@bleedingdev/modern-js-app-tools 3.2.0-ultramodern.99 → 3.4.0-ultramodern.1

package/dist/esm-node/plugins/deploy/platforms/cloudflare.mjs

@@ -13,7 +13,88 @@ const PUBLIC_ASSETS_DIRECTORY = 'public';
 const WORKER_BUNDLE_DIRECTORY = 'worker';
 const SERVER_BUNDLE_DIRECTORY = 'bundles';
 const BFF_EFFECT_WORKER_ENTRY = `${WORKER_BUNDLE_DIRECTORY}/__modern_bff_effect.js`;
-const getCompatibilityDate = ()=>new Date().toISOString().slice(0, 10);
+const DEFAULT_COMPATIBILITY_DATE = '2026-06-02';
+const COMPATIBILITY_DATE_PATTERN = /^\d{4}-\d{2}-\d{2}$/u;
+const DEFAULT_SECURITY_HEADERS = {
+    referrerPolicy: 'strict-origin-when-cross-origin',
+    contentTypeOptions: 'nosniff',
+    permissionsPolicy: 'camera=(), geolocation=(), microphone=(), payment=(), usb=()'
+};
+const DEFAULT_CORS_ALLOWED_METHODS = [
+    'GET',
+    'HEAD',
+    'POST',
+    'PUT',
+    'PATCH',
+    'DELETE',
+    'OPTIONS'
+];
+const DEFAULT_CSP_DIRECTIVES = {
+    'base-uri': [
+        "'self'"
+    ],
+    'connect-src': [
+        "'self'",
+        'https:',
+        'http:',
+        'wss:',
+        'ws:'
+    ],
+    'default-src': [
+        "'self'"
+    ],
+    'font-src': [
+        "'self'",
+        'data:',
+        'https:',
+        'http:'
+    ],
+    'form-action': [
+        "'self'"
+    ],
+    'frame-ancestors': [
+        "'self'"
+    ],
+    'img-src': [
+        "'self'",
+        'data:',
+        'blob:',
+        'https:',
+        'http:'
+    ],
+    'manifest-src': [
+        "'self'",
+        'https:',
+        'http:'
+    ],
+    'object-src': [
+        "'none'"
+    ],
+    "script-src": [
+        "'self'",
+        "'unsafe-inline'",
+        "'unsafe-eval'",
+        'https:',
+        'http:',
+        'blob:'
+    ],
+    'style-src': [
+        "'self'",
+        "'unsafe-inline'",
+        'https:',
+        'http:'
+    ],
+    'worker-src': [
+        "'self'",
+        'blob:'
+    ]
+};
+const getCompatibilityDate = (modernConfig)=>{
+    const configuredDate = modernConfig.deploy?.worker?.compatibilityDate?.trim();
+    const compatibilityDate = configuredDate || DEFAULT_COMPATIBILITY_DATE;
+    if (!COMPATIBILITY_DATE_PATTERN.test(compatibilityDate)) throw new Error(`deploy.worker.compatibilityDate must use YYYY-MM-DD, received ${JSON.stringify(compatibilityDate)}.`);
+    return compatibilityDate;
+};
 const getWorkerName = (appDirectory)=>{
     const basename = node_path.basename(appDirectory);
     return basename.replace(/[^a-zA-Z0-9-_]/g, '-') || 'modern-cloudflare-worker';
@@ -22,6 +103,98 @@ const getConfiguredWorkerName = (appDirectory, modernConfig)=>{
     const configuredName = modernConfig.deploy?.worker?.name?.trim();
     return configuredName || getWorkerName(appDirectory);
 };
+const normalizeDirectiveValues = (value)=>{
+    const values = Array.isArray(value) ? value : [
+        value
+    ];
+    return [
+        ...new Set(values.map((entry)=>entry.trim()).filter(Boolean))
+    ];
+};
+const appendDirectiveValues = (directives, name, values)=>{
+    if (!values?.length) return;
+    directives[name] = normalizeDirectiveValues([
+        ...directives[name] ?? [],
+        ...values
+    ]);
+};
+const createContentSecurityPolicy = (config)=>{
+    const mode = config?.mode ?? 'report-only';
+    if ('off' === mode) return {
+        mode,
+        directives: {},
+        reason: config?.reason
+    };
+    const directives = Object.fromEntries(Object.entries(DEFAULT_CSP_DIRECTIVES).map(([name, values])=>[
+            name,
+            [
+                ...values
+            ]
+        ]));
+    for (const [name, value] of Object.entries(config?.directives ?? {}))if (false === value) delete directives[name];
+    else directives[name] = normalizeDirectiveValues(value);
