@mastra/deployer 0.16.3 → 0.16.4-alpha.0

package/dist/server/index.d.ts

@@ -15,6 +15,7 @@ type Variables = {
     taskStore: InMemoryTaskStore;
     playground: boolean;
     isDev: boolean;
+    customRouteAuthConfig?: Map<string, boolean>;
 };
 export declare function getToolExports(tools: Record<string, Function>[]): Record<string, Function> | undefined;
 export declare function createHonoServer(mastra: Mastra, options?: ServerBundleOptions): Promise<Hono<{

package/dist/server/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAE9D,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAE7D,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAuB5B,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AAGnD,KAAK,QAAQ,GAAG,EAAE,CAAC;AAEnB,KAAK,SAAS,GAAG;IACf,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,cAAc,CAAC;IAC/B,OAAO,EAAE,GAAG,CAAC;QAAE,UAAU,EAAE,+BAA+B,CAAA;KAAE,CAAC,CAAC;IAC9D,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAC5B,SAAS,EAAE,iBAAiB,CAAC;IAC7B,UAAU,EAAE,OAAO,CAAC;IACpB,KAAK,EAAE,OAAO,CAAC;CAChB,CAAC;AAEF,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,EAAE,wCAmB/D;AAED,wBAAsB,gBAAgB,CACpC,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,mBAER;cAGgC,QAAQ;eAAa,SAAS;2CAwfhE;AAED,wBAAsB,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,GAAE,mBAAmC,mDAkClG"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAE9D,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAE7D,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAuB5B,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AAGnD,KAAK,QAAQ,GAAG,EAAE,CAAC;AAEnB,KAAK,SAAS,GAAG;IACf,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,cAAc,CAAC;IAC/B,OAAO,EAAE,GAAG,CAAC;QAAE,UAAU,EAAE,+BAA+B,CAAA;KAAE,CAAC,CAAC;IAC9D,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAC5B,SAAS,EAAE,iBAAiB,CAAC;IAC7B,UAAU,EAAE,OAAO,CAAC;IACpB,KAAK,EAAE,OAAO,CAAC;IACf,qBAAqB,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAC9C,CAAC;AAEF,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,EAAE,wCAmB/D;AAED,wBAAsB,gBAAgB,CACpC,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,mBAER;cAGgC,QAAQ;eAAa,SAAS;2CAqgBhE;AAED,wBAAsB,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,GAAE,mBAAmC,mDAkClG"}

