@ezetgalaxy/titan 25.14.7 → 25.15.0

package/LICENSE

@@ -0,0 +1,15 @@
+ISC License
+
+Copyright (c) 2025, Ezet Galaxy
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

package/README.md

@@ -7,9 +7,15 @@
    ██║   ██║   ██║   ██║  ██║██║ ╚████║
    ╚═╝   ╚═╝   ╚═╝   ╚═╝  ╚═╝╚═╝  ╚═══╝
 ```
-# Notice 
-**Production mode is under development 😞**
- **Enjoy development mode `tit dev` 💙**
+
+# Notice
+
+✅ **Production mode is ready**
+💙 **Enjoy development mode `tit dev`**
+✅ **No more `globalThis` required**
+
+
+---
 
 # TITAN PLANET 🚀
 
@@ -20,7 +26,7 @@ Titan Planet is a JavaScript-first backend framework that compiles your JavaScri
 You write **zero Rust**.
 Titan ships a full backend engine, dev server, bundler, router, action runtime, and Docker deploy pipeline — all powered by Rust under the hood.
 
-Titan = JavaScript productivity × Rust performance × Zero DevOps.
+Titan = **JavaScript productivity × Rust performance × Zero DevOps**
 
 ---
 
@@ -102,243 +108,166 @@ Titan will:
 
 ---
 
-# 📁 Project Layout
+# Update to new version
 
-```
-my-app/
-├── app/                                  # You develop ONLY this folder
-│   ├── app.js                             # Titan routes (DSL)
-│   └── actions/                           # Your custom JS actions
-│       └── hello.js                       # Example Titan action
-
-───────────────────────────────────────────────────────────────
-  Everything below is auto-generated by `tit init`
-  You never modify these folders manually
-───────────────────────────────────────────────────────────────
-
-├── titan/                                # Titan's internal JS engine
-│   ├── titan.js                           # Titan DSL runtime
-│   ├── bundle.js                          # JS → .jsbundle bundler
-│   └── dev.js                             # Hot Reload system
-│
-├── server/                               # Auto-generated Rust backend
-│   ├── Cargo.toml                         # Rust project config
-│   ├── src/                               # Rust source code
-│   ├── actions/                           # Compiled .jsbundle actions
-│   ├── titan/                             # Internal Rust runtime files
-│   ├── routes.json                        # Generated route metadata
-│   ├── action_map.json                    # Maps actions to bundles
-│   └── titan-server                       # Final production Rust binary
-│
-├── Dockerfile                             # Auto-generated production Dockerfile
-├── .dockerignore                          # Auto-generated Docker ignore rules
-├── package.json                           # JS project config (auto)
-└── .gitignore                             # Auto-generated by `tit init`
+* At first update the cli 
 
+```bash
+npm install -g @ezetgalaxy/titan@latest
 ```
+* Then 
 
----
-
-# 🛣 Example Route
-
-**app/app.js**
-
-```js
-import t from "../titan/titan.js";
+```bash
+tit update
+```
+* ``tit update`` will update and add new features in your Titan project
 
-t.post("/hello").action("hello");
-t.get("/").reply("Welcome to Titan Planet");
 
-t.start(3000, "Ready to land on Titan 🚀");
-```
+# ✨ What Titan Can Do (New & Core Features)
 
----
+Titan now includes a **complete runtime engine** with the following built-in capabilities:
 
-# 🧩 Example Action
+### 🛣 Routing & HTTP
 
-**app/actions/hello.js**
+* Static routes (`/`, `/health`)
+* Dynamic routes (`/user/:id<number>`)
+* Typed route parameters
+* Automatic method matching (GET / POST)
+* Query parsing (`req.query`)
+* Body parsing (`req.body`)
+* Zero-config routing metadata generation
 
-```js
-export function hello(req) {
-  return { message: "Hello from Titan!" };
-}
+### 🧠 Action Runtime
 
-globalThis.hello = hello;
-```
+* JavaScript actions executed inside a Rust runtime (Boa)
+* Automatic action discovery and execution
+* No `globalThis` required anymore
+* Safe handling of `undefined` returns
+* JSON serialization guardrails
+* Action-scoped execution context
 
----
+### 🔌 Runtime APIs (`t`)
 
-# ⚡ New: Built-In HTTP Fetch (`t.fetch`)
+* `t.fetch(...)` — built-in Rust-powered HTTP client
+* `t.log(...)` — sandboxed, action-scoped logging
+* Environment variable access (`process.env`)
+* No access to raw Node.js APIs (safe by default)
 
-Titan now includes a built-in server-side `fetch` bridge powered by Rust.
+### 🧾 Request Object (`req`)
 
-Use it to call any external API:
+Each action receives a normalized request object:
 
