@classytic/arc 1.1.0 → 2.1.2

package/dist/factory/index.js

@@ -1,1652 +0,0 @@
-import fp from 'fastify-plugin';
-import { randomUUID } from 'crypto';
-import { createRequire } from 'module';
-import Fastify from 'fastify';
-import qs from 'qs';
-
-var __defProp = Object.defineProperty;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __esm = (fn, res) => function __init() {
-  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
-};
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var requestIdPlugin, requestId_default;
-var init_requestId = __esm({
-  "src/plugins/requestId.ts"() {
-    requestIdPlugin = async (fastify, opts = {}) => {
-      const {
-        header = "x-request-id",
-        generator = randomUUID,
-        setResponseHeader = true
-      } = opts;
-      if (!fastify.hasRequestDecorator("requestId")) {
-        fastify.decorateRequest("requestId", "");
-      }
-      fastify.addHook("onRequest", async (request) => {
-        const incomingId = request.headers[header];
-        const requestId = typeof incomingId === "string" && incomingId.trim() ? incomingId.trim() : generator();
-        request.id = requestId;
-        request.requestId = requestId;
-      });
-      if (setResponseHeader) {
-        fastify.addHook("onSend", async (request, reply) => {
-          reply.header(header, request.requestId);
-        });
-      }
-      fastify.log?.debug?.("Request ID plugin registered");
-    };
-    requestId_default = fp(requestIdPlugin, {
-      name: "arc-request-id",
-      fastify: "5.x"
-    });
-  }
-});
-async function runChecks(checks) {
-  const results = [];
-  for (const check of checks) {
-    const start = Date.now();
-    const timeout = check.timeout ?? 5e3;
-    try {
-      const checkPromise = Promise.resolve(check.check());
-      const timeoutPromise = new Promise((_, reject) => {
-        setTimeout(() => reject(new Error("Health check timeout")), timeout);
-      });
-      const healthy = await Promise.race([checkPromise, timeoutPromise]);
-      results.push({
-        name: check.name,
-        healthy: Boolean(healthy),
-        duration: Date.now() - start
-      });
-    } catch (err) {
-      results.push({
-        name: check.name,
-        healthy: false,
-        duration: Date.now() - start,
-        error: err.message
-      });
-    }
-  }
-  return results;
-}
-var httpMetrics, healthPlugin, health_default;
-var init_health = __esm({
-  "src/plugins/health.ts"() {
-    httpMetrics = {
-      requestsTotal: {},
-      requestDurations: [],
-      startTime: Date.now()
-    };
-    healthPlugin = async (fastify, opts = {}) => {
-      const {
-        prefix = "/_health",
-        checks = [],
-        metrics = false,
-        metricsCollector,
-        version,
-        collectHttpMetrics = metrics
-      } = opts;
-      fastify.get(`${prefix}/live`, {
-        schema: {
-          tags: ["Health"],
-          summary: "Liveness probe",
-          description: "Returns 200 if the process is alive",
-          response: {
-            200: {
-              type: "object",
-              properties: {
-                status: { type: "string", enum: ["ok"] },
-                timestamp: { type: "string" },
-                version: { type: "string" }
-              }
-            }
-          }
-        }
-      }, async () => {
-        return {
-          status: "ok",
-          timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-          ...version ? { version } : {}
-        };
-      });
-      fastify.get(`${prefix}/ready`, {
-        schema: {
-          tags: ["Health"],
-          summary: "Readiness probe",
-          description: "Returns 200 if all dependencies are healthy",
-          response: {
-            200: {
-              type: "object",
-              properties: {
-                status: { type: "string", enum: ["ready", "not_ready"] },
-                timestamp: { type: "string" },
-                checks: {
-                  type: "array",
-                  items: {
-                    type: "object",
-                    properties: {
-                      name: { type: "string" },
-                      healthy: { type: "boolean" },
-                      duration: { type: "number" },
-                      error: { type: "string" }
-                    }
-                  }
-                }
-              }
-            },
-            503: {
-              type: "object",
-              properties: {
-                status: { type: "string", enum: ["not_ready"] },
-                timestamp: { type: "string" },
-                checks: { type: "array" }
-              }
-            }
-          }
-        }
-      }, async (_, reply) => {
-        const results = await runChecks(checks);
-        const criticalFailed = results.some(
-          (r) => !r.healthy && (checks.find((c) => c.name === r.name)?.critical ?? true)
-        );
-        const response = {
-          status: criticalFailed ? "not_ready" : "ready",
-          timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-          checks: results
-        };
-        if (criticalFailed) {
-          reply.code(503);
-        }
-        return response;
-      });
-      if (metrics) {
-        fastify.get(`${prefix}/metrics`, async (_, reply) => {
-          reply.type("text/plain; charset=utf-8");
-          if (metricsCollector) {
-            return await metricsCollector();
-          }
-          const uptime = process.uptime();
-          const memory = process.memoryUsage();
-          const cpu = process.cpuUsage();
-          const lines = [
-            "# HELP process_uptime_seconds Process uptime in seconds",
-            "# TYPE process_uptime_seconds gauge",
-            `process_uptime_seconds ${uptime.toFixed(2)}`,
-            "",
-            "# HELP process_memory_heap_bytes Heap memory usage in bytes",
-            "# TYPE process_memory_heap_bytes gauge",
-            `process_memory_heap_bytes{type="used"} ${memory.heapUsed}`,
-            `process_memory_heap_bytes{type="total"} ${memory.heapTotal}`,
-            "",
-            "# HELP process_memory_rss_bytes RSS memory in bytes",
-            "# TYPE process_memory_rss_bytes gauge",
-            `process_memory_rss_bytes ${memory.rss}`,
-            "",
-            "# HELP process_memory_external_bytes External memory in bytes",
-            "# TYPE process_memory_external_bytes gauge",
-            `process_memory_external_bytes ${memory.external}`,
-            "",
-            "# HELP process_cpu_user_microseconds User CPU time in microseconds",
-            "# TYPE process_cpu_user_microseconds counter",
-            `process_cpu_user_microseconds ${cpu.user}`,
-            "",
-            "# HELP process_cpu_system_microseconds System CPU time in microseconds",
-            "# TYPE process_cpu_system_microseconds counter",
-            `process_cpu_system_microseconds ${cpu.system}`,
-            ""
-          ];
-          if (collectHttpMetrics && Object.keys(httpMetrics.requestsTotal).length > 0) {
-            lines.push(
-              "# HELP http_requests_total Total HTTP requests by status code",
-              "# TYPE http_requests_total counter"
-            );
-            for (const [status, count] of Object.entries(httpMetrics.requestsTotal)) {
-              lines.push(`http_requests_total{status="${status}"} ${count}`);
-            }
-            lines.push("");
-            if (httpMetrics.requestDurations.length > 0) {
