@cyberskill/shared 3.13.0 → 3.15.0

package/dist/node/command/command.util.js

@@ -1,5 +1,5 @@
-import { getEnv as e } from "../../config/env/env.util.js";
-import { E_IssueType as t } from "../log/log.type.js";
+import { E_IssueType as e } from "../log/log.type.js";
+import { getEnv as t } from "../../config/env/env.util.js";
 import { catchError as n, log as r } from "../log/log.util.js";
 import { getPackage as i } from "../package/package.util.js";
 import { storage as a } from "../storage/storage.util.js";
@@ -14,11 +14,14 @@ async function S() {
 	let e = await i();
 	return e.success ? (x = e.result.name, x) : Date.now().toString();
 }
-async function C(e) {
+function C() {
+	x = null;
+}
+async function w(e) {
 	if (e.length === 0) return;
 	let t = await S();
 	try {
-		let n = [...await w(), ...e];
+		let n = [...await T(), ...e];
 		await a.set(t, n);
 		let i = await a.getLogLink(t);
 		i && r.info(`📂 Open the error list manually: ${i}`);
@@ -26,7 +29,7 @@ async function C(e) {
 		n(e);
 	}
 }
-async function w() {
+async function T() {
 	try {
 		let e = await S();
 		return await a.get(e) ?? [];
@@ -34,7 +37,7 @@ async function w() {
 		return n(e, { returnValue: [] });
 	}
 }
-async function T() {
+async function E() {
 	try {
 		let e = await S();
 		await a.remove(e);
@@ -42,59 +45,57 @@ async function T() {
 		n(e);
 	}
 }
-async function E(e) {
+async function D(t) {
 	let n = [], i = [], a = "", o = _, s = v, c = y;
-	e.split("\n").forEach((e) => {
-		if (e.startsWith("/")) a = e.trim();
+	t.split("\n").forEach((t) => {
+		let r = s.exec(t);
+		if (r) n.push({
+			file: r?.[1] ?? "",
+			position: `${r[2]}:${r[3]}`,
+			type: r[4] === e.Error ? e.Error : e.Warning,
+			message: r?.[5]?.trim() ?? ""
+		});
+		else if (t.startsWith("/")) a = t.trim();
 		else {
-			let r = o.exec(e);
+			let r = o.exec(t);
 			if (r && a) n.push({
 				file: a,
 				position: `${r[1]}:${r[2]}`,
-				type: r[3] === t.Error ? t.Error : t.Warning,
+				type: r[3] === e.Error ? e.Error : e.Warning,
 				message: r?.[4]?.trim() ?? "",
 				rule: r?.[5]?.trim() ?? ""
 			});
 			else {
-				let r = s.exec(e);
-				if (r) n.push({
-					file: r?.[1] ?? "",
-					position: `${r[2]}:${r[3]}`,
-					type: r[4] === t.Error ? t.Error : t.Warning,
-					message: r?.[5]?.trim() ?? ""
-				});
-				else {
-					let r = c.exec(e);
-					r ? n.push({
-						file: "commitlint",
-						type: t.Error,
-						message: r?.[1]?.trim() ?? "",
-						rule: r?.[2]?.trim() ?? ""
-					}) : i.push(e.trim());
-				}
+				let r = c.exec(t);
+				r ? n.push({
+					file: "commitlint",
+					type: e.Error,
+					message: r?.[1]?.trim() ?? "",
+					rule: r?.[2]?.trim() ?? ""
+				}) : i.push(t.trim());
 			}
 		}
-	}), n.length && await C(n), i.length && (r.warn("Unmatched lines:"), i.forEach((e) => r.info(`  ${e}`)));
+	}), n.length && await w(n), i.length && (r.warn("Unmatched lines:"), i.forEach((e) => r.info(`  ${e}`)));
 }
-async function D(e) {
+async function O(t) {
 	try {
-		let n = JSON.parse(e), r = [];
-		n.forEach(({ filePath: e, messages: n }) => {
+		let n = JSON.parse(t), r = [];
+		n.forEach(({ filePath: t, messages: n }) => {
 			n.forEach(({ severity: n, line: i, column: a, ruleId: o, message: s }) => {
 				r.push({
-					type: n === 2 ? t.Error : t.Warning,
-					file: e,
+					type: n === 2 ? e.Error : e.Warning,
+					file: t,
 					position: `${i}:${a}`,
 					rule: o,
 					message: s
 				});
 			});
-		}), r.length && await C(r);
+		}), r.length && await w(r);
 	} catch {
-		await E(e);
+		await D(t);
 	}
 }
-async function O(e, t = D, n = {}) {
+async function k(e, t = O, n = {}) {
 	let i = new AbortController(), a = () => {
 		r.warn("Process interrupted. Terminating..."), i.abort(), u.exit(130);
 	};
@@ -120,33 +121,33 @@ async function O(e, t = D, n = {}) {
 		u.removeListener("SIGINT", a);
 	}
 }
-function k(e) {
+function A(e) {
 	return {
 		raw: !0,
 		cmd: e
 	};
 }
-function A(e, t) {
+function j(e, t) {
 	return t?.isCurrentProject ? `${l} tsx ${s} ${e}` : `${l} ${o} ${e}`;
 }
-function j(e, t) {
-	return typeof e == "function" ? A(e(t), t) : typeof e == "object" && e?.raw === !0 ? e.cmd : typeof e == "string" ? A(e, t) : e;
+function M(e, t) {
+	return typeof e == "function" ? j(e(t), t) : typeof e == "object" && e?.raw === !0 ? e.cmd : typeof e == "string" ? j(e, t) : e;
 }
-async function M(e) {
+async function N(e) {
 	let t = await i({ name: c });
 	if (t.success) {
 		let n = { isCurrentProject: t.result.isCurrentProject }, r = typeof e == "function" ? e(n) : e;
-		return Object.fromEntries(Object.entries(r).map(([e, t]) => [e, j(t, n)]));
+		return Object.fromEntries(Object.entries(r).map(([e, t]) => [e, M(t, n)]));
 	}
 }
-async function N(t, i, a = {}) {
+async function P(e, i, a = {}) {
 	let o;
 	try {
 		let n = Date.now();
-		r.start(`${t}`), e().DEBUG ? r.info(`→ ${i}`) : o = setInterval(() => {
-			let e = Math.floor((Date.now() - n) / 1e3);
-			e > 0 && u.stdout.write(`\r⏳ ${t}... ${e}s`);
-		}, 1e3), await O(i, D, a), r.success(`${t} done.`);
+		r.start(`${e}`), t().DEBUG ? r.info(`→ ${i}`) : o = setInterval(() => {
+			let t = Math.floor((Date.now() - n) / 1e3);
+			t > 0 && u.stdout.write(`\r⏳ ${e}... ${t}s`);
+		}, 1e3), await k(i, O, a), r.success(`${e} done.`);
 	} catch (e) {
 		if (a.throwOnError) throw e;
 		n(e);
@@ -155,6 +156,6 @@ async function N(t, i, a = {}) {
 	}
 }
 //#endregion
-export { T as clearAllErrorLists, j as formatCommand, w as getStoredErrorLists, k as rawCommand, M as resolveCommands, N as runCommand };
+export { E as clearAllErrorLists, M as formatCommand, T as getStoredErrorLists, A as rawCommand, C as resetCommandCacheForTesting, N as resolveCommands, P as runCommand };
 