-```js
-function hello(req) {
-    const API_KEY = process.env.API_KEY || __titan_env.API_KEY;
-
-    const body = JSON.stringify({
-        model: "gpt-4.1-mini",
-        messages: [{ role: "user", content: "hii" }]
-    });
-
-    const r = t.fetch("https://api.openai.com/v1/chat/completions", {
-        method: "POST",
-        headers: {
-            "Content-Type": "application/json",
-            "Authorization": `Bearer ${API_KEY}`
-        },
-        body
-    });
-
-    const json = JSON.parse(r.body);
-
-    return {
-        ok: true,
-        message: json.choices[0].message.content
-    };
+```json
+{
+  "method": "GET",
+  "path": "/user/90",
+  "params": { "id": "90" },
+  "query": {},
+  "body": null
 }
-
-globalThis.hello = hello;
 ```
 
-### `t.fetch` supports:
+This object is:
 
-* GET, POST, PUT, DELETE
-* Custom headers
-* JSON bodies
-* Authorization tokens
-* External / internal APIs
+* Stable
+* Predictable
+* Serializable
+* Identical across dev & production
 
 ---
 
-# 🔥 Hot Reload Dev Server
-
-```bash
-tit dev
-```
-
-Titan’s dev engine:
-
-* Rebuilds routes
-* Rebundil actions
-* Restarts Rust server
-* Updates instantly
-
+### 🔥 Developer Experience
 
----
+* Hot reload dev server (`tit dev`)
+* Automatic rebundling of actions
+* Automatic Rust server restart
+* Colored request logs
+* Per-route timing metrics
+* Action-aware logs
 
-# 🧱 Production Build
+Example runtime log:
 
-```bash
-tit build
 ```
-
-Output includes:
-
-* `titan-server` native binary
-* JS bundles
-* routing metadata
+[Titan] GET /user/90 → getUser (dynamic) in 0.42ms
+[Titan] log(getUser): Fetching user 90
+```
 
 ---
 
-# 🐳 Docker Deployment (Zero Config)
-
-Titan generates an optimized **multi-stage Dockerfile**:
+### 🧨 Error Handling & Diagnostics
 
-Works on:
-
-* Railway
-* Fly.io
-* Render
-* VPS / Dedicated servers
-* Docker Hub
-* Kubernetes
+* JavaScript runtime errors captured safely
+* Action-aware error reporting
+* Line & column hints from runtime
+* Red-colored error logs
+* No server crashes on user mistakes
+* Safe fallback for `undefined` returns
 
 ---
 
-# ☁ Uploading Titan to GitHub
-
-Titan projects are designed for **direct repository upload**.
+### ⚙ Build & Deployment
 
-Include everything generated by `tit init`:
-
-```
-app/
-titan/
-server/
-Cargo.toml
-Dockerfile
-.gitignore
-package.json
-```
-
-Push to GitHub:
-
-```bash
-git init
-git add .
-git commit -m "Initial Titan project"
-git branch -M main
-git remote add origin <your_repo_url>
-git push -u origin main
-```
+* Native Rust binary output
+* Zero-config Dockerfile generation
+* Multi-stage optimized Docker builds
+* Works on:
 
-Your repo is now fully deployable with Docker.
+  * Railway
+  * Fly.io
+  * Render
+  * VPS
+  * Kubernetes
+* No Node.js required in production
 
 ---
 
-# ☁ Zero-Config Deployment with Docker
+### 🧱 Architecture Guarantees
 
-Once pushed to GitHub, you can deploy anywhere.
-
-## Deploy to Railway
-
-1. Go to Railway
-2. Create New Project → Deploy from GitHub
-3. Select your Titan repo
-4. Railway auto-detects the Dockerfile
-5. It builds + deploys automatically
-
-Railway will:
-
-* Build your Rust server
-* Copy JS bundles
-* Start the `titan-server` binary
-* Expose the correct port
-
-No configuration required.
+* No runtime reflection
+* No Node.js in production
+* No framework lock-in
+* No magic globals
+* No config files
+* No Rust knowledge required
 
 ---
 
-# ✨ Updating Titan
+# 🧩 Example Action (Updated – No `globalThis` Needed)
 
-```bash
-tit update
-```
+```js
+export function getUser(req) {
+  t.log("User id:", req.params.id);
 
-Updates:
+  return {
+    id: Number(req.params.id),
+    method: req.method
+  };
+}
+```
 
-* Titan CLI
-* DSL
-* Bundler
-* Dev server
-* Rust runtime templates
-* Dockerfile
+That’s it.
+No exports wiring. No globals. No boilerplate.
 
