npm - @etus/bhono-app - Versions diffs - 0.1.5 → 0.1.6 - Mend

@etus/bhono-app 0.1.5 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (269) hide show

package/templates/base/tests/integration/health/health.test.ts CHANGED Viewed

@@ -13,28 +13,10 @@
 import { describe, it, expect, beforeAll } from 'vitest'
 import { Hono } from 'hono'
-import { getEnv, getDb, type TestEnv } from '../setup'
+import { getEnv, type TestEnv } from '../setup'
 import type { HonoEnv } from '../../../src/server/types'
 import { health } from '../../../src/server/routes/health'
-/**
- * Creates a database wrapper that adds the `execute` method
- * The better-sqlite3 drizzle doesn't have execute, but D1 does
- * We add it as an alias to `run` for test compatibility
- */
-function createTestDb() {
-  const db = getDb()
-  // Add execute method that delegates to run (both execute statements)
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
-}
 describe('Health Check Integration', () => {
   let app: Hono<HonoEnv>
   let env: TestEnv
@@ -47,11 +29,6 @@ describe('Health Check Integration', () => {
     app.use('*', async (c, next) => {
       // Inject environment bindings (cast to any to allow assignment)
       ;(c as any).env = env
-      // Use a wrapped drizzle instance that has execute method for D1 compatibility
-      const db = createTestDb()
-      c.set('db', db)
       await next()
     })
@@ -225,8 +202,10 @@ describe('Health Check Integration', () => {
       // Create an app without db set
       const appWithoutDb = new Hono<HonoEnv>()
       appWithoutDb.use('*', async (c, next) => {
-        ;(c as any).env = env
-        // Note: NOT setting db to test line 9
+        const modifiedEnv = { ...env }
+        // @ts-expect-error - Removing DB to test database down
+        delete modifiedEnv.DB
+        ;(c as any).env = modifiedEnv
         await next()
       })
       appWithoutDb.route('/health', health)
@@ -247,7 +226,6 @@ describe('Health Check Integration', () => {
         // @ts-expect-error - Removing R2_BUCKET to test line 24
         delete modifiedEnv.R2_BUCKET
         ;(c as any).env = modifiedEnv
-        c.set('db', createTestDb())
         await next()
       })
       appWithoutR2.route('/health', health)
@@ -264,14 +242,15 @@ describe('Health Check Integration', () => {
       // Create an app with a broken database
       const appWithBrokenDb = new Hono<HonoEnv>()
       appWithBrokenDb.use('*', async (c, next) => {
-        ;(c as any).env = env
-        // Create a mock db that throws on run()
-        const brokenDb = {
-          run: () => {
-            throw new Error('Database connection failed')
-          },
+        const modifiedEnv = {
+          ...env,
+          DB: {
+            prepare: () => {
+              throw new Error('Database connection failed')
+            },
+          } as D1Database,
         }
-        c.set('db', brokenDb as any)
+        ;(c as any).env = modifiedEnv
         await next()
       })
       appWithBrokenDb.route('/health', health)
@@ -297,7 +276,6 @@ describe('Health Check Integration', () => {
           },
         }
         ;(c as any).env = modifiedEnv
-        c.set('db', createTestDb())
         await next()
       })
       appWithBrokenR2.route('/health', health)
@@ -313,8 +291,10 @@ describe('Health Check Integration', () => {
     it('should return 503 when readiness check fails due to db being down', async () => {
       const appWithoutDb = new Hono<HonoEnv>()
       appWithoutDb.use('*', async (c, next) => {
-        ;(c as any).env = env
-        // Note: NOT setting db
+        const modifiedEnv = { ...env }
+        // @ts-expect-error - Removing DB to test database down
+        delete modifiedEnv.DB
+        ;(c as any).env = modifiedEnv
         await next()
       })
       appWithoutDb.route('/health', health)
@@ -329,14 +309,15 @@ describe('Health Check Integration', () => {
     it('should return 503 when readiness check throws an error', async () => {
       const appWithBrokenDb = new Hono<HonoEnv>()
       appWithBrokenDb.use('*', async (c, next) => {
-        ;(c as any).env = env
-        // Create a mock db that throws on run()
-        const brokenDb = {
-          run: () => {
-            throw new Error('Database connection failed')
-          },
+        const modifiedEnv = {
+          ...env,
+          DB: {
+            prepare: () => {
+              throw new Error('Database connection failed')
+            },
+          } as D1Database,
         }
-        c.set('db', brokenDb as any)
+        ;(c as any).env = modifiedEnv
         await next()
       })
       appWithBrokenDb.route('/health', health)

