@fuzdev/fuz_app 0.65.0 → 0.67.0

package/dist/testing/sse_round_trip.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sse_round_trip.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/sse_round_trip.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAmB7B,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,uBAAuB,CAAC;AACrD,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAwB,KAAK,SAAS,EAAuB,MAAM,oBAAoB,CAAC;AAE/F,OAAO,KAAK,EAAC,aAAa,EAAC,MAAM,6BAA6B,CAAC;AAG/D,OAAO,EAEN,KAAK,eAAe,EACpB,KAAK,OAAO,EACZ,KAAK,WAAW,EAChB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAwB,KAAK,SAAS,EAAC,MAAM,SAAS,CAAC;AAE9D,OAAO,EAIN,KAAK,uBAAuB,EAC5B,MAAM,kBAAkB,CAAC;AAM1B,gDAAgD;AAChD,MAAM,WAAW,gBAAgB;IAChC,yEAAyE;IACzE,IAAI,EAAE,MAAM,CAAC;IACb;;;;OAIG;IACH,OAAO,EAAE,CAAC,GAAG,EAAE;QAAC,QAAQ,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,WAAW,CAAA;KAAC,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3E;;;OAGG;IACH,WAAW,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;IAC/B;;;;OAIG;IACH,uBAAuB,CAAC,EAAE,OAAO,CAAC;CAClC;AAED,8CAA8C;AAC9C,MAAM,WAAW,mBAAmB;IACnC,4CAA4C;IAC5C,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,qDAAqD;IACrD,kBAAkB,EAAE,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAChE,iDAAiD;IACjD,WAAW,CAAC,EAAE,eAAe,CAAC;IAC9B,qEAAqE;IACrE,YAAY,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;IAChC;;;;;OAKG;IACH,cAAc,CAAC,EAAE,CAAC,KAAK,EAAE,aAAa,KAAK,IAAI,CAAC;IAChD;;;;;;;;;;;;OAYG;IACH,aAAa,EAAE,uBAAuB,CAAC;IACvC,8BAA8B;IAC9B,MAAM,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAC;CAChC;AAyHD;;;;;;;;;;GAUG;AACH,eAAO,MAAM,wBAAwB,GAAI,SAAS,mBAAmB,KAAG,IAgIvE,CAAC"}
+{"version":3,"file":"sse_round_trip.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/sse_round_trip.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAmB7B,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,uBAAuB,CAAC;AACrD,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAwB,KAAK,SAAS,EAAuB,MAAM,oBAAoB,CAAC;AAE/F,OAAO,KAAK,EAAC,aAAa,EAAC,MAAM,6BAA6B,CAAC;AAG/D,OAAO,EAEN,KAAK,eAAe,EACpB,KAAK,OAAO,EACZ,KAAK,WAAW,EAChB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAwB,KAAK,SAAS,EAAC,MAAM,SAAS,CAAC;AAE9D,OAAO,EAIN,KAAK,uBAAuB,EAC5B,MAAM,kBAAkB,CAAC;AAO1B,gDAAgD;AAChD,MAAM,WAAW,gBAAgB;IAChC,yEAAyE;IACzE,IAAI,EAAE,MAAM,CAAC;IACb;;;;OAIG;IACH,OAAO,EAAE,CAAC,GAAG,EAAE;QAAC,QAAQ,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,WAAW,CAAA;KAAC,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3E;;;OAGG;IACH,WAAW,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;IAC/B;;;;OAIG;IACH,uBAAuB,CAAC,EAAE,OAAO,CAAC;CAClC;AAED,8CAA8C;AAC9C,MAAM,WAAW,mBAAmB;IACnC,4CAA4C;IAC5C,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,qDAAqD;IACrD,kBAAkB,EAAE,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAChE,iDAAiD;IACjD,WAAW,CAAC,EAAE,eAAe,CAAC;IAC9B,qEAAqE;IACrE,YAAY,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;IAChC;;;;;OAKG;IACH,cAAc,CAAC,EAAE,CAAC,KAAK,EAAE,aAAa,KAAK,IAAI,CAAC;IAChD;;;;;;;;;;;;OAYG;IACH,aAAa,EAAE,uBAAuB,CAAC;IACvC,8BAA8B;IAC9B,MAAM,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAC;CAChC;AA+CD;;;;;;;;;;GAUG;AACH,eAAO,MAAM,wBAAwB,GAAI,SAAS,mBAAmB,KAAG,IAgIvE,CAAC"}

