@guren/server 0.2.0-alpha.6 → 1.0.0-rc.11

package/dist/Application-DtWDHXr1.d.ts

@@ -0,0 +1,2110 @@
+import * as hono from 'hono';
+import { Context, MiddlewareHandler, Hono, ExecutionContext } from 'hono';
+import { A as AuthManager, O as OAuthManager, a as AuthContext, b as ApiToken, C as CreateSessionMiddlewareOptions } from './api-token-JOif2CtG.js';
+import { InlineConfig, ViteDevServer } from 'vite';
+import { E as EventManager } from './EventManager-CmIoLt7r.js';
+import { C as CacheManager } from './CacheManager-BkvHEOZX.js';
+import { M as MailManager } from './MailManager-DpMvYiP9.js';
+import { L as LogManager } from './LogManager-7mxnkaPM.js';
+import { I as I18nManager } from './I18nManager-Dtgzsf5n.js';
+import { B as BroadcastManager } from './BroadcastManager-AkIWUGJo.js';
+import { E as Encrypter, A as AppKeyring } from './app-key-CsBfRC_Q.js';
+import { S as StorageManager } from './StorageManager-oZTHqaza.js';
+import { H as HealthManager } from './HealthManager-DUyMIzsZ.js';
+import { S as Scheduler } from './Scheduler-BstvSca7.js';
+import { G as Gate } from './Gate-CNkBYf8m.js';
+import { M as Middleware } from './index-9_Jzj5jo.js';
+
+declare const CSRF_TOKEN_KEY = "_csrf_token";
+declare const CSRF_HEADER_NAME = "X-CSRF-TOKEN";
+declare const CSRF_FORM_FIELD = "_token";
+interface CsrfOptions {
+    /**
+     * Routes to exclude from CSRF protection.
+     * Supports exact paths ('/api/webhook') or patterns ('/api/*').
+     */
+    exclude?: string[];
+    /**
+     * Custom error handler when CSRF validation fails.
+     * Defaults to returning a 403 JSON response.
+     */
+    onError?: (ctx: Context) => Response | Promise<Response>;
+    /**
+     * HTTP methods that require CSRF token validation.
+     * Defaults to ['POST', 'PUT', 'PATCH', 'DELETE'].
+     */
+    methods?: string[];
+    /**
+     * Set the CSRF token as an `XSRF-TOKEN` cookie on every response.
+     * This enables Axios/Inertia.js to automatically read the cookie
+     * and send it back as the `X-XSRF-TOKEN` header.
+     * Defaults to true.
+     */
+    cookie?: boolean;
+    /**
+     * Cookie options when `cookie` is enabled.
+     */
+    cookieOptions?: {
+        path?: string;
+        secure?: boolean;
+        sameSite?: 'Strict' | 'Lax' | 'None';
+    };
+}
+/**
+ * Get the CSRF token from the current session.
+ * Creates a new token if one doesn't exist.
+ */
+declare function getCsrfToken(ctx: Context): string;
+/**
+ * Generate an HTML hidden input field containing the CSRF token.
+ */
+declare function csrfField(ctx: Context): string;
+/**
+ * Verify that the provided token matches the session's CSRF token.
+ */
+declare function verifyCsrfToken(ctx: Context, token: string | undefined): boolean;
+/**
+ * Creates a CSRF protection middleware.
+ *
+ * This middleware:
+ * - Generates and stores a CSRF token in the session for GET requests
+ * - Validates the CSRF token for state-changing HTTP methods (POST, PUT, PATCH, DELETE)
+ * - Supports token submission via form field (_token) or header (X-CSRF-TOKEN)
+ *
+ * @example
+ * ```ts
+ * import { createCsrfMiddleware } from '@guren/server'
+ *
+ * app.use(createSessionMiddleware())
+ * app.use(createCsrfMiddleware({
+ *   exclude: ['/api/webhooks/*']
+ * }))
+ * ```
+ */
+declare function createCsrfMiddleware(options?: CsrfOptions): MiddlewareHandler;
+
+interface InertiaOptions {
+    readonly url?: string;
+    readonly version?: string;
+    readonly status?: number;
+    readonly headers?: HeadersInit;
+    readonly request?: Request;
+    readonly title?: string;
+    readonly entry?: string;
+    readonly importMap?: Record<string, string>;
+    readonly styles?: string[];
+    readonly ssr?: InertiaSsrOptions;
+}
+interface InertiaPagePayload {
+    component: string;
+    props: Record<string, unknown>;
+    url: string;
+    version?: string;
+}
+interface InertiaSsrContext {
+    page: InertiaPagePayload;
+    request?: Request;
+    manifest?: string;
+}
+interface InertiaSsrResult {
+    head: string[];
+    body: string;
+}
+type InertiaSsrRenderer = (context: InertiaSsrContext) => Promise<InertiaSsrResult> | InertiaSsrResult;
+interface InertiaSsrOptions {
+    enabled?: boolean;
+    entry?: string;
+    manifest?: string;
+    render?: InertiaSsrRenderer;
+}
+declare function inertia(component: string, props: Record<string, unknown>, options?: InertiaOptions): Promise<Response>;
+
+/**
+ * Application-level shared props shape for Inertia responses.
+ * Extend this interface in your app (via declaration merging) to type shared props.
+ */
+interface InertiaSharedProps {
+}
+type SharedPropsDefault = Record<string, unknown>;
+type ResolvedSharedInertiaProps = InertiaSharedProps extends Record<string, unknown> ? InertiaSharedProps : SharedPropsDefault;
+type SharedInertiaPropsResolver<Props extends Record<string, unknown> = ResolvedSharedInertiaProps> = (ctx: Context) => Promise<Props> | Props;
+declare function setInertiaSharedProps<Props extends Record<string, unknown> = ResolvedSharedInertiaProps>(resolverFn: SharedInertiaPropsResolver<Props> | null): void;
+
+/**
+ * Parses the incoming request payload supporting both JSON bodies and form submissions.
+ * Falls back to an empty object if the payload cannot be parsed.
+ */
+declare function parseRequestPayload(ctx: Context): Promise<Record<string, unknown>>;
+interface ValidationIssueLike {
+    path: PropertyKey[];
+    message: string;
+}
+interface ValidationErrorLike {
+    issues: ValidationIssueLike[];
+}
+/**
+ * Converts a Zod-style validation error into a flat record usable by forms.
+ */
+declare function formatValidationErrors(error: ValidationErrorLike, fallbackMessage?: string): Record<string, string>;
+
+declare const VALIDATED_DATA_KEY = "guren:validated";
+interface ValidationSchema<T = unknown> {
+    parse(data: unknown): T;
+    safeParse(data: unknown): {
+        success: true;
+        data: T;
+    } | {
+        success: false;
+        error: ValidationErrorLike;
+    };
+}
+interface ValidateRequestOptions {
+    /**
+     * Custom error handler when validation fails.
+     * Defaults to returning a 422 JSON response with formatted errors.
+     */
+    onError?: (ctx: Context, errors: Record<string, string>) => Response | Promise<Response>;
+    /**
+     * HTTP status code for validation errors.
+     * Defaults to 422 (Unprocessable Entity).
+     */
+    status?: number;
+    /**
+     * Fallback message when no field-specific errors are available.
+     */
+    fallbackMessage?: string;
+}
+/**
+ * Get validated data from the request context.
+ * Returns undefined if validation middleware hasn't run or validation failed.
+ */
+declare function getValidatedData<T = Record<string, unknown>>(ctx: Context): T | undefined;
+/**
+ * Creates a validation middleware that validates the request body against a Zod schema.
+ *
+ * @example
+ * ```ts
+ * import { z } from 'zod'
+ * import { validateRequest, getValidatedData } from '@guren/server'
+ *
+ * const CreateUserSchema = z.object({
+ *   name: z.string().min(1),
+ *   email: z.string().email(),
+ * })
+ *
+ * app.post('/users', validateRequest(CreateUserSchema), (c) => {
+ *   const data = getValidatedData<z.infer<typeof CreateUserSchema>>(c)
+ *   // data is typed and validated
+ *   return c.json({ user: data })
+ * })
+ * ```
+ */
+declare function validateRequest<T>(schema: ValidationSchema<T>, options?: ValidateRequestOptions): MiddlewareHandler;
+/**
+ * Creates a validation middleware from a schema factory function.
+ * Useful when the schema depends on request context.
+ *
+ * @example
+ * ```ts
+ * app.post('/users/:role', validateRequestWith((ctx) => {
+ *   const role = ctx.req.param('role')
+ *   return role === 'admin' ? AdminSchema : UserSchema
+ * }), handler)
+ * ```
+ */
+declare function validateRequestWith<T>(schemaFactory: (ctx: Context) => ValidationSchema<T>, options?: ValidateRequestOptions): MiddlewareHandler;
+/**
+ * Validates data against a schema and throws if invalid.
+ * Useful for manual validation in handlers.
+ *
+ * @example
+ * ```ts
+ * app.post('/data', async (c) => {
+ *   const payload = await parseRequestPayload(c)
+ *   const data = validate(MySchema, payload)
+ *   // throws ValidationError if invalid
+ *   return c.json(data)
+ * })
+ * ```
+ */
+declare function validate<T>(schema: ValidationSchema<T>, data: unknown): T;
+/**
+ * Validates data against a schema and returns a result object.
+ * Does not throw on validation failure.
