@misterzik/espressojs 3.2.6 → 3.3.1

package/CHANGELOG.md

@@ -0,0 +1,115 @@
+# Changelog
+
+All notable changes to EspressoJS will be documented in this file.
+
+## [3.3.1] - 2024-01-01
+
+### Added
+- **Multiple API Endpoints Support**
+  - Configure unlimited API endpoints using `api`, `api2`, `api3`, etc. pattern
+  - New `APIManager` class for managing multiple APIs
+  - Support for per-API timeout and retry configuration
+  - Automatic retry with exponential backoff
+  - API health checking and fallback patterns
+  - Comprehensive documentation in `docs/MULTIPLE-APIS.md`
+  - Example implementation in `examples/multiple-apis.js`
+
+- **Configuration Enhancements**
+  - Added `publicDirectory` option to customize static files location
+  - Added `timeout` option for API requests (default: 30000ms)
+  - Added `retries` option for automatic retry (0-5 attempts)
+  - Support for HEAD and OPTIONS HTTP methods
+  - Unknown configuration keys now allowed for flexibility
+
+- **API Manager Features**
+  - `request(apiName, endpoint, options)` - Make API requests
+  - `getAPI(name)` - Get specific API configuration
+  - `getAllAPIs()` - List all configured APIs
+  - `hasAPI(name)` - Check API availability
+  - `createAxiosInstance(apiName)` - Create custom Axios client
+
+### Changed
+- Configuration validator now supports dynamic API endpoints
+- Static file serving now uses `publicDirectory` from config
+- Exported `apiManager` and `config` from main module
+
+### Fixed
+- Configuration validation now properly handles multiple API endpoints
+- Better error messages for API configuration issues
+
+## [3.3.0] - 2024-01-01
+
+### Added
+- **Security Enhancements**
+  - Helmet.js integration for secure HTTP headers
+  - Express rate limiting to prevent abuse
+  - Enhanced CORS configuration
+  - Content Security Policy (CSP) headers
+
+- **Advanced Logging**
+  - Winston logger with multiple transports
+  - File-based logging (combined, error, exceptions, rejections)
+  - Colored console output
+  - HTTP request logging with Morgan
+
+- **Error Handling**
+  - Centralized error handling middleware
+  - Custom AppError class for operational errors
+  - Async error handler wrapper
+  - 404 not found handler
+  - Graceful error responses
+
+- **Health Monitoring**
+  - `/health` endpoint with system metrics
+  - `/ready` readiness probe
+  - `/alive` liveness probe
+  - Memory and CPU usage reporting
+  - Database connection status
+
+- **Configuration Management**
+  - Joi-based configuration validation
+  - Default configuration fallback
+  - Enhanced error handling for config files
+  - Environment variable validation
+
+- **CLI Improvements**
+  - `init` command to create config.json
+  - `validate` command to check configuration
+  - `version` command for version info
+  - Better error messages and formatting
+  - Command help system
+
+- **Graceful Shutdown**
+  - SIGTERM and SIGINT handling
+  - Proper cleanup of MongoDB connections
+  - HTTP server graceful close
+  - Timeout-based forced shutdown
+
+- **Developer Experience**
+  - Better startup banner with configuration info
+  - Improved error messages
+  - Enhanced documentation
+  - Request body size limits (10mb)
+
+### Changed
+- Updated dependencies to latest versions
+- Improved MongoDB connection handling
+- Enhanced route loading with error handling
+- Better default responses for missing files
+- Modernized CLI with spawn instead of exec
+
+### Fixed
+- Configuration file reading errors
+- MongoDB connection error handling
+- Route loading failures
+- Missing file handling
+
+## [3.2.6] - 2023-07-01
+
+### Initial Release
+- Basic Express server setup
+- MongoDB integration
+- Configuration management
+- CLI tools
+- Static file serving
+- CORS and compression support

package/CONTRIBUTING.md

@@ -0,0 +1,96 @@
+# Contributing to EspressoJS
+
+Thank you for considering contributing to EspressoJS! This document provides guidelines and instructions for contributing.
