@firebreak/vitals 1.3.0 → 2.0.0

package/dist/handler-BvjN4Ot9.d.ts

@@ -0,0 +1,20 @@
+import { b as HealthcheckRegistry, H as HealthcheckResponseJson } from './core-Bee03bJm.js';
+
+type ResolveDepthFn = (req: Record<string, unknown>) => 'deep' | 'shallow' | Promise<'deep' | 'shallow'>;
+interface HealthcheckHandlerOptions {
+    registry: HealthcheckRegistry;
+    resolveDepth?: ResolveDepthFn;
+    metadata?: Record<string, string | number | boolean>;
+}
+interface ShallowResponseJson {
+    status: 'ok';
+    timestamp: string;
+    [key: string]: string | number | boolean;
+}
+interface HealthcheckHandlerResult {
+    status: number;
+    body: HealthcheckResponseJson | ShallowResponseJson;
+}
+declare function createHealthcheckHandler(options: HealthcheckHandlerOptions): (req: Record<string, unknown>) => Promise<HealthcheckHandlerResult>;
+
+export { type HealthcheckHandlerOptions as H, type ResolveDepthFn as R, type ShallowResponseJson as S, type HealthcheckHandlerResult as a, createHealthcheckHandler as c };

package/dist/handler-TZOgZvY7.d.cts

@@ -0,0 +1,20 @@
+import { b as HealthcheckRegistry, H as HealthcheckResponseJson } from './core-Bee03bJm.cjs';
+
+type ResolveDepthFn = (req: Record<string, unknown>) => 'deep' | 'shallow' | Promise<'deep' | 'shallow'>;
+interface HealthcheckHandlerOptions {
+    registry: HealthcheckRegistry;
+    resolveDepth?: ResolveDepthFn;
+    metadata?: Record<string, string | number | boolean>;
+}
+interface ShallowResponseJson {
+    status: 'ok';
+    timestamp: string;
+    [key: string]: string | number | boolean;
+}
+interface HealthcheckHandlerResult {
+    status: number;
+    body: HealthcheckResponseJson | ShallowResponseJson;
+}
+declare function createHealthcheckHandler(options: HealthcheckHandlerOptions): (req: Record<string, unknown>) => Promise<HealthcheckHandlerResult>;
+
+export { type HealthcheckHandlerOptions as H, type ResolveDepthFn as R, type ShallowResponseJson as S, type HealthcheckHandlerResult as a, createHealthcheckHandler as c };

package/dist/index.cjs

@@ -220,56 +220,36 @@ function extractToken(options) {
 // src/handler.ts
 var RESERVED_METADATA_KEYS = ["status", "timestamp", "checks", "cachedAt"];
 function createHealthcheckHandler(options) {
-  const { registry, token: rawToken, deep = false, queryParamName = "token", metadata = {} } = options;
-  const isEmptyToken = typeof rawToken === "string" && rawToken.trim() === "";
-  if (deep && isEmptyToken) {
-    throw new Error(
-      "Cannot use `deep: true` with an empty string token. This would expose deep healthcheck data without authentication. Either set a non-empty token or explicitly set `token: null`."
-    );
-  }
-  const token = rawToken == null || isEmptyToken ? null : rawToken;
+  const { registry, resolveDepth, metadata = {} } = options;
   for (const key of Object.keys(metadata)) {
     if (RESERVED_METADATA_KEYS.includes(key)) {
       throw new Error(`Metadata key '${key}' is reserved. Use a different key name.`);
     }
   }
   return async (req) => {
-    if (token === null) {
-      if (deep) {
-        const response2 = await registry.run();
-        return {
-          status: httpStatusCode(response2.status),
-          body: { ...metadata, ...toJson(response2) }
-        };
+    let depth = "shallow";
+    if (resolveDepth) {
+      try {
+        const result = await resolveDepth(req);
+        if (result === "deep" || result === "shallow") {
+          depth = result;
+        }
+      } catch {
       }
-      const body = {
-        status: "ok",
-        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-        ...metadata
-      };
-      return { status: 200, body };
     }
-    const provided = extractToken({
-      queryParams: req.queryParams,
-      authorizationHeader: req.authorizationHeader,
-      queryParamName
-    });
-    if (provided === null) {
-      const body = {
-        status: "ok",
-        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-        ...metadata
+    if (depth === "deep") {
+      const response = await registry.run();
+      return {
+        status: httpStatusCode(response.status),
+        body: { ...metadata, ...toJson(response) }
       };
-      return { status: 200, body };
-    }
-    if (!verifyToken(provided, token)) {
-      return { status: 403, body: { error: "Forbidden" } };
     }
-    const response = await registry.run();
-    return {
-      status: httpStatusCode(response.status),
-      body: { ...metadata, ...toJson(response) }
+    const body = {
+      status: "ok",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      ...metadata
     };
+    return { status: 200, body };
   };
 }
 