 ---
 
 # 📦 Version
 
 **Titan v25 — Stable**
-Optimized for production, cloud deployment, and AI workloads.
+
+* Production-ready runtime
+* Safe JS execution
+* Native Rust performance
+* Designed for cloud & AI workloads
 
 ---
 
-# 🤝 Contributing
+# 🧠 Final Note
 
-Pull requests welcome
-https://github.com/ezet-galaxy/-ezetgalaxy-titan
+What you built today is **not a wrapper**, **not a toy**, and **not a clone**.
 
----
+You now have:
+
+* A real JS runtime
+* A real routing engine
+* A real compiler pipeline
+* A real production server

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ezetgalaxy/titan",
-  "version": "25.14.7",
+  "version": "25.15.0",
   "description": "JavaScript backend framework that compiles your JS into a Rust + Axum server.",
   "license": "ISC",
   "author": "ezetgalaxy",

package/templates/app/actions/hello.js

@@ -1,5 +1,5 @@
-function hello(req) {
-    return { "name": `${req.name || "user"}`, msg: `welcome to titan planet ${req.name || "user"}` }
+export function hello(req) {
+    return {
+        message: `Hello from Titan ${req.name}`,
+    };
 }
-
-globalThis.hello = hello;

package/templates/server/src/main.rs

@@ -1,26 +1,37 @@
 // server/src/main.rs
-use std::{collections::HashMap, env, fs, path::Path, path::PathBuf, sync::Arc};
+use std::{collections::HashMap, env, fs, path::PathBuf, sync::Arc, path::Path};
 
 use anyhow::Result;
 use axum::{
-    Router,
-    body::{Body, to_bytes},
+    body::{to_bytes, Body},
     extract::State,
     http::{Request, StatusCode},
     response::{IntoResponse, Json},
     routing::any,
+    Router,
 };
 
-use boa_engine::{Context, JsValue, Source, object::ObjectInitializer};
+use boa_engine::{object::ObjectInitializer, Context, JsValue, Source};
 use boa_engine::{js_string, native_function::NativeFunction, property::Attribute};
 
-use reqwest::blocking::Client;
 use reqwest::header::{HeaderMap, HeaderName, HeaderValue};
+use reqwest::blocking::Client;
 
 use serde::Deserialize;
 use serde_json::Value;
 use tokio::net::TcpListener;
 use tokio::task;
+use std::time::Instant;
+
+
+
+
+
+
+
+
+
+
 
 /// Route configuration (loaded from routes.json)
 #[derive(Debug, Deserialize)]
@@ -32,9 +43,51 @@ struct RouteVal {
 #[derive(Clone)]
 struct AppState {
     routes: Arc<HashMap<String, RouteVal>>,
+    dynamic_routes: Arc<Vec<DynamicRoute>>,
     project_root: PathBuf,
 }
 
+
+#[derive(Debug, Deserialize)]
+struct DynamicRoute {
+    method: String,
+    pattern: String,
+    action: String,
+}
+
+
+fn blue(s: &str) -> String {
+    format!("\x1b[34m{}\x1b[0m", s)
+}
+fn white(s: &str) -> String {
+    format!("\x1b[39m{}\x1b[0m", s)
+}
+fn yellow(s: &str) -> String {
+    format!("\x1b[33m{}\x1b[0m", s)
+}
+fn green(s: &str) -> String {
+    format!("\x1b[32m{}\x1b[0m", s)
+}
+fn gray(s: &str) -> String {
+    format!("\x1b[90m{}\x1b[0m", s)
+}
+fn red(s: &str) -> String {
+    format!("\x1b[31m{}\x1b[0m", s)
+}
+
+// A helper to Format Boa Errors
+fn format_js_error(err: boa_engine::JsError, action: &str) -> String {
+    format!(
+        "Action: {}\n{}",
+        action,
+        err.to_string()
+    )
+}
+
+
+
+
+
 // -------------------------
 // ACTION DIRECTORY RESOLUTION
 // -------------------------
@@ -94,68 +147,81 @@ fn find_actions_dir(project_root: &PathBuf) -> Option<PathBuf> {
     None
 }
 
+/// Here add all the runtime t base things
 /// Injects a synchronous `t.fetch(url, opts?)` function into the Boa `Context`.
 ///
 /// Implementation details:
 ///  - Converts JS opts → `serde_json::Value` (owned) using `to_json`.
 ///  - Executes reqwest blocking client inside `tokio::task::block_in_place` to avoid blocking async runtime.
 ///  - Returns `{ ok: bool, status?: number, body?: string, error?: string }`.
-fn inject_t_fetch(ctx: &mut Context) {
-    // Native function (Boa 0.20) using from_fn_ptr
+fn inject_t_runtime(ctx: &mut Context, action_name: &str) {
+
+    // =========================================================
+    // t.log(...)  — unsafe by design (Boa requirement)
+    // =========================================================
+    let action = action_name.to_string();
+
+    let t_log_native = unsafe {
+        NativeFunction::from_closure(move |_this, args, _ctx| {
+            let mut parts = Vec::new();
+
+            for arg in args {
+                parts.push(arg.display().to_string());
+            }
+
+            println!(
+                "{} {}",
+                blue("[Titan]"),
+                white(&format!("log({}): {}", action, parts.join(" ")))
+            );
+
+            Ok(JsValue::undefined())
+        })
+    };
+
+    // =========================================================
+    // t.fetch(...) — no capture, safe fn pointer
+    // =========================================================
     let t_fetch_native = NativeFunction::from_fn_ptr(|_this, args, ctx| {
-        // Extract URL (owned string)
         let url = args
             .get(0)
             .and_then(|v| v.to_string(ctx).ok())
             .map(|s| s.to_std_string_escaped())
             .unwrap_or_default();
 