+ */
+declare function validateSafe<T>(schema: ValidationSchema<T>, data: unknown): {
+    success: true;
+    data: T;
+} | {
+    success: false;
+    errors: Record<string, string>;
+};
+
+interface HstsOptions {
+    /** Max age in seconds. */
+    maxAge: number;
+    /** Include subdomains. Default: false */
+    includeSubDomains?: boolean;
+    /** Enable HSTS preload. Default: false */
+    preload?: boolean;
+}
+interface SecurityHeadersOptions {
+    /** X-Frame-Options header. Set to false to disable. Default: 'SAMEORIGIN' */
+    frameOptions?: string | false;
+    /** X-Content-Type-Options header. Set to false to disable. Default: 'nosniff' */
+    contentTypeOptions?: string | false;
+    /** X-XSS-Protection header. Set to false to disable. Default: '0' */
+    xssProtection?: string | false;
+    /** Referrer-Policy header. Set to false to disable. Default: 'strict-origin-when-cross-origin' */
+    referrerPolicy?: string | false;
+    /** X-Permitted-Cross-Domain-Policies header. Set to false to disable. Default: 'none' */
+    crossDomainPolicies?: string | false;
+    /** Strict-Transport-Security header. Default: false (disabled) */
+    hsts?: HstsOptions | false;
+}
+/**
+ * Middleware that sets common HTTP security headers on every response.
+ *
+ * @example
+ * ```ts
+ * import { createSecurityHeaders } from '@guren/core'
+ *
+ * app.use('*', createSecurityHeaders())
+ *
+ * // With HSTS enabled
+ * app.use('*', createSecurityHeaders({
+ *   hsts: { maxAge: 31536000, includeSubDomains: true },
+ * }))
+ *
+ * // Disable specific headers
+ * app.use('*', createSecurityHeaders({
+ *   frameOptions: false,
+ *   xssProtection: false,
+ * }))
+ * ```
+ */
+declare function createSecurityHeaders(options?: SecurityHeadersOptions): MiddlewareHandler;
+
+interface HostAuthorizationOptions {
+    /** Allowed hosts. Supports exact matches and wildcard subdomains (e.g., '*.example.com'). */
+    allowedHosts: string[];
+    /** Paths to exclude from host checking (e.g., ['/healthcheck', '/up']). */
+    exclude?: string[];
+    /** Custom response when host is not authorized. Default: 403 Forbidden. */
+    onError?: (ctx: Context) => Response | Promise<Response>;
+}
+/**
+ * Middleware that validates the Host header against an allowed list.
+ * Protects against DNS rebinding and host header attacks.
+ *
+ * @example
+ * ```ts
+ * import { createHostAuthorizationMiddleware } from '@guren/core'
+ *
+ * app.use('*', createHostAuthorizationMiddleware({
+ *   allowedHosts: ['example.com', '*.example.com', 'localhost:3000'],
+ *   exclude: ['/healthcheck'],
+ * }))
+ * ```
+ */
+declare function createHostAuthorizationMiddleware(options: HostAuthorizationOptions): MiddlewareHandler;
+
+/**
+ * Serialized job data stored in the queue.
+ */
+interface QueuedJob<T = unknown> {
+    /**
+     * Unique job identifier.
+     */
+    id: string;
+    /**
+     * Job class name.
+     */
+    name: string;
+    /**
+     * Job payload data.
+     */
+    payload: T;
+    /**
+     * Queue name this job belongs to.
+     */
+    queue: string;
+    /**
+     * Number of times this job has been attempted.
+     */
+    attempts: number;
+    /**
+     * Maximum number of attempts before failing permanently.
+     */
+    maxAttempts: number;
+    /**
+     * When the job becomes available for processing.
+     */
+    availableAt: Date;
+    /**
+     * When the job was created.
+     */
+    createdAt: Date;
+    /**
+     * When the job was reserved by a worker (null if not reserved).
+     */
+    reservedAt: Date | null;
+    /**
+     * Last error message if the job failed.
+     */
+    lastError?: string;
+}
+/**
+ * Failed job record.
+ */
+interface FailedJob<T = unknown> extends QueuedJob<T> {
+    /**
+     * When the job failed.
+     */
+    failedAt: Date;
+    /**
+     * Error that caused the failure.
+     */
+    error: string;
+    /**
+     * Stack trace of the error.
+     */
+    stack?: string;
+}
+/**
+ * Queue driver interface.
+ * Implement this to create a custom queue backend.
+ */
+interface QueueDriver {
+    /**
+     * Push a job onto the queue.
+     */
+    push(job: QueuedJob): Promise<void>;
+    /**
+     * Pop the next available job from the queue.
+     * Returns null if no jobs are available.
+     */
+    pop(queue: string): Promise<QueuedJob | null>;
+    /**
+     * Release a job back onto the queue (for retry).
+     * @param job - The job to release
+     * @param delayMs - Delay before the job becomes available again
+     */
+    release(job: QueuedJob, delayMs?: number): Promise<void>;
+    /**
+     * Delete a job from the queue.
+     */
+    delete(jobId: string): Promise<void>;
+    /**
+     * Mark a job as failed and move to failed jobs.
+     */
+    fail(job: QueuedJob, error: Error): Promise<void>;
+    /**
+     * Get the number of jobs in a queue.
+     */
+    size(queue: string): Promise<number>;
+    /**
+     * Get failed jobs.
+     */
+    getFailedJobs(queue?: string): Promise<FailedJob[]>;
+    /**
+     * Retry a failed job.
+     */
+    retryFailedJob(jobId: string): Promise<void>;
+    /**
+     * Delete a failed job.
+     */
+    deleteFailedJob(jobId: string): Promise<void>;
+    /**
+     * Clear all jobs (for testing).
+     */
+    clear(): Promise<void>;
+}
+/**
+ * Options for creating a job.
+ */
+interface JobOptions {
+    /**
+     * Queue to dispatch the job to.
+     * @default 'default'
+     */
+    queue?: string;
+    /**
+     * Delay in milliseconds before the job is available.
+     * @default 0
+     */
+    delay?: number;
+    /**
+     * Maximum number of attempts.
+     * @default 3
+     */
+    maxAttempts?: number;
+}
+/**
+ * Worker options.
+ */
+interface WorkerOptions {
+    /**
+     * Queues to process (in priority order).
+     * @default ['default']
+     */
+    queues?: string[];
+    /**
+     * Sleep time in milliseconds when no jobs are available.
+     * @default 1000
+     */
+    sleep?: number;
+    /**
+     * Maximum number of jobs to process before stopping.
+     * Set to 0 for unlimited.
+     * @default 0
+     */
+    maxJobs?: number;
+    /**
+     * Timeout for each job in milliseconds.
+     * @default 60000
+     */
+    timeout?: number;
+    /**
+     * Stop the worker when no jobs are available.
+     * Useful for one-shot processing or testing.
+     * @default false
+     */
+    stopWhenEmpty?: boolean;
+}
+/**
+ * Job handler function type.
+ */
+type JobHandler<T = unknown> = (payload: T) => void | Promise<void>;
+/**
+ * Job failure handler function type.
+ */
+type JobFailureHandler<T = unknown> = (payload: T, error: Error) => void | Promise<void>;
+
+/**
+ * Set the global queue driver.
+ */
+declare function setQueueDriver(driver: QueueDriver): void;
+/**
+ * Get the global queue driver.
+ */
+declare function getQueueDriver(): QueueDriver | null;
+/**
+ * Base class for defining jobs.
+ *
+ * @example
+ * ```ts
+ * class SendWelcomeEmailJob extends Job<{ userId: string }> {
+ *   static queue = 'emails'
+ *   static maxAttempts = 5
+ *
+ *   async handle({ userId }: { userId: string }): Promise<void> {
+ *     const user = await User.find(userId)
+ *     await mail.to(user.email).template(WelcomeEmail, user).send()
+ *   }
+ *
+ *   async failed({ userId }: { userId: string }, error: Error): Promise<void> {
+ *     console.error(`Failed to send welcome email to user ${userId}:`, error)
+ *   }
+ * }
+ *
+ * // Dispatch the job
+ * await SendWelcomeEmailJob.dispatch({ userId: '123' })
+ *
+ * // Dispatch with delay
+ * await SendWelcomeEmailJob.dispatchAfter(60000, { userId: '123' })
+ * ```
+ */
+declare abstract class Job<T = unknown> {
+    /**
+     * The queue this job should be dispatched to.
+     * @default 'default'
+     */
+    static queue: string;
+    /**
+     * Maximum number of times the job should be attempted.
+     * @default 3
+     */
+    static maxAttempts: number;
+    /**
+     * Backoff strategy for retries.
+     * - 'exponential': 2^attempt * 1000ms (1s, 2s, 4s, 8s, ...)
+     * - 'linear': attempt * 1000ms (1s, 2s, 3s, 4s, ...)
+     * - number: fixed delay in milliseconds
+     * @default 'exponential'
+     */
+    static backoff: 'exponential' | 'linear' | number;
+    protected make<K extends keyof ServiceBindings>(key: K): ServiceBindings[K];
+    protected make<TService>(key: string): TService;
+    /**
+     * Handle the job.
+     * Override this method to define job logic.
+     */
+    abstract handle(payload: T): void | Promise<void>;
+    /**
+     * Called when the job fails permanently (after all retries exhausted).
+     * Override this method to handle failures.
