for (const [key, nestedValue] of Object.entries(value)) {
+    output[key] = isSensitiveKey(key, options, {
+      path: [...path, key],
+      value: nestedValue,
+    })
+      ? (options.replacement ?? DEFAULT_REDACTED_VALUE)
+      : redactUnknown(nestedValue, options, [...path, key], seen);
+  }
+  seen.delete(objectValue);
+  return output;
+}
+export function redactValue<T = unknown>(
+  value: T,
+  options: RedactionOptions = {},
+): T {
+  return redactUnknown(value, options, [], new WeakSet()) as T;
+}
+function headerEntries(
+  headers: RedactableHeaders,
+): Iterable<readonly [string, unknown]> {
+  if (typeof Headers !== "undefined" && headers instanceof Headers) {
+    const entries: Array<readonly [string, unknown]> = [];
+    headers.forEach((value, key) => {
+      entries.push([key, value]);
+    });
+    return entries;
+  }
+  if (
+    typeof (headers as { [Symbol.iterator]?: unknown })[Symbol.iterator] ===
+    "function"
+  ) {
+    return headers as Iterable<readonly [string, unknown]>;
+  }
+  return Object.entries(headers);
+}
+export function redactHeaders(
+  headers: RedactableHeaders,
+  options: RedactionOptions = {},
+): Record<string, unknown> {
+  const output: Record<string, unknown> = {};
+  for (const [key, value] of headerEntries(headers)) {
+    output[key] = isSensitiveKey(key, options, {
+      path: [key],
+      value,
+    })
+      ? (options.replacement ?? DEFAULT_REDACTED_VALUE)
+      : redactValue(value, options);
+  }
+  return output;
+}
+export function createRedactor<T = unknown>(
+  options: RedactionOptions = {},
+): Redactor<T> {
+  return (value) => redactValue(value, options);
+}

package/src/ports/storage.ts ADDED Viewed

@@ -0,0 +1,282 @@
+export type StorageVisibility = "private" | "public";
+export type StorageMetadata = Record<string, string>;
+export type StorageBody =
+  | string
+  | ArrayBuffer
+  | Uint8Array
+  | Blob
+  | ReadableStream<Uint8Array>;
+export interface StoragePutOptions {
+  contentType?: string;
+  cacheControl?: string;
+  metadata?: StorageMetadata;
+  visibility?: StorageVisibility;
+}
+export interface StorageObject {
+  key: string;
+  size: number;
+  contentType?: string;
+  cacheControl?: string;
+  metadata: StorageMetadata;
+  visibility: StorageVisibility;
+  lastModified: Date;
+}
+export interface StorageObjectBody extends StorageObject {
+  /**
+   * Whether this object body has already been consumed. Like Fetch response
+   * bodies, storage bodies are one-shot so providers can stream objects without
+   * buffering them.
+   */
+  readonly bodyUsed: boolean;
+  stream(): ReadableStream<Uint8Array>;
+  bytes(): Promise<Uint8Array>;
+  arrayBuffer(): Promise<ArrayBuffer>;
+  text(): Promise<string>;
+}
+export interface StoragePort {
+  put(
+    key: string,
+    body: StorageBody,
+    options?: StoragePutOptions,
+  ): Promise<StorageObject>;
+  get(key: string): Promise<StorageObjectBody | null>;
+  stat(key: string): Promise<StorageObject | null>;
+  delete(key: string): Promise<boolean>;
+  exists(key: string): Promise<boolean>;
+  publicUrl(key: string): Promise<string | null>;
+}
+export interface MemoryStorageOptions {
+  /**
+   * Base URL used by `publicUrl(...)` for objects written with
+   * `visibility: "public"`.