package/dist/testing/sse_round_trip.js

@@ -24,74 +24,7 @@ import { rpc_call, require_rpc_endpoint_path, resolve_rpc_endpoints_for_setup, }
 import { run_migrations } from '../db/migrate.js';
 import { auth_migration_ns } from '../auth/migrations.js';
 import { account_session_revoke_all_action_spec } from '../auth/account_action_specs.js';
-/**
- * Read one complete SSE frame (up to `\n\n`) from a stream reader.
- *
- * Returns the frame without the trailing `\n\n`. Throws on premature close.
- * Preserves any bytes past the terminator in the shared buffer for the next call.
- */
-const create_sse_frame_reader = (reader) => {
-    const decoder = new TextDecoder();
-    let buffer = '';
-    let closed = false;
-    const pump_once = async (timeout_ms) => {
-        // Race the read against a timeout — vitest will otherwise hang on a misbehaving stream.
-        const timeout = new Promise((resolve) => {
-            setTimeout(() => resolve({ done: true, value: undefined, timed_out: true }), timeout_ms);
-        });
-        const result = (await Promise.race([reader.read(), timeout]));
-        if ('timed_out' in result) {
-            throw new Error(`SSE read timed out after ${timeout_ms}ms`);
-        }
-        if (result.done) {
-            closed = true;
-            return false;
-        }
-        buffer += decoder.decode(result.value, { stream: true });
-        return true;
-    };
-    return {
-        read_frame: async (timeout_ms = 2000) => {
-            // SSE frames end with a blank line — the canonical terminator is `\n\n`.
-            while (true) {
-                const idx = buffer.indexOf('\n\n');
-                if (idx >= 0) {
-                    const frame = buffer.slice(0, idx);
-                    buffer = buffer.slice(idx + 2);
-                    return frame;
-                }
-                const cont = await pump_once(timeout_ms);
-                if (!cont)
-                    throw new Error('SSE stream ended before a frame was received');
-            }
-        },
-        wait_for_close: async (timeout_ms) => {
-            // Drain until the server closes the stream (pump_once returns false) or timeout expires.
-            const deadline = Date.now() + timeout_ms;
-            for (;;) {
-                if (closed)
-                    return true;
-                const remaining = deadline - Date.now();
-                if (remaining <= 0)
-                    return false;
-                try {
-                    await pump_once(Math.min(remaining, timeout_ms));
-                }
-                catch {
-                    return false;
-                }
-            }
-        },
-        cancel: async () => {
-            try {
-                await reader.cancel();
-            }
-            catch {
-                // already closed
-            }
-        },
-    };
-};
+import { create_sse_frame_reader } from './transports/sse_frame_reader.js';
 /**
  * Validate a decoded SSE `data:` frame as a JSON-RPC-style `{method, params}` payload.
  */

package/dist/testing/standard.d.ts

@@ -23,7 +23,7 @@ import type { RouteSpec } from '../http/route_spec.js';
 import type { RpcEndpointsSuiteOption } from './rpc_helpers.js';
 import type { BackendCapabilities } from './cross_backend/capabilities.js';
 import type { SetupTest } from './cross_backend/setup.js';
-import type { SurfaceSource } from './transports/surface_source.js';
+import type { AppSurfaceSpec } from '../http/surface.js';
 import type { SuiteAppOptions } from './app_server.js';
 /**
  * Configuration for `describe_standard_tests`.
@@ -32,11 +32,10 @@ export interface StandardTestOptions {
     /** Per-test fixture-producing function. */
     setup_test: SetupTest;
     /**
-     * Source of the app surface. Currently requires `kind: 'inline'` —
-     * the cross-process snapshot variant lands alongside the spawned-backend
-     * transport plumbing.
+     * App surface. Constructed in TS by the consumer; same shape for
+     * in-process and cross-process tests.
      */
-    surface_source: SurfaceSource;
+    surface_source: AppSurfaceSpec;
     /** Backend capability declarations. */
     capabilities: BackendCapabilities;
     /** Session config — needed for cookie_name + factory-form rpc_endpoints resolution. */

package/dist/testing/standard.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"standard.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/standard.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAE7B;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,wBAAwB,CAAC;AAC7D,OAAO,KAAK,EAAC,gBAAgB,EAAE,sBAAsB,EAAC,MAAM,yBAAyB,CAAC;AACtF,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,uBAAuB,CAAC;AASrD,OAAO,KAAK,EAAC,uBAAuB,EAAC,MAAM,kBAAkB,CAAC;AAC9D,OAAO,KAAK,EAAC,mBAAmB,EAAC,MAAM,iCAAiC,CAAC;AACzE,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,0BAA0B,CAAC;AACxD,OAAO,KAAK,EAAC,aAAa,EAAC,MAAM,gCAAgC,CAAC;AAClE,OAAO,KAAK,EAAC,eAAe,EAAC,MAAM,iBAAiB,CAAC;AAErD;;GAEG;AACH,MAAM,WAAW,mBAAmB;IACnC,2CAA2C;IAC3C,UAAU,EAAE,SAAS,CAAC;IACtB;;;;OAIG;IACH,cAAc,EAAE,aAAa,CAAC;IAC9B,uCAAuC;IACvC,YAAY,EAAE,mBAAmB,CAAC;IAClC,uFAAuF;IACvF,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC;;;;;OAKG;IACH,kBAAkB,EAAE,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAChE;;;;;OAKG;IACH,aAAa,EAAE,uBAAuB,CAAC;IACvC;;;OAGG;IACH,KAAK,CAAC,EAAE,gBAAgB,CAAC;IACzB;;;;OAIG;IACH,SAAS,CAAC,EAAE,sBAAsB,CAAC;IACnC,sEAAsE;IACtE,yBAAyB,CAAC,EAAE,eAAe,CAAC;IAC5C;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,8DAA8D;IAC9D,eAAe,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;;;;GAKG;AACH,eAAO,MAAM,uBAAuB,GAAI,SAAS,mBAAmB,KAAG,IA2DtE,CAAC"}
+{"version":3,"file":"standard.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/standard.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAE7B;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,wBAAwB,CAAC;AAC7D,OAAO,KAAK,EAAC,gBAAgB,EAAE,sBAAsB,EAAC,MAAM,yBAAyB,CAAC;AACtF,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,uBAAuB,CAAC;AASrD,OAAO,KAAK,EAAC,uBAAuB,EAAC,MAAM,kBAAkB,CAAC;AAC9D,OAAO,KAAK,EAAC,mBAAmB,EAAC,MAAM,iCAAiC,CAAC;AACzE,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,0BAA0B,CAAC;AACxD,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,oBAAoB,CAAC;AACvD,OAAO,KAAK,EAAC,eAAe,EAAC,MAAM,iBAAiB,CAAC;AAErD;;GAEG;AACH,MAAM,WAAW,mBAAmB;IACnC,2CAA2C;IAC3C,UAAU,EAAE,SAAS,CAAC;IACtB;;;OAGG;IACH,cAAc,EAAE,cAAc,CAAC;IAC/B,uCAAuC;IACvC,YAAY,EAAE,mBAAmB,CAAC;IAClC,uFAAuF;IACvF,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC;;;;;OAKG;IACH,kBAAkB,EAAE,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAChE;;;;;OAKG;IACH,aAAa,EAAE,uBAAuB,CAAC;IACvC;;;OAGG;IACH,KAAK,CAAC,EAAE,gBAAgB,CAAC;IACzB;;;;OAIG;IACH,SAAS,CAAC,EAAE,sBAAsB,CAAC;IACnC,sEAAsE;IACtE,yBAAyB,CAAC,EAAE,eAAe,CAAC;IAC5C;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,8DAA8D;IAC9D,eAAe,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;;;;GAKG;AACH,eAAO,MAAM,uBAAuB,GAAI,SAAS,mBAAmB,KAAG,IA2DtE,CAAC"}