+     */
+    failed?(payload: T, error: Error): void | Promise<void>;
+    /**
+     * Dispatch the job to the queue.
+     *
+     * @param payload - Job payload data
+     * @param options - Optional dispatch options
+     */
+    static dispatch<T>(this: JobClass<T>, payload: T, options?: JobOptions): Promise<string>;
+    /**
+     * Dispatch the job after a delay.
+     *
+     * @param delayMs - Delay in milliseconds
+     * @param payload - Job payload data
+     * @param options - Optional dispatch options (delay is overridden)
+     */
+    static dispatchAfter<T>(this: JobClass<T>, delayMs: number, payload: T, options?: Omit<JobOptions, 'delay'>): Promise<string>;
+    /**
+     * Calculate the retry delay based on backoff strategy.
+     */
+    static calculateRetryDelay(attempts: number): number;
+}
+/**
+ * Job class constructor type.
+ */
+interface JobClass<T = unknown> {
+    new (): Job<T>;
+    name: string;
+    queue: string;
+    maxAttempts: number;
+    backoff: 'exponential' | 'linear' | number;
+    dispatch(payload: T, options?: JobOptions): Promise<string>;
+    dispatchAfter(delayMs: number, payload: T, options?: Omit<JobOptions, 'delay'>): Promise<string>;
+    calculateRetryDelay(attempts: number): number;
+}
+/**
+ * Register a job class for the worker to use.
+ */
+declare function registerJob<T>(jobClass: JobClass<T>): void;
+/**
+ * Get a registered job class by name.
+ */
+declare function getJob(name: string): JobClass | undefined;
+/**
+ * Get all registered job classes.
+ */
+declare function getRegisteredJobs(): Map<string, JobClass>;
+/**
+ * Clear all registered jobs (for testing).
+ */
+declare function clearJobRegistry(): void;
+
+/**
+ * Queue driver factory function.
+ */
+type QueueDriverFactory = () => QueueDriver;
+/**
+ * Queue configuration.
+ */
+interface QueueConfig {
+    /**
+     * Default driver name.
+     * @default 'memory'
+     */
+    default?: string;
+    /**
+     * Driver configurations.
+     */
+    drivers?: Record<string, QueueDriverFactory>;
+}
+/**
+ * Queue manager for handling multiple queue drivers.
+ *
+ * @example
+ * ```ts
+ * import { QueueManager, MemoryDriver, RedisDriver } from '@guren/server/queue'
+ * import { createRedisClient } from '@guren/server/redis'
+ *
+ * const redis = createRedisClient({ url: process.env.REDIS_URL })
+ *
+ * const queueManager = new QueueManager({
+ *   default: 'redis',
+ *   drivers: {
+ *     memory: () => new MemoryDriver(),
+ *     redis: () => new RedisDriver(redis),
+ *   }
+ * })
+ *
+ * // Use the default driver
+ * const driver = queueManager.driver()
+ *
+ * // Use a specific driver
+ * const memoryDriver = queueManager.driver('memory')
+ * ```
+ */
+declare class QueueManager {
+    private readonly defaultDriver;
+    private readonly driverFactories;
+    private readonly resolvedDrivers;
+    constructor(config?: QueueConfig);
+    /**
+     * Get a queue driver by name.
+     * Returns the default driver if no name is specified.
+     */
+    driver(name?: string): QueueDriver;
+    /**
+     * Register a custom driver factory.
+     */
+    registerDriver(name: string, factory: QueueDriverFactory): void;
+    /**
+     * Check if a driver is registered.
+     */
+    hasDriver(name: string): boolean;
+    /**
+     * Get the default driver name.
+     */
+    getDefaultDriverName(): string;
+    /**
+     * Get all registered driver names.
+     */
+    getDriverNames(): string[];
+    /**
+     * Set the default driver and update global driver.
+     */
+    setDefaultDriver(name: string): void;
+}
+/**
+ * Create a queue manager with default configuration.
+ */
+declare function createQueueManager(config?: QueueConfig): QueueManager;
+
+/**
+ * Base notification class.
+ *
+ * @example
+ * ```typescript
+ * class OrderShipped extends Notification {
+ *   static shouldQueue = true
+ *   static queue = 'notifications'
+ *
+ *   constructor(private order: Order) {
+ *     super()
+ *   }
+ *
+ *   via(notifiable: Notifiable): string[] {
+ *     return ['mail', 'database']
+ *   }
+ *
+ *   toMail(notifiable: Notifiable): NotificationMailMessage {
+ *     return {
+ *       subject: `Order #${this.order.id} shipped`,
+ *       html: '<p>Your order is on its way!</p>',
+ *     }
+ *   }
+ *
+ *   toDatabase(notifiable: Notifiable): Record<string, unknown> {
+ *     return {
+ *       orderId: this.order.id,
+ *       message: 'Your order has shipped',
+ *     }
+ *   }
+ * }
+ * ```
+ */
+declare abstract class Notification {
+    /**
+     * Whether this notification should be queued.
+     */
+    static shouldQueue: boolean;
+    /**
+     * The queue name for this notification.
+     */
+    static queue?: string;
+    /**
+     * Delay in milliseconds before sending.
+     */
+    static delay?: number;
+    /**
+     * Unique notification ID.
+     */
+    readonly id: string;
+    /**
+     * When the notification was created.
+     */
+    readonly createdAt: Date;
+    constructor();
+    /**
+     * Get the notification's delivery channels.
+     */
+    abstract via(notifiable: Notifiable): string[];
+    /**
+     * Get the mail representation of the notification.
+     */
+    toMail?(notifiable: Notifiable): NotificationMailMessage;
+    /**
+     * Get the database representation of the notification.
+     */
+    toDatabase?(notifiable: Notifiable): Record<string, unknown>;
+    /**
+     * Get the Slack representation of the notification.
+     */
+    toSlack?(notifiable: Notifiable): SlackMessage;
+    /**
+     * Get the array representation of the notification.
+     * Used as a fallback for any channel.
+     */
+    toArray?(notifiable: Notifiable): Record<string, unknown>;
+    /**
+     * Get the notification type (default: class name).
+     */
+    get type(): string;
+    /**
+     * Check if the notification should be sent to the given notifiable.
+     * Override to add custom logic.
+     */
+    shouldSend(_notifiable: Notifiable): boolean | Promise<boolean>;
+    /**
+     * Generate a unique notification ID.
+     */
+    protected generateId(): string;
+    /**
+     * Get static queue configuration.
+     */
+    static getQueueConfig(): {
+        shouldQueue: boolean;
+        queue?: string;
+        delay?: number;
+    };
+}
+
+/**
+ * Notification channel interface.
+ */
+interface NotificationChannel {
+    readonly name: string;
+    send(notifiable: Notifiable, notification: Notification): Promise<void>;
+}
+/**
+ * Notifiable entity interface.
+ */
+interface Notifiable {
+    /**
+     * Get the notification routing information for a given channel.
+     */
+    routeNotificationFor(channel: string): string | null;
+    /**
+     * Database notifications (optional).
+     */
+    notifications?: DatabaseNotification[];
+}
+/**
+ * Database notification record.
+ */
+interface DatabaseNotification {
+    id: string;
+    type: string;
+    notifiableId: string | number;
+    notifiableType: string;
+    data: Record<string, unknown>;
+    readAt: Date | null;
+    createdAt: Date;
+}
+/**
+ * Mail message for notifications.
+ */
+interface NotificationMailMessage {
+    subject: string;
+    html?: string;
+    text?: string;
+    from?: string;
+    replyTo?: string;
+    cc?: string | string[];
+    bcc?: string | string[];
+    attachments?: NotificationAttachment[];
+}
+/**
+ * Notification attachment.
+ */
+interface NotificationAttachment {
+    filename: string;
+    content?: string | Buffer;
+    path?: string;
+    contentType?: string;
+}
+/**
+ * Slack message for notifications.
+ */
+interface SlackMessage {
+    text?: string;
+    blocks?: SlackBlock[];
+    attachments?: SlackAttachment[];
+    channel?: string;
+    username?: string;
+    icon_emoji?: string;
+    icon_url?: string;
+}
+/**
+ * Slack block.
+ */
+interface SlackBlock {
+    type: string;
+    text?: {
+        type: string;
+        text: string;
+        emoji?: boolean;
+    };
+    elements?: unknown[];
+    accessory?: unknown;
+    fields?: Array<{
+        type: string;
+        text: string;
+    }>;
+    [key: string]: unknown;
+}
+/**
+ * Slack attachment.
+ */
+interface SlackAttachment {
+    color?: string;
+    fallback?: string;
+    pretext?: string;
+    author_name?: string;
+    author_link?: string;
+    author_icon?: string;
+    title?: string;
+    title_link?: string;
+    text?: string;
+    fields?: Array<{
+        title: string;
+        value: string;
+        short?: boolean;
+    }>;
+    image_url?: string;
+    thumb_url?: string;
+    footer?: string;
+    footer_icon?: string;
+    ts?: number;
+}
+/**
+ * Notification channel factory.
+ */
+interface NotificationChannelFactory {
+    (config: Record<string, unknown>): NotificationChannel;
+}
+/**
+ * Notification manager options.
+ */
+interface NotificationManagerOptions {
+    channels?: Record<string, NotificationChannel>;
+    channelFactories?: Record<string, NotificationChannelFactory>;
+}
+/**
+ * Database channel options.
+ */
+interface DatabaseChannelOptions {
+    /**
+     * Callback to store the notification.
