@bleedingdev/modern-js-app-tools 3.2.0-ultramodern.120 → 3.2.0-ultramodern.122

package/dist/types/presetUltramodern.d.ts

@@ -1,6 +1,56 @@
-import { type AppBaselineOptions } from './baseline';
 import type { AppUserConfig } from './types';
-export interface PresetUltramodernOptions extends AppBaselineOptions {
+export interface PresetUltramodernOptions {
+    /**
+     * Stable producer identity used by BFF cross-project clients.
+     * @default "app"
+     */
+    appId?: string;
+    /**
+     * Enable BFF requestId contract by default.
+     * @default true
+     */
+    enableBffRequestId?: boolean;
+    /**
+     * Enable telemetry contract by default.
+     * Exporters are still configured separately by applications.
+     * @default true
+     */
+    enableTelemetry?: boolean;
+    /**
+     * Enable telemetry exporters.
+     *
+     * By default each exporter is enabled only when its endpoint is explicitly
+     * configured (via the matching option or environment variable), so a bare
+     * preset app boots in production without local collectors.
+     * Set `true` to force both exporters on with their default localhost
+     * endpoints, or `false` to disable exporters entirely.
+     * @default undefined (endpoint-driven)
+     */
+    enableTelemetryExporters?: boolean;
+    /**
+     * OTLP exporter endpoint. Setting it (or the environment variable)
+     * enables the OTLP exporter unless `enableTelemetryExporters` is `false`.
+     * @default process.env.MODERN_TELEMETRY_OTLP_ENDPOINT || 'http://127.0.0.1:4318/v1/logs'
+     */
+    otlpEndpoint?: string;
+    /**
+     * VictoriaMetrics exporter endpoint. Setting it (or the environment
+     * variable) enables the VictoriaMetrics exporter unless
+     * `enableTelemetryExporters` is `false`.
+     * @default process.env.MODERN_TELEMETRY_VICTORIA_ENDPOINT || 'http://127.0.0.1:8428/api/v1/import/prometheus'
+     */
+    victoriaMetricsEndpoint?: string;
+    /**
+     * Enable fail-loud startup probing for telemetry exporters.
+     * Probes only run for exporters that are actually enabled.
+     * @default true
+     */
+    telemetryFailLoudStartup?: boolean;
+    /**
+     * Enable app-level Module Federation SSR handshake by default.
+     * @default true
+     */
+    enableModuleFederationSSR?: boolean;
 }
 export declare const createPresetUltramodernConfig: (options?: PresetUltramodernOptions) => AppUserConfig;
 export declare const presetUltramodern: (config: AppUserConfig, options?: PresetUltramodernOptions) => AppUserConfig;