package/dist/testing/stubs.d.ts

@@ -127,7 +127,7 @@ export interface CreateTestAppSurfaceSpecOptions {
      * only, never mounts.
      */
     ws_endpoints?: ReadonlyArray<WsEndpointSpec> | ((ctx: AppServerContext) => ReadonlyArray<WsEndpointSpec>);
-    /** Transform middleware array (e.g., tx's `extend_middleware_for_tx_binary`). */
+    /** Transform middleware array (e.g., zap's `extend_middleware_for_zap_binary`). */
     transform_middleware?: (specs: Array<MiddlewareSpec>) => Array<MiddlewareSpec>;
     /**
      * Bootstrap config — symmetric with `AppServerOptions.bootstrap`. Discriminated
@@ -141,7 +141,14 @@ export interface CreateTestAppSurfaceSpecOptions {
     bootstrap?: BootstrapServerOptions;
 }
 /**
- * Create an `AppSurfaceSpec` for attack surface testing.
+ * Create an `AppSurfaceSpec` for the standard testing suites.
+ *
+ * Used by both in-process and cross-process tests as the schema source —
+ * the cross-process-ness lives in the transport + per-test fixture, not
+ * here. The on-disk `*_attack_surface.json` snapshot is observability
+ * (gen-time drift detection via `assert_surface_matches_snapshot`); the
+ * suites consume the spec object this function returns, not the JSON
+ * file.
  *
  * Mirrors `create_app_server`'s route assembly: consumer routes +
  * factory-managed bootstrap routes + surface generation. If
@@ -149,7 +156,7 @@ export interface CreateTestAppSurfaceSpecOptions {
  * to stay in sync (single source of truth for all consumers).
  *
  * @param options - surface spec options
- * @returns the surface spec for snapshot and adversarial testing
+ * @returns the surface spec for the standard suites
  */
 export declare const create_test_app_surface_spec: (options: CreateTestAppSurfaceSpecOptions) => AppSurfaceSpec;
 //# sourceMappingURL=stubs.d.ts.map