package/templates/base/tests/integration/invitations/crud.test.ts CHANGED Viewed

@@ -28,19 +28,10 @@ import { errorHandler } from '../../../src/server/middleware/error-handler'
 import { sessionMiddleware } from '../../../src/server/lib/session'
 /**
- * Creates a database wrapper that adds the `execute` method
- * The better-sqlite3 drizzle doesn't have execute, but D1 does
+ * Creates a D1-compatible database instance for tests
  */
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 describe('Invitations CRUD Integration', () => {

package/templates/base/tests/integration/invitations/email.test.ts CHANGED Viewed

@@ -28,15 +28,7 @@ import { sendInvitationEmail } from '../../../src/server/lib/email'
 // ============================================================================
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 describe('Invitation Email Integration Tests', () => {

package/templates/base/tests/integration/middleware/auth.test.ts CHANGED Viewed

@@ -20,19 +20,10 @@ import {
 } from '../setup'
 /**
- * Creates a database wrapper that adds the `execute` method
- * The better-sqlite3 drizzle doesn't have execute, but D1 does
+ * Creates a D1-compatible database instance for tests
  */
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return (target as any).run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 describe('Auth Middleware', () => {
@@ -57,7 +48,7 @@ describe('Auth Middleware', () => {
       const env = getEnv()
       ;(c as any).env = env
-      // Set up the db for middleware (use the test drizzle instance with proxy)
+      // Set up the db for middleware
       const db = createTestDb()
       c.set('db', db)

package/templates/base/tests/integration/middleware/request-logger.test.ts CHANGED Viewed

@@ -21,15 +21,7 @@ import { errorHandler } from '../../../src/server/middleware/error-handler'
  * Creates a database wrapper
  */
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 describe('Request Logger Middleware Integration', () => {

package/templates/base/tests/integration/performance/response-times.test.ts CHANGED Viewed

@@ -36,15 +36,7 @@ const THRESHOLDS = {
  * Creates a database wrapper that adds the `execute` method
  */
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as unknown as Record<string | symbol, unknown>)[prop]
-    },
-  })
+  return getDb()
 }
 /**

package/templates/base/tests/integration/security/cookie-security.test.ts CHANGED Viewed

@@ -27,19 +27,10 @@ import { errorHandler } from '../../../src/server/middleware/error-handler'
 import { sessionMiddleware } from '../../../src/server/lib/session'
 /**
- * Creates a database wrapper that adds the `execute` method
- * The better-sqlite3 drizzle doesn't have execute, but D1 does
+ * Creates a D1-compatible database instance for tests
  */
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 describe('Session Cookie Security', () => {

package/templates/base/tests/integration/security/csrf-protection.test.ts CHANGED Viewed

@@ -24,19 +24,10 @@ import { configurableCors } from '../../../src/server/middleware/cors'
 import { sessionMiddleware } from '../../../src/server/lib/session'
 /**
- * Creates a database wrapper that adds the `execute` method
- * The better-sqlite3 drizzle doesn't have execute, but D1 does
+ * Creates a D1-compatible database instance for tests
  */
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 describe('CSRF Protection', () => {

package/templates/base/tests/integration/security/log-sanitization.test.ts CHANGED Viewed

@@ -30,15 +30,7 @@ import { sessionMiddleware } from '../../../src/server/lib/session'
  * Creates a database wrapper that adds the `execute` method
  */
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 describe('Log Sanitization', () => {

package/templates/base/tests/integration/security/rate-limiting.test.ts CHANGED Viewed