 //# sourceMappingURL=command.util.js.map

package/dist/node/command/command.util.js.map

@@ -1 +1 @@
-{"version":3,"file":"command.util.js","names":[],"sources":["../../../src/node/command/command.util.ts"],"sourcesContent":["import { exec, execFile } from 'node:child_process';\nimport process from 'node:process';\nimport * as util from 'node:util';\n\nimport { getEnv } from '#config/env/index.js';\n\nimport type { I_IssueEntry } from '../log/index.js';\nimport type { I_CommandContext, I_EslintError, T_Command, T_CommandMapInput } from './command.type.js';\n\nimport { catchError, E_IssueType, log } from '../log/index.js';\nimport { getPackage } from '../package/index.js';\nimport { CYBERSKILL_CLI, CYBERSKILL_CLI_PATH, CYBERSKILL_PACKAGE_NAME, PNPM_EXEC_CLI, TSX_CLI } from '../path/index.js';\nimport { storage } from '../storage/index.js';\n\nconst execPromise = util.promisify(exec);\nconst execFilePromise = util.promisify(execFile);\nconst SHELL_METACHARACTERS = /[|&;<>`$(){}[\\]!#~*?]/;\nconst RE_ESLINT_ERROR = /^\\s*(\\d+):(\\d+)\\s+(error|warning)\\s+(\\S+(?:\\s+\\S+)*)\\s+(\\S+)$/;\nconst RE_TS_ERROR = /^(.+?)\\((\\d+),(\\d+)\\):\\s+(error|warning)\\s+TS\\d+:\\s+(\\S.+)$/;\nconst RE_COMMITLINT_ERROR = /^✖\\s+(\\S+(?:\\s+\\S+)*)\\s+\\[([^\\]]*)\\]$/;\nconst RE_WHITESPACE = /\\s+/;\n\n/**\n * Retrieves the package name for the current project.\n * This function attempts to get the package name from the current project's package.json.\n * If the package information cannot be retrieved, it returns a timestamp as a fallback.\n * Results are cached after first successful read to avoid redundant I/O.\n *\n * @returns A promise that resolves to the package name or a timestamp string.\n */\nlet _cachedPackageName: string | null = null;\n/** Returns the cached package name, falling back to a timestamp if unavailable. */\nasync function getPackageName() {\n    if (_cachedPackageName) {\n        return _cachedPackageName;\n    }\n\n    const pkg = await getPackage();\n\n    if (!pkg.success) {\n        return Date.now().toString();\n    }\n\n    _cachedPackageName = pkg.result.name;\n    return _cachedPackageName;\n}\n\n/**\n * Saves a list of error entries to persistent storage.\n * This function stores error information with the package name as the key,\n * and provides a log link for manual inspection of the stored errors.\n *\n * @param errorList - An array of error entries to be stored.\n * @returns A promise that resolves when the storage operation is complete.\n */\nasync function saveErrorListToStorage(errorList: I_IssueEntry[]): Promise<void> {\n    if (errorList.length === 0) {\n        return;\n    }\n\n    const packageName = await getPackageName();\n\n    try {\n        const existingErrors = await getStoredErrorLists();\n        const mergedErrors = [...existingErrors, ...errorList];\n\n        await storage.set(packageName, mergedErrors);\n\n        const logPath = await storage.getLogLink(packageName);\n        if (logPath) {\n            log.info(`📂 Open the error list manually: ${logPath}`);\n        }\n    }\n    catch (error) {\n        catchError(error);\n    }\n}\n\n/**\n * Retrieves all stored error lists from persistent storage.\n * This function fetches error entries that were previously saved using the package name as the key.\n *\n * @returns A promise that resolves to an array of error entries, or an empty array if none are found.\n */\nexport async function getStoredErrorLists(): Promise<I_IssueEntry[]> {\n    try {\n        const packageName = await getPackageName();\n        const allErrors = await storage.get<I_IssueEntry[]>(packageName);\n\n        return allErrors ?? [];\n    }\n    catch (error) {\n        return catchError<I_IssueEntry[]>(error, {\n            returnValue: [],\n        });\n    }\n}\n\n/**\n * Clears all stored error lists from persistent storage.\n * This function removes all error entries associated with the current package name.\n *\n * @returns A promise that resolves when the clearing operation is complete.\n */\nexport async function clearAllErrorLists(): Promise<void> {\n    try {\n        const packageName = await getPackageName();\n        await storage.remove(packageName);\n    }\n    catch (error) {\n        catchError(error);\n    }\n}\n\n/**\n * Parses text-based error output and converts it to structured error entries.\n * This function processes command output that contains error information in text format,\n * extracting file paths, line numbers, error types, messages, and rule violations.\n * It handles multiple error formats including ESLint, TypeScript, and commitlint errors.\n *\n * @param output - The raw text output from a command execution containing error information.\n */\nasync function parseTextErrors(output: string): Promise<void> {\n    const errorList: I_IssueEntry[] = [];\n    const unmatchedLines: string[] = [];\n    let lastFilePath = '';\n    const eslintErrorDetailsRegex = RE_ESLINT_ERROR;\n    const tsRegex = RE_TS_ERROR;\n    const commitlintRegex = RE_COMMITLINT_ERROR;\n\n    output.split('\\n').forEach((line) => {\n        if (line.startsWith('/')) {\n            lastFilePath = line.trim();\n        }\n        else {\n            const eslintMatch = eslintErrorDetailsRegex.exec(line);\n\n            if (eslintMatch && lastFilePath) {\n                errorList.push({\n                    file: lastFilePath,\n                    position: `${eslintMatch[1]}:${eslintMatch[2]}`,\n                    type: eslintMatch[3] === E_IssueType.Error ? E_IssueType.Error : E_IssueType.Warning,\n                    message: eslintMatch?.[4]?.trim() ?? '',\n                    rule: eslintMatch?.[5]?.trim() ?? '',\n                });\n            }\n            else {\n                const tsMatch = tsRegex.exec(line);\n\n                if (tsMatch) {\n                    errorList.push({\n                        file: tsMatch?.[1] ?? '',\n                        position: `${tsMatch[2]}:${tsMatch[3]}`,\n                        type: tsMatch[4] === E_IssueType.Error ? E_IssueType.Error : E_IssueType.Warning,\n                        message: tsMatch?.[5]?.trim() ?? '',\n                    });\n                }\n                else {\n                    const commitlintMatch = commitlintRegex.exec(line);\n\n                    if (commitlintMatch) {\n                        errorList.push({\n                            file: 'commitlint',\n                            type: E_IssueType.Error,\n                            message: commitlintMatch?.[1]?.trim() ?? '',\n                            rule: commitlintMatch?.[2]?.trim() ?? '',\n                        });\n                    }\n                    else {\n                        unmatchedLines.push(line.trim());\n                    }\n                }\n            }\n        }\n    });\n\n    if (errorList.length) {\n        await saveErrorListToStorage(errorList);\n    }\n\n    if (unmatchedLines.length) {\n        log.warn(`Unmatched lines:`);\n        unmatchedLines.forEach(line => log.info(`  ${line}`));\n    }\n}\n\n/**\n * Parses command output that contains structured error information.\n * This function attempts to parse JSON-formatted error output (typically from ESLint)\n * and converts it to structured error entries. If JSON parsing fails, it falls back\n * to text-based parsing.\n *\n * @param output - The command output to parse, expected to be JSON-formatted error data.\n */\nasync function parseCommandOutput(output: string): Promise<void> {\n    try {\n        const results: I_EslintError[] = JSON.parse(output);\n        const errorList: I_IssueEntry[] = [];\n\n        results.forEach(({ filePath, messages }) => {\n            messages.forEach(({ severity, line, column, ruleId, message }) => {\n                errorList.push({\n                    type: severity === 2 ? E_IssueType.Error : E_IssueType.Warning,\n                    file: filePath,\n                    position: `${line}:${column}`,\n                    rule: ruleId,\n                    message,\n                });\n            });\n        });\n\n        if (errorList.length) {\n            await saveErrorListToStorage(errorList);\n        }\n    }\n    catch {\n        await parseTextErrors(output);\n    }\n}\n\n/**\n * Executes a command and processes its output for errors.\n * This function runs a command with proper signal handling for graceful termination,\n * processes both stdout and stderr for error information, and handles command failures.\n *\n * @param command - The command string to execute, or undefined if no command should be run.\n * @param parser - The function to use for parsing command output (defaults to parseCommandOutput).\n * @returns A promise that resolves when the command execution is complete.\n */\nasync function executeCommand(command: string | void, parser = parseCommandOutput, options: { timeout?: number } = {}): Promise<void> {\n    const controller = new AbortController();\n\n    const onSigint = () => {\n        log.warn('Process interrupted. Terminating...');\n        controller.abort();\n        process.exit(130);\n    };\n\n    process.once('SIGINT', onSigint);\n\n    try {\n        if (typeof command === 'string') {\n            const execOptions = {\n                maxBuffer: 10 * 1024 * 1024,\n                signal: controller.signal,\n                timeout: options.timeout,\n            };\n\n            let result: { stdout: string; stderr: string };\n\n            if (SHELL_METACHARACTERS.test(command)) {\n                result = await execPromise(command, execOptions);\n            }\n            else {\n                const parts = command.split(RE_WHITESPACE).filter(Boolean);\n                result = await execFilePromise(parts[0]!, parts.slice(1), execOptions);\n            }\n\n            await Promise.all([result.stdout, result.stderr].map(output => output && parser(output)));\n        }\n    }\n    catch (error) {\n        const { stdout, stderr, message } = error as {\n            stdout?: string;\n            stderr?: string;\n            message: string;\n        };\n\n        await Promise.all([stdout, stderr].map(output => output && parser(output)));\n\n        if (!stderr && !stdout) {\n            log.error(`Command failed: ${message}`);\n        }\n\n        throw error;\n    }\n    finally {\n        process.removeListener('SIGINT', onSigint);\n    }\n}\n\n/**\n * Creates a raw command object that bypasses CLI formatting.\n * This function wraps a command string in an object that indicates it should be executed\n * as-is without any additional CLI formatting or path resolution.\n *\n * @param cmd - The raw command string to be executed directly.\n * @returns An object containing the raw command with a flag indicating it should not be formatted.\n */\nexport function rawCommand(cmd: string) {\n    return { raw: true, cmd };\n}\n\n/**\n * Formats a command for CLI execution based on the current project context.\n * This function determines whether to use the current project's CLI path or the global CLI,\n * and formats the command accordingly with the appropriate executable paths.\n *\n * @param command - The command string to format.\n * @param context - Optional context information about the current project.\n * @returns The formatted command string ready for execution.\n */\nfunction formatCLI(command: string, context?: I_CommandContext) {\n    if (context?.isCurrentProject) {\n        return `${PNPM_EXEC_CLI} ${TSX_CLI} ${CYBERSKILL_CLI_PATH} ${command}`;\n    }\n\n    return `${PNPM_EXEC_CLI} ${CYBERSKILL_CLI} ${command}`;\n}\n\n/**\n * Formats a command based on its type and context.\n * This function handles different command types:\n * - Function commands: Executes the function with context and formats the result\n * - Raw commands: Returns the command as-is without formatting\n * - String commands: Formats them as CLI commands\n *\n * @param command - The command to format, which can be a string, function, or raw command object.\n * @param context - Optional context information for command execution.\n * @returns The formatted command string ready for execution.\n */\nexport function formatCommand(command: T_Command, context?: I_CommandContext) {\n    if (typeof command === 'function') {\n        return formatCLI(command(context), context);\n    }\n\n    if (typeof command === 'object' && command?.raw === true) {\n        return command.cmd;\n    }\n\n    if (typeof command === 'string') {\n        return formatCLI(command, context);\n    }\n\n    return command;\n}\n\n/**\n * Resolves a map of commands by formatting them based on the current project context.\n * This function takes a command map (either static or dynamic) and formats all commands\n * using the appropriate CLI paths based on whether the current project is the Cyberskill package.