package/dist/testing/stubs.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"stubs.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/stubs.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAa7B,OAAO,KAAK,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAE3B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,4BAA4B,CAAC;AAE/D,OAAO,KAAK,EAAC,OAAO,EAAC,MAAM,iBAAiB,CAAC;AAC7C,OAAO,KAAK,EAAC,YAAY,EAAC,MAAM,0BAA0B,CAAC;AAE3D,OAAO,KAAK,EAAC,gBAAgB,EAAE,sBAAsB,EAAC,MAAM,yBAAyB,CAAC;AACtF,OAAO,EAAC,EAAE,EAAC,MAAM,aAAa,CAAC;AAC/B,OAAO,EAAqB,KAAK,SAAS,EAAC,MAAM,uBAAuB,CAAC;AAGzE,OAAO,EAEN,KAAK,cAAc,EACnB,KAAK,eAAe,EACpB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,gCAAgC,CAAC;AACnE,OAAO,KAAK,EAAC,SAAS,EAAkB,MAAM,oBAAoB,CAAC;AACnE,OAAO,EAA8B,KAAK,WAAW,EAAC,MAAM,+BAA+B,CAAC;AAI5F;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,oBAAoB,GAAI,CAAC,GAAG,GAAG,EAAE,OAAO,MAAM,KAAG,CAqBtD,CAAC;AAET;;;;;;;;;GASG;AACH,eAAO,MAAM,gBAAgB,GAAI,CAAC,GAAG,GAAG,EAAE,QAAQ,MAAM,EAAE,YAAY,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAG,CAOxF,CAAC;AAET,iEAAiE;AACjE,eAAO,MAAM,IAAI,EAAE,GAAkC,CAAC;AAEtD;;;;;;;GAOG;AACH,eAAO,MAAM,cAAc,QAAO,EAI/B,CAAC;AAEJ,gDAAgD;AAChD,eAAO,MAAM,YAAY,QAAO,QAAgC,CAAC;AAEjE,2CAA2C;AAC3C,eAAO,MAAM,OAAO,GAAU,IAAI,GAAG,EAAE,MAAM,GAAG,KAAG,OAAO,CAAC,IAAI,CAAW,CAAC;AAI3E;;;;;;;;;;GAUG;AACH,eAAO,MAAM,yBAAyB,QAAO,YAM3C,CAAC;AAEH;;;;;;;;;GASG;AACH,eAAO,MAAM,qBAAqB,QAAO,WAUxC,CAAC;AAEF,2EAA2E;AAC3E,eAAO,MAAM,aAAa,EAAE,OAS3B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,oBAAoB,QAAO,OAStC,CAAC;AAEH,2FAA2F;AAC3F,eAAO,MAAM,0BAA0B,GAAI,UAAU;IACpD,iDAAiD;IACjD,oBAAoB,CAAC,EAAE,OAAO,CAAC;CAC/B,KAAG,KAAK,CAAC,cAAc,CAqBvB,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,8BAA8B,GAC1C,iBAAiB,cAAc,CAAC,MAAM,CAAC,KACrC,gBAqBF,CAAC;AAEF,kDAAkD;AAClD,MAAM,WAAW,+BAA+B;IAC/C,6DAA6D;IAC7D,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,qFAAqF;IACrF,kBAAkB,EAAE,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAChE,oEAAoE;IACpE,UAAU,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC;IACzB,8CAA8C;IAC9C,WAAW,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;IAC/B;;;;;;;;OAQG;IACH,aAAa,CAAC,EAAE,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;IAC7F;;;;;;;;OAQG;IACH,YAAY,CAAC,EACV,aAAa,CAAC,cAAc,CAAC,GAC7B,CAAC,CAAC,GAAG,EAAE,gBAAgB,KAAK,aAAa,CAAC,cAAc,CAAC,CAAC,CAAC;IAC9D,iFAAiF;IACjF,oBAAoB,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC,cAAc,CAAC,KAAK,KAAK,CAAC,cAAc,CAAC,CAAC;IAC/E;;;;;;;;OAQG;IACH,SAAS,CAAC,EAAE,sBAAsB,CAAC;CACnC;AAED;;;;;;;;;;GAUG;AACH,eAAO,MAAM,4BAA4B,GACxC,SAAS,+BAA+B,KACtC,cAwDF,CAAC"}
+{"version":3,"file":"stubs.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/stubs.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAa7B,OAAO,KAAK,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAE3B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,4BAA4B,CAAC;AAE/D,OAAO,KAAK,EAAC,OAAO,EAAC,MAAM,iBAAiB,CAAC;AAC7C,OAAO,KAAK,EAAC,YAAY,EAAC,MAAM,0BAA0B,CAAC;AAE3D,OAAO,KAAK,EAAC,gBAAgB,EAAE,sBAAsB,EAAC,MAAM,yBAAyB,CAAC;AACtF,OAAO,EAAC,EAAE,EAAC,MAAM,aAAa,CAAC;AAC/B,OAAO,EAAqB,KAAK,SAAS,EAAC,MAAM,uBAAuB,CAAC;AAGzE,OAAO,EAEN,KAAK,cAAc,EACnB,KAAK,eAAe,EACpB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,gCAAgC,CAAC;AACnE,OAAO,KAAK,EAAC,SAAS,EAAkB,MAAM,oBAAoB,CAAC;AACnE,OAAO,EAA8B,KAAK,WAAW,EAAC,MAAM,+BAA+B,CAAC;AAI5F;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,oBAAoB,GAAI,CAAC,GAAG,GAAG,EAAE,OAAO,MAAM,KAAG,CAqBtD,CAAC;AAET;;;;;;;;;GASG;AACH,eAAO,MAAM,gBAAgB,GAAI,CAAC,GAAG,GAAG,EAAE,QAAQ,MAAM,EAAE,YAAY,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAG,CAOxF,CAAC;AAET,iEAAiE;AACjE,eAAO,MAAM,IAAI,EAAE,GAAkC,CAAC;AAEtD;;;;;;;GAOG;AACH,eAAO,MAAM,cAAc,QAAO,EAI/B,CAAC;AAEJ,gDAAgD;AAChD,eAAO,MAAM,YAAY,QAAO,QAAgC,CAAC;AAEjE,2CAA2C;AAC3C,eAAO,MAAM,OAAO,GAAU,IAAI,GAAG,EAAE,MAAM,GAAG,KAAG,OAAO,CAAC,IAAI,CAAW,CAAC;AAI3E;;;;;;;;;;GAUG;AACH,eAAO,MAAM,yBAAyB,QAAO,YAM3C,CAAC;AAEH;;;;;;;;;GASG;AACH,eAAO,MAAM,qBAAqB,QAAO,WAUxC,CAAC;AAEF,2EAA2E;AAC3E,eAAO,MAAM,aAAa,EAAE,OAS3B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,oBAAoB,QAAO,OAStC,CAAC;AAEH,2FAA2F;AAC3F,eAAO,MAAM,0BAA0B,GAAI,UAAU;IACpD,iDAAiD;IACjD,oBAAoB,CAAC,EAAE,OAAO,CAAC;CAC/B,KAAG,KAAK,CAAC,cAAc,CAqBvB,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,8BAA8B,GAC1C,iBAAiB,cAAc,CAAC,MAAM,CAAC,KACrC,gBAqBF,CAAC;AAEF,kDAAkD;AAClD,MAAM,WAAW,+BAA+B;IAC/C,6DAA6D;IAC7D,eAAe,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;IACxC,qFAAqF;IACrF,kBAAkB,EAAE,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAChE,oEAAoE;IACpE,UAAU,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC;IACzB,8CAA8C;IAC9C,WAAW,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;IAC/B;;;;;;;;OAQG;IACH,aAAa,CAAC,EAAE,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,gBAAgB,KAAK,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;IAC7F;;;;;;;;OAQG;IACH,YAAY,CAAC,EACV,aAAa,CAAC,cAAc,CAAC,GAC7B,CAAC,CAAC,GAAG,EAAE,gBAAgB,KAAK,aAAa,CAAC,cAAc,CAAC,CAAC,CAAC;IAC9D,mFAAmF;IACnF,oBAAoB,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC,cAAc,CAAC,KAAK,KAAK,CAAC,cAAc,CAAC,CAAC;IAC/E;;;;;;;;OAQG;IACH,SAAS,CAAC,EAAE,sBAAsB,CAAC;CACnC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,eAAO,MAAM,4BAA4B,GACxC,SAAS,+BAA+B,KACtC,cAwDF,CAAC"}

