@bloomneo/appkit 1.5.1 → 1.5.2

package/dist/queue/defaults.js

@@ -3,12 +3,12 @@
  * @module @bloomneo/appkit/queue
  * @file src/queue/defaults.ts
  *
- * @llm-rule WHEN: App startup - need to parse VOILA_QUEUE_* environment variables and detect transports
+ * @llm-rule WHEN: App startup - need to parse BLOOM_QUEUE_* environment variables and detect transports
  * @llm-rule AVOID: Calling multiple times - expensive validation, use lazy loading in get()
  * @llm-rule NOTE: Called once at startup, cached globally for performance like auth/logging modules
  */
 /**
- * Get smart defaults using direct VOILA_QUEUE_* environment access
+ * Get smart defaults using direct BLOOM_QUEUE_* environment access
  * @llm-rule WHEN: App startup to get production-ready queue configuration
  * @llm-rule AVOID: Calling repeatedly - validates environment each time, expensive operation
  * @llm-rule NOTE: Called once at startup, cached globally for performance
@@ -26,44 +26,44 @@ export function getSmartDefaults() {
     return {
         transport,
         // Core settings - direct env access
-        concurrency: parseInt(process.env.VOILA_QUEUE_CONCURRENCY || (isProduction ? '10' : '5')),
-        maxAttempts: parseInt(process.env.VOILA_QUEUE_MAX_ATTEMPTS || '3'),
-        retryDelay: parseInt(process.env.VOILA_QUEUE_RETRY_DELAY || '5000'),
-        retryBackoff: process.env.VOILA_QUEUE_RETRY_BACKOFF || 'exponential',
+        concurrency: parseInt(process.env.BLOOM_QUEUE_CONCURRENCY || (isProduction ? '10' : '5')),
+        maxAttempts: parseInt(process.env.BLOOM_QUEUE_MAX_ATTEMPTS || '3'),
+        retryDelay: parseInt(process.env.BLOOM_QUEUE_RETRY_DELAY || '5000'),
+        retryBackoff: process.env.BLOOM_QUEUE_RETRY_BACKOFF || 'exponential',
         // Job management - direct env access
-        defaultPriority: parseInt(process.env.VOILA_QUEUE_DEFAULT_PRIORITY || '0'),
-        removeOnComplete: parseInt(process.env.VOILA_QUEUE_REMOVE_COMPLETE || (isProduction ? '100' : '10')),
-        removeOnFail: parseInt(process.env.VOILA_QUEUE_REMOVE_FAILED || (isProduction ? '500' : '50')),
+        defaultPriority: parseInt(process.env.BLOOM_QUEUE_DEFAULT_PRIORITY || '0'),
+        removeOnComplete: parseInt(process.env.BLOOM_QUEUE_REMOVE_COMPLETE || (isProduction ? '100' : '10')),
+        removeOnFail: parseInt(process.env.BLOOM_QUEUE_REMOVE_FAILED || (isProduction ? '500' : '50')),
         // Memory transport config - direct env access
         memory: {
-            maxJobs: parseInt(process.env.VOILA_QUEUE_MEMORY_MAX_JOBS || (isDevelopment ? '1000' : '100')),
-            cleanupInterval: parseInt(process.env.VOILA_QUEUE_MEMORY_CLEANUP || '30000'),
+            maxJobs: parseInt(process.env.BLOOM_QUEUE_MEMORY_MAX_JOBS || (isDevelopment ? '1000' : '100')),
+            cleanupInterval: parseInt(process.env.BLOOM_QUEUE_MEMORY_CLEANUP || '30000'),
         },
         // Redis transport config - direct env access
         redis: {
             url: process.env.REDIS_URL || null,
-            keyPrefix: process.env.VOILA_QUEUE_REDIS_PREFIX || 'queue',
-            maxRetriesPerRequest: parseInt(process.env.VOILA_QUEUE_REDIS_RETRIES || '3'),
