@gencow/core 0.1.24 → 0.1.26

package/dist/rls-db.d.ts

@@ -1,4 +1,4 @@
-import type { PgDatabase } from "drizzle-orm/pg-core";
+import type { PgAsyncDatabase } from "drizzle-orm/pg-core";
 /**
  * RLS DB wrapper — execution paths for `withRlsConnection`:
  * 1. **Reuse outer Drizzle transaction** (`reuseOuterConnection`): same connection, apply GUCs then run `fn`.
@@ -44,4 +44,4 @@ export declare function withRlsLeasedConnection<T>(leased: {
  *
  * `db.transaction()` still injects the same variables at the start of the callback transaction.
  */
-export declare function createRlsDb(db: PgDatabase<any, any, any>, rls: RlsSessionContext): PgDatabase<any, any, any>;
+export declare function createRlsDb(db: PgAsyncDatabase<any, any, any, any>, rls: RlsSessionContext): PgAsyncDatabase<any, any, any, any>;

package/dist/rls-db.js

@@ -1,11 +1,7 @@
 import { AsyncLocalStorage } from "node:async_hooks";
 import { sql } from "drizzle-orm";
 const gucNameRe = /^app\.[a-z][a-z0-9_]*(?:\.[a-z][a-z0-9_]*)*$/;
-const RESERVED_VARS_KEYS = new Set([
-    "app.current_user_id",
-    "app.current_user_role",
-    "app.tenant_id",
-]);
+const RESERVED_VARS_KEYS = new Set(["app.current_user_id", "app.current_user_role", "app.tenant_id"]);
 function assertSafeGucName(key) {
     if (!gucNameRe.test(key)) {
         throw new Error(`createRlsDb: GUC name "${key}" is invalid — use lowercase app.* names (e.g. app.org_id)`);

package/dist/scheduler.d.ts

@@ -45,6 +45,8 @@ export interface Scheduler {
     cron(name: string, pattern: string, handler: () => Promise<void>): void;
     /** Register an action handler */
     registerAction(name: string, handler: ActionHandler): void;
+    /** Execute a registered action and propagate errors to the caller */
+    executeActionStrict(name: string, args?: any): Promise<void>;
     /** Execute a registered action by name — 선언적 crons.ts 문자열 액션 실행용 */
     executeAction(name: string, args?: any): Promise<void>;
 }

package/dist/scheduler.js

@@ -1,7 +1,7 @@
 import * as cron from "node-cron";
-const _cronInfo = globalThis.__gencow_cronInfo ??= [];
-const _pendingJobs = globalThis.__gencow_pendingJobs ??= [];
-const _failedJobs = globalThis.__gencow_failedJobs ??= [];
+const _cronInfo = (globalThis.__gencow_cronInfo ??= []);
+const _pendingJobs = (globalThis.__gencow_pendingJobs ??= []);
+const _failedJobs = (globalThis.__gencow_failedJobs ??= []);
 /** 최대 보관할 실패 작업 수 (메모리 보호) */
 const MAX_FAILED_JOBS = 100;
 export function getSchedulerInfo() {
@@ -89,7 +89,12 @@ export function createScheduler(options) {
     return {
         runAfter(ms, action, args, scheduleOpts) {
             const id = generateId();
-            const jobEntry = { id, action, scheduledAt: new Date().toISOString(), status: "pending" };
+            const jobEntry = {
+                id,
+                action,
+                scheduledAt: new Date().toISOString(),
+                status: "pending",
+            };
             _pendingJobs.push(jobEntry);
             // ── Durable mode: DB에 영속화, 실행은 외부 폴러에 위임 ──
             if (isDurable) {
@@ -100,10 +105,12 @@ export function createScheduler(options) {
                     args: args ?? {},
                     runAt,
                     onErrorAction: scheduleOpts?.onError,
-                }).then(() => {
+                })
+                    .then(() => {
                     console.log(`[scheduler] Persisted "${action}" to run at ${runAt.toISOString()} (id: ${id}, durable)` +
                         `${scheduleOpts?.onError ? ` [onError: ${scheduleOpts.onError}]` : ""}`);
-                }).catch((err) => {
+                })
+                    .catch((err) => {
                     console.error(`[scheduler] Failed to persist job ${id}:`, err instanceof Error ? err.message : err);
                     // DB persist 실패 → 인메모리 fallback
                     scheduleInMemory(id, ms, action, args, scheduleOpts, jobEntry);
@@ -171,6 +178,9 @@ export function createScheduler(options) {
         registerAction(name, handler) {
             actions.set(name, handler);
         },
+        async executeActionStrict(name, args) {
+            await executeAction(name, args);
+        },
         async executeAction(name, args) {
             try {
                 await executeAction(name, args);