package/dist/index.d.cts

@@ -1,7 +1,7 @@
 import { H as HealthcheckResponseJson } from './core-Bee03bJm.cjs';
 export { A as AsyncCheckFn, C as CheckInput, a as CheckResult, b as HealthcheckRegistry, c as HealthcheckResponse, S as Status, d as StatusLabel, e as StatusValue, f as SyncCheckFn, h as httpStatusCode, s as statusFromString, g as statusToLabel, i as syncCheck, t as toJson } from './core-Bee03bJm.cjs';
-import { S as ShallowResponseJson } from './handler-COH7lot9.cjs';
-export { H as HealthcheckHandlerOptions, a as HealthcheckHandlerResult, b as HealthcheckRequest, c as createHealthcheckHandler } from './handler-COH7lot9.cjs';
+import { S as ShallowResponseJson } from './handler-TZOgZvY7.cjs';
+export { H as HealthcheckHandlerOptions, a as HealthcheckHandlerResult, R as ResolveDepthFn, c as createHealthcheckHandler } from './handler-TZOgZvY7.cjs';
 
 declare function verifyToken(provided: string, expected: string): boolean;
 declare function extractToken(options: {

package/dist/index.d.ts

@@ -1,7 +1,7 @@
 import { H as HealthcheckResponseJson } from './core-Bee03bJm.js';
 export { A as AsyncCheckFn, C as CheckInput, a as CheckResult, b as HealthcheckRegistry, c as HealthcheckResponse, S as Status, d as StatusLabel, e as StatusValue, f as SyncCheckFn, h as httpStatusCode, s as statusFromString, g as statusToLabel, i as syncCheck, t as toJson } from './core-Bee03bJm.js';
-import { S as ShallowResponseJson } from './handler-CVYUad84.js';
-export { H as HealthcheckHandlerOptions, a as HealthcheckHandlerResult, b as HealthcheckRequest, c as createHealthcheckHandler } from './handler-CVYUad84.js';
+import { S as ShallowResponseJson } from './handler-BvjN4Ot9.js';
+export { H as HealthcheckHandlerOptions, a as HealthcheckHandlerResult, R as ResolveDepthFn, c as createHealthcheckHandler } from './handler-BvjN4Ot9.js';
 
 declare function verifyToken(provided: string, expected: string): boolean;
 declare function extractToken(options: {

package/dist/index.mjs

@@ -184,56 +184,36 @@ function extractToken(options) {
 // src/handler.ts
 var RESERVED_METADATA_KEYS = ["status", "timestamp", "checks", "cachedAt"];
 function createHealthcheckHandler(options) {
-  const { registry, token: rawToken, deep = false, queryParamName = "token", metadata = {} } = options;
-  const isEmptyToken = typeof rawToken === "string" && rawToken.trim() === "";
-  if (deep && isEmptyToken) {
-    throw new Error(
-      "Cannot use `deep: true` with an empty string token. This would expose deep healthcheck data without authentication. Either set a non-empty token or explicitly set `token: null`."
-    );
-  }
-  const token = rawToken == null || isEmptyToken ? null : rawToken;
+  const { registry, resolveDepth, metadata = {} } = options;
   for (const key of Object.keys(metadata)) {
     if (RESERVED_METADATA_KEYS.includes(key)) {
       throw new Error(`Metadata key '${key}' is reserved. Use a different key name.`);
     }
   }
   return async (req) => {
-    if (token === null) {
-      if (deep) {
-        const response2 = await registry.run();
-        return {
-          status: httpStatusCode(response2.status),
-          body: { ...metadata, ...toJson(response2) }
-        };
+    let depth = "shallow";
+    if (resolveDepth) {
+      try {
+        const result = await resolveDepth(req);
+        if (result === "deep" || result === "shallow") {
+          depth = result;
+        }
+      } catch {
       }
-      const body = {
-        status: "ok",
-        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-        ...metadata
-      };
-      return { status: 200, body };
     }
-    const provided = extractToken({
-      queryParams: req.queryParams,
-      authorizationHeader: req.authorizationHeader,
-      queryParamName
-    });
-    if (provided === null) {
-      const body = {
-        status: "ok",
-        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-        ...metadata
+    if (depth === "deep") {
+      const response = await registry.run();
+      return {
+        status: httpStatusCode(response.status),
+        body: { ...metadata, ...toJson(response) }
       };
-      return { status: 200, body };
-    }
-    if (!verifyToken(provided, token)) {
-      return { status: 403, body: { error: "Forbidden" } };
     }
-    const response = await registry.run();
-    return {
-      status: httpStatusCode(response.status),
-      body: { ...metadata, ...toJson(response) }
+    const body = {
+      status: "ok",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      ...metadata
     };
+    return { status: 200, body };
   };
 }
 