-              const sorted = [...httpMetrics.requestDurations].sort((a, b) => a - b);
-              const p50 = sorted[Math.floor(sorted.length * 0.5)] || 0;
-              const p95 = sorted[Math.floor(sorted.length * 0.95)] || 0;
-              const p99 = sorted[Math.floor(sorted.length * 0.99)] || 0;
-              const sum = sorted.reduce((a, b) => a + b, 0);
-              lines.push(
-                "# HELP http_request_duration_milliseconds HTTP request duration",
-                "# TYPE http_request_duration_milliseconds summary",
-                `http_request_duration_milliseconds{quantile="0.5"} ${p50.toFixed(2)}`,
-                `http_request_duration_milliseconds{quantile="0.95"} ${p95.toFixed(2)}`,
-                `http_request_duration_milliseconds{quantile="0.99"} ${p99.toFixed(2)}`,
-                `http_request_duration_milliseconds_sum ${sum.toFixed(2)}`,
-                `http_request_duration_milliseconds_count ${sorted.length}`,
-                ""
-              );
-            }
-          }
-          return lines.join("\n");
-        });
-      }
-      if (collectHttpMetrics) {
-        fastify.addHook("onRequest", async (request) => {
-          request._startTime = Date.now();
-        });
-        fastify.addHook("onResponse", async (request, reply) => {
-          const duration = Date.now() - (request._startTime || Date.now());
-          const statusBucket = `${Math.floor(reply.statusCode / 100)}xx`;
-          httpMetrics.requestsTotal[statusBucket] = (httpMetrics.requestsTotal[statusBucket] || 0) + 1;
-          httpMetrics.requestDurations.push(duration);
-          if (httpMetrics.requestDurations.length > 1e4) {
-            httpMetrics.requestDurations.shift();
-          }
-        });
-      }
-      fastify.log?.info?.(`Health plugin registered at ${prefix}`);
-    };
-    health_default = fp(healthPlugin, {
-      name: "arc-health",
-      fastify: "5.x"
-    });
-  }
-});
-function createTracerProvider(options) {
-  if (!isAvailable) {
-    return null;
-  }
-  const { serviceName = "@classytic/arc", exporterUrl = "http://localhost:4318/v1/traces" } = options;
-  const exporter = new OTLPTraceExporter({
-    url: exporterUrl
-  });
-  const provider = new NodeTracerProvider({
-    resource: {
-      attributes: {
-        "service.name": serviceName,
-        "service.version": "1.0.0"
-      }
-    }
-  });
-  provider.addSpanProcessor(new BatchSpanProcessor(exporter));
-  provider.register();
-  return provider;
-}
-async function tracingPlugin(fastify, options = {}) {
-  const {
-    serviceName = "@classytic/arc",
-    autoInstrumentation = true,
-    traceRepository = true,
-    traceController = true,
-    sampleRate = 1
-  } = options;
-  if (!isAvailable) {
-    fastify.log.warn("OpenTelemetry not installed. Tracing disabled.");
-    fastify.log.warn("Install: npm install @opentelemetry/api @opentelemetry/sdk-node");
-    return;
-  }
-  const provider = createTracerProvider(options);
-  if (!provider) {
-    return;
-  }
-  if (autoInstrumentation && getNodeAutoInstrumentations) {
-    getNodeAutoInstrumentations({
-      "@opentelemetry/instrumentation-http": {
-        enabled: true
-      },
-      "@opentelemetry/instrumentation-mongodb": {
-        enabled: true
-      }
-    });
-  }
-  const tracer = trace.getTracer(serviceName);
-  fastify.decorateRequest("tracer", void 0);
-  fastify.addHook("onRequest", async (request, reply) => {
-    if (Math.random() > sampleRate) {
-      return;
-    }
-    const span = tracer.startSpan(`HTTP ${request.method} ${request.url}`, {
-      kind: 1,
-      // SpanKind.SERVER
-      attributes: {
-        "http.method": request.method,
-        "http.url": request.url,
-        "http.target": request.routeOptions?.url ?? request.url,
-        "http.host": request.hostname,
-        "http.scheme": request.protocol,
-        "http.user_agent": request.headers["user-agent"]
-      }
-    });
-    request.tracer = {
-      tracer,
-      currentSpan: span
-    };
-    context.with(trace.setSpan(context.active(), span), () => {
-    });
-  });
-  fastify.addHook("onResponse", async (request, reply) => {
-    if (!request.tracer?.currentSpan) {
-      return;
-    }
-    const span = request.tracer.currentSpan;
-    span.setAttributes({
-      "http.status_code": reply.statusCode,
-      "http.response_content_length": reply.getHeader("content-length")
-    });
-    if (reply.statusCode >= 500) {
-      span.setStatus({
-        code: SpanStatusCode.ERROR,
-        message: `HTTP ${reply.statusCode}`
-      });
-    } else {
-      span.setStatus({ code: SpanStatusCode.OK });
-    }
-    span.end();
-  });
-  fastify.addHook("onError", async (request, reply, error) => {
-    if (!request.tracer?.currentSpan) {
-      return;
-    }
-    const span = request.tracer.currentSpan;
-    span.recordException(error);
-    span.setStatus({
-      code: SpanStatusCode.ERROR,
-      message: error.message
-    });
-  });
-  fastify.log.info({ serviceName }, "OpenTelemetry tracing enabled");
-}
-function createSpan(request, name, fn, attributes) {
-  if (!isAvailable || !request.tracer) {
-    return fn(null);
-  }
-  const { tracer, currentSpan } = request.tracer;
-  const span = tracer.startSpan(
-    name,
-    {
-      parent: currentSpan,
-      attributes: attributes || {}
-    },
-    trace.setSpan(context.active(), currentSpan)
-  );
-  return context.with(trace.setSpan(context.active(), span), async () => {
-    try {
-      const result = await fn(span);
-      span.setStatus({ code: SpanStatusCode.OK });
-      return result;
-    } catch (error) {
-      span.recordException(error);
-      span.setStatus({
-        code: SpanStatusCode.ERROR,
-        message: error.message
-      });
-      throw error;
-    } finally {
-      span.end();
-    }
-  });
-}
-function traced(spanName) {
-  return function(target, propertyKey, descriptor) {
-    const originalMethod = descriptor.value;
-    descriptor.value = async function(...args) {
-      const request = args.find((arg) => arg && arg.tracer);
-      if (!request?.tracer) {
-        return originalMethod.apply(this, args);
-      }
-      const name = spanName || `${target.constructor.name}.${propertyKey}`;
-      return createSpan(request, name, async (span) => {
-        if (span) {
-          span.setAttribute("db.operation", propertyKey);
-          span.setAttribute("db.system", "mongodb");
-        }
-        return originalMethod.apply(this, args);
-      });
-    };
-    return descriptor;
-  };
-}
-function isTracingAvailable() {
-  return isAvailable;
-}
-var require2, trace, context, SpanStatusCode, NodeTracerProvider, BatchSpanProcessor, OTLPTraceExporter, HttpInstrumentation, MongoDBInstrumentation, getNodeAutoInstrumentations, isAvailable, tracing_default;
-var init_tracing = __esm({
-  "src/plugins/tracing.ts"() {
-    require2 = createRequire(import.meta.url);
-    isAvailable = false;
-    try {
-      const api = require2("@opentelemetry/api");
-      trace = api.trace;
-      context = api.context;
-      SpanStatusCode = api.SpanStatusCode;
-      const sdkNode = require2("@opentelemetry/sdk-node");
-      NodeTracerProvider = sdkNode.NodeTracerProvider;
-      BatchSpanProcessor = sdkNode.BatchSpanProcessor;
-      const exporterTraceOtlp = require2("@opentelemetry/exporter-trace-otlp-http");
-      OTLPTraceExporter = exporterTraceOtlp.OTLPTraceExporter;
-      const instrHttp = require2("@opentelemetry/instrumentation-http");