-            retryDelayOnFailover: parseInt(process.env.VOILA_QUEUE_REDIS_FAILOVER_DELAY || '100'),
+            keyPrefix: process.env.BLOOM_QUEUE_REDIS_PREFIX || 'queue',
+            maxRetriesPerRequest: parseInt(process.env.BLOOM_QUEUE_REDIS_RETRIES || '3'),
+            retryDelayOnFailover: parseInt(process.env.BLOOM_QUEUE_REDIS_FAILOVER_DELAY || '100'),
         },
         // Database transport config - direct env access
         database: {
             url: process.env.DATABASE_URL || null,
-            tableName: process.env.VOILA_QUEUE_DB_TABLE || 'queue_jobs',
-            batchSize: parseInt(process.env.VOILA_QUEUE_DB_BATCH || '50'),
-            pollInterval: parseInt(process.env.VOILA_QUEUE_DB_POLL || (isProduction ? '5000' : '2000')),
+            tableName: process.env.BLOOM_QUEUE_DB_TABLE || 'queue_jobs',
+            batchSize: parseInt(process.env.BLOOM_QUEUE_DB_BATCH || '50'),
+            pollInterval: parseInt(process.env.BLOOM_QUEUE_DB_POLL || (isProduction ? '5000' : '2000')),
         },
         // Worker config - direct env access
         worker: {
             enabled: workerEnabled,
-            gracefulShutdownTimeout: parseInt(process.env.VOILA_QUEUE_SHUTDOWN_TIMEOUT || '30000'),
-            stalledInterval: parseInt(process.env.VOILA_QUEUE_STALLED_INTERVAL || '30000'),
-            maxStalledCount: parseInt(process.env.VOILA_QUEUE_MAX_STALLED || '1'),
+            gracefulShutdownTimeout: parseInt(process.env.BLOOM_QUEUE_SHUTDOWN_TIMEOUT || '30000'),
+            stalledInterval: parseInt(process.env.BLOOM_QUEUE_STALLED_INTERVAL || '30000'),
+            maxStalledCount: parseInt(process.env.BLOOM_QUEUE_MAX_STALLED || '1'),
         },
         // Service identification - direct env access
         service: {
-            name: process.env.VOILA_SERVICE_NAME || process.env.npm_package_name || 'app',
-            version: process.env.VOILA_SERVICE_VERSION || process.env.npm_package_version || '1.0.0',
+            name: process.env.BLOOM_SERVICE_NAME || process.env.npm_package_name || 'app',
+            version: process.env.BLOOM_SERVICE_VERSION || process.env.npm_package_version || '1.0.0',
             environment: nodeEnv,
         },
     };
@@ -75,7 +75,7 @@ export function getSmartDefaults() {
  */
 function getTransport() {
     // Manual override wins (like auth module pattern)
-    const manual = process.env.VOILA_QUEUE_TRANSPORT?.toLowerCase();
+    const manual = process.env.BLOOM_QUEUE_TRANSPORT?.toLowerCase();
     if (manual === 'memory' || manual === 'redis' || manual === 'database') {
         return manual;
     }
@@ -95,7 +95,7 @@ function getTransport() {
  */
 function getWorkerEnabled(isDevelopment) {
     // Explicit worker mode setting
-    const workerEnv = process.env.VOILA_QUEUE_WORKER;
+    const workerEnv = process.env.BLOOM_QUEUE_WORKER;
     if (workerEnv !== undefined) {
         return workerEnv.toLowerCase() === 'true';
     }
@@ -116,24 +116,24 @@ function getWorkerEnabled(isDevelopment) {
  */
 export function validateEnvironment() {
     // Validate concurrency
-    const concurrency = process.env.VOILA_QUEUE_CONCURRENCY;