package/dist/testing/stubs.js

@@ -206,7 +206,14 @@ export const create_stub_app_server_context = (session_options) => {
     };
 };
 /**
- * Create an `AppSurfaceSpec` for attack surface testing.
+ * Create an `AppSurfaceSpec` for the standard testing suites.
+ *
+ * Used by both in-process and cross-process tests as the schema source —
+ * the cross-process-ness lives in the transport + per-test fixture, not
+ * here. The on-disk `*_attack_surface.json` snapshot is observability
+ * (gen-time drift detection via `assert_surface_matches_snapshot`); the
+ * suites consume the spec object this function returns, not the JSON
+ * file.
  *
  * Mirrors `create_app_server`'s route assembly: consumer routes +
  * factory-managed bootstrap routes + surface generation. If
@@ -214,7 +221,7 @@ export const create_stub_app_server_context = (session_options) => {
  * to stay in sync (single source of truth for all consumers).
  *
  * @param options - surface spec options
- * @returns the surface spec for snapshot and adversarial testing
+ * @returns the surface spec for the standard suites
  */
 export const create_test_app_surface_spec = (options) => {
     const ctx = create_stub_app_server_context(options.session_options);

package/dist/testing/testing_rate_limiter.d.ts

@@ -0,0 +1,59 @@
+import './assert_dev_env.js';
+/**
+ * Test-only `RateLimiter` subclass with bucket tracking + reset_all.
+ *
+ * Production code never instantiates this; test binaries swap it in for
+ * production `RateLimiter` so `_testing_reset` can clear every bucket
+ * between cases. Mirrors the `TestingArgon2idHasher` pattern from the
+ * Rust spine — same call surface as the production class, plus test-only
+ * knobs (`reset_all`, `tracked_keys`).
+ *
+ * Constructor + every overridden method preserve production semantics
+ * by delegating to `super.*` after tracking; `reset_all` walks the
+ * tracked-keys set and calls `super.reset` per entry. Tests that depend
+ * on burst behavior get identical results between production and test
+ * instantiations.
+ *
+ * Usage in a test binary:
+ *
+ * ```ts
+ * import {TestingRateLimiter} from '@fuzdev/fuz_app/testing/testing_rate_limiter.js';
+ *
+ * const limiter = new TestingRateLimiter(default_login_ip_rate_limit);
+ * await create_app_server({backend, ip_rate_limiter: limiter, ...});
+ *
+ * // Inside the `_testing_reset` handler's `reset_state`:
+ * limiter.reset_all();
+ * ```
+ *
+ * @module
+ */
+import { RateLimiter, type RateLimitResult } from '../rate_limiter.js';
+/**
+ * `RateLimiter` plus bucket tracking. Every `check`/`record` call adds
+ * its key to `#seen_keys`; `reset` removes it; `reset_all` clears every
+ * tracked bucket. Drop-in replacement anywhere a `RateLimiter` is
+ * expected — the type is nominally compatible via subclassing.
+ */
+export declare class TestingRateLimiter extends RateLimiter {
+    #private;
+    check(key: string, now?: number): RateLimitResult;
+    record(key: string, now?: number): RateLimitResult;
+    reset(key: string): void;
+    /**
+     * Clear every bucket this limiter has been asked about. Idempotent;
+     * safe to call before any check/record activity. Designed to be invoked
+     * from a `_testing_reset` handler's `reset_state` callback so the test
+     * binary's rate-limit buckets don't leak across test cases.
+     */
+    reset_all(): void;
+    /**
+     * Snapshot of every bucket key this limiter has observed via
+     * `check`/`record`. Doesn't reflect post-cleanup pruning — keys that
+     * `cleanup()` removed remain in `tracked_keys` until `reset`/`reset_all`
+     * runs (or the limiter is disposed). Useful for assertions like
+     * "limiter saw exactly N IPs" in tests.
+     */
+    get tracked_keys(): ReadonlySet<string>;
+}
+//# sourceMappingURL=testing_rate_limiter.d.ts.map

package/dist/testing/testing_rate_limiter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"testing_rate_limiter.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/testing/testing_rate_limiter.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,CAAC;AAE7B;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,OAAO,EAAC,WAAW,EAAE,KAAK,eAAe,EAAC,MAAM,oBAAoB,CAAC;AAErE;;;;;GAKG;AACH,qBAAa,kBAAmB,SAAQ,WAAW;;IAGzC,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,eAAe;IAKjD,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,eAAe;IAKlD,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAKjC;;;;;OAKG;IACH,SAAS,IAAI,IAAI;IAOjB;;;;;;OAMG;IACH,IAAI,YAAY,IAAI,WAAW,CAAC,MAAM,CAAC,CAEtC;CACD"}