-      HttpInstrumentation = instrHttp.HttpInstrumentation;
-      const instrMongo = require2("@opentelemetry/instrumentation-mongodb");
-      MongoDBInstrumentation = instrMongo.MongoDBInstrumentation;
-      const autoInstr = require2("@opentelemetry/auto-instrumentations-node");
-      getNodeAutoInstrumentations = autoInstr.getNodeAutoInstrumentations;
-      isAvailable = true;
-    } catch (e) {
-    }
-    tracing_default = fp(tracingPlugin, {
-      name: "arc-tracing",
-      fastify: "5.x"
-    });
-  }
-});
-var gracefulShutdownPlugin, gracefulShutdown_default;
-var init_gracefulShutdown = __esm({
-  "src/plugins/gracefulShutdown.ts"() {
-    gracefulShutdownPlugin = async (fastify, opts = {}) => {
-      const {
-        timeout = 3e4,
-        onShutdown,
-        signals = ["SIGTERM", "SIGINT"],
-        logEvents = true
-      } = opts;
-      let isShuttingDown = false;
-      const shutdown = async (signal) => {
-        if (isShuttingDown) {
-          if (logEvents) {
-            fastify.log?.warn?.({ signal }, "Shutdown already in progress, ignoring signal");
-          }
-          return;
-        }
-        isShuttingDown = true;
-        if (logEvents) {
-          fastify.log?.info?.({ signal, timeout }, "Shutdown signal received, starting graceful shutdown");
-        }
-        const forceExitTimer = setTimeout(() => {
-          if (logEvents) {
-            fastify.log?.error?.("Graceful shutdown timeout exceeded, forcing exit");
-          }
-          process.exit(1);
-        }, timeout);
-        forceExitTimer.unref();
-        try {
-          if (logEvents) {
-            fastify.log?.info?.("Closing server to new connections");
-          }
-          await fastify.close();
-          if (onShutdown) {
-            if (logEvents) {
-              fastify.log?.info?.("Running custom shutdown handler");
-            }
-            await onShutdown();
-          }
-          if (logEvents) {
-            fastify.log?.info?.("Graceful shutdown complete");
-          }
-          clearTimeout(forceExitTimer);
-          process.exit(0);
-        } catch (err) {
-          if (logEvents) {
-            fastify.log?.error?.({ error: err.message }, "Error during shutdown");
-          }
-          clearTimeout(forceExitTimer);
-          process.exit(1);
-        }
-      };
-      for (const signal of signals) {
-        process.on(signal, () => {
-          void shutdown(signal);
-        });
-      }
-      fastify.decorate("shutdown", async () => {
-        await shutdown("MANUAL");
-      });
-      if (logEvents) {
-        fastify.log?.debug?.({ signals }, "Graceful shutdown plugin registered");
-      }
-    };
-    gracefulShutdown_default = fp(gracefulShutdownPlugin, {
-      name: "arc-graceful-shutdown",
-      fastify: "5.x"
-    });
-  }
-});
-
-// src/utils/errors.ts
-function isArcError(error) {
-  return error instanceof ArcError;
-}
-var ArcError;
-var init_errors = __esm({
-  "src/utils/errors.ts"() {
-    ArcError = class extends Error {
-      name;
-      code;
-      statusCode;
-      details;
-      cause;
-      timestamp;
-      requestId;
-      constructor(message, options = {}) {
-        super(message);
-        this.name = "ArcError";
-        this.code = options.code ?? "ARC_ERROR";
-        this.statusCode = options.statusCode ?? 500;
-        this.details = options.details;
-        this.cause = options.cause;
-        this.timestamp = (/* @__PURE__ */ new Date()).toISOString();
-        this.requestId = options.requestId;
-        if (Error.captureStackTrace) {
-          Error.captureStackTrace(this, this.constructor);
-        }
-      }
-      /**
-       * Set request ID (typically from request context)
-       */
-      withRequestId(requestId) {
-        this.requestId = requestId;
-        return this;
-      }
-      /**
-       * Convert to JSON response
-       */
-      toJSON() {
-        return {
-          success: false,
-          error: this.message,
-          code: this.code,
-          timestamp: this.timestamp,
-          ...this.requestId && { requestId: this.requestId },
-          ...this.details && { details: this.details }
-        };
-      }
-    };
-  }
-});
-async function errorHandlerPluginFn(fastify, options = {}) {
-  const {
-    includeStack = process.env.NODE_ENV !== "production",
-    onError,
-    errorMap = {}
-  } = options;
-  fastify.setErrorHandler(async (error, request, reply) => {
-    if (onError) {
-      try {
-        await onError(error, request);
-      } catch (callbackError) {
-        request.log.error({ err: callbackError }, "Error in onError callback");
-      }
-    }
-    const requestId = request.id;
-    const response = {
-      success: false,
-      error: error.message || "Internal Server Error",
-      code: "INTERNAL_ERROR",
-      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-      ...requestId && { requestId }
-    };
-    let statusCode = 500;
-    if (isArcError(error)) {
-      statusCode = error.statusCode;
-      response.code = error.code;
-      if (error.details) {
-        response.details = error.details;
-      }
-      if (error.requestId) {
-        response.requestId = error.requestId;
-      }
-    } else if ("validation" in error && Array.isArray(error.validation)) {
-      statusCode = 400;
-      response.code = "VALIDATION_ERROR";
-      response.error = "Validation failed";
-      response.details = {
-        errors: error.validation?.map((v) => ({
-          field: v.instancePath?.replace(/^\//, "") || v.params?.missingProperty || "unknown",
-          message: v.message || "Invalid value",
-          keyword: v.keyword
-        }))
-      };
-    } else if ("statusCode" in error && typeof error.statusCode === "number") {
-      statusCode = error.statusCode;
-      response.code = statusCodeToCode(statusCode);
-    } else if (error.name && errorMap[error.name]) {
-      const mapping = errorMap[error.name];
-      statusCode = mapping.statusCode;
-      response.code = mapping.code;
-      if (mapping.message) {
-        response.error = mapping.message;
-      }
-    } else if (error.name === "ValidationError" && "errors" in error) {
-      statusCode = 400;
-      response.code = "VALIDATION_ERROR";
-      const mongooseErrors = error.errors;
-      if (process.env.NODE_ENV === "production") {
-        response.details = { errorCount: Object.keys(mongooseErrors).length };
-      } else {
-        response.details = {
-          errors: Object.entries(mongooseErrors).map(([field, err]) => ({
-            field: err.path || field,
-            message: err.message
-          }))
-        };
-      }
-    } else if (error.name === "CastError") {
-      statusCode = 400;
-      response.code = "INVALID_ID";
-      response.error = "Invalid identifier format";
-    } else if (error.name === "MongoServerError" && error.code === 11e3) {
-      statusCode = 409;
-      response.code = "DUPLICATE_KEY";
-      response.error = "Resource already exists";
-      const keyValue = error.keyValue;
-      if (keyValue && process.env.NODE_ENV !== "production") {
-        response.details = { duplicateFields: Object.keys(keyValue) };
-      }
-    }
-    if (includeStack && error.stack) {
-      response.stack = error.stack;
-    }
-    if (statusCode >= 500) {
-      request.log.error({ err: error, statusCode }, "Server error");
-    } else if (statusCode >= 400) {
-      request.log.warn({ err: error, statusCode }, "Client error");
-    }