+    const concurrency = process.env.BLOOM_QUEUE_CONCURRENCY;
     if (concurrency && (isNaN(parseInt(concurrency)) || parseInt(concurrency) < 1 || parseInt(concurrency) > 100)) {
-        throw new Error(`Invalid VOILA_QUEUE_CONCURRENCY: "${concurrency}". Must be number between 1 and 100`);
+        throw new Error(`Invalid BLOOM_QUEUE_CONCURRENCY: "${concurrency}". Must be number between 1 and 100`);
     }
     // Validate max attempts
-    const maxAttempts = process.env.VOILA_QUEUE_MAX_ATTEMPTS;
+    const maxAttempts = process.env.BLOOM_QUEUE_MAX_ATTEMPTS;
     if (maxAttempts && (isNaN(parseInt(maxAttempts)) || parseInt(maxAttempts) < 1 || parseInt(maxAttempts) > 10)) {
-        throw new Error(`Invalid VOILA_QUEUE_MAX_ATTEMPTS: "${maxAttempts}". Must be number between 1 and 10`);
+        throw new Error(`Invalid BLOOM_QUEUE_MAX_ATTEMPTS: "${maxAttempts}". Must be number between 1 and 10`);
     }
     // Validate retry backoff
-    const backoff = process.env.VOILA_QUEUE_RETRY_BACKOFF;
+    const backoff = process.env.BLOOM_QUEUE_RETRY_BACKOFF;
     if (backoff && !['fixed', 'exponential'].includes(backoff)) {
-        throw new Error(`Invalid VOILA_QUEUE_RETRY_BACKOFF: "${backoff}". Must be: fixed, exponential`);
+        throw new Error(`Invalid BLOOM_QUEUE_RETRY_BACKOFF: "${backoff}". Must be: fixed, exponential`);
     }
     // Validate transport selection
-    const transport = process.env.VOILA_QUEUE_TRANSPORT;
+    const transport = process.env.BLOOM_QUEUE_TRANSPORT;
     if (transport && !['memory', 'redis', 'database'].includes(transport)) {
-        throw new Error(`Invalid VOILA_QUEUE_TRANSPORT: "${transport}". Must be: memory, redis, database`);
+        throw new Error(`Invalid BLOOM_QUEUE_TRANSPORT: "${transport}". Must be: memory, redis, database`);
     }
     // Validate Redis URL if provided
     const redisUrl = process.env.REDIS_URL;
@@ -146,15 +146,15 @@ export function validateEnvironment() {
         throw new Error(`Invalid DATABASE_URL: "${dbUrl}". Must be valid database connection string`);
     }
     // Validate worker setting
-    const worker = process.env.VOILA_QUEUE_WORKER;
+    const worker = process.env.BLOOM_QUEUE_WORKER;
     if (worker && !['true', 'false'].includes(worker.toLowerCase())) {
-        throw new Error(`Invalid VOILA_QUEUE_WORKER: "${worker}". Must be: true, false`);
+        throw new Error(`Invalid BLOOM_QUEUE_WORKER: "${worker}". Must be: true, false`);
     }
     // Validate numeric values
-    validateNumericEnv('VOILA_QUEUE_RETRY_DELAY', 1000, 300000); // 1s to 5min
-    validateNumericEnv('VOILA_QUEUE_MEMORY_MAX_JOBS', 100, 100000); // 100 to 100k
-    validateNumericEnv('VOILA_QUEUE_DB_POLL', 1000, 60000); // 1s to 1min
-    validateNumericEnv('VOILA_QUEUE_SHUTDOWN_TIMEOUT', 5000, 120000); // 5s to 2min
+    validateNumericEnv('BLOOM_QUEUE_RETRY_DELAY', 1000, 300000); // 1s to 5min
+    validateNumericEnv('BLOOM_QUEUE_MEMORY_MAX_JOBS', 100, 100000); // 100 to 100k
+    validateNumericEnv('BLOOM_QUEUE_DB_POLL', 1000, 60000); // 1s to 1min
+    validateNumericEnv('BLOOM_QUEUE_SHUTDOWN_TIMEOUT', 5000, 120000); // 5s to 2min
 }
 /**
  * Validate numeric environment variable