\n *\n * @param input - The command map to resolve, which can be static or a function that returns a map.\n * @returns A promise that resolves to an object with formatted command strings, or undefined if package info cannot be retrieved.\n */\nexport async function resolveCommands(input: T_CommandMapInput) {\n    const packageData = await getPackage({ name: CYBERSKILL_PACKAGE_NAME });\n\n    if (packageData.success) {\n        const ctx: I_CommandContext = { isCurrentProject: packageData.result.isCurrentProject };\n        const commands = typeof input === 'function' ? input(ctx) : input;\n\n        return Object.fromEntries(\n            Object.entries(commands).map(([key, cmd]) => [key, formatCommand(cmd, ctx)]),\n        );\n    }\n}\n\n/**\n * Executes a command with proper logging and error handling.\n * This function provides a standardized way to run commands with:\n * - Progress logging with start and success messages\n * - Debug logging of the actual command when DEBUG mode is enabled\n * - Error handling and reporting\n *\n * @param label - A human-readable label describing what the command does.\n * @param command - The command string to execute, or undefined if no command should be run.\n * @returns A promise that resolves when the command execution is complete.\n */\nexport async function runCommand(label: string, command: string | void, options: { timeout?: number; throwOnError?: boolean } = {}) {\n    let timer: NodeJS.Timeout | undefined;\n\n    try {\n        const startTime = Date.now();\n        log.start(`${label}`);\n\n        if (getEnv().DEBUG) {\n            log.info(`→ ${command}`);\n        }\n        else {\n            timer = setInterval(() => {\n                const elapsed = Math.floor((Date.now() - startTime) / 1000);\n\n                if (elapsed > 0) {\n                    process.stdout.write(`\\r⏳ ${label}... ${elapsed}s`);\n                }\n            }, 1000);\n        }\n\n        await executeCommand(command, parseCommandOutput, options);\n\n        log.success(`${label} done.`);\n    }\n    catch (error) {\n        if (options.throwOnError) {\n            throw error;\n        }\n        catchError(error);\n    }\n    finally {\n        if (timer) {\n            clearInterval(timer);\n            process.stdout.write(`\\r\\x1B[K`);\n        }\n    }\n}\n"],"mappings":";;;;;;;;;;AAcA,IAAM,IAAc,EAAK,UAAU,EAAK,EAClC,IAAkB,EAAK,UAAU,EAAS,EAC1C,IAAuB,yBACvB,IAAkB,iEAClB,IAAc,+DACd,IAAsB,yCACtB,IAAgB,OAUlB,IAAoC;AAExC,eAAe,IAAiB;AAC5B,KAAI,EACA,QAAO;CAGX,IAAM,IAAM,MAAM,GAAY;AAO9B,QALK,EAAI,WAIT,IAAqB,EAAI,OAAO,MACzB,KAJI,KAAK,KAAK,CAAC,UAAU;;AAepC,eAAe,EAAuB,GAA0C;AAC5E,KAAI,EAAU,WAAW,EACrB;CAGJ,IAAM,IAAc,MAAM,GAAgB;AAE1C,KAAI;EAEA,IAAM,IAAe,CAAC,GADC,MAAM,GAAqB,EACT,GAAG,EAAU;AAEtD,QAAM,EAAQ,IAAI,GAAa,EAAa;EAE5C,IAAM,IAAU,MAAM,EAAQ,WAAW,EAAY;AACrD,EAAI,KACA,EAAI,KAAK,oCAAoC,IAAU;UAGxD,GAAO;AACV,IAAW,EAAM;;;AAUzB,eAAsB,IAA+C;AACjE,KAAI;EACA,IAAM,IAAc,MAAM,GAAgB;AAG1C,SAFkB,MAAM,EAAQ,IAAoB,EAAY,IAE5C,EAAE;UAEnB,GAAO;AACV,SAAO,EAA2B,GAAO,EACrC,aAAa,EAAE,EAClB,CAAC;;;AAUV,eAAsB,IAAoC;AACtD,KAAI;EACA,IAAM,IAAc,MAAM,GAAgB;AAC1C,QAAM,EAAQ,OAAO,EAAY;UAE9B,GAAO;AACV,IAAW,EAAM;;;AAYzB,eAAe,EAAgB,GAA+B;CAC1D,IAAM,IAA4B,EAAE,EAC9B,IAA2B,EAAE,EAC/B,IAAe,IACb,IAA0B,GAC1B,IAAU,GACV,IAAkB;AAoDxB,CAlDA,EAAO,MAAM,KAAK,CAAC,SAAS,MAAS;AACjC,MAAI,EAAK,WAAW,IAAI,CACpB,KAAe,EAAK,MAAM;OAEzB;GACD,IAAM,IAAc,EAAwB,KAAK,EAAK;AAEtD,OAAI,KAAe,EACf,GAAU,KAAK;IACX,MAAM;IACN,UAAU,GAAG,EAAY,GAAG,GAAG,EAAY;IAC3C,MAAM,EAAY,OAAO,EAAY,QAAQ,EAAY,QAAQ,EAAY;IAC7E,SAAS,IAAc,IAAI,MAAM,IAAI;IACrC,MAAM,IAAc,IAAI,MAAM,IAAI;IACrC,CAAC;QAED;IACD,IAAM,IAAU,EAAQ,KAAK,EAAK;AAElC,QAAI,EACA,GAAU,KAAK;KACX,MAAM,IAAU,MAAM;KACtB,UAAU,GAAG,EAAQ,GAAG,GAAG,EAAQ;KACnC,MAAM,EAAQ,OAAO,EAAY,QAAQ,EAAY,QAAQ,EAAY;KACzE,SAAS,IAAU,IAAI,MAAM,IAAI;KACpC,CAAC;SAED;KACD,IAAM,IAAkB,EAAgB,KAAK,EAAK;AAElD,KAAI,IACA,EAAU,KAAK;MACX,MAAM;MACN,MAAM,EAAY;MAClB,SAAS,IAAkB,IAAI,MAAM,IAAI;MACzC,MAAM,IAAkB,IAAI,MAAM,IAAI;MACzC,CAAC,GAGF,EAAe,KAAK,EAAK,MAAM,CAAC;;;;GAKlD,EAEE,EAAU,UACV,MAAM,EAAuB,EAAU,EAGvC,EAAe,WACf,EAAI,KAAK,mBAAmB,EAC5B,EAAe,SAAQ,MAAQ,EAAI,KAAK,KAAK,IAAO,CAAC;;AAY7D,eAAe,EAAmB,GAA+B;AAC7D,KAAI;EACA,IAAM,IAA2B,KAAK,MAAM,EAAO,EAC7C,IAA4B,EAAE;AAcpC,EAZA,EAAQ,SAAS,EAAE,aAAU,kBAAe;AACxC,KAAS,SAAS,EAAE,aAAU,SAAM,WAAQ,WAAQ,iBAAc;AAC9D,MAAU,KAAK;KACX,MAAM,MAAa,IAAI,EAAY,QAAQ,EAAY;KACvD,MAAM;KACN,UAAU,GAAG,EAAK,GAAG;KACrB,MAAM;KACN;KACH,CAAC;KACJ;IACJ,EAEE,EAAU,UACV,MAAM,EAAuB,EAAU;SAGzC;AACF,QAAM,EAAgB,EAAO;;;AAarC,eAAe,EAAe,GAAwB,IAAS,GAAoB,IAAgC,EAAE,EAAiB;CAClI,IAAM,IAAa,IAAI,iBAAiB,EAElC,UAAiB;AAGnB,EAFA,EAAI,KAAK,sCAAsC,EAC/C,EAAW,OAAO,EAClB,EAAQ,KAAK,IAAI;;AAGrB,GAAQ,KAAK,UAAU,EAAS;AAEhC,KAAI;AACA,MAAI,OAAO,KAAY,UAAU;GAC7B,IAAM,IAAc;IAChB,WAAW,KAAK,OAAO;IACvB,QAAQ,EAAW;IACnB,SAAS,EAAQ;IACpB,EAEG;AAEJ,OAAI,EAAqB,KAAK,EAAQ,CAClC,KAAS,MAAM,EAAY,GAAS,EAAY;QAE/C;IACD,IAAM,IAAQ,EAAQ,MAAM,EAAc,CAAC,OAAO,QAAQ;AAC1D,QAAS,MAAM,EAAgB,EAAM,IAAK,EAAM,MAAM,EAAE,EAAE,EAAY;;AAG1E,SAAM,QAAQ,IAAI,CAAC,EAAO,QAAQ,EAAO,OAAO,CAAC,KAAI,MAAU,KAAU,EAAO,EAAO,CAAC,CAAC;;UAG1F,GAAO;EACV,IAAM,EAAE,WAAQ,WAAQ,eAAY;AAYpC,QANA,MAAM,QAAQ,IAAI,CAAC,GAAQ,EAAO,CAAC,KAAI,MAAU,KAAU,EAAO,EAAO,CAAC,CAAC,EAEvE,CAAC,KAAU,CAAC,KACZ,EAAI,MAAM,mBAAmB,IAAU,EAGrC;WAEF;AACJ,IAAQ,eAAe,UAAU,EAAS;;;AAYlD,SAAgB,EAAW,GAAa;AACpC,QAAO;EAAE,KAAK;EAAM;EAAK;;AAY7B,SAAS,EAAU,GAAiB,GAA4B;AAK5D,QAJI,GAAS,mBACF,GAAG,EAAc,OAAc,EAAoB,GAAG,MAG1D,GAAG,EAAc,GAAG,EAAe,GAAG;;AAcjD,SAAgB,EAAc,GAAoB,GAA4B;AAa1E,QAZI,OAAO,KAAY,aACZ,EAAU,EAAQ,EAAQ,EAAE,EAAQ,GAG3C,OAAO,KAAY,YAAY,GAAS,QAAQ,KACzC,EAAQ,MAGf,OAAO,KAAY,WACZ,EAAU,GAAS,EAAQ,GAG/B;;AAWX,eAAsB,EAAgB,GAA0B;CAC5D,IAAM,IAAc,MAAM,EAAW,EAAE,MAAM,GAAyB,CAAC;AAEvE,KAAI,EAAY,SAAS;EACrB,IAAM,IAAwB,EAAE,kBAAkB,EAAY,OAAO,kBAAkB,EACjF,IAAW,OAAO,KAAU,aAAa,EAAM,EAAI,GAAG;AAE5D,SAAO,OAAO,YACV,OAAO,QAAQ,EAAS,CAAC,KAAK,CAAC,GAAK,OAAS,CAAC,GAAK,EAAc,GAAK,EAAI,CAAC,CAAC,CAC/E;;;AAeT,eAAsB,EAAW,GAAe,GAAwB,IAAwD,EAAE,EAAE;CAChI,IAAI;AAEJ,KAAI;EACA,IAAM,IAAY,KAAK,KAAK;AAkB5B,EAjBA,EAAI,MAAM,GAAG,IAAQ,EAEjB,GAAQ,CAAC,QACT,EAAI,KAAK,KAAK,IAAU,GAGxB,IAAQ,kBAAkB;GACtB,IAAM,IAAU,KAAK,OAAO,KAAK,KAAK,GAAG,KAAa,IAAK;AAE3D,GAAI,IAAU,KACV,EAAQ,OAAO,MAAM,OAAO,EAAM,MAAM,EAAQ,GAAG;KAExD,IAAK,EAGZ,MAAM,EAAe,GAAS,GAAoB,EAAQ,EAE1D,EAAI,QAAQ,GAAG,EAAM,QAAQ;UAE1B,GAAO;AACV,MAAI,EAAQ,aACR,OAAM;AAEV,IAAW,EAAM;WAEb;AACJ,EAAI,MACA,cAAc,EAAM,EACpB,EAAQ,OAAO,MAAM,WAAW"}
+{"version":3,"file":"command.util.js","names":[],"sources":["../../../src/node/command/command.util.ts"],"sourcesContent":["import { exec, execFile } from 'node:child_process';\nimport process from 'node:process';\nimport * as util from 'node:util';\n\nimport { getEnv } from '#config/env/index.js';\n\nimport type { I_IssueEntry } from '../log/index.js';\nimport type { I_CommandContext, I_EslintError, T_Command, T_CommandMapInput } from './command.type.js';\n\nimport { catchError, E_IssueType, log } from '../log/index.js';\nimport { getPackage } from '../package/index.js';\nimport { CYBERSKILL_CLI, CYBERSKILL_CLI_PATH, CYBERSKILL_PACKAGE_NAME, PNPM_EXEC_CLI, TSX_CLI } from '../path/index.js';\nimport { storage } from '../storage/index.js';\n\nconst execPromise = util.promisify(exec);\nconst execFilePromise = util.promisify(execFile);\nconst SHELL_METACHARACTERS = /[|&;<>`$(){}[\\]!#~*?]/;\nconst RE_ESLINT_ERROR = /^\\s*(\\d+):(\\d+)\\s+(error|warning)\\s+(\\S+(?:\\s+\\S+)*)\\s+(\\S+)$/;\nconst RE_TS_ERROR = /^(.+?)\\((\\d+),(\\d+)\\):\\s+(error|warning)\\s+TS\\d+:\\s+(\\S.+)$/;\nconst RE_COMMITLINT_ERROR = /^✖\\s+(\\S+(?:\\s+\\S+)*)\\s+\\[([^\\]]*)\\]$/;\nconst RE_WHITESPACE = /\\s+/;\n\n/**\n * Retrieves the package name for the current project.\n * This function attempts to get the package name from the current project's package.json.\n * If the package information cannot be retrieved, it returns a timestamp as a fallback.\n * Results are cached after first successful read to avoid redundant I/O.\n *\n * @returns A promise that resolves to the package name or a timestamp string.\n */\nlet _cachedPackageName: string | null = null;\n/** Returns the cached package name, falling back to a timestamp if unavailable. */\nasync function getPackageName() {\n    if (_cachedPackageName) {\n        return _cachedPackageName;\n    }\n\n    const pkg = await getPackage();\n\n    if (!pkg.success) {\n        return Date.now().toString();\n    }\n\n    _cachedPackageName = pkg.result.name;\n    return _cachedPackageName;\n}\n\n/**\n * Resets the cached package name. For testing only.\n * Call this to force `getPackageName()` to re-read the package.json on the next invocation.\n */\nexport function resetCommandCacheForTesting(): void {\n    _cachedPackageName = null;\n}\n\n/**\n * Saves a list of error entries to persistent storage.\n * This function stores error information with the package name as the key,\n * and provides a log link for manual inspection of the stored errors.\n *\n * @param errorList - An array of error entries to be stored.\n * @returns A promise that resolves when the storage operation is complete.\n */\nasync function saveErrorListToStorage(errorList: I_IssueEntry[]): Promise<void> {\n    if (errorList.length === 0) {\n        return;\n    }\n\n    const packageName = await getPackageName();\n\n    try {\n        const existingErrors = await getStoredErrorLists();\n        const mergedErrors = [...existingErrors, ...errorList];\n\n        await storage.set(packageName, mergedErrors);\n\n        const logPath = await storage.getLogLink(packageName);\n        if (logPath) {\n            log.info(`📂 Open the error list manually: ${logPath}`);\n        }\n    }\n    catch (error) {\n        catchError(error);\n    }\n}\n\n/**\n * Retrieves all stored error lists from persistent storage.\n * This function fetches error entries that were previously saved using the package name as the key.\n *\n * @returns A promise that resolves to an array of error entries, or an empty array if none are found.\n */\nexport async function getStoredErrorLists(): Promise<I_IssueEntry[]> {\n    try {\n        const packageName = await getPackageName();\n        const allErrors = await storage.get<I_IssueEntry[]>(packageName);\n\n        return allErrors ?? [];\n    }\n    catch (error) {\n        return catchError<I_IssueEntry[]>(error, {\n            returnValue: [],\n        });\n    }\n}\n\n/**\n * Clears all stored error lists from persistent storage.\n * This function removes all error entries associated with the current package name.\n *\n * @returns A promise that resolves when the clearing operation is complete.\n */\nexport async function clearAllErrorLists(): Promise<void> {\n    try {\n        const packageName = await getPackageName();\n        await storage.remove(packageName);\n    }\n    catch (error) {\n        catchError(error);\n    }\n}\n\n/**\n * Parses text-based error output and converts it to structured error entries.\n * This function processes command output that contains error information in text format,\n * extracting file paths, line numbers, error types, messages, and rule violations.\n * It handles multiple error formats including ESLint, TypeScript, and commitlint errors.\n *\n * @param output - The raw text output from a command execution containing error information.\n */\nasync function parseTextErrors(output: string): Promise<void> {\n    const errorList: I_IssueEntry[] = [];\n    const unmatchedLines: string[] = [];\n    let lastFilePath = '';\n    const eslintErrorDetailsRegex = RE_ESLINT_ERROR;\n    const tsRegex = RE_TS_ERROR;\n    const commitlintRegex = RE_COMMITLINT_ERROR;\n\n    output.split('\\n').forEach((line) => {\n        const tsMatch = tsRegex.exec(line);\n\n        if (tsMatch) {\n            errorList.push({\n                file: tsMatch?.[1] ?? '',\n                position: `${tsMatch[2]}:${tsMatch[3]}`,\n                type: tsMatch[4] === E_IssueType.Error ? E_IssueType.Error : E_IssueType.Warning,\n                message: tsMatch?.[5]?.trim() ?? '',\n            });\n        }\n        else if (line.startsWith('/')) {\n            lastFilePath = line.trim();\n        }\n        else {\n            const eslintMatch = eslintErrorDetailsRegex.exec(line);\n\n            if (eslintMatch && lastFilePath) {\n                errorList.push({\n                    file: lastFilePath,\n                    position: `${eslintMatch[1]}:${eslintMatch[2]}`,\n                    type: eslintMatch[3] === E_IssueType.Error ? E_IssueType.Error : E_IssueType.Warning,\n                    message: eslintMatch?.[4]?.trim() ?? '',\n                    rule: eslintMatch?.[5]?.trim() ?? '',\n                });\n            }\n            else {\n                const commitlintMatch = commitlintRegex.exec(line);\n\n                if (commitlintMatch) {\n                    errorList.push({\n                        file: 'commitlint',\n                        type: E_IssueType.Error,\n                        message: commitlintMatch?.