+     */
+    store?: (notifiable: Notifiable, notification: DatabaseNotification) => Promise<void>;
+}
+/**
+ * Sent notification record (for testing).
+ */
+interface SentNotification {
+    notifiable: Notifiable;
+    notification: Notification;
+    channels: string[];
+    timestamp: Date;
+}
+/**
+ * Notification class type.
+ */
+interface NotificationClass<T extends Notification = Notification> {
+    new (...args: unknown[]): T;
+    shouldQueue?: boolean;
+    queue?: string;
+    delay?: number;
+    getQueueConfig?: () => {
+        shouldQueue: boolean;
+        queue?: string;
+        delay?: number;
+    };
+}
+
+/**
+ * Notification manager for sending notifications through multiple channels.
+ *
+ * @example
+ * ```typescript
+ * const notifications = new NotificationManager()
+ *
+ * notifications
+ *   .registerChannel('mail', new MailChannel(mailManager))
+ *   .registerChannel('database', new DatabaseChannel())
+ *   .registerChannel('slack', new SlackChannel(webhookUrl))
+ *
+ * // Send notification
+ * await notifications.send(user, new OrderShipped(order))
+ *
+ * // Send to multiple users
+ * await notifications.sendToMany(admins, new NewUserRegistered(user))
+ * ```
+ */
+declare class NotificationManager {
+    protected channels: Map<string, NotificationChannel>;
+    protected channelFactories: Map<string, NotificationChannelFactory>;
+    protected resolvedChannels: Map<string, NotificationChannel>;
+    constructor(options?: NotificationManagerOptions);
+    /**
+     * Register a notification channel.
+     */
+    registerChannel(name: string, channel: NotificationChannel): this;
+    /**
+     * Register a notification channel factory.
+     */
+    registerChannelFactory(name: string, factory: NotificationChannelFactory): this;
+    /**
+     * Get a notification channel by name.
+     */
+    channel(name: string): NotificationChannel;
+    /**
+     * Check if a channel is registered.
+     */
+    hasChannel(name: string): boolean;
+    /**
+     * Get all registered channel names.
+     */
+    getChannelNames(): string[];
+    /**
+     * Send a notification to a notifiable entity.
+     * Respects queue configuration on the notification class.
+     */
+    send(notifiable: Notifiable, notification: Notification): Promise<void>;
+    /**
+     * Send a notification immediately (bypasses queue).
+     */
+    sendNow(notifiable: Notifiable, notification: Notification): Promise<void>;
+    /**
+     * Queue a notification for later delivery.
+     */
+    protected queue(notifiable: Notifiable, notification: Notification, queueConfig: {
+        queue?: string;
+        delay?: number;
+    }): Promise<void>;
+    /**
+     * Send notification to multiple notifiables.
+     */
+    sendToMany(notifiables: Notifiable[], notification: Notification): Promise<void>;
+    /**
+     * Send notification immediately to multiple notifiables.
+     */
+    sendNowToMany(notifiables: Notifiable[], notification: Notification): Promise<void>;
+    /**
+     * Serialize notifiable for queue storage.
+     */
+    protected serializeNotifiable(notifiable: Notifiable): SerializedNotifiable;
+    /**
+     * Serialize notification for queue storage.
+     */
+    protected serializeNotification(notification: Notification): SerializedNotification;
+    /**
+     * Create the notification job class.
+     */
+    protected createNotificationJob(): typeof SendNotificationJob;
+}
+/**
+ * Payload for queued notifications.
+ */
+interface SendNotificationPayload {
+    notifiableData: SerializedNotifiable;
+    notificationData: SerializedNotification;
+    notificationType: string;
+}
+interface SerializedNotifiable {
+    type: string;
+    data: Record<string, unknown>;
+}
+interface SerializedNotification {
+    type: string;
+    id: string;
+    data: Record<string, unknown>;
+}
+/**
+ * Job for sending queued notifications.
+ */
+declare class SendNotificationJob extends Job<SendNotificationPayload> {
+    static jobName: string;
+    static queue: string;
+    static maxAttempts: number;
+    static notificationManager: NotificationManager | null;
+    handle(payload: SendNotificationPayload): Promise<void>;
+}
+/**
+ * Set the global notification manager.
+ */
+declare function setNotificationManager(manager: NotificationManager): void;
+/**
+ * Get the global notification manager.
+ */
+declare function getNotificationManager(): NotificationManager;
+/**
+ * Create a notification manager.
+ */
+declare function createNotificationManager(options?: NotificationManagerOptions): NotificationManager;
+
+/**
+ * Error response structure.
+ */
+interface ErrorResponse {
+    message: string;
+    errors?: Record<string, string[]>;
+    stack?: string;
+    exception?: string;
+}
+/**
+ * Exception handler options.
+ */
+interface ExceptionHandlerOptions {
+    /**
+     * Whether to show detailed error information.
+     * Default: true in development, false in production.
+     */
+    debug?: boolean;
+    /**
+     * Custom debug detection function.
+     */
+    isDebug?: () => boolean;
+}
+/**
+ * Exception reporter callback.
+ */
+type ExceptionReporter = (error: Error) => void | Promise<void>;
+/**
+ * Exception renderer callback.
+ */
+type ExceptionRenderer<T extends Error = Error> = (error: T, ctx: Context) => Response | Promise<Response>;
+/**
+ * Exception class type.
+ */
+type ExceptionClass<T extends Error = Error> = new (...args: any[]) => T;
+/**
+ * Renderer registration.
+ */
+interface RendererRegistration {
+    errorClass: ExceptionClass;
+    renderer: ExceptionRenderer;
+}
+
+/**
+ * Exception handler for centralized error handling.
+ *
+ * @example
+ * ```typescript
+ * const handler = new ExceptionHandler({ debug: false })
+ *
+ * // Report exceptions (e.g., to Sentry)
+ * handler.report(async (error) => {
+ *   await sentry.captureException(error)
+ * })
+ *
+ * // Custom renderer for validation errors
+ * handler.render(ValidationException, (error, ctx) => {
+ *   return ctx.json({ errors: error.errors }, 422)
+ * })
+ *
+ * // Don't report 404 errors
+ * handler.dontReport(NotFoundHttpException)
+ *
+ * // Use as middleware
+ * app.use('*', handler.middleware())
+ * ```
+ */
+declare class ExceptionHandler {
+    /**
+     * Exception reporters.
+     */
+    protected reporters: ExceptionReporter[];
+    /**
+     * Exception renderers.
+     */
+    protected renderers: RendererRegistration[];
+    /**
+     * Exception classes to not report.
+     */
+    protected dontReportClasses: ExceptionClass[];
+    /**
+     * Handler options.
+     */
+    protected options: ExceptionHandlerOptions;
+    constructor(options?: ExceptionHandlerOptions);
+    /**
+     * Register an exception reporter.
+     * Reporters are called for every exception (unless in dontReport list).
+     */
+    report(callback: ExceptionReporter): this;
+    /**
+     * Register a custom renderer for an exception type.
+     */
+    render<T extends Error>(errorClass: ExceptionClass<T>, renderer: ExceptionRenderer<T>): this;
+    /**
+     * Add an exception class to the don't report list.
+     */
+    dontReport(errorClass: ExceptionClass): this;
+    /**
+     * Check if debug mode is enabled.
+     */
+    shouldShowDetails(): boolean;
+    /**
+     * Handle an exception.
+     */
+    handle(error: Error, ctx: Context): Promise<Response>;
+    /**
+     * Report an exception to all reporters.
+     */
+    protected reportException(error: Error): Promise<void>;
+    /**
+     * Check if an exception should not be reported.
+     */
+    protected shouldNotReport(error: Error): boolean;
+    protected matchesErrorClass(error: Error, errorClass: ExceptionClass): boolean;
+    /**
+     * Render an exception to a response.
+     */
+    protected renderException(error: Error, ctx: Context): Promise<Response>;
+    /**
+     * Default exception rendering.
+     */
+    protected renderDefaultException(error: Error, ctx: Context): Response;
+    /**
+     * Determine whether the request expects an HTML response.
+     * Returns false for Inertia, XHR, and JSON API requests so they
+     * continue to receive JSON error payloads.
+     */
+    protected wantsHtmlResponse(ctx: Context): boolean;
+    /**
+     * Create middleware for exception handling.
+     */
+    middleware(): Middleware;
+}
+/**
+ * Create an exception handler.
+ */
+declare function createExceptionHandler(options?: ExceptionHandlerOptions): ExceptionHandler;
+/**
+ * Set the global exception handler.
+ */
+declare function setExceptionHandler(handler: ExceptionHandler): void;
+/**
+ * Get the global exception handler.
+ */
+declare function getExceptionHandler(): ExceptionHandler;
+/**
+ * Abort the request with an HTTP exception.
+ */
+declare function abort(statusCode: number, message?: string, errors?: Record<string, string[]>): never;
+/**
+ * Abort if condition is true.
+ */
+declare function abortIf(condition: boolean, statusCode: number, message?: string): void;
+/**
+ * Abort unless condition is true.
+ */
+declare function abortUnless(condition: boolean, statusCode: number, message?: string): void;
+
+/**
+ * Type-safe service binding map.
+ *
+ * Maps service keys to their concrete types for type-safe resolution
+ * via `container.make('key')`.