-    return reply.status(statusCode).send(response);
-  });
-}
-function statusCodeToCode(statusCode) {
-  const codes = {
-    400: "BAD_REQUEST",
-    401: "UNAUTHORIZED",
-    403: "FORBIDDEN",
-    404: "NOT_FOUND",
-    405: "METHOD_NOT_ALLOWED",
-    409: "CONFLICT",
-    422: "UNPROCESSABLE_ENTITY",
-    429: "RATE_LIMITED",
-    500: "INTERNAL_ERROR",
-    502: "BAD_GATEWAY",
-    503: "SERVICE_UNAVAILABLE",
-    504: "GATEWAY_TIMEOUT"
-  };
-  return codes[statusCode] ?? "ERROR";
-}
-var errorHandlerPlugin, errorHandler_default;
-var init_errorHandler = __esm({
-  "src/plugins/errorHandler.ts"() {
-    init_errors();
-    errorHandlerPlugin = fp(errorHandlerPluginFn, {
-      name: "arc-error-handler",
-      fastify: "5.x"
-    });
-    errorHandler_default = errorHandlerPlugin;
-  }
-});
-
-// src/hooks/HookSystem.ts
-var HookSystem, hookSystem;
-var init_HookSystem = __esm({
-  "src/hooks/HookSystem.ts"() {
-    HookSystem = class {
-      hooks;
-      logger;
-      constructor(options) {
-        this.hooks = /* @__PURE__ */ new Map();
-        this.logger = options?.logger ?? { error: (...args) => console.error(...args) };
-      }
-      /**
-       * Generate hook key
-       */
-      getKey(resource, operation, phase) {
-        return `${resource}:${operation}:${phase}`;
-      }
-      /**
-       * Register a hook
-       * Supports both object parameter and positional arguments
-       */
-      register(resourceOrOptions, operation, phase, handler, priority = 10) {
-        let resource;
-        let finalOperation;
-        let finalPhase;
-        let finalHandler;
-        let finalPriority;
-        if (typeof resourceOrOptions === "object") {
-          resource = resourceOrOptions.resource;
-          finalOperation = resourceOrOptions.operation;
-          finalPhase = resourceOrOptions.phase;
-          finalHandler = resourceOrOptions.handler;
-          finalPriority = resourceOrOptions.priority ?? 10;
-        } else {
-          resource = resourceOrOptions;
-          finalOperation = operation;
-          finalPhase = phase;
-          finalHandler = handler;
-          finalPriority = priority;
-        }
-        const key = this.getKey(resource, finalOperation, finalPhase);
-        if (!this.hooks.has(key)) {
-          this.hooks.set(key, []);
-        }
-        const registration = {
-          resource,
-          operation: finalOperation,
-          phase: finalPhase,
-          handler: finalHandler,
-          priority: finalPriority
-        };
-        const hooks = this.hooks.get(key);
-        hooks.push(registration);
-        hooks.sort((a, b) => a.priority - b.priority);
-        return () => {
-          const idx = hooks.indexOf(registration);
-          if (idx !== -1) {
-            hooks.splice(idx, 1);
-          }
-        };
-      }
-      /**
-       * Register before hook
-       */
-      before(resource, operation, handler, priority = 10) {
-        return this.register(resource, operation, "before", handler, priority);
-      }
-      /**
-       * Register after hook
-       */
-      after(resource, operation, handler, priority = 10) {
-        return this.register(resource, operation, "after", handler, priority);
-      }
-      /**
-       * Execute hooks for a given context
-       */
-      async execute(ctx) {
-        const key = this.getKey(ctx.resource, ctx.operation, ctx.phase);
-        const hooks = this.hooks.get(key) ?? [];
-        const wildcardKey = this.getKey("*", ctx.operation, ctx.phase);
-        const wildcardHooks = this.hooks.get(wildcardKey) ?? [];
-        const allHooks = [...wildcardHooks, ...hooks];
-        allHooks.sort((a, b) => a.priority - b.priority);
-        let result = ctx.data;
-        for (const hook of allHooks) {
-          const handlerContext = {
-            resource: ctx.resource,
-            operation: ctx.operation,
-            phase: ctx.phase,
-            data: result,
-            result: ctx.result,
-            user: ctx.user,
-            context: ctx.context,
-            meta: ctx.meta
-          };
-          const hookResult = await hook.handler(handlerContext);
-          if (hookResult !== void 0 && hookResult !== null) {
-            result = hookResult;
-          }
-        }
-        return result;
-      }
-      /**
-       * Execute before hooks
-       */
-      async executeBefore(resource, operation, data, options) {
-        const result = await this.execute({
-          resource,
-          operation,
-          phase: "before",
-          data,
-          user: options?.user,
-          context: options?.context,
-          meta: options?.meta
-        });
-        return result ?? data;
-      }
-      /**
-       * Execute after hooks
-       * Errors in after hooks are logged but don't fail the request
-       */
-      async executeAfter(resource, operation, result, options) {
-        try {
-          await this.execute({
-            resource,
-            operation,
-            phase: "after",
-            result,
-            user: options?.user,
-            context: options?.context,
-            meta: options?.meta
-          });
-        } catch (error) {
-          this.logger.error(
-            `[HookSystem] Error in after hook for ${resource}:${operation}:`,
-            error
-          );
-        }
-      }
-      /**
-       * Get all registered hooks
-       */
-      getAll() {
-        const all = [];
-        for (const hooks of this.hooks.values()) {
-          all.push(...hooks);
-        }
-        return all;
-      }
-      /**
-       * Get hooks for a specific resource
-       */
-      getForResource(resource) {
-        const all = [];
-        for (const [key, hooks] of this.hooks.entries()) {
-          if (key.startsWith(`${resource}:`)) {
-            all.push(...hooks);
-          }
-        }
-        return all;
-      }
-      /**
-       * Clear all hooks
-       */
-      clear() {
-        this.hooks.clear();
-      }
-      /**
-       * Clear hooks for a specific resource
-       */
-      clearResource(resource) {
-        for (const key of this.hooks.keys()) {
-          if (key.startsWith(`${resource}:`)) {
-            this.hooks.delete(key);
-          }
-        }
-      }
-    };
-    hookSystem = new HookSystem();
-  }
-});
-
-// src/registry/ResourceRegistry.ts
-var ResourceRegistry, registryKey, globalScope, resourceRegistry;
-var init_ResourceRegistry = __esm({
-  "src/registry/ResourceRegistry.ts"() {
-    ResourceRegistry = class {
-      _resources;
-      _frozen;
-      constructor() {
-        this._resources = /* @__PURE__ */ new Map();
-        this._frozen = false;
-      }
-      /**
-       * Register a resource
-       */
-      register(resource, options = {}) {
-        if (this._frozen) {
-          throw new Error(
-            `Registry frozen. Cannot register '${resource.name}' after startup.`
-          );
-        }
-        if (this._resources.has(resource.name)) {
-          throw new Error(`Resource '${resource.name}' already registered.`);
-        }
-        const entry = {
-          name: resource.name,
-          displayName: resource.displayName,
-          tag: resource.tag,
-          prefix: resource.prefix,
-          module: options.module ?? void 0,
-          adapter: resource.adapter ? {
-            type: resource.adapter.type,
-            name: resource.adapter.name
-          } : null,
-          permissions: resource.permissions,
-          presets: resource._appliedPresets ?? [],