package/dist/security/defaults.d.ts

@@ -48,7 +48,7 @@ export interface SecurityError extends Error {
     [key: string]: any;
 }
 /**
- * Gets smart defaults using VOILA_SECURITY_* environment variables
+ * Gets smart defaults using BLOOM_SECURITY_* environment variables
  * @llm-rule WHEN: App startup to get production-ready security configuration
  * @llm-rule AVOID: Calling repeatedly - expensive validation, cache the result
  * @llm-rule NOTE: Automatically configures CSRF, rate limiting, and encryption from environment

package/dist/security/defaults.js

@@ -8,7 +8,7 @@
  * @llm-rule NOTE: Called once at startup, cached globally for performance
  */
 /**
- * Gets smart defaults using VOILA_SECURITY_* environment variables
+ * Gets smart defaults using BLOOM_SECURITY_* environment variables
  * @llm-rule WHEN: App startup to get production-ready security configuration
  * @llm-rule AVOID: Calling repeatedly - expensive validation, cache the result
  * @llm-rule NOTE: Automatically configures CSRF, rate limiting, and encryption from environment
@@ -22,28 +22,28 @@ export function getSmartDefaults() {
     return {
         // CSRF configuration with fallback to auth secret
         csrf: {
-            secret: process.env.VOILA_SECURITY_CSRF_SECRET || process.env.VOILA_AUTH_SECRET || '',
-            tokenField: process.env.VOILA_SECURITY_CSRF_FIELD || '_csrf',
-            headerField: process.env.VOILA_SECURITY_CSRF_HEADER || 'x-csrf-token',
-            expiryMinutes: parseInt(process.env.VOILA_SECURITY_CSRF_EXPIRY || '60'),
+            secret: process.env.BLOOM_SECURITY_CSRF_SECRET || process.env.BLOOM_AUTH_SECRET || '',
+            tokenField: process.env.BLOOM_SECURITY_CSRF_FIELD || '_csrf',
+            headerField: process.env.BLOOM_SECURITY_CSRF_HEADER || 'x-csrf-token',
+            expiryMinutes: parseInt(process.env.BLOOM_SECURITY_CSRF_EXPIRY || '60'),
         },
         // Rate limiting with production-ready defaults
         rateLimit: {
-            maxRequests: parseInt(process.env.VOILA_SECURITY_RATE_LIMIT || '100'),
-            windowMs: parseInt(process.env.VOILA_SECURITY_RATE_WINDOW || String(15 * 60 * 1000)), // 15 minutes
-            message: process.env.VOILA_SECURITY_RATE_MESSAGE || 'Too many requests, please try again later',
+            maxRequests: parseInt(process.env.BLOOM_SECURITY_RATE_LIMIT || '100'),
+            windowMs: parseInt(process.env.BLOOM_SECURITY_RATE_WINDOW || String(15 * 60 * 1000)), // 15 minutes
+            message: process.env.BLOOM_SECURITY_RATE_MESSAGE || 'Too many requests, please try again later',
         },
         // Input sanitization configuration
         sanitization: {
-            maxLength: parseInt(process.env.VOILA_SECURITY_MAX_INPUT_LENGTH || '1000'),
-            allowedTags: process.env.VOILA_SECURITY_ALLOWED_TAGS
-                ? process.env.VOILA_SECURITY_ALLOWED_TAGS.split(',').map(tag => tag.trim())
+            maxLength: parseInt(process.env.BLOOM_SECURITY_MAX_INPUT_LENGTH || '1000'),
+            allowedTags: process.env.BLOOM_SECURITY_ALLOWED_TAGS
+                ? process.env.BLOOM_SECURITY_ALLOWED_TAGS.split(',').map(tag => tag.trim())
                 : [],
-            stripAllTags: process.env.VOILA_SECURITY_STRIP_ALL_TAGS === 'true',
+            stripAllTags: process.env.BLOOM_SECURITY_STRIP_ALL_TAGS === 'true',
         },
         // Encryption configuration with AES-256-GCM
         encryption: {
-            key: process.env.VOILA_SECURITY_ENCRYPTION_KEY,
+            key: process.env.BLOOM_SECURITY_ENCRYPTION_KEY,
             algorithm: 'aes-256-gcm',
             ivLength: 16,
             tagLength: 16,
@@ -67,52 +67,52 @@ export function getSmartDefaults() {
 function validateEnvironment() {
     const nodeEnv = process.env.NODE_ENV || 'development';
     // Validate CSRF secret in production
-    const csrfSecret = process.env.VOILA_SECURITY_CSRF_SECRET || process.env.VOILA_AUTH_SECRET;
+    const csrfSecret = process.env.BLOOM_SECURITY_CSRF_SECRET || process.env.BLOOM_AUTH_SECRET;
     if (!csrfSecret && nodeEnv === 'production') {
-        console.warn('[Bloomneo AppKit] VOILA_SECURITY_CSRF_SECRET not set. ' +