@@ -31,15 +31,7 @@ import {
  * Creates a database wrapper that adds the `execute` method
  */
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 describe('Rate Limiting', () => {

package/templates/base/tests/integration/security/sql-injection.test.ts CHANGED Viewed

@@ -2,18 +2,18 @@
  * SQL Injection Prevention Integration Tests
  *
  * Tests that the API properly prevents SQL injection attacks through:
- * - Parameterized queries via Drizzle ORM
+ * - Parameterized queries via SQL helpers
  * - Zod UUID validation for ID parameters
  * - Safe handling of user input in search queries
  *
- * Since the codebase uses Drizzle ORM with parameterized queries,
- * these tests should PASS - demonstrating that SQL injection protection
- * is already in place by default.
+ * Since the codebase uses parameterized SQL queries,
+ * these tests should PASS - demonstrating SQL injection protection
+ * is in place by default.
  */
 import { describe, it, expect, beforeAll } from 'vitest'
 import { Hono } from 'hono'
-import { getEnv, getSqlite, type TestEnv } from '../setup'
+import { getEnv, getDb, getSqlite, type TestEnv } from '../setup'
 import { createTestScenario } from '../fixtures'
 import type { HonoEnv } from '../../../src/server/types'
 import { api } from '../../../src/server/routes'
@@ -21,21 +21,10 @@ import { errorHandler } from '../../../src/server/middleware/error-handler'
 import { sessionMiddleware } from '../../../src/server/lib/session'
 /**
- * Creates a database wrapper that adds the `execute` method
- * The better-sqlite3 drizzle doesn't have execute, but D1 does
+ * Creates a D1-compatible database instance for tests
  */
 function createTestDb() {
-  const sqlite = getSqlite()
-  const { drizzle } = require('drizzle-orm/better-sqlite3')
-  const db = drizzle(sqlite)
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 describe('SQL Injection Prevention', () => {

package/templates/base/tests/integration/security/xss-prevention.test.ts CHANGED Viewed

@@ -23,19 +23,10 @@ import { errorHandler } from '../../../src/server/middleware/error-handler'
 import { sessionMiddleware } from '../../../src/server/lib/session'
 /**
- * Creates a database wrapper that adds the `execute` method
- * The better-sqlite3 drizzle doesn't have execute, but D1 does
+ * Creates a D1-compatible database instance for tests
  */
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 describe('XSS Prevention', () => {