[1]?.trim() ?? '',\n                        rule: commitlintMatch?.[2]?.trim() ?? '',\n                    });\n                }\n                else {\n                    unmatchedLines.push(line.trim());\n                }\n            }\n        }\n    });\n\n    if (errorList.length) {\n        await saveErrorListToStorage(errorList);\n    }\n\n    if (unmatchedLines.length) {\n        log.warn(`Unmatched lines:`);\n        unmatchedLines.forEach(line => log.info(`  ${line}`));\n    }\n}\n\n/**\n * Parses command output that contains structured error information.\n * This function attempts to parse JSON-formatted error output (typically from ESLint)\n * and converts it to structured error entries. If JSON parsing fails, it falls back\n * to text-based parsing.\n *\n * @param output - The command output to parse, expected to be JSON-formatted error data.\n */\nasync function parseCommandOutput(output: string): Promise<void> {\n    try {\n        const results: I_EslintError[] = JSON.parse(output);\n        const errorList: I_IssueEntry[] = [];\n\n        results.forEach(({ filePath, messages }) => {\n            messages.forEach(({ severity, line, column, ruleId, message }) => {\n                errorList.push({\n                    type: severity === 2 ? E_IssueType.Error : E_IssueType.Warning,\n                    file: filePath,\n                    position: `${line}:${column}`,\n                    rule: ruleId,\n                    message,\n                });\n            });\n        });\n\n        if (errorList.length) {\n            await saveErrorListToStorage(errorList);\n        }\n    }\n    catch {\n        await parseTextErrors(output);\n    }\n}\n\n/**\n * Executes a command and processes its output for errors.\n * This function runs a command with proper signal handling for graceful termination,\n * processes both stdout and stderr for error information, and handles command failures.\n *\n * @param command - The command string to execute, or undefined if no command should be run.\n * @param parser - The function to use for parsing command output (defaults to parseCommandOutput).\n * @returns A promise that resolves when the command execution is complete.\n */\nasync function executeCommand(command: string | void, parser = parseCommandOutput, options: { timeout?: number } = {}): Promise<void> {\n    const controller = new AbortController();\n\n    const onSigint = () => {\n        log.warn('Process interrupted. Terminating...');\n        controller.abort();\n        process.exit(130);\n    };\n\n    process.once('SIGINT', onSigint);\n\n    try {\n        if (typeof command === 'string') {\n            const execOptions = {\n                maxBuffer: 10 * 1024 * 1024,\n                signal: controller.signal,\n                timeout: options.timeout,\n            };\n\n            let result: { stdout: string; stderr: string };\n\n            if (SHELL_METACHARACTERS.test(command)) {\n                result = await execPromise(command, execOptions);\n            }\n            else {\n                const parts = command.split(RE_WHITESPACE).filter(Boolean);\n                result = await execFilePromise(parts[0]!, parts.slice(1), execOptions);\n            }\n\n            await Promise.all([result.stdout, result.stderr].map(output => output && parser(output)));\n        }\n    }\n    catch (error) {\n        const { stdout, stderr, message } = error as {\n            stdout?: string;\n            stderr?: string;\n            message: string;\n        };\n\n        await Promise.all([stdout, stderr].map(output => output && parser(output)));\n\n        if (!stderr && !stdout) {\n            log.error(`Command failed: ${message}`);\n        }\n\n        throw error;\n    }\n    finally {\n        process.removeListener('SIGINT', onSigint);\n    }\n}\n\n/**\n * Creates a raw command object that bypasses CLI formatting.\n * This function wraps a command string in an object that indicates it should be executed\n * as-is without any additional CLI formatting or path resolution.\n *\n * @param cmd - The raw command string to be executed directly.\n * @returns An object containing the raw command with a flag indicating it should not be formatted.\n */\nexport function rawCommand(cmd: string) {\n    return { raw: true, cmd };\n}\n\n/**\n * Formats a command for CLI execution based on the current project context.\n * This function determines whether to use the current project's CLI path or the global CLI,\n * and formats the command accordingly with the appropriate executable paths.\n *\n * @param command - The command string to format.\n * @param context - Optional context information about the current project.\n * @returns The formatted command string ready for execution.\n */\nfunction formatCLI(command: string, context?: I_CommandContext) {\n    if (context?.isCurrentProject) {\n        return `${PNPM_EXEC_CLI} ${TSX_CLI} ${CYBERSKILL_CLI_PATH} ${command}`;\n    }\n\n    return `${PNPM_EXEC_CLI} ${CYBERSKILL_CLI} ${command}`;\n}\n\n/**\n * Formats a command based on its type and context.\n * This function handles different command types:\n * - Function commands: Executes the function with context and formats the result\n * - Raw commands: Returns the command as-is without formatting\n * - String commands: Formats them as CLI commands\n *\n * @param command - The command to format, which can be a string, function, or raw command object.\n * @param context - Optional context information for command execution.\n * @returns The formatted command string ready for execution.\n */\nexport function formatCommand(command: T_Command, context?: I_CommandContext) {\n    if (typeof command === 'function') {\n        return formatCLI(command(context), context);\n    }\n\n    if (typeof command === 'object' && command?.raw === true) {\n        return command.cmd;\n    }\n\n    if (typeof command === 'string') {\n        return formatCLI(command, context);\n    }\n\n    return command;\n}\n\n/**\n * Resolves a map of commands by formatting them based on the current project context.\n * This function takes a command map (either static or dynamic) and formats all commands\n * using the appropriate CLI paths based on whether the current project is the Cyberskill package.\n *\n * @param input - The command map to resolve, which can be static or a function that returns a map.\n * @returns A promise that resolves to an object with formatted command strings, or undefined if package info cannot be retrieved.\n */\nexport async function resolveCommands(input: T_CommandMapInput) {\n    const packageData = await getPackage({ name: CYBERSKILL_PACKAGE_NAME });\n\n    if (packageData.success) {\n        const ctx: I_CommandContext = { isCurrentProject: packageData.result.isCurrentProject };\n        const commands = typeof input === 'function' ? input(ctx) : input;\n\n        return Object.fromEntries(\n            Object.entries(commands).map(([key, cmd]) => [key, formatCommand(cmd, ctx)]),\n        );\n    }\n}\n\n/**\n * Executes a command with proper logging and error handling.\n * This function provides a standardized way to run commands with:\n * - Progress logging with start and success messages\n * - Debug logging of the actual command when DEBUG mode is enabled\n * - Error handling and reporting\n *\n * @param label - A human-readable label describing what the command does.\n * @param command - The command string to execute, or undefined if no command should be run.\n * @returns A promise that resolves when the command execution is complete.\n */\nexport async function runCommand(label: string, command: string | void, options: { timeout?: number; throwOnError?: boolean } = {}) {\n    let timer: NodeJS.Timeout | undefined;\n\n    try {\n        const startTime = Date.now();\n        log.start(`${label}`);\n\n        if (getEnv().DEBUG) {\n            log.info(`→ ${command}`);\n        }\n        else {\n            timer = setInterval(() => {\n                const elapsed = Math.floor((Date.now() - startTime) / 1000);\n\n                if (elapsed > 0) {\n                    process.stdout.write(`\\r⏳ ${label}... ${elapsed}s`);\n                }\n            }, 1000);\n        }\n\n        await executeCommand(command, parseCommandOutput, options);\n\n        log.success(`${label} done.`);\n    }\n    catch (error) {\n        if (options.throwOnError) {\n            throw error;\n        }\n        catchError(error);\n    }\n    finally {\n        if (timer) {\n            clearInterval(timer);\n            process.stdout.write(`\\r\\x1B[K`);\n        }\n    }\n}\n"],"mappings":";;;;;;;;;;AAcA,IAAM,IAAc,EAAK,UAAU,EAAK,EAClC,IAAkB,EAAK,UAAU,EAAS,EAC1C,IAAuB,yBACvB,IAAkB,iEAClB,IAAc,+DACd,IAAsB,yCACtB,IAAgB,OAUlB,IAAoC;AAExC,eAAe,IAAiB;AAC5B,KAAI,EACA,QAAO;CAGX,IAAM,IAAM,MAAM,GAAY;AAO9B,QALK,EAAI,WAIT,IAAqB,EAAI,OAAO,MACzB,KAJI,KAAK,KAAK,CAAC,UAAU;;AAWpC,SAAgB,IAAoC;AAChD,KAAqB;;AAWzB,eAAe,EAAuB,GAA0C;AAC5E,KAAI,EAAU,WAAW,EACrB;CAGJ,IAAM,IAAc,MAAM,GAAgB;AAE1C,KAAI;EAEA,IAAM,IAAe,CAAC,GADC,MAAM,GAAqB,EACT,GAAG,EAAU;AAEtD,QAAM,EAAQ,IAAI,GAAa,EAAa;EAE5C,IAAM,IAAU,MAAM,EAAQ,WAAW,EAAY;AACrD,EAAI,KACA,EAAI,KAAK,oCAAoC,IAAU;UAGxD,GAAO;AACV,IAAW,EAAM;;;AAUzB,eAAsB,IAA+C;AACjE,KAAI;EACA,IAAM,IAAc,MAAM,GAAgB;AAG1C,SAFkB,MAAM,EAAQ,IAAoB,EAAY,IAE5C,EAAE;UAEnB,GAAO;AACV,SAAO,EAA2B,GAAO,EACrC,aAAa,EAAE,EAClB,CAAC;;;AAUV,eAAsB,IAAoC;AACtD,KAAI;EACA,IAAM,IAAc,MAAM,GAAgB;AAC1C,QAAM,EAAQ,OAAO,EAAY;UAE9B,GAAO;AACV,IAAW,EAAM;;;AAYzB,eAAe,EAAgB,GAA+B;CAC1D,IAAM,IAA4B,EAAE,EAC9B,IAA2B,EAAE,EAC/B,IAAe,IACb,IAA0B,GAC1B,IAAU,GACV,IAAkB;AAkDxB,CAhDA,EAAO,MAAM,KAAK,CAAC,SAAS,MAAS;EACjC,IAAM,IAAU,EAAQ,KAAK,EAAK;AAElC,MAAI,EACA,GAAU,KAAK;GACX,MAAM,IAAU,MAAM;GACtB,UAAU,GAAG,EAAQ,GAAG,GAAG,EAAQ;GACnC,MAAM,EAAQ,OAAO,EAAY,QAAQ,EAAY,QAAQ,EAAY;GACzE,SAAS,IAAU,IAAI,MAAM,IAAI;GACpC,CAAC;WAEG,EAAK,WAAW,IAAI,CACzB,KAAe,EAAK,MAAM;OAEzB;GACD,IAAM,IAAc,EAAwB,KAAK,EAAK;AAEtD,OAAI,KAAe,EACf,GAAU,KAAK;IACX,MAAM;IACN,UAAU,GAAG,EAAY,GAAG,GAAG,EAAY;IAC3C,MAAM,EAAY,OAAO,EAAY,QAAQ,EAAY,QAAQ,EAAY;IAC7E,SAAS,IAAc,IAAI,MAAM,IAAI;IACrC,MAAM,IAAc,IAAI,MAAM,IAAI;IACrC,CAAC;QAED;IACD,IAAM,IAAkB,EAAgB,KAAK,EAAK;AAElD,IAAI,IACA,EAAU,KAAK;KACX,MAAM;KACN,MAAM,EAAY;KAClB,SAAS,IAAkB,IAAI,MAAM,IAAI;KACzC,MAAM,IAAkB,IAAI,MAAM,IAAI;KACzC,CAAC,GAGF,EAAe,KAAK,EAAK,MAAM,CAAC;;;GAI9C,EAEE,EAAU,UACV,MAAM,EAAuB,EAAU,EAGvC,EAAe,WACf,EAAI,KAAK,mBAAmB,EAC5B,EAAe,SAAQ,MAAQ,EAAI,KAAK,KAAK,IAAO,CAAC;;AAY7D,eAAe,EAAmB,GAA+B;AAC7D,KAAI;EACA,IAAM,IAA2B,KAAK,MAAM,EAAO,EAC7C,IAA4B,EAAE;AAcpC,EAZA,EAAQ,SAAS,EAAE,aAAU,kBAAe;AACxC,KAAS,SAAS,EAAE,aAAU,SAAM,WAAQ,WAAQ,iBAAc;AAC9D,MAAU,KAAK;KACX,MAAM,MAAa,IAAI,EAAY,QAAQ,EAAY;KACvD,MAAM;KACN,UAAU,GAAG,EAAK,GAAG;KACrB,MAAM;KACN;KACH,CAAC;KACJ;IACJ,EAEE,EAAU,UACV,MAAM,EAAuB,EAAU;SAGzC;AACF,QAAM,EAAgB,EAAO;;;AAarC,eAAe,EAAe,GAAwB,IAAS,GAAoB,IAAgC,EAAE,EAAiB;CAClI,IAAM,IAAa,IAAI,iBAAiB,EAElC,UAAiB;AAGnB,EAFA,EAAI,KAAK,sCAAsC,EAC/C,EAAW,OAAO,EAClB,EAAQ,KAAK,IAAI;;AAGrB,GAAQ,KAAK,UAAU,EAAS;AAEhC,KAAI;AACA,MAAI,OAAO,KAAY,UAAU;GAC7B,IAAM,IAAc;IAChB,WAAW,KAAK,OAAO;IACvB,QAAQ,EAAW;IACnB,SAAS,EAAQ;IACpB,EAEG;AAEJ,OAAI,EAAqB,KAAK,EAAQ,CAClC,KAAS,MAAM,EAAY,GAAS,EAAY;QAE/C;IACD,IAAM,IAAQ,EAAQ,MAAM,EAAc,CAAC,OAAO,QAAQ;AAC1D,QAAS,MAAM,EAAgB,EAAM,IAAK,EAAM,MAAM,EAAE,EAAE,EAAY;;AAG1E,SAAM,QAAQ,IAAI,CAAC,EAAO,QAAQ,EAAO,OAAO,CAAC,KAAI,MAAU,KAAU,EAAO,EAAO,CAAC,CAAC;;UAG1F,GAAO;EACV,IAAM,EAAE,WAAQ,WAAQ,eAAY;AAYpC,QANA,MAAM,QAAQ,IAAI,CAAC,GAAQ,EAAO,CAAC,KAAI,MAAU,KAAU,EAAO,EAAO,CAAC,CAAC,EAEvE,CAAC,KAAU,CAAC,KACZ,EAAI,MAAM,mBAAmB,IAAU,EAGrC;WAEF;AACJ,IAAQ,eAAe,UAAU,EAAS;;;AAYlD,SAAgB,EAAW,GAAa;AACpC,QAAO;EAAE,KAAK;EAAM;EAAK;;AAY7B,SAAS,EAAU,GAAiB,GAA4B;AAK5D,QAJI,GAAS,mBACF,GAAG,EAAc,OAAc,EAAoB,GAAG,MAG1D,GAAG,EAAc,GAAG,EAAe,GAAG;;AAcjD,SAAgB,EAAc,GAAoB,GAA4B;AAa1E,QAZI,OAAO,KAAY,aACZ,EAAU,EAAQ,EAAQ,EAAE,EAAQ,GAG3C,OAAO,KAAY,YAAY,GAAS,QAAQ,KACzC,EAAQ,MAGf,OAAO,KAAY,WACZ,EAAU,GAAS,EAAQ,GAG/B;;AAWX,eAAsB,EAAgB,GAA0B;CAC5D,IAAM,IAAc,MAAM,EAAW,EAAE,MAAM,GAAyB,CAAC;AAEvE,KAAI,EAAY,SAAS;EACrB,IAAM,IAAwB,EAAE,kBAAkB,EAAY,OAAO,kBAAkB,EACjF,IAAW,OAAO,KAAU,aAAa,EAAM,EAAI,GAAG;AAE5D,SAAO,OAAO,YACV,OAAO,QAAQ,EAAS,CAAC,KAAK,CAAC,GAAK,OAAS,CAAC,GAAK,EAAc,GAAK,EAAI,CAAC,CAAC,CAC/E;;;AAeT,eAAsB,EAAW,GAAe,GAAwB,IAAwD,EAAE,EAAE;CAChI,IAAI;AAEJ,KAAI;EACA,IAAM,IAAY,KAAK,KAAK;AAkB5B,EAjBA,EAAI,MAAM,GAAG,IAAQ,EAEjB,GAAQ,CAAC,QACT,EAAI,KAAK,KAAK,IAAU,GAGxB,IAAQ,kBAAkB;GACtB,IAAM,IAAU,KAAK,OAAO,KAAK,KAAK,GAAG,KAAa,IAAK;AAE3D,GAAI,IAAU,KACV,EAAQ,OAAO,MAAM,OAAO,EAAM,MAAM,EAAQ,GAAG;KAExD,IAAK,EAGZ,MAAM,EAAe,GAAS,GAAoB,EAAQ,EAE1D,EAAI,QAAQ,GAAG,EAAM,QAAQ;UAE1B,GAAO;AACV,MAAI,EAAQ,aACR,OAAM;AAEV,IAAW,EAAM;WAEb;AACJ,EAAI,MACA,cAAc,EAAM,EACpB,EAAQ,OAAO,MAAM,WAAW"}