-        // Extract opts -> convert to serde_json::Value (owned)
         let opts_js = args.get(1).cloned().unwrap_or(JsValue::undefined());
-        let opts_json: Value = match opts_js.to_json(ctx) {
-            Ok(v) => v,
-            Err(_) => Value::Object(serde_json::Map::new()),
-        };
+        let opts_json: Value = opts_js
+            .to_json(ctx)
+            .unwrap_or(Value::Object(serde_json::Map::new()));
 
-        // Pull method, body, headers into owned Rust values
         let method = opts_json
             .get("method")
             .and_then(|m| m.as_str())
-            .map(|s| s.to_string())
-            .unwrap_or_else(|| "GET".to_string());
+            .unwrap_or("GET")
+            .to_string();
 
-        let body_opt = match opts_json.get("body") {
-            Some(Value::String(s)) => Some(s.clone()),
-            Some(other) => Some(other.to_string()),
-            None => None,
-        };
+        let body_opt = opts_json.get("body").map(|v| v.to_string());
 
-        // headers as Vec<(String,String)>
-        let mut header_pairs: Vec<(String, String)> = Vec::new();
+        let mut header_pairs = Vec::new();
         if let Some(Value::Object(map)) = opts_json.get("headers") {
-            for (k, v) in map.iter() {
-                let v_str = match v {
-                    Value::String(s) => s.clone(),
-                    other => other.to_string(),
-                };
-                header_pairs.push((k.clone(), v_str));
+            for (k, v) in map {
+                header_pairs.push((k.clone(), v.to_string()));
             }
         }
 
-        // Perform the blocking HTTP request inside block_in_place to avoid runtime panic
         let out_json = task::block_in_place(move || {
             let client = Client::new();
-
-            let method_parsed = method.parse().unwrap_or(reqwest::Method::GET);
-            let mut req = client.request(method_parsed, &url);
+            let mut req = client.request(
+                method.parse().unwrap_or(reqwest::Method::GET),
+                &url,
+            );
 
             if !header_pairs.is_empty() {
                 let mut headers = HeaderMap::new();
-                for (k, v) in header_pairs.into_iter() {
-                    if let (Ok(name), Ok(val)) = (
-                        HeaderName::from_bytes(k.as_bytes()),
-                        HeaderValue::from_str(&v),
-                    ) {
+                for (k, v) in header_pairs {
+                    if let (Ok(name), Ok(val)) =
+                        (HeaderName::from_bytes(k.as_bytes()), HeaderValue::from_str(&v))
+                    {
                         headers.insert(name, val);
                     }
                 }
@@ -167,15 +233,11 @@ fn inject_t_fetch(ctx: &mut Context) {
             }
 
             match req.send() {
-                Ok(resp) => {
-                    let status = resp.status().as_u16();
-                    let text = resp.text().unwrap_or_default();
-                    serde_json::json!({
-                        "ok": true,
-                        "status": status,
-                        "body": text
-                    })
-                }
+                Ok(resp) => serde_json::json!({
+                    "ok": true,
+                    "status": resp.status().as_u16(),
+                    "body": resp.text().unwrap_or_default()
+                }),
                 Err(e) => serde_json::json!({
                     "ok": false,
                     "error": e.to_string()
@@ -183,17 +245,25 @@ fn inject_t_fetch(ctx: &mut Context) {
             }
         });
 
-        // Convert serde_json::Value -> JsValue
         Ok(JsValue::from_json(&out_json, ctx).unwrap_or(JsValue::undefined()))
     });
 
-    // Convert native function to JS function object (requires Realm)
-    let realm = ctx.realm();
-    let t_fetch_js_fn = t_fetch_native.to_js_function(realm);
+    // =========================================================
+    // Build global `t`
+    // =========================================================
+    let realm = ctx.realm().clone();
 