package/dist/server.d.ts

@@ -5,7 +5,6 @@
  * executing server. Excluded from client-side core (`index.ts`) so they aren't
  * bundled into user functions which run in Firecracker.
  */
-export { createDb } from "./db.js";
 export { createStorage, storageRoutes } from "./storage.js";
 export type { StorageImageTierConfig } from "./storage.js";
 export { createScheduler, getSchedulerInfo } from "./scheduler.js";

package/dist/server.js

@@ -5,7 +5,6 @@
  * executing server. Excluded from client-side core (`index.ts`) so they aren't
  * bundled into user functions which run in Firecracker.
  */
-export { createDb } from "./db.js";
 export { createStorage, storageRoutes } from "./storage.js";
 export { createScheduler, getSchedulerInfo } from "./scheduler.js";
 export { authMiddleware, authRoutes, getUsers } from "./auth.js";

package/dist/storage.js

@@ -141,7 +141,9 @@ export function createStorage(dir = "./uploads", options) {
             const filePath = path.join(dir, id);
             await fs.writeFile(filePath, buffer);
             // .meta JSON 기록 — Platform 레벨 직접 서빙용
-            await fs.writeFile(`${filePath}.meta`, JSON.stringify({ name: filename, type, size: buffer.length })).catch(() => { });
+            await fs
+                .writeFile(`${filePath}.meta`, JSON.stringify({ name: filename, type, size: buffer.length }))
+                .catch(() => { });
             metaStore.set(id, {
                 id,
                 name: filename,
@@ -187,25 +189,27 @@ export function createStorage(dir = "./uploads", options) {
                 const entries = await fs.readdir(cacheDir);
                 const prefix = `${storageId}_`;
                 await Promise.all(entries
-                    .filter(e => e.startsWith(prefix))
-                    .map(e => fs.unlink(path.join(cacheDir, e)).catch(() => { })));
+                    .filter((e) => e.startsWith(prefix))
+                    .map((e) => fs.unlink(path.join(cacheDir, e)).catch(() => { })));
+            }
+            catch {
+                /* .cache 디렉토리 미존재 시 무시 */
             }
-            catch { /* .cache 디렉토리 미존재 시 무시 */ }
             // DB에서도 삭제 (rawSql 있을 때만)
             if (rawSql) {
                 try {
                     await rawSql(`DELETE FROM _system_files WHERE storage_id = $1`, [storageId]);
                 }
-                catch { /* 삭제 실패 무시 — 파일은 이미 제거됨 */ }
+                catch {
+                    /* 삭제 실패 무시 — 파일은 이미 제거됨 */
+                }
             }
         },
     };
 }
 // ─── Image Optimization Constants ───────────────────────
 /** 변환 가능한 원본 MIME 타입 */
-const TRANSFORMABLE_TYPES = new Set([
-    "image/png", "image/jpeg", "image/jpg", "image/webp",
-]);
+const TRANSFORMABLE_TYPES = new Set(["image/png", "image/jpeg", "image/jpg", "image/webp"]);
 /** 허용 출력 포맷 */
 const ALLOWED_FORMATS = new Set(["webp", "avif", "jpeg", "png"]);
 /** 허용 맞춤 모드 */
@@ -363,9 +367,10 @@ export function storageRoutes(storage, rawSql, storageDir, tierConfig) {
             const appConfig = JSON.parse(raw);
             // Tier ceiling 적용: min(앱 설정, Tier 최대값)
             if (appConfig.autoMaxWidth > 0) {
-                config.autoMaxWidth = config.autoMaxWidth > 0
-                    ? Math.min(appConfig.autoMaxWidth, config.autoMaxWidth)