package/dist/integrations/express.cjs

@@ -24,28 +24,6 @@ __export(express_exports, {
 });
 module.exports = __toCommonJS(express_exports);
 
-// src/auth.ts
-var import_node_crypto = require("crypto");
-function verifyToken(provided, expected) {
-  if (!provided || !expected) return false;
-  const providedHash = (0, import_node_crypto.createHash)("sha256").update(provided).digest();
-  const expectedHash = (0, import_node_crypto.createHash)("sha256").update(expected).digest();
-  return (0, import_node_crypto.timingSafeEqual)(providedHash, expectedHash);
-}
-function extractToken(options) {
-  const { queryParams, authorizationHeader, queryParamName = "token" } = options;
-  if (queryParams) {
-    const value = queryParams[queryParamName];
-    const str = Array.isArray(value) ? value[0] : value;
-    if (str) return str;
-  }
-  if (authorizationHeader?.startsWith("Bearer ")) {
-    const token = authorizationHeader.slice("Bearer ".length);
-    if (token) return token;
-  }
-  return null;
-}
-
 // src/types.ts
 var Status = {
   HEALTHY: 2,
@@ -83,56 +61,36 @@ function httpStatusCode(status) {
 // src/handler.ts
 var RESERVED_METADATA_KEYS = ["status", "timestamp", "checks", "cachedAt"];
 function createHealthcheckHandler(options) {
-  const { registry, token: rawToken, deep = false, queryParamName = "token", metadata = {} } = options;
-  const isEmptyToken = typeof rawToken === "string" && rawToken.trim() === "";
-  if (deep && isEmptyToken) {
-    throw new Error(
-      "Cannot use `deep: true` with an empty string token. This would expose deep healthcheck data without authentication. Either set a non-empty token or explicitly set `token: null`."
-    );
-  }
-  const token = rawToken == null || isEmptyToken ? null : rawToken;
+  const { registry, resolveDepth, metadata = {} } = options;
   for (const key of Object.keys(metadata)) {
     if (RESERVED_METADATA_KEYS.includes(key)) {
       throw new Error(`Metadata key '${key}' is reserved. Use a different key name.`);
     }
   }
   return async (req) => {
-    if (token === null) {
-      if (deep) {
-        const response2 = await registry.run();
-        return {
-          status: httpStatusCode(response2.status),
-          body: { ...metadata, ...toJson(response2) }
-        };
+    let depth = "shallow";
+    if (resolveDepth) {
+      try {
+        const result = await resolveDepth(req);
+        if (result === "deep" || result === "shallow") {
+          depth = result;
+        }
+      } catch {
       }
-      const body = {
-        status: "ok",
-        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-        ...metadata
-      };
-      return { status: 200, body };
     }
-    const provided = extractToken({
-      queryParams: req.queryParams,
-      authorizationHeader: req.authorizationHeader,
-      queryParamName
-    });
-    if (provided === null) {
-      const body = {
-        status: "ok",
-        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-        ...metadata
+    if (depth === "deep") {
+      const response = await registry.run();
+      return {
+        status: httpStatusCode(response.status),
+        body: { ...metadata, ...toJson(response) }
       };
-      return { status: 200, body };
-    }
-    if (!verifyToken(provided, token)) {
-      return { status: 403, body: { error: "Forbidden" } };
     }
-    const response = await registry.run();
-    return {
-      status: httpStatusCode(response.status),
-      body: { ...metadata, ...toJson(response) }
+    const body = {
+      status: "ok",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      ...metadata
     };
+    return { status: 200, body };
   };
 }
 