+   */
+  publicBaseUrl?: string;
+}
+type MemoryStorageEntry = StorageObject & {
+  bytes: Uint8Array;
+};
+function copyBytes(bytes: Uint8Array): Uint8Array {
+  return new Uint8Array(bytes);
+}
+function bytesToArrayBuffer(bytes: Uint8Array): ArrayBuffer {
+  const buffer = new ArrayBuffer(bytes.byteLength);
+  new Uint8Array(buffer).set(bytes);
+  return buffer;
+}
+function bytesToStream(bytes: Uint8Array): ReadableStream<Uint8Array> {
+  const copy = copyBytes(bytes);
+  return new ReadableStream<Uint8Array>({
+    start(controller) {
+      controller.enqueue(copy);
+      controller.close();
+    },
+  });
+}
+async function streamToBytes(
+  stream: ReadableStream<Uint8Array>,
+): Promise<Uint8Array> {
+  const reader = stream.getReader();
+  const chunks: Uint8Array[] = [];
+  let size = 0;
+  try {
+    while (true) {
+      const result = await reader.read();
+      if (result.done) break;
+      chunks.push(result.value);
+      size += result.value.byteLength;
+    }
+  } finally {
+    reader.releaseLock();
+  }
+  const bytes = new Uint8Array(size);
+  let offset = 0;
+  for (const chunk of chunks) {
+    bytes.set(chunk, offset);
+    offset += chunk.byteLength;
+  }
+  return bytes;
+}
+async function storageBodyToBytes(body: StorageBody): Promise<Uint8Array> {
+  if (typeof body === "string") {
+    return new TextEncoder().encode(body);
+  }
+  if (body instanceof Uint8Array) {
+    return copyBytes(body);
+  }
+  if (body instanceof ArrayBuffer) {
+    return new Uint8Array(body.slice(0));
+  }
+  if (body instanceof Blob) {
+    return new Uint8Array(await body.arrayBuffer());
+  }
+  return streamToBytes(body);
+}
+function cloneObject(entry: MemoryStorageEntry): StorageObject {
+  return {
+    key: entry.key,
+    size: entry.size,
+    ...(entry.contentType !== undefined
+      ? { contentType: entry.contentType }
+      : {}),
+    ...(entry.cacheControl !== undefined
+      ? { cacheControl: entry.cacheControl }
+      : {}),
+    metadata: { ...entry.metadata },
+    visibility: entry.visibility,
+    lastModified: new Date(entry.lastModified),
+  };
+}
+function createObjectBody(entry: MemoryStorageEntry): StorageObjectBody {
+  const object = cloneObject(entry);
+  let bodyUsed = false;
+  function consumeBytes(): Uint8Array {
+    if (bodyUsed) {
+      throw new Error("Storage object body has already been consumed.");
+    }
+    bodyUsed = true;
+    return copyBytes(entry.bytes);
+  }
+  return {
+    ...object,
+    get bodyUsed() {
+      return bodyUsed;
+    },
+    stream() {
+      return bytesToStream(consumeBytes());
+    },
+    async bytes() {
+      return consumeBytes();
+    },
+    async arrayBuffer() {
+      return bytesToArrayBuffer(consumeBytes());
+    },
+    async text() {
+      return new TextDecoder().decode(consumeBytes());
+    },
+  };
+}
+function validateStorageKey(key: string): void {
+  if (key.length === 0) {
+    throw new Error("Storage key must not be empty.");
+  }
+  if (key.startsWith("/")) {
+    throw new Error("Storage key must not start with '/'.");
+  }
+  if (key.endsWith("/")) {
+    throw new Error("Storage key must not end with '/'.");
+  }
+  if (key.includes("\\")) {
+    throw new Error("Storage key must use '/' separators, not '\\'.");
+  }
+  const segments = key.split("/");
+  if (segments.some((segment) => segment === "")) {
+    throw new Error("Storage key must not include empty path segments.");
+  }
+  if (segments.some((segment) => segment === "." || segment === "..")) {
+    throw new Error("Storage key must not include '.' or '..' segments.");
+  }
+}
+function joinPublicUrl(baseUrl: string, key: string): string {
+  const base = baseUrl.replace(/\/+$/, "");
+  const encodedKey = key
+    .split("/")
+    .map((part) => encodeURIComponent(part))
+    .join("/");
+  return `${base}/${encodedKey}`;
+}
+export function createMemoryStorage(
+  options: MemoryStorageOptions = {},
+): StoragePort {
+  const objects = new Map<string, MemoryStorageEntry>();
+  return {
+    async put(key, body, putOptions) {