+ *
+ * @example
+ * ```typescript
+ * const events = container.make('events') // EventManager
+ * const cache = container.make('cache')   // CacheManager
+ * ```
+ */
+interface ServiceBindings {
+    app: Application;
+    hono: Hono;
+    events: EventManager;
+    cache: CacheManager;
+    queue: QueueManager;
+    mail: MailManager;
+    log: LogManager;
+    i18n: I18nManager;
+    notifications: NotificationManager;
+    broadcast: BroadcastManager;
+    encrypter: Encrypter;
+    'app.keyring': AppKeyring;
+    auth: AuthManager;
+    oauth: OAuthManager;
+    storage: StorageManager;
+    health: HealthManager;
+    scheduler: Scheduler;
+    gate: Gate;
+    'exception.handler': ExceptionHandler;
+}
+
+/** Structural type for DI containers, avoiding a hard dependency on Container. */
+interface ContainerLike {
+    make(key: string): unknown;
+}
+/**
+ * Duck-type interface for Zod-like schemas.
+ * Allows validation without a direct Zod dependency.
+ */
+interface ZodLikeSchema<T> {
+    safeParse(data: unknown): {
+        success: true;
+        data: T;
+    } | {
+        success: false;
+        error: {
+            issues: Array<{
+                path: PropertyKey[];
+                message: string;
+            }>;
+        };
+    };
+}
+/**
+ * Result type for safe validation methods (discriminated union).
+ */
+type SafeValidationResult<T> = {
+    success: true;
+    data: T;
+} | {
+    success: false;
+    errors: Record<string, string>;
+};
+type DefaultInertiaProps = Record<string, unknown>;
+type AuthPayload = Record<string, unknown> & {
+    user: unknown;
+};
+type InertiaPageContractLike<Component extends string = string, Props extends DefaultInertiaProps = DefaultInertiaProps> = {
+    id: Component;
+    component?: Component;
+    __props?: Props;
+};
+type InertiaResponseMarker<Component extends string, Props extends DefaultInertiaProps> = {
+    __gurenInertia: {
+        component: Component;
+        props: Props;
+    };
+};
+type InertiaResponse<Component extends string, Props extends DefaultInertiaProps> = Response & InertiaResponseMarker<Component, Props>;
+type InertiaWithProps = {
+    __gurenInertia: {
+        props: DefaultInertiaProps;
+    };
+};
+type ExtractInertiaProps<T> = Awaited<T> extends infer R ? R extends InertiaWithProps ? R['__gurenInertia']['props'] : never : never;
+type InferInertiaProps<T> = [ExtractInertiaProps<T>] extends [never] ? DefaultInertiaProps : ExtractInertiaProps<T>;
+type ControllerInertiaProps<TController extends Controller, TAction extends keyof TController> = TController[TAction] extends (...args: any[]) => infer TResult ? InferInertiaProps<Awaited<TResult>> : DefaultInertiaProps;
+interface RedirectOptions {
+    status?: number;
+    headers?: HeadersInit;
+}
+type InertiaResponseOptions = Omit<InertiaOptions, 'url' | 'request'> & {
+    url?: string;
+};
+type InertiaPageComponent<TPage extends InertiaPageContractLike> = TPage['id'];
+type InertiaPageProps<TPage extends InertiaPageContractLike> = NonNullable<TPage['__props']>;
+/**
+ * Base controller inspired by Laravel's expressive API. Subclasses can access
+ * the current Hono context through the protected `ctx` getter and rely on the
+ * helper response builders for common patterns.
+ *
+ * Supports dependency injection via the `static inject` convention:
+ * ```typescript
+ * class PostController extends Controller {
+ *   static inject = ['cache', 'events'] as const
+ *   constructor(private cache: CacheManager, private events: EventManager) { super() }
+ * }
+ * ```
+ */
+declare class Controller {
+    /**
+     * Dependencies to inject from the container.
+     * Override in subclasses to declare required services.
+     */
+    static inject?: readonly string[];
+    private context?;
+    private parsedBody?;
+    private resolvedModels?;
+    private _container?;
+    setContext(context: Context): void;
+    /** @internal Called by the router to inject the DI container. */
+    setContainer(container: ContainerLike): void;
+    /**
+     * Store a resolved model instance from route model binding.
+     * @internal Called by the router, not intended for direct use.
+     */
+    setResolvedModel(modelClass: unknown, instance: unknown): void;
+    /**
+     * Retrieve a model instance resolved via route model binding.
+     *
+     * @example
+     * ```typescript
+     * // routes/web.ts
+     * posts.get('/:id', { bind: { id: Post }, name: 'posts.show' }, [PostController, 'show'])
+     *
+     * // PostController.ts
+     * async show() {
+     *   const post = this.model(Post)  // typed as PostRecord
+     *   return this.inertia(pages.posts.Show, { post })
+     * }
+     * ```
+     */
+    protected model<T extends {
+        findOrFail(...args: any[]): Promise<any>;
+    }>(modelClass: T): Awaited<ReturnType<T['findOrFail']>>;
+    protected get ctx(): Context;
+    protected get request(): hono.HonoRequest<any, unknown>;
+    protected get auth(): AuthContext;
+    protected make<K extends keyof ServiceBindings>(key: K): ServiceBindings[K];
+    protected make<T>(key: string): T;
+    /**
+     * Get the authenticated API token or throw AuthenticationException.
+     *
+     * @example
+     * ```typescript
+     * const { userId, abilities } = this.apiToken()
+     * ```
+     */
+    protected apiToken(): {
+        token: ApiToken;
+        userId: string | number;
+        abilities: string[];
+    };
+    /**
+     * Get the authenticated user ID from the API token.
+     *
+     * @example
+     * ```typescript
+     * const userId = this.apiTokenUserId()
+     * ```
+     */
+    protected apiTokenUserId(): string | number;
+    protected inertia<TPage extends InertiaPageContractLike>(page: TPage, props: InertiaPageProps<TPage>, options?: InertiaResponseOptions): Promise<InertiaResponse<InertiaPageComponent<TPage>, InertiaPageProps<TPage> & ResolvedSharedInertiaProps>>;
+    protected inertia<Component extends string, Props extends DefaultInertiaProps>(component: Component, props: Props, options?: InertiaResponseOptions): Promise<InertiaResponse<Component, Props & ResolvedSharedInertiaProps>>;
+    protected json<T>(data: T, init?: ResponseInit): Response;
+    protected text(body: string, init?: ResponseInit): Response;
+    protected redirect(url: string, options?: RedirectOptions): Response;
+    /**
+     * Return a 204 No Content response.
+     */
+    protected noContent(): Response;
+    /**
+     * Return a 201 Created response with JSON data.
+     */
+    protected created<T>(data?: T, init?: ResponseInit): Response;
+    /**
+     * Return a 202 Accepted response with optional JSON data.
+     */
+    protected accepted<T>(data?: T, init?: ResponseInit): Response;
+    private jsonStatus;
+    /**
+     * Get a specific input value from the request body or query parameters.
+     * Body values take precedence over query parameters.
+     */
+    protected input<T = unknown>(key: string, defaultValue?: T): Promise<T | undefined>;
+    /**
+     * Get a query parameter value.
+     */
+    protected query(key: string, defaultValue?: string): string | undefined;
+    /**
+     * Get only the specified keys from the request body.
+     */
+    protected only(...keys: string[]): Promise<Record<string, unknown>>;
+    /**
+     * Get all request body values except the specified keys.
+     */
+    protected except(...keys: string[]): Promise<Record<string, unknown>>;
+    /**
+     * Check if a key exists in the request body.
+     */
+    protected has(key: string): Promise<boolean>;
+    /** Flatten query string arrays to scalar values for cleaner schema usage. */
+    private flattenQueries;
+    /**
+     * Validate the request body against a Zod-like schema.
+     * Throws ValidationException on failure.
+     *
+     * @example
+     * ```typescript
+     * const data = await this.validateBody(CreatePostSchema)
+     * ```
+     */
+    protected validateBody<T>(schema: ZodLikeSchema<T>): Promise<T>;
+    /**
+     * Validate query parameters against a Zod-like schema.
+     * Throws ValidationException on failure.
+     *
+     * @example
+     * ```typescript
+     * const { page } = this.validateQuery(PageQuerySchema)
+     * ```
+     */
+    protected validateQuery<T>(schema: ZodLikeSchema<T>): T;
+    /**
+     * Validate route parameters against a Zod-like schema.
+     * Throws ValidationException on failure.
+     *
+     * @example
+     * ```typescript
+     * const { id } = this.validateParams(PostIdParamSchema)
+     * ```
+     */
+    protected validateParams<T>(schema: ZodLikeSchema<T>): T;
+    /**
+     * Validate the request body against a Zod-like schema without throwing.
+     * Returns a discriminated union: `{ success: true, data }` or `{ success: false, errors }`.
+     *
+     * @example
+     * ```typescript
+     * const result = await this.validateBodySafe(CreatePostSchema)
+     * if (!result.success) {
+     *   return this.inertia(pages.posts.New, { errors: result.errors }, { status: 422 })
+     * }
+     * const { title, body } = result.data
+     * ```
+     */
+    protected validateBodySafe<T>(schema: ZodLikeSchema<T>): Promise<SafeValidationResult<T>>;
+    /**
+     * Validate query parameters against a Zod-like schema without throwing.
+     * Returns a discriminated union: `{ success: true, data }` or `{ success: false, errors }`.