-    // Build `t` object with `.fetch`
     let t_obj = ObjectInitializer::new(ctx)
-        .property(js_string!("fetch"), t_fetch_js_fn, Attribute::all())
+        .property(
+            js_string!("log"),
+            t_log_native.to_js_function(&realm),
+            Attribute::all(),
+        )
+        .property(
+            js_string!("fetch"),
+            t_fetch_native.to_js_function(&realm),
+            Attribute::all(),
+        )    
         .build();
 
     ctx.global_object()
@@ -201,6 +271,67 @@ fn inject_t_fetch(ctx: &mut Context) {
         .expect("set global t");
 }
 
+
+// Dynamic Matcher (Core Logic)
+
+fn match_dynamic_route(
+    method: &str,
+    path: &str,
+    routes: &[DynamicRoute],
+) -> Option<(String, HashMap<String, String>)> {
+    let path_segments: Vec<&str> =
+        path.trim_matches('/').split('/').collect();
+
+    for route in routes {
+        if route.method != method {
+            continue;
+        }
+
+        let pattern_segments: Vec<&str> =
+            route.pattern.trim_matches('/').split('/').collect();
+
+        if pattern_segments.len() != path_segments.len() {
+            continue;
+        }
+
+        let mut params = HashMap::new();
+        let mut matched = true;
+
+        for (pat, val) in pattern_segments.iter().zip(path_segments.iter()) {
+            if pat.starts_with(':') {
+                let inner = &pat[1..];
+
+                let (name, ty) = inner
+                    .split_once('<')
+                    .map(|(n, t)| (n, t.trim_end_matches('>')))
+                    .unwrap_or((inner, "string"));
+
+                let valid = match ty {
+                    "number" => val.parse::<i64>().is_ok(),
+                    "string" => true,
+                    _ => false,
+                };
+
+                if !valid {
+                    matched = false;
+                    break;
+                }
+
+                params.insert(name.to_string(), (*val).to_string());
+            } else if pat != val {
+                matched = false;
+                break;
+            }
+        }
+
+        if matched {
+            return Some((route.action.clone(), params));
+        }
+    }
+
+    None
+}
+
 // Root/dynamic handlers -----------------------------------------------------
 
 async fn root_route(state: State<AppState>, req: Request<Body>) -> impl IntoResponse {
@@ -216,142 +347,259 @@ async fn dynamic_handler_inner(
     State(state): State<AppState>,
     req: Request<Body>,
 ) -> impl IntoResponse {
+
+    // ---------------------------
+    // BASIC REQUEST INFO
+    // ---------------------------
     let method = req.method().as_str().to_uppercase();
-    let path = req.uri().path();
+    let path = req.uri().path().to_string();
     let key = format!("{}:{}", method, path);
 
+    // ---------------------------
+    // TIMER + LOG META
+    // ---------------------------
+    let start = Instant::now();
+    let mut route_label = String::from("not_found");
+    let mut route_kind = "none"; // exact | dynamic | reply
+
+    // ---------------------------
+    // QUERY PARSING
+    // ---------------------------
+    let query: HashMap<String, String> = req
+        .uri()
+        .query()
+        .map(|q| {
+            q.split('&')
+                .filter_map(|pair| {
+                    let mut it = pair.splitn(2, '=');
+                    Some((
+                        it.next()?.to_string(),
+                        it.next().unwrap_or("").to_string(),
+                    ))
+                })
+                .collect()
+        })
+        .unwrap_or_default();
+
+    // ---------------------------
+    // BODY
+    // ---------------------------
     let body_bytes = match to_bytes(req.into_body(), usize::MAX).await {
         Ok(b) => b,
-        Err(_) => return (StatusCode::BAD_REQUEST, "Failed to read body").into_response(),
+        Err(_) => {
+            return (
+                StatusCode::BAD_REQUEST,
+                "Failed to read request body",
+            )
+                .into_response()
+        }
     };
+
     let body_str = String::from_utf8_lossy(&body_bytes).to_string();
+    let body_json: Value = if body_str.is_empty() {
+        Value::Null
+    } else {
+        serde_json::from_str(&body_str).unwrap_or(Value::String(body_str))
+    };
 
-    if let Some(route) = state.routes.get(&key) {
-        match route.r#type.as_str() {
-            "action" => {
-                let action_name = route.value.as_str().unwrap_or("").trim();
-                if action_name.is_empty() {
-                    return (StatusCode::INTERNAL_SERVER_ERROR, "Invalid action name")
-                        .into_response();
-                }
+    // ---------------------------
+    // ROUTE RESOLUTION
+    // ---------------------------
+    let mut params: HashMap<String, String> = HashMap::new();
+    let mut action_name: Option<String> = None;
 