+
+## Code of Conduct
+
+- Be respectful and inclusive
+- Provide constructive feedback
+- Focus on what is best for the community
+- Show empathy towards other community members
+
+## How to Contribute
+
+### Reporting Bugs
+
+Before creating bug reports, please check existing issues. When creating a bug report, include:
+
+- **Clear title and description**
+- **Steps to reproduce** the behavior
+- **Expected behavior**
+- **Actual behavior**
+- **Environment details** (OS, Node version, npm version)
+- **Code samples** if applicable
+
+### Suggesting Enhancements
+
+Enhancement suggestions are tracked as GitHub issues. When creating an enhancement suggestion, include:
+
+- **Clear title and description**
+- **Use case** for the enhancement
+- **Proposed solution** or implementation
+- **Alternative solutions** you've considered
+
+### Pull Requests
+
+1. Fork the repository
+2. Create a new branch (`git checkout -b feature/amazing-feature`)
+3. Make your changes
+4. Commit your changes (`git commit -m 'Add amazing feature'`)
+5. Push to the branch (`git push origin feature/amazing-feature`)
+6. Open a Pull Request
+
+#### Pull Request Guidelines
+
+- Follow the existing code style
+- Update documentation as needed
+- Add tests if applicable
+- Ensure all tests pass
+- Keep commits atomic and well-described
+- Reference related issues in PR description
+
+## Development Setup
+
+```bash
+# Clone the repository
+git clone https://github.com/misterzik/Espresso.js.git
+cd Espresso.js
+
+# Install dependencies
+npm install
+
+# Run in development mode
+npm run dev
+```
+
+## Code Style
+
+- Use 2 spaces for indentation
+- Use semicolons
+- Use single quotes for strings
+- Add comments for complex logic
+- Follow existing patterns in the codebase
+
+## Testing
+
+Before submitting a PR, ensure:
+
+- Code follows the style guide
+- All existing tests pass
+- New features include tests
+- Documentation is updated
+
+## Commit Messages
+
+- Use present tense ("Add feature" not "Added feature")
+- Use imperative mood ("Move cursor to..." not "Moves cursor to...")
+- Limit first line to 72 characters
+- Reference issues and PRs when applicable
+
+## Questions?
+
+Feel free to open an issue with your question or reach out to the maintainers.
+
+## License
+
+By contributing, you agree that your contributions will be licensed under the MIT License.

package/ENHANCEMENTS.md

@@ -0,0 +1,262 @@
+# EspressoJS v3.3.0 - Enhancement Summary
+
+This document outlines all the major enhancements made to modernize the EspressoJS framework.
+
+## 🎯 Overview
+
+EspressoJS has been upgraded from a basic Express boilerplate to a **production-ready, enterprise-grade framework** with modern security, logging, error handling, and developer experience improvements.