+    if (config?.frameAncestors === false) delete directives['frame-ancestors'];
+    else if (config?.frameAncestors) directives['frame-ancestors'] = normalizeDirectiveValues(config.frameAncestors);
+    appendDirectiveValues(directives, "script-src", config?.additionalScriptSrc);
+    appendDirectiveValues(directives, 'style-src', config?.additionalStyleSrc);
+    appendDirectiveValues(directives, 'connect-src', config?.additionalConnectSrc);
+    appendDirectiveValues(directives, 'img-src', config?.additionalImgSrc);
+    if (config?.reportUri) directives['report-uri'] = [
+        config.reportUri
+    ];
+    return {
+        mode,
+        directives,
+        reason: config?.reason
+    };
+};
+const createNoindexPolicy = (noindex)=>{
+    if (false === noindex) return {
+        workersDev: false,
+        localhost: false,
+        previewHostnames: []
+    };
+    if (true === noindex || void 0 === noindex) return {
+        workersDev: true,
+        localhost: true,
+        previewHostnames: []
+    };
+    return {
+        workersDev: noindex.workersDev ?? true,
+        localhost: noindex.localhost ?? true,
+        previewHostnames: noindex.previewHostnames ?? [],
+        reason: noindex.reason
+    };
+};
+const createCloudflareWorkerCorsPolicy = (cors)=>({
+        assets: cors?.assets ?? true,
+        allowedOrigins: normalizeDirectiveValues(cors?.allowedOrigins ?? []),
+        allowedMethods: cors?.allowedMethods?.length ? normalizeDirectiveValues(cors.allowedMethods.map((method)=>method.toUpperCase())) : DEFAULT_CORS_ALLOWED_METHODS,
+        allowedHeaders: cors?.allowedHeaders?.length ? normalizeDirectiveValues(cors.allowedHeaders) : [
+            '*'
+        ],
+        reason: cors?.reason
+    });
+const createCloudflareWorkerSecurityPolicy = (modernConfig)=>{
+    const security = modernConfig.deploy?.worker?.security;
+    if (security?.enabled === false) return {
+        enabled: false,
+        cors: createCloudflareWorkerCorsPolicy(security.cors),
+        reason: security.reason
+    };
+    return {
+        enabled: true,
+        headers: {
+            referrerPolicy: security?.headers?.referrerPolicy ?? DEFAULT_SECURITY_HEADERS.referrerPolicy,
+            contentTypeOptions: security?.headers?.contentTypeOptions ?? DEFAULT_SECURITY_HEADERS.contentTypeOptions,
+            permissionsPolicy: security?.headers?.permissionsPolicy ?? DEFAULT_SECURITY_HEADERS.permissionsPolicy
+        },
+        contentSecurityPolicy: createContentSecurityPolicy(security?.contentSecurityPolicy),
+        noindex: createNoindexPolicy(security?.noindex),
+        cors: createCloudflareWorkerCorsPolicy(security?.cors),
+        reason: security?.reason
+    };
+};
 const readRouteSpec = async (outputDirectory)=>{
     const routeSpecPath = node_path.join(outputDirectory, ROUTE_SPEC_OUTPUT);
     if (!await fs.pathExists(routeSpecPath)) return {
@@ -77,6 +250,7 @@ const createWorkerManifest = async (outputDirectory, modernConfig)=>{
             loadableStats: LOADABLE_STATS_FILE,
             routeManifest: ROUTE_MANIFEST_FILE
         },
+        security: createCloudflareWorkerSecurityPolicy(modernConfig),
         bff: isEffectBff && primaryBffPrefix && effectBffWorkerExists ? {
             runtimeFramework: 'effect',
             prefix: primaryBffPrefix,
@@ -149,7 +323,7 @@ const createCloudflarePreset = ({ appContext, modernConfig })=>{
                 $schema: 'node_modules/wrangler/config-schema.json',
                 name: workerName,
                 main: WORKER_ENTRY,
-                compatibility_date: getCompatibilityDate(),
+                compatibility_date: getCompatibilityDate(modernConfig),
                 compatibility_flags: [
                     'nodejs_compat',
                     'global_fetch_strictly_public'