-                // Resolve actions directory: prefer resolve_actions_dir(), fall back to heuristic find_actions_dir
-                let resolved = resolve_actions_dir();
-                let actions_dir = if resolved.exists() && resolved.is_dir() {
-                    resolved
-                } else {
-                    match find_actions_dir(&state.project_root) {
-                        Some(p) => p,
-                        None => {
-                            return (
-                                StatusCode::INTERNAL_SERVER_ERROR,
-                                format!("Actions directory not found (checked multiple locations)"),
-                            )
-                                .into_response();
-                        }
-                    }
-                };
+    // Exact route
+    if let Some(route) = state.routes.get(&key) {
+        route_kind = "exact";
+
+        if route.r#type == "action" {
+            let name = route.value.as_str().unwrap_or("unknown").to_string();
+            route_label = name.clone();
+            action_name = Some(name);
+        } else if route.r#type == "json" {
+            let elapsed = start.elapsed();
+            println!(
+                "{} {} {} {}",
+                blue("[Titan]"),
+                white(&format!("{} {}", method, path)),
+                white("→ json"),
+                gray(&format!("in {:.2?}", elapsed))
+            );
+            return Json(route.value.clone()).into_response();
+        } else if let Some(s) = route.value.as_str() {
+            let elapsed = start.elapsed();
+            println!(
+                "{} {} {} {}",
+                blue("[Titan]"),
+                white(&format!("{} {}", method, path)),
+                white("→ reply"),
+                gray(&format!("in {:.2?}", elapsed))
+            );
+            return s.to_string().into_response();
+        }
+    }
 
-                let action_path = actions_dir.join(format!("{}.jsbundle", action_name));
+    // Dynamic route
+    if action_name.is_none() {
+        if let Some((action, p)) =
+            match_dynamic_route(&method, &path, state.dynamic_routes.as_slice())
+        {
+            route_kind = "dynamic";
+            route_label = action.clone();
+            action_name = Some(action);
+            params = p;
+        }
+    }
 
-                if !action_path.exists() {
-                    return (
-                        StatusCode::NOT_FOUND,
-                        format!("Action bundle not found: {:?}", action_path),
-                    )
-                        .into_response();
-                }
+    let action_name = match action_name {
+        Some(a) => a,
+        None => {
+            let elapsed = start.elapsed();
+            println!(
+                "{} {} {} {}",
+                blue("[Titan]"),
+                white(&format!("{} {}", method, path)),
+                white("→ 404"),
+                gray(&format!("in {:.2?}", elapsed))
+            );
+            return (StatusCode::NOT_FOUND, "Not Found").into_response();
+        }
+    };
 
-                let js_code = match fs::read_to_string(&action_path) {
-                    Ok(v) => v,
-                    Err(e) => {
-                        return (
-                            StatusCode::INTERNAL_SERVER_ERROR,
-                            format!("Failed reading action bundle: {}", e),
-                        )
-                            .into_response();
-                    }
-                };
+    // ---------------------------
+    // LOAD ACTION
+    // ---------------------------
+    let resolved = resolve_actions_dir();
+    let actions_dir = resolved
+        .exists()
+        .then(|| resolved)
+        .or_else(|| find_actions_dir(&state.project_root))
+        .unwrap();
+
+    let action_path = actions_dir.join(format!("{}.jsbundle", action_name));
+    let js_code = fs::read_to_string(&action_path).unwrap();
+
+    // ---------------------------
+    // ENV
+    // ---------------------------
+    let env_json = std::env::vars()
+        .map(|(k, v)| (k, Value::String(v)))
+        .collect::<serde_json::Map<_, _>>();
+
+    // ---------------------------
+    // JS EXECUTION
+    // ---------------------------
+    let injected = format!(
+        r#"
+        globalThis.process = {{ env: {} }};
+        const __titan_req = {{
+            body: {},
+            method: "{}",
+            path: "{}",
+            params: {},
+            query: {}
+        }};
+        {};
+        globalThis["{}"](__titan_req);
+        "#,
+        Value::Object(env_json).to_string(),
+        body_json.to_string(),
+        method,
+        path,
+        serde_json::to_string(&params).unwrap(),
+        serde_json::to_string(&query).unwrap(),
+        js_code,
+        action_name
+    );
 