+
+## 🔐 Security Enhancements
+
+### Helmet.js Integration
+- **Location**: `server/middleware/security.js`
+- **Features**:
+  - Content Security Policy (CSP)
+  - XSS Protection
+  - HSTS headers
+  - Frame protection
+  - Cross-origin policies
+
+### Rate Limiting
+- **General Rate Limit**: 100 requests per 15 minutes
+- **API Rate Limit**: 200 requests per 15 minutes
+- **Strict Rate Limit**: 10 requests per 15 minutes (for sensitive endpoints)
+- Configurable per-route rate limiting
+
+### Enhanced CORS
+- Pre-configured CORS middleware
+- Customizable origin policies
+- Credential support
+
+## 📝 Logging System
+
+### Winston Logger
+- **Location**: `server/utils/logger.js`
+- **Features**:
+  - Multiple log levels (error, warn, info, http, debug)
+  - Color-coded console output
+  - File-based logging with rotation
+  - Exception and rejection handlers
+
+### Log Files
+- `logs/combined.log` - All application logs
+- `logs/error.log` - Error logs only
+- `logs/exceptions.log` - Uncaught exceptions
+- `logs/rejections.log` - Unhandled promise rejections
+
+### Morgan Integration
+- HTTP request logging
+- Environment-specific formats (dev/combined)
+- Integrated with Winston logger
+
+## 🛡️ Error Handling
+
+### Centralized Error Handler
+- **Location**: `server/middleware/errorHandler.js`
+- **Components**:
+  - `AppError` class for operational errors
+  - `errorHandler` middleware for global error handling
+  - `notFoundHandler` for 404 errors
+  - `asyncHandler` wrapper for async routes
+
+### Features
+- Environment-specific error responses
+- Stack traces in development
+- Sanitized errors in production
+- Proper HTTP status codes
+
+## 🏥 Health Monitoring
+
+### Health Check Endpoints
+- **Location**: `server/middleware/healthCheck.js`
+
+#### `/health`
+Comprehensive health check with:
+- Server uptime
+- Memory usage
+- CPU metrics
+- Database connection status
+- Environment information
+
+#### `/ready`
+Readiness probe for orchestration platforms (Kubernetes, Docker Swarm)
+
+#### `/alive`
+Liveness probe for monitoring systems
+
+## 🔧 Configuration Management
+
+### Joi Validation
+- **Location**: `server/utils/configValidator.js`
+- Schema-based configuration validation
+- Type checking and constraints
+- Default value handling
+- Detailed error messages
+
+### Enhanced Config Utils
+- **Location**: `server/utils/config.utils.js`
+- Safe file reading with error handling
+- Default configuration fallback
+- Validated writes
+- Better error messages
+
+## 🎮 CLI Improvements
+
+### New Commands
+- **Location**: `server/utils/espresso-cli.js`
+
+| Command | Description |
+|---------|-------------|
+| `init` | Initialize new config.json |
+| `validate` | Validate configuration |
+| `version` | Show version information |
+| `show` | Display current config (enhanced) |
+| `run` | Run server (improved) |
+| `env` | Update environment (enhanced) |
+
+### Features
+- Better error messages with ✓/✗ indicators
+- Improved command help system
+- Spawn-based process management
+- Proper exit codes
+- Input validation
+
+## 🚀 Application Improvements
+
+### Main Application (`index.js`)
+- Graceful shutdown handling (SIGTERM, SIGINT)
+- Proper resource cleanup
+- Enhanced startup banner
+- Better error handling
+- Request body size limits (10MB)
+- Improved MongoDB connection handling
+
+### Routes Enhancement
+- **Location**: `routes/index.js`
+- Async error handling
+- Safe file operations
+- Better error messages
+- Graceful route loading failures
+- Default JSON responses
+
+## 📦 Dependency Updates
+
+### New Dependencies
+```json
+{
+  "helmet": "^7.1.0",
+  "morgan": "^1.10.0",
+  "winston": "^3.11.0",
+  "express-rate-limit": "^7.1.5",
+  "express-validator": "^7.0.1",
+  "joi": "^17.11.0"
+}
+```
+
+### Updated Dependencies
+- `axios`: ^1.4.0 → ^1.6.0
+- `mongoose`: ^7.3.1 → ^8.0.3
+
+## 📚 Documentation
+
+### New Documentation Files
+- `README.md` - Comprehensive documentation (completely rewritten)
+- `QUICKSTART.md` - 5-minute quick start guide
+- `CHANGELOG.md` - Version history and changes
+- `CONTRIBUTING.md` - Contribution guidelines
+- `ENHANCEMENTS.md` - This file
+
+### Example Files
+- `examples/basic-api.js` - REST API examples
+- `examples/mongodb-example.js` - MongoDB integration
+- `examples/README.md` - Examples documentation
+
+## 🎨 Developer Experience
+
+### Improved Startup
+```
+╔═══════════════════════════════════════════════════════╗
+║                   ESPRESSO.JS                         ║
+║              Express Boilerplate Server               ║
+╠═══════════════════════════════════════════════════════╣
+║  Environment: development                             ║
+║  Port:        8080                                    ║
+║  URL:         http://localhost:8080                   ║
+║  MongoDB:     Disabled                                ║
+║  API:         Disabled                                ║
+╚═══════════════════════════════════════════════════════╝
+```
+
+### Better Error Messages
+- Descriptive validation errors
+- Helpful CLI feedback
+- Color-coded console output
+- Stack traces in development
+
+## 🔄 Breaking Changes
+
+### None!