package/dist/node/command/index.js

@@ -1,3 +1,3 @@
 import { E_CommandType as e } from "./command.type.js";
-import { clearAllErrorLists as t, formatCommand as n, getStoredErrorLists as r, rawCommand as i, resolveCommands as a, runCommand as o } from "./command.util.js";
-export { e as E_CommandType, t as clearAllErrorLists, n as formatCommand, r as getStoredErrorLists, i as rawCommand, a as resolveCommands, o as runCommand };
+import { clearAllErrorLists as t, formatCommand as n, getStoredErrorLists as r, rawCommand as i, resetCommandCacheForTesting as a, resolveCommands as o, runCommand as s } from "./command.util.js";
+export { e as E_CommandType, t as clearAllErrorLists, n as formatCommand, r as getStoredErrorLists, i as rawCommand, a as resetCommandCacheForTesting, o as resolveCommands, s as runCommand };

package/dist/node/express/express.type.d.ts

@@ -9,6 +9,7 @@ export interface I_RateLimitOptions {
     limit?: number;
     store?: Store;
     skip?: (req: import('express').Request) => boolean | Promise<boolean>;
+    keyGenerator?: (req: import('express').Request, res: import('express').Response) => string | Promise<string>;
 }
 export interface I_ExpressOptions {
     isDev?: boolean;
@@ -20,6 +21,11 @@ export interface I_ExpressOptions {
     rateLimit?: false | I_RateLimitOptions;
     /** Route path to scope graphqlUploadExpress middleware (defaults to '/graphql'). */
     uploadPath?: string;
+    /**
+     * Secret string for cookie-parser. Required for signed cookie verification.
+     * Without a secret, `req.signedCookies` will always be empty.
+     */
+    cookieSecret?: string;
 }
 export interface I_NestOptions {
     module: Type<object>;
@@ -30,6 +36,11 @@ export interface I_NestOptions {
     jsonLimit?: string;
     trustProxy?: boolean | number | string | string[];
     rateLimit?: false | I_RateLimitOptions;
+    /**
+     * Secret string for cookie-parser. Required for signed cookie verification.
+     * Without a secret, `req.signedCookies` will always be empty.
+     */
+    cookieSecret?: string;
 }
 export type T_CorsType = 'node' | 'nest';
 interface I_BaseCorsOptions {

package/dist/node/express/express.util.d.ts

@@ -14,10 +14,10 @@ import { I_ExpressOptions, I_NestOptions, T_CorsOptions, T_CorsType } from './ex
  * @param options.whiteList - Array of allowed origins for CORS requests.
  * @returns CORS options object configured for the specified environment.
  */
-export declare function createCorsOptions<T extends T_CorsType>({ isDev, whiteList, ...rest }: T_CorsOptions<T>): {
+export declare function createCorsOptions<T extends T_CorsType>({ isDev, whiteList, ...rest }: T_CorsOptions<T>): Omit<T_CorsOptions<T>, "isDev" | "whiteList"> & {
     origin: (origin: string | undefined, callback: (err: Error | null, allow?: boolean) => void) => void;
     credentials: boolean;
-} & Omit<T_CorsOptions<T>, "isDev" | "whiteList">;
+};
 /**
  * Creates a CORS middleware function with the specified configuration.
  * This function creates a CORS middleware that can be used with both Express and NestJS applications,
@@ -37,10 +37,25 @@ export declare function createCors<T extends T_CorsType>(options: T_CorsOptions<
  * with the provided session options including secret, cookie settings, and storage configuration.
  *
  * @remarks
- * **CSRF Warning:** This middleware sets `SameSite=Lax` by default, which mitigates but does NOT
- * fully prevent CSRF attacks for non-GET state-changing requests via top-level navigations.
- * Applications should integrate a dedicated CSRF token middleware (e.g., `csrf-csrf` or
- * `csrf-sync`) in addition to this session middleware for complete protection.
+ * **CSRF Protection Required:** This middleware sets `SameSite=Lax` by default, which mitigates
+ * but does **NOT** fully prevent CSRF attacks. Specifically, `Lax` allows cookies on top-level
+ * GET navigations, which can be exploited for state-changing GET endpoints.
+ *
+ * **Consumer apps MUST add CSRF token validation** for all state-changing routes (POST, PUT,
+ * DELETE, PATCH). Recommended libraries:
+ * - `csrf-csrf` (double-submit cookie pattern — stateless, recommended)
+ * - `csrf-sync` (synchronizer token pattern — requires session store)
+ *
+ * Example:
+ * ```typescript
+ * import { doubleCsrf } from 'csrf-csrf';
+ * const { doubleCsrfProtection } = doubleCsrf({ getSecret: () => req.session.csrfSecret });
+ * app.use(doubleCsrfProtection);
+ * ```
+ *
+ * **Session Store Warning:** The default `MemoryStore` is not designed for production use:
+ * it leaks memory under load and loses all sessions on restart. Configure a persistent
+ * store (e.g., `connect-redis`, `connect-mongo`) for production deployments.
  *
  * @param options - Session configuration options including secret, cookie settings, and storage.
  * @returns A session middleware function ready to be used in Express applications.
@@ -74,3 +89,16 @@ export declare function createExpress(options?: I_ExpressOptions): Application;
  */
 export declare function createNest(options: I_NestOptions): Promise<INestApplication>;
 export { bodyParser, express };
+/**
+ * Creates a Content Security Policy (CSP) configuration for Helmet.
+ * Provides sensible defaults with presets for common application patterns.
+ *
+ * @param options - Custom CSP directives to override or extend defaults.
+ * @param preset - Pre-configured patterns ('default' or 'graphql').
+ * @returns CSP configuration object for Helmet options.
+ */
+export declare function createCSP(options?: Record<string, string[] | string | boolean>, preset?: 'default' | 'graphql'): {
+    directives: {
+        [x: string]: string | boolean | string[];
+    };
+};