-          routes: [],
-          // Populated later by getIntrospection()
-          additionalRoutes: resource.additionalRoutes.map((r) => ({
-            method: r.method,
-            path: r.path,
-            handler: typeof r.handler === "string" ? r.handler : r.handler.name || "anonymous",
-            summary: r.summary,
-            description: r.description,
-            permissions: r.permissions,
-            wrapHandler: r.wrapHandler,
-            schema: r.schema
-            // Include schema for OpenAPI docs
-          })),
-          events: Object.keys(resource.events ?? {}),
-          registeredAt: (/* @__PURE__ */ new Date()).toISOString(),
-          disableDefaultRoutes: resource.disableDefaultRoutes,
-          openApiSchemas: options.openApiSchemas,
-          plugin: resource.toPlugin()
-          // Store plugin factory
-        };
-        this._resources.set(resource.name, entry);
-        return this;
-      }
-      /**
-       * Get resource by name
-       */
-      get(name) {
-        return this._resources.get(name);
-      }
-      /**
-       * Get all resources
-       */
-      getAll() {
-        return Array.from(this._resources.values());
-      }
-      /**
-       * Get resources by module
-       */
-      getByModule(moduleName) {
-        return this.getAll().filter((r) => r.module === moduleName);
-      }
-      /**
-       * Get resources by preset
-       */
-      getByPreset(presetName) {
-        return this.getAll().filter((r) => r.presets.includes(presetName));
-      }
-      /**
-       * Check if resource exists
-       */
-      has(name) {
-        return this._resources.has(name);
-      }
-      /**
-       * Get registry statistics
-       */
-      getStats() {
-        const resources = this.getAll();
-        const presetCounts = {};
-        for (const r of resources) {
-          for (const preset of r.presets) {
-            presetCounts[preset] = (presetCounts[preset] ?? 0) + 1;
-          }
-        }
-        return {
-          totalResources: resources.length,
-          byModule: this._groupBy(resources, "module"),
-          presetUsage: presetCounts,
-          totalRoutes: resources.reduce((sum, r) => {
-            const defaultRouteCount = r.disableDefaultRoutes ? 0 : 5;
-            return sum + (r.additionalRoutes?.length ?? 0) + defaultRouteCount;
-          }, 0),
-          totalEvents: resources.reduce((sum, r) => sum + (r.events?.length ?? 0), 0)
-        };
-      }
-      /**
-       * Get full introspection data
-       */
-      getIntrospection() {
-        return {
-          resources: this.getAll().map((r) => {
-            const defaultRoutes = r.disableDefaultRoutes ? [] : [
-              { method: "GET", path: r.prefix, operation: "list" },
-              { method: "GET", path: `${r.prefix}/:id`, operation: "get" },
-              { method: "POST", path: r.prefix, operation: "create" },
-              { method: "PATCH", path: `${r.prefix}/:id`, operation: "update" },
-              { method: "DELETE", path: `${r.prefix}/:id`, operation: "delete" }
-            ];
-            return {
-              name: r.name,
-              displayName: r.displayName,
-              prefix: r.prefix,
-              module: r.module,
-              presets: r.presets,
-              permissions: r.permissions,
-              routes: [
-                ...defaultRoutes,
-                ...r.additionalRoutes?.map((ar) => ({
-                  method: ar.method,
-                  path: `${r.prefix}${ar.path}`,
-                  operation: typeof ar.handler === "string" ? ar.handler : "custom",
-                  handler: typeof ar.handler === "string" ? ar.handler : void 0,
-                  summary: ar.summary
-                })) ?? []
-              ],
-              events: r.events
-            };
-          }),
-          stats: this.getStats(),
-          generatedAt: (/* @__PURE__ */ new Date()).toISOString()
-        };
-      }
-      /**
-       * Freeze registry (prevent further registrations)
-       */
-      freeze() {
-        this._frozen = true;
-      }
-      /**
-       * Check if frozen
-       */
-      isFrozen() {
-        return this._frozen;
-      }
-      /**
-       * Unfreeze registry (for testing)
-       */
-      _unfreeze() {
-        this._frozen = false;
-      }
-      /**
-       * Clear all resources (for testing)
-       */
-      _clear() {
-        this._resources.clear();
-        this._frozen = false;
-      }
-      /**
-       * Group by key
-       */
-      _groupBy(arr, key) {
-        const result = {};
-        for (const item of arr) {
-          const k = String(item[key] ?? "uncategorized");
-          result[k] = (result[k] ?? 0) + 1;
-        }
-        return result;
-      }
-    };
-    registryKey = /* @__PURE__ */ Symbol.for("arc.resourceRegistry");
-    globalScope = globalThis;
-    resourceRegistry = globalScope[registryKey] ?? new ResourceRegistry();
-    if (!globalScope[registryKey]) {
-      globalScope[registryKey] = resourceRegistry;
-    }
-  }
-});
-function hasEvents(instance) {
-  return "events" in instance && instance.events != null && typeof instance.events.publish === "function";
-}
-var arcCorePlugin, arcCorePlugin_default;
-var init_arcCorePlugin = __esm({
-  "src/core/arcCorePlugin.ts"() {
-    init_HookSystem();
-    init_ResourceRegistry();
-    arcCorePlugin = async (fastify, opts = {}) => {
-      const {
-        emitEvents = true,
-        hookSystem: hookSystem2,
-        registry,
-        useGlobalSingletons = false
-      } = opts;
-      const actualHookSystem = useGlobalSingletons ? hookSystem : hookSystem2 ?? new HookSystem();
-      const actualRegistry = useGlobalSingletons ? resourceRegistry : registry ?? new ResourceRegistry();
-      fastify.decorate("arc", {
-        hooks: actualHookSystem,
-        registry: actualRegistry,
-        emitEvents
-      });
-      if (emitEvents) {
-        const eventOperations = ["create", "update", "delete"];
-        for (const operation of eventOperations) {
-          actualHookSystem.after("*", operation, async (ctx) => {
-            if (!hasEvents(fastify)) return;
-            const eventType = `${ctx.resource}.${operation}d`;
-            const payload = {
-              resource: ctx.resource,
-              operation: ctx.operation,
-              data: ctx.result,
-              userId: ctx.user?.id ?? ctx.user?._id,
-              organizationId: ctx.context?.organizationId,
-              timestamp: (/* @__PURE__ */ new Date()).toISOString()
-            };
-            try {
-              await fastify.events.publish(eventType, payload);
-            } catch (error) {
-              fastify.log?.warn?.(
-                { eventType, error },
-                "Failed to emit event"
-              );
-            }
-          });
-        }
-      }
-      fastify.addHook("onClose", async () => {
-        actualHookSystem.clear();
-        actualRegistry._clear();
-      });
-      fastify.log?.info?.("✅ Arc core plugin enabled (instance-scoped hooks & registry)");
-    };
-    arcCorePlugin_default = fp(arcCorePlugin, {
-      name: "arc-core",
-      fastify: "5.x"
-    });
-  }
-});
-
-// src/plugins/index.ts
-var plugins_exports = {};
-__export(plugins_exports, {
-  arcCorePlugin: () => arcCorePlugin_default,
-  arcCorePluginFn: () => arcCorePlugin,
-  createSpan: () => createSpan,
-  errorHandlerPlugin: () => errorHandler_default,
-  errorHandlerPluginFn: () => errorHandlerPlugin,
