@dangao/bun-server 2.0.2 → 2.0.8

package/dist/queue/queue-module.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"queue-module.d.ts","sourceRoot":"","sources":["../../src/queue/queue-module.ts"],"names":[],"mappings":"AAGA,OAAO,EAIL,KAAK,kBAAkB,EAExB,MAAM,SAAS,CAAC;AAEjB,qBAGa,WAAW;IACtB;;;OAGG;WACW,OAAO,CACnB,OAAO,GAAE,kBAAuB,GAC/B,OAAO,WAAW;CA0CtB"}
+{"version":3,"file":"queue-module.d.ts","sourceRoot":"","sources":["../../src/queue/queue-module.ts"],"names":[],"mappings":"AAGA,OAAO,EAIL,KAAK,kBAAkB,EAExB,MAAM,SAAS,CAAC;AAEjB,qBAGa,WAAW;IACtB;;;OAGG;WACW,OAAO,CACnB,OAAO,GAAE,kBAAuB,GAC/B,OAAO,WAAW;CA6CtB"}

package/dist/validation/decorators.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"decorators.d.ts","sourceRoot":"","sources":["../../src/validation/decorators.ts"],"names":[],"mappings":"AAAA,OAAO,kBAAkB,CAAC;AAC1B,OAAO,KAAK,EAAE,wBAAwB,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAC;AAgB5E;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,GAAG,KAAK,EAAE,wBAAwB,EAAE,GAAG,kBAAkB,CAgBjF;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,wBAAgB,QAAQ,CAAC,OAAO,GAAE,UAAe,GAAG,wBAAwB,CAM3E;AAED,wBAAgB,QAAQ,CAAC,OAAO,GAAE,UAAe,GAAG,wBAAwB,CAM3E;AAED,wBAAgB,OAAO,CAAC,OAAO,GAAE,UAAe,GAAG,wBAAwB,CAO1E;AAED,wBAAgB,UAAU,IAAI,wBAAwB,CAOrD;AAED,wBAAgB,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,GAAE,UAAe,GAAG,wBAAwB,CAMzF;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,MAAM,GAAG,kBAAkB,EAAE,CAIxG"}
+{"version":3,"file":"decorators.d.ts","sourceRoot":"","sources":["../../src/validation/decorators.ts"],"names":[],"mappings":"AAAA,OAAO,kBAAkB,CAAC;AAC1B,OAAO,KAAK,EAAE,wBAAwB,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAC;AAgB5E;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,GAAG,KAAK,EAAE,wBAAwB,EAAE,GAAG,kBAAkB,CAgBjF;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,wBAAgB,QAAQ,CAAC,OAAO,GAAE,UAAe,GAAG,wBAAwB,CAM3E;AAED,wBAAgB,QAAQ,CAAC,OAAO,GAAE,UAAe,GAAG,wBAAwB,CAM3E;AAED,wBAAgB,OAAO,CAAC,OAAO,GAAE,UAAe,GAAG,wBAAwB,CA2E1E;AAED,wBAAgB,UAAU,IAAI,wBAAwB,CAOrD;AAED,wBAAgB,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,GAAE,UAAe,GAAG,wBAAwB,CAMzF;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,MAAM,GAAG,kBAAkB,EAAE,CAIxG"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dangao/bun-server",
-  "version": "2.0.2",
+  "version": "2.0.8",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -49,11 +49,12 @@
     "dts": "tsc -p tsconfig.build.json",
     "build": "bun run clean && bun run bundle && bun run dts",
     "prepublishOnly": "bun run build",
-    "publish:package": "cp -r ../../README.md ../../LICENSE ../../docs . && bun publish --access public && rm -rf ./README.md ./LICENSE ./docs"
+    "publish:package": "cp -r ../../README.md ../../LICENSE ../../docs . && bun publish --access public && rm -rf ./README.md ./LICENSE ./docs",
+    "publish:package:github": "cp -r ../../README.md ../../LICENSE ../../docs . && bun pm pack --access public && npm publish *.tgz --provenance --access public && rm -rf ./README.md ./LICENSE ./docs"
   },
   "devDependencies": {
-    "typescript": "5.9.3",
-    "@types/bun": "latest"
+    "typescript": "^5.9.3",
+    "@types/bun": "^1.3.10"
   },
   "dependencies": {
     "reflect-metadata": "^0.2.2",

