npm - @lastshotlabs/bunshot - Versions diffs - 0.0.25 → 0.0.28 - Mend

@lastshotlabs/bunshot 0.0.25 → 0.0.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (725) hide show

package/.oclif.manifest.json +39 -0
package/README.md +8282 -2147
package/dist/cli/commands/init.js +690 -0
package/dist/cli/index.js +6 -0
package/dist/cli.js +4 -4
package/dist/packages/bunshot-admin/src/index.d.ts +15 -0
package/dist/packages/bunshot-admin/src/index.js +11 -0
package/dist/packages/bunshot-admin/src/lib/resourceTypes.d.ts +8 -0
package/dist/packages/bunshot-admin/src/lib/resourceTypes.js +33 -0
package/dist/packages/bunshot-admin/src/lib/typedRoute.d.ts +14 -0
package/dist/packages/bunshot-admin/src/lib/typedRoute.js +17 -0
package/dist/packages/bunshot-admin/src/plugin.d.ts +4 -0
package/dist/packages/bunshot-admin/src/plugin.js +46 -0
package/dist/packages/bunshot-admin/src/providers/auth0Access.d.ts +6 -0
package/dist/packages/bunshot-admin/src/providers/auth0Access.js +32 -0
package/dist/packages/bunshot-admin/src/routes/admin.d.ts +10 -0
package/dist/packages/bunshot-admin/src/routes/admin.js +923 -0
package/dist/packages/bunshot-admin/src/routes/mail.d.ts +6 -0
package/dist/packages/bunshot-admin/src/routes/mail.js +114 -0
package/dist/packages/bunshot-admin/src/routes/permissions.d.ts +8 -0
package/dist/packages/bunshot-admin/src/routes/permissions.js +315 -0
package/dist/packages/bunshot-admin/src/types/config.d.ts +16 -0
package/dist/packages/bunshot-admin/src/types/config.js +37 -0
package/dist/packages/bunshot-admin/src/types/env.d.ts +14 -0
package/dist/packages/bunshot-admin/src/types/provider.d.ts +1 -0
package/dist/packages/bunshot-admin/src/types/provider.js +4 -0
package/dist/packages/bunshot-auth/src/adapters/memoryAuth.d.ts +66 -0
package/dist/packages/bunshot-auth/src/adapters/memoryAuth.js +1063 -0
package/dist/packages/bunshot-auth/src/adapters/mongoAuth.d.ts +2 -0
package/dist/packages/bunshot-auth/src/adapters/mongoAuth.js +536 -0
package/dist/packages/bunshot-auth/src/adapters/sqliteAuth.d.ts +88 -0
package/dist/packages/bunshot-auth/src/adapters/sqliteAuth.js +1366 -0
package/dist/packages/bunshot-auth/src/admin/bunshotAccess.d.ts +2 -0
package/dist/packages/bunshot-auth/src/admin/bunshotAccess.js +23 -0
package/dist/packages/bunshot-auth/src/admin/bunshotUsers.d.ts +5 -0
package/dist/packages/bunshot-auth/src/admin/bunshotUsers.js +131 -0
package/dist/packages/bunshot-auth/src/bootstrap.d.ts +38 -0
package/dist/packages/bunshot-auth/src/bootstrap.js +384 -0
package/dist/packages/bunshot-auth/src/config/appConfig.d.ts +3 -0
package/dist/packages/bunshot-auth/src/config/appConfig.js +4 -0
package/dist/packages/bunshot-auth/src/config/authConfig.d.ts +478 -0
package/dist/packages/bunshot-auth/src/config/authConfig.js +46 -0
package/dist/packages/bunshot-auth/src/config/configLock.d.ts +2 -0
package/dist/packages/bunshot-auth/src/config/configLock.js +10 -0
package/dist/packages/bunshot-auth/src/index.d.ts +25 -0
package/dist/packages/bunshot-auth/src/index.js +23 -0
package/dist/packages/bunshot-auth/src/infra/mongo.d.ts +15 -0
package/dist/packages/bunshot-auth/src/infra/mongo.js +44 -0
package/dist/packages/bunshot-auth/src/infra/queue.d.ts +14 -0
package/dist/packages/bunshot-auth/src/infra/queue.js +27 -0
package/dist/packages/bunshot-auth/src/infra/redis.d.ts +5 -0
package/dist/packages/bunshot-auth/src/infra/redis.js +15 -0
package/dist/packages/bunshot-auth/src/infra/signing.d.ts +7 -0
package/dist/packages/bunshot-auth/src/infra/signing.js +8 -0
package/dist/packages/bunshot-auth/src/lib/accountLockout.d.ts +34 -0
package/dist/packages/bunshot-auth/src/lib/accountLockout.js +244 -0
package/dist/packages/bunshot-auth/src/lib/adapterTiers.d.ts +1 -0
package/dist/packages/bunshot-auth/src/lib/adapterTiers.js +1 -0
package/dist/packages/bunshot-auth/src/lib/authAdapter.d.ts +1 -0
package/dist/packages/bunshot-auth/src/lib/authAdapter.js +1 -0
package/dist/packages/bunshot-auth/src/lib/authContext.d.ts +15 -0
package/dist/packages/bunshot-auth/src/lib/authContext.js +1 -0
package/dist/packages/bunshot-auth/src/lib/authEventBus.d.ts +4 -0
package/dist/packages/bunshot-auth/src/lib/authEventBus.js +15 -0
package/dist/packages/bunshot-auth/src/lib/authRateLimit.d.ts +28 -0
package/dist/packages/bunshot-auth/src/lib/authRateLimit.js +205 -0
package/dist/packages/bunshot-auth/src/lib/breachedPassword.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/breachedPassword.js +61 -0
package/dist/packages/bunshot-auth/src/lib/cache.d.ts +12 -0
package/dist/packages/bunshot-auth/src/lib/cache.js +120 -0
package/dist/packages/bunshot-auth/src/lib/clientIp.d.ts +4 -0
package/dist/{lib → packages/bunshot-auth/src/lib}/clientIp.js +14 -7
package/dist/packages/bunshot-auth/src/lib/cookieOptions.d.ts +27 -0
package/dist/packages/bunshot-auth/src/lib/cookieOptions.js +33 -0
package/dist/packages/bunshot-auth/src/lib/credentialStuffing.d.ts +40 -0
package/dist/packages/bunshot-auth/src/lib/credentialStuffing.js +221 -0
package/dist/packages/bunshot-auth/src/lib/deletionCancelToken.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/deletionCancelToken.js +148 -0
package/dist/packages/bunshot-auth/src/lib/emailTemplates.d.ts +23 -0
package/dist/packages/bunshot-auth/src/lib/emailTemplates.js +265 -0
package/dist/packages/bunshot-auth/src/lib/emailVerification.d.ts +30 -0
package/dist/packages/bunshot-auth/src/lib/emailVerification.js +200 -0
package/dist/packages/bunshot-auth/src/lib/env.d.ts +1 -0
package/dist/packages/bunshot-auth/src/lib/env.js +3 -0
package/dist/packages/bunshot-auth/src/lib/fingerprint.js +36 -0
package/dist/{lib → packages/bunshot-auth/src/lib}/groups.d.ts +15 -16
package/dist/{lib → packages/bunshot-auth/src/lib}/groups.js +22 -34
package/dist/packages/bunshot-auth/src/lib/jwks.d.ts +28 -0
package/dist/packages/bunshot-auth/src/lib/jwks.js +79 -0
package/dist/packages/bunshot-auth/src/lib/jwt.d.ts +12 -0
package/dist/packages/bunshot-auth/src/lib/jwt.js +86 -0
package/dist/packages/bunshot-auth/src/lib/logger.d.ts +3 -0
package/dist/packages/bunshot-auth/src/lib/logger.js +13 -0
package/dist/packages/bunshot-auth/src/lib/m2m.d.ts +30 -0
package/dist/packages/bunshot-auth/src/lib/m2m.js +44 -0
package/dist/packages/bunshot-auth/src/lib/magicLink.d.ts +13 -0
package/dist/packages/bunshot-auth/src/lib/magicLink.js +145 -0
package/dist/packages/bunshot-auth/src/lib/mfaChallenge.d.ts +60 -0
package/dist/packages/bunshot-auth/src/lib/mfaChallenge.js +419 -0
package/dist/packages/bunshot-auth/src/lib/oauth.d.ts +82 -0
package/dist/packages/bunshot-auth/src/lib/oauth.js +177 -0
package/dist/packages/bunshot-auth/src/lib/oauthCode.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/oauthCode.js +182 -0
package/dist/packages/bunshot-auth/src/lib/oauthReauth.d.ts +19 -0
package/dist/packages/bunshot-auth/src/lib/oauthReauth.js +255 -0
package/dist/packages/bunshot-auth/src/lib/organization.d.ts +66 -0
package/dist/packages/bunshot-auth/src/lib/organization.js +225 -0
package/dist/packages/bunshot-auth/src/lib/passwordHistory.d.ts +12 -0
package/dist/packages/bunshot-auth/src/lib/passwordHistory.js +31 -0
package/dist/packages/bunshot-auth/src/lib/resetPassword.d.ts +20 -0
package/dist/packages/bunshot-auth/src/lib/resetPassword.js +148 -0
package/dist/packages/bunshot-auth/src/lib/roles.d.ts +9 -0
package/dist/packages/bunshot-auth/src/lib/roles.js +93 -0
package/dist/packages/bunshot-auth/src/lib/saml.d.ts +29 -0
package/dist/packages/bunshot-auth/src/lib/saml.js +73 -0
package/dist/packages/bunshot-auth/src/lib/samlRequestId.d.ts +13 -0
package/dist/packages/bunshot-auth/src/lib/samlRequestId.js +129 -0
package/dist/packages/bunshot-auth/src/lib/scim.d.ts +44 -0
package/dist/packages/bunshot-auth/src/lib/scim.js +56 -0
package/dist/packages/bunshot-auth/src/lib/securityEventWiring.d.ts +22 -0
package/dist/packages/bunshot-auth/src/lib/securityEventWiring.js +65 -0
package/dist/packages/bunshot-auth/src/lib/session.d.ts +45 -0
package/dist/packages/bunshot-auth/src/lib/session.js +1211 -0
package/dist/packages/bunshot-auth/src/lib/storeInfra.d.ts +26 -0
package/dist/packages/bunshot-auth/src/lib/storeInfra.js +18 -0
package/dist/packages/bunshot-auth/src/lib/suspension.d.ts +14 -0