package/dist/node/express/express.util.js

@@ -1,89 +1,114 @@
-import e from "node:process";
-import t from "express";
-import { NestFactory as n } from "@nestjs/core";
-import r from "body-parser";
-import i from "compression";
-import a from "cookie-parser";
-import o from "cors";
-import s from "express-rate-limit";
-import c from "express-session";
-import { express as l } from "express-useragent";
-import u from "graphql-upload/graphqlUploadExpress.mjs";
-import d from "helmet";
+import { E_Environment as e } from "../../typescript/common.type.js";
+import { log as t } from "../log/log.util.js";
+import n from "node:process";
+import r from "express";
+import { NestFactory as i } from "@nestjs/core";
+import a from "body-parser";
+import o from "compression";
+import s from "cookie-parser";
+import c from "cors";
+import l from "express-rate-limit";
+import u from "express-session";
+import { express as d } from "express-useragent";
+import f from "graphql-upload/graphqlUploadExpress.mjs";
+import p from "helmet";
 //#region src/node/express/express.util.ts
-function f({ isDev: t, whiteList: n, ...r }) {
-	return t && e.env.NODE_ENV === "production" && console.warn("[CORS] WARNING: isDev is true but NODE_ENV is \"production\". CORS restrictions are relaxed. This is likely a misconfiguration."), {
-		origin: (e, r) => {
-			if (t && !e) {
-				r(null, !0);
+function m({ isDev: r, whiteList: i, ...a }) {
+	return r && n.env.NODE_ENV === e.PRODUCTION && t.warn("[CORS] WARNING: isDev is true but NODE_ENV is \"production\". CORS restrictions are relaxed. This is likely a misconfiguration."), {
+		...a,
+		origin: (e, t) => {
+			if (r && !e) {
+				t(null, !0);
 				return;
 			}
-			e && n?.includes(e) ? r(null, !0) : r(/* @__PURE__ */ Error("Not allowed by CORS"), !1);
+			e && i?.includes(e) ? t(null, !0) : t(/* @__PURE__ */ Error("Not allowed by CORS"), !1);
 		},
-		credentials: !0,
-		...r
+		credentials: !0
 	};
 }
-function p(e) {
-	return o(f(e));
+function h(e) {
+	return c(m(e));
 }
-function m(t) {
-	if (!t.secret) throw Error("Session secret is required. Provide a strong secret string.");
-	!t.store && e.env.NODE_ENV === "production" && console.warn("[Session] WARNING: No session store configured in production. The default MemoryStore leaks memory and loses sessions on restart. Use connect-redis, connect-mongo, or another production store.");
-	let n = {
+function g(r) {
+	if (!r.secret) throw Error("Session secret is required. Provide a strong secret string.");
+	!r.store && n.env.NODE_ENV === e.PRODUCTION && t.warn("[Session] WARNING: No session store configured in production. The default MemoryStore leaks memory and loses sessions on restart. Use connect-redis, connect-mongo, or another production store.");
+	let i = {
 		resave: !1,
 		saveUninitialized: !1,
 		cookie: {
 			httpOnly: !0,
 			sameSite: "lax",
-			secure: e.env.NODE_ENV === "production",
+			secure: n.env.NODE_ENV === e.PRODUCTION,
 			maxAge: 1440 * 60 * 1e3
 		}
 	};
-	return c({
-		...n,
-		...t,
+	return u({
+		...i,
+		...r,
 		cookie: {
-			...n.cookie,
-			...t.cookie
+			...i.cookie,
+			...r.cookie
 		}
 	});
 }
-function h(e, n = !1, r = "1mb", o = 1, c = {}) {
-	o && e.set("trust proxy", o), e.use(d({
-		crossOriginEmbedderPolicy: n ? !1 : void 0,
-		contentSecurityPolicy: n ? !1 : void 0
-	})), c !== !1 && e.use(s({
-		windowMs: c.windowMs ?? 900 * 1e3,
-		limit: c.limit ?? 1e3,
+function _(e, t = !1, n = "1mb", i = 1, a = {}, c) {
+	i && e.set("trust proxy", i), e.use(p({
+		crossOriginEmbedderPolicy: t ? !1 : void 0,
+		contentSecurityPolicy: t ? !1 : void 0
+	})), a !== !1 && e.use(l({
+		windowMs: a.windowMs ?? 900 * 1e3,
+		limit: a.limit ?? 1e3,
 		standardHeaders: !0,
 		legacyHeaders: !1,
-		...c.store !== void 0 && { store: c.store },
-		...c.skip !== void 0 && { skip: c.skip }
-	})), e.use(a()), e.use(t.json({ limit: r })), e.use(t.urlencoded({
+		...a.store !== void 0 && { store: a.store },
+		...a.skip !== void 0 && { skip: a.skip },
+		...a.keyGenerator !== void 0 && { keyGenerator: a.keyGenerator }
+	})), e.use(s(c)), e.use(r.json({ limit: n })), e.use(r.urlencoded({
 		extended: !0,
-		limit: r
-	})), e.use(i()), e.use(l());
+		limit: n
+	})), e.use(o()), e.use(d());
 }
-function g(e, n) {
-	n && (Array.isArray(n) ? n : [n]).forEach((n) => {
-		e.use(`/${n}`, t.static(n));
+function v(e, t) {
+	t && (Array.isArray(t) ? t : [t]).forEach((t) => {
+		e.use(`/${t}`, r.static(t));
 	});
 }
-function _(e) {
-	let n = t();
-	h(n, e?.isDev, e?.jsonLimit, e?.trustProxy, e?.rateLimit), g(n, e?.static);
-	let r = u({
+function y(e) {
+	let t = r();
+	_(t, e?.isDev, e?.jsonLimit, e?.trustProxy, e?.rateLimit, e?.cookieSecret), v(t, e?.static);
+	let n = f({
 		maxFileSize: e?.maxFileSize ?? 1e7,
 		maxFiles: e?.maxFiles ?? 10
 	});
-	return n.use(e?.uploadPath ?? "/graphql", r), n;
+	return t.use(e?.uploadPath ?? "/graphql", n), t;
+}
+async function b(e) {
+	let t = await i.create(e.module);
+	return _(t.getHttpAdapter().getInstance(), e.isDev, e.jsonLimit, e.trustProxy, e.rateLimit, e.cookieSecret), v(t.getHttpAdapter().getInstance(), e.static), e.filters && t.useGlobalFilters(...e.filters), e.pipes && t.useGlobalPipes(...e.pipes), t;
 }
-async function v(e) {
-	let t = await n.create(e.module);
-	return h(t.getHttpAdapter().getInstance(), e.isDev, e.jsonLimit, e.trustProxy, e.rateLimit), g(t.getHttpAdapter().getInstance(), e.static), e.filters && t.useGlobalFilters(...e.filters), e.pipes && t.useGlobalPipes(...e.pipes), t;
+function x(e, t = "default") {
+	let n = {
+		defaultSrc: ["'self'"],
+		scriptSrc: ["'self'"],
+		styleSrc: ["'self'", "'unsafe-inline'"],
+		imgSrc: [
+			"'self'",
+			"data:",
+			"https:"
+		],
+		fontSrc: [
+			"'self'",
+			"https:",
+			"data:"
+		],
+		connectSrc: ["'self'"]
+	};
+	return t === "graphql" && (n.scriptSrc?.push("'unsafe-inline'", "'unsafe-eval'", "https://cdn.jsdelivr.net"), n.styleSrc?.push("https://cdn.jsdelivr.net"), n.imgSrc?.push("https://cdn.jsdelivr.net")), { directives: {
+		...n,
+		...e
+	} };
 }
 //#endregion
-export { r as bodyParser, p as createCors, f as createCorsOptions, _ as createExpress, v as createNest, m as createSession, t as express };
+export { a as bodyParser, x as createCSP, h as createCors, m as createCorsOptions, y as createExpress, b as createNest, g as createSession, r as express };
 