package/dist/esm-node/plugins/deploy/platforms/templates/cloudflare-entry.mjs

@@ -3,27 +3,129 @@ const MODERN_WORKER_MANIFEST = p_workerManifest;
 const WORKER_MODULE_LOADERS = p_workerModuleLoaders;
 const workerModulePromises = new Map();
 const remoteJsonPromises = new Map();
-const CORS_HEADERS = {
+const CORS_POLICY = MODERN_WORKER_MANIFEST.security?.cors || {};
+const ASSET_CORS_ENABLED = false !== CORS_POLICY.assets;
+const APP_CORS_ALLOWED_ORIGINS = (CORS_POLICY.allowedOrigins || []).map((origin)=>String(origin).toLowerCase());
+const APP_CORS_ALLOWED_METHODS = (CORS_POLICY.allowedMethods?.length ? CORS_POLICY.allowedMethods : [
+    'GET',
+    'HEAD',
+    'POST',
+    'PUT',
+    'PATCH',
+    'DELETE',
+    'OPTIONS'
+]).join(', ');
+const APP_CORS_ALLOWED_HEADERS = (CORS_POLICY.allowedHeaders?.length ? CORS_POLICY.allowedHeaders : [
+    '*'
+]).join(', ');
+const ASSET_CORS_HEADERS = {
     'access-control-allow-headers': '*',
     'access-control-allow-methods': 'GET, HEAD, OPTIONS',
     'access-control-allow-origin': '*'
 };
 globalThis.__dirname ??= '/';
 globalThis.__filename ??= '/index.js';
-function withCorsHeaders(response) {
+function getAllowedAppCorsOrigin(request) {
+    if (0 === APP_CORS_ALLOWED_ORIGINS.length) return null;
+    const origin = request.headers.get('origin');
+    if (!origin) return null;
+    if (APP_CORS_ALLOWED_ORIGINS.includes('*')) return '*';
+    return APP_CORS_ALLOWED_ORIGINS.includes(origin.toLowerCase()) ? origin : null;
+}
+function appendVaryOrigin(headers) {
+    const vary = headers.get('vary');
+    if (!vary) return void headers.set('vary', 'origin');
+    const varyValues = vary.split(',').map((value)=>value.trim().toLowerCase());
+    if (!varyValues.includes('origin')) headers.set('vary', `${vary}, origin`);
+}
+function withAppCorsHeaders(response, request) {
+    const allowedOrigin = getAllowedAppCorsOrigin(request);
+    if (!allowedOrigin) return response;
     const headers = new Headers(response.headers);
-    for (const [name, value] of Object.entries(CORS_HEADERS))if (!headers.has(name)) headers.set(name, value);
+    if (!headers.has('access-control-allow-origin')) headers.set('access-control-allow-origin', allowedOrigin);
+    if ('*' !== allowedOrigin) appendVaryOrigin(headers);
     return new Response(response.body, {
         headers,
         status: response.status,
         statusText: response.statusText
     });
 }
+function withAssetCorsHeaders(response) {
+    if (!ASSET_CORS_ENABLED) return response;
+    const headers = new Headers(response.headers);
+    for (const [name, value] of Object.entries(ASSET_CORS_HEADERS))if (!headers.has(name)) headers.set(name, value);
+    return new Response(response.body, {
+        headers,
+        status: response.status,
+        statusText: response.statusText
+    });
+}
+function setHeaderIfEnabled(headers, name, value) {
+    if (false === value || 'string' != typeof value || '' === value.trim()) return;
+    if (!headers.has(name)) headers.set(name, value);
+}
+function renderContentSecurityPolicy(directives) {
+    return Object.entries(directives || {}).filter(([, values])=>Array.isArray(values) && values.length > 0).sort(([left], [right])=>left.localeCompare(right)).map(([name, values])=>`${name} ${values.join(' ')}`).join('; ');
+}
+function isHtmlResponse(response) {
+    return (response.headers.get('content-type') || '').includes('text/html');