-                    : appConfig.autoMaxWidth;
+                config.autoMaxWidth =
+                    config.autoMaxWidth > 0
+                        ? Math.min(appConfig.autoMaxWidth, config.autoMaxWidth)
+                        : appConfig.autoMaxWidth;
             }
             if (appConfig.autoQuality > 0 && appConfig.autoQuality <= 100) {
                 config.autoQuality = appConfig.autoQuality;
@@ -374,7 +379,9 @@ export function storageRoutes(storage, rawSql, storageDir, tierConfig) {
                 config.autoWebp = false;
             }
         }
-        catch { /* 파일 없음 or 파싱 실패 → Tier 기본값 유지 */ }
+        catch {
+            /* 파일 없음 or 파싱 실패 → Tier 기본값 유지 */
+        }
         return config;
     }
     // sharp 모듈 캐시 (동적 import 1회만)
@@ -417,7 +424,9 @@ export function storageRoutes(storage, rawSql, storageDir, tierConfig) {
                     };
                 }
             }
-            catch { /* fallthrough to 404 */ }
+            catch {
+                /* fallthrough to 404 */
+            }
         }
         if (!meta) {
             return c.json({ error: "Not found" }, 404);
@@ -432,11 +441,11 @@ export function storageRoutes(storage, rawSql, storageDir, tierConfig) {
         const acceptHeader = c.req.header("accept") || "";
         const clientAcceptsWebp = acceptHeader.includes("image/webp");
         // Auto WebP: 파라미터 없지만 브라우저가 webp 지원 + 원본이 PNG/JPEG
-        const isAutoWebp = !transformParams
-            && isTransformable
-            && clientAcceptsWebp
-            && config.autoWebp
-            && (meta.type === "image/png" || meta.type === "image/jpeg" || meta.type === "image/jpg");
+        const isAutoWebp = !transformParams &&
+            isTransformable &&
+            clientAcceptsWebp &&
+            config.autoWebp &&
+            (meta.type === "image/png" || meta.type === "image/jpeg" || meta.type === "image/jpg");
         // 이미지 변환이 필요 없는 경우 → 원본 서빙 (기존 동작 100% 유지)
         if (!transformParams && !isAutoWebp) {
             return serveOriginal(c, meta);
@@ -595,16 +604,14 @@ export function storageRoutes(storage, rawSql, storageDir, tierConfig) {
         // 변환된 파일명: original.png → original.webp (또는 original_300x200.webp)
         const baseName = originalMeta.name.replace(/\.[^.]+$/, "");
         const ext = outputFormat || originalMeta.name.split(".").pop() || "bin";
-        const suffix = params?.w || params?.h
-            ? `_${params.w || "auto"}x${params.h || "auto"}`
-            : "";
+        const suffix = params?.w || params?.h ? `_${params.w || "auto"}x${params.h || "auto"}` : "";
         const fileName = `${baseName}${suffix}.${ext}`;
         const headers = {
             "Content-Type": contentType,
             "Content-Disposition": `inline; filename="${encodeURIComponent(fileName)}"; filename*=UTF-8''${encodeURIComponent(fileName)}`,
             "Cache-Control": "public, max-age=31536000, immutable",
             // Vary: Accept — Auto WebP 시 CDN/브라우저 캐시 분리
-            ...(isAutoWebp ? { "Vary": "Accept" } : {}),
+            ...(isAutoWebp ? { Vary: "Accept" } : {}),
         };
         if (typeof globalThis.Bun !== "undefined") {
             const bunFile = Bun.file(cachePath);