package/dist/packages/bunshot-auth/src/lib/suspension.js +20 -0
package/dist/packages/bunshot-auth/src/lib/validateAdapter.d.ts +16 -0
package/dist/packages/bunshot-auth/src/lib/validateAdapter.js +161 -0
package/dist/packages/bunshot-auth/src/middleware/bearerAuth.d.ts +13 -0
package/dist/packages/bunshot-auth/src/middleware/bearerAuth.js +58 -0
package/dist/{middleware → packages/bunshot-auth/src/middleware}/csrf.d.ts +5 -4
package/dist/packages/bunshot-auth/src/middleware/csrf.js +138 -0
package/dist/packages/bunshot-auth/src/middleware/identify.d.ts +4 -0
package/dist/packages/bunshot-auth/src/middleware/identify.js +124 -0
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireMfaSetup.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireMfaSetup.js +10 -7
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireRole.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireRole.js +20 -16
package/dist/packages/bunshot-auth/src/middleware/requireScope.d.ts +10 -0
package/dist/packages/bunshot-auth/src/middleware/requireScope.js +25 -0
package/dist/packages/bunshot-auth/src/middleware/requireStepUp.d.ts +18 -0
package/dist/packages/bunshot-auth/src/middleware/requireStepUp.js +30 -0
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireVerifiedEmail.d.ts +2 -2
package/dist/{middleware → packages/bunshot-auth/src/middleware}/requireVerifiedEmail.js +7 -6
package/dist/packages/bunshot-auth/src/middleware/scimAuth.d.ts +8 -0
package/dist/packages/bunshot-auth/src/middleware/scimAuth.js +29 -0
package/dist/packages/bunshot-auth/src/middleware/userAuth.d.ts +3 -0
package/dist/packages/bunshot-auth/src/middleware/userAuth.js +6 -0
package/dist/{models → packages/bunshot-auth/src/models}/AuthUser.d.ts +19 -8
package/dist/packages/bunshot-auth/src/models/AuthUser.js +53 -0
package/dist/packages/bunshot-auth/src/models/Group.d.ts +19 -0
package/dist/packages/bunshot-auth/src/models/Group.js +22 -0
package/dist/{models → packages/bunshot-auth/src/models}/GroupMembership.d.ts +6 -8
package/dist/packages/bunshot-auth/src/models/GroupMembership.js +19 -0
package/dist/packages/bunshot-auth/src/models/M2MClient.d.ts +18 -0
package/dist/packages/bunshot-auth/src/models/M2MClient.js +18 -0
package/dist/packages/bunshot-auth/src/models/TenantRole.d.ts +13 -0
package/dist/packages/bunshot-auth/src/models/TenantRole.js +17 -0
package/dist/packages/bunshot-auth/src/plugin.d.ts +4 -0
package/dist/packages/bunshot-auth/src/plugin.js +274 -0
package/dist/packages/bunshot-auth/src/routes/auth.d.ts +15 -0
package/dist/packages/bunshot-auth/src/routes/auth.js +1624 -0
package/dist/packages/bunshot-auth/src/routes/groups.d.ts +4 -0
package/dist/packages/bunshot-auth/src/routes/groups.js +481 -0
package/dist/packages/bunshot-auth/src/routes/m2m.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/m2m.js +145 -0
package/dist/packages/bunshot-auth/src/routes/mfa.d.ts +6 -0
package/dist/packages/bunshot-auth/src/routes/mfa.js +991 -0
package/dist/packages/bunshot-auth/src/routes/oauth.d.ts +3 -0
package/dist/packages/bunshot-auth/src/routes/oauth.js +1727 -0
package/dist/packages/bunshot-auth/src/routes/oidc.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/oidc.js +84 -0
package/dist/packages/bunshot-auth/src/routes/organizations.d.ts +3 -0
package/dist/packages/bunshot-auth/src/routes/organizations.js +741 -0
package/dist/packages/bunshot-auth/src/routes/passkey.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/passkey.js +199 -0
package/dist/packages/bunshot-auth/src/routes/saml.d.ts +2 -0
package/dist/packages/bunshot-auth/src/routes/saml.js +226 -0
package/dist/packages/bunshot-auth/src/routes/scim.d.ts +3 -0
package/dist/packages/bunshot-auth/src/routes/scim.js +588 -0
package/dist/packages/bunshot-auth/src/runtime.d.ts +52 -0
package/dist/packages/bunshot-auth/src/runtime.js +11 -0
package/dist/{schemas → packages/bunshot-auth/src/schemas}/auth.d.ts +4 -5
package/dist/packages/bunshot-auth/src/schemas/auth.js +24 -0
package/dist/packages/bunshot-auth/src/schemas/error.d.ts +10 -0
package/dist/packages/bunshot-auth/src/schemas/error.js +10 -0
package/dist/packages/bunshot-auth/src/schemas/success.d.ts +10 -0
package/dist/packages/bunshot-auth/src/schemas/success.js +10 -0
package/dist/packages/bunshot-auth/src/services/auth.d.ts +39 -0
package/dist/packages/bunshot-auth/src/services/auth.js +378 -0
package/dist/{services → packages/bunshot-auth/src/services}/mfa.d.ts +41 -17
package/dist/{services → packages/bunshot-auth/src/services}/mfa.js +259 -183
package/dist/packages/bunshot-auth/src/testing.d.ts +31 -0
package/dist/packages/bunshot-auth/src/testing.js +23 -0
package/dist/packages/bunshot-auth/src/types/adapter.d.ts +1 -0
package/dist/packages/bunshot-auth/src/types/adapter.js +1 -0
package/dist/packages/bunshot-auth/src/types/config.d.ts +152 -0
package/dist/packages/bunshot-auth/src/types/config.js +179 -0
package/dist/{routes → packages/bunshot-auth/src/types}/groups.d.ts +2 -3
package/dist/packages/bunshot-auth/src/types/groups.js +1 -0
package/dist/packages/bunshot-auth/src/types/oauthCode.d.ts +6 -0
package/dist/packages/bunshot-auth/src/types/oauthCode.js +1 -0
package/dist/packages/bunshot-auth/src/types/oauthReauth.d.ts +13 -0
package/dist/packages/bunshot-auth/src/types/oauthReauth.js +1 -0
package/dist/packages/bunshot-auth/src/types/redis.d.ts +1 -0
package/dist/packages/bunshot-auth/src/types/redis.js +1 -0
package/dist/packages/bunshot-auth/src/types/saml.d.ts +10 -0
package/dist/packages/bunshot-auth/src/types/saml.js +1 -0
package/dist/packages/bunshot-auth/src/types/session.d.ts +18 -0
package/dist/packages/bunshot-auth/src/types/session.js +1 -0
package/dist/packages/bunshot-auth/src/types/store.d.ts +1 -0
package/dist/packages/bunshot-auth/src/types/store.js +1 -0
package/dist/packages/bunshot-core/src/adminProvider.d.ts +95 -0
package/dist/packages/bunshot-core/src/adminProvider.js +1 -0
package/dist/packages/bunshot-core/src/auditLog.d.ts +34 -0
package/dist/packages/bunshot-core/src/auditLog.js +1 -0
package/dist/packages/bunshot-core/src/auth-adapter.d.ts +227 -0
package/dist/packages/bunshot-core/src/auth-adapter.js +4 -0
package/dist/packages/bunshot-core/src/authVariables.d.ts +14 -0
package/dist/packages/bunshot-core/src/authVariables.js +4 -0
package/dist/packages/bunshot-core/src/cache.d.ts +12 -0
package/dist/packages/bunshot-core/src/cache.js +21 -0
package/dist/packages/bunshot-core/src/captcha.d.ts +16 -0
package/dist/packages/bunshot-core/src/captcha.js +1 -0
package/dist/packages/bunshot-core/src/clearRegistry.d.ts +6 -0
package/dist/packages/bunshot-core/src/clearRegistry.js +17 -0
package/dist/packages/bunshot-core/src/clientIp.d.ts +3 -0
package/dist/packages/bunshot-core/src/clientIp.js +45 -0
package/dist/packages/bunshot-core/src/configLock.d.ts +4 -0
package/dist/packages/bunshot-core/src/configLock.js +7 -0
package/dist/packages/bunshot-core/src/configValidation.d.ts +22 -0
package/dist/packages/bunshot-core/src/configValidation.js +39 -0
package/dist/packages/bunshot-core/src/constants.js +10 -0
package/dist/packages/bunshot-core/src/context/bunshotContext.d.ts +232 -0
package/dist/packages/bunshot-core/src/context/bunshotContext.js +1 -0
package/dist/packages/bunshot-core/src/context/contextAccess.d.ts +3 -0
package/dist/packages/bunshot-core/src/context/contextAccess.js +16 -0
package/dist/packages/bunshot-core/src/context/contextStore.d.ts +16 -0
package/dist/packages/bunshot-core/src/context/contextStore.js +31 -0
package/dist/packages/bunshot-core/src/context/frameworkConfig.d.ts +38 -0
package/dist/packages/bunshot-core/src/context/frameworkConfig.js +1 -0
package/dist/packages/bunshot-core/src/context/index.d.ts +4 -0
package/dist/packages/bunshot-core/src/context/index.js +2 -0
package/dist/packages/bunshot-core/src/context.d.ts +40 -0
package/dist/packages/bunshot-core/src/context.js +35 -0
package/dist/packages/bunshot-core/src/coreContracts.d.ts +47 -0
package/dist/packages/bunshot-core/src/coreContracts.js +1 -0
package/dist/packages/bunshot-core/src/coreRegistrar.d.ts +6 -0
package/dist/packages/bunshot-core/src/coreRegistrar.js +42 -0
package/dist/{lib → packages/bunshot-core/src}/createRoute.d.ts +4 -30