+}
+function matchesPreviewHostname(hostname, pattern) {
+    const normalizedHostname = hostname.toLowerCase();
+    const normalizedPattern = String(pattern || '').toLowerCase();
+    if (!normalizedPattern) return false;
+    if (normalizedPattern.startsWith('*.')) return normalizedHostname.endsWith(normalizedPattern.slice(1));
+    return normalizedHostname === normalizedPattern;
+}
+function shouldNoindex(request, noindex) {
+    if (!noindex || false === noindex) return false;
+    const { hostname } = new URL(request.url);
+    const normalizedHostname = hostname.toLowerCase();
+    if (false !== noindex.localhost && ('localhost' === normalizedHostname || '127.0.0.1' === normalizedHostname || '[::1]' === normalizedHostname)) return true;
+    if (false !== noindex.workersDev && normalizedHostname.endsWith('.workers.dev')) return true;
+    return (noindex.previewHostnames || []).some((pattern)=>matchesPreviewHostname(normalizedHostname, pattern));
+}
+function withCloudflareSecurityHeaders(response, request) {
+    const security = MODERN_WORKER_MANIFEST.security;
+    if (!security || false === security.enabled) return response;
+    const headers = new Headers(response.headers);
+    const configuredHeaders = security.headers || {};
+    setHeaderIfEnabled(headers, 'referrer-policy', configuredHeaders.referrerPolicy);
+    setHeaderIfEnabled(headers, 'x-content-type-options', configuredHeaders.contentTypeOptions);
+    setHeaderIfEnabled(headers, 'permissions-policy', configuredHeaders.permissionsPolicy);
+    const csp = security.contentSecurityPolicy;
+    const cspHeader = csp?.mode === 'enforce' ? 'content-security-policy' : 'content-security-policy-report-only';
+    const cspValue = renderContentSecurityPolicy(csp?.directives);
+    if (isHtmlResponse(response) && csp?.mode !== 'off' && cspValue && !headers.has(cspHeader)) headers.set(cspHeader, cspValue);
+    if (shouldNoindex(request, security.noindex)) headers.set('x-robots-tag', 'noindex, nofollow');
+    return new Response(response.body, {
+        headers,
+        status: response.status,
+        statusText: response.statusText
+    });
+}
+function createRenderableRequest(request) {
+    if ('HEAD' !== request.method) return request;
+    return new Request(request, {
+        method: 'GET'
+    });
+}
+function finalizeResponseForRequest(response, request) {
+    const securedResponse = withCloudflareSecurityHeaders(response, request);
+    if ('HEAD' !== request.method) return securedResponse;
+    const headers = new Headers(securedResponse.headers);
+    headers.delete('content-length');
+    return new Response(null, {
+        headers,
+        status: securedResponse.status,
+        statusText: securedResponse.statusText
+    });
+}
 function isFingerprintedAssetPathname(pathname) {
     return /(?:^|\/)[^/]+\.[a-f0-9]{8,}\.(?:css|js|mjs|json|svg|png|jpe?g|webp|avif|gif|woff2?|ttf)$/iu.test(pathname);
 }
 function withAssetHeaders(response, request) {
-    const corsResponse = withCorsHeaders(response);
+    const corsResponse = withAssetCorsHeaders(response);
     const headers = new Headers(corsResponse.headers);
     const { pathname } = new URL(request.url);
     if (isFingerprintedAssetPathname(pathname)) headers.set('cache-control', 'public, max-age=31536000, immutable');
@@ -33,10 +135,30 @@ function withAssetHeaders(response, request) {