package/dist/v.d.ts

@@ -32,9 +32,9 @@ export declare const v: {
  * Correctly handles optional properties (Validator<T | undefined> → optional key).
  */
 export type InferArgs<T> = T extends Validator<infer U> ? U : T extends Record<string, Validator> ? {
-    [K in keyof T as T[K] extends Validator<infer U> ? (undefined extends U ? never : K) : K]: T[K] extends Validator<infer U> ? U : any;
+    [K in keyof T as T[K] extends Validator<infer U> ? undefined extends U ? never : K : K]: T[K] extends Validator<infer U> ? U : any;
 } & {
-    [K in keyof T as T[K] extends Validator<infer U> ? (undefined extends U ? K : never) : never]?: T[K] extends Validator<infer U> ? U : any;
+    [K in keyof T as T[K] extends Validator<infer U> ? undefined extends U ? K : never : never]?: T[K] extends Validator<infer U> ? U : any;
 } : T;
 /**
  * Validates and parses arguments against a schema at runtime.

package/dist/workflow.js

@@ -1,19 +1,16 @@
 import { sql } from "drizzle-orm";
 import { mutation } from "./reactive.js";
 import { registerWorkflowsApi } from "./workflows-api.js";
-const workflowRegistry = globalThis.__gencow_workflowRegistry ??= new Map();
+const workflowRegistry = (globalThis.__gencow_workflowRegistry ??= new Map());
 export const DEFAULT_WORKFLOW_MAX_DURATION_MS = 30 * 60 * 1000;
 export const DEFAULT_WORKFLOW_MAX_RETRIES = 3;
 export const WORKFLOW_RESUME_ACTION_PREFIX = "__gencow.workflow.resume";
 export const WORKFLOW_REALTIME_KEY_PREFIX = "__gencow.workflow.state";
 function isSerializedWorkflowValue(value) {
-    return !!value && typeof value === "object" && ("__gencowUndefined" in value ||
-        "value" in value);
+    return !!value && typeof value === "object" && ("__gencowUndefined" in value || "value" in value);
 }
 export function serializeWorkflowValue(value) {
-    const payload = value === undefined
-        ? { __gencowUndefined: true }
-        : { value };
+    const payload = value === undefined ? { __gencowUndefined: true } : { value };
     try {
         return JSON.parse(JSON.stringify(payload));
     }
@@ -45,11 +42,7 @@ function parseDurationString(raw, label) {
     }
     const value = Number(match[1]);
     const unit = match[2];
-    const unitMs = unit === "ms" ? 1 :
-        unit === "s" ? 1_000 :
-            unit === "m" ? 60_000 :
-                unit === "h" ? 3_600_000 :
-                    86_400_000;
+    const unitMs = unit === "ms" ? 1 : unit === "s" ? 1_000 : unit === "m" ? 60_000 : unit === "h" ? 3_600_000 : 86_400_000;
     return value * unitMs;
 }
 export function parseWorkflowDurationMs(raw, label = "workflow duration") {

package/dist/workflows-api.js

@@ -3,17 +3,8 @@ import { mutation, query } from "./reactive.js";
 import { createWorkflowRealtimeToken, deserializeWorkflowValue, getWorkflowResumeActionName, getWorkflowRealtimeKey, serializeWorkflowValue, } from "./workflow.js";
 import { GencowValidationError, v } from "./v.js";
 import { deriveWorkflowStatus } from "./workflow-types.js";
-const WORKFLOW_STATUSES = new Set([
-    "pending",
-    "running",
-    "completed",
-    "failed",
-]);
-const WORKFLOW_DERIVED_PENDING_STATUSES = new Set([
-    "queued",
-    "waiting",
-    "sleeping",
-]);
+const WORKFLOW_STATUSES = new Set(["pending", "running", "completed", "failed"]);
+const WORKFLOW_DERIVED_PENDING_STATUSES = new Set(["queued", "waiting", "sleeping"]);
 function rowsFromResult(result) {
     if (Array.isArray(result))
         return result;
@@ -252,7 +243,9 @@ export function registerWorkflowsApi() {
             let scheduledJobId = null;
             if (workflow.status === "pending" && workflow.current_step?.startsWith("wait:")) {
                 try {
-                    scheduledJobId = ctx.scheduler.runAfter(0, getWorkflowResumeActionName(workflow.name), { workflowId: workflow.id });
+                    scheduledJobId = ctx.scheduler.runAfter(0, getWorkflowResumeActionName(workflow.name), {
+                        workflowId: workflow.id,
+                    });
                 }
                 catch {
                     scheduledJobId = null;