package/templates/base/tests/integration/setup.ts CHANGED Viewed

@@ -10,12 +10,13 @@
  */
 import Database from 'better-sqlite3'
-import { drizzle } from 'drizzle-orm/better-sqlite3'
+import { readFileSync } from 'node:fs'
+import { dirname, resolve } from 'node:path'
+import { fileURLToPath } from 'node:url'
 import { vi, beforeAll, afterAll, beforeEach, afterEach } from 'vitest'
 import { Hono } from 'hono'
 import type { Env } from '../../src/server/env'
 import type { SessionData, HonoEnv } from '../../src/server/types'
-import * as schema from '../../src/server/db/schema'
 // ============================================================================
 // TYPES
@@ -50,90 +51,15 @@ export interface MockR2Store {
 // DATABASE SCHEMA SQL
 // ============================================================================
-const SCHEMA_SQL = `
--- Users table
-CREATE TABLE IF NOT EXISTS users (
-  id TEXT PRIMARY KEY,
-  google_id TEXT NOT NULL UNIQUE,
-  email TEXT NOT NULL,
-  name TEXT NOT NULL,
-  avatar_url TEXT,
-  status TEXT DEFAULT 'active' NOT NULL CHECK (status IN ('active', 'inactive')),
-  provider_ids TEXT DEFAULT '[]',
-  is_super_admin INTEGER DEFAULT 0 NOT NULL,
-  created_at TEXT DEFAULT (datetime('now')) NOT NULL,
-  updated_at TEXT DEFAULT (datetime('now')) NOT NULL,
-  deleted_at TEXT,
-  created_by_id TEXT REFERENCES users(id),
-  updated_by_id TEXT REFERENCES users(id),
-  deleted_by_id TEXT REFERENCES users(id)
-);
--- Accounts table
-CREATE TABLE IF NOT EXISTS accounts (
-  id TEXT PRIMARY KEY,
-  name TEXT NOT NULL,
-  description TEXT,
-  domain TEXT UNIQUE,
-  created_at TEXT DEFAULT (datetime('now')) NOT NULL,
-  updated_at TEXT DEFAULT (datetime('now')) NOT NULL,
-  deleted_at TEXT
-);
--- User-Accounts junction table
-CREATE TABLE IF NOT EXISTS user_accounts (
-  user_id TEXT NOT NULL REFERENCES users(id) ON DELETE CASCADE,
-  account_id TEXT NOT NULL REFERENCES accounts(id) ON DELETE CASCADE,
-  role TEXT NOT NULL CHECK (role IN ('ADMIN', 'MANAGER', 'EDITOR', 'AUTHOR', 'VIEWER', 'BILLING', 'ANALYTICS')),
-  PRIMARY KEY (user_id, account_id)
-);
--- Refresh tokens table
-CREATE TABLE IF NOT EXISTS refresh_tokens (
-  id TEXT PRIMARY KEY,
-  user_id TEXT NOT NULL REFERENCES users(id) ON DELETE CASCADE,
-  token_hash TEXT NOT NULL,
-  expires_at INTEGER NOT NULL,
-  created_at INTEGER DEFAULT (unixepoch()) NOT NULL,
-  revoked_at INTEGER
-);
--- Invitations table
-CREATE TABLE IF NOT EXISTS invitations (
-  id TEXT PRIMARY KEY,
-  account_id TEXT NOT NULL REFERENCES accounts(id) ON DELETE CASCADE,
-  email TEXT NOT NULL,
-  role TEXT NOT NULL CHECK (role IN ('ADMIN', 'MANAGER', 'EDITOR', 'AUTHOR', 'VIEWER', 'BILLING', 'ANALYTICS')),
-  token TEXT NOT NULL UNIQUE,
-  invited_by_id TEXT NOT NULL REFERENCES users(id),
-  expires_at TEXT NOT NULL,
-  accepted_at TEXT,
-  created_at TEXT DEFAULT (datetime('now')) NOT NULL
-);
-CREATE UNIQUE INDEX IF NOT EXISTS account_email_idx ON invitations(account_id, email);
--- Audit logs table
-CREATE TABLE IF NOT EXISTS audit_logs (
-  id TEXT PRIMARY KEY,
-  transaction_id TEXT NOT NULL,
-  account_id TEXT REFERENCES accounts(id),
-  user_id TEXT REFERENCES users(id),
-  entity TEXT NOT NULL,
-  entity_id TEXT NOT NULL,
-  action TEXT NOT NULL CHECK (action IN ('INSERT', 'UPDATE', 'DELETE', 'LOGIN', 'LOGOUT', 'SIGNUP', 'TOKEN_REFRESH', 'LOGIN_FAILED')),
-  changes TEXT,
-  ip_address TEXT,
-  user_agent TEXT,
-  timestamp TEXT DEFAULT (datetime('now')) NOT NULL
-);
-`
+const __filename = fileURLToPath(import.meta.url)
+const __dirname = dirname(__filename)
+const SCHEMA_SQL = readFileSync(resolve(__dirname, '..', '..', 'schema.sql'), 'utf8')
 // ============================================================================
 // GLOBAL STATE
 // ============================================================================
 let sqliteDb: Database.Database | null = null
-let drizzleDb: ReturnType<typeof drizzle> | null = null
 let mockKV: MockKVStore | null = null
 let mockR2: MockR2Store | null = null
 let testEnv: TestEnv | null = null
@@ -144,8 +70,8 @@ let testEnv: TestEnv | null = null
 /**
  * Creates a D1-compatible wrapper around better-sqlite3
- * This allows Drizzle ORM to work with our in-memory SQLite database
- * as if it were a Cloudflare D1 database.
+ * This allows our test helpers to use a Cloudflare D1-like API
+ * against an in-memory SQLite database.
  */
 function createD1CompatibleWrapper(db: Database.Database): D1Database {
   return {
@@ -582,13 +508,14 @@ export function getEnv(): TestEnv {
 }
 /**
- * Get the Drizzle database instance
+ * Get the D1-compatible database instance
  */
-export function getDb(): ReturnType<typeof drizzle> {
-  if (!drizzleDb) {
+export function getDb(): D1Database {
+  const env = getEnv()
+  if (!env.DB) {
     throw new Error('Database not initialized. Make sure beforeAll has run.')
   }
-  return drizzleDb
+  return env.DB
 }
 /**
@@ -764,9 +691,6 @@ beforeAll(() => {
   // Create D1-compatible wrapper
   const d1Wrapper = createD1CompatibleWrapper(sqliteDb)
-  // Create Drizzle instance
-  drizzleDb = drizzle(sqliteDb, { schema })
   // Create mock stores
   mockKV = createMockKV()
   mockR2 = createMockR2()
@@ -797,7 +721,6 @@ afterAll(() => {
     sqliteDb = null
   }
-  drizzleDb = null
   mockKV = null
   mockR2 = null
   testEnv = null