@@ -376,6 +334,8 @@ function createHealthcheckMiddleware(options) {
   return async (req, res) => {
     try {
       const result = await handle({
+        ip: req.ip,
+        headers: req.headers,
         queryParams: req.query,
         authorizationHeader: req.headers.authorization ?? null
       });

package/dist/integrations/express.d.cts

@@ -1,5 +1,5 @@
 import { RequestHandler } from 'express';
-import { H as HealthcheckHandlerOptions } from '../handler-COH7lot9.cjs';
+import { H as HealthcheckHandlerOptions } from '../handler-TZOgZvY7.cjs';
 import '../core-Bee03bJm.cjs';
 
 type HealthcheckMiddlewareOptions = HealthcheckHandlerOptions;

package/dist/integrations/express.d.ts

@@ -1,5 +1,5 @@
 import { RequestHandler } from 'express';
-import { H as HealthcheckHandlerOptions } from '../handler-CVYUad84.js';
+import { H as HealthcheckHandlerOptions } from '../handler-BvjN4Ot9.js';
 import '../core-Bee03bJm.js';
 
 type HealthcheckMiddlewareOptions = HealthcheckHandlerOptions;

package/dist/integrations/express.mjs

@@ -1,25 +1,3 @@
-// src/auth.ts
-import { createHash, timingSafeEqual } from "crypto";
-function verifyToken(provided, expected) {
-  if (!provided || !expected) return false;
-  const providedHash = createHash("sha256").update(provided).digest();
-  const expectedHash = createHash("sha256").update(expected).digest();
-  return timingSafeEqual(providedHash, expectedHash);
-}
-function extractToken(options) {
-  const { queryParams, authorizationHeader, queryParamName = "token" } = options;
-  if (queryParams) {
-    const value = queryParams[queryParamName];
-    const str = Array.isArray(value) ? value[0] : value;
-    if (str) return str;
-  }
-  if (authorizationHeader?.startsWith("Bearer ")) {
-    const token = authorizationHeader.slice("Bearer ".length);
-    if (token) return token;
-  }
-  return null;
-}
-
 // src/types.ts
 var Status = {
   HEALTHY: 2,
@@ -57,56 +35,36 @@ function httpStatusCode(status) {
 // src/handler.ts
 var RESERVED_METADATA_KEYS = ["status", "timestamp", "checks", "cachedAt"];
 function createHealthcheckHandler(options) {
-  const { registry, token: rawToken, deep = false, queryParamName = "token", metadata = {} } = options;
-  const isEmptyToken = typeof rawToken === "string" && rawToken.trim() === "";
-  if (deep && isEmptyToken) {
-    throw new Error(
-      "Cannot use `deep: true` with an empty string token. This would expose deep healthcheck data without authentication. Either set a non-empty token or explicitly set `token: null`."
-    );
-  }
-  const token = rawToken == null || isEmptyToken ? null : rawToken;
+  const { registry, resolveDepth, metadata = {} } = options;
   for (const key of Object.keys(metadata)) {
     if (RESERVED_METADATA_KEYS.includes(key)) {
       throw new Error(`Metadata key '${key}' is reserved. Use a different key name.`);
     }
   }
   return async (req) => {
-    if (token === null) {
-      if (deep) {
-        const response2 = await registry.run();
-        return {
-          status: httpStatusCode(response2.status),
-          body: { ...metadata, ...toJson(response2) }
-        };
+    let depth = "shallow";
+    if (resolveDepth) {
+      try {
+        const result = await resolveDepth(req);
+        if (result === "deep" || result === "shallow") {
+          depth = result;
+        }
+      } catch {
       }
-      const body = {
-        status: "ok",
-        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-        ...metadata
-      };
-      return { status: 200, body };
     }
-    const provided = extractToken({
-      queryParams: req.queryParams,
-      authorizationHeader: req.authorizationHeader,
-      queryParamName
-    });
-    if (provided === null) {
-      const body = {
-        status: "ok",
-        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-        ...metadata
+    if (depth === "deep") {
+      const response = await registry.run();
+      return {
+        status: httpStatusCode(response.status),
+        body: { ...metadata, ...toJson(response) }
       };
-      return { status: 200, body };
-    }
-    if (!verifyToken(provided, token)) {
-      return { status: 403, body: { error: "Forbidden" } };
     }
-    const response = await registry.run();
-    return {
-      status: httpStatusCode(response.status),
-      body: { ...metadata, ...toJson(response) }
+    const body = {
+      status: "ok",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      ...metadata
     };
+    return { status: 200, body };
   };
 }
 