+     */
+    protected validateQuerySafe<T>(schema: ZodLikeSchema<T>): SafeValidationResult<T>;
+    /**
+     * Validate route parameters against a Zod-like schema without throwing.
+     * Returns a discriminated union: `{ success: true, data }` or `{ success: false, errors }`.
+     */
+    protected validateParamsSafe<T>(schema: ZodLikeSchema<T>): SafeValidationResult<T>;
+    private runValidation;
+    private runValidationSafe;
+    private getBody;
+}
+
+/**
+ * Service factory function.
+ */
+type ServiceFactory<T> = (container: Container) => T;
+/**
+ * Service class constructor.
+ */
+type ServiceClass<T> = new (...args: unknown[]) => T;
+/**
+ * Service binding configuration.
+ */
+interface ServiceBinding {
+    factory: ServiceFactory<unknown>;
+    singleton: boolean;
+    instance?: unknown;
+}
+/**
+ * Contextual binding builder interface.
+ */
+interface ContextualBindingBuilder {
+    needs(abstract: string): ContextualNeedsBuilder;
+}
+/**
+ * Contextual needs builder interface.
+ */
+interface ContextualNeedsBuilder {
+    give<T>(factory: ServiceFactory<T> | T): void;
+}
+/**
+ * Contextual binding configuration.
+ */
+interface ContextualBinding {
+    concrete: string;
+    needs: string;
+    factory: ServiceFactory<unknown>;
+}
+/**
+ * Service provider options.
+ */
+interface ServiceProviderOptions {
+    /**
+     * Whether this provider should be deferred.
+     */
+    deferred?: boolean;
+    /**
+     * Services this provider provides (for deferred loading).
+     */
+    provides?: string[];
+}
+/**
+ * Provider interface for container-based service providers.
+ */
+interface Provider {
+    register?(context: unknown): void | Promise<void>;
+    boot?(context: unknown): void | Promise<void>;
+}
+/**
+ * Service provider class type.
+ */
+interface ServiceProviderClass {
+    new (container: Container): Provider;
+    deferred?: boolean;
+    provides?: string[];
+}
+
+/**
+ * Dependency injection container with type-safe service resolution.
+ *
+ * @example
+ * ```typescript
+ * const container = new Container()
+ *
+ * // Register services
+ * container.singleton('events', (c) => new EventManager())
+ * container.instance('config', loadConfig())
+ *
+ * // Type-safe resolution (known bindings)
+ * const events = container.make('events') // EventManager
+ *
+ * // Generic resolution (custom bindings)
+ * const db = container.make<Database>('db')
+ * ```
+ */
+declare class Container {
+    protected bindings: Map<string, ServiceBinding>;
+    protected aliases: Map<string, string>;
+    protected tags: Map<string, Set<string>>;
+    protected contextualBindings: ContextualBinding[];
+    protected resolvingStack: string[];
+    protected scopedInstances: Map<string, unknown>[];
+    protected fakes: Map<string, unknown>;
+    /** @internal Used by ProviderManager to resolve deferred providers on demand */
+    deferredProviderLoader: ((service: string) => Promise<void>) | null;
+    /**
+     * Bind a service to the container.
+     * Each resolution creates a new instance.
+     */
+    bind<T>(key: string, factory: ServiceFactory<T>): this;
+    /**
+     * Bind a singleton service to the container.
+     * Only one instance is created and reused.
+     */
+    singleton<T>(key: string, factory: ServiceFactory<T>): this;
+    /**
+     * Bind an existing instance to the container.
+     */
+    instance<T>(key: string, value: T): this;
+    /**
+     * Resolve a service from the container.
+     *
+     * Known service keys (from ServiceBindings) are automatically typed:
+     * ```typescript
+     * container.make('events') // EventManager
+     * container.make('cache')  // CacheManager
+     * ```
+     *
+     * Custom keys require an explicit type parameter:
+     * ```typescript
+     * container.make<MyService>('myService')
+     * ```
+     */
+    make<K extends keyof ServiceBindings>(key: K): ServiceBindings[K];
+    make<T>(key: string): T;
+    /**
+     * Resolve a service with additional parameters.
+     */
+    makeWith<T>(key: string, params: Record<string, unknown>): T;
+    /**
+     * Check if a service is bound in the container.
+     */
+    has(key: string): boolean;
+    /**
+     * Create an alias for a service.
+     */
+    alias(alias: string, key: string): this;
+    /**
+     * Tag multiple services with a tag name.
+     */
+    tag(keys: string[], tagName: string): this;
+    /**
+     * Resolve all services with a given tag.
+     */
+    tagged<T = unknown>(tagName: string): T[];
+    /**
+     * Define a contextual binding.
+     */
+    when(concrete: string): ContextualBindingBuilder;
+    /**
+     * Run a callback within a scoped context.
+     * Services resolved within the scope are cached and released when the scope ends.
+     */
+    scoped<T>(callback: () => T): T;
+    /**
+     * Run an async callback within a scoped context.
+     */
+    scopedAsync<T>(callback: () => Promise<T>): Promise<T>;
+    /**
+     * Replace a service binding with a fake instance for testing.
+     * Returns a disposable that restores the original binding when disposed.
+     *
+     * @example
+     * ```typescript
+     * // Using 'using' declaration (auto-cleanup)
+     * using _ = container.fake('events', fakeEventManager)
+     *
+     * // Manual cleanup
+     * const restore = container.fake('mail', fakeMailManager)
+     * // ... run tests ...
+     * restore[Symbol.dispose]()
+     * ```
+     */
+    fake<K extends keyof ServiceBindings>(key: K, instance: ServiceBindings[K]): Disposable;
+    fake(key: string, instance: unknown): Disposable;
+    /**
+     * Check if a service is currently faked.
+     */
+    isFaked(key: string): boolean;
+    /**
+     * Remove all fakes.
+     */
+    clearFakes(): void;
+    /**
+     * Flush all resolved singleton instances.
+     */
+    flush(): void;
+    /**
+     * Remove a binding from the container.
+     */
+    forget(key: string): this;
+    /**
+     * Get all bound service keys.
+     */
+    getBindings(): string[];
+    /**
+     * Get all aliases.
+     */
+    getAliases(): Record<string, string>;
+    /**
+     * Get all tags.
+     */
+    getTags(): Record<string, string[]>;
+    protected resolveAlias(key: string): string;
+    protected findContextualBinding(needs: string): ServiceFactory<unknown> | null;
+}
+/**
+ * Create a new container instance.
+ */
+declare function createContainer(): Container;
+declare function setContainer(container: Container): void;
+declare function getContainer(): Container;
+declare function resolve<T = unknown>(key: string): T;
+
+/**
+ * Constructor type for Controller classes.
+ * @template T - The controller type extending Controller
+ */
+type ControllerConstructor<T extends Controller = Controller> = (new (...args: any[]) => T) & {
+    inject?: readonly string[];
+};
+type ControllerMethod<T extends Controller> = {
+    [K in keyof T]: T[K] extends (...args: any[]) => any ? K : never;
+}[keyof T] & string;
+type ControllerMethodFor<C extends ControllerConstructor> = ControllerMethod<InstanceType<C>>;
+type ControllerAction<C extends ControllerConstructor = ControllerConstructor> = [C, ControllerMethodFor<C>];
+type RouteResult = Response | string | number | boolean | Record<string, unknown> | Array<unknown> | null | void;
+/**
+ * Handler for a route - either an inline function or a controller action tuple.
+ */
+type RouteHandler<C extends ControllerConstructor = ControllerConstructor> = ((c: Context) => RouteResult | Promise<RouteResult>) | ControllerAction<C>;
+/**
+ * Model binding resolver function.
+ */
+type ModelBindingResolver = (value: string) => Promise<unknown>;
+/**
+ * Model class with findOrFail static method.
+ */
+interface BindableModel {
+    findOrFail(id: unknown, key?: string): Promise<unknown>;
+}
+type SchemaLike<T = unknown> = ValidationSchema<T> | undefined;
+type InferSchema<TSchema extends SchemaLike<unknown>> = TSchema extends ValidationSchema<infer TValue> ? TValue : never;
+type RouteParamsFor<TSchema extends SchemaLike<unknown>> = [
+    TSchema
+] extends [ValidationSchema<any>] ? InferSchema<TSchema> : Record<string, string>;
+type RouteQueryFor<TSchema extends SchemaLike<unknown>> = [
+    TSchema
+] extends [ValidationSchema<any>] ? InferSchema<TSchema> : Record<string, string | undefined>;
+type RouteBodyFor<TSchema extends SchemaLike<unknown>> = [
+    TSchema
+] extends [ValidationSchema<any>] ? InferSchema<TSchema> : Record<string, unknown>;
+interface TypedRouteContext<TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>> {
+    ctx: Context;
+    params: RouteParamsFor<TParamsSchema>;
+    query: RouteQueryFor<TQuerySchema>;
+    body: RouteBodyFor<TBodySchema>;
+}
+type TypedRouteHandler<TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>> = (input: TypedRouteContext<TParamsSchema, TQuerySchema, TBodySchema>) => ([TOutputSchema] extends [ValidationSchema<any>] ? InferSchema<TOutputSchema> : RouteResult) | Promise<[TOutputSchema] extends [ValidationSchema<any>] ? InferSchema<TOutputSchema> : RouteResult>;
+interface RouteContractOptions<TParamsSchema extends SchemaLike<unknown> = undefined, TQuerySchema extends SchemaLike<unknown> = undefined, TBodySchema extends SchemaLike<unknown> = undefined, TOutputSchema extends SchemaLike<unknown> = undefined> extends RouteOpenApiMetadata {
+    name?: string;
+    middlewares?: MiddlewareHandler[];
+    params?: TParamsSchema;
+    query?: TQuerySchema;
+    body?: TBodySchema;
+    output?: TOutputSchema;
+    bind?: Record<string, BindableModel>;
+}
+interface RouteOpenApiMetadata {
+    summary?: string;
+    description?: string;
+    tags?: string[];
+    operationId?: string;
+    deprecated?: boolean;
+}
+/**
+ * Represents a registered route definition for introspection.