package/src/ai/providers/anthropic-provider.ts

@@ -151,7 +151,7 @@ export class AnthropicProvider implements LlmProvider {
                   } else if (parsed.type === 'message_stop') {
                     controller.enqueue(encoder.encode(`data: ${JSON.stringify({ done: true })}\n\n`));
                   }
-                } catch {
+                } catch (_error) {
                   // skip
                 }
               }

package/src/ai/providers/google-provider.ts

@@ -139,7 +139,7 @@ export class GoogleProvider implements LlmProvider {
                   const parts = (candidate?.['content'] as Record<string, unknown>)?.['parts'] as Array<Record<string, unknown>> ?? [];
                   const text = parts.map((p) => p['text'] ?? '').join('');
                   controller.enqueue(encoder.encode(`data: ${JSON.stringify({ content: text, done: false })}\n\n`));
-                } catch {
+                } catch (_error) {
                   // skip
                 }
               }

package/src/ai/providers/ollama-provider.ts

@@ -106,7 +106,7 @@ export class OllamaProvider implements LlmProvider {
                 controller.enqueue(encoder.encode(
                   `data: ${JSON.stringify({ content: msgContent, done: isDone })}\n\n`,
                 ));
-              } catch {
+              } catch (_error) {
                 // skip
               }
             }

package/src/ai/providers/openai-provider.ts

@@ -171,7 +171,7 @@ export class OpenAIProvider implements LlmProvider {
                   const delta = parsed.choices?.[0]?.delta;
                   const chunk = { content: delta?.content ?? '', done: false };
                   controller.enqueue(encoder.encode(`data: ${JSON.stringify(chunk)}\n\n`));
-                } catch {
+                } catch (_error) {
                   // skip malformed lines
                 }
               }
@@ -229,7 +229,7 @@ export class OpenAIProvider implements LlmProvider {
         return parsed as Record<string, unknown>;
       }
       return {};
-    } catch {
+    } catch (_error) {
       return {};
     }
   }

package/src/auth/jwt.ts

@@ -76,7 +76,7 @@ export class JWTUtil {
       }
 
       return payload;
-    } catch {
+    } catch (_error) {
       return null;
     }
   }

package/src/cache/interceptors.ts

@@ -120,7 +120,7 @@ export class CacheableInterceptor extends BaseInterceptor {
     let cacheService: CacheService;
     try {
       cacheService = container.resolve<CacheService>(CACHE_SERVICE_TOKEN);
-    } catch {
+    } catch (_error) {
       // 缓存服务未注册，直接执行原方法
       console.warn('[CacheableInterceptor] CacheService not registered, skipping cache');
       return await Promise.resolve(originalMethod.apply(target, args));
@@ -191,7 +191,7 @@ export class CacheEvictInterceptor extends BaseInterceptor {
     let cacheService: CacheService;
     try {
       cacheService = container.resolve<CacheService>(CACHE_SERVICE_TOKEN);
-    } catch {
+    } catch (_error) {
       // 缓存服务未注册，直接执行原方法
       console.warn('[CacheEvictInterceptor] CacheService not registered, skipping cache eviction');
       return await Promise.resolve(originalMethod.apply(target, args));
@@ -265,7 +265,7 @@ export class CachePutInterceptor extends BaseInterceptor {
     let cacheService: CacheService;
     try {
       cacheService = container.resolve<CacheService>(CACHE_SERVICE_TOKEN);
-    } catch {
+    } catch (_error) {
       // 缓存服务未注册，直接执行原方法
       console.warn('[CachePutInterceptor] CacheService not registered, skipping cache update');
       return await Promise.resolve(originalMethod.apply(target, args));