-  gracefulShutdownPlugin: () => gracefulShutdown_default,
-  gracefulShutdownPluginFn: () => gracefulShutdownPlugin,
-  healthPlugin: () => health_default,
-  healthPluginFn: () => healthPlugin,
-  isTracingAvailable: () => isTracingAvailable,
-  requestIdPlugin: () => requestId_default,
-  requestIdPluginFn: () => requestIdPlugin,
-  traced: () => traced,
-  tracingPlugin: () => tracing_default
-});
-var init_plugins = __esm({
-  "src/plugins/index.ts"() {
-    init_requestId();
-    init_health();
-    init_tracing();
-    init_gracefulShutdown();
-    init_errorHandler();
-    init_arcCorePlugin();
-  }
-});
-function parseExpiresIn(input, defaultValue) {
-  if (!input) return defaultValue;
-  if (/^\d+$/.test(input)) return parseInt(input, 10);
-  const match = /^(\d+)\s*([smhd])$/i.exec(input);
-  if (!match) return defaultValue;
-  const value = parseInt(match[1], 10);
-  const unit = match[2].toLowerCase();
-  const multipliers = { s: 1, m: 60, h: 3600, d: 86400 };
-  return value * (multipliers[unit] ?? 1);
-}
-function extractBearerToken(request) {
-  const auth = request.headers.authorization;
-  if (!auth?.startsWith("Bearer ")) return null;
-  return auth.slice(7);
-}
-var authPlugin, authPlugin_default;
-var init_authPlugin = __esm({
-  "src/auth/authPlugin.ts"() {
-    authPlugin = async (fastify, opts = {}) => {
-      const { jwt: jwtConfig, authenticate: appAuthenticator, onFailure, userProperty = "user" } = opts;
-      let jwtContext = null;
-      if (jwtConfig?.secret) {
-        if (jwtConfig.secret.length < 32) {
-          throw new Error(
-            `JWT secret must be at least 32 characters (current: ${jwtConfig.secret.length}).
-Use a strong random secret for production.`
-          );
-        }
-        const jwtPlugin = await import('@fastify/jwt');
-        await fastify.register(jwtPlugin.default ?? jwtPlugin, {
-          secret: jwtConfig.secret,
-          sign: {
-            expiresIn: jwtConfig.expiresIn ?? "15m",
-            ...jwtConfig.sign ?? {}
-          },
-          verify: { ...jwtConfig.verify ?? {} }
-        });
-        const fastifyWithJwt = fastify;
-        jwtContext = {
-          verify: (token) => {
-            return fastifyWithJwt.jwt.verify(token);
-          },
-          sign: (payload, options) => {
-            return fastifyWithJwt.jwt.sign(payload, options);
-          },
-          decode: (token) => {
-            try {
-              return fastifyWithJwt.jwt.decode(token);
-            } catch {
-              return null;
-            }
-          }
-        };
-        fastify.log.info("Auth: JWT infrastructure enabled");
-      }
-      const authContext = {
-        jwt: jwtContext,
-        fastify
-      };
-      const authenticate = async (request, reply) => {
-        try {
-          let user = null;
-          if (appAuthenticator) {
-            user = await appAuthenticator(request, authContext);
-          } else if (jwtContext) {
-            const token = extractBearerToken(request);
-            if (token) {
-              const decoded = jwtContext.verify(token);
-              user = decoded;
-            }
-          } else {
-            throw new Error(
-              "No authenticator configured. Provide auth.authenticate function or auth.jwt.secret."
-            );
-          }
-          if (!user) {
-            throw new Error("Authentication required");
-          }
-          request[userProperty] = user;
-        } catch (err) {
-          const error = err instanceof Error ? err : new Error(String(err));
-          if (onFailure) {
-            await onFailure(request, reply, error);
-            return;
-          }
-          const message = process.env.NODE_ENV === "production" ? "Authentication required" : error.message;
-          reply.code(401).send({
-            success: false,
-            error: "Unauthorized",
-            message
-          });
-        }
-      };
-      const refreshSecret = jwtConfig?.refreshSecret ?? jwtConfig?.secret;
-      const accessExpiresIn = jwtConfig?.expiresIn ?? "15m";
-      const refreshExpiresIn = jwtConfig?.refreshExpiresIn ?? "7d";
-      const issueTokens = (payload, options) => {
-        if (!jwtContext) {
-          throw new Error("JWT not configured. Provide auth.jwt.secret to use issueTokens.");
-        }
-        const accessTtl = options?.expiresIn ?? accessExpiresIn;
-        const refreshTtl = options?.refreshExpiresIn ?? refreshExpiresIn;
-        const accessToken = jwtContext.sign(payload, { expiresIn: accessTtl });
-        const refreshPayload = payload.id ? { id: payload.id, type: "refresh" } : payload._id ? { id: payload._id, type: "refresh" } : { ...payload, type: "refresh" };
-        let refreshToken;
-        if (refreshSecret) {
-          const fastifyWithJwt = fastify;
-          refreshToken = fastifyWithJwt.jwt.sign(refreshPayload, {
-            expiresIn: refreshTtl,
-            // Use refresh secret if different from main secret
-            ...refreshSecret !== jwtConfig?.secret ? { secret: refreshSecret } : {}
-          });
-        }
-        return {
-          accessToken,
-          refreshToken,
-          expiresIn: parseExpiresIn(accessTtl, 900),
-          refreshExpiresIn: refreshToken ? parseExpiresIn(refreshTtl, 604800) : void 0,
-          tokenType: "Bearer"
-        };
-      };
-      const verifyRefreshToken = (token) => {
-        if (!jwtContext) {
-          throw new Error("JWT not configured. Provide auth.jwt.secret to use verifyRefreshToken.");
-        }
-        const fastifyWithJwt = fastify;
-        return fastifyWithJwt.jwt.verify(token, {
-          ...refreshSecret !== jwtConfig?.secret ? { secret: refreshSecret } : {}
-        });
-      };
-      const authorize = (...allowedRoles) => {
-        return async (request, reply) => {
-          const user = request[userProperty];
-          if (!user) {
-            reply.code(401).send({
-              success: false,
-              error: "Unauthorized",
-              message: "No user context"
-            });
-            return;
-          }
-          const userRoles = user.roles ?? [];
-          if (allowedRoles.length === 1 && allowedRoles[0] === "*") {
-            return;
-          }
-          const hasRole = allowedRoles.some((role) => userRoles.includes(role));
-          if (!hasRole) {
-            reply.code(403).send({
-              success: false,
-              error: "Forbidden",
-              message: `Requires one of: ${allowedRoles.join(", ")}`
-            });
-            return;
-          }
-        };
-      };
-      const authHelpers = {
-        jwt: jwtContext,
-        issueTokens,
-        verifyRefreshToken
-      };
-      fastify.decorate("authenticate", authenticate);
-      fastify.decorate("authorize", authorize);
-      fastify.decorate("auth", authHelpers);
-      fastify.log.info(
-        `Auth: Plugin registered (jwt=${!!jwtContext}, customAuth=${!!appAuthenticator})`
-      );
-    };
-    authPlugin_default = fp(authPlugin, {
-      name: "arc-auth",
-      fastify: "5.x"
-    });
-  }
-});
-
-// src/auth/index.ts
-var auth_exports = {};
-__export(auth_exports, {
-  authPlugin: () => authPlugin_default,
-  authPluginFn: () => authPlugin
-});
-var init_auth = __esm({
-  "src/auth/index.ts"() {
-    init_authPlugin();
-  }
-});
-
-// src/factory/presets.ts
-var productionPreset = {
-  // Raw JSON logs for production (log aggregators like Datadog, CloudWatch, etc.)