package/package.json

@@ -1,46 +1,49 @@
 {
-    "name": "@gencow/core",
-    "version": "0.1.24",
-    "description": "Gencow core library — defineQuery, defineMutation, reactive subscriptions",
-    "type": "module",
-    "main": "dist/index.js",
-    "types": "dist/index.d.ts",
-    "exports": {
-        ".": {
-            "import": "./dist/index.js",
-            "require": "./dist/index.js",
-            "types": "./dist/index.d.ts"
-        },
-        "./server": {
-            "import": "./dist/server.js",
-            "require": "./dist/server.js",
-            "types": "./dist/server.d.ts"
-        }
+  "name": "@gencow/core",
+  "version": "0.1.26",
+  "description": "Gencow core library — defineQuery, defineMutation, reactive subscriptions",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "require": "./dist/index.js",
+      "types": "./dist/index.d.ts"
     },
-    "files": [
-        "dist/",
-        "src/"
-    ],
-    "scripts": {
-        "db:generate:fixture-basic": "drizzle-kit generate --config ./src/__tests__/fixtures/basic/drizzle.config.ts",
-        "build": "tsc",
-        "typecheck": "tsc --noEmit",
-        "prepublishOnly": "npm run build",
-        "postinstall": "tsc"
-    },
-    "dependencies": {
-        "@electric-sql/pglite": "^0.3.15",
-        "drizzle-orm": "^0.45.1",
-        "hono": "^4.12.0",
-        "node-cron": "^4.2.1"
-    },
-    "devDependencies": {
-        "@types/bun": "^1.3.9",
-        "@types/node": "^25.3.0",
-        "@types/node-cron": "^3.0.11",
-        "drizzle-kit": "^0.31.10",
-        "drizzle-seed": "^0.3.1",
-        "typescript": "^5.9.3",
-        "uuid": "^13.0.0"
+    "./server": {
+      "import": "./dist/server.js",
+      "require": "./dist/server.js",
+      "types": "./dist/server.d.ts"
     }
+  },
+  "files": [
+    "dist/",
+    "src/"
+  ],
+  "scripts": {
+    "db:generate:fixture-basic": "drizzle-kit generate --config ./src/__tests__/fixtures/basic/drizzle.config.ts",
+    "build": "tsc",
+    "typecheck": "tsc --noEmit",
+    "prepublishOnly": "npm run build"
+  },
+  "dependencies": {
+    "node-cron": "^4.2.1"
+  },
+  "peerDependencies": {
+    "drizzle-orm": "^1.0.0-beta || ^1.0.0",
+    "hono": "^4.12.0"
+  },
+  "devDependencies": {
+    "@electric-sql/pglite": "^0.3.15",
+    "@types/bun": "^1.3.9",
+    "@types/node": "^25.3.0",
+    "@types/node-cron": "^3.0.11",
+    "drizzle-kit": "^1.0.0-beta || ^1.0.0",
+    "drizzle-orm": "^1.0.0-beta || ^1.0.0",
+    "drizzle-seed": "^1.0.0-beta",
+    "hono": "^4.12.0",
+    "typescript": "^5.9.3",
+    "uuid": "^13.0.0"
+  }
 }

package/src/__tests__/auth.test.ts

@@ -7,108 +7,112 @@
  */
 
 import { describe, it, expect } from "bun:test";
-import { defineAuth } from "../auth-config";
-import type { GencowAuthConfig } from "../auth-config";
+import { defineAuth } from "../auth-config.js";
+import type { GencowAuthConfig } from "../auth-config.js";
 
