@fuzdev/fuz_app 0.63.0 → 0.65.0

package/dist/testing/attack_surface.d.ts

@@ -67,17 +67,18 @@ export interface StandardAttackSurfaceOptions {
 /**
  * Run the standard attack surface test suite.
  *
- * Generates 10 test groups:
+ * Test groups:
  * 1. Snapshot — live surface matches committed JSON
  * 2. Determinism — building twice yields identical results
  * 3. Public routes — bidirectional check (no unexpected, no missing)
  * 4. Middleware stack — every API route has the full middleware chain
- * 5. Surface invariants — structural assertions (error schemas, descriptions, duplicates, consistency)
- * 6. Security policy — rate limiting on sensitive routes, no unexpected public mutations, method conventions
- * 7. Error schema tightness — informational log of generic vs specific error schemas, plus assertion against `default_error_schema_tightness` by default (opt out with `error_schema_tightness: null`)
- * 8. Adversarial auth — unauthenticated/wrong-role/correct-auth enforcement
- * 9. Adversarial input — input body and params validation
- * 10. Adversarial 404 — stub 404 handlers, validate response bodies against declared schemas
+ * 5. Surface invariants — structural assertions over `surface.routes` (error schemas, descriptions, duplicates, consistency)
+ * 6. RPC/WS surface invariants — structural assertions over `surface.rpc_endpoints` + `surface.ws_endpoints` (descriptions, protocol-action spread, kind ⇔ auth)
+ * 7. Security policy — rate limiting on sensitive routes, no unexpected public mutations, method conventions
+ * 8. Error schema tightness — informational log of generic vs specific error schemas, plus assertion against `default_error_schema_tightness` by default (opt out with `error_schema_tightness: null`)
+ * 9. Adversarial auth — unauthenticated/wrong-role/correct-auth enforcement
+ * 10. Adversarial input — input body and params validation
+ * 11. Adversarial 404 — stub 404 handlers, validate response bodies against declared schemas
  *
  * Consumer test files call this with project-specific options, then add
  * any project-specific assertions in additional `describe` blocks.

package/dist/testing/attack_surface.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"attack_surface.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/attack_surface.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAoB7B,OAAO,EAON,KAAK,4BAA4B,EACjC,KAAK,2BAA2B,EAChC,MAAM,yBAAyB,CAAC;AAoBjC,OAAO,EAA4B,KAAK,cAAc,EAAC,MAAM,oBAAoB,CAAC;AAsClF,oFAAoF;AACpF,MAAM,WAAW,sBAAsB;IACtC,+EAA+E;IAC/E,KAAK,EAAE,MAAM,cAAc,CAAC;IAC5B,yDAAyD;IACzD,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;CACrB;AAED;;;;;;;;GAQG;AACH,eAAO,MAAM,yBAAyB,GAAI,SAAS,sBAAsB,KAAG,IA4H3E,CAAC;AAIF;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,uCAAuC,GACnD,UAAU,2BAA2B,GAAG,IAAI,GAAG,SAAS,KACtD,2BAA2B,GAAG,IAWhC,CAAC;AAEF,0DAA0D;AAC1D,MAAM,WAAW,4BAA4B;IAC5C,+EAA+E;IAC/E,KAAK,EAAE,MAAM,cAAc,CAAC;IAC5B,yDAAyD;IACzD,aAAa,EAAE,MAAM,CAAC;IACtB,iFAAiF;IACjF,sBAAsB,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACtC,gHAAgH;IAChH,uBAAuB,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACvC,yDAAyD;IACzD,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACrB,qEAAqE;IACrE,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,iEAAiE;IACjE,eAAe,CAAC,EAAE,4BAA4B,CAAC;IAC/C;;;;;;;;;;;OAWG;IACH,sBAAsB,CAAC,EAAE,2BAA2B,GAAG,IAAI,CAAC;CAC5D;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,eAAO,MAAM,sCAAsC,GAClD,SAAS,4BAA4B,KACnC,IAuEF,CAAC"}
+{"version":3,"file":"attack_surface.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/attack_surface.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAoB7B,OAAO,EAQN,KAAK,4BAA4B,EACjC,KAAK,2BAA2B,EAChC,MAAM,yBAAyB,CAAC;AAoBjC,OAAO,EAA4B,KAAK,cAAc,EAAC,MAAM,oBAAoB,CAAC;AAsClF,oFAAoF;AACpF,MAAM,WAAW,sBAAsB;IACtC,+EAA+E;IAC/E,KAAK,EAAE,MAAM,cAAc,CAAC;IAC5B,yDAAyD;IACzD,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;CACrB;AAED;;;;;;;;GAQG;AACH,eAAO,MAAM,yBAAyB,GAAI,SAAS,sBAAsB,KAAG,IA4H3E,CAAC;AAIF;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,uCAAuC,GACnD,UAAU,2BAA2B,GAAG,IAAI,GAAG,SAAS,KACtD,2BAA2B,GAAG,IAWhC,CAAC;AAEF,0DAA0D;AAC1D,MAAM,WAAW,4BAA4B;IAC5C,+EAA+E;IAC/E,KAAK,EAAE,MAAM,cAAc,CAAC;IAC5B,yDAAyD;IACzD,aAAa,EAAE,MAAM,CAAC;IACtB,iFAAiF;IACjF,sBAAsB,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACtC,gHAAgH;IAChH,uBAAuB,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACvC,yDAAyD;IACzD,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACrB,qEAAqE;IACrE,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,iEAAiE;IACjE,eAAe,CAAC,EAAE,4BAA4B,CAAC;IAC/C;;;;;;;;;;;OAWG;IACH,sBAAsB,CAAC,EAAE,2BAA2B,GAAG,IAAI,CAAC;CAC5D;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,eAAO,MAAM,sCAAsC,GAClD,SAAS,4BAA4B,KACnC,IA2EF,CAAC"}