-  logger: {
-    level: "info"
-  },
-  trustProxy: true,
-  // Security
-  helmet: {
-    contentSecurityPolicy: {
-      directives: {
-        defaultSrc: ["'self'"],
-        styleSrc: ["'self'", "'unsafe-inline'"],
-        scriptSrc: ["'self'"],
-        imgSrc: ["'self'", "data:", "https:"]
-      }
-    }
-  },
-  // CORS - must be explicitly configured
-  cors: {
-    origin: false,
-    // Disabled by default in production
-    credentials: true,
-    methods: ["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"],
-    allowedHeaders: ["Content-Type", "Authorization", "Accept"]
-  },
-  // Rate limiting - strict
-  rateLimit: {
-    max: 100,
-    timeWindow: "1 minute"
-  },
-  // Note: Compression not included (use proxy/CDN instead)
-  // Under pressure - health monitoring
-  underPressure: {
-    exposeStatusRoute: true,
-    maxEventLoopDelay: 1e3,
-    maxHeapUsedBytes: 1024 * 1024 * 1024,
-    // 1GB
-    maxRssBytes: 1024 * 1024 * 1024
-    // 1GB
-  }
-};
-var developmentPreset = {
-  logger: {
-    level: "debug",
-    transport: {
-      target: "pino-pretty",
-      options: {
-        colorize: true,
-        translateTime: "SYS:HH:MM:ss",
-        ignore: "pid,hostname"
-      }
-    }
-  },
-  trustProxy: true,
-  // Security - relaxed for development
-  helmet: {
-    contentSecurityPolicy: false
-    // Disable CSP in dev
-  },
-  // CORS - allow all origins in development
-  cors: {
-    origin: true,
-    // Allow all origins
-    credentials: true,
-    methods: ["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"],
-    allowedHeaders: ["Content-Type", "Authorization", "Accept"]
-  },
-  // Rate limiting - very relaxed
-  rateLimit: {
-    max: 1e3,
-    timeWindow: "1 minute"
-  },
-  // Note: Compression not included (use proxy/CDN instead)
-  // Under pressure - relaxed
-  underPressure: {
-    exposeStatusRoute: true,
-    maxEventLoopDelay: 5e3
-  }
-};
-var testingPreset = {
-  logger: false,
-  // Disable logging in tests
-  trustProxy: false,
-  // Security - disabled for tests
-  helmet: false,
-  cors: false,
-  rateLimit: false,
-  underPressure: false,
-  // Sensible plugins still enabled
-  sensible: true,
-  multipart: {
-    limits: {
-      fileSize: 1024 * 1024,
-      // 1MB
-      files: 5
-    }
-  }
-};
-function getPreset(name) {
-  switch (name) {
-    case "production":
-      return productionPreset;
-    case "development":
-      return developmentPreset;
-    case "testing":
-      return testingPreset;
-    default:
-      throw new Error(`Unknown preset: ${name}`);
-  }
-}
-
-// src/factory/createApp.ts
-var PLUGIN_PACKAGES = {
-  cors: "@fastify/cors",
-  helmet: "@fastify/helmet",
-  rateLimit: "@fastify/rate-limit",
-  underPressure: "@fastify/under-pressure",
-  sensible: "@fastify/sensible",
-  multipart: "@fastify/multipart",
-  rawBody: "fastify-raw-body"
-};
-var OPTIONAL_PLUGINS = /* @__PURE__ */ new Set(["multipart", "rawBody"]);
-async function loadPlugin(name, logger) {
-  const packageName = PLUGIN_PACKAGES[name];
-  if (!packageName) {
-    throw new Error(`Unknown plugin: ${name}`);
-  }
-  try {
-    switch (name) {
-      case "cors":
-        return (await import('@fastify/cors')).default;
-      case "helmet":
-        return (await import('@fastify/helmet')).default;
-      case "rateLimit":
-        return (await import('@fastify/rate-limit')).default;
-      case "underPressure":
-        return (await import('@fastify/under-pressure')).default;
-      case "sensible":
-        return (await import('@fastify/sensible')).default;
-      case "multipart":
-        return (await import('@fastify/multipart')).default;
-      case "rawBody":
-        return (await import('fastify-raw-body')).default;
-      default:
-        throw new Error(`Unknown plugin: ${name}`);
-    }
-  } catch (error) {
-    const err = error;
-    const isModuleNotFound = err.message.includes("Cannot find module") || err.message.includes("Cannot find package") || err.message.includes("MODULE_NOT_FOUND") || err.message.includes("Could not resolve");
-    if (isModuleNotFound && OPTIONAL_PLUGINS.has(name)) {
-      logger?.warn(`ℹ️  Optional plugin '${name}' skipped (${packageName} not installed)`);
-      return null;
-    }
-    if (isModuleNotFound) {
-      throw new Error(
-        `Plugin '${name}' requires package '${packageName}' which is not installed.