package/dist/{lib → packages/bunshot-core/src}/createRoute.js +39 -88
package/dist/packages/bunshot-core/src/cronRegistry.d.ts +11 -0
package/dist/packages/bunshot-core/src/cronRegistry.js +1 -0
package/dist/packages/bunshot-core/src/crypto.d.ts +43 -0
package/dist/packages/bunshot-core/src/crypto.js +74 -0
package/dist/packages/bunshot-core/src/csrf.d.ts +8 -0
package/dist/packages/bunshot-core/src/csrf.js +1 -0
package/dist/packages/bunshot-core/src/defaults/defaultFingerprint.d.ts +7 -0
package/dist/packages/bunshot-core/src/defaults/defaultFingerprint.js +19 -0
package/dist/packages/bunshot-core/src/defaults/memoryCacheAdapter.d.ts +6 -0
package/dist/packages/bunshot-core/src/defaults/memoryCacheAdapter.js +40 -0
package/dist/packages/bunshot-core/src/defaults/memoryRateLimit.d.ts +6 -0
package/dist/packages/bunshot-core/src/defaults/memoryRateLimit.js +24 -0
package/dist/packages/bunshot-core/src/emailTemplates.d.ts +5 -0
package/dist/packages/bunshot-core/src/emailTemplates.js +10 -0
package/dist/packages/bunshot-core/src/errors.d.ts +13 -0
package/dist/packages/bunshot-core/src/errors.js +22 -0
package/dist/packages/bunshot-core/src/eventBus.d.ts +270 -0
package/dist/packages/bunshot-core/src/eventBus.js +143 -0
package/dist/packages/bunshot-core/src/idempotency.d.ts +18 -0
package/dist/packages/bunshot-core/src/idempotency.js +1 -0
package/dist/packages/bunshot-core/src/index.d.ts +60 -0
package/dist/packages/bunshot-core/src/index.js +34 -0
package/dist/packages/bunshot-core/src/mail.d.ts +14 -0
package/dist/packages/bunshot-core/src/mail.js +8 -0
package/dist/packages/bunshot-core/src/memoryEviction.d.ts +24 -0
package/dist/packages/bunshot-core/src/memoryEviction.js +52 -0
package/dist/packages/bunshot-core/src/pagination.d.ts +45 -0
package/dist/packages/bunshot-core/src/pagination.js +61 -0
package/dist/packages/bunshot-core/src/permissions.d.ts +64 -0
package/dist/packages/bunshot-core/src/permissions.js +27 -0
package/dist/packages/bunshot-core/src/plugin.d.ts +44 -0
package/dist/packages/bunshot-core/src/plugin.js +1 -0
package/dist/packages/bunshot-core/src/rateLimit.d.ts +5 -0
package/dist/packages/bunshot-core/src/rateLimit.js +18 -0
package/dist/packages/bunshot-core/src/redis.d.ts +21 -0
package/dist/packages/bunshot-core/src/redis.js +1 -0
package/dist/packages/bunshot-core/src/routeAuth.d.ts +5 -0
package/dist/packages/bunshot-core/src/routeAuth.js +11 -0
package/dist/packages/bunshot-core/src/routeOverrides.d.ts +24 -0
package/dist/packages/bunshot-core/src/routeOverrides.js +25 -0
package/dist/packages/bunshot-core/src/routerAdapter.d.ts +6 -0
package/dist/packages/bunshot-core/src/routerAdapter.js +56 -0
package/dist/packages/bunshot-core/src/secrets.d.ts +48 -0
package/dist/packages/bunshot-core/src/secrets.js +8 -0
package/dist/packages/bunshot-core/src/signing.d.ts +41 -0
package/dist/packages/bunshot-core/src/signing.js +1 -0
package/dist/packages/bunshot-core/src/sse.d.ts +36 -0
package/dist/packages/bunshot-core/src/sse.js +1 -0
package/dist/packages/bunshot-core/src/storageAdapter.js +1 -0
package/dist/packages/bunshot-core/src/storeInfra.d.ts +44 -0
package/dist/packages/bunshot-core/src/storeInfra.js +18 -0
package/dist/packages/bunshot-core/src/storeType.d.ts +7 -0
package/dist/packages/bunshot-core/src/storeType.js +1 -0
package/dist/packages/bunshot-core/src/testing.d.ts +1 -0
package/dist/packages/bunshot-core/src/testing.js +1 -0
package/dist/packages/bunshot-core/src/uploadRegistry.d.ts +23 -0
package/dist/packages/bunshot-core/src/uploadRegistry.js +4 -0
package/dist/packages/bunshot-core/src/userResolver.d.ts +5 -0
package/dist/packages/bunshot-core/src/userResolver.js +14 -0
package/dist/packages/bunshot-core/src/wsMessages.d.ts +42 -0
package/dist/packages/bunshot-core/src/wsMessages.js +4 -0
package/dist/packages/bunshot-permissions/src/adapters/memory.d.ts +7 -0
package/dist/packages/bunshot-permissions/src/adapters/memory.js +73 -0
package/dist/packages/bunshot-permissions/src/index.d.ts +10 -0
package/dist/packages/bunshot-permissions/src/index.js +5 -0
package/dist/packages/bunshot-permissions/src/lib/bootstrap.d.ts +7 -0
package/dist/packages/bunshot-permissions/src/lib/bootstrap.js +12 -0
package/dist/packages/bunshot-permissions/src/lib/evaluator.d.ts +10 -0
package/dist/packages/bunshot-permissions/src/lib/evaluator.js +165 -0
package/dist/packages/bunshot-permissions/src/lib/registry.d.ts +2 -0
package/dist/packages/bunshot-permissions/src/lib/registry.js +31 -0
package/dist/packages/bunshot-permissions/src/lib/validation.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/lib/validation.js +1 -0
package/dist/packages/bunshot-permissions/src/types/adapter.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/adapter.js +1 -0
package/dist/packages/bunshot-permissions/src/types/evaluator.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/evaluator.js +1 -0
package/dist/packages/bunshot-permissions/src/types/models.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/models.js +1 -0
package/dist/packages/bunshot-permissions/src/types/registry.d.ts +1 -0
package/dist/packages/bunshot-permissions/src/types/registry.js +1 -0
package/dist/packages/bunshot-postgres/src/adapter.d.ts +6 -0
package/dist/packages/bunshot-postgres/src/adapter.js +794 -0
package/dist/packages/bunshot-postgres/src/connection.d.ts +15 -0
package/dist/packages/bunshot-postgres/src/connection.js +16 -0
package/dist/packages/bunshot-postgres/src/index.d.ts +4 -0
package/dist/packages/bunshot-postgres/src/index.js +2 -0
package/dist/packages/bunshot-postgres/src/schema.d.ts +997 -0
package/dist/packages/bunshot-postgres/src/schema.js +105 -0
package/dist/src/app.d.ts +230 -0
package/dist/src/app.js +182 -0
package/dist/src/cli/commands/init.d.ts +10 -0
package/dist/src/cli/commands/init.js +709 -0
package/dist/src/cli/index.d.ts +1 -0
package/dist/src/cli/index.js +3 -0
package/dist/src/entrypoints/mongo.d.ts +6 -0
package/dist/src/entrypoints/mongo.js +4 -0
package/dist/src/entrypoints/queue.d.ts +2 -0
package/dist/src/entrypoints/queue.js +1 -0
package/dist/src/entrypoints/redis.d.ts +1 -0
package/dist/src/entrypoints/redis.js +1 -0
package/dist/{adapters → src/framework/adapters}/localStorage.d.ts +1 -1
package/dist/{adapters → src/framework/adapters}/localStorage.js +23 -8
package/dist/src/framework/adapters/memoryStorage.d.ts +2 -0
package/dist/src/framework/adapters/memoryStorage.js +45 -0
package/dist/{adapters → src/framework/adapters}/s3Storage.d.ts +1 -1
package/dist/{adapters → src/framework/adapters}/s3Storage.js +12 -12
package/dist/src/framework/admin/bunshotAccess.d.ts +2 -0
package/dist/src/framework/admin/bunshotAccess.js +23 -0
package/dist/src/framework/admin/bunshotUsers.d.ts +2 -0
package/dist/src/framework/admin/bunshotUsers.js +103 -0
package/dist/src/framework/admin/index.d.ts +7 -0
package/dist/src/framework/admin/index.js +21 -0
package/dist/src/framework/boundaryAdapters/cacheFactories.d.ts +13 -0
package/dist/src/framework/boundaryAdapters/cacheFactories.js +86 -0
package/dist/src/framework/boundaryAdapters/index.d.ts +2 -0
package/dist/src/framework/boundaryAdapters/index.js +1 -0
package/dist/src/framework/boundaryAdapters.d.ts +17 -0
package/dist/src/framework/boundaryAdapters.js +62 -0
package/dist/src/framework/buildContext.d.ts +33 -0
package/dist/src/framework/buildContext.js +119 -0
package/dist/src/framework/config/schema.d.ts +447 -0
package/dist/src/framework/config/schema.js +528 -0
package/dist/src/framework/createInfrastructure.d.ts +76 -0
package/dist/src/framework/createInfrastructure.js +221 -0
package/dist/src/framework/lib/auditLog.d.ts +23 -0
package/dist/src/framework/lib/auditLog.js +416 -0
package/dist/src/framework/lib/captcha.d.ts +11 -0
package/dist/src/framework/lib/captcha.js +40 -0
package/dist/{lib → src/framework/lib}/createDtoMapper.js +4 -4
package/dist/src/framework/lib/createRoute.d.ts +1 -0
package/dist/src/framework/lib/createRoute.js +2 -0
package/dist/{lib → src/framework/lib}/idempotency.d.ts +2 -6
package/dist/src/framework/lib/idempotency.js +74 -0
package/dist/src/framework/lib/logger.d.ts +3 -0
package/dist/src/framework/lib/logger.js +14 -0
package/dist/src/framework/lib/metrics.d.ts +34 -0
package/dist/{lib → src/framework/lib}/metrics.js +49 -57