+ */
+interface RouteDefinition {
+    /** HTTP method (GET, POST, PUT, PATCH, DELETE) */
+    method: string;
+    /** URL path pattern (e.g., '/users/:id') */
+    path: string;
+    /** Optional route name for URL generation */
+    name?: string;
+    /** Schema metadata attached via RouteContractOptions */
+    schemas?: {
+        params?: SchemaLike<unknown>;
+        query?: SchemaLike<unknown>;
+        body?: SchemaLike<unknown>;
+        output?: SchemaLike<unknown>;
+    };
+    summary?: string;
+    description?: string;
+    tags?: string[];
+    operationId?: string;
+    deprecated?: boolean;
+}
+/**
+ * Chainable builder for configuring a registered route.
+ * @template M - Union of registered middleware alias names
+ */
+interface RouteBuilder<M extends string = never> {
+    /** Set the route name for URL generation. */
+    name(routeName: string): RouteBuilder<M>;
+    /** Attach named middleware to this specific route. */
+    middleware(...names: M[]): RouteBuilder<M>;
+}
+interface RouterMountOptions {
+    container?: Container;
+}
+/**
+ * Available actions for resource routes.
+ */
+type ResourceAction = 'index' | 'create' | 'store' | 'show' | 'edit' | 'update' | 'destroy';
+/**
+ * Options for configuring resource routes.
+ */
+interface ResourceRouteOptions {
+    name?: string;
+    param?: string;
+    only?: ResourceAction[];
+    except?: ResourceAction[];
+}
+/**
+ * Instance-based router for app-local route registration and mounting.
+ * @template M - Union of registered middleware alias names (e.g. `'auth' | 'guest'`)
+ */
+declare class Router<M extends string = never> {
+    private readonly registry;
+    private readonly prefixStack;
+    private readonly namedRoutes;
+    private readonly middlewareStack;
+    private readonly middlewareAliases;
+    private readonly middlewareGroups;
+    private readonly modelBindings;
+    aliasMiddleware<N extends string>(name: N, handler: MiddlewareHandler): Router<M | N>;
+    groupMiddleware<N extends string>(name: N, middlewareNames: M[]): Router<M | N>;
+    middleware(...names: M[]): RouterMiddlewareGroupBuilder<M>;
+    bind(param: string, modelOrResolver: BindableModel | ModelBindingResolver): this;
+    on<C extends ControllerConstructor>(method: string, path: string, handler: RouteHandler<C>, ...middlewares: MiddlewareHandler[]): RouteBuilder<M>;
+    on<TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(method: string, path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: TypedRouteHandler<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>): RouteBuilder<M>;
+    on<C extends ControllerConstructor, TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(method: string, path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: ControllerAction<C>): RouteBuilder<M>;
+    get<C extends ControllerConstructor>(path: string, handler: RouteHandler<C>, ...middlewares: MiddlewareHandler[]): RouteBuilder<M>;
+    get<TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: TypedRouteHandler<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>): RouteBuilder<M>;
+    get<C extends ControllerConstructor, TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: ControllerAction<C>): RouteBuilder<M>;
+    post<C extends ControllerConstructor>(path: string, handler: RouteHandler<C>, ...middlewares: MiddlewareHandler[]): RouteBuilder<M>;
+    post<TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: TypedRouteHandler<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>): RouteBuilder<M>;
+    post<C extends ControllerConstructor, TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: ControllerAction<C>): RouteBuilder<M>;
+    put<C extends ControllerConstructor>(path: string, handler: RouteHandler<C>, ...middlewares: MiddlewareHandler[]): RouteBuilder<M>;
+    put<TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: TypedRouteHandler<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>): RouteBuilder<M>;
+    put<C extends ControllerConstructor, TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: ControllerAction<C>): RouteBuilder<M>;
+    patch<C extends ControllerConstructor>(path: string, handler: RouteHandler<C>, ...middlewares: MiddlewareHandler[]): RouteBuilder<M>;
+    patch<TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: TypedRouteHandler<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>): RouteBuilder<M>;
+    patch<C extends ControllerConstructor, TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: ControllerAction<C>): RouteBuilder<M>;
+    delete<C extends ControllerConstructor>(path: string, handler: RouteHandler<C>, ...middlewares: MiddlewareHandler[]): RouteBuilder<M>;
+    delete<TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: TypedRouteHandler<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>): RouteBuilder<M>;
+    delete<C extends ControllerConstructor, TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: ControllerAction<C>): RouteBuilder<M>;
+    group(prefix: string, callback: (router: Router<M>) => void): this;
+    route(name: string, params?: Record<string, string | number>): string;
+    hasRoute(name: string): boolean;
+    resource<C extends ControllerConstructor>(path: string, controller: C, options?: ResourceRouteOptions): this;
+    mount(app: Hono, options?: RouterMountOptions): void;
+    clear(): void;
+    resetMiddleware(): void;
+    definitions(): RouteDefinition[];
+    applyMiddlewareScope<T>(names: string[], callback: () => T): T;
+    private register;
+    private add;
+    private resolveMiddlewareNames;
+}
+declare class RouterMiddlewareGroupBuilder<M extends string = never> {
+    private readonly router;
+    private readonly names;
+    constructor(router: Router<M>, names: string[]);
+    group(callback: (router: Router<M>) => void): Router<M>;
+    get<C extends ControllerConstructor>(path: string, handler: RouteHandler<C>, ...middlewares: MiddlewareHandler[]): RouteBuilder<M>;
+    get<TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: TypedRouteHandler<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>): RouteBuilder<M>;
+    post<C extends ControllerConstructor>(path: string, handler: RouteHandler<C>, ...middlewares: MiddlewareHandler[]): RouteBuilder<M>;
+    post<TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: TypedRouteHandler<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>): RouteBuilder<M>;
+    put<C extends ControllerConstructor>(path: string, handler: RouteHandler<C>, ...middlewares: MiddlewareHandler[]): RouteBuilder<M>;
+    put<TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: TypedRouteHandler<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>): RouteBuilder<M>;
+    patch<C extends ControllerConstructor>(path: string, handler: RouteHandler<C>, ...middlewares: MiddlewareHandler[]): RouteBuilder<M>;
+    patch<TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: TypedRouteHandler<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>): RouteBuilder<M>;
+    delete<C extends ControllerConstructor>(path: string, handler: RouteHandler<C>, ...middlewares: MiddlewareHandler[]): RouteBuilder<M>;
+    delete<TParamsSchema extends SchemaLike<unknown>, TQuerySchema extends SchemaLike<unknown>, TBodySchema extends SchemaLike<unknown>, TOutputSchema extends SchemaLike<unknown>>(path: string, options: RouteContractOptions<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>, handler: TypedRouteHandler<TParamsSchema, TQuerySchema, TBodySchema, TOutputSchema>): RouteBuilder<M>;
+}
+
+/**
+ * Base service provider class.
+ *
+ * Service providers are the central place of all application bootstrapping.
+ * Your own application, as well as all core services, are bootstrapped via providers.
+ *
+ * @example
+ * ```typescript
+ * export class AppServiceProvider extends ServiceProvider {
+ *   register(): void {
+ *     // Register bindings
+ *     this.container.singleton('db', (c) => new Database(c.make('config')))
+ *   }
+ *
+ *   boot(): void {
+ *     // Bootstrap after all providers registered
+ *     const db = this.container.make<Database>('db')
+ *     db.connect()
+ *   }
+ * }
+ * ```
+ */
+declare abstract class ServiceProvider implements Provider {
+    protected container: Container;
+    /**
+     * Whether this provider should be deferred.
+     * Deferred providers are only loaded when one of their provided services is requested.
+     */
+    static deferred: boolean;
+    /**
+     * The services provided by this provider (for deferred loading).
+     */
+    static provides: string[];
+    constructor(container: Container);
+    /**
+     * Register any application services.
+     * This is called before any other providers have booted.
+     */
+    abstract register(): void | Promise<void>;
+    /**
+     * Bootstrap any application services.
+     * This is called after all providers have registered.
+     */
+    boot?(): void | Promise<void>;
+    /**
+     * Get the services provided by the provider.
+     */
+    provides(): string[];
+    /**
+     * Check if this provider is deferred.
+     */
+    isDeferred(): boolean;
+}
+/**
+ * Provider manager for registering and booting providers.
+ */
+declare class ProviderManager {
+    protected container: Container;
+    protected providers: ServiceProvider[];
+    protected registered: Set<ServiceProvider>;
+    protected booted: Set<ServiceProvider>;
+    protected deferredProviders: Map<string, ServiceProvider>;
+    private allBooted;
+    constructor(container: Container);
+    /**
+     * Register a provider.