+        console.warn('[Bloomneo AppKit] BLOOM_SECURITY_CSRF_SECRET not set. ' +
             'CSRF protection will not work in production. ' +
-            'Set VOILA_SECURITY_CSRF_SECRET or VOILA_AUTH_SECRET environment variable.');
+            'Set BLOOM_SECURITY_CSRF_SECRET or BLOOM_AUTH_SECRET environment variable.');
     }
     // Validate encryption key if provided
-    const encryptionKey = process.env.VOILA_SECURITY_ENCRYPTION_KEY;
+    const encryptionKey = process.env.BLOOM_SECURITY_ENCRYPTION_KEY;
     if (encryptionKey) {
         validateEncryptionKey(encryptionKey);
     }
     // Validate rate limit values
-    const rateLimit = process.env.VOILA_SECURITY_RATE_LIMIT;
+    const rateLimit = process.env.BLOOM_SECURITY_RATE_LIMIT;
     if (rateLimit) {
         const rateLimitNum = parseInt(rateLimit);
         if (isNaN(rateLimitNum) || rateLimitNum <= 0) {
-            throw new Error(`Invalid VOILA_SECURITY_RATE_LIMIT: "${rateLimit}". Must be a positive number.`);
+            throw new Error(`Invalid BLOOM_SECURITY_RATE_LIMIT: "${rateLimit}". Must be a positive number.`);
         }
     }
-    const rateWindow = process.env.VOILA_SECURITY_RATE_WINDOW;
+    const rateWindow = process.env.BLOOM_SECURITY_RATE_WINDOW;
     if (rateWindow) {
         const rateWindowNum = parseInt(rateWindow);
         if (isNaN(rateWindowNum) || rateWindowNum <= 0) {
-            throw new Error(`Invalid VOILA_SECURITY_RATE_WINDOW: "${rateWindow}". Must be a positive number (milliseconds).`);
+            throw new Error(`Invalid BLOOM_SECURITY_RATE_WINDOW: "${rateWindow}". Must be a positive number (milliseconds).`);
         }
     }
     // Validate max input length
-    const maxLength = process.env.VOILA_SECURITY_MAX_INPUT_LENGTH;
+    const maxLength = process.env.BLOOM_SECURITY_MAX_INPUT_LENGTH;
     if (maxLength) {
         const maxLengthNum = parseInt(maxLength);
         if (isNaN(maxLengthNum) || maxLengthNum <= 0) {
-            throw new Error(`Invalid VOILA_SECURITY_MAX_INPUT_LENGTH: "${maxLength}". Must be a positive number.`);
+            throw new Error(`Invalid BLOOM_SECURITY_MAX_INPUT_LENGTH: "${maxLength}". Must be a positive number.`);
         }
     }
     // Validate CSRF expiry
-    const csrfExpiry = process.env.VOILA_SECURITY_CSRF_EXPIRY;
+    const csrfExpiry = process.env.BLOOM_SECURITY_CSRF_EXPIRY;
     if (csrfExpiry) {
         const csrfExpiryNum = parseInt(csrfExpiry);
         if (isNaN(csrfExpiryNum) || csrfExpiryNum <= 0) {
-            throw new Error(`Invalid VOILA_SECURITY_CSRF_EXPIRY: "${csrfExpiry}". Must be a positive number (minutes).`);
+            throw new Error(`Invalid BLOOM_SECURITY_CSRF_EXPIRY: "${csrfExpiry}". Must be a positive number (minutes).`);
         }
     }
     // Production-specific warnings
     if (nodeEnv === 'production') {
         if (!encryptionKey) {
-            console.warn('[Bloomneo AppKit] VOILA_SECURITY_ENCRYPTION_KEY not set. ' +
+            console.warn('[Bloomneo AppKit] BLOOM_SECURITY_ENCRYPTION_KEY not set. ' +
                 'Data encryption will not be available in production.');
         }
     }
@@ -130,16 +130,16 @@ function validateEnvironment() {
  */
 function validateEncryptionKey(key) {
     if (typeof key !== 'string') {
-        throw new Error('VOILA_SECURITY_ENCRYPTION_KEY must be a string.');
+        throw new Error('BLOOM_SECURITY_ENCRYPTION_KEY must be a string.');
     }
     // Check if it's a valid hex string
     if (!/^[0-9a-fA-F]+$/.test(key)) {
-        throw new Error('VOILA_SECURITY_ENCRYPTION_KEY must be a valid hexadecimal string. ' +
+        throw new Error('BLOOM_SECURITY_ENCRYPTION_KEY must be a valid hexadecimal string. ' +
             'Generate one using: node -e "console.log(require(\'crypto\').randomBytes(32).toString(\'hex\'))"');
     }
     // Check length (should be 64 hex characters for 32 bytes)
     if (key.length !== 64) {
-        throw new Error(`VOILA_SECURITY_ENCRYPTION_KEY must be 64 hex characters (32 bytes). ` +
+        throw new Error(`BLOOM_SECURITY_ENCRYPTION_KEY must be 64 hex characters (32 bytes). ` +
             `Current length: ${key.length}. ` +
             `Generate one using: node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"`);
     }