package/templates/base/tests/integration/smoke.test.ts CHANGED Viewed

@@ -55,10 +55,11 @@ describe('Integration Test Infrastructure', () => {
     })
   })
-  describe('Drizzle ORM', () => {
-    it('should have initialized Drizzle database instance', () => {
+  describe('D1 Database', () => {
+    it('should have initialized D1 database instance', () => {
       const db = getDb()
       expect(db).toBeDefined()
+      expect(typeof db.prepare).toBe('function')
     })
   })

package/templates/base/tests/integration/storage/upload.test.ts CHANGED Viewed

@@ -34,19 +34,10 @@ import { sessionMiddleware } from '../../../src/server/lib/session'
 // ============================================================================
 /**
- * Creates a database wrapper that adds the `execute` method
- * The better-sqlite3 drizzle doesn't have execute, but D1 does
+ * Creates a D1-compatible database instance for tests
  */
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 /**

package/templates/base/tests/integration/storage/validation.test.ts CHANGED Viewed

@@ -31,19 +31,10 @@ import { sessionMiddleware } from '../../../src/server/lib/session'
 // ============================================================================
 /**
- * Creates a database wrapper that adds the `execute` method
- * The better-sqlite3 drizzle doesn't have execute, but D1 does
+ * Creates a D1-compatible database instance for tests
  */
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 /**

package/templates/base/tests/integration/users/crud.test.ts CHANGED Viewed

@@ -26,19 +26,10 @@ import { errorHandler } from '../../../src/server/middleware/error-handler'
 import { sessionMiddleware } from '../../../src/server/lib/session'
 /**
- * Creates a database wrapper that adds the `execute` method
- * The better-sqlite3 drizzle doesn't have execute, but D1 does
+ * Creates a D1-compatible database instance for tests
  */
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 describe('Users CRUD Integration', () => {

package/templates/base/tests/integration/users/list.test.ts CHANGED Viewed

@@ -29,19 +29,10 @@ import { errorHandler } from '../../../src/server/middleware/error-handler'
 import { sessionMiddleware } from '../../../src/server/lib/session'
 /**
- * Creates a database wrapper that adds the `execute` method
- * The better-sqlite3 drizzle doesn't have execute, but D1 does
+ * Creates a D1-compatible database instance for tests
  */
 function createTestDb() {
-  const db = getDb()
-  return new Proxy(db, {
-    get(target, prop) {
-      if (prop === 'execute') {
-        return target.run.bind(target)
-      }
-      return (target as any)[prop]
-    },
-  })
+  return getDb()
 }
 describe('Users List Integration', () => {