package/dist/testing/attack_surface.js

@@ -15,7 +15,7 @@ import './assert_dev_env.js';
  * @module
  */
 import { test, assert, describe } from 'vitest';
-import { assert_surface_invariants, assert_surface_security_policy, audit_error_schema_tightness, assert_error_schema_tightness, default_error_schema_tightness, fuz_app_stock_route_tightness_allowlist, } from './surface_invariants.js';
+import { assert_surface_invariants, assert_rpc_ws_surface_invariants, assert_surface_security_policy, audit_error_schema_tightness, assert_error_schema_tightness, default_error_schema_tightness, fuz_app_stock_route_tightness_allowlist, } from './surface_invariants.js';
 import { describe_adversarial_input } from './adversarial_input.js';
 import { describe_adversarial_404 } from './adversarial_404.js';
 import { create_test_app_from_specs, create_test_request_context, create_auth_test_apps, select_auth_app, resolve_test_path, } from './auth_apps.js';
@@ -193,17 +193,18 @@ export const resolve_standard_error_schema_tightness = (consumer) => {
 /**
  * Run the standard attack surface test suite.
  *
- * Generates 10 test groups:
+ * Test groups:
  * 1. Snapshot — live surface matches committed JSON
  * 2. Determinism — building twice yields identical results
  * 3. Public routes — bidirectional check (no unexpected, no missing)
  * 4. Middleware stack — every API route has the full middleware chain
- * 5. Surface invariants — structural assertions (error schemas, descriptions, duplicates, consistency)
- * 6. Security policy — rate limiting on sensitive routes, no unexpected public mutations, method conventions
- * 7. Error schema tightness — informational log of generic vs specific error schemas, plus assertion against `default_error_schema_tightness` by default (opt out with `error_schema_tightness: null`)
- * 8. Adversarial auth — unauthenticated/wrong-role/correct-auth enforcement
- * 9. Adversarial input — input body and params validation
- * 10. Adversarial 404 — stub 404 handlers, validate response bodies against declared schemas
+ * 5. Surface invariants — structural assertions over `surface.routes` (error schemas, descriptions, duplicates, consistency)
+ * 6. RPC/WS surface invariants — structural assertions over `surface.rpc_endpoints` + `surface.ws_endpoints` (descriptions, protocol-action spread, kind ⇔ auth)
+ * 7. Security policy — rate limiting on sensitive routes, no unexpected public mutations, method conventions
+ * 8. Error schema tightness — informational log of generic vs specific error schemas, plus assertion against `default_error_schema_tightness` by default (opt out with `error_schema_tightness: null`)
+ * 9. Adversarial auth — unauthenticated/wrong-role/correct-auth enforcement
+ * 10. Adversarial input — input body and params validation
+ * 11. Adversarial 404 — stub 404 handlers, validate response bodies against declared schemas
  *
  * Consumer test files call this with project-specific options, then add
  * any project-specific assertions in additional `describe` blocks.
@@ -231,6 +232,9 @@ export const describe_standard_attack_surface_tests = (options) => {
         test('surface invariants', () => {
             assert_surface_invariants(surface);
         });
+        test('rpc/ws surface invariants', () => {
+            assert_rpc_ws_surface_invariants(surface);
+        });
         test('security policy', () => {
             assert_surface_security_policy(surface, security_policy);
         });