 //# sourceMappingURL=express.util.js.map

package/dist/node/express/express.util.js.map

@@ -1 +1 @@
-{"version":3,"file":"express.util.js","names":[],"sources":["../../../src/node/express/express.util.ts"],"sourcesContent":["import type { INestApplication } from '@nestjs/common';\nimport type { Application, RequestHandler } from 'express';\nimport type { SessionOptions } from 'express-session';\n\nimport { NestFactory } from '@nestjs/core';\nimport bodyParser from 'body-parser';\nimport compression from 'compression';\nimport cookieParser from 'cookie-parser';\nimport cors from 'cors';\nimport express from 'express';\nimport rateLimit from 'express-rate-limit';\nimport session from 'express-session';\nimport { express as useragent } from 'express-useragent';\nimport graphqlUploadExpress from 'graphql-upload/graphqlUploadExpress.mjs';\nimport helmet from 'helmet';\nimport process from 'node:process';\n\nimport type { I_ExpressOptions, I_NestOptions, T_CorsOptions, T_CorsType } from './express.type.js';\n\n/**\n * Creates CORS options with environment-specific configuration.\n * This function generates CORS options based on the development environment,\n * including whitelist configuration for allowed origins.\n *\n * @param options - CORS configuration options.\n * @param options.isDev - Whether the application is running in development mode.\n * @param options.whiteList - Array of allowed origins for CORS requests.\n * @returns CORS options object configured for the specified environment.\n */\nexport function createCorsOptions<T extends T_CorsType>({ isDev, whiteList, ...rest }: T_CorsOptions<T>) {\n    // Safety net: warn loudly if isDev is mistakenly true in production\n    if (isDev && process.env['NODE_ENV'] === 'production') {\n        console.warn('[CORS] WARNING: isDev is true but NODE_ENV is \"production\". CORS restrictions are relaxed. This is likely a misconfiguration.');\n    }\n\n    return {\n        origin: (origin: string | undefined, callback: (err: Error | null, allow?: boolean) => void) => {\n            // Allow requests without Origin header only in development mode.\n            // In production, undefined origin (e.g., curl, server-to-server) is rejected.\n            if (isDev && !origin) {\n                callback(null, true);\n                return;\n            }\n\n            if (origin && whiteList?.includes(origin)) {\n                callback(null, true);\n            }\n            else {\n                callback(new Error('Not allowed by CORS'), false);\n            }\n        },\n        credentials: true,\n        ...rest,\n    };\n}\n\n/**\n * Creates a CORS middleware function with the specified configuration.\n * This function creates a CORS middleware that can be used with both Express and NestJS applications,\n * applying the configured CORS options for origin validation and credential handling.\n *\n * @param options - CORS configuration options to apply to the middleware.\n * @returns A CORS middleware function ready to be used in Express or NestJS applications.\n */\nexport function createCors<T extends T_CorsType>(options: T_CorsOptions<T>) {\n    return cors<cors.CorsRequest>(createCorsOptions(options));\n}\n\n/**\n * Creates a session middleware function with the specified configuration.\n * This function creates an Express session middleware that can be used to handle user sessions\n * with the provided session options including secret, cookie settings, and storage configuration.\n *\n * @remarks\n * **CSRF Warning:** This middleware sets `SameSite=Lax` by default, which mitigates but does NOT\n * fully prevent CSRF attacks for non-GET state-changing requests via top-level navigations.\n * Applications should integrate a dedicated CSRF token middleware (e.g., `csrf-csrf` or\n * `csrf-sync`) in addition to this session middleware for complete protection.\n *\n * @param options - Session configuration options including secret, cookie settings, and storage.\n * @returns A session middleware function ready to be used in Express applications.\n */\nexport function createSession(options: SessionOptions): RequestHandler {\n    if (!options.secret) {\n        throw new Error('Session secret is required. Provide a strong secret string.');\n    }\n\n    if (!options.store && process.env['NODE_ENV'] === 'production') {\n        console.warn('[Session] WARNING: No session store configured in production. The default MemoryStore leaks memory and loses sessions on restart. Use connect-redis, connect-mongo, or another production store.');\n    }\n\n    const secureDefaults: Partial<SessionOptions> = {\n        resave: false,\n        saveUninitialized: false,\n        cookie: {\n            httpOnly: true,\n            sameSite: 'lax',\n            secure: process.env['NODE_ENV'] === 'production',\n            maxAge: 24 * 60 * 60 * 1000, // 24 hours\n        },\n    };\n\n    return session({\n        ...secureDefaults,\n        ...options,\n        cookie: { ...secureDefaults.cookie, ...options.cookie },\n    });\n}\n\n/**\n * Sets up common middleware for Express applications.\n * This function configures essential middleware including:\n * - Trust proxy settings for proper IP handling\n * - Cookie parsing for request cookies\n * - URL-encoded body parsing for form data\n * - Compression for response optimization\n * - User agent parsing for device/browser detection\n *\n * @param app - The Express application instance to configure with middleware.\n * @param isDev - Whether the application is running in development mode.\n * @param jsonLimit - Maximum request body size for JSON payloads.\n * @param trustProxy - Trust proxy setting; pass a truthy value to enable.\n * @param rateLimitOptions - Rate limit configuration, or `false` to disable.\n */\nfunction setupMiddleware(\n    app: Application,\n    isDev = false,\n    jsonLimit = '1mb',\n    trustProxy: boolean | number | string | string[] = 1,\n    rateLimitOptions: false | import('./express.type.js').I_RateLimitOptions = {},\n) {\n    if (trustProxy) {\n        app.set('trust proxy', trustProxy);\n    }\n\n    app.use(\n        helmet({\n            crossOriginEmbedderPolicy: isDev ? false : undefined,\n            contentSecurityPolicy: isDev ? false : undefined,\n        }),\n    );\n\n    if (rateLimitOptions !== false) {\n        app.use(\n            rateLimit({\n                windowMs: rateLimitOptions.windowMs ?? 15 * 60 * 1000,\n                limit: rateLimitOptions.limit ?? 1000,\n                standardHeaders: true,\n                legacyHeaders: false,\n                ...(rateLimitOptions.store !== undefined && { store: rateLimitOptions.store }),\n                ...(rateLimitOptions.skip !== undefined && { skip: rateLimitOptions.skip }),\n            }),\n        );\n    }\n    app.use(cookieParser());\n    app.use(express.json({ limit: jsonLimit }));\n    app.use(express.urlencoded({ extended: true, limit: jsonLimit }));\n    app.use(compression());\n    app.use(useragent());\n}\n\n/**\n * Sets up static file serving for Express applications.\n * This function configures static file serving for the specified folders,\n * making files in those directories accessible via HTTP requests.\n *\n * @param app - The Express application instance to configure with static file serving.\n * @param staticFolders - A string or array of strings representing the paths to serve statically.\n */\nfunction setupStaticFolders(app: Application, staticFolders?: string | string[]) {\n    if (staticFolders) {\n        const statics = Array.isArray(staticFolders) ? staticFolders : [staticFolders];\n        statics.forEach((folder) => {\n            app.use(`/${folder}`, express.static(folder));\n        });\n    }\n}\n\n/**\n * Creates and configures an Express application with common middleware and settings.\n * This function sets up a complete Express application with:\n * - Essential middleware (cookies, body parsing, compression, user agent)\n * - Static file serving for specified folders\n * - GraphQL upload support for file uploads\n *\n * @remarks\n * **Requires Express 5.x** — This module uses Express 5 APIs and is not compatible with Express 4.\n * The peer dependency requires `express >= 5.0.0`.\n *\n * @param options - Optional configuration for the Express application including static folder paths.\n * @returns A configured Express application instance ready for use.\n */\nexport function createExpress(options?: I_ExpressOptions): Application {\n    const app = express();\n\n    setupMiddleware(app, options?.isDev, options?.jsonLimit, options?.trustProxy, options?.rateLimit);\n    setupStaticFolders(app, options?.static);\n    const uploadMiddleware = graphqlUploadExpress({\n        maxFileSize: options?.maxFileSize ?? 10_000_000,\n        maxFiles: options?.maxFiles ?? 10,\n    });\n    app.use(options?.uploadPath ?? '/graphql', uploadMiddleware);\n\n    return app;\n}\n\n/**\n * Creates and configures a NestJS application with Express integration.\n * This function sets up a NestJS application with:\n * - Express HTTP adapter configuration\n * - Common middleware (cookies, body parsing, compression, user agent)\n * - Static file serving for specified folders\n * - Global filters and pipes if provided\n *\n * @param options - Configuration options for the NestJS application including module, static folders, filters, and pipes.\n * @returns A promise that resolves to a configured NestJS application instance.\n */\nexport async function createNest(options: I_NestOptions): Promise<INestApplication> {\n    const app = await NestFactory.create(options.module);\n\n    setupMiddleware(app.getHttpAdapter().getInstance(), options.isDev, options.jsonLimit, options.trustProxy, options.rateLimit);\n    setupStaticFolders(app.getHttpAdapter().getInstance(), options.static);\n\n    if (options.filters) {\n        app.useGlobalFilters(...options.filters);\n    }\n\n    if (options.pipes) {\n        app.useGlobalPipes(...options.pipes);\n    }\n\n    return app;\n}\n\nexport { bodyParser, express };\n"],"mappings":";;;;;;;;;;;;;AA6BA,SAAgB,EAAwC,EAAE,UAAO,cAAW,GAAG,KAA0B;AAMrG,QAJI,KAAS,EAAQ,IAAI,aAAgB,gBACrC,QAAQ,KAAK,kIAAgI,EAG1I;EACH,SAAS,GAA4B,MAA2D;AAG5F,OAAI,KAAS,CAAC,GAAQ;AAClB,MAAS,MAAM,GAAK;AACpB;;AAGJ,GAAI,KAAU,GAAW,SAAS,EAAO,GACrC,EAAS,MAAM,GAAK,GAGpB,EAAS,gBAAI,MAAM,sBAAsB,EAAE,GAAM;;EAGzD,aAAa;EACb,GAAG;EACN;;AAWL,SAAgB,EAAiC,GAA2B;AACxE,QAAO,EAAuB,EAAkB,EAAQ,CAAC;;AAiB7D,SAAgB,EAAc,GAAyC;AACnE,KAAI,CAAC,EAAQ,OACT,OAAU,MAAM,8DAA8D;AAGlF,CAAI,CAAC,EAAQ,SAAS,EAAQ,IAAI,aAAgB,gBAC9C,QAAQ,KAAK,mMAAmM;CAGpN,IAAM,IAA0C;EAC5C,QAAQ;EACR,mBAAmB;EACnB,QAAQ;GACJ,UAAU;GACV,UAAU;GACV,QAAQ,EAAQ,IAAI,aAAgB;GACpC,QAAQ,OAAU,KAAK;GAC1B;EACJ;AAED,QAAO,EAAQ;EACX,GAAG;EACH,GAAG;EACH,QAAQ;GAAE,GAAG,EAAe;GAAQ,GAAG,EAAQ;GAAQ;EAC1D,CAAC;;AAkBN,SAAS,EACL,GACA,IAAQ,IACR,IAAY,OACZ,IAAmD,GACnD,IAA2E,EAAE,EAC/E;AA4BE,CA3BI,KACA,EAAI,IAAI,eAAe,EAAW,EAGtC,EAAI,IACA,EAAO;EACH,2BAA2B,IAAQ,KAAQ,KAAA;EAC3C,uBAAuB,IAAQ,KAAQ,KAAA;EAC1C,CAAC,CACL,EAEG,MAAqB,MACrB,EAAI,IACA,EAAU;EACN,UAAU,EAAiB,YAAY,MAAU;EACjD,OAAO,EAAiB,SAAS;EACjC,iBAAiB;EACjB,eAAe;EACf,GAAI,EAAiB,UAAU,KAAA,KAAa,EAAE,OAAO,EAAiB,OAAO;EAC7E,GAAI,EAAiB,SAAS,KAAA,KAAa,EAAE,MAAM,EAAiB,MAAM;EAC7E,CAAC,CACL,EAEL,EAAI,IAAI,GAAc,CAAC,EACvB,EAAI,IAAI,EAAQ,KAAK,EAAE,OAAO,GAAW,CAAC,CAAC,EAC3C,EAAI,IAAI,EAAQ,WAAW;EAAE,UAAU;EAAM,OAAO;EAAW,CAAC,CAAC,EACjE,EAAI,IAAI,GAAa,CAAC,EACtB,EAAI,IAAI,GAAW,CAAC;;AAWxB,SAAS,EAAmB,GAAkB,GAAmC;AAC7E,CAAI,MACgB,MAAM,QAAQ,EAAc,GAAG,IAAgB,CAAC,EAAc,EACtE,SAAS,MAAW;AACxB,IAAI,IAAI,IAAI,KAAU,EAAQ,OAAO,EAAO,CAAC;GAC/C;;AAkBV,SAAgB,EAAc,GAAyC;CACnE,IAAM,IAAM,GAAS;AAGrB,CADA,EAAgB,GAAK,GAAS,OAAO,GAAS,WAAW,GAAS,YAAY,GAAS,UAAU,EACjG,EAAmB,GAAK,GAAS,OAAO;CACxC,IAAM,IAAmB,EAAqB;EAC1C,aAAa,GAAS,eAAe;EACrC,UAAU,GAAS,YAAY;EAClC,CAAC;AAGF,QAFA,EAAI,IAAI,GAAS,cAAc,YAAY,EAAiB,EAErD;;AAcX,eAAsB,EAAW,GAAmD;CAChF,IAAM,IAAM,MAAM,EAAY,OAAO,EAAQ,OAAO;AAapD,QAXA,EAAgB,EAAI,gBAAgB,CAAC,aAAa,EAAE,EAAQ,OAAO,EAAQ,WAAW,EAAQ,YAAY,EAAQ,UAAU,EAC5H,EAAmB,EAAI,gBAAgB,CAAC,aAAa,EAAE,EAAQ,OAAO,EAElE,EAAQ,WACR,EAAI,iBAAiB,GAAG,EAAQ,QAAQ,EAGxC,EAAQ,SACR,EAAI,eAAe,GAAG,EAAQ,MAAM,EAGjC"}