package/src/cache/types.ts

@@ -246,7 +246,7 @@ export class RedisCacheStore implements CacheStore {
     }
     try {
       return JSON.parse(value) as T;
-    } catch {
+    } catch (_error) {
       return undefined;
     }
   }
@@ -264,7 +264,7 @@ export class RedisCacheStore implements CacheStore {
         await this.client.set(this.getKey(key), serialized);
       }
       return true;
-    } catch {
+    } catch (_error) {
       return false;
     }
   }
@@ -273,7 +273,7 @@ export class RedisCacheStore implements CacheStore {
     try {
       await this.client.del(this.getKey(key));
       return true;
-    } catch {
+    } catch (_error) {
       return false;
     }
   }
@@ -282,7 +282,7 @@ export class RedisCacheStore implements CacheStore {
     try {
       const result = await this.client.exists(this.getKey(key));
       return result === 1;
-    } catch {
+    } catch (_error) {
       return false;
     }
   }
@@ -291,7 +291,7 @@ export class RedisCacheStore implements CacheStore {
     try {
       await this.client.flushdb();
       return true;
-    } catch {
+    } catch (_error) {
       return false;
     }
   }
@@ -313,12 +313,12 @@ export class RedisCacheStore implements CacheStore {
         if (value !== null) {
           try {
             result.set(keys[i], JSON.parse(value) as T);
-          } catch {
+          } catch (_error) {
             // 忽略解析错误
           }
         }
       }
-    } catch {
+    } catch (_error) {
       // 忽略错误，返回空 Map
     }
 
@@ -352,7 +352,7 @@ export class RedisCacheStore implements CacheStore {
       }
 
       return true;
-    } catch {
+    } catch (_error) {
       return false;
     }
   }
@@ -372,13 +372,13 @@ export class RedisCacheStore implements CacheStore {
         try {
           await this.client.del(key);
           deleted.push(key.replace(this.keyPrefix, ''));
-        } catch {
+        } catch (_error) {
           // 忽略单个删除错误
         }
       }
 
       return deleted;
-    } catch {
+    } catch (_error) {
       return [];
     }
   }

package/src/client/runtime.ts

@@ -88,7 +88,7 @@ export function createClient(
 
         try {
           return JSON.parse(text);
-        } catch {
+        } catch (_error) {
           return text;
         }
       };

package/src/config/config-module.ts

@@ -11,6 +11,23 @@ import { CONFIG_SERVICE_TOKEN, type ConfigModuleOptions } from './types';
   providers: [],
 })
 export class ConfigModule {
+  private static readonly DANGEROUS_PATH_SEGMENTS = new Set([
+    '__proto__',
+    'prototype',
+    'constructor',
+  ]);
+
+  private static isPlainObject(value: unknown): value is Record<string, unknown> {
+    if (typeof value !== 'object' || value === null) {
+      return false;
+    }
+    const proto = Object.getPrototypeOf(value);
+    return proto === null || proto === Object.prototype;
+  }
+
+  private static createSafeContainer(): Record<string, unknown> {
+    return Object.create(null) as Record<string, unknown>;
+  }
   /**
    * 创建配置模块
    * @param options - 模块配置
@@ -213,7 +230,7 @@ export class ConfigModule {
               try {
                 const parsed = ConfigService.parseConfigContent(result.content);
                 ConfigModule.setValueByPath(configMap, configPath, parsed);
-              } catch {
+              } catch (_error) {
                 ConfigModule.setValueByPath(configMap, configPath, result.content);
               }
             })
@@ -261,7 +278,7 @@ export class ConfigModule {
               let parsedValue: unknown;
               try {
                 parsedValue = ConfigService.parseConfigContent(result.content);
-              } catch {
+              } catch (_error) {
                 parsedValue = result.content;
               }
 
@@ -302,24 +319,39 @@ export class ConfigModule {
     path: string,
     value: unknown,
   ): void {
-    const segments = path.split('.');
+    const normalizedSegments = path.split('.').map((segment) => segment.trim());
+    if (
+      normalizedSegments.length === 0 ||
+      normalizedSegments.some((segment) => !segment)
+    ) {
+      throw new Error(`[ConfigModule] Invalid config path: "${path}"`);
+    }
+
+    for (const segment of normalizedSegments) {
+      if (ConfigModule.DANGEROUS_PATH_SEGMENTS.has(segment)) {
+        throw new Error(`[ConfigModule] Unsafe config path segment: "${segment}"`);
+      }
+    }
+
     let current: Record<string, unknown> = obj;
 