package/dist/src/framework/lib/pagination.d.ts +42 -0
package/dist/src/framework/lib/pagination.js +51 -0
package/dist/src/framework/lib/redisTransport.d.ts +38 -0
package/dist/src/framework/lib/redisTransport.js +107 -0
package/dist/src/framework/lib/resolveUserId.d.ts +2 -0
package/dist/src/framework/lib/resolveUserId.js +5 -0
package/dist/src/framework/lib/sseCollision.d.ts +6 -0
package/dist/src/framework/lib/sseCollision.js +26 -0
package/dist/src/framework/lib/storageAdapter.d.ts +1 -0
package/dist/src/framework/lib/storageAdapter.js +1 -0
package/dist/{lib → src/framework/lib}/stripUnreferencedSchemas.js +4 -4
package/dist/src/framework/lib/tenant.d.ts +21 -0
package/dist/src/framework/lib/tenant.js +70 -0
package/dist/{lib → src/framework/lib}/upload.d.ts +14 -9
package/dist/src/framework/lib/upload.js +132 -0
package/dist/src/framework/lib/uploadRegistry.d.ts +23 -0
package/dist/src/framework/lib/uploadRegistry.js +34 -0
package/dist/{lib → src/framework/lib}/validate.d.ts +1 -1
package/dist/{lib → src/framework/lib}/validate.js +2 -2
package/dist/src/framework/lib/ws.d.ts +19 -0
package/dist/src/framework/lib/ws.js +130 -0
package/dist/src/framework/lib/wsHeartbeat.d.ts +12 -0
package/dist/src/framework/lib/wsHeartbeat.js +53 -0
package/dist/src/framework/lib/wsMessages.d.ts +25 -0
package/dist/src/framework/lib/wsMessages.js +45 -0
package/dist/src/framework/lib/wsNamespace.d.ts +17 -0
package/dist/src/framework/lib/wsNamespace.js +19 -0
package/dist/src/framework/lib/wsPresence.d.ts +17 -0
package/dist/src/framework/lib/wsPresence.js +84 -0
package/dist/src/framework/lib/wsTransport.d.ts +38 -0
package/dist/src/framework/lib/wsTransport.js +9 -0
package/dist/{lib → src/framework/lib}/zodToMongoose.d.ts +1 -1
package/dist/{lib → src/framework/lib}/zodToMongoose.js +11 -11
package/dist/{middleware → src/framework/middleware}/auditLog.d.ts +4 -3
package/dist/src/framework/middleware/auditLog.js +42 -0
package/dist/{middleware → src/framework/middleware}/botProtection.d.ts +2 -2
package/dist/{middleware → src/framework/middleware}/botProtection.js +8 -9
package/dist/src/framework/middleware/cacheResponse.d.ts +35 -0
package/dist/src/framework/middleware/cacheResponse.js +126 -0
package/dist/src/framework/middleware/captcha.d.ts +9 -0
package/dist/src/framework/middleware/captcha.js +37 -0
package/dist/{middleware → src/framework/middleware}/errorHandler.d.ts +1 -1
package/dist/src/framework/middleware/errorHandler.js +16 -0
package/dist/src/framework/middleware/index.js +1 -0
package/dist/{middleware → src/framework/middleware}/logger.d.ts +1 -1
package/dist/src/framework/middleware/metrics.d.ts +12 -0
package/dist/src/framework/middleware/metrics.js +26 -0
package/dist/{middleware → src/framework/middleware}/rateLimit.d.ts +2 -2
package/dist/src/framework/middleware/rateLimit.js +22 -0
package/dist/src/framework/middleware/requestId.d.ts +3 -0
package/dist/{middleware → src/framework/middleware}/requestId.js +2 -2
package/dist/{middleware → src/framework/middleware}/requestLogger.d.ts +3 -3
package/dist/{middleware → src/framework/middleware}/requestLogger.js +17 -12
package/dist/{middleware → src/framework/middleware}/requestSigning.d.ts +2 -2
package/dist/{middleware → src/framework/middleware}/requestSigning.js +18 -19
package/dist/src/framework/middleware/tenant.d.ts +14 -0
package/dist/{middleware → src/framework/middleware}/tenant.js +31 -27
package/dist/src/framework/middleware/upload.d.ts +5 -0
package/dist/{middleware → src/framework/middleware}/upload.js +4 -4
package/dist/{middleware → src/framework/middleware}/webhookAuth.d.ts +3 -3
package/dist/{middleware → src/framework/middleware}/webhookAuth.js +11 -11
package/dist/src/framework/models/AuditLog.d.ts +21 -0
package/dist/src/framework/models/AuditLog.js +31 -0
package/dist/src/framework/mountMiddleware.d.ts +91 -0
package/dist/src/framework/mountMiddleware.js +128 -0
package/dist/src/framework/mountOptionalEndpoints.d.ts +103 -0
package/dist/src/framework/mountOptionalEndpoints.js +47 -0
package/dist/src/framework/mountRoutes.d.ts +21 -0
package/dist/src/framework/mountRoutes.js +144 -0
package/dist/src/framework/persistence/cronRegistry.d.ts +28 -0
package/dist/src/framework/persistence/cronRegistry.js +139 -0
package/dist/src/framework/persistence/idempotency.d.ts +26 -0
package/dist/src/framework/persistence/idempotency.js +178 -0
package/dist/src/framework/persistence/index.d.ts +6 -0
package/dist/src/framework/persistence/index.js +8 -0
package/dist/src/framework/persistence/storeInfra.d.ts +9 -0
package/dist/src/framework/persistence/storeInfra.js +1 -0
package/dist/src/framework/persistence/uploadRegistry.d.ts +35 -0
package/dist/src/framework/persistence/uploadRegistry.js +235 -0
package/dist/src/framework/persistence/wsMessages.d.ts +22 -0
package/dist/src/framework/persistence/wsMessages.js +296 -0
package/dist/src/framework/preloadSchemas.d.ts +24 -0
package/dist/src/framework/preloadSchemas.js +42 -0
package/dist/src/framework/registerBoundaryAdapters.d.ts +23 -0
package/dist/src/framework/registerBoundaryAdapters.js +46 -0
package/dist/src/framework/routes/admin.d.ts +9 -0
package/dist/src/framework/routes/admin.js +361 -0
package/dist/src/framework/routes/health.d.ts +1 -0
package/dist/src/framework/routes/health.js +21 -0
package/dist/src/framework/routes/home.d.ts +1 -0
package/dist/src/framework/routes/home.js +18 -0
package/dist/src/framework/routes/jobs.d.ts +3 -0
package/dist/src/framework/routes/jobs.js +315 -0
package/dist/src/framework/routes/metrics.d.ts +10 -0
package/dist/src/framework/routes/metrics.js +57 -0
package/dist/src/framework/routes/uploads.d.ts +14 -0
package/dist/src/framework/routes/uploads.js +262 -0
package/dist/src/framework/runPluginLifecycle.d.ts +27 -0
package/dist/src/framework/runPluginLifecycle.js +121 -0
package/dist/src/framework/secrets/frameworkSecretSchema.d.ts +58 -0
package/dist/src/framework/secrets/frameworkSecretSchema.js +20 -0
package/dist/src/framework/secrets/index.d.ts +9 -0
package/dist/src/framework/secrets/index.js +7 -0
package/dist/src/framework/secrets/providers/envProvider.d.ts +15 -0
package/dist/src/framework/secrets/providers/envProvider.js +18 -0
package/dist/src/framework/secrets/providers/fileProvider.d.ts +8 -0
package/dist/src/framework/secrets/providers/fileProvider.js +82 -0
package/dist/src/framework/secrets/providers/ssmProvider.d.ts +20 -0
package/dist/src/framework/secrets/providers/ssmProvider.js +127 -0
package/dist/src/framework/secrets/resolveSecretBundle.d.ts +53 -0
package/dist/src/framework/secrets/resolveSecretBundle.js +84 -0
package/dist/src/framework/secrets/resolveSecrets.d.ts +18 -0
package/dist/src/framework/secrets/resolveSecrets.js +34 -0
package/dist/src/framework/sse/index.d.ts +21 -0
package/dist/src/framework/sse/index.js +109 -0
package/dist/src/framework/ws/index.d.ts +11 -0
package/dist/src/framework/ws/index.js +8 -0
package/dist/src/index.d.ts +87 -0
package/dist/src/index.js +58 -0
package/dist/src/lib/appConfig.d.ts +7 -0
package/dist/src/lib/appConfig.js +27 -0
package/dist/src/lib/appMeta.d.ts +7 -0
package/dist/src/lib/appMeta.js +3 -0
package/dist/src/lib/authConfig.d.ts +532 -0
package/dist/src/lib/authConfig.js +179 -0
package/dist/{lib → src/lib}/context.d.ts +6 -7
package/dist/{lib → src/lib}/context.js +5 -5
package/dist/src/lib/logger.d.ts +1 -0
package/dist/src/lib/logger.js +1 -0
package/dist/src/lib/mongo.d.ts +58 -0
package/dist/src/lib/mongo.js +96 -0
package/dist/src/lib/queue.d.ts +72 -0
package/dist/src/lib/queue.js +152 -0
package/dist/src/lib/redis.d.ts +28 -0
package/dist/src/lib/redis.js +72 -0
package/dist/{lib → src/lib}/signing.d.ts +2 -2
package/dist/src/lib/signing.js +210 -0
package/dist/src/lib/signingConfig.d.ts +40 -0
package/dist/src/lib/signingConfig.js +28 -0
package/dist/src/server.d.ts +146 -0
package/dist/src/server.js +469 -0
package/dist/src/shared/lib/HttpError.d.ts +1 -0
package/dist/src/shared/lib/HttpError.js +2 -0
package/dist/src/shared/lib/constants.d.ts +10 -0
package/dist/src/shared/lib/crypto.d.ts +43 -0
package/dist/src/shared/lib/crypto.js +74 -0
package/dist/src/shared/lib/signing.d.ts +52 -0
package/dist/{lib → src/shared/lib}/signing.js +40 -10