         statusText: corsResponse.statusText
     });
 }
-function createCorsPreflightResponse(request) {
+async function createCorsPreflightResponse(request, env) {
     if ('OPTIONS' !== request.method) return null;
+    const allowedOrigin = getAllowedAppCorsOrigin(request);
+    if (allowedOrigin) {
+        const headers = new Headers({
+            'access-control-allow-headers': APP_CORS_ALLOWED_HEADERS,
+            'access-control-allow-methods': APP_CORS_ALLOWED_METHODS,
+            'access-control-allow-origin': allowedOrigin
+        });
+        if ('*' !== allowedOrigin) headers.set('vary', 'origin');
+        return new Response(null, {
+            headers,
+            status: 204
+        });
+    }
+    if (!ASSET_CORS_ENABLED) return null;
+    const assets = env?.[ASSETS_BINDING];
+    if (!assets || 'function' != typeof assets.fetch) return null;
+    const assetResponse = await assets.fetch(new Request(request.url, {
+        method: 'HEAD'
+    }));
+    if (!assetResponse || 404 === assetResponse.status) return null;
     return new Response(null, {
-        headers: CORS_HEADERS,
+        headers: ASSET_CORS_HEADERS,
         status: 204
     });
 }
@@ -417,22 +539,25 @@ async function dispatchBffRequest(request, env) {
 }
 export default {
     async fetch (request, env, ctx) {
-        const corsPreflightResponse = createCorsPreflightResponse(request);
-        if (corsPreflightResponse) return corsPreflightResponse;
+        const corsPreflightResponse = await createCorsPreflightResponse(request, env);
+        if (corsPreflightResponse) return finalizeResponseForRequest(corsPreflightResponse, request);
         const assetResponse = await fetchAsset(request, env);
-        if (assetResponse) return assetResponse;
+        if (assetResponse) return finalizeResponseForRequest(assetResponse, request);
         const bffResponse = await dispatchBffRequest(request, env);
-        if (bffResponse) return withCorsHeaders(bffResponse);
+        if (bffResponse) return finalizeResponseForRequest(withAppCorsHeaders(bffResponse, request), request);
         const route = findRoute(request);
         const { pathname } = new URL(request.url);
-        if (isAssetLikePathname(pathname) && !routeMatchesExactly(route, pathname)) return withCorsHeaders(new Response('Not found', {
+        if (isAssetLikePathname(pathname) && !routeMatchesExactly(route, pathname)) return finalizeResponseForRequest(withAppCorsHeaders(new Response('Not found', {
             status: 404
-        }));
-        if (route?.worker) return withCorsHeaders(await dispatchRouteWorker(route, request, env, ctx));
+        }), request), request);
+        if (route?.worker) {
+            const renderableRequest = createRenderableRequest(request);
+            return finalizeResponseForRequest(withAppCorsHeaders(await dispatchRouteWorker(route, renderableRequest, env, ctx), request), request);
+        }
         const htmlResponse = await fetchRouteHtml(route, request, env);
-        if (htmlResponse) return htmlResponse;
-        return withCorsHeaders(new Response('Not found', {
+        if (htmlResponse) return finalizeResponseForRequest(htmlResponse, request);
+        return finalizeResponseForRequest(withAppCorsHeaders(new Response('Not found', {
             status: 404
-        }));
+        }), request), request);
     }
 };