-    for (let i = 0; i < segments.length - 1; i++) {
-      const segment = segments[i]!;
-      // 检查是否需要创建嵌套对象
-      // 注意：typeof null === 'object'，所以需要明确排除 null
-      if (
-        !(segment in current) ||
-        current[segment] == null ||
-        typeof current[segment] !== 'object'
-      ) {
-        current[segment] = {};
+    for (let i = 0; i < normalizedSegments.length - 1; i++) {
+      const segment = normalizedSegments[i]!;
+      const hasOwn = Object.prototype.hasOwnProperty.call(current, segment);
+      const existing = hasOwn ? current[segment] : undefined;
+
+      if (!ConfigModule.isPlainObject(existing)) {
+        current[segment] = ConfigModule.createSafeContainer();
       }
+
       current = current[segment] as Record<string, unknown>;
     }
 
-    current[segments[segments.length - 1]!] = value;
+    const lastSegment = normalizedSegments[normalizedSegments.length - 1]!;
+    if (ConfigModule.DANGEROUS_PATH_SEGMENTS.has(lastSegment)) {
+      throw new Error(`[ConfigModule] Unsafe config path segment: "${lastSegment}"`);
+    }
+    current[lastSegment] = value;
   }
 }
 

package/src/config/service.ts

@@ -24,10 +24,10 @@ export class ConfigService<TConfig extends Record<string, unknown> = Record<stri
 
     try {
       return JSON.parse(content);
-    } catch {
+    } catch (_error) {
       try {
         return Bun.JSONC.parse(content);
-      } catch {
+      } catch (_innerError) {
         return Bun.JSON5.parse(content);
       }
     }

package/src/controller/param-binder.ts

@@ -105,7 +105,7 @@ export class ParamBinder {
             (context as unknown as { sessionId: string }).sessionId = newSession.id;
             return newSession;
           }
-        } catch {
+        } catch (_error) {
           // SessionService 未注册，返回 undefined
         }
         return undefined;

package/src/conversation/service.ts

@@ -125,7 +125,7 @@ export class ConversationService {
       for (const msg of newMessages) {
         await this.store.appendMessage(id, msg);
       }
-    } catch {
+    } catch (_error) {
       // If summarization fails, fall back to simple trim
       await this.store.trim(id, this.maxMessages);
     }

package/src/core/application.ts

@@ -343,7 +343,7 @@ export class Application {
           path: context.path,
         });
         context.setStatus(404);
-        return context.createResponse({ error: 'Not Found' });
+        return context.createErrorResponse({ error: 'Not Found' });
       });
     });
   }

package/src/core/cluster.ts

@@ -117,7 +117,7 @@ export class ClusterManager {
     if (this.socketDir) {
       try {
         rmSync(this.socketDir, { recursive: true, force: true });
-      } catch {
+      } catch (_error) {
         // ignore cleanup errors
       }
       this.socketDir = undefined;
@@ -186,7 +186,7 @@ export class ClusterManager {
 
     this.socketDir = join(tmpdir(), `bun-cluster-${process.pid}`);
     // Clean up stale directory from a previous run with the same PID
-    try { rmSync(this.socketDir, { recursive: true, force: true }); } catch { /* ignore */ }
+    try { rmSync(this.socketDir, { recursive: true, force: true }); } catch (_error) { /* ignore */ }
     mkdirSync(this.socketDir, { recursive: true });
 
     this.socketPaths = [];
@@ -271,7 +271,7 @@ export class ClusterManager {
             redirect: 'manual',
             unix: socketPath,
           });
-        } catch {
+        } catch (_error) {
           return new Response('Bad Gateway', { status: 502 });
         }
       },
@@ -289,7 +289,7 @@ export class ClusterManager {
           );
 
           const socketPath = this.socketPaths[index]!;
-          try { rmSync(socketPath); } catch { /* ignore */ }
+          try { rmSync(socketPath); } catch (_error) { /* ignore */ }
 
           this.workers[index] = this.spawnProxyWorker(index, socketPath);
 