+All changes are backward compatible. Existing EspressoJS projects will continue to work without modifications.
+
+## 📊 Performance Improvements
+
+- Compression enabled by default
+- Static file caching (1 day max-age)
+- ETags enabled
+- Request size limits prevent memory issues
+- Efficient logging with Winston
+
+## 🛠️ Migration Guide
+
+### From v3.2.6 to v3.3.0
+
+1. **Update dependencies**:
+   ```bash
+   npm install
+   ```
+
+2. **Optional: Use new CLI commands**:
+   ```bash
+   node cli validate  # Check your config
+   node cli version   # See version info
+   ```
+
+3. **Optional: Add health checks to monitoring**:
+   - Add `/health` to your monitoring system
+   - Use `/ready` and `/alive` for orchestration
+
+4. **Optional: Use new middleware**:
+   ```javascript
+   const { asyncHandler, AppError } = require('./server/middleware/errorHandler');
+   const logger = require('./server/utils/logger');
+   ```
+
+## 🎯 Future Roadmap
+
+Potential future enhancements:
+- TypeScript support
+- WebSocket integration
+- GraphQL support
+- Built-in testing framework
+- Docker configuration
+- CI/CD templates
+- Swagger/OpenAPI documentation
+- Redis caching support
+- Session management
+- Authentication middleware
+
+## 🙏 Acknowledgments
+
+Built with modern Express.js best practices and inspired by production-grade Node.js applications.
+
+## 📞 Support
+
+- GitHub: https://github.com/misterzik/Espresso.js
+- Issues: https://github.com/misterzik/Espresso.js/issues
+- npm: https://www.npmjs.com/package/@misterzik/espressojs
+
+---
+
+**Version**: 3.3.0  
+**Release Date**: 2024  
+**License**: MIT

package/MIGRATION.md

@@ -0,0 +1,204 @@
+# Migration Guide
+
+This guide helps you upgrade your EspressoJS application to the latest version.
+
+## Upgrading to v3.3.0
+
+### What's New?
+
+EspressoJS v3.3.0 introduces modern security, logging, error handling, and monitoring features while maintaining **100% backward compatibility** with v3.2.6.
+
+### Step 1: Update Dependencies
+
+```bash
+npm install @misterzik/espressojs@latest
+```
+
+This will install all new dependencies automatically:
+- helmet (security)
+- morgan (HTTP logging)
+- winston (application logging)
+- express-rate-limit (rate limiting)
+- express-validator (validation)
+- joi (configuration validation)
+
+### Step 2: Verify Configuration
+
+Your existing `config.json` will continue to work. To validate it:
+
+```bash
+node cli validate
+```
+
+If you see any validation errors, the CLI will guide you on how to fix them.