package/dist/esm-node/plugins/deploy/utils/index.mjs

@@ -1,10 +1,12 @@
 import "node:module";
 import { createRequire } from "node:module";
-import { ROUTE_SPEC_FILE, SERVER_DIR, fs, getMeta } from "@modern-js/utils";
+import { pathToFileURL } from "node:url";
+import { ROUTE_SPEC_FILE, SERVER_DIR, dynamicImport, fs, getMeta } from "@modern-js/utils";
 import path from "path";
 import { fileURLToPath as __rspack_fileURLToPath } from "node:url";
 import { dirname as __rspack_dirname } from "node:path";
 var utils_dirname = __rspack_dirname(__rspack_fileURLToPath(import.meta.url));
+var utils_filename = __rspack_fileURLToPath(import.meta.url);
 const normalizePath = (filePath)=>filePath.replace(/\\/g, '/');
 const getProjectUsage = (appDirectory, distDirectory, metaName)=>{
     const routeJSON = path.join(distDirectory, ROUTE_SPEC_FILE);
@@ -29,43 +31,17 @@ const getProjectUsage = (appDirectory, distDirectory, metaName)=>{
 };
 const getTemplatePath = (file)=>path.join(utils_dirname, '../platforms/templates', file);
 const readTemplate = async (file)=>(await fs.readFile(getTemplatePath(file))).toString();
-const localRequire = createRequire(path.join(utils_dirname, 'package.json'));
-const findNearestPackageJson = (resolvedEntry)=>{
-    let currentDir = path.dirname(resolvedEntry);
-    while(currentDir !== path.dirname(currentDir)){
-        const manifestPath = path.join(currentDir, 'package.json');
-        if (fs.existsSync(manifestPath)) return manifestPath;
-        currentDir = path.dirname(currentDir);
-    }
-};
-const splitPackageSpecifier = (entry)=>{
-    const segments = entry.split('/');
-    if (entry.startsWith('@')) {
-        const [scope, name, ...rest] = segments;
-        return {
-            packageName: `${scope}/${name}`,
-            exportKey: rest.length > 0 ? `./${rest.join('/')}` : '.'
-        };
-    }
-    const [name, ...rest] = segments;
-    return {
-        packageName: name,
-        exportKey: rest.length > 0 ? `./${rest.join('/')}` : '.'
-    };
-};
 const resolveESMDependency = async (entry)=>{
+    const conditions = new Set([
+        'node',
+        'import',
+        'module',
+        'default'
+    ]);
     try {
-        const { packageName, exportKey } = splitPackageSpecifier(entry);
-        const resolvedEntry = localRequire.resolve(entry);
-        const packageJsonPath = findNearestPackageJson(localRequire.resolve(packageName));
-        if (!packageJsonPath) return normalizePath(resolvedEntry);
-        const packageDir = path.dirname(packageJsonPath);
-        const packageJson = fs.readJSONSync(packageJsonPath);
-        const exportConfig = packageJson.exports?.[exportKey];
-        if ('string' == typeof exportConfig) return normalizePath(path.join(packageDir, exportConfig));
-        const esmExportPath = exportConfig?.node?.import || exportConfig?.import || exportConfig?.default;
-        if ('string' == typeof esmExportPath) return normalizePath(path.join(packageDir, esmExportPath));
-        return normalizePath(resolvedEntry);
+        const resolverPath = pathToFileURL(createRequire(utils_filename).resolve('import-meta-resolve')).href;
+        const { moduleResolve } = await dynamicImport(resolverPath);
+        return normalizePath(moduleResolve(entry, pathToFileURL(`${utils_dirname}/`), conditions, false).pathname.replace(/^\/(\w):/, '$1:'));
     } catch (err) {}
 };
 export { getProjectUsage, getTemplatePath, normalizePath, readTemplate, resolveESMDependency };