package/dist/security/index.d.ts

@@ -52,7 +52,7 @@ declare function isProduction(): boolean;
  * Generate a secure encryption key for production use
  * @llm-rule WHEN: Setting up encryption for the first time or rotating keys
  * @llm-rule AVOID: Using weak or predictable keys - always use this for key generation
- * @llm-rule NOTE: Returns 64-character hex string suitable for VOILA_SECURITY_ENCRYPTION_KEY
+ * @llm-rule NOTE: Returns 64-character hex string suitable for BLOOM_SECURITY_ENCRYPTION_KEY
  */
 declare function generateKey(): string;
 /**

package/dist/security/index.js

@@ -78,7 +78,7 @@ function isProduction() {
  * Generate a secure encryption key for production use
  * @llm-rule WHEN: Setting up encryption for the first time or rotating keys
  * @llm-rule AVOID: Using weak or predictable keys - always use this for key generation
- * @llm-rule NOTE: Returns 64-character hex string suitable for VOILA_SECURITY_ENCRYPTION_KEY
+ * @llm-rule NOTE: Returns 64-character hex string suitable for BLOOM_SECURITY_ENCRYPTION_KEY
  */
 function generateKey() {
     const security = get();
@@ -113,10 +113,10 @@ function validateRequired(checks = {}) {
     const config = getConfig();
     const missing = [];
     if (checks.csrf && !config.csrf.secret) {
-        missing.push('VOILA_SECURITY_CSRF_SECRET or VOILA_AUTH_SECRET');
+        missing.push('BLOOM_SECURITY_CSRF_SECRET or BLOOM_AUTH_SECRET');
     }
     if (checks.encryption && !config.encryption.key) {
-        missing.push('VOILA_SECURITY_ENCRYPTION_KEY');
+        missing.push('BLOOM_SECURITY_ENCRYPTION_KEY');
     }
     if (missing.length > 0) {
         throw new Error(`Missing required security configuration: ${missing.join(', ')}\n` +

package/dist/security/security.d.ts

@@ -111,7 +111,7 @@ export declare class SecurityClass {
      * Generates a cryptographically secure 256-bit encryption key
      * @llm-rule WHEN: Setting up encryption for the first time or rotating keys
      * @llm-rule AVOID: Using weak or predictable keys - always use this method for key generation
-     * @llm-rule NOTE: Returns 64-character hex string suitable for VOILA_SECURITY_ENCRYPTION_KEY
+     * @llm-rule NOTE: Returns 64-character hex string suitable for BLOOM_SECURITY_ENCRYPTION_KEY
      */
     generateKey(): string;
     /**

package/dist/security/security.js

@@ -30,7 +30,7 @@ export class SecurityClass {
     forms(options = {}) {
         const csrfSecret = options.secret || this.config.csrf.secret;
         if (!csrfSecret) {
-            throw createSecurityError('CSRF secret required. Set VOILA_SECURITY_CSRF_SECRET or VOILA_AUTH_SECRET environment variable', 500);
+            throw createSecurityError('CSRF secret required. Set BLOOM_SECURITY_CSRF_SECRET or BLOOM_AUTH_SECRET environment variable', 500);
         }
         const tokenField = options.tokenField || this.config.csrf.tokenField;
         const headerField = options.headerField || this.config.csrf.headerField;
@@ -242,7 +242,7 @@ export class SecurityClass {
         }
         const encryptionKey = key || this.config.encryption.key;
         if (!encryptionKey) {
-            throw createSecurityError('Encryption key required. Provide as argument or set VOILA_SECURITY_ENCRYPTION_KEY environment variable', 500);
+            throw createSecurityError('Encryption key required. Provide as argument or set BLOOM_SECURITY_ENCRYPTION_KEY environment variable', 500);
         }
         this.validateEncryptionKey(encryptionKey);
         const keyBuffer = typeof encryptionKey === 'string'
@@ -284,7 +284,7 @@ export class SecurityClass {
         }
         const decryptionKey = key || this.config.encryption.key;
         if (!decryptionKey) {
-            throw createSecurityError('Decryption key required. Provide as argument or set VOILA_SECURITY_ENCRYPTION_KEY environment variable', 500);
+            throw createSecurityError('Decryption key required. Provide as argument or set BLOOM_SECURITY_ENCRYPTION_KEY environment variable', 500);
         }
         this.validateEncryptionKey(decryptionKey);
         const keyBuffer = typeof decryptionKey === 'string'
@@ -331,7 +331,7 @@ export class SecurityClass {
      * Generates a cryptographically secure 256-bit encryption key
      * @llm-rule WHEN: Setting up encryption for the first time or rotating keys
      * @llm-rule AVOID: Using weak or predictable keys - always use this method for key generation
-     * @llm-rule NOTE: Returns 64-character hex string suitable for VOILA_SECURITY_ENCRYPTION_KEY
+     * @llm-rule NOTE: Returns 64-character hex string suitable for BLOOM_SECURITY_ENCRYPTION_KEY
      */
     generateKey() {
         try {