package/src/core/context.ts

@@ -8,6 +8,7 @@ import { type URLSearchParams, URL } from 'url';
  * 封装 Request 和 Response，提供便捷的访问方法
  */
 export class Context {
+  private static readonly ERROR_REDACTED_KEYS = new Set(['stack', 'trace', 'cause']);
   /**
    * 原始请求对象
    */
@@ -225,5 +226,75 @@ export class Context {
       ...init,
     });
   }
+
+  /**
+   * 创建错误响应（自动过滤敏感字段）
+   * @param body - 错误响应体
+   * @param init - 响应初始化选项
+   * @returns Response 对象
+   */
+  public createErrorResponse(body?: unknown, init?: ResponseInit): Response {
+    const status = init?.status ?? this.statusCode;
+    const errorStatus = status >= 400 ? status : 500;
+    const sanitizedBody = this.sanitizeErrorPayload(body);
+
+    return this.createResponse(sanitizedBody, {
+      ...init,
+      status: errorStatus,
+    });
+  }
+
+  private sanitizeErrorPayload(body: unknown): unknown {
+    if (body === undefined || body === null) {
+      return body;
+    }
+
+    if (body instanceof Error) {
+      return {
+        error: body.message || 'Internal Server Error',
+      };
+    }
+
+    const seen = new WeakSet<object>();
+    return this.sanitizeValue(body, seen);
+  }
+
+  private sanitizeValue(value: unknown, seen: WeakSet<object>): unknown {
+    if (value === null || value === undefined) {
+      return value;
+    }
+
+    if (typeof value !== 'object') {
+      return value;
+    }
+
+    if (value instanceof Date || value instanceof ArrayBuffer || value instanceof Blob) {
+      return value;
+    }
+
+    if (seen.has(value)) {
+      return '[Circular]';
+    }
+    seen.add(value);
+
+    if (Array.isArray(value)) {
+      return value.map((item) => this.sanitizeValue(item, seen));
+    }
+
+    const prototype = Object.getPrototypeOf(value);
+    if (prototype !== Object.prototype && prototype !== null) {
+      return value;
+    }
+
+    const sanitized: Record<string, unknown> = {};
+    for (const [key, nestedValue] of Object.entries(value as Record<string, unknown>)) {
+      if (Context.ERROR_REDACTED_KEYS.has(key)) {
+        continue;
+      }
+      sanitized[key] = this.sanitizeValue(nestedValue, seen);
+    }
+
+    return sanitized;
+  }
 }
 

package/src/dashboard/controller.ts

@@ -75,7 +75,7 @@ export class DashboardService {
       return (
         username === this.auth.username && password === this.auth.password
       );
-    } catch {
+    } catch (_error) {
       return false;
     }
   }
@@ -214,7 +214,7 @@ export class DashboardService {
       return new Response(JSON.stringify(data), {
         headers: { 'Content-Type': 'application/json; charset=utf-8' },
       });
-    } catch {
+    } catch (_error) {
       const data = {
         status: 'up',
         timestamp: Date.now(),

package/src/database/connection-manager.ts

@@ -104,7 +104,7 @@ export class DatabaseConnectionManager {
         return await this.healthCheckMysql(this.currentConnection);
       }
       return false;
-    } catch {
+    } catch (_error) {
       return false;
     }
   }
@@ -176,7 +176,7 @@ export class DatabaseConnectionManager {
         return true;
       }
       return false;
-    } catch {
+    } catch (_error) {
       return false;
     }
   }
@@ -204,7 +204,7 @@ export class DatabaseConnectionManager {
         return true;
       }
       return false;
-    } catch {
+    } catch (_error) {
       return false;
     }
   }
@@ -232,7 +232,7 @@ export class DatabaseConnectionManager {
         return true;
       }
       return false;
-    } catch {
+    } catch (_error) {
       return false;
     }
   }