@@ -350,6 +308,8 @@ function createHealthcheckMiddleware(options) {
   return async (req, res) => {
     try {
       const result = await handle({
+        ip: req.ip,
+        headers: req.headers,
         queryParams: req.query,
         authorizationHeader: req.headers.authorization ?? null
       });

package/dist/integrations/next.cjs

@@ -24,28 +24,6 @@ __export(next_exports, {
 });
 module.exports = __toCommonJS(next_exports);
 
-// src/auth.ts
-var import_node_crypto = require("crypto");
-function verifyToken(provided, expected) {
-  if (!provided || !expected) return false;
-  const providedHash = (0, import_node_crypto.createHash)("sha256").update(provided).digest();
-  const expectedHash = (0, import_node_crypto.createHash)("sha256").update(expected).digest();
-  return (0, import_node_crypto.timingSafeEqual)(providedHash, expectedHash);
-}
-function extractToken(options) {
-  const { queryParams, authorizationHeader, queryParamName = "token" } = options;
-  if (queryParams) {
-    const value = queryParams[queryParamName];
-    const str = Array.isArray(value) ? value[0] : value;
-    if (str) return str;
-  }
-  if (authorizationHeader?.startsWith("Bearer ")) {
-    const token = authorizationHeader.slice("Bearer ".length);
-    if (token) return token;
-  }
-  return null;
-}
-
 // src/types.ts
 var Status = {
   HEALTHY: 2,
@@ -83,56 +61,36 @@ function httpStatusCode(status) {
 // src/handler.ts
 var RESERVED_METADATA_KEYS = ["status", "timestamp", "checks", "cachedAt"];
 function createHealthcheckHandler(options) {
-  const { registry, token: rawToken, deep = false, queryParamName = "token", metadata = {} } = options;
-  const isEmptyToken = typeof rawToken === "string" && rawToken.trim() === "";
-  if (deep && isEmptyToken) {
-    throw new Error(
-      "Cannot use `deep: true` with an empty string token. This would expose deep healthcheck data without authentication. Either set a non-empty token or explicitly set `token: null`."
-    );
-  }
-  const token = rawToken == null || isEmptyToken ? null : rawToken;
+  const { registry, resolveDepth, metadata = {} } = options;
   for (const key of Object.keys(metadata)) {
     if (RESERVED_METADATA_KEYS.includes(key)) {
       throw new Error(`Metadata key '${key}' is reserved. Use a different key name.`);
     }
   }
   return async (req) => {
-    if (token === null) {
-      if (deep) {
-        const response2 = await registry.run();
-        return {
-          status: httpStatusCode(response2.status),
-          body: { ...metadata, ...toJson(response2) }
-        };
+    let depth = "shallow";
+    if (resolveDepth) {
+      try {
+        const result = await resolveDepth(req);
+        if (result === "deep" || result === "shallow") {
+          depth = result;
+        }
+      } catch {
       }
-      const body = {
-        status: "ok",
-        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-        ...metadata
-      };
-      return { status: 200, body };
     }
-    const provided = extractToken({
-      queryParams: req.queryParams,
-      authorizationHeader: req.authorizationHeader,
-      queryParamName
-    });
-    if (provided === null) {
-      const body = {
-        status: "ok",
-        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-        ...metadata
+    if (depth === "deep") {
+      const response = await registry.run();
+      return {
+        status: httpStatusCode(response.status),
+        body: { ...metadata, ...toJson(response) }
       };
-      return { status: 200, body };
-    }
-    if (!verifyToken(provided, token)) {
-      return { status: 403, body: { error: "Forbidden" } };
     }
-    const response = await registry.run();
-    return {
-      status: httpStatusCode(response.status),
-      body: { ...metadata, ...toJson(response) }
+    const body = {
+      status: "ok",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      ...metadata
     };
+    return { status: 200, body };
   };
 }
 