package/dist/storage/defaults.js

@@ -27,11 +27,11 @@ export function getSmartDefaults() {
         strategy,
         // Local configuration (only used when strategy is 'local')
         local: {
-            dir: process.env.VOILA_STORAGE_DIR || './uploads',
-            baseUrl: process.env.VOILA_STORAGE_BASE_URL || '/uploads',
-            maxFileSize: parseInt(process.env.VOILA_STORAGE_MAX_SIZE || '52428800'), // 50MB default
+            dir: process.env.BLOOM_STORAGE_DIR || './uploads',
+            baseUrl: process.env.BLOOM_STORAGE_BASE_URL || '/uploads',
+            maxFileSize: parseInt(process.env.BLOOM_STORAGE_MAX_SIZE || '52428800'), // 50MB default
             allowedTypes: parseAllowedTypes(),
-            createDirs: process.env.VOILA_STORAGE_CREATE_DIRS !== 'false',
+            createDirs: process.env.BLOOM_STORAGE_CREATE_DIRS !== 'false',
         },
         // S3 configuration (only used when strategy is 's3')
         s3: {
@@ -41,8 +41,8 @@ export function getSmartDefaults() {
             accessKeyId: process.env.AWS_ACCESS_KEY_ID || process.env.S3_ACCESS_KEY_ID || '',
             secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY || process.env.S3_SECRET_ACCESS_KEY || '',
             forcePathStyle: process.env.S3_FORCE_PATH_STYLE === 'true',
-            signedUrlExpiry: parseInt(process.env.VOILA_STORAGE_SIGNED_EXPIRY || '3600'), // 1 hour
-            cdnUrl: process.env.VOILA_STORAGE_CDN_URL,
+            signedUrlExpiry: parseInt(process.env.BLOOM_STORAGE_SIGNED_EXPIRY || '3600'), // 1 hour
+            cdnUrl: process.env.BLOOM_STORAGE_CDN_URL,
         },
         // R2 configuration (only used when strategy is 'r2')
         r2: {
@@ -51,7 +51,7 @@ export function getSmartDefaults() {
             accessKeyId: process.env.CLOUDFLARE_R2_ACCESS_KEY_ID || '',
             secretAccessKey: process.env.CLOUDFLARE_R2_SECRET_ACCESS_KEY || '',
             cdnUrl: process.env.CLOUDFLARE_R2_CDN_URL,
-            signedUrlExpiry: parseInt(process.env.VOILA_STORAGE_SIGNED_EXPIRY || '3600'), // 1 hour
+            signedUrlExpiry: parseInt(process.env.BLOOM_STORAGE_SIGNED_EXPIRY || '3600'), // 1 hour
         },
         // Environment information
         environment: {
@@ -70,7 +70,7 @@ export function getSmartDefaults() {
  */
 function detectStorageStrategy() {
     // Explicit override wins (for testing/debugging)
-    const explicit = process.env.VOILA_STORAGE_STRATEGY?.toLowerCase();
+    const explicit = process.env.BLOOM_STORAGE_STRATEGY?.toLowerCase();
     if (explicit && ['local', 's3', 'r2'].includes(explicit)) {
         return explicit;
     }
@@ -95,7 +95,7 @@ function detectStorageStrategy() {
  * @llm-rule AVOID: Allowing all file types in production - security risk
  */
 function parseAllowedTypes() {
-    const envTypes = process.env.VOILA_STORAGE_ALLOWED_TYPES;
+    const envTypes = process.env.BLOOM_STORAGE_ALLOWED_TYPES;
     if (!envTypes) {
         // Safe defaults - common web file types
         return [
@@ -108,7 +108,7 @@ function parseAllowedTypes() {
     if (envTypes === '*') {
         if (process.env.NODE_ENV === 'production') {
             console.warn('[Bloomneo AppKit] SECURITY WARNING: All file types allowed in production. ' +
-                'Set VOILA_STORAGE_ALLOWED_TYPES to specific types for security.');