package/dist/src/testing.d.ts +34 -0
package/dist/src/testing.js +93 -0
package/package.json +62 -25
package/dist/adapters/memoryAuth.d.ts +0 -46
package/dist/adapters/memoryAuth.js +0 -634
package/dist/adapters/memoryStorage.d.ts +0 -3
package/dist/adapters/memoryStorage.js +0 -44
package/dist/adapters/mongoAuth.d.ts +0 -2
package/dist/adapters/mongoAuth.js +0 -307
package/dist/adapters/sqliteAuth.d.ts +0 -49
package/dist/adapters/sqliteAuth.js +0 -707
package/dist/app.d.ts +0 -456
package/dist/app.js +0 -548
package/dist/entrypoints/mongo.d.ts +0 -5
package/dist/entrypoints/mongo.js +0 -4
package/dist/entrypoints/queue.d.ts +0 -2
package/dist/entrypoints/queue.js +0 -1
package/dist/entrypoints/redis.d.ts +0 -1
package/dist/entrypoints/redis.js +0 -1
package/dist/index.d.ts +0 -98
package/dist/index.js +0 -77
package/dist/lib/HttpError.d.ts +0 -9
package/dist/lib/HttpError.js +0 -14
package/dist/lib/appConfig.d.ts +0 -162
package/dist/lib/appConfig.js +0 -83
package/dist/lib/auditLog.d.ts +0 -52
package/dist/lib/auditLog.js +0 -201
package/dist/lib/authAdapter.d.ts +0 -176
package/dist/lib/authAdapter.js +0 -7
package/dist/lib/authRateLimit.d.ts +0 -13
package/dist/lib/authRateLimit.js +0 -81
package/dist/lib/clientIp.d.ts +0 -14
package/dist/lib/crypto.d.ts +0 -11
package/dist/lib/crypto.js +0 -22
package/dist/lib/deletionCancelToken.d.ts +0 -12
package/dist/lib/deletionCancelToken.js +0 -88
package/dist/lib/emailVerification.d.ts +0 -13
package/dist/lib/emailVerification.js +0 -86
package/dist/lib/fingerprint.js +0 -36
package/dist/lib/idempotency.js +0 -182
package/dist/lib/jwt.d.ts +0 -2
package/dist/lib/jwt.js +0 -24
package/dist/lib/logger.d.ts +0 -1
package/dist/lib/logger.js +0 -7
package/dist/lib/metrics.d.ts +0 -14
package/dist/lib/mfaChallenge.d.ts +0 -42
package/dist/lib/mfaChallenge.js +0 -293
package/dist/lib/mongo.d.ts +0 -39
package/dist/lib/mongo.js +0 -124
package/dist/lib/oauth.d.ts +0 -40
package/dist/lib/oauth.js +0 -101
package/dist/lib/oauthCode.d.ts +0 -15
package/dist/lib/oauthCode.js +0 -90
package/dist/lib/pagination.d.ts +0 -119
package/dist/lib/pagination.js +0 -166
package/dist/lib/queue.d.ts +0 -37
package/dist/lib/queue.js +0 -117
package/dist/lib/redis.d.ts +0 -9
package/dist/lib/redis.js +0 -61
package/dist/lib/resetPassword.d.ts +0 -12
package/dist/lib/resetPassword.js +0 -91
package/dist/lib/roles.d.ts +0 -7
package/dist/lib/roles.js +0 -49
package/dist/lib/session.d.ts +0 -39
package/dist/lib/session.js +0 -535
package/dist/lib/tenant.d.ts +0 -15
package/dist/lib/tenant.js +0 -65
package/dist/lib/upload.js +0 -87
package/dist/lib/ws.d.ts +0 -22
package/dist/lib/ws.js +0 -89
package/dist/lib/wsHeartbeat.d.ts +0 -12
package/dist/lib/wsHeartbeat.js +0 -57
package/dist/lib/wsMessages.d.ts +0 -40
package/dist/lib/wsMessages.js +0 -330
package/dist/lib/wsPresence.d.ts +0 -25
package/dist/lib/wsPresence.js +0 -99
package/dist/middleware/auditLog.js +0 -39
package/dist/middleware/bearerAuth.d.ts +0 -2
package/dist/middleware/bearerAuth.js +0 -11
package/dist/middleware/cacheResponse.d.ts +0 -15
package/dist/middleware/cacheResponse.js +0 -178
package/dist/middleware/csrf.js +0 -125
package/dist/middleware/errorHandler.js +0 -13
package/dist/middleware/identify.d.ts +0 -3
package/dist/middleware/identify.js +0 -95
package/dist/middleware/index.js +0 -1
package/dist/middleware/metrics.d.ts +0 -9
package/dist/middleware/metrics.js +0 -26
package/dist/middleware/rateLimit.js +0 -22
package/dist/middleware/requestId.d.ts +0 -3
package/dist/middleware/tenant.d.ts +0 -5
package/dist/middleware/upload.d.ts +0 -5
package/dist/middleware/userAuth.d.ts +0 -3
package/dist/middleware/userAuth.js +0 -6
package/dist/models/AuditLog.d.ts +0 -30
package/dist/models/AuditLog.js +0 -39
package/dist/models/AuthUser.js +0 -48
package/dist/models/Group.d.ts +0 -21
package/dist/models/Group.js +0 -28
package/dist/models/GroupMembership.js +0 -25
package/dist/models/TenantRole.d.ts +0 -15
package/dist/models/TenantRole.js +0 -23
package/dist/routes/auth.d.ts +0 -11
package/dist/routes/auth.js +0 -605
package/dist/routes/groups.js +0 -346
package/dist/routes/health.d.ts +0 -1
package/dist/routes/health.js +0 -22
package/dist/routes/home.d.ts +0 -1
package/dist/routes/home.js +0 -16
package/dist/routes/jobs.d.ts +0 -2
package/dist/routes/jobs.js +0 -272
package/dist/routes/metrics.d.ts +0 -7
package/dist/routes/metrics.js +0 -52
package/dist/routes/mfa.d.ts +0 -5
package/dist/routes/mfa.js +0 -620
package/dist/routes/oauth.d.ts +0 -2
package/dist/routes/oauth.js +0 -514
package/dist/routes/uploads.d.ts +0 -2
package/dist/routes/uploads.js +0 -135
package/dist/schemas/auth.js +0 -30
package/dist/server.d.ts +0 -57
package/dist/server.js +0 -112
package/dist/services/auth.d.ts +0 -27
package/dist/services/auth.js +0 -159
package/dist/ws/index.d.ts +0 -10
package/dist/ws/index.js +0 -38
package/docs/sections/adding-middleware/full.md +0 -35
package/docs/sections/adding-models/full.md +0 -125
package/docs/sections/adding-models/overview.md +0 -13
package/docs/sections/adding-routes/full.md +0 -182
package/docs/sections/adding-routes/overview.md +0 -23
package/docs/sections/auth-flow/full.md +0 -779
package/docs/sections/auth-flow/overview.md +0 -10
package/docs/sections/auth-security-examples/full.md +0 -365
package/docs/sections/authentication/full.md +0 -130
package/docs/sections/authentication/overview.md +0 -5
package/docs/sections/cli/full.md +0 -42
package/docs/sections/configuration/full.md +0 -172
package/docs/sections/configuration/overview.md +0 -18
package/docs/sections/configuration-example/full.md +0 -117
package/docs/sections/configuration-example/overview.md +0 -30
package/docs/sections/documentation/full.md +0 -171
package/docs/sections/environment-variables/full.md +0 -55
package/docs/sections/exports/full.md +0 -123
package/docs/sections/extending-context/full.md +0 -59
package/docs/sections/header.md +0 -3
package/docs/sections/installation/full.md +0 -6
package/docs/sections/jobs/full.md +0 -140
package/docs/sections/jobs/overview.md +0 -15
package/docs/sections/logging/full.md +0 -83
package/docs/sections/metrics/full.md +0 -127
package/docs/sections/mongodb-connections/full.md +0 -45
package/docs/sections/mongodb-connections/overview.md +0 -7
package/docs/sections/multi-tenancy/full.md +0 -66
package/docs/sections/multi-tenancy/overview.md +0 -15
package/docs/sections/oauth/full.md +0 -189
package/docs/sections/oauth/overview.md +0 -16
package/docs/sections/package-development/full.md +0 -7
package/docs/sections/pagination/full.md +0 -93
package/docs/sections/peer-dependencies/full.md +0 -47
package/docs/sections/quick-start/full.md +0 -43
package/docs/sections/response-caching/full.md +0 -117
package/docs/sections/response-caching/overview.md +0 -13
package/docs/sections/roles/full.md +0 -225
package/docs/sections/roles/overview.md +0 -14
package/docs/sections/running-without-redis/full.md +0 -16
package/docs/sections/running-without-redis-or-mongodb/full.md +0 -60
package/docs/sections/signing/full.md +0 -203
package/docs/sections/stack/full.md +0 -10
package/docs/sections/uploads/full.md +0 -199
package/docs/sections/versioning/full.md +0 -85
package/docs/sections/webhook-auth/full.md +0 -100
package/docs/sections/websocket/full.md +0 -184
package/docs/sections/websocket/overview.md +0 -5
package/docs/sections/websocket-rooms/full.md +0 -102
package/docs/sections/websocket-rooms/overview.md +0 -5
/package/dist/{lib/storageAdapter.js → packages/bunshot-admin/src/types/env.js} +0 -0
/package/dist/{lib → packages/bunshot-auth/src/lib}/fingerprint.d.ts +0 -0
/package/dist/{lib → packages/bunshot-core/src}/constants.d.ts +0 -0
/package/dist/{lib → packages/bunshot-core/src}/storageAdapter.d.ts +0 -0
/package/dist/{lib → src/framework/lib}/createDtoMapper.d.ts +0 -0
/package/dist/{lib → src/framework/lib}/stripUnreferencedSchemas.d.ts +0 -0
/package/dist/{middleware → src/framework/middleware}/cors.d.ts +0 -0
/package/dist/{middleware → src/framework/middleware}/cors.js +0 -0
/package/dist/{middleware → src/framework/middleware}/index.d.ts +0 -0
/package/dist/{middleware → src/framework/middleware}/logger.js +0 -0
/package/dist/{lib → src/shared/lib}/constants.js +0 -0