package/dist/testing/testing_rate_limiter.js

@@ -0,0 +1,74 @@
+import './assert_dev_env.js';
+/**
+ * Test-only `RateLimiter` subclass with bucket tracking + reset_all.
+ *
+ * Production code never instantiates this; test binaries swap it in for
+ * production `RateLimiter` so `_testing_reset` can clear every bucket
+ * between cases. Mirrors the `TestingArgon2idHasher` pattern from the
+ * Rust spine — same call surface as the production class, plus test-only
+ * knobs (`reset_all`, `tracked_keys`).
+ *
+ * Constructor + every overridden method preserve production semantics
+ * by delegating to `super.*` after tracking; `reset_all` walks the
+ * tracked-keys set and calls `super.reset` per entry. Tests that depend
+ * on burst behavior get identical results between production and test
+ * instantiations.
+ *
+ * Usage in a test binary:
+ *
+ * ```ts
+ * import {TestingRateLimiter} from '@fuzdev/fuz_app/testing/testing_rate_limiter.js';
+ *
+ * const limiter = new TestingRateLimiter(default_login_ip_rate_limit);
+ * await create_app_server({backend, ip_rate_limiter: limiter, ...});
+ *
+ * // Inside the `_testing_reset` handler's `reset_state`:
+ * limiter.reset_all();
+ * ```
+ *
+ * @module
+ */
+import { RateLimiter } from '../rate_limiter.js';
+/**
+ * `RateLimiter` plus bucket tracking. Every `check`/`record` call adds
+ * its key to `#seen_keys`; `reset` removes it; `reset_all` clears every
+ * tracked bucket. Drop-in replacement anywhere a `RateLimiter` is
+ * expected — the type is nominally compatible via subclassing.
+ */
+export class TestingRateLimiter extends RateLimiter {
+    #seen_keys = new Set();
+    check(key, now) {
+        this.#seen_keys.add(key);
+        return super.check(key, now);
+    }
+    record(key, now) {
+        this.#seen_keys.add(key);
+        return super.record(key, now);
+    }
+    reset(key) {
+        this.#seen_keys.delete(key);
+        super.reset(key);
+    }
+    /**
+     * Clear every bucket this limiter has been asked about. Idempotent;
+     * safe to call before any check/record activity. Designed to be invoked
+     * from a `_testing_reset` handler's `reset_state` callback so the test
+     * binary's rate-limit buckets don't leak across test cases.
+     */
+    reset_all() {
+        for (const key of this.#seen_keys) {
+            super.reset(key);
+        }
+        this.#seen_keys.clear();
+    }
+    /**
+     * Snapshot of every bucket key this limiter has observed via
+     * `check`/`record`. Doesn't reflect post-cleanup pruning — keys that
+     * `cleanup()` removed remain in `tracked_keys` until `reset`/`reset_all`
+     * runs (or the limiter is disposed). Useful for assertions like
+     * "limiter saw exactly N IPs" in tests.
+     */
+    get tracked_keys() {
+        return this.#seen_keys;
+    }
+}

package/dist/testing/transports/bootstrap.d.ts

@@ -0,0 +1,52 @@
+import '../assert_dev_env.js';
+import { Uuid } from '@fuzdev/fuz_util/id.js';
+import type { BackendConfig } from '../cross_backend/backend_config.js';
+import type { FetchTransport } from './fetch_transport.js';
+/** Input for `bootstrap()`. */
+export interface BootstrapOptions {
+    /**
+     * The cookie-threading HTTP transport pointed at the binary. After
+     * `bootstrap()` resolves, the transport carries the keeper session
+     * cookie — every later call against it is authenticated as keeper.
+     */
+    readonly transport: FetchTransport;
+    /**
+     * Backend config — used for `bootstrap_path` plus the
+     * `bootstrap.username` / `bootstrap.password` / `bootstrap.token`
+     * credentials. The runner already wrote `bootstrap.token` to
+     * `bootstrap.token_path` before spawning, so the binary picks the
+     * token up at startup.
+     */
+    readonly config: BackendConfig;
+}
+/** The keeper credentials captured from `POST /api/account/bootstrap`. */
+export interface BootstrapResult {
+    /**
+     * Same transport that came in, now carrying the keeper session
+     * cookie in its jar. Returned for call-site clarity (callers don't
+     * have to remember the mutation happens in place).
+     */
+    readonly transport: FetchTransport;
+    /** Account JSON returned by `POST /bootstrap`. */
+    readonly account: {
+        readonly id: Uuid;
+        readonly username: string;
+    };
+    /** Actor JSON returned by `POST /bootstrap`. */
+    readonly actor: {
+        readonly id: Uuid;
+    };
+    /** Raw `Set-Cookie` values for threading into a WS transport. */
+    readonly cookies: ReadonlyArray<string>;
+}
+/**
+ * Fire `POST {config.bootstrap_path}` and capture the keeper session.
+ *
+ * @throws Error when the binary refuses bootstrap (non-2xx response) or
+ *   the body fails to parse as the expected `{account, actor}` envelope.
+ *   The error carries the status + raw body so a mistyped token /
+ *   username collision / boot-time DB drift surfaces with enough
+ *   context to debug.
+ */
+export declare const bootstrap: (options: BootstrapOptions) => Promise<BootstrapResult>;
+//# sourceMappingURL=bootstrap.d.ts.map

package/dist/testing/transports/bootstrap.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bootstrap.d.ts","sourceRoot":"../src/lib/","sources":["../../../src/lib/testing/transports/bootstrap.ts"],"names":[],"mappings":"AAAA,OAAO,sBAAsB,CAAC;AAuB9B,OAAO,EAAC,IAAI,EAAC,MAAM,wBAAwB,CAAC;AAE5C,OAAO,KAAK,EAAC,aAAa,EAAC,MAAM,oCAAoC,CAAC;AACtE,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,sBAAsB,CAAC;AAezD,+BAA+B;AAC/B,MAAM,WAAW,gBAAgB;IAChC;;;;OAIG;IACH,QAAQ,CAAC,SAAS,EAAE,cAAc,CAAC;IACnC;;;;;;OAMG;IACH,QAAQ,CAAC,MAAM,EAAE,aAAa,CAAC;CAC/B;AAED,0EAA0E;AAC1E,MAAM,WAAW,eAAe;IAC/B;;;;OAIG;IACH,QAAQ,CAAC,SAAS,EAAE,cAAc,CAAC;IACnC,kDAAkD;IAClD,QAAQ,CAAC,OAAO,EAAE;QAAC,QAAQ,CAAC,EAAE,EAAE,IAAI,CAAC;QAAC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAA;KAAC,CAAC;IACjE,gDAAgD;IAChD,QAAQ,CAAC,KAAK,EAAE;QAAC,QAAQ,CAAC,EAAE,EAAE,IAAI,CAAA;KAAC,CAAC;IACpC,iEAAiE;IACjE,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;CACxC;AAED;;;;;;;;GAQG;AACH,eAAO,MAAM,SAAS,GAAU,SAAS,gBAAgB,KAAG,OAAO,CAAC,eAAe,CA4BlF,CAAC"}