package/dist/types/types/config/cloudflareDeploy.d.ts

@@ -0,0 +1,79 @@
+export type DeployTarget = 'node' | 'vercel' | 'netlify' | 'ghPages' | 'cloudflare';
+export type CloudflareWorkerSecurityCspMode = 'enforce' | 'report-only' | 'off';
+export interface CloudflareWorkerSecurityCspConfig {
+    mode?: CloudflareWorkerSecurityCspMode;
+    directives?: Record<string, string[] | string | false>;
+    additionalScriptSrc?: string[];
+    additionalStyleSrc?: string[];
+    additionalConnectSrc?: string[];
+    additionalImgSrc?: string[];
+    frameAncestors?: string[] | false;
+    reportUri?: string;
+    reason?: string;
+}
+export interface CloudflareWorkerSecurityNoindexConfig {
+    workersDev?: boolean;
+    localhost?: boolean;
+    previewHostnames?: string[];
+    reason?: string;
+}
+export interface CloudflareWorkerSecurityCorsConfig {
+    /**
+     * Origins allowed to read application responses (BFF APIs, SSR HTML,
+     * route fallbacks) cross-origin. Accepts exact origins
+     * (e.g. `https://shell.example.com`) or `'*'`.
+     * When empty, application responses carry no CORS headers (same-origin).
+     * @default []
+     */
+    allowedOrigins?: string[];
+    /**
+     * Methods advertised on CORS preflight responses for application routes.
+     * @default ['GET', 'HEAD', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS']
+     */
+    allowedMethods?: string[];
+    /**
+     * Headers advertised on CORS preflight responses for application routes.
+     * @default ['*']
+     */
+    allowedHeaders?: string[];
+    /**
+     * Apply wildcard CORS to static asset responses so federated remotes
+     * (remote entries, manifests, CSS) can be loaded cross-origin.
+     * @default true
+     */
+    assets?: boolean;
+    reason?: string;
+}
+export interface CloudflareWorkerSecurityConfig {
+    /**
+     * Disable all Cloudflare worker security defaults for this app.
+     * Prefer narrower escape hatches when possible.
+     */
+    enabled?: boolean;
+    headers?: {
+        referrerPolicy?: string | false;
+        contentTypeOptions?: 'nosniff' | false;
+        permissionsPolicy?: string | false;
+    };
+    contentSecurityPolicy?: CloudflareWorkerSecurityCspConfig;
+    noindex?: boolean | CloudflareWorkerSecurityNoindexConfig;
+    /**
+     * Cross-origin resource sharing policy applied by the generated worker.
+     * Asset responses default to wildcard CORS for federated loading;
+     * application responses (BFF, SSR) default to no CORS headers.
+     */
+    cors?: CloudflareWorkerSecurityCorsConfig;
+    /**
+     * @deprecated Write-only: this option never had any runtime effect — the
+     * generated worker never mutates application `Set-Cookie` headers.
+     * Kept temporarily so configs emitted by existing `modern create`
+     * templates keep typechecking; will be removed once the generator stops
+     * emitting it. Use {@link CloudflareWorkerSecurityConfig.cors} for the
+     * worker's cross-origin policy.
+     */
+    cookies?: {
+        mutateSetCookie?: false;
+        reason?: string;
+    };
+    reason?: string;
+}

package/dist/types/types/config/deploy.d.ts

@@ -1,3 +1,5 @@
+import type { CloudflareWorkerSecurityConfig, DeployTarget } from './cloudflareDeploy';
+export type { CloudflareWorkerSecurityConfig, CloudflareWorkerSecurityCorsConfig, CloudflareWorkerSecurityCspConfig, CloudflareWorkerSecurityCspMode, CloudflareWorkerSecurityNoindexConfig, DeployTarget, } from './cloudflareDeploy';
 export interface MicroFrontend {
     /**
      * Specifies whether to enable the HTML entry.
@@ -11,62 +13,6 @@ export interface MicroFrontend {
      */
     externalBasicLibrary?: boolean;
     moduleApp?: string;
-    /**
-     * Runtime compatibility digest exposed in remote contracts (manifest / remote entry).
-     */
-    runtimeDigest?: string;
-    /**
-     * SRI-style integrity token for the remote entry contract.
-     * Example: `sha256-<base64Digest>`.
-     */
-    integrity?: string;
-    /**
-     * Opaque attestation token exposed in remote runtime metadata.
-     * Can be validated by the host via runtime `remoteTrust.attestations`.
-     */
-    attestation?: string;
-}
-export type DeployTarget = 'node' | 'vercel' | 'netlify' | 'ghPages' | 'cloudflare';
-export type CloudflareWorkerSecurityCspMode = 'enforce' | 'report-only' | 'off';
-export interface CloudflareWorkerSecurityCspConfig {
-    mode?: CloudflareWorkerSecurityCspMode;
-    directives?: Record<string, string[] | string | false>;
-    additionalScriptSrc?: string[];
-    additionalStyleSrc?: string[];
-    additionalConnectSrc?: string[];
-    additionalImgSrc?: string[];
-    frameAncestors?: string[] | false;
-    reportUri?: string;
-    reason?: string;
-}
-export interface CloudflareWorkerSecurityNoindexConfig {
-    workersDev?: boolean;
-    localhost?: boolean;
-    previewHostnames?: string[];
-    reason?: string;
-}
-export interface CloudflareWorkerSecurityConfig {
-    /**
-     * Disable all Cloudflare worker security defaults for this app.
-     * Prefer narrower escape hatches when possible.
-     */
-    enabled?: boolean;
-    headers?: {
-        referrerPolicy?: string | false;
-        contentTypeOptions?: 'nosniff' | false;
-        permissionsPolicy?: string | false;
-    };
-    contentSecurityPolicy?: CloudflareWorkerSecurityCspConfig;
-    noindex?: boolean | CloudflareWorkerSecurityNoindexConfig;
-    cookies?: {
-        /**
-         * Cloudflare worker does not mutate application Set-Cookie headers by
-         * default; app-owned cookies should be secured by the owner that sets them.
-         */
-        mutateSetCookie?: false;
-        reason?: string;
-    };
-    reason?: string;
 }
 export interface DeployUserConfig {
     /**