@@ -404,6 +362,8 @@ function createNextHandler(options) {
       const url = new URL(request.url);
       const queryParams = Object.fromEntries(url.searchParams);
       const result = await handle({
+        ip: request.headers.get("x-forwarded-for"),
+        headers: Object.fromEntries(request.headers),
         queryParams,
         authorizationHeader: request.headers.get("authorization")
       });

package/dist/integrations/next.d.cts

@@ -1,4 +1,4 @@
-import { H as HealthcheckHandlerOptions } from '../handler-COH7lot9.cjs';
+import { H as HealthcheckHandlerOptions } from '../handler-TZOgZvY7.cjs';
 import '../core-Bee03bJm.cjs';
 
 type NextHealthcheckOptions = HealthcheckHandlerOptions;
@@ -15,7 +15,7 @@ type NextHealthcheckOptions = HealthcheckHandlerOptions;
  *
  * export const GET = createNextHandler({
  *   registry,
- *   token: process.env.VITALS_TOKEN,
+ *   resolveDepth: (req) => req.ip === '10.0.0.1' ? 'deep' : 'shallow',
  * });
  * ```
  */

package/dist/integrations/next.d.ts

@@ -1,4 +1,4 @@
-import { H as HealthcheckHandlerOptions } from '../handler-CVYUad84.js';
+import { H as HealthcheckHandlerOptions } from '../handler-BvjN4Ot9.js';
 import '../core-Bee03bJm.js';
 
 type NextHealthcheckOptions = HealthcheckHandlerOptions;
@@ -15,7 +15,7 @@ type NextHealthcheckOptions = HealthcheckHandlerOptions;
  *
  * export const GET = createNextHandler({
  *   registry,
- *   token: process.env.VITALS_TOKEN,
+ *   resolveDepth: (req) => req.ip === '10.0.0.1' ? 'deep' : 'shallow',
  * });
  * ```
  */

package/dist/integrations/next.mjs

@@ -1,25 +1,3 @@
-// src/auth.ts
-import { createHash, timingSafeEqual } from "crypto";
-function verifyToken(provided, expected) {
-  if (!provided || !expected) return false;
-  const providedHash = createHash("sha256").update(provided).digest();
-  const expectedHash = createHash("sha256").update(expected).digest();
-  return timingSafeEqual(providedHash, expectedHash);
-}
-function extractToken(options) {
-  const { queryParams, authorizationHeader, queryParamName = "token" } = options;
-  if (queryParams) {
-    const value = queryParams[queryParamName];
-    const str = Array.isArray(value) ? value[0] : value;
-    if (str) return str;
-  }
-  if (authorizationHeader?.startsWith("Bearer ")) {
-    const token = authorizationHeader.slice("Bearer ".length);
-    if (token) return token;
-  }
-  return null;
-}
-
 // src/types.ts
 var Status = {
   HEALTHY: 2,
@@ -57,56 +35,36 @@ function httpStatusCode(status) {
 // src/handler.ts
 var RESERVED_METADATA_KEYS = ["status", "timestamp", "checks", "cachedAt"];
 function createHealthcheckHandler(options) {
-  const { registry, token: rawToken, deep = false, queryParamName = "token", metadata = {} } = options;
-  const isEmptyToken = typeof rawToken === "string" && rawToken.trim() === "";
-  if (deep && isEmptyToken) {
-    throw new Error(
-      "Cannot use `deep: true` with an empty string token. This would expose deep healthcheck data without authentication. Either set a non-empty token or explicitly set `token: null`."
-    );
-  }
-  const token = rawToken == null || isEmptyToken ? null : rawToken;
+  const { registry, resolveDepth, metadata = {} } = options;
   for (const key of Object.keys(metadata)) {
     if (RESERVED_METADATA_KEYS.includes(key)) {
       throw new Error(`Metadata key '${key}' is reserved. Use a different key name.`);
     }
   }
   return async (req) => {
-    if (token === null) {
-      if (deep) {
-        const response2 = await registry.run();
-        return {
-          status: httpStatusCode(response2.status),
-          body: { ...metadata, ...toJson(response2) }
-        };
+    let depth = "shallow";
+    if (resolveDepth) {
+      try {
+        const result = await resolveDepth(req);
+        if (result === "deep" || result === "shallow") {
+          depth = result;
+        }
+      } catch {
       }
-      const body = {
-        status: "ok",
-        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-        ...metadata
-      };
-      return { status: 200, body };
     }
-    const provided = extractToken({
-      queryParams: req.queryParams,
-      authorizationHeader: req.authorizationHeader,
-      queryParamName
-    });
-    if (provided === null) {
-      const body = {
-        status: "ok",
-        timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-        ...metadata
+    if (depth === "deep") {
+      const response = await registry.run();
+      return {
+        status: httpStatusCode(response.status),
+        body: { ...metadata, ...toJson(response) }
       };
-      return { status: 200, body };
-    }
-    if (!verifyToken(provided, token)) {
-      return { status: 403, body: { error: "Forbidden" } };
     }
-    const response = await registry.run();
-    return {
-      status: httpStatusCode(response.status),
-      body: { ...metadata, ...toJson(response) }
+    const body = {
+      status: "ok",
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      ...metadata
     };
+    return { status: 200, body };
   };
 }
 