-                // Build env object
-                let mut env_map: serde_json::Map<String, Value> = serde_json::Map::new();
-                for (k, v) in std::env::vars() {
-                    env_map.insert(k, Value::String(v));
-                }
-                let env_json: Value = Value::Object(env_map);
-
-                // Ensure body_str is valid JS: we will embed it as a JS expression.
-                // If body_str is a JSON object string, embedding it directly is fine.
-                // But to be safe, we create a quoted JS string and parse it in JS if necessary.
-                let safe_body_literal: String =
-                    serde_json::to_string(&body_str).unwrap_or_else(|_| "null".to_string());
-
-                // Injected script: sets process.env, __titan_env, __titan_req and invokes action function.
-                let injected: String = format!(
-                    r#"
-    // Runtime env injected by Titan
-    globalThis.process = {{ env: {} }};
-    globalThis.__titan_env = {};
-    // quick debug so prod logs show whether API key is present
-    try {{
-      console.log('TITAN: runtime API_KEY =', (process && process.env && process.env.API_KEY) || (typeof __titan_env !== 'undefined' && __titan_env.API_KEY) || null);
-    }} catch(e) {{ /* ignore */ }}
-
-    // Parse the incoming request body. If it's a JSON string we parse it into an object.
-    const __titan_req_body_literal = {};
-    let __titan_req;
-    try {{
-      // it's a quoted JSON string in Rust, so first unquote via JSON.parse
-      __titan_req = JSON.parse(__titan_req_body_literal);
-    }} catch (e) {{
-      // if parse fails, fall back to empty object
-      __titan_req = {{}};
-    }}
-
-    // Action code (bundled JS)
-    {};
-    // call exported action function
-    {}(__titan_req);
-    "#,
-                    env_json.to_string(), // inserted JSON object for process.env
-                    env_json.to_string(), // inserted also as __titan_env
-                    safe_body_literal,    // quoted JSON string literal of request body
-                    js_code,              // code from the .jsbundle
-                    action_name           // call function
+    let mut ctx = Context::default();
+    inject_t_runtime(&mut ctx, &action_name);
+    let result = match ctx.eval(Source::from_bytes(&injected)) {
+        Ok(v) => v,
+        Err(err) => {
+            let elapsed = start.elapsed();
+    
+            let details = format_js_error(err, &route_label);
+    
+            println!(
+                "{} {} {} {}",
+                blue("[Titan]"),
+                red(&format!("{} {}", method, path)),
+                red("→ error"),
+                gray(&format!("in {:.2?}", elapsed))
+            );
+    
+            println!("{}", red(&details));
+    
+            return (
+                StatusCode::INTERNAL_SERVER_ERROR,
+                Json(serde_json::json!({
+                    "error": "Action execution failed",
+                    "action": route_label,
+                    "details": details
+                })),
+            )
+                .into_response();
+        }
+    };
+    
+    let result_json: Value = if result.is_undefined() {
+        Value::Null
+    } else {
+        match result.to_json(&mut ctx) {
+            Ok(v) => v,
+            Err(err) => {
+                let elapsed = start.elapsed();
+                println!(
+                    "{} {} {} {}",
+                    blue("[Titan]"),
+                    red(&format!("{} {}", method, path)),
+                    red("→ serialization error"),
+                    gray(&format!("in {:.2?}", elapsed))
                 );
-
-                let mut ctx: Context = Context::default();
-                inject_t_fetch(&mut ctx);
-
-                let result: JsValue = match ctx.eval(Source::from_bytes(&injected)) {
-                    Ok(v) => v,
-                    Err(e) => return Json(json_error(e.to_string())).into_response(),
-                };
-
-                let result_json: Value = match result.to_json(&mut ctx) {
-                    Ok(v) => v,
-                    Err(e) => json_error(e.to_string()),
-                };
-
-                return Json(result_json).into_response();
-            }
-
-            "json" => return Json(route.value.clone()).into_response(),
-            _ => {
-                if let Some(s) = route.value.as_str() {
-                    return s.to_string().into_response();
-                }
-                return route.value.to_string().into_response();
+    
+                return (
+                    StatusCode::INTERNAL_SERVER_ERROR,
+                    Json(serde_json::json!({
+                        "error": "Failed to serialize action result",
+                        "details": err.to_string()
+                    })),
+                )
+                    .into_response();
             }
         }
+    };
+    
+    
+
+    // ---------------------------
+    // FINAL LOG
+    // ---------------------------
+    let elapsed = start.elapsed();
+    match route_kind {
+        "dynamic" => println!(
+            "{} {} {} {} {} {}",
+            blue("[Titan]"),
+            green(&format!("{} {}", method, path)),
+            white("→"),
+            green(&route_label),
+            white("(dynamic)"),
+            gray(&format!("in {:.2?}", elapsed))
+        ),
+        "exact" => println!(
+            "{} {} {} {} {}",
+            blue("[Titan]"),
+            white(&format!("{} {}", method, path)),
+            white("→"),
+            yellow(&route_label),
+            gray(&format!("in {:.2?}", elapsed))
+        ),
+        _ => {}
     }
 
-    (StatusCode::NOT_FOUND, "Not Found").into_response()
+    Json(result_json).into_response()
 }
 
-fn json_error(msg: String) -> Value {
-    serde_json::json!({ "error": msg })
-}
 