package/dist/types/types/config/output.d.ts

@@ -1,25 +1,8 @@
 import type { BuilderConfig } from '@modern-js/builder';
 import type { SSGConfig, SSGMultiEntryOptions } from '@modern-js/types';
-import type CompressionPlugin from 'compression-webpack-plugin';
 import type { UnwrapBuilderConfig } from '../utils';
-type CompressionPluginOptions = NonNullable<ConstructorParameters<typeof CompressionPlugin>[0]>;
-export type PrecompressCodecOptions = boolean | CompressionPluginOptions;
-export interface PrecompressConfig {
-    /**
-     * Configure gzip precompression options.
-     * `true` means using default options.
-     * `false` means disabling gzip precompression.
-     * @default true
-     */
-    gzip?: PrecompressCodecOptions;
-    /**
-     * Configure brotli precompression options.
-     * `true` means using default options.
-     * `false` means disabling brotli precompression.
-     * @default true
-     */
-    brotli?: PrecompressCodecOptions;
-}
+import type { PrecompressConfig } from './precompress';
+export type { PrecompressCodecOptions, PrecompressConfig } from './precompress';
 export interface OutputUserConfig extends UnwrapBuilderConfig<BuilderConfig, 'output'> {
     /**
      * Enable SSG for self-controlled routing or conventional routing.
@@ -54,7 +37,8 @@ export interface OutputUserConfig extends UnwrapBuilderConfig<BuilderConfig, 'ou
     /**
      * Generate precompressed static assets by using compression-webpack-plugin.
      * `true` means enabling both gzip and brotli with default options.
-     * @default true
+     * Disabled unless explicitly configured; `presetUltramodern` enables it.
+     * @default false
      */
     precompress?: boolean | PrecompressConfig;
 }

package/dist/types/types/config/precompress.d.ts

@@ -0,0 +1,20 @@
+import type CompressionPlugin from 'compression-webpack-plugin';
+type CompressionPluginOptions = NonNullable<ConstructorParameters<typeof CompressionPlugin>[0]>;
+export type PrecompressCodecOptions = boolean | CompressionPluginOptions;
+export interface PrecompressConfig {
+    /**
+     * Configure gzip precompression options.
+     * `true` means using default options.
+     * `false` means disabling gzip precompression.
+     * @default true
+     */
+    gzip?: PrecompressCodecOptions;
+    /**
+     * Configure brotli precompression options.
+     * `true` means using default options.
+     * `false` means disabling brotli precompression.
+     * @default true
+     */
+    brotli?: PrecompressCodecOptions;
+}
+export {};