@@ -378,6 +336,8 @@ function createNextHandler(options) {
       const url = new URL(request.url);
       const queryParams = Object.fromEntries(url.searchParams);
       const result = await handle({
+        ip: request.headers.get("x-forwarded-for"),
+        headers: Object.fromEntries(request.headers),
         queryParams,
         authorizationHeader: request.headers.get("authorization")
       });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@firebreak/vitals",
-  "version": "1.3.0",
+  "version": "2.0.0",
   "description": "Deep healthcheck endpoints following the HEALTHCHECK_SPEC format",
   "type": "module",
   "exports": {

package/dist/handler-COH7lot9.d.cts

@@ -1,27 +0,0 @@
-import { b as HealthcheckRegistry, H as HealthcheckResponseJson } from './core-Bee03bJm.cjs';
-
-interface HealthcheckHandlerOptions {
-    registry: HealthcheckRegistry;
-    token?: string | null;
-    deep?: boolean;
-    queryParamName?: string;
-    metadata?: Record<string, string | number | boolean>;
-}
-interface HealthcheckRequest {
-    queryParams?: Record<string, string | string[] | undefined>;
-    authorizationHeader?: string | null;
-}
-interface ShallowResponseJson {
-    status: 'ok';
-    timestamp: string;
-    [key: string]: string | number | boolean;
-}
-interface HealthcheckHandlerResult {
-    status: number;
-    body: HealthcheckResponseJson | ShallowResponseJson | {
-        error: string;
-    };
-}
-declare function createHealthcheckHandler(options: HealthcheckHandlerOptions): (req: HealthcheckRequest) => Promise<HealthcheckHandlerResult>;
-
-export { type HealthcheckHandlerOptions as H, type ShallowResponseJson as S, type HealthcheckHandlerResult as a, type HealthcheckRequest as b, createHealthcheckHandler as c };

package/dist/handler-CVYUad84.d.ts

@@ -1,27 +0,0 @@
-import { b as HealthcheckRegistry, H as HealthcheckResponseJson } from './core-Bee03bJm.js';
-
-interface HealthcheckHandlerOptions {
-    registry: HealthcheckRegistry;
-    token?: string | null;
-    deep?: boolean;
-    queryParamName?: string;
-    metadata?: Record<string, string | number | boolean>;
-}
-interface HealthcheckRequest {
-    queryParams?: Record<string, string | string[] | undefined>;
-    authorizationHeader?: string | null;
-}
-interface ShallowResponseJson {
-    status: 'ok';
-    timestamp: string;
-    [key: string]: string | number | boolean;
-}
-interface HealthcheckHandlerResult {
-    status: number;
-    body: HealthcheckResponseJson | ShallowResponseJson | {
-        error: string;
-    };
-}
-declare function createHealthcheckHandler(options: HealthcheckHandlerOptions): (req: HealthcheckRequest) => Promise<HealthcheckHandlerResult>;
-
-export { type HealthcheckHandlerOptions as H, type ShallowResponseJson as S, type HealthcheckHandlerResult as a, type HealthcheckRequest as b, createHealthcheckHandler as c };