package/dist/src/framework/runPluginLifecycle.d.ts ADDED Viewed

@@ -0,0 +1,27 @@
+/**
+ * Plugin lifecycle execution — extracted from createApp().
+ *
+ * Handles plugin dependency validation, topological sorting,
+ * and execution of the three framework lifecycle phases.
+ */
+import type { OpenAPIHono } from '@hono/zod-openapi';
+import type { AppEnv, BunshotEventBus, BunshotPlugin } from '../../packages/bunshot-core/src/index.js';
+import type { FrameworkConfig } from './createInfrastructure';
+/**
+ * Validate the plugin dependency graph and return plugins in topological order.
+ * Throws on circular dependencies, missing dependencies, lifecycle-less plugins,
+ * and cross-phase dependency violations.
+ */
+export declare function validateAndSortPlugins(plugins: BunshotPlugin[]): BunshotPlugin[];
+/**
+ * Run the setupMiddleware phase for all sorted plugins.
+ */
+export declare function runPluginMiddleware(sortedPlugins: BunshotPlugin[], app: OpenAPIHono<AppEnv>, frameworkConfig: FrameworkConfig, bus: BunshotEventBus): Promise<void>;
+/**
+ * Run the setupRoutes phase for all sorted plugins.
+ */
+export declare function runPluginRoutes(sortedPlugins: BunshotPlugin[], app: OpenAPIHono<AppEnv>, frameworkConfig: FrameworkConfig, bus: BunshotEventBus): Promise<void>;
+/**
+ * Run the setupPost phase for all sorted plugins.
+ */
+export declare function runPluginPost(sortedPlugins: BunshotPlugin[], app: OpenAPIHono<AppEnv>, frameworkConfig: FrameworkConfig, bus: BunshotEventBus): Promise<void>;

package/dist/src/framework/runPluginLifecycle.js ADDED Viewed

@@ -0,0 +1,121 @@
+// ---------------------------------------------------------------------------
+// Topological sort
+// ---------------------------------------------------------------------------
+function topologicalSort(plugins) {
+    const nameToPlugin = new Map(plugins.map(p => [p.name, p]));
+    const completed = new Set();
+    const inProgress = new Set();
+    const result = [];
+    function visit(name, path) {
+        if (completed.has(name))
+            return;
+        if (inProgress.has(name)) {
+            const cycleStart = path.indexOf(name);
+            const cycle = [...path.slice(cycleStart), name];
+            throw new Error(`[bunshot] Circular plugin dependency detected: ${cycle.join(' → ')}`);
+        }
+        const plugin = nameToPlugin.get(name);
+        if (!plugin) {
+            throw new Error(`[bunshot] Plugin dependency "${name}" not found (required by "${path[path.length - 1] ?? 'root'}").`);
+        }
+        inProgress.add(name);
+        for (const dep of plugin.dependencies ?? []) {
+            visit(dep, [...path, name]);
+        }
+        inProgress.delete(name);
+        completed.add(name);
+        result.push(plugin);
+    }
+    for (const plugin of plugins) {
+        visit(plugin.name, []);
+    }
+    return result;
+}
+// ---------------------------------------------------------------------------
+// Plugin validation
+// ---------------------------------------------------------------------------
+function getEarliestPhase(p) {
+    if (p.setupMiddleware)
+        return 0;
+    if (p.setupRoutes)
+        return 1;
+    if (p.setupPost)
+        return 2;
+    return 3; // setup-only (standalone)
+}
+const PHASE_NAMES = ['setupMiddleware', 'setupRoutes', 'setupPost', 'setup-only (standalone)'];
+/**
+ * Validate the plugin dependency graph and return plugins in topological order.
+ * Throws on circular dependencies, missing dependencies, lifecycle-less plugins,
+ * and cross-phase dependency violations.
+ */
+export function validateAndSortPlugins(plugins) {
+    if (plugins.length === 0)
+        return [];
+    const pluginNames = new Set(plugins.map(p => p.name));
+    const nameToPlugin = new Map(plugins.map(p => [p.name, p]));
+    for (const plugin of plugins) {
+        // Validate all declared dependencies are present
+        for (const dep of plugin.dependencies ?? []) {
+            if (!pluginNames.has(dep)) {
+                throw new Error(`[bunshot] Plugin "${plugin.name}" declares dependency "${dep}" but it is not in the plugins array.`);
+            }
+        }
+        // Each plugin must define at least one lifecycle method
+        if (!plugin.setupMiddleware && !plugin.setupRoutes && !plugin.setupPost && !plugin.setup) {
+            throw new Error(`[bunshot] Plugin "${plugin.name}" must define at least one of: setupMiddleware, setupRoutes, setupPost, or setup.`);
+        }
+        // setup()-only plugins are standalone-only — the framework skips them
+        if (!plugin.setupMiddleware && !plugin.setupRoutes && !plugin.setupPost && plugin.setup) {
+            console.info(`[bunshot] Plugin "${plugin.name}" defines only setup() — standalone-only, skipped by framework. Use setupMiddleware(), setupRoutes(), or setupPost() for framework integration.`);
+        }
+    }
+    // Cross-phase dependency validation
+    for (const plugin of plugins) {
+        const pluginPhase = getEarliestPhase(plugin);
+        if (pluginPhase === 3)
+            continue; // standalone-only: no framework phase to validate
+        for (const depName of plugin.dependencies ?? []) {
+            const dep = nameToPlugin.get(depName);
+            const depPhase = getEarliestPhase(dep);
+            if (depPhase > pluginPhase) {
+                throw new Error(`[bunshot] Plugin "${plugin.name}" (earliest phase: ${PHASE_NAMES[pluginPhase]}) ` +
+                    `depends on "${depName}" (earliest phase: ${PHASE_NAMES[depPhase]}). ` +
+                    `A dependency's earliest phase must be ≤ the dependent's earliest phase.`);
+            }
+        }
+    }
+    // Topological sort — only include plugins that participate in at least one framework phase
+    const frameworkPlugins = plugins.filter(p => p.setupMiddleware || p.setupRoutes || p.setupPost);
+    return topologicalSort(frameworkPlugins);
+}
+// ---------------------------------------------------------------------------
+// Plugin lifecycle execution
+// ---------------------------------------------------------------------------
+/**
+ * Run the setupMiddleware phase for all sorted plugins.
+ */
+export async function runPluginMiddleware(sortedPlugins, app, frameworkConfig, bus) {
+    for (const plugin of sortedPlugins) {
+        if (plugin.setupMiddleware)
+            await plugin.setupMiddleware(app, frameworkConfig, bus);
+    }
+}
+/**
+ * Run the setupRoutes phase for all sorted plugins.
+ */
+export async function runPluginRoutes(sortedPlugins, app, frameworkConfig, bus) {
+    for (const plugin of sortedPlugins) {
+        if (plugin.setupRoutes)
+            await plugin.setupRoutes(app, frameworkConfig, bus);
+    }
+}
+/**
+ * Run the setupPost phase for all sorted plugins.
+ */
+export async function runPluginPost(sortedPlugins, app, frameworkConfig, bus) {
+    for (const plugin of sortedPlugins) {
+        if (plugin.setupPost)
+            await plugin.setupPost(app, frameworkConfig, bus);
+    }
+}