package/package.json

@@ -17,7 +17,7 @@
     "modern",
     "modern.js"
   ],
-  "version": "3.2.0-ultramodern.120",
+  "version": "3.2.0-ultramodern.122",
   "types": "./dist/types/index.d.ts",
   "main": "./dist/cjs/index.js",
   "exports": {
@@ -87,28 +87,26 @@
     "@babel/types": "^7.29.7",
     "@loadable/component": "5.16.7",
     "@rsbuild/core": "2.0.11",
-    "@swc/core": "1.15.41",
     "@swc/helpers": "^0.5.23",
     "compression-webpack-plugin": "^12.0.0",
     "es-module-lexer": "^2.1.0",
     "esbuild": "^0.28.0",
-    "esbuild-register": "^3.6.0",
     "flatted": "^3.4.2",
     "import-meta-resolve": "^4.2.0",
     "mlly": "^1.8.2",
     "ndepe": "^0.1.13",
     "pkg-types": "^2.3.1",
     "std-env": "4.1.0",
-    "@modern-js/builder": "npm:@bleedingdev/modern-js-builder@3.2.0-ultramodern.120",
-    "@modern-js/plugin-data-loader": "npm:@bleedingdev/modern-js-plugin-data-loader@3.2.0-ultramodern.120",
-    "@modern-js/server": "npm:@bleedingdev/modern-js-server@3.2.0-ultramodern.120",
-    "@modern-js/plugin": "npm:@bleedingdev/modern-js-plugin@3.2.0-ultramodern.120",
-    "@modern-js/prod-server": "npm:@bleedingdev/modern-js-prod-server@3.2.0-ultramodern.120",
-    "@modern-js/server-core": "npm:@bleedingdev/modern-js-server-core@3.2.0-ultramodern.120",
-    "@modern-js/server-utils": "npm:@bleedingdev/modern-js-server-utils@3.2.0-ultramodern.120",
-    "@modern-js/types": "npm:@bleedingdev/modern-js-types@3.2.0-ultramodern.120",
-    "@modern-js/utils": "npm:@bleedingdev/modern-js-utils@3.2.0-ultramodern.120",
-    "@modern-js/i18n-utils": "npm:@bleedingdev/modern-js-i18n-utils@3.2.0-ultramodern.120"
+    "@modern-js/builder": "npm:@bleedingdev/modern-js-builder@3.2.0-ultramodern.122",
+    "@modern-js/plugin": "npm:@bleedingdev/modern-js-plugin@3.2.0-ultramodern.122",
+    "@modern-js/prod-server": "npm:@bleedingdev/modern-js-prod-server@3.2.0-ultramodern.122",
+    "@modern-js/server": "npm:@bleedingdev/modern-js-server@3.2.0-ultramodern.122",
+    "@modern-js/plugin-data-loader": "npm:@bleedingdev/modern-js-plugin-data-loader@3.2.0-ultramodern.122",
+    "@modern-js/server-core": "npm:@bleedingdev/modern-js-server-core@3.2.0-ultramodern.122",
+    "@modern-js/types": "npm:@bleedingdev/modern-js-types@3.2.0-ultramodern.122",
+    "@modern-js/server-utils": "npm:@bleedingdev/modern-js-server-utils@3.2.0-ultramodern.122",
+    "@modern-js/utils": "npm:@bleedingdev/modern-js-utils@3.2.0-ultramodern.122",
+    "@modern-js/i18n-utils": "npm:@bleedingdev/modern-js-i18n-utils@3.2.0-ultramodern.122"
   },
   "devDependencies": {
     "@rslib/core": "0.22.0",

package/dist/esm/rslib-runtime.mjs

@@ -1,18 +0,0 @@
-var __webpack_modules__ = {};
-var __webpack_module_cache__ = {};
-function __webpack_require__(moduleId) {
-    var cachedModule = __webpack_module_cache__[moduleId];
-    if (void 0 !== cachedModule) return cachedModule.exports;
-    var module = __webpack_module_cache__[moduleId] = {
-        exports: {}
-    };
-    __webpack_modules__[moduleId](module, module.exports, __webpack_require__);
-    return module.exports;
-}
-__webpack_require__.m = __webpack_modules__;
-(()=>{
-    __webpack_require__.add = function(modules) {
-        Object.assign(__webpack_require__.m, modules);
-    };
-})();
-export { __webpack_require__ };

package/dist/esm-node/rslib-runtime.mjs

@@ -1,19 +0,0 @@
-import "node:module";
-var __webpack_modules__ = {};
-var __webpack_module_cache__ = {};
-function __webpack_require__(moduleId) {
-    var cachedModule = __webpack_module_cache__[moduleId];
-    if (void 0 !== cachedModule) return cachedModule.exports;
-    var module = __webpack_module_cache__[moduleId] = {
-        exports: {}
-    };
-    __webpack_modules__[moduleId](module, module.exports, __webpack_require__);
-    return module.exports;
-}
-__webpack_require__.m = __webpack_modules__;
-(()=>{
-    __webpack_require__.add = function(modules) {
-        Object.assign(__webpack_require__.m, modules);
-    };
-})();
-export { __webpack_require__ };