 // ─── defineAuth() ───────────────────────────────────────
 
 describe("defineAuth()", () => {
-    it("빈 설정 객체 반환", () => {
-        const config = defineAuth({});
-        expect(config).toEqual({});
+  it("빈 설정 객체 반환", () => {
+    const config = defineAuth({});
+    expect(config).toEqual({});
+  });
+
+  it("emailVerification 설정이 그대로 반환된다", () => {
+    const sendFn = async () => {};
+    const config = defineAuth({
+      emailVerification: {
+        sendOnSignUp: true,
+        requireEmailVerification: true,
+        autoSignInAfterVerification: true,
+        sendVerificationEmail: sendFn,
+      },
     });
 
-    it("emailVerification 설정이 그대로 반환된다", () => {
-        const sendFn = async () => {};
-        const config = defineAuth({
-            emailVerification: {
-                sendOnSignUp: true,
-                requireEmailVerification: true,
-                autoSignInAfterVerification: true,
-                sendVerificationEmail: sendFn,
-            },
-        });
-
-        expect(config.emailVerification?.sendOnSignUp).toBe(true);
-        expect(config.emailVerification?.requireEmailVerification).toBe(true);
-        expect(config.emailVerification?.autoSignInAfterVerification).toBe(true);
-        expect(config.emailVerification?.sendVerificationEmail).toBe(sendFn);
+    expect(config.emailVerification?.sendOnSignUp).toBe(true);
+    expect(config.emailVerification?.requireEmailVerification).toBe(true);
+    expect(config.emailVerification?.autoSignInAfterVerification).toBe(true);
+    expect(config.emailVerification?.sendVerificationEmail).toBe(sendFn);
+  });
+
+  it("부분 설정도 허용된다", () => {
+    const config = defineAuth({
+      emailVerification: {
+        sendVerificationEmail: async () => {},
+      },
     });
 
-    it("부분 설정도 허용된다", () => {
-        const config = defineAuth({
-            emailVerification: {
-                sendVerificationEmail: async () => {},
-            },
-        });
-
-        expect(config.emailVerification?.sendOnSignUp).toBeUndefined();
-        expect(config.emailVerification?.sendVerificationEmail).toBeDefined();
-    });
+    expect(config.emailVerification?.sendOnSignUp).toBeUndefined();
+    expect(config.emailVerification?.sendVerificationEmail).toBeDefined();
+  });
 });
 