+
+### Step 3: Optional Enhancements
+
+#### Use Health Check Endpoints
+
+Add health monitoring to your infrastructure:
+
+```bash
+# Check server health
+curl http://localhost:8080/health
+
+# Kubernetes readiness probe
+curl http://localhost:8080/ready
+
+# Kubernetes liveness probe
+curl http://localhost:8080/alive
+```
+
+#### Use the Logger
+
+Replace `console.log` with the new Winston logger:
+
+```javascript
+// Old way
+console.log('Server started');
+console.error('Error occurred');
+
+// New way
+const logger = require('./server/utils/logger');
+logger.info('Server started');
+logger.error('Error occurred');
+```
+
+#### Use Error Handling Middleware
+
+Wrap async routes with `asyncHandler`:
+
+```javascript
+const { asyncHandler, AppError } = require('./server/middleware/errorHandler');
+
+// Old way
+router.get('/users/:id', async (req, res) => {
+  try {
+    const user = await User.findById(req.params.id);
+    res.json(user);
+  } catch (error) {
+    res.status(500).json({ error: error.message });
+  }
+});
+
+// New way
+router.get('/users/:id', asyncHandler(async (req, res) => {
+  const user = await User.findById(req.params.id);
+  if (!user) {
+    throw new AppError('User not found', 404);
+  }
+  res.json(user);
+}));
+```
+
+#### Use New CLI Commands
+
+```bash
+# Initialize new config
+node cli init
+
+# Show version
+node cli version
+
+# Validate config
+node cli validate
+```
+
+### Step 4: Review Logs
+
+The new logging system creates a `logs/` directory with:
+- `combined.log` - All logs
+- `error.log` - Errors only
+- `exceptions.log` - Uncaught exceptions
+- `rejections.log` - Unhandled rejections
+
+Add `logs/` to your `.gitignore` if not already present.
+
+### Step 5: Update Monitoring (Optional)
+
+If you use monitoring tools, add the new health endpoints:
+
+**Kubernetes:**
+```yaml
+livenessProbe:
+  httpGet:
+    path: /alive
+    port: 8080
+readinessProbe:
+  httpGet:
+    path: /ready
+    port: 8080
+```
+
+**Docker Compose:**
+```yaml
+healthcheck:
+  test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
+  interval: 30s
+  timeout: 10s
+  retries: 3
+```
+
+## Breaking Changes
+
+### None!
+
+All changes in v3.3.0 are backward compatible. Your existing code will continue to work without modifications.
+
+## New Features You Get Automatically
+
+Even without code changes, you automatically get:
+
+✅ **Security**: Helmet.js protection, rate limiting, enhanced CORS  
+✅ **Logging**: Winston logger with file and console output  
+✅ **Error Handling**: Centralized error handling  
+✅ **Health Checks**: `/health`, `/ready`, `/alive` endpoints  
+✅ **Graceful Shutdown**: Proper cleanup on SIGTERM/SIGINT  
+✅ **Better Startup**: Enhanced startup banner with config info  
+✅ **Request Limits**: 10MB body size limit to prevent abuse  
+
+## Troubleshooting
+
+### Issue: "Cannot find module 'helmet'"
+
+**Solution**: Run `npm install` to install new dependencies.
+
+### Issue: Logs directory errors
+
+**Solution**: The logs directory is created automatically. Ensure write permissions.
+
+### Issue: Rate limiting too strict
+
+**Solution**: Customize rate limits in your code:
+
+```javascript
+const { apiRateLimiter } = require('./server/middleware/security');
+app.use('/api', apiRateLimiter);
+```
+
+### Issue: Health check returns 503
+
+**Solution**: This is normal if MongoDB is enabled but not connected. Check your MongoDB configuration.
+
+## Rollback
+
+If you need to rollback to v3.2.6:
+
+```bash
+npm install @misterzik/espressojs@3.2.6
+```
+
+## Getting Help
+
+- [GitHub Issues](https://github.com/misterzik/Espresso.js/issues)
+- [Documentation](https://github.com/misterzik/Espresso.js)
+- [Examples](./examples/)
+
+## Next Steps
+
+1. Review the [CHANGELOG.md](./CHANGELOG.md) for detailed changes
+2. Check out [examples/](./examples/) for code samples
+3. Read the updated [README.md](./README.md) for full documentation
+4. See [ENHANCEMENTS.md](./ENHANCEMENTS.md) for technical details
+
+Happy upgrading! ☕