package/dist/src/framework/secrets/frameworkSecretSchema.d.ts ADDED Viewed

@@ -0,0 +1,58 @@
+export declare const frameworkSecretSchema: {
+    readonly jwtSecret: {
+        readonly path: "JWT_SECRET";
+        readonly required: false;
+    };
+    readonly bearerToken: {
+        readonly path: "BEARER_TOKEN";
+        readonly required: false;
+    };
+    readonly dataEncryptionKey: {
+        readonly path: "BUNSHOT_DATA_ENCRYPTION_KEY";
+        readonly required: false;
+    };
+    readonly redisHost: {
+        readonly path: "REDIS_HOST";
+        readonly required: false;
+    };
+    readonly redisUser: {
+        readonly path: "REDIS_USER";
+        readonly required: false;
+    };
+    readonly redisPassword: {
+        readonly path: "REDIS_PASSWORD";
+        readonly required: false;
+    };
+    readonly mongoUser: {
+        readonly path: "MONGO_USER";
+        readonly required: false;
+    };
+    readonly mongoPassword: {
+        readonly path: "MONGO_PASSWORD";
+        readonly required: false;
+    };
+    readonly mongoHost: {
+        readonly path: "MONGO_HOST";
+        readonly required: false;
+    };
+    readonly mongoDb: {
+        readonly path: "MONGO_DB";
+        readonly required: false;
+    };
+    readonly mongoAuthUser: {
+        readonly path: "MONGO_AUTH_USER";
+        readonly required: false;
+    };
+    readonly mongoAuthPassword: {
+        readonly path: "MONGO_AUTH_PASSWORD";
+        readonly required: false;
+    };
+    readonly mongoAuthHost: {
+        readonly path: "MONGO_AUTH_HOST";
+        readonly required: false;
+    };
+    readonly mongoAuthDb: {
+        readonly path: "MONGO_AUTH_DB";
+        readonly required: false;
+    };
+};

package/dist/src/framework/secrets/frameworkSecretSchema.js ADDED Viewed

@@ -0,0 +1,20 @@
+export const frameworkSecretSchema = {
+    // Signing & encryption
+    jwtSecret: { path: 'JWT_SECRET', required: false },
+    bearerToken: { path: 'BEARER_TOKEN', required: false },
+    dataEncryptionKey: { path: 'BUNSHOT_DATA_ENCRYPTION_KEY', required: false },
+    // Redis
+    redisHost: { path: 'REDIS_HOST', required: false },
+    redisUser: { path: 'REDIS_USER', required: false },
+    redisPassword: { path: 'REDIS_PASSWORD', required: false },
+    // Mongo (primary / single mode)
+    mongoUser: { path: 'MONGO_USER', required: false },
+    mongoPassword: { path: 'MONGO_PASSWORD', required: false },
+    mongoHost: { path: 'MONGO_HOST', required: false },
+    mongoDb: { path: 'MONGO_DB', required: false },
+    // Mongo (auth — separate mode)
+    mongoAuthUser: { path: 'MONGO_AUTH_USER', required: false },
+    mongoAuthPassword: { path: 'MONGO_AUTH_PASSWORD', required: false },
+    mongoAuthHost: { path: 'MONGO_AUTH_HOST', required: false },
+    mongoAuthDb: { path: 'MONGO_AUTH_DB', required: false },
+};

package/dist/src/framework/secrets/index.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+export { resolveSecrets } from './resolveSecrets';
+export { frameworkSecretSchema } from './frameworkSecretSchema';
+export { resolveSecretBundle, resolveSecretRepo_fromInput, resolveSecretRepo, secretRepositoryFactories, } from './resolveSecretBundle';
+export type { SecretStoreConfig, SecretRepositoryFactories, SecretStoreInput, SecretStoreInfra, SecretRepoFactories, ResolvedSecretBundle, RegisteredSecretRepository, EnvSecretStoreConfig, SsmSecretStoreConfig, FileSecretStoreConfig, } from './resolveSecretBundle';
+export { createEnvSecretRepository } from './providers/envProvider';
+export { createSsmSecretRepository } from './providers/ssmProvider';
+export type { SsmProviderOptions } from './providers/ssmProvider';
+export { createFileSecretRepository } from './providers/fileProvider';
+export type { FileProviderOptions } from './providers/fileProvider';

package/dist/src/framework/secrets/index.js ADDED Viewed

@@ -0,0 +1,7 @@
+// Barrel export for framework secrets module
+export { resolveSecrets } from './resolveSecrets';
+export { frameworkSecretSchema } from './frameworkSecretSchema';
+export { resolveSecretBundle, resolveSecretRepo_fromInput, resolveSecretRepo, secretRepositoryFactories, } from './resolveSecretBundle';
+export { createEnvSecretRepository } from './providers/envProvider';
+export { createSsmSecretRepository } from './providers/ssmProvider';
+export { createFileSecretRepository } from './providers/fileProvider';

package/dist/src/framework/secrets/providers/envProvider.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+/**
+ * Environment variable secret repository.
+ *
+ * Reads secrets from process.env. Covers:
+ * - Local .env files (loaded by Bun automatically)
+ * - GitHub Actions secrets (injected as env vars in CI)
+ * - Any platform that maps secrets to environment variables
+ *
+ * Factory pattern: closure-owned prefix, no module-level state.
+ */
+import type { ISecretRepository } from '../../../../packages/bunshot-core/src/index.js';
+export declare function createEnvSecretRepository(opts?: {
+    /** Optional prefix stripped from env var names (e.g., 'MYAPP_') */
+    prefix?: string;
+}): ISecretRepository;

package/dist/src/framework/secrets/providers/envProvider.js ADDED Viewed

@@ -0,0 +1,18 @@
+export function createEnvSecretRepository(opts) {
+    const prefix = opts?.prefix ?? '';
+    return {
+        name: 'env',
+        async get(key) {
+            return process.env[prefix + key] ?? null;
+        },
+        async getMany(keys) {
+            const result = new Map();
+            for (const key of keys) {
+                const val = process.env[prefix + key];
+                if (val !== undefined)
+                    result.set(key, val);
+            }
+            return result;
+        },
+    };
+}

package/dist/src/framework/secrets/providers/fileProvider.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import type { ISecretRepository } from '../../../../packages/bunshot-core/src/index.js';
+export interface FileProviderOptions {
+    /** Directory containing secret files (e.g., '/run/secrets') */
+    directory: string;
+    /** File extension to strip when deriving key names. Default: none. */
+    extension?: string;
+}
+export declare function createFileSecretRepository(opts: FileProviderOptions): ISecretRepository;

package/dist/src/framework/secrets/providers/fileProvider.js ADDED Viewed

@@ -0,0 +1,82 @@
+/**
+ * File-based secret repository.
+ *
+ * Reads secrets from individual files in a directory. Each file name is the
+ * secret key, file content is the secret value (trailing newline trimmed).
+ *
+ * Use cases:
+ * - Docker Swarm secrets mounted at /run/secrets/
+ * - Kubernetes mounted secret volumes
+ * - Any file-based secret injection
+ *
+ * Factory pattern: closure-owned cache + directory ref, no module-level state.
+ */
+import { readFile, readdir } from 'node:fs/promises';
+import { join } from 'node:path';
+export function createFileSecretRepository(opts) {
+    const { directory, extension } = opts;
+    // Closure-owned cache — populated on initialize(), keyed by secret name
+    const cache = new Map();
+    let initialized = false;
+    function stripExtension(filename) {
+        if (extension && filename.endsWith(extension)) {
+            return filename.slice(0, -extension.length);
+        }
+        return filename;
+    }
+    async function readSecret(key) {
+        const filename = extension ? key + extension : key;
+        try {
+            const content = await readFile(join(directory, filename), 'utf-8');
+            return content.replace(/\n$/, '');
+        }
+        catch (err) {
+            if (err.code === 'ENOENT')
+                return null;
+            throw err;
+        }
+    }
+    return {
+        name: 'file',
+        async initialize() {
+            try {
+                const files = await readdir(directory);
+                for (const file of files) {
+                    const key = stripExtension(file);
+                    const content = await readFile(join(directory, file), 'utf-8');
+                    cache.set(key, content.replace(/\n$/, ''));
+                }
+                initialized = true;
+            }
+            catch (err) {
+                if (err.code === 'ENOENT') {
+                    throw new Error(`[secrets/file] Directory not found: ${directory}`);
+                }
+                throw err;
+            }
+        },
+        async get(key) {
+            if (initialized)
+                return cache.get(key) ?? null;
+            return readSecret(key);
+        },
+        async getMany(keys) {
+            const result = new Map();
+            for (const key of keys) {
+                const value = initialized ? (cache.get(key) ?? null) : await readSecret(key);
+                if (value !== null)
+                    result.set(key, value);
+            }
+            return result;
+        },
+        async refresh() {
+            cache.clear();
+            initialized = false;
+            await this.initialize?.();
+        },
+        async destroy() {
+            cache.clear();
+            initialized = false;
+        },
+    };
+}

package/dist/src/framework/secrets/providers/ssmProvider.d.ts ADDED Viewed

@@ -0,0 +1,20 @@
+/**
+ * AWS Systems Manager Parameter Store secret repository.
+ *
+ * Batch-loads parameters by path prefix on initialize(), caches locally.
+ * Lazy SDK import — @aws-sdk/client-ssm is only loaded when this repository is used.
+ *
+ * Factory pattern: closure-owned cache + client, no module-level state.
+ */
+import type { ISecretRepository } from '../../../../packages/bunshot-core/src/index.js';
+export interface SsmProviderOptions {
+    /** SSM path prefix, e.g., '/myapp/prod/' — must end with '/' */
+    pathPrefix: string;
+    /** AWS region. Defaults to AWS_REGION env var or 'us-east-1'. */
+    region?: string;
+    /** Cache TTL in milliseconds. Default: 300_000 (5 min). */
+    cacheTtlMs?: number;
+    /** Whether to decrypt SecureString params. Default: true. */
+    withDecryption?: boolean;
+}
+export declare function createSsmSecretRepository(opts: SsmProviderOptions): ISecretRepository;