package/dist/esm-node/plugins/initialize/index.mjs

@@ -1,6 +1,6 @@
 import "node:module";
 import { ensureAbsolutePath, getPort, isDev, isDevCommand } from "@modern-js/utils";
-import { createDefaultConfig } from "../../config/index.mjs";
+import { createDefaultConfig, isLazyCompilationSafeByDefault } from "../../config/index.mjs";
 const initialize = ()=>({
         name: '@modern-js/plugin-initialize',
         post: [
@@ -12,7 +12,16 @@ const initialize = ()=>({
         setup (api) {
             api.config(()=>{
                 const appContext = api.getAppContext();
-                return createDefaultConfig(appContext);
+                const userConfig = api.getConfig();
+                const defaultConfig = createDefaultConfig(appContext);
+                if (userConfig.dev?.lazyCompilation === void 0 && isLazyCompilationSafeByDefault(userConfig)) defaultConfig.dev = {
+                    ...defaultConfig.dev,
+                    lazyCompilation: {
+                        imports: true,
+                        entries: false
+                    }
+                };
+                return defaultConfig;
             });
             api.modifyResolvedConfig(async (resolved)=>{
                 let appContext = api.getAppContext();

package/dist/esm-node/presetUltramodern.mjs

@@ -1,5 +1,79 @@
 import "node:module";
-import { createAppBaselineConfig, withAppBaseline } from "./baseline.mjs";
-const createPresetUltramodernConfig = (options = {})=>createAppBaselineConfig(options);
-const presetUltramodern = (config, options = {})=>withAppBaseline(config, options);
+import node_fs from "node:fs";
+import node_path from "node:path";
+import { mergeConfig } from "@modern-js/plugin/cli";
+const DEFAULT_OTLP_ENDPOINT = 'http://127.0.0.1:4318/v1/logs';
+const DEFAULT_VICTORIA_METRICS_ENDPOINT = 'http://127.0.0.1:8428/api/v1/import/prometheus';
+const resolveReactRouterPackageDir = (appDirectory)=>{
+    const resolveNodeModulePackageJson = (packageName, fromDirectory)=>{
+        let currentDirectory = node_path.resolve(fromDirectory);
+        while(true){
+            const packageJson = node_path.join(currentDirectory, 'node_modules', packageName, 'package.json');
+            if (node_fs.existsSync(packageJson)) return node_fs.realpathSync(packageJson);
+            const parentDirectory = node_path.dirname(currentDirectory);
+            if (parentDirectory === currentDirectory) return;
+            currentDirectory = parentDirectory;
+        }
+    };
+    const reactRouterPackageJson = resolveNodeModulePackageJson('react-router', appDirectory);
+    if (reactRouterPackageJson) return node_path.dirname(reactRouterPackageJson);
+    const reactRouterDomPackageJson = resolveNodeModulePackageJson('react-router-dom', appDirectory);
+    if (!reactRouterDomPackageJson) return;
+    const nestedReactRouterPackageJson = resolveNodeModulePackageJson('react-router', node_path.dirname(reactRouterDomPackageJson));
+    if (nestedReactRouterPackageJson) return node_path.dirname(nestedReactRouterPackageJson);
+};
+const setReactRouterBridgeSafeAliases = (chain, { isProd })=>{
+    const chainContext = chain.get('context');
+    const appDirectory = 'string' == typeof chainContext && chainContext.length > 0 ? chainContext : process.cwd();
+    const reactRouterPackageDir = resolveReactRouterPackageDir(appDirectory);
+    if (!reactRouterPackageDir) return;
+    const productionEntry = node_path.join(reactRouterPackageDir, 'dist/production/index.mjs');
+    const developmentEntry = node_path.join(reactRouterPackageDir, 'dist/development/index.mjs');
+    chain.resolve.alias.set('react-router$', isProd ? productionEntry : developmentEntry);
+    chain.resolve.alias.set('react-router/dist/production/index.js', productionEntry);
+    chain.resolve.alias.set('react-router/dist/development/index.js', developmentEntry);
+};
+const createPresetUltramodernConfig = (options = {})=>{
+    const { appId = 'app', enableBffRequestId = true, enableTelemetry = true, enableTelemetryExporters, otlpEndpoint = process.env.MODERN_TELEMETRY_OTLP_ENDPOINT, victoriaMetricsEndpoint = process.env.MODERN_TELEMETRY_VICTORIA_ENDPOINT, telemetryFailLoudStartup = true, enableModuleFederationSSR = true } = options;
+    const server = {};
+    if (enableTelemetry) {
+        server.telemetry = {
+            enabled: true,
+            failLoudStartup: telemetryFailLoudStartup
+        };
+        if (false !== enableTelemetryExporters) {
+            const exporters = {};
+            if (true === enableTelemetryExporters || otlpEndpoint) exporters.otlp = {
+                enabled: true,
+                endpoint: otlpEndpoint || DEFAULT_OTLP_ENDPOINT
+            };
+            if (true === enableTelemetryExporters || victoriaMetricsEndpoint) exporters.victoriaMetrics = {
+                enabled: true,
+                endpoint: victoriaMetricsEndpoint || DEFAULT_VICTORIA_METRICS_ENDPOINT
+            };
+            if (Object.keys(exporters).length > 0) server.telemetry.exporters = exporters;
+        }
+    }
+    if (enableModuleFederationSSR) server.ssr = {
+        mode: 'stream',
+        moduleFederationAppSSR: true
+    };
+    const presetConfig = {
+        output: {
+            precompress: true
+        },
+        server,
+        tools: {
+            bundlerChain: setReactRouterBridgeSafeAliases
+        }
+    };
+    if (enableBffRequestId) presetConfig.bff = {
+        requestId: appId
+    };
+    return presetConfig;
+};
+const presetUltramodern = (config, options = {})=>mergeConfig([
+        createPresetUltramodernConfig(options),
+        config
+    ]);
 export { createPresetUltramodernConfig, presetUltramodern };