package/dist/server/index.js

@@ -5,7 +5,7 @@ import { createServer } from 'http';
 import { Http2ServerRequest } from 'http2';
 import { Writable, Readable } from 'stream';
 import { getMimeType } from 'hono/utils/mime';
-import { createReadStream, lstatSync } from 'fs';
+import { existsSync, createReadStream, lstatSync } from 'fs';
 import { join as join$1 } from 'path';
 import { html } from 'hono/html';
 import { RuntimeContext } from '@mastra/core/runtime-context';
@@ -65,8 +65,7 @@ var Request = class extends GlobalRequest {
     super(input, options);
   }
 };
-var wrapBodyStream = Symbol("wrapBodyStream");
-var newRequestFromIncoming = (method, url, incoming, abortController) => {
+var newHeadersFromIncoming = (incoming) => {
   const headerRecord = [];
   const rawHeaders = incoming.rawHeaders;
   for (let i2 = 0; i2 < rawHeaders.length; i2 += 2) {
@@ -76,9 +75,13 @@ var newRequestFromIncoming = (method, url, incoming, abortController) => {
       headerRecord.push([key, value]);
     }
   }
+  return new Headers(headerRecord);
+};
+var wrapBodyStream = Symbol("wrapBodyStream");
+var newRequestFromIncoming = (method, url, headers, incoming, abortController) => {
   const init = {
     method,
-    headers: headerRecord,
+    headers,
     signal: abortController.signal
   };
   if (method === "TRACE") {
@@ -126,6 +129,7 @@ var getRequestCache = Symbol("getRequestCache");
 var requestCache = Symbol("requestCache");
 var incomingKey = Symbol("incomingKey");
 var urlKey = Symbol("urlKey");
+var headersKey = Symbol("headersKey");
 var abortControllerKey = Symbol("abortControllerKey");
 var getAbortController = Symbol("getAbortController");
 var requestPrototype = {
@@ -135,6 +139,9 @@ var requestPrototype = {
   get url() {
     return this[urlKey];
   },
+  get headers() {
+    return this[headersKey] ||= newHeadersFromIncoming(this[incomingKey]);
+  },
   [getAbortController]() {
     this[getRequestCache]();
     return this[abortControllerKey];
@@ -144,6 +151,7 @@ var requestPrototype = {
     return this[requestCache] ||= newRequestFromIncoming(
       this.method,
       this[urlKey],
+      this.headers,
       this[incomingKey],
       this[abortControllerKey]
     );
@@ -155,7 +163,6 @@ var requestPrototype = {
   "cache",
   "credentials",
   "destination",
-  "headers",
   "integrity",
   "mode",
   "redirect",
@@ -281,17 +288,14 @@ var Response2 = class _Response {
 });
 Object.setPrototypeOf(Response2, GlobalResponse);
 Object.setPrototypeOf(Response2.prototype, GlobalResponse.prototype);
-function writeFromReadableStream(stream7, writable) {
-  if (stream7.locked) {
-    throw new TypeError("ReadableStream is locked.");
-  } else if (writable.destroyed) {
-    return;
-  }
-  const reader = stream7.getReader();
+async function readWithoutBlocking(readPromise) {
+  return Promise.race([readPromise, Promise.resolve().then(() => Promise.resolve(void 0))]);
+}
+function writeFromReadableStreamDefaultReader(reader, writable, currentReadPromise) {
   const handleError2 = () => {
   };
   writable.on("error", handleError2);
-  reader.read().then(flow, handleStreamError);
+  (currentReadPromise ?? reader.read()).then(flow, handleStreamError);
   return reader.closed.finally(() => {
     writable.off("error", handleError2);
   });
@@ -317,6 +321,14 @@ function writeFromReadableStream(stream7, writable) {
     }
   }
 }
+function writeFromReadableStream(stream7, writable) {
+  if (stream7.locked) {
+    throw new TypeError("ReadableStream is locked.");
+  } else if (writable.destroyed) {
+    return;
+  }
+  return writeFromReadableStreamDefaultReader(stream7.getReader(), writable);
+}
 var buildOutgoingHttpHeaders = (headers) => {
   const res = {};
   if (!(headers instanceof Headers)) {
@@ -351,8 +363,6 @@ global.fetch = (info, init) => {
   return webFetch(info, init);
 };
 var outgoingEnded = Symbol("outgoingEnded");
-var regBuffer = /^no$/i;
-var regContentType = /^(application\/json\b|text\/(?!event-stream\b))/i;
 var handleRequestError = () => new Response(null, {
   status: 400
 });
@@ -423,23 +433,50 @@ var responseViaResponseObject = async (res, outgoing, options = {}) => {
   }
   const resHeaderRecord = buildOutgoingHttpHeaders(res.headers);
   if (res.body) {
-    const {
-      "transfer-encoding": transferEncoding,
-      "content-encoding": contentEncoding,
-      "content-length": contentLength,
-      "x-accel-buffering": accelBuffering,
-      "content-type": contentType
-    } = resHeaderRecord;
-    if (transferEncoding || contentEncoding || contentLength || // nginx buffering variant
-    accelBuffering && regBuffer.test(accelBuffering) || !regContentType.test(contentType)) {
-      outgoing.writeHead(res.status, resHeaderRecord);
-      flushHeaders(outgoing);
-      await writeFromReadableStream(res.body, outgoing);
+    const reader = res.body.getReader();
+    const values = [];
+    let done = false;
+    let currentReadPromise = void 0;
+    if (resHeaderRecord["transfer-encoding"] !== "chunked") {
+      let maxReadCount = 2;
+      for (let i2 = 0; i2 < maxReadCount; i2++) {
+        currentReadPromise ||= reader.read();
+        const chunk = await readWithoutBlocking(currentReadPromise).catch((e2) => {
+          console.error(e2);
+          done = true;
+        });
+        if (!chunk) {
+          if (i2 === 1) {
+            await new Promise((resolve) => setTimeout(resolve));
+            maxReadCount = 3;
+            continue;
+          }
+          break;
+        }