package/dist/testing/audit_completeness.d.ts

@@ -1,42 +1,43 @@
 import './assert_dev_env.js';
 import type { SessionOptions } from '../auth/session_cookie.js';
-import type { AppServerContext } from '../server/app_server.js';
-import type { RouteSpec } from '../http/route_spec.js';
-import { type SuiteAppOptions } from './app_server.js';
-import { type DbFactory } from './db.js';
 import { type RpcEndpointsSuiteOption } from './rpc_helpers.js';
+import type { BackendCapabilities } from './cross_backend/capabilities.js';
+import type { SetupTest } from './cross_backend/setup.js';
+import type { SurfaceSource } from './transports/surface_source.js';
 /**
  * Configuration for `describe_audit_completeness_tests`.
  */
 export interface AuditCompletenessTestOptions {
-    /** Session config for cookie-based auth. */
+    /**
+     * Per-test fixture-producing function. The audit suite calls this
+     * in every `test()` body — `auth_integration_truncate_tables` clears
+     * the audit log between tests, so each test re-bootstraps the
+     * keeper and the observer admin against a fresh table.
+     */
+    setup_test: SetupTest;
+    /**
+     * Source of the app surface. Currently requires `kind: 'inline'` —
+     * the cross-process snapshot variant lands alongside the spawned-backend
+     * transport plumbing.
+     */
+    surface_source: SurfaceSource;
+    /** Backend capability declarations. */
+    capabilities: BackendCapabilities;
+    /** Session config — needed for factory-form rpc_endpoints resolution. */
     session_options: SessionOptions<string>;
-    /** Route spec factory — same one used in production. */
-    create_route_specs: (ctx: AppServerContext) => Array<RouteSpec>;
     /**
-     * RPC endpoint specs — the source `RpcAction` arrays. Required; the
-     * admin role_grant flow is RPC-only and the suite hard-fails without it.
-     *
-     * Accepts either an array (eager) or a factory
-     * `(ctx: AppServerContext) => Array<RpcEndpointSpec>` — the factory form
-     * is required when action handlers must close over the per-test
-     * `ctx.app_settings` / `ctx.deps` (e.g. exercising `app_settings_update`).
-     * The factory must return the same endpoint `path` regardless of ctx —
-     * it is invoked once at setup with a stub ctx for path lookup and again
-     * per-test by `create_app_server` for live dispatch.
+     * RPC endpoint specs — required. The admin role_grant flow is RPC-only
+     * and the suite hard-fails without it.
      */
     rpc_endpoints: RpcEndpointsSuiteOption;
-    /** Optional overrides for `AppServerOptions`. */
-    app_options?: SuiteAppOptions;
-    /** Database factories to run tests against. Default: pglite only. */
-    db_factories?: Array<DbFactory>;
 }
 /**
  * Composable audit log completeness test suite.
  *
  * Verifies that every auth mutation route produces the correct audit log
  * event type. Exercises routes via HTTP requests against a real PGlite
- * database, then queries the `audit_log` table to verify events.
+ * database, then reads events back through the `audit_log_list` RPC
+ * (the production observation path the admin UI consumes).
  *
  * @throws Error at setup time when `options.rpc_endpoints` is empty — the
  *   mutation-audit tests drive role_grant flow, session/token revoke-all, and

package/dist/testing/audit_completeness.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"audit_completeness.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/audit_completeness.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAkB7B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,uBAAuB,CAAC;AAIrD,OAAO,EAGN,KAAK,eAAe,EAEpB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAIN,KAAK,SAAS,EACd,MAAM,SAAS,CAAC;AAKjB,OAAO,EAIN,KAAK,uBAAuB,EAC5B,MAAM,kBAAkB,CAAC;AAqB1B;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC5C,4CAA4C;IAC5C,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,wDAAwD;IACxD,kBAAkB,EAAE,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAChE;;;;;;;;;;;OAWG;IACH,aAAa,EAAE,uBAAuB,CAAC;IACvC,iDAAiD;IACjD,WAAW,CAAC,EAAE,eAAe,CAAC;IAC9B,qEAAqE;IACrE,YAAY,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;CAChC;AA2ED;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,iCAAiC,GAAI,SAAS,4BAA4B,KAAG,IAihBzF,CAAC"}
+{"version":3,"file":"audit_completeness.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/audit_completeness.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AA4B7B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAS9D,OAAO,EAKN,KAAK,uBAAuB,EAC5B,MAAM,kBAAkB,CAAC;AAwB1B,OAAO,KAAK,EAAC,mBAAmB,EAAC,MAAM,iCAAiC,CAAC;AACzE,OAAO,KAAK,EAAC,SAAS,EAAc,MAAM,0BAA0B,CAAC;AACrE,OAAO,KAAK,EAAC,aAAa,EAAC,MAAM,gCAAgC,CAAC;AAElE;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC5C;;;;;OAKG;IACH,UAAU,EAAE,SAAS,CAAC;IACtB;;;;OAIG;IACH,cAAc,EAAE,aAAa,CAAC;IAC9B,uCAAuC;IACvC,YAAY,EAAE,mBAAmB,CAAC;IAClC,yEAAyE;IACzE,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC;;;OAGG;IACH,aAAa,EAAE,uBAAuB,CAAC;CACvC;AA8FD;;;;;;;;;;;;GAYG;AACH,eAAO,MAAM,iCAAiC,GAAI,SAAS,4BAA4B,KAAG,IA6hBzF,CAAC"}