package/dist/esm-node/rsbuild.mjs

@@ -1,19 +1,12 @@
 import "node:module";
 import { parseRspackConfig } from "@modern-js/builder";
+import { createConfigOptions } from "@modern-js/plugin/cli";
 import { INTERNAL_RUNTIME_PLUGINS } from "@modern-js/utils";
 import { builderPluginAdapterBasic, builderPluginAdapterHooks } from "./builder/shared/builderPlugins/index.mjs";
 import { DEFAULT_CONFIG_FILE } from "./constants.mjs";
 import { getConfigFile } from "./utils/getConfigFile.mjs";
 import { loadInternalPlugins } from "./utils/loadPlugins.mjs";
-import { __webpack_require__ } from "./rslib-runtime.mjs";
-import * as __rspack_external__modern_js_plugin_cli_caa09fa2 from "@modern-js/plugin/cli";
-__webpack_require__.add({
-    "@modern-js/plugin/cli?8936" (module) {
-        module.exports = __rspack_external__modern_js_plugin_cli_caa09fa2;
-    }
-});
 const MODERN_META_NAME = 'modern-js';
-const { createConfigOptions: createConfigOptions } = __webpack_require__("@modern-js/plugin/cli?8936");
 async function resolveModernRsbuildConfig(options) {
     const { cwd = process.cwd(), metaName = MODERN_META_NAME } = options;
     const configFile = options.configPath || getConfigFile(void 0, cwd);

package/dist/esm-node/types/config/cloudflareDeploy.mjs

@@ -0,0 +1 @@
+import "node:module";

package/dist/esm-node/types/config/precompress.mjs

@@ -0,0 +1 @@
+import "node:module";