+                'Set BLOOM_STORAGE_ALLOWED_TYPES to specific types for security.');
         }
         return ['*']; // Allow all types (use with caution)
     }
@@ -122,13 +122,13 @@ function parseAllowedTypes() {
  */
 function validateEnvironment() {
     // Validate storage strategy if explicitly set
-    const strategy = process.env.VOILA_STORAGE_STRATEGY;
+    const strategy = process.env.BLOOM_STORAGE_STRATEGY;
     if (strategy && !['local', 's3', 'r2'].includes(strategy.toLowerCase())) {
-        throw new Error(`Invalid VOILA_STORAGE_STRATEGY: "${strategy}". Must be "local", "s3", or "r2"`);
+        throw new Error(`Invalid BLOOM_STORAGE_STRATEGY: "${strategy}". Must be "local", "s3", or "r2"`);
     }
     // Validate numeric values
-    validateNumericEnv('VOILA_STORAGE_MAX_SIZE', 1048576, 1073741824); // 1MB to 1GB
-    validateNumericEnv('VOILA_STORAGE_SIGNED_EXPIRY', 60, 604800); // 1 minute to 7 days
+    validateNumericEnv('BLOOM_STORAGE_MAX_SIZE', 1048576, 1073741824); // 1MB to 1GB
+    validateNumericEnv('BLOOM_STORAGE_SIGNED_EXPIRY', 60, 604800); // 1 minute to 7 days
     // Validate S3 configuration if S3 strategy detected
     if (shouldValidateS3()) {
         validateS3Config();
@@ -214,14 +214,14 @@ function validateR2Config() {
  * Validates local configuration
  */
 function validateLocalConfig() {
-    const dir = process.env.VOILA_STORAGE_DIR;
+    const dir = process.env.BLOOM_STORAGE_DIR;
     if (dir && (dir.includes('..') || dir.startsWith('/') && process.env.NODE_ENV === 'production')) {
         console.warn(`[Bloomneo AppKit] Potentially unsafe storage directory: "${dir}". ` +
             `Consider using a relative path for security.`);
     }
-    const baseUrl = process.env.VOILA_STORAGE_BASE_URL;
+    const baseUrl = process.env.BLOOM_STORAGE_BASE_URL;
     if (baseUrl && !baseUrl.startsWith('/') && !isValidUrl(baseUrl)) {
-        throw new Error(`Invalid VOILA_STORAGE_BASE_URL: "${baseUrl}". Must be a path or valid URL`);
+        throw new Error(`Invalid BLOOM_STORAGE_BASE_URL: "${baseUrl}". Must be a path or valid URL`);
     }
 }
 /**
@@ -237,10 +237,10 @@ function validateProductionConfig() {
             'Set AWS_S3_BUCKET or CLOUDFLARE_R2_BUCKET for distributed storage.');
     }
     // Warn about missing CDN in production
-    const cdnUrl = process.env.VOILA_STORAGE_CDN_URL || process.env.CLOUDFLARE_R2_CDN_URL;
+    const cdnUrl = process.env.BLOOM_STORAGE_CDN_URL || process.env.CLOUDFLARE_R2_CDN_URL;
     if (!cdnUrl && strategy !== 'local') {
         console.warn('[Bloomneo AppKit] No CDN URL configured in production. ' +
-            'Set VOILA_STORAGE_CDN_URL for better performance.');
+            'Set BLOOM_STORAGE_CDN_URL for better performance.');
     }
 }
 /**

package/dist/util/defaults.d.ts

@@ -51,7 +51,7 @@ export interface UtilConfig {
     environment: EnvironmentConfig;
 }
 /**
- * Gets smart defaults using VOILA_UTIL_* environment variables
+ * Gets smart defaults using BLOOM_UTIL_* environment variables
  * @llm-rule WHEN: App startup to get production-ready utility configuration
  * @llm-rule AVOID: Calling repeatedly - expensive validation, cache the result
  * @llm-rule NOTE: Called once at startup, cached globally for performance