+     */
+    register(providerOrClass: ServiceProvider | (new (container: Container) => ServiceProvider)): this;
+    /**
+     * Register multiple providers.
+     */
+    registerMany(providers: Array<ServiceProvider | (new (container: Container) => ServiceProvider)>): this;
+    /**
+     * Register all non-deferred providers.
+     */
+    registerAll(): Promise<void>;
+    /**
+     * Boot all registered providers.
+     */
+    bootAll(): Promise<void>;
+    /**
+     * Load a deferred provider for a service.
+     */
+    loadDeferredProvider(service: string): Promise<void>;
+    /**
+     * Check if a service is provided by a deferred provider.
+     */
+    isDeferredService(service: string): boolean;
+    /**
+     * Get all registered providers.
+     */
+    getProviders(): ServiceProvider[];
+    /**
+     * Get all deferred services.
+     */
+    getDeferredServices(): string[];
+}
+
+declare const GUREN_ASCII_ART: string;
+interface DevBannerOptions {
+    hostname: string;
+    port: number;
+    assetsUrl?: string;
+}
+declare function logDevServerBanner({ hostname, port, assetsUrl, }: DevBannerOptions): void;
+
+interface StartViteDevServerOptions {
+    root?: string;
+    config?: InlineConfig;
+    host?: boolean | string;
+    port?: number;
+}
+interface StartedViteDevServer {
+    server: ViteDevServer;
+    localUrl: string;
+    networkUrls: string[];
+}
+declare function startViteDevServer(options?: StartViteDevServerOptions): Promise<StartedViteDevServer>;
+
+type BootCallback = (app: Hono) => void | Promise<void>;
+/**
+ * Service provider class constructor type.
+ */
+type ServiceProviderConstructor = new (container: Container) => ServiceProvider;
+type RouteRegistration = (router: Router) => void | Promise<void>;
+type ApplicationFeatures = Record<string, unknown>;
+interface ApplicationOptions {
+    readonly boot?: BootCallback;
+    readonly providers?: Array<ServiceProviderConstructor>;
+    readonly auth?: AuthPluginOptions;
+    readonly discover?: boolean;
+    readonly routes?: RouteRegistration;
+    readonly features?: ApplicationFeatures;
+    /**
+     * Configure or disable the default security headers middleware.
+     * Set to `false` to disable entirely, or pass `SecurityHeadersOptions` to customize.
+     * Enabled by default with safe Rails-matching defaults.
+     */
+    readonly securityHeaders?: SecurityHeadersOptions | false;
+    /**
+     * Configure host authorization middleware for DNS rebinding protection.
+     * Pass `HostAuthorizationOptions` to enable, or `false` / omit to disable.
+     * The `create-app` template includes a default localhost configuration.
+     */
+    readonly hostAuthorization?: HostAuthorizationOptions | false;
+}
+interface AuthPluginOptions {
+    autoSession?: boolean;
+    sessionOptions?: CreateSessionMiddlewareOptions;
+    /**
+     * Automatically register CSRF middleware when session is enabled.
+     * Defaults to `true`. Set to `false` to disable (e.g., for pure API servers).
+     */
+    autoCsrf?: boolean;
+    /**
+     * Options passed to the CSRF middleware when `autoCsrf` is enabled.
+     */
+    csrfOptions?: CsrfOptions;
+}
+interface ApplicationListenOptions {
+    port?: number;
+    hostname?: string;
+    assetsUrl?: string;
+    vite?: StartViteDevServerOptions | false;
+}
+/**
+ * Application wires an app-local router into a running Hono instance.
+ *
+ * It embeds a DI Container as the backbone of the framework, binding core
+ * services and managing providers through the container's ProviderManager.
+ */
+declare class Application {
+    private readonly options;
+    readonly hono: Hono;
+    readonly container: Container;
+    readonly router: Router;
+    private readonly providerManager;
+    private readonly authManager;
+    private viteDevServer?;
+    private bunServer?;
+    private viteTeardownRegistered;
+    private bunTeardownRegistered;
+    private autoSessionAttached;
+    private routesRegistered;
+    constructor(options?: ApplicationOptions);
+    get auth(): AuthManager;
+    get authOptions(): AuthPluginOptions | undefined;
+    markAutoSessionAttached(): void;
+    hasAutoSessionAttached(): boolean;
+    /**
+     * Mounts the application router onto the Hono instance.
+     */
+    mountRoutes(): Promise<void>;
+    /**
+     * Allows registering global middlewares directly on the underlying Hono app.
+     */
+    use(path: string, ...middleware: MiddlewareHandler[]): void;
+    /**
+     * Executes provider registration, boot callback, mounts routes, and boots providers.
+     */
+    boot(): Promise<void>;
+    /**
+     * Registers default security middleware (headers + host authorization).
+     */
+    private mountSecurityDefaults;
+    private mountHostAuthorization;
+    /**
+     * Mounts the MCP endpoint at /_guren/mcp when explicitly enabled.
+     * Requires GUREN_MCP=1 environment variable. Never active in production.
+     * This allows AI coding agents to introspect the project.
+     */
+    private mountMcpEndpoint;
+    /**
+     * Fetch handler to integrate with Bun.serve or any standard Fetch runtime.
+     */
+    fetch(request: Request, env?: unknown, executionCtx?: ExecutionContext): Promise<Response>;
+    /**
+     * Convenience helper to start a Bun server when available.
+     */
+    listen(options?: ApplicationListenOptions): Promise<void>;
+    /**
+     * Register a service provider.
+     */
+    register(provider: ServiceProviderConstructor): this;
+    /**
+     * Register multiple service providers.
+     */
+    registerMany(providers: Array<ServiceProviderConstructor>): this;
+    /**
+     * Logs the rich development server banner to the console.
+     */
+    logDevServerBanner(options: DevBannerOptions): void;
+    private closeViteDevServer;
+    private registerViteTeardown;
+    private registerBunTeardown;
+}
+declare function createApp(options?: ApplicationOptions): Application;
+
+export { type NotificationChannelFactory as $, Application as A, type InertiaSharedProps as B, Container as C, type DevBannerOptions as D, type ErrorResponse as E, type FailedJob as F, GUREN_ASCII_ART as G, type HostAuthorizationOptions as H, type InertiaOptions as I, type InertiaSsrContext as J, type InertiaSsrOptions as K, type InertiaSsrRenderer as L, type InertiaSsrResult as M, NotificationManager as N, type InferInertiaProps as O, type Provider as P, QueueManager as Q, Job as R, ServiceProvider as S, type JobClass as T, type JobFailureHandler as U, type JobHandler as V, type JobOptions as W, type Notifiable as X, Notification as Y, type NotificationAttachment as Z, type NotificationChannel as _, type StartViteDevServerOptions as a, setQueueDriver as a$, type NotificationClass as a0, type NotificationMailMessage as a1, type NotificationManagerOptions as a2, ProviderManager as a3, type QueueConfig as a4, type QueueDriver as a5, type QueueDriverFactory as a6, type QueuedJob as a7, type RendererRegistration as a8, type ResolvedSharedInertiaProps as a9, clearJobRegistry as aA, createApp as aB, createContainer as aC, createCsrfMiddleware as aD, createExceptionHandler as aE, createHostAuthorizationMiddleware as aF, createNotificationManager as aG, createQueueManager as aH, createSecurityHeaders as aI, csrfField as aJ, formatValidationErrors as aK, getContainer as aL, getCsrfToken as aM, getExceptionHandler as aN, getJob as aO, getNotificationManager as aP, getQueueDriver as aQ, getRegisteredJobs as aR, getValidatedData as aS, inertia as aT, parseRequestPayload as aU, registerJob as aV, resolve as aW, setContainer as aX, setExceptionHandler as aY, setInertiaSharedProps as aZ, setNotificationManager as a_, type ResourceRouteOptions as aa, type RouteBuilder as ab, type RouteContractOptions as ac, type RouteDefinition as ad, type RouteOpenApiMetadata as ae, type ResourceAction as af, Router as ag, type SecurityHeadersOptions as ah, type SentNotification as ai, type ServiceBinding as aj, type ServiceClass as ak, type ServiceFactory as al, type ServiceProviderClass as am, type ServiceProviderConstructor as an, type ServiceProviderOptions as ao, type SharedInertiaPropsResolver as ap, type SlackAttachment as aq, type SlackBlock as ar, type SlackMessage as as, VALIDATED_DATA_KEY as at, type ValidateRequestOptions as au, type ValidationSchema as av, type WorkerOptions as aw, abort as ax, abortIf as ay, abortUnless as az, type StartedViteDevServer as b, validate as b0, validateRequest as b1, validateRequestWith as b2, validateSafe as b3, verifyCsrfToken as b4, type ServiceBindings as c, type ApplicationListenOptions as d, type AuthPayload as e, CSRF_FORM_FIELD as f, CSRF_HEADER_NAME as g, CSRF_TOKEN_KEY as h, type ContextualBinding as i, type ContextualBindingBuilder as j, type ContextualNeedsBuilder as k, logDevServerBanner as l, Controller as m, type ControllerInertiaProps as n, type CsrfOptions as o, type DatabaseChannelOptions as p, type DatabaseNotification as q, type ExceptionClass as r, startViteDevServer as s, ExceptionHandler as t, type ExceptionHandlerOptions as u, type ExceptionRenderer as v, type ExceptionReporter as w, type HstsOptions as x, type InertiaPagePayload as y, type InertiaResponse as z };