package/dist/src/framework/secrets/providers/ssmProvider.js ADDED Viewed

@@ -0,0 +1,127 @@
+export function createSsmSecretRepository(opts) {
+    const { pathPrefix, region, withDecryption = true } = opts;
+    const cacheTtl = opts.cacheTtlMs ?? 300_000;
+    // Closure-owned state — no module globals
+    const cache = new Map();
+    let ssmClient = null;
+    async function requireSsm() {
+        try {
+            // eslint-disable-next-line @typescript-eslint/no-implied-eval
+            return await new Function('specifier', 'return import(specifier)')('@aws-sdk/client-ssm');
+        }
+        catch {
+            throw new Error('SSM secret repository requires @aws-sdk/client-ssm to be installed');
+        }
+    }
+    async function getClient() {
+        if (ssmClient)
+            return ssmClient;
+        const { SSMClient } = await requireSsm();
+        ssmClient = new SSMClient({ region: region ?? process.env.AWS_REGION ?? 'us-east-1' });
+        return ssmClient;
+    }
+    function stripPrefix(name) {
+        return name.startsWith(pathPrefix) ? name.slice(pathPrefix.length) : name;
+    }
+    function getCached(key) {
+        const entry = cache.get(key);
+        if (!entry)
+            return null;
+        if (entry.expiresAt <= Date.now()) {
+            cache.delete(key);
+            return null;
+        }
+        return entry.value;
+    }
+    function setCache(key, value) {
+        cache.set(key, { value, expiresAt: Date.now() + cacheTtl });
+    }
+    return {
+        name: 'ssm',
+        async initialize() {
+            const client = await getClient();
+            const { GetParametersByPathCommand } = await requireSsm();
+            let nextToken;
+            do {
+                const cmd = new GetParametersByPathCommand({
+                    Path: pathPrefix,
+                    Recursive: true,
+                    WithDecryption: withDecryption,
+                    NextToken: nextToken,
+                });
+                const resp = await client.send(cmd);
+                for (const param of resp.Parameters ?? []) {
+                    if (param.Name && param.Value) {
+                        setCache(stripPrefix(param.Name), param.Value);
+                    }
+                }
+                nextToken = resp.NextToken;
+            } while (nextToken);
+        },
+        async get(key) {
+            const cached = getCached(key);
+            if (cached !== null)
+                return cached;
+            const client = await getClient();
+            const { GetParameterCommand } = await requireSsm();
+            try {
+                const cmd = new GetParameterCommand({
+                    Name: pathPrefix + key,
+                    WithDecryption: withDecryption,
+                });
+                const resp = await client.send(cmd);
+                const value = resp.Parameter?.Value ?? null;
+                if (value !== null)
+                    setCache(key, value);
+                return value;
+            }
+            catch (err) {
+                if (err.name === 'ParameterNotFound')
+                    return null;
+                throw err;
+            }
+        },
+        async getMany(keys) {
+            const result = new Map();
+            const uncached = [];
+            for (const key of keys) {
+                const cached = getCached(key);
+                if (cached !== null) {
+                    result.set(key, cached);
+                }
+                else {
+                    uncached.push(key);
+                }
+            }
+            if (uncached.length > 0) {
+                const client = await getClient();
+                const { GetParametersCommand } = await requireSsm();
+                // GetParameters supports max 10 names per call
+                for (let i = 0; i < uncached.length; i += 10) {
+                    const batch = uncached.slice(i, i + 10);
+                    const cmd = new GetParametersCommand({
+                        Names: batch.map(k => pathPrefix + k),
+                        WithDecryption: withDecryption,
+                    });
+                    const resp = await client.send(cmd);
+                    for (const param of resp.Parameters ?? []) {
+                        if (param.Name && param.Value) {
+                            const key = stripPrefix(param.Name);
+                            setCache(key, param.Value);
+                            result.set(key, param.Value);
+                        }
+                    }
+                }
+            }
+            return result;
+        },
+        async refresh() {
+            cache.clear();
+            await this.initialize?.();
+        },
+        async destroy() {
+            cache.clear();
+            ssmClient = null;
+        },
+    };
+}

package/dist/src/framework/secrets/resolveSecretBundle.d.ts ADDED Viewed

@@ -0,0 +1,53 @@
+import type { ISecretRepository, ResolvedSecrets, SecretSchema, SecretStoreType } from '../../../packages/bunshot-core/src/index.js';
+import { frameworkSecretSchema } from './frameworkSecretSchema';
+/** Infrastructure options for secret store resolution — equivalent to StoreInfra */
+export interface SecretStoreInfra {
+    readonly prefix?: string;
+    readonly pathPrefix?: string;
+    readonly region?: string;
+    readonly directory?: string;
+    readonly extension?: string;
+    readonly cacheTtlMs?: number;
+    readonly withDecryption?: boolean;
+}
+export type SecretRepoFactories<T> = Record<SecretStoreType, (infra: SecretStoreInfra) => T | Promise<T>>;
+export declare function resolveSecretRepo<T>(factories: SecretRepoFactories<T>, storeType: SecretStoreType, infra: SecretStoreInfra): T | Promise<T>;
+export interface EnvSecretStoreConfig {
+    provider: 'env';
+    prefix?: string;
+    schema?: SecretSchema;
+}
+export interface SsmSecretStoreConfig {
+    provider: 'ssm';
+    pathPrefix: string;
+    region?: string;
+    schema?: SecretSchema;
+}
+export interface FileSecretStoreConfig {
+    provider: 'file';
+    directory: string;
+    schema?: SecretSchema;
+}
+export interface RegisteredSecretRepository {
+    provider: ISecretRepository;
+    schema?: SecretSchema;
+}
+export type SecretStoreConfig = EnvSecretStoreConfig | SsmSecretStoreConfig | FileSecretStoreConfig;
+export type SecretStoreInput = ISecretRepository | SecretStoreConfig | RegisteredSecretRepository | undefined;
+type MergeSchemas<A extends SecretSchema, B extends SecretSchema | undefined> = B extends SecretSchema ? A & B : A;
+type SecretRepoFactory<K extends SecretStoreType> = (config: Extract<SecretStoreConfig, {
+    provider: K;
+}>) => Promise<ISecretRepository> | ISecretRepository;
+export type SecretRepositoryFactories = {
+    [K in SecretStoreType]: SecretRepoFactory<K>;
+};
+export declare const secretRepositoryFactories: SecretRepositoryFactories;
+export interface ResolvedSecretBundle<S extends SecretSchema | undefined = undefined> {
+    readonly provider: ISecretRepository;
+    readonly framework: ResolvedSecrets<typeof frameworkSecretSchema>;
+    readonly app: S extends SecretSchema ? ResolvedSecrets<S> : null;
+    readonly merged: ResolvedSecrets<MergeSchemas<typeof frameworkSecretSchema, S>>;
+}
+export declare function resolveSecretRepo_fromInput(input: SecretStoreInput): Promise<ISecretRepository>;
+export declare function resolveSecretBundle<S extends SecretSchema | undefined = undefined>(input: SecretStoreInput): Promise<ResolvedSecretBundle<S>>;
+export {};

package/dist/src/framework/secrets/resolveSecretBundle.js ADDED Viewed

@@ -0,0 +1,84 @@
+import { frameworkSecretSchema } from './frameworkSecretSchema';
+import { createEnvSecretRepository } from './providers/envProvider';
+import { resolveSecrets } from './resolveSecrets';
+export function resolveSecretRepo(factories, storeType, infra) {
+    const factory = factories[storeType];
+    if (!factory)
+        throw new Error(`[secrets] Unsupported store type: ${storeType}`);
+    return factory(infra);
+}
+export const secretRepositoryFactories = {
+    env: config => createEnvSecretRepository({ prefix: config.prefix }),
+    ssm: async (config) => {
+        const { createSsmSecretRepository } = await import('./providers/ssmProvider');
+        return createSsmSecretRepository({
+            pathPrefix: config.pathPrefix,
+            region: config.region,
+        });
+    },
+    file: async (config) => {
+        const { createFileSecretRepository } = await import('./providers/fileProvider');
+        return createFileSecretRepository({ directory: config.directory });
+    },
+};
+function isSecretRepository(value) {
+    if (!value || typeof value !== 'object')
+        return false;
+    return 'name' in value && 'get' in value && 'getMany' in value;
+}
+function isRegisteredSecretRepository(value) {
+    if (!value || typeof value !== 'object' || !('provider' in value))
+        return false;
+    const provider = value.provider;
+    return !!provider && isSecretRepository(provider);
+}
+function getAppSecretSchema(input) {
+    if (!input || isSecretRepository(input))
+        return undefined;
+    if (isRegisteredSecretRepository(input))
+        return input.schema;
+    return input.schema;
+}
+function mergeSecretSchemas(frameworkSchema, appSchema) {
+    if (!appSchema) {
+        return frameworkSchema;
+    }
+    return {
+        ...frameworkSchema,
+        ...appSchema,
+    };
+}
+function pickResolvedSecrets(resolved, schema) {
+    const picked = {};
+    for (const key of Object.keys(schema)) {
+        picked[key] = resolved[key];
+    }
+    return Object.freeze(picked);
+}
+export async function resolveSecretRepo_fromInput(input) {
+    if (!input)
+        return createEnvSecretRepository();
+    if (isSecretRepository(input))
+        return input;
+    if (isRegisteredSecretRepository(input))
+        return input.provider;
+    const factory = secretRepositoryFactories[input.provider];
+    if (!factory) {
+        throw new Error(`[secrets] Unsupported provider type: ${input.provider}`);
+    }
+    return await factory(input);
+}
+export async function resolveSecretBundle(input) {
+    const provider = await resolveSecretRepo_fromInput(input);
+    const appSchema = getAppSecretSchema(input);
+    const mergedSchema = mergeSecretSchemas(frameworkSecretSchema, appSchema);
+    const merged = await resolveSecrets(provider, mergedSchema);
+    return {
+        provider,
+        framework: pickResolvedSecrets(merged, frameworkSecretSchema),
+        app: (appSchema
+            ? pickResolvedSecrets(merged, appSchema)
+            : null),
+        merged,
+    };
+}