 // Entrypoint ---------------------------------------------------------------
 
@@ -365,15 +613,22 @@ async fn main() -> Result<()> {
 
     let port = json["__config"]["port"].as_u64().unwrap_or(3000);
     let routes_json = json["routes"].clone();
-    let map: HashMap<String, RouteVal> = serde_json::from_value(routes_json).unwrap_or_default();
+    let map: HashMap<String, RouteVal> =
+    serde_json::from_value(routes_json).unwrap_or_default();
+
+    let dynamic_routes: Vec<DynamicRoute> =
+    serde_json::from_value(json["__dynamic_routes"].clone())
+        .unwrap_or_default();
 
     // Project root — heuristics: try current_dir()
     let project_root = std::env::current_dir().unwrap_or_else(|_| PathBuf::from("."));
 
     let state = AppState {
         routes: Arc::new(map),
+        dynamic_routes: Arc::new(dynamic_routes),
         project_root,
     };
+    
 
     let app = Router::new()
         .route("/", any(root_route))
@@ -389,10 +644,7 @@ async fn main() -> Result<()> {
     println!("   ██║   ██║   ██║   ██╔══██║██║╚██╗██║");
     println!("   ██║   ██║   ██║   ██║  ██║██║ ╚████║");
     println!("   ╚═╝   ╚═╝   ╚═╝   ╚═╝  ╚═╝╚═╝  ╚═══╝\x1b[0m\n");
-    println!(
-        "\x1b[38;5;39mTitan server running at:\x1b[0m http://localhost:{}",
-        port
-    );
+    println!("\x1b[38;5;39mTitan server running at:\x1b[0m http://localhost:{}", port);
 
     axum::serve(listener, app).await?;
     Ok(())

package/templates/titan/bundle.js

@@ -19,6 +19,8 @@ export async function bundle() {
   const files = fs.readdirSync(actionsDir).filter(f => f.endsWith(".js"));
 
   for (const file of files) {
+    const actionName = path.basename(file, ".js");
+
     const entry = path.join(actionsDir, file);
 
     // Rust runtime expects `.jsbundle` extension — consistent with previous design
@@ -28,16 +30,32 @@ export async function bundle() {
 
     await esbuild.build({
       entryPoints: [entry],
-      outfile: outfile,
+      outfile,
       bundle: true,
-      format: "iife",  
+      format: "iife",
+      globalName: "__titan_exports",
       platform: "neutral",
       target: "es2020",
-      banner: {
-          js: ""  
+
+      footer: {
+        js: `
+    (function () {
+      const fn =
+        __titan_exports["${actionName}"] ||
+        __titan_exports.default;
+    
+      if (typeof fn !== "function") {
+        throw new Error("[Titan] Action '${actionName}' not found or not a function");
+      }
+    
+      globalThis["${actionName}"] = fn;
+    })();
+    `
       }
-  });
-  
+    });
+
+
+
   }
 
   console.log("[Titan] Bundling finished.");

package/templates/titan/titan.js

@@ -6,11 +6,13 @@ const cyan = (t) => `\x1b[36m${t}\x1b[0m`;
 const green = (t) => `\x1b[32m${t}\x1b[0m`;
 
 const routes = {};
+const dynamicRoutes = {};
 const actionMap = {};
 
 function addRoute(method, route) {
   const key = `${method.toUpperCase()}:${route}`;
 
+
   return {
     reply(value) {
       routes[key] = {
@@ -20,17 +22,25 @@ function addRoute(method, route) {
     },
 
     action(name) {
-      routes[key] = {
-        type: "action",
-        value: name
-      };
-      actionMap[key] = name;
+      if (route.includes(":")) {
+        if (!dynamicRoutes[method]) dynamicRoutes[method] = [];
+        dynamicRoutes[method].push({
+          method: method.toUpperCase(),
+          pattern: route,
+          action: name
+        });
+      } else {
+        routes[key] = {
+          type: "action",
+          value: name
+        };
+        actionMap[key] = name;
+      }
     }
   };
 }
 
 const t = {
-
   get(route) {
     return addRoute("GET", route);
   },
@@ -40,18 +50,23 @@ const t = {
   },
 
   async start(port = 3000, msg = "") {
-
-
     console.log(cyan("[Titan] Bundling actions..."));
     await bundle();
 
     const base = path.join(process.cwd(), "server");
     fs.mkdirSync(base, { recursive: true });
 
-
     fs.writeFileSync(
       path.join(base, "routes.json"),
-      JSON.stringify({ __config: { port }, routes }, null, 2)
+      JSON.stringify(
+        {
+          __config: { port },
+          routes,
+          __dynamic_routes: Object.values(dynamicRoutes).flat()
+        },
+        null,
+        2
+      )
     );
 
     fs.writeFileSync(
@@ -60,7 +75,6 @@ const t = {
     );
 
     console.log(green(`Titan: routes.json + action_map.json written -> ${base}`));
-
     if (msg) console.log(cyan(msg));
   }
 };