+      validateStorageKey(key);
+      const bytes = await storageBodyToBytes(body);
+      const entry: MemoryStorageEntry = {
+        key,
+        size: bytes.byteLength,
+        ...(putOptions?.contentType !== undefined
+          ? { contentType: putOptions.contentType }
+          : {}),
+        ...(putOptions?.cacheControl !== undefined
+          ? { cacheControl: putOptions.cacheControl }
+          : {}),
+        metadata: { ...(putOptions?.metadata ?? {}) },
+        visibility: putOptions?.visibility ?? "private",
+        lastModified: new Date(),
+        bytes,
+      };
+      objects.set(key, entry);
+      return cloneObject(entry);
+    },
+    async get(key) {
+      validateStorageKey(key);
+      const entry = objects.get(key);
+      if (!entry) return null;
+      return createObjectBody(entry);
+    },
+    async stat(key) {
+      validateStorageKey(key);
+      const entry = objects.get(key);
+      if (!entry) return null;
+      return cloneObject(entry);
+    },
+    async delete(key) {
+      validateStorageKey(key);
+      return objects.delete(key);
+    },
+    async exists(key) {
+      validateStorageKey(key);
+      return objects.has(key);
+    },
+    async publicUrl(key) {
+      validateStorageKey(key);
+      const entry = objects.get(key);
+      if (!entry || entry.visibility !== "public" || !options.publicBaseUrl) {
+        return null;
+      }
+      return joinPublicUrl(options.publicBaseUrl, key);
+    },
+  };
+}

package/src/ports/testing.ts ADDED Viewed

@@ -0,0 +1,234 @@
+import type { EventBusPort } from "./events";
+import {
+  type CreateGateOptions,
+  createGate,
+  type GateDecision,
+  type GatePort,
+  type PolicyContextFromDefinitions,
+  type PolicyDefinition,
+  type PolicyMapFromDefinitions,
+  type PolicySubjectArgs,
+} from "./policy";
+/**
+ * A recorded event entry from the recording event bus.
+ */
+export interface RecordedEvent {
+  name: string;
+  payload: unknown;
+}
+/**
+ * Create a recording event bus for testing.
+ *
+ * This bus records all published events for later assertion,
+ * but does not support subscription (throws if called).
+ *
+ * @example
+ * ```ts
+ * const { bus, events } = createRecordingEventBus();
+ *
+ * // Inject bus into your use case
+ * await createUser({ ports: { eventBus: bus } });
+ *
+ * // Assert on recorded events
+ * expect(events).toHaveLength(1);
+ * expect(events[0].name).toBe("user.registered");
+ * expect(events[0].payload).toEqual({ userId: "123", email: "test@example.com" });
+ * ```
+ */
+export function createRecordingEventBus(): {
+  bus: EventBusPort;
+  events: RecordedEvent[];
+} {
+  const events: RecordedEvent[] = [];
+  const bus: EventBusPort = {
+    publish(event, payload) {
+      events.push({ name: event.name, payload });
+    },
+    subscribe() {
+      throw new Error("Not implemented for recording bus");
+    },
+  };
+  return { bus, events };
+}
+export type PolicyMatrixExpectation = "allow" | "deny";
+type PolicyMatrixSubject<TResolver> =
+  PolicySubjectArgs<TResolver> extends [subject: infer Subject]
+    ? { subject: Subject }
+    : { subject?: never };
+export type PolicyMatrixCase<
+  TContext,
+  TPolicies extends readonly PolicyDefinition[] = readonly PolicyDefinition[],
+> = {
+  [TAbility in keyof PolicyMapFromDefinitions<TPolicies> & string]: {
+    name: string;
+    ctx: TContext;
+    ability: TAbility;
+    expected: PolicyMatrixExpectation;
+    reason?: string;
+    code?: string;
+  } & PolicyMatrixSubject<PolicyMapFromDefinitions<TPolicies>[TAbility]>;
+}[keyof PolicyMapFromDefinitions<TPolicies> & string];
+export type UntypedPolicyMatrixCase<TContext> = {
+  name: string;
+  ctx: TContext;
+  ability: string;
+  subject?: unknown;
+  expected: PolicyMatrixExpectation;
+  reason?: string;
+  code?: string;
+};
+export type PolicyMatrixResult<
+  TContext,
+  TPolicies extends readonly PolicyDefinition[] = readonly PolicyDefinition[],
+> = {
+  case: PolicyMatrixCase<TContext, TPolicies>;
+  decision: GateDecision;
+  passed: boolean;
+  message?: string;