package/src/database/service.ts

@@ -145,7 +145,7 @@ export class DatabaseService {
 
   /**
    * Bun.SQL 查询实现（PostgreSQL/MySQL）
-   * 注意：Bun.SQL 主要使用模板字符串，但为了兼容性，我们尝试支持参数化查询
+   * 通过模板字符串调用 Bun.SQL，确保参数走 Bun.SQL 转义逻辑
    */
   private async queryBunSQL<T = unknown>(
     connection: unknown,
@@ -153,25 +153,23 @@ export class DatabaseService {
     params?: unknown[],
   ): Promise<T[]> {
     // Bun.SQL 对象可以作为函数调用（模板字符串）
-    // 但我们需要支持参数化查询
     if (connection && typeof connection === 'function') {
-      // Bun.SQL 模板字符串查询
-      // 注意：Bun.SQL 使用模板字符串，参数会自动转义
-      // 这里我们需要将 SQL 和参数组合成模板字符串调用
-      // 但由于 TypeScript 限制，我们使用动态调用
       try {
-        // 尝试使用模板字符串方式
-        // 注意：这需要将参数插入到 SQL 中，但 Bun.SQL 会自动处理 SQL 注入防护
-        const sqlWithParams = this.interpolateParams(sql, params);
+        const { strings, values } = this.buildTemplateFromSql(sql, params);
+        const template = Object.assign(strings, {
+          raw: strings,
+        }) as unknown as TemplateStringsArray;
         const result = await (connection as (
           template: TemplateStringsArray,
           ...values: unknown[]
-        ) => Promise<Array<Record<string, unknown>>>)`${sqlWithParams}`;
+        ) => Promise<Array<Record<string, unknown>>>)(template, ...values);
         return result as T[];
-      } catch {
-        // 如果模板字符串方式失败，尝试其他方式
+      } catch (error) {
+        const errorMessage =
+          error instanceof Error ? error.message : String(error);
+        // 如果模板字符串方式失败，保留原始错误，便于排查参数/SQL 构造问题
         throw new Error(
-          'Bun.SQL parameterized queries are not fully supported. Consider using template string queries.',
+          `Bun.SQL parameterized queries are not fully supported. Consider using template string queries. Original error: ${errorMessage}`,
         );
       }
     }
@@ -197,25 +195,24 @@ export class DatabaseService {
   }
 
   /**
-   * 将参数插入到 SQL 中（用于 Bun.SQL 模板字符串）
-   * 注意：这只是临时方案，Bun.SQL 的模板字符串会自动处理 SQL 注入防护
+   * 将 SQL 与 ? 占位符参数转换为模板字符串片段
+   * 让参数通过 Bun.SQL 的 values 通道注入，避免手工拼接 SQL
    */
-  private interpolateParams(sql: string, params?: unknown[]): string {
+  private buildTemplateFromSql(
+    sql: string,
+    params?: unknown[],
+  ): { strings: string[]; values: unknown[] } {
     if (!params || params.length === 0) {
-      return sql;
+      return { strings: [sql], values: [] };
     }
 
-    // 简单的参数替换（实际应该使用 Bun.SQL 的模板字符串）
-    // 这里只是占位实现，实际使用时应该使用模板字符串
-    let result = sql;
-    for (let i = 0; i < params.length; i++) {
-      const param = params[i];
-      const value =
-        typeof param === 'string'
-          ? `'${param.replace(/'/g, "''")}'`
-          : String(param);
-      result = result.replace('?', value);
+    const strings = sql.split('?');
+    if (strings.length !== params.length + 1) {
+      throw new Error(
+        'SQL placeholders count does not match parameters count',
+      );
     }
-    return result;
+
+    return { strings, values: params };
   }
 }

package/src/debug/middleware.ts

@@ -67,7 +67,7 @@ export function createDebugMiddleware(
     if (recordBody && ['POST', 'PUT', 'PATCH'].includes(context.method)) {
       try {
         requestBody = await context.getBody();
-      } catch {
+      } catch (_error) {
         requestBody = undefined;
       }
     }
@@ -92,7 +92,7 @@ export function createDebugMiddleware(
       if (route) {
         matchedRoute = route.path;
       }
-    } catch {
+    } catch (_error) {
       matchedRoute = undefined;
     }
 

package/src/di/module-registry.ts

@@ -242,7 +242,7 @@ export class ModuleRegistry {
           } else if ('useFactory' in provider) {
             instances.push(ref.container.resolve(provider.provide as Constructor<unknown>));
           }
-        } catch {
+        } catch (_error) {
           // skip providers that can't be resolved (e.g. pending async providers)
         }
       }

package/src/error/handler.ts

@@ -53,12 +53,12 @@ export async function handleError(error: unknown, context: Context): Promise<Res
       responseBody.details = error.details;
     }
 
-    return context.createResponse(responseBody);
+    return context.createErrorResponse(responseBody);
   }
 
   if (error instanceof ValidationError) {
     context.setStatus(400);
-    return context.createResponse({
+    return context.createErrorResponse({
       error: error.message,
       code: 'VALIDATION_FAILED',
       issues: error.issues,
@@ -74,7 +74,7 @@ export async function handleError(error: unknown, context: Context): Promise<Res
     message,
     stack,
   });
-  return context.createResponse({
+  return context.createErrorResponse({
     error: 'Internal Server Error',
     details: process.env.NODE_ENV === 'production' ? undefined : message,
   });