package/dist/testing/transports/bootstrap.js

@@ -0,0 +1,70 @@
+import '../assert_dev_env.js';
+/**
+ * Stateless cross-process bootstrap.
+ *
+ * POSTs `{bootstrap_path}` against the running test binary with the
+ * preconfigured token + username + password, parses the
+ * `BootstrapOutput` envelope, captures the session `Set-Cookie` onto
+ * the supplied `FetchTransport` (which carries it on every subsequent
+ * call), and returns the keeper credentials.
+ *
+ * Fires exactly once per backend lifetime — `spawn_backend` calls it
+ * inside vitest's `globalSetup`. Per-test fixtures re-use the captured
+ * keeper credentials; fresh per-test accounts come from
+ * `fixture.create_account()` (signup+login through production RPC),
+ * not re-bootstrap. The hybrid reset model in `default_cross_process_setup`
+ * depends on this — re-bootstrap would race the bootstrap lock and
+ * in-memory caches.
+ *
+ * @module
+ */
+import { z } from 'zod';
+import { Uuid } from '@fuzdev/fuz_util/id.js';
+/**
+ * The `BootstrapOutput` envelope shape the cross-process bootstrap call
+ * cares about. Looser than the full `BootstrapOutput` Zod schema in
+ * `auth/bootstrap_account.ts` — that schema is the canonical wire shape
+ * on the server side, and this one is a structural subset the runner
+ * uses to extract the keeper identity. Kept local so cross-process
+ * testing doesn't pull the full auth-domain schema into its dep graph.
+ */
+const BootstrapResponse = z.object({
+    account: z.object({ id: Uuid, username: z.string() }),
+    actor: z.object({ id: Uuid }),
+});
+/**
+ * Fire `POST {config.bootstrap_path}` and capture the keeper session.
+ *
+ * @throws Error when the binary refuses bootstrap (non-2xx response) or
+ *   the body fails to parse as the expected `{account, actor}` envelope.
+ *   The error carries the status + raw body so a mistyped token /
+ *   username collision / boot-time DB drift surfaces with enough
+ *   context to debug.
+ */
+export const bootstrap = async (options) => {
+    const { transport, config } = options;
+    const response = await transport(config.bootstrap_path, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+            token: config.bootstrap.token,
+            username: config.bootstrap.username,
+            password: config.bootstrap.password,
+        }),
+    });
+    if (!response.ok) {
+        const body = await response.text().catch(() => '<unreadable>');
+        throw new Error(`bootstrap(${config.name}) failed: status=${response.status} body=${body}`);
+    }
+    const raw = await response.json();
+    const parsed = BootstrapResponse.safeParse(raw);
+    if (!parsed.success) {
+        throw new Error(`bootstrap(${config.name}) returned unexpected body: ${JSON.stringify(raw)} (${parsed.error.message})`);
+    }
+    return {
+        transport,
+        account: parsed.data.account,
+        actor: parsed.data.actor,
+        cookies: transport.cookies(),
+    };
+};

package/dist/testing/transports/fetch_transport.d.ts

@@ -0,0 +1,81 @@
+import '../assert_dev_env.js';
+/**
+ * Cookie-threading HTTP transport for cross-process tests.
+ *
+ * Wraps the global `fetch` against a base URL, carries cookies across
+ * requests in a `Map`-backed jar so the session cookie set on bootstrap
+ * is re-sent on every subsequent call. Satisfies the `RpcTestTransport`
+ * shape `Hono.request` already does — so every suite body that takes
+ * `transport: RpcTestTransport` works against a cross-process binary
+ * unchanged.
+ *
+ * The `Origin` header is threaded onto every request because the
+ * backend's allowlist (`{ZZZ,ZAP,FUZ}_ALLOWED_ORIGINS`) rejects mutations
+ * without an `Origin`. Cross-process tests run with
+ * `ALLOWED_ORIGINS=http://localhost:*`, so defaulting `origin` to the
+ * configured `base_url` is safe.
+ *
+ * The cookie jar is intentionally simple — it does not honour `Domain`,
+ * `Path`, `Expires`, or `SameSite` attributes. Cross-process tests
+ * always hit a single host:port, so name-keyed last-write-wins matches
+ * the behaviour real browsers exhibit against the same surface.
+ *
+ * @module
+ */
+import type { RpcTestTransport } from '../rpc_helpers.js';
+/** Construction options for `create_fetch_transport`. */
+export interface FetchTransportOptions {
+    /** Base URL the binary is reachable at — e.g. `http://localhost:8788`. */
+    readonly base_url: string;
+    /**
+     * Initial cookie values to seed the jar. Pass the `Set-Cookie` values
+     * captured from a prior `bootstrap()` call to keep the keeper session
+     * across a transport-recreation boundary. Each entry is a full
+     * `Set-Cookie` value (the same string `Headers.getSetCookie()` returns).
+     */
+    readonly initial_cookies?: ReadonlyArray<string>;
+    /**
+     * Origin header threaded onto every request when the caller hasn't set
+     * one. Defaults to `base_url`; backends running with
+     * `ALLOWED_ORIGINS=http://localhost:*` accept `http://localhost:<port>`
+     * matching the spawned binary.
+     *
+     * Pass `null` to disable the default — useful for bearer-only probes
+     * that must not look like browser-context requests (the auth middleware
+     * silently discards bearer credentials when `Origin`/`Referer` is
+     * present). Callers can still set `Origin` per-call via `init.headers`.
+     */
+    readonly origin?: string | null;
+}
+/**
+ * The transport shape: callable as `RpcTestTransport` plus a `cookies()`
+ * accessor that returns the current jar state. The accessor exists so
+ * `ws_transport` can thread the session cookie onto the WS upgrade
+ * without an HTTP round trip.
+ */
+export interface FetchTransport extends RpcTestTransport {
+    /**
+     * Snapshot of every cookie currently in the jar, formatted as full
+     * `Set-Cookie` values (`name=value`). Used by `ws_transport` to
+     * compose the `Cookie` header on the upgrade request.
+     */
+    readonly cookies: () => ReadonlyArray<string>;
+}
+/**
+ * Build a cookie-threading transport pinned to `options.base_url`. The
+ * returned function carries a private `Map<name, cookie-head>` jar that
+ * updates on every response's `Set-Cookie` and re-sends on every
+ * subsequent request.
+ *
+ * Request rewriting:
+ *
+ * - Absolute URLs (`http://other.example/...`) pass through verbatim —
+ *   handy for cross-origin negative tests that target a deliberately
+ *   different host.
+ * - Relative URLs are resolved against `base_url`.
+ * - `Origin` is set to `options.origin ?? base_url` unless the caller
+ *   already provided one.
+ * - `Cookie` is set from the jar unless the caller already provided one.
+ */
+export declare const create_fetch_transport: (options: FetchTransportOptions) => FetchTransport;
+//# sourceMappingURL=fetch_transport.d.ts.map