 // ─── AuthCtx interface 패턴 ─────────────────────────────
 
 describe("AuthCtx 패턴 (mock)", () => {
-    // AuthCtx는 런타임에서 생성되므로, 인터페이스 수준에서 패턴 검증
-
-    it("getUserIdentity — 비로그인 시 null", () => {
-        const authCtx = {
-            getUserIdentity: () => null,
-            requireAuth: () => { throw new Error("Authentication required"); },
-        };
-
-        expect(authCtx.getUserIdentity()).toBeNull();
-    });
-
-    it("getUserIdentity — 로그인 시 유저 반환", () => {
-        const user = { id: "u1", email: "test@test.com", name: "Test" };
-        const authCtx = {
-            getUserIdentity: () => user,
-            requireAuth: () => user,
-        };
-
-        expect(authCtx.getUserIdentity()).toEqual(user);
-        expect(authCtx.getUserIdentity()!.id).toBe("u1");
-        expect(authCtx.getUserIdentity()!.email).toBe("test@test.com");
-    });
-
-    it("requireAuth — 비로그인 시 에러 throw", () => {
-        const authCtx = {
-            getUserIdentity: () => null,
-            requireAuth: () => { throw new Error("Authentication required"); },
-        };
-
-        expect(() => authCtx.requireAuth()).toThrow("Authentication required");
-    });
-
-    it("requireAuth — 로그인 시 유저 반환 (throw 안 함)", () => {
-        const user = { id: "u2", email: "auth@test.com" };
-        const authCtx = {
-            getUserIdentity: () => user,
-            requireAuth: () => user,
-        };
-
-        expect(() => authCtx.requireAuth()).not.toThrow();
-        expect(authCtx.requireAuth()).toEqual(user);
-    });
+  // AuthCtx는 런타임에서 생성되므로, 인터페이스 수준에서 패턴 검증
+
+  it("getUserIdentity — 비로그인 시 null", () => {
+    const authCtx = {
+      getUserIdentity: () => null,
+      requireAuth: () => {
+        throw new Error("Authentication required");
+      },
+    };
+
+    expect(authCtx.getUserIdentity()).toBeNull();
+  });
+
+  it("getUserIdentity — 로그인 시 유저 반환", () => {
+    const user = { id: "u1", email: "test@test.com", name: "Test" };
+    const authCtx = {
+      getUserIdentity: () => user,
+      requireAuth: () => user,
+    };
+
+    expect(authCtx.getUserIdentity()).toEqual(user);
+    expect(authCtx.getUserIdentity()!.id).toBe("u1");
+    expect(authCtx.getUserIdentity()!.email).toBe("test@test.com");
+  });
+
+  it("requireAuth — 비로그인 시 에러 throw", () => {
+    const authCtx = {
+      getUserIdentity: () => null,
+      requireAuth: () => {
+        throw new Error("Authentication required");
+      },
+    };
+
+    expect(() => authCtx.requireAuth()).toThrow("Authentication required");
+  });
+
+  it("requireAuth — 로그인 시 유저 반환 (throw 안 함)", () => {
+    const user = { id: "u2", email: "auth@test.com" };
+    const authCtx = {
+      getUserIdentity: () => user,
+      requireAuth: () => user,
+    };
+
+    expect(() => authCtx.requireAuth()).not.toThrow();
+    expect(authCtx.requireAuth()).toEqual(user);
+  });
 });
 
 // ─── Secure by Default 검증 ─────────────────────────────
 
 describe("Secure by Default — 기본 인증 필수", () => {
-    // query/mutation의 isPublic 기본값은 reactive.test.ts에서 검증됨.
-    // 여기서는 auth 엔드포인트 레벨 패턴만 확인.
-
-    it("공개(public) 쿼리는 auth 없이 실행 가능해야 함", () => {
-        // 이 테스트는 query({ public: true })의 isPublic 플래그 확인
-        // reactive.test.ts의 "Secure by Default" 섹션과 연계
-        const mockQueryDef = { isPublic: true, handler: async () => [] };
-        expect(mockQueryDef.isPublic).toBe(true);
-    });
-
-    it("비공개 쿼리는 기본적으로 auth 필수", () => {
-        const mockQueryDef = { isPublic: false, handler: async () => [] };
-        expect(mockQueryDef.isPublic).toBe(false);
-    });
+  // query/mutation의 isPublic 기본값은 reactive.test.ts에서 검증됨.
+  // 여기서는 auth 엔드포인트 레벨 패턴만 확인.
+
+  it("공개(public) 쿼리는 auth 없이 실행 가능해야 함", () => {
+    // 이 테스트는 query({ public: true })의 isPublic 플래그 확인
+    // reactive.test.ts의 "Secure by Default" 섹션과 연계
+    const mockQueryDef = { isPublic: true, handler: async () => [] };
+    expect(mockQueryDef.isPublic).toBe(true);
+  });
+
+  it("비공개 쿼리는 기본적으로 auth 필수", () => {
+    const mockQueryDef = { isPublic: false, handler: async () => [] };
+    expect(mockQueryDef.isPublic).toBe(false);
+  });
 });