+};
+export type PolicyTester<
+  TContext,
+  TPolicies extends readonly PolicyDefinition[],
+> = {
+  gate: GatePort<TContext, TPolicies>;
+  evaluateMatrix(
+    cases: readonly PolicyMatrixCase<TContext, TPolicies>[],
+  ): Promise<PolicyMatrixResult<TContext, TPolicies>[]>;
+  assertMatrix(
+    cases: readonly PolicyMatrixCase<TContext, TPolicies>[],
+  ): Promise<void>;
+};
+export function createPolicyTester<
+  const TPolicies extends readonly PolicyDefinition[],
+>(
+  options: CreateGateOptions<
+    PolicyContextFromDefinitions<TPolicies>,
+    TPolicies
+  >,
+): PolicyTester<PolicyContextFromDefinitions<TPolicies>, TPolicies> {
+  const gate = createGate(options);
+  return {
+    gate,
+    evaluateMatrix: (cases) => evaluatePolicyMatrix(gate, cases),
+    assertMatrix: (cases) => assertPolicyMatrix(gate, cases),
+  };
+}
+export async function evaluatePolicyMatrix<
+  TContext,
+  TPolicies extends readonly PolicyDefinition[],
+>(
+  gate: GatePort<TContext, TPolicies>,
+  cases: readonly PolicyMatrixCase<TContext, TPolicies>[],
+): Promise<PolicyMatrixResult<TContext, TPolicies>[]> {
+  const results: PolicyMatrixResult<TContext, TPolicies>[] = [];
+  for (const matrixCase of cases) {
+    const decision = await inspectPolicyMatrixCase(gate, matrixCase);
+    const passed = policyMatrixCasePassed(matrixCase, decision);
+    results.push({
+      case: matrixCase,
+      decision,
+      passed,
+      message: passed
+        ? undefined
+        : policyMatrixFailureMessage(matrixCase, decision),
+    });
+  }
+  return results;
+}
+export async function assertPolicyMatrix<
+  TContext,
+  TPolicies extends readonly PolicyDefinition[],
+>(
+  gate: GatePort<TContext, TPolicies>,
+  cases: readonly PolicyMatrixCase<TContext, TPolicies>[],
+): Promise<void> {
+  const results = await evaluatePolicyMatrix(gate, cases);
+  const failures = results.filter((result) => !result.passed);
+  if (failures.length === 0) return;
+  throw new Error(
+    [
+      `Policy matrix failed for ${failures.length} case${
+        failures.length === 1 ? "" : "s"
+      }.`,
+      ...failures.map((failure) => `- ${failure.message}`),
+    ].join("\n"),
+  );
+}
+async function inspectPolicyMatrixCase<
+  TContext,
+  TPolicies extends readonly PolicyDefinition[],
+>(
+  gate: GatePort<TContext, TPolicies>,
+  matrixCase: PolicyMatrixCase<TContext, TPolicies>,
+): Promise<GateDecision> {
+  const inspect = gate.inspect as DynamicGateInspect<TContext>;
+  if ("subject" in matrixCase) {
+    return inspect(matrixCase.ctx, matrixCase.ability, matrixCase.subject);
+  }
+  return inspect(matrixCase.ctx, matrixCase.ability);
+}
+function policyMatrixCasePassed<TContext>(
+  matrixCase: UntypedPolicyMatrixCase<TContext>,
+  decision: GateDecision,
+): boolean {
+  if (matrixCase.expected === "allow" && !decision.allowed) return false;
+  if (matrixCase.expected === "deny" && decision.allowed) return false;
+  if (matrixCase.reason && decision.allowed) return false;
+  if (matrixCase.code && decision.allowed) return false;
+  if (decision.allowed) return true;
+  return (
+    (!matrixCase.reason || decision.reason === matrixCase.reason) &&
+    (!matrixCase.code || decision.code === matrixCase.code)
+  );
+}
+function policyMatrixFailureMessage<TContext>(
+  matrixCase: UntypedPolicyMatrixCase<TContext>,
+  decision: GateDecision,
+): string {
+  const expected: string[] = [matrixCase.expected];
+  if (matrixCase.reason) expected.push(`reason "${matrixCase.reason}"`);
+  if (matrixCase.code) expected.push(`code "${matrixCase.code}"`);
+  const actual = decision.allowed
+    ? "allow"
+    : [
+        "deny",
+        decision.reason ? `reason "${decision.reason}"` : undefined,
+        decision.code ? `code "${decision.code}"` : undefined,
+      ]
+        .filter(Boolean)
+        .join(", ");
+  return `${matrixCase.name}: expected ${expected.join(", ")}, received ${actual}.`;
+}
+type DynamicGateInspect<TContext> = (
+  ctx: TContext,
+  ability: string,
+  subject?: unknown,
+) => Promise<GateDecision>;