package/dist/testing/transports/fetch_transport.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fetch_transport.d.ts","sourceRoot":"../src/lib/","sources":["../../../src/lib/testing/transports/fetch_transport.ts"],"names":[],"mappings":"AAAA,OAAO,sBAAsB,CAAC;AAE9B;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAEH,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,mBAAmB,CAAC;AAExD,yDAAyD;AACzD,MAAM,WAAW,qBAAqB;IACrC,0EAA0E;IAC1E,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B;;;;;OAKG;IACH,QAAQ,CAAC,eAAe,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACjD;;;;;;;;;;OAUG;IACH,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAChC;AAED;;;;;GAKG;AACH,MAAM,WAAW,cAAe,SAAQ,gBAAgB;IACvD;;;;OAIG;IACH,QAAQ,CAAC,OAAO,EAAE,MAAM,aAAa,CAAC,MAAM,CAAC,CAAC;CAC9C;AAkBD;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,sBAAsB,GAAI,SAAS,qBAAqB,KAAG,cAyCvE,CAAC"}

package/dist/testing/transports/fetch_transport.js

@@ -0,0 +1,74 @@
+import '../assert_dev_env.js';
+/**
+ * Parse the `name=value` head of a `Set-Cookie` value. Returns `null`
+ * for malformed inputs (missing `=`, empty name). Drops every attribute
+ * after the first `;` — the jar is name-keyed and the lifetime
+ * attributes (`Expires`, `Max-Age`, `Path`, `Domain`, `SameSite`)
+ * don't affect cross-process test plumbing.
+ */
+const parse_set_cookie = (value) => {
+    const head = value.split(';', 1)[0].trim();
+    const eq = head.indexOf('=');
+    if (eq <= 0)
+        return null;
+    const name = head.slice(0, eq).trim();
+    if (!name)
+        return null;
+    return { name, cookie: head };
+};
+/**
+ * Build a cookie-threading transport pinned to `options.base_url`. The
+ * returned function carries a private `Map<name, cookie-head>` jar that
+ * updates on every response's `Set-Cookie` and re-sends on every
+ * subsequent request.
+ *
+ * Request rewriting:
+ *
+ * - Absolute URLs (`http://other.example/...`) pass through verbatim —
+ *   handy for cross-origin negative tests that target a deliberately
+ *   different host.
+ * - Relative URLs are resolved against `base_url`.
+ * - `Origin` is set to `options.origin ?? base_url` unless the caller
+ *   already provided one.
+ * - `Cookie` is set from the jar unless the caller already provided one.
+ */
+export const create_fetch_transport = (options) => {
+    const { base_url, initial_cookies, origin } = options;
+    const jar = new Map();
+    if (initial_cookies) {
+        for (const raw of initial_cookies) {
+            const parsed = parse_set_cookie(raw);
+            if (parsed)
+                jar.set(parsed.name, parsed.cookie);
+        }
+    }
+    const default_origin = origin === null ? null : (origin ?? base_url);
+    const cookies = () => Array.from(jar.values());
+    const transport = (async (url, init) => {
+        const target = /^https?:\/\//i.test(url) ? url : `${base_url}${url}`;
+        const headers = new Headers(init.headers);
+        if (default_origin !== null && !headers.has('Origin')) {
+            headers.set('Origin', default_origin);
+        }
+        if (!headers.has('Cookie') && jar.size > 0) {
+            headers.set('Cookie', Array.from(jar.values()).join('; '));
+        }
+        const response = await fetch(target, { ...init, headers });
+        // `Headers.getSetCookie()` returns each `Set-Cookie` value as a
+        // separate string — the only way to read multiple cookies set in
+        // one response (Headers.get() collapses to a single comma-joined
+        // string). Node 19.7+ ships it; vitest's runtime supports it.
+        const set_cookies = response.headers.getSetCookie();
+        for (const raw of set_cookies) {
+            const parsed = parse_set_cookie(raw);
+            if (parsed)
+                jar.set(parsed.name, parsed.cookie);
+        }
+        return response;
+    });
+    // Attach the cookies() accessor onto the callable. Using a property
+    // definition keeps it non-enumerable-ish and avoids polluting `.bind`
+    // / `.call` reflection on the function.
+    Object.defineProperty(transport, 'cookies', { value: cookies, enumerable: false });
+    return transport;
+};