+{"version":3,"file":"express.util.js","names":[],"sources":["../../../src/node/express/express.util.ts"],"sourcesContent":["import type { INestApplication } from '@nestjs/common';\nimport type { Application, RequestHandler } from 'express';\nimport type { SessionOptions } from 'express-session';\n\nimport { NestFactory } from '@nestjs/core';\nimport bodyParser from 'body-parser';\nimport compression from 'compression';\nimport cookieParser from 'cookie-parser';\nimport cors from 'cors';\nimport express from 'express';\nimport rateLimit from 'express-rate-limit';\nimport session from 'express-session';\nimport { express as useragent } from 'express-useragent';\nimport graphqlUploadExpress from 'graphql-upload/graphqlUploadExpress.mjs';\nimport helmet from 'helmet';\nimport process from 'node:process';\n\nimport { E_Environment } from '#typescript/index.js';\n\nimport type { I_ExpressOptions, I_NestOptions, T_CorsOptions, T_CorsType } from './express.type.js';\n\nimport { log } from '../log/index.js';\n\n/**\n * Creates CORS options with environment-specific configuration.\n * This function generates CORS options based on the development environment,\n * including whitelist configuration for allowed origins.\n *\n * @param options - CORS configuration options.\n * @param options.isDev - Whether the application is running in development mode.\n * @param options.whiteList - Array of allowed origins for CORS requests.\n * @returns CORS options object configured for the specified environment.\n */\nexport function createCorsOptions<T extends T_CorsType>({ isDev, whiteList, ...rest }: T_CorsOptions<T>) {\n    // Safety net: warn loudly if isDev is mistakenly true in production\n    if (isDev && process.env['NODE_ENV'] === E_Environment.PRODUCTION) {\n        log.warn('[CORS] WARNING: isDev is true but NODE_ENV is \"production\". CORS restrictions are relaxed. This is likely a misconfiguration.');\n    }\n\n    return {\n        ...rest,\n        origin: (origin: string | undefined, callback: (err: Error | null, allow?: boolean) => void) => {\n            // Allow requests without Origin header only in development mode.\n            // In production, undefined origin (e.g., curl, server-to-server) is rejected.\n            if (isDev && !origin) {\n                callback(null, true);\n                return;\n            }\n\n            if (origin && whiteList?.includes(origin)) {\n                callback(null, true);\n            }\n            else {\n                callback(new Error('Not allowed by CORS'), false);\n            }\n        },\n        credentials: true,\n    };\n}\n\n/**\n * Creates a CORS middleware function with the specified configuration.\n * This function creates a CORS middleware that can be used with both Express and NestJS applications,\n * applying the configured CORS options for origin validation and credential handling.\n *\n * @param options - CORS configuration options to apply to the middleware.\n * @returns A CORS middleware function ready to be used in Express or NestJS applications.\n */\nexport function createCors<T extends T_CorsType>(options: T_CorsOptions<T>) {\n    return cors<cors.CorsRequest>(createCorsOptions(options));\n}\n\n/**\n * Creates a session middleware function with the specified configuration.\n * This function creates an Express session middleware that can be used to handle user sessions\n * with the provided session options including secret, cookie settings, and storage configuration.\n *\n * @remarks\n * **CSRF Protection Required:** This middleware sets `SameSite=Lax` by default, which mitigates\n * but does **NOT** fully prevent CSRF attacks. Specifically, `Lax` allows cookies on top-level\n * GET navigations, which can be exploited for state-changing GET endpoints.\n *\n * **Consumer apps MUST add CSRF token validation** for all state-changing routes (POST, PUT,\n * DELETE, PATCH). Recommended libraries:\n * - `csrf-csrf` (double-submit cookie pattern — stateless, recommended)\n * - `csrf-sync` (synchronizer token pattern — requires session store)\n *\n * Example:\n * ```typescript\n * import { doubleCsrf } from 'csrf-csrf';\n * const { doubleCsrfProtection } = doubleCsrf({ getSecret: () => req.session.csrfSecret });\n * app.use(doubleCsrfProtection);\n * ```\n *\n * **Session Store Warning:** The default `MemoryStore` is not designed for production use:\n * it leaks memory under load and loses all sessions on restart. Configure a persistent\n * store (e.g., `connect-redis`, `connect-mongo`) for production deployments.\n *\n * @param options - Session configuration options including secret, cookie settings, and storage.\n * @returns A session middleware function ready to be used in Express applications.\n */\nexport function createSession(options: SessionOptions): RequestHandler {\n    if (!options.secret) {\n        throw new Error('Session secret is required. Provide a strong secret string.');\n    }\n\n    if (!options.store && process.env['NODE_ENV'] === E_Environment.PRODUCTION) {\n        log.warn('[Session] WARNING: No session store configured in production. The default MemoryStore leaks memory and loses sessions on restart. Use connect-redis, connect-mongo, or another production store.');\n    }\n\n    const secureDefaults: Partial<SessionOptions> = {\n        resave: false,\n        saveUninitialized: false,\n        cookie: {\n            httpOnly: true,\n            sameSite: 'lax',\n            secure: process.env['NODE_ENV'] === E_Environment.PRODUCTION,\n            maxAge: 24 * 60 * 60 * 1000, // 24 hours\n        },\n    };\n\n    return session({\n        ...secureDefaults,\n        ...options,\n        cookie: { ...secureDefaults.cookie, ...options.cookie },\n    });\n}\n\n/**\n * Sets up common middleware for Express applications.\n * This function configures essential middleware including:\n * - Trust proxy settings for proper IP handling\n * - Cookie parsing for request cookies\n * - URL-encoded body parsing for form data\n * - Compression for response optimization\n * - User agent parsing for device/browser detection\n * - Rate limiting (configurable, default 1000 req/15min)\n *\n * @remarks\n * **Rate limit store:** The default `MemoryStore` is only suitable for single-process\n * deployments. For multi-process or clustered environments, configure a shared store\n * (e.g., `rate-limit-redis`, `rate-limit-mongo`) via `rateLimitOptions.store`.\n *\n * @param app - The Express application instance to configure with middleware.\n * @param isDev - Whether the application is running in development mode.\n * @param jsonLimit - Maximum request body size for JSON payloads.\n * @param trustProxy - Trust proxy setting; pass a truthy value to enable.\n * @param rateLimitOptions - Rate limit configuration, or `false` to disable.\n */\nfunction setupMiddleware(\n    app: Application,\n    isDev = false,\n    jsonLimit = '1mb',\n    trustProxy: boolean | number | string | string[] = 1,\n    rateLimitOptions: false | import('./express.type.js').I_RateLimitOptions = {},\n    cookieSecret?: string,\n) {\n    if (trustProxy) {\n        app.set('trust proxy', trustProxy);\n    }\n\n    app.use(\n        helmet({\n            crossOriginEmbedderPolicy: isDev ? false : undefined,\n            contentSecurityPolicy: isDev ? false : undefined,\n        }),\n    );\n\n    if (rateLimitOptions !== false) {\n        app.use(\n            rateLimit({\n                windowMs: rateLimitOptions.windowMs ?? 15 * 60 * 1000,\n                limit: rateLimitOptions.limit ?? 1000,\n                standardHeaders: true,\n                legacyHeaders: false,\n                ...(rateLimitOptions.store !== undefined && { store: rateLimitOptions.store }),\n                ...(rateLimitOptions.skip !== undefined && { skip: rateLimitOptions.skip }),\n                ...(rateLimitOptions.keyGenerator !== undefined && { keyGenerator: rateLimitOptions.keyGenerator }),\n            }),\n        );\n    }\n    app.use(cookieParser(cookieSecret));\n    app.use(express.json({ limit: jsonLimit }));\n    app.use(express.urlencoded({ extended: true, limit: jsonLimit }));\n    app.use(compression());\n    app.use(useragent());\n}\n\n/**\n * Sets up static file serving for Express applications.\n * This function configures static file serving for the specified folders,\n * making files in those directories accessible via HTTP requests.\n *\n * @param app - The Express application instance to configure with static file serving.\n * @param staticFolders - A string or array of strings representing the paths to serve statically.\n */\nfunction setupStaticFolders(app: Application, staticFolders?: string | string[]) {\n    if (staticFolders) {\n        const statics = Array.isArray(staticFolders) ? staticFolders : [staticFolders];\n        statics.forEach((folder) => {\n            app.use(`/${folder}`, express.static(folder));\n        });\n    }\n}\n\n/**\n * Creates and configures an Express application with common middleware and settings.\n * This function sets up a complete Express application with:\n * - Essential middleware (cookies, body parsing, compression, user agent)\n * - Static file serving for specified folders\n * - GraphQL upload support for file uploads\n *\n * @remarks\n * **Requires Express 5.x** — This module uses Express 5 APIs and is not compatible with Express 4.\n * The peer dependency requires `express >= 5.0.0`.\n *\n * @param options - Optional configuration for the Express application including static folder paths.\n * @returns A configured Express application instance ready for use.\n */\nexport function createExpress(options?: I_ExpressOptions): Application {\n    const app = express();\n\n    setupMiddleware(app, options?.isDev, options?.jsonLimit, options?.trustProxy, options?.rateLimit, options?.cookieSecret);\n    setupStaticFolders(app, options?.static);\n    const uploadMiddleware = graphqlUploadExpress({\n        maxFileSize: options?.maxFileSize ?? 10_000_000,\n        maxFiles: options?.maxFiles ?? 10,\n    });\n    app.use(options?.uploadPath ?? '/graphql', uploadMiddleware);\n\n    return app;\n}\n\n/**\n * Creates and configures a NestJS application with Express integration.\n * This function sets up a NestJS application with:\n * - Express HTTP adapter configuration\n * - Common middleware (cookies, body parsing, compression, user agent)\n * - Static file serving for specified folders\n * - Global filters and pipes if provided\n *\n * @param options - Configuration options for the NestJS application including module, static folders, filters, and pipes.\n * @returns A promise that resolves to a configured NestJS application instance.\n */\nexport async function createNest(options: I_NestOptions): Promise<INestApplication> {\n    const app = await NestFactory.create(options.module);\n\n    setupMiddleware(app.getHttpAdapter().getInstance(), options.isDev, options.jsonLimit, options.trustProxy, options.rateLimit, options.cookieSecret);\n    setupStaticFolders(app.getHttpAdapter().getInstance(), options.static);\n\n    if (options.filters) {\n        app.useGlobalFilters(...options.filters);\n    }\n\n    if (options.pipes) {\n        app.useGlobalPipes(...options.pipes);\n    }\n\n    return app;\n}\n\nexport { bodyParser, express };\n\n/**\n * Creates a Content Security Policy (CSP) configuration for Helmet.\n * Provides sensible defaults with presets for common application patterns.\n *\n * @param options - Custom CSP directives to override or extend defaults.\n * @param preset - Pre-configured patterns ('default' or 'graphql').\n * @returns CSP configuration object for Helmet options.\n */\nexport function createCSP(\n    options?: Record<string, string[] | string | boolean>,\n    preset: 'default' | 'graphql' = 'default',\n) {\n    const defaultDirectives: Record<string, string[]> = {\n        defaultSrc: ['\\'self\\''],\n        scriptSrc: ['\\'self\\''],\n        styleSrc: ['\\'self\\'', '\\'unsafe-inline\\''],\n        imgSrc: ['\\'self\\'', 'data:', 'https:'],\n        fontSrc: ['\\'self\\'', 'https:', 'data:'],\n        connectSrc: ['\\'self\\''],\n    };\n\n    if (preset === 'graphql') {\n        defaultDirectives['scriptSrc']?.push('\\'unsafe-inline\\'', '\\'unsafe-eval\\'', 'https://cdn.jsdelivr.net');\n        defaultDirectives['styleSrc']?.push('https://cdn.jsdelivr.net');\n        defaultDirectives['imgSrc']?.push('https://cdn.jsdelivr.net');\n    }\n\n    return {\n        directives: {\n            ...defaultDirectives,\n            ...options,\n        },\n    };\n}\n"],"mappings":";;;;;;;;;;;;;;;AAiCA,SAAgB,EAAwC,EAAE,UAAO,cAAW,GAAG,KAA0B;AAMrG,QAJI,KAAS,EAAQ,IAAI,aAAgB,EAAc,cACnD,EAAI,KAAK,kIAAgI,EAGtI;EACH,GAAG;EACH,SAAS,GAA4B,MAA2D;AAG5F,OAAI,KAAS,CAAC,GAAQ;AAClB,MAAS,MAAM,GAAK;AACpB;;AAGJ,GAAI,KAAU,GAAW,SAAS,EAAO,GACrC,EAAS,MAAM,GAAK,GAGpB,EAAS,gBAAI,MAAM,sBAAsB,EAAE,GAAM;;EAGzD,aAAa;EAChB;;AAWL,SAAgB,EAAiC,GAA2B;AACxE,QAAO,EAAuB,EAAkB,EAAQ,CAAC;;AAgC7D,SAAgB,EAAc,GAAyC;AACnE,KAAI,CAAC,EAAQ,OACT,OAAU,MAAM,8DAA8D;AAGlF,CAAI,CAAC,EAAQ,SAAS,EAAQ,IAAI,aAAgB,EAAc,cAC5D,EAAI,KAAK,mMAAmM;CAGhN,IAAM,IAA0C;EAC5C,QAAQ;EACR,mBAAmB;EACnB,QAAQ;GACJ,UAAU;GACV,UAAU;GACV,QAAQ,EAAQ,IAAI,aAAgB,EAAc;GAClD,QAAQ,OAAU,KAAK;GAC1B;EACJ;AAED,QAAO,EAAQ;EACX,GAAG;EACH,GAAG;EACH,QAAQ;GAAE,GAAG,EAAe;GAAQ,GAAG,EAAQ;GAAQ;EAC1D,CAAC;;AAwBN,SAAS,EACL,GACA,IAAQ,IACR,IAAY,OACZ,IAAmD,GACnD,IAA2E,EAAE,EAC7E,GACF;AA6BE,CA5BI,KACA,EAAI,IAAI,eAAe,EAAW,EAGtC,EAAI,IACA,EAAO;EACH,2BAA2B,IAAQ,KAAQ,KAAA;EAC3C,uBAAuB,IAAQ,KAAQ,KAAA;EAC1C,CAAC,CACL,EAEG,MAAqB,MACrB,EAAI,IACA,EAAU;EACN,UAAU,EAAiB,YAAY,MAAU;EACjD,OAAO,EAAiB,SAAS;EACjC,iBAAiB;EACjB,eAAe;EACf,GAAI,EAAiB,UAAU,KAAA,KAAa,EAAE,OAAO,EAAiB,OAAO;EAC7E,GAAI,EAAiB,SAAS,KAAA,KAAa,EAAE,MAAM,EAAiB,MAAM;EAC1E,GAAI,EAAiB,iBAAiB,KAAA,KAAa,EAAE,cAAc,EAAiB,cAAc;EACrG,CAAC,CACL,EAEL,EAAI,IAAI,EAAa,EAAa,CAAC,EACnC,EAAI,IAAI,EAAQ,KAAK,EAAE,OAAO,GAAW,CAAC,CAAC,EAC3C,EAAI,IAAI,EAAQ,WAAW;EAAE,UAAU;EAAM,OAAO;EAAW,CAAC,CAAC,EACjE,EAAI,IAAI,GAAa,CAAC,EACtB,EAAI,IAAI,GAAW,CAAC;;AAWxB,SAAS,EAAmB,GAAkB,GAAmC;AAC7E,CAAI,MACgB,MAAM,QAAQ,EAAc,GAAG,IAAgB,CAAC,EAAc,EACtE,SAAS,MAAW;AACxB,IAAI,IAAI,IAAI,KAAU,EAAQ,OAAO,EAAO,CAAC;GAC/C;;AAkBV,SAAgB,EAAc,GAAyC;CACnE,IAAM,IAAM,GAAS;AAGrB,CADA,EAAgB,GAAK,GAAS,OAAO,GAAS,WAAW,GAAS,YAAY,GAAS,WAAW,GAAS,aAAa,EACxH,EAAmB,GAAK,GAAS,OAAO;CACxC,IAAM,IAAmB,EAAqB;EAC1C,aAAa,GAAS,eAAe;EACrC,UAAU,GAAS,YAAY;EAClC,CAAC;AAGF,QAFA,EAAI,IAAI,GAAS,cAAc,YAAY,EAAiB,EAErD;;AAcX,eAAsB,EAAW,GAAmD;CAChF,IAAM,IAAM,MAAM,EAAY,OAAO,EAAQ,OAAO;AAapD,QAXA,EAAgB,EAAI,gBAAgB,CAAC,aAAa,EAAE,EAAQ,OAAO,EAAQ,WAAW,EAAQ,YAAY,EAAQ,WAAW,EAAQ,aAAa,EAClJ,EAAmB,EAAI,gBAAgB,CAAC,aAAa,EAAE,EAAQ,OAAO,EAElE,EAAQ,WACR,EAAI,iBAAiB,GAAG,EAAQ,QAAQ,EAGxC,EAAQ,SACR,EAAI,eAAe,GAAG,EAAQ,MAAM,EAGjC;;AAaX,SAAgB,EACZ,GACA,IAAgC,WAClC;CACE,IAAM,IAA8C;EAChD,YAAY,CAAC,SAAW;EACxB,WAAW,CAAC,SAAW;EACvB,UAAU,CAAC,UAAY,kBAAoB;EAC3C,QAAQ;GAAC;GAAY;GAAS;GAAS;EACvC,SAAS;GAAC;GAAY;GAAU;GAAQ;EACxC,YAAY,CAAC,SAAW;EAC3B;AAQD,QANI,MAAW,cACX,EAAkB,WAAc,KAAK,mBAAqB,iBAAmB,2BAA2B,EACxG,EAAkB,UAAa,KAAK,2BAA2B,EAC/D,EAAkB,QAAW,KAAK,2BAA2B,GAG1D,EACH,YAAY;EACR,GAAG;EACH,GAAG;EACN,EACJ"}

package/dist/node/express/index.js

@@ -1,3 +1,3 @@
 import { Router as e } from "./express.type.js";
-import { bodyParser as t, createCors as n, createCorsOptions as r, createExpress as i, createNest as a, createSession as o, express as s } from "./express.util.js";
-export { e as Router, t as bodyParser, n as createCors, r as createCorsOptions, i as createExpress, a as createNest, o as createSession, s as express };
+import { bodyParser as t, createCSP as n, createCors as r, createCorsOptions as i, createExpress as a, createNest as o, createSession as s, express as c } from "./express.util.js";
+export { e as Router, t as bodyParser, n as createCSP, r as createCors, i as createCorsOptions, a as createExpress, o as createNest, s as createSession, c as express };