-Install it with: npm install ${packageName}
-Or disable this plugin by setting ${name}: false in createApp options.`
-      );
-    }
-    throw new Error(`Failed to load plugin '${name}': ${err.message}`);
-  }
-}
-async function createApp(options) {
-  const authConfig = options.auth;
-  const isAuthDisabled = authConfig === false;
-  const hasCustomPlugin = typeof authConfig === "object" && "plugin" in authConfig && authConfig.plugin;
-  const hasCustomAuthenticator = typeof authConfig === "object" && "authenticate" in authConfig;
-  const jwtSecret = typeof authConfig === "object" && "jwt" in authConfig ? authConfig.jwt?.secret : void 0;
-  if (!isAuthDisabled && !hasCustomPlugin && !jwtSecret && !hasCustomAuthenticator) {
-    throw new Error(
-      "createApp: JWT secret required when Arc auth is enabled.\nProvide auth.jwt.secret, auth.authenticate, or set auth: false to disable.\nExample: auth: { jwt: { secret: process.env.JWT_SECRET } }"
-    );
-  }
-  const presetConfig = options.preset ? getPreset(options.preset) : {};
-  const config = { ...presetConfig, ...options };
-  const fastify = Fastify({
-    logger: config.logger ?? true,
-    trustProxy: config.trustProxy ?? false,
-    // Use qs parser to support nested bracket notation in query strings
-    // e.g., ?populate[author][select]=name,email → { populate: { author: { select: 'name,email' } } }
-    // This is required for MongoKit's advanced populate options to work
-    querystringParser: (str) => qs.parse(str),
-    ajv: {
-      customOptions: {
-        coerceTypes: true,
-        useDefaults: true,
-        removeAdditional: false
-      }
-    }
-  });
-  if (config.helmet !== false) {
-    const helmet = await loadPlugin("helmet");
-    await fastify.register(helmet, config.helmet ?? {});
-    fastify.log.info("✅ Helmet (security headers) enabled");
-  } else {
-    fastify.log.warn("⚠️  Helmet disabled - security headers not applied");
-  }
-  if (config.cors !== false) {
-    const cors = await loadPlugin("cors");
-    const corsOptions = config.cors ?? {};
-    if (config.preset === "production" && (!corsOptions || !("origin" in corsOptions))) {
-      throw new Error(
-        "CORS origin must be explicitly configured in production.\nSet cors.origin to allowed domains or set cors: false to disable.\nExample: cors: { origin: ['https://yourdomain.com'] }\nDocs: https://github.com/classytic/arc#security"
-      );
-    }
-    await fastify.register(cors, corsOptions);
-    fastify.log.info("✅ CORS enabled");
-  } else {
-    fastify.log.warn("⚠️  CORS disabled");
-  }
-  if (config.rateLimit !== false) {
-    const rateLimit = await loadPlugin("rateLimit");
-    await fastify.register(rateLimit, config.rateLimit ?? { max: 100, timeWindow: "1 minute" });
-    fastify.log.info("✅ Rate limiting enabled");
-  } else {
-    fastify.log.warn("⚠️  Rate limiting disabled");
-  }
-  if (config.underPressure !== false) {
-    const underPressure = await loadPlugin("underPressure");
-    await fastify.register(underPressure, config.underPressure ?? { exposeStatusRoute: true });
-    fastify.log.info("✅ Health monitoring (under-pressure) enabled");
-  } else {
-    fastify.log.info("ℹ️  Health monitoring disabled");
-  }
-  if (config.sensible !== false) {
-    const sensible = await loadPlugin("sensible");
-    await fastify.register(sensible);
-    fastify.log.info("✅ Sensible (HTTP helpers) enabled");
-  }
-  if (config.multipart !== false) {
-    const multipart = await loadPlugin("multipart", fastify.log);
-    if (multipart) {
-      const multipartDefaults = {
-        limits: {
-          fileSize: 10 * 1024 * 1024,
-          // 10MB
-          files: 10
-        }
-      };
-      await fastify.register(multipart, { ...multipartDefaults, ...config.multipart });
-      fastify.log.info("✅ Multipart (file uploads) enabled");
-    }
-  }
-  if (config.rawBody !== false) {
-    const rawBody = await loadPlugin("rawBody", fastify.log);
-    if (rawBody) {
-      const rawBodyDefaults = {
-        field: "rawBody",
-        global: false,
-        encoding: "utf8",
-        runFirst: true
-      };
-      await fastify.register(rawBody, { ...rawBodyDefaults, ...config.rawBody });
-      fastify.log.info("✅ Raw body parsing enabled");
-    }
-  }
-  const { arcCorePlugin: arcCorePlugin2 } = await Promise.resolve().then(() => (init_plugins(), plugins_exports));
-  await fastify.register(arcCorePlugin2, {
-    emitEvents: config.arcPlugins?.emitEvents !== false
-  });
-  if (config.arcPlugins?.requestId !== false) {
-    const { requestIdPlugin: requestIdPlugin2 } = await Promise.resolve().then(() => (init_plugins(), plugins_exports));
-    await fastify.register(requestIdPlugin2);
-    fastify.log.info("✅ Arc requestId plugin enabled");
-  }
-  if (config.arcPlugins?.health !== false) {
-    const { healthPlugin: healthPlugin2 } = await Promise.resolve().then(() => (init_plugins(), plugins_exports));
-    await fastify.register(healthPlugin2);
-    fastify.log.info("✅ Arc health plugin enabled");
-  }
-  if (config.arcPlugins?.gracefulShutdown !== false) {
-    const { gracefulShutdownPlugin: gracefulShutdownPlugin2 } = await Promise.resolve().then(() => (init_plugins(), plugins_exports));
-    await fastify.register(gracefulShutdownPlugin2);
-    fastify.log.info("✅ Arc gracefulShutdown plugin enabled");
-  }
-  if (!isAuthDisabled) {
-    if (hasCustomPlugin) {
-      const pluginFn = authConfig.plugin;
-      await pluginFn(fastify);
-      fastify.log.info("✅ Custom authentication plugin enabled");
-    } else {
-      const { authPlugin: authPlugin2 } = await Promise.resolve().then(() => (init_auth(), auth_exports));
-      const { plugin: _, ...authOpts } = typeof authConfig === "object" ? authConfig : {};
-      await fastify.register(authPlugin2, authOpts);
-      fastify.log.info("✅ Arc authentication plugin enabled");
-    }
-  } else {
-    fastify.log.info("ℹ️  Authentication disabled");
-  }
-  if (config.plugins) {
-    await config.plugins(fastify);
-    fastify.log.info("✅ Custom plugins registered");
-  }
-  fastify.log.info(
-    `🚀 Arc application created successfully (preset: ${config.preset ?? "custom"}, security: helmet=${config.helmet !== false}, cors=${config.cors !== false}, rateLimit=${config.rateLimit !== false})`
-  );
-  return fastify;
-}
-var ArcFactory = {
-  /**
-   * Create production app with strict security
-   */
-  async production(options) {
-    return createApp({ ...options, preset: "production" });
-  },
-  /**
-   * Create development app with relaxed security
-   */
-  async development(options) {
-    return createApp({ ...options, preset: "development" });
-  },
-  /**
-   * Create testing app with minimal setup
-   */
-  async testing(options) {
-    return createApp({ ...options, preset: "testing" });
-  }
-};
-
-export { ArcFactory, createApp, developmentPreset, getPreset, productionPreset, testingPreset };