+        currentReadPromise = void 0;
+        if (chunk.value) {
+          values.push(chunk.value);
+        }
+        if (chunk.done) {
+          done = true;
+          break;
+        }
+      }
+      if (done && !("content-length" in resHeaderRecord)) {
+        resHeaderRecord["content-length"] = values.reduce((acc, value) => acc + value.length, 0);
+      }
+    }
+    outgoing.writeHead(res.status, resHeaderRecord);
+    values.forEach((value) => {
+      outgoing.write(value);
+    });
+    if (done) {
+      outgoing.end();
     } else {
-      const buffer = await res.arrayBuffer();
-      resHeaderRecord["content-length"] = buffer.byteLength;
-      outgoing.writeHead(res.status, resHeaderRecord);
-      outgoing.end(new Uint8Array(buffer));
+      if (values.length === 0) {
+        flushHeaders(outgoing);
+      }
+      await writeFromReadableStreamDefaultReader(reader, outgoing, currentReadPromise);
     }
   } else if (resHeaderRecord[X_ALREADY_SENT]) ; else {
     outgoing.writeHead(res.status, resHeaderRecord);
@@ -581,6 +618,9 @@ var getStats = (path) => {
 var serveStatic = (options = { root: "" }) => {
   const root = options.root || "";
   const optionPath = options.path;
+  if (root !== "" && !existsSync(root)) {
+    console.error(`serveStatic: root path '${root}' is not found, are you sure it's correct?`);
+  }
   return async (c2, next) => {
     if (c2.finalized) {
       return next();
@@ -648,8 +688,8 @@ var serveStatic = (options = { root: "" }) => {
     c2.header("Accept-Ranges", "bytes");
     c2.header("Date", stats.birthtime.toUTCString());
     const parts = range.replace(/bytes=/, "").split("-", 2);
-    const start = parts[0] ? parseInt(parts[0], 10) : 0;
-    let end = parts[1] ? parseInt(parts[1], 10) : stats.size - 1;
+    const start = parseInt(parts[0], 10) || 0;
+    let end = parseInt(parts[1], 10) || size - 1;
     if (size < end - start + 1) {
       end = size - 1;
     }
@@ -1004,6 +1044,20 @@ var defaultAuthConfig = {
 var isDevPlaygroundRequest = (req) => {
   return req.header("x-mastra-dev-playground") === "true" && process.env.MASTRA_DEV === "true";
 };
+var isCustomRoutePublic = (path, method, customRouteAuthConfig) => {
+  if (!customRouteAuthConfig) {
+    return false;
+  }
+  const routeKey = `${method}:${path}`;
+  if (customRouteAuthConfig.has(routeKey)) {
+    return !customRouteAuthConfig.get(routeKey);
+  }
+  const allRouteKey = `ALL:${path}`;
+  if (customRouteAuthConfig.has(allRouteKey)) {
+    return !customRouteAuthConfig.get(allRouteKey);
+  }
+  return false;
+};
 var isProtectedPath = (path, method, authConfig) => {
   const protectedAccess = [...defaultAuthConfig.protected || [], ...authConfig.protected || []];
   return isAnyMatch(path, method, protectedAccess);
@@ -1090,12 +1144,16 @@ var checkRules = async (rules, path, method, user) => {
 var authenticationMiddleware = async (c2, next) => {
   const mastra = c2.get("mastra");
   const authConfig = mastra.getServer()?.experimental_auth;
+  const customRouteAuthConfig = c2.get("customRouteAuthConfig");
   if (!authConfig) {
     return next();
   }
   if (isDevPlaygroundRequest(c2.req)) {
     return next();
   }
+  if (isCustomRoutePublic(c2.req.path, c2.req.method, customRouteAuthConfig)) {
+    return next();
+  }
   if (!isProtectedPath(c2.req.path, c2.req.method, authConfig)) {
     return next();
   }
@@ -1130,6 +1188,7 @@ var authenticationMiddleware = async (c2, next) => {
 var authorizationMiddleware = async (c2, next) => {
   const mastra = c2.get("mastra");
   const authConfig = mastra.getServer()?.experimental_auth;
+  const customRouteAuthConfig = c2.get("customRouteAuthConfig");
   if (!authConfig) {
     return next();
   }
@@ -1138,6 +1197,9 @@ var authorizationMiddleware = async (c2, next) => {
   if (isDevPlaygroundRequest(c2.req)) {
     return next();
   }
+  if (isCustomRoutePublic(path, method, customRouteAuthConfig)) {
+    return next();
+  }
   if (!isProtectedPath(c2.req.path, c2.req.method, authConfig)) {
     return next();
   }
@@ -10971,6 +11033,15 @@ async function createHonoServer(mastra, options = {
   const app = new Hono();
   const server = mastra.getServer();
   const a2aTaskStore = new InMemoryTaskStore();
+  const routes = server?.apiRoutes;
+  const customRouteAuthConfig = /* @__PURE__ */ new Map();
+  if (routes) {
+    for (const route of routes) {
+      const requiresAuth = route.requiresAuth !== false;
+      const routeKey = `${route.method}:${route.path}`;
+      customRouteAuthConfig.set(routeKey, requiresAuth);
+    }
+  }
   app.use("*", async function setTelemetryInfo(c2, next) {
     const requestId = c2.req.header("x-request-id") ?? randomUUID();
     const span = Telemetry.getActiveSpan();
@@ -11033,6 +11104,7 @@ async function createHonoServer(mastra, options = {
     c2.set("taskStore", a2aTaskStore);
     c2.set("playground", options.playground === true);
     c2.set("isDev", options.isDev === true);
+    c2.set("customRouteAuthConfig", customRouteAuthConfig);
     return next();
   });
   const serverMiddleware = mastra.getServerMiddleware?.();
@@ -11062,7 +11134,6 @@ async function createHonoServer(mastra, options = {
     // 4.5 MB,
     onError: (c2) => c2.json({ error: "Request body too large" }, 413)
   };
-  const routes = server?.apiRoutes;
   if (server?.middleware) {
     const normalizedMiddlewares = Array.isArray(server.middleware) ? server.middleware : [server.middleware];
     const middlewares = normalizedMiddlewares.map((middleware2) => {