@moku-labs/web 0.1.0-alpha.1 → 0.1.0-alpha.3

package/dist/test.d.cts

@@ -1,4 +1,4 @@
-import { C as EnvApi, D as EnvVarSpec, E as EnvState, O as LogApi, T as EnvProvider, d as RouteBuilder, k as LogState, r as WebAppConfig, w as EnvConfig } from "./route-builder-Lv6HUVvP.cjs";
+import { A as EnvVarSpec, D as EnvConfig, E as EnvApi, M as LogState, O as EnvProvider, j as LogApi, k as EnvState, r as WebAppConfig, u as RouteBuilder } from "./route-builder-CKvvehVO.cjs";
 import { WebApp } from "./index.cjs";
 import * as _moku_labs_core0 from "@moku-labs/core";
 

package/dist/test.d.mts

@@ -1,4 +1,4 @@
-import { C as EnvApi, D as EnvVarSpec, E as EnvState, O as LogApi, T as EnvProvider, d as RouteBuilder, k as LogState, r as WebAppConfig, w as EnvConfig } from "./index-CWdZdegx.mjs";
+import { A as EnvVarSpec, D as EnvConfig, E as EnvApi, M as LogState, O as EnvProvider, j as LogApi, k as EnvState, r as WebAppConfig, u as RouteBuilder } from "./index-CddOHo8I.mjs";
 import { WebApp } from "./index.mjs";
 import * as _moku_labs_core0 from "@moku-labs/core";
 

package/dist/test.mjs

@@ -1,5 +1,5 @@
 import { _ as createEnvState, g as validateSchema, h as createLogApi, m as createLogState, v as createEnvApi } from "./factory-DwpBwjDk.mjs";
-import "./project-BTNUWbGQ.mjs";
+import "./project-BaG_ipVz.mjs";
 import { createApp } from "./index.mjs";
 import { createCorePlugin } from "@moku-labs/core";
 

package/dist/wrangler-BHdkyMRj.cjs

@@ -0,0 +1,423 @@
+const require_project = require('./project-1pAh4RxJ.cjs');
+let node_fs = require("node:fs");
+let node_fs_promises = require("node:fs/promises");
+let node_path = require("node:path");
+let node_os = require("node:os");
+
+//#region src/plugins/deploy/generators/wrangler-config.ts
+/** @file deploy plugin wrangler.jsonc generator — emit + read + diff. */
+const todayIsoDate = () => (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
+/**
+* Generate the textual contents of `wrangler.jsonc`.
+*
+* The file is written by `init` once and treated as the deploy-time SSoT
+* thereafter. A header comment warns against using Cloudflare's dashboard
+* git-auto-build, which does NOT recognize `.jsonc`.
+*
+* @param input - Slug, outdir, and optional compatibility date.
+* @returns JSONC text suitable for writing to `wrangler.jsonc`.
+*/
+const generateWranglerConfig = (input) => {
+	const compat = input.compatibilityDate ?? todayIsoDate();
+	const body = {
+		name: input.slug,
+		pages_build_output_dir: input.outdir,
+		compatibility_date: compat
+	};
+	return [
+		"// wrangler.jsonc — generated by `moku deploy init`.",
+		"// Do NOT use Cloudflare Pages dashboard git-push auto-build with this config —",
+		"// wrangler.jsonc is recognized by wrangler CLI only. Use .github/workflows/deploy.yml instead.",
+		"//",
+		"// Edit `name` to change the Cloudflare Pages project this repo deploys to.",
+		"// Edit `pages_build_output_dir` to change the upload directory.",
+		JSON.stringify(body, null, 2),
+		""
+	].join("\n");
+};
+/** Strip `//` line comments from JSONC text (block comments are not supported by the generator). */
+const stripLineComments = (text) => text.split("\n").map((line) => {
+	const idx = line.indexOf("//");
+	if (idx === -1) return line;
+	const before = line.slice(0, idx);
+	if ((before.match(/"/g) ?? []).length % 2 === 1) return line;
+	return before.replace(/\s+$/, "");
+}).join("\n");
+/** Narrow an unknown parsed value into the {@link WranglerConfigShape} or `null`. */
+const parseShape = (value) => {
+	if (typeof value !== "object" || value === null || Array.isArray(value)) return null;
+	const fields = {};
+	for (const [k, v] of Object.entries(value)) fields[k] = v;
+	const name = fields.name;
+	const outdir = fields.pages_build_output_dir;
+	const compat = fields.compatibility_date;
+	if (typeof name !== "string" || typeof outdir !== "string" || typeof compat !== "string") return null;
+	return {
+		name,
+		pages_build_output_dir: outdir,
+		compatibility_date: compat
+	};
+};
+/**
+* Read and parse `wrangler.jsonc` from disk.
+*
+* @param cwd - Project root.
+* @returns The parsed shape, or `null` if missing or unparseable.
+*/
+const readWranglerConfig = (cwd) => {
+	const filePath = (0, node_path.join)(cwd, "wrangler.jsonc");
+	if (!(0, node_fs.existsSync)(filePath)) return null;
+	try {
+		const stripped = stripLineComments((0, node_fs.readFileSync)(filePath, "utf8"));
+		return parseShape(JSON.parse(stripped));
+	} catch {
+		return null;
+	}
+};
+/**
+* Compute the diff between an on-disk config and the proposed new values.
+*
+* @param current - Parsed wrangler.jsonc on disk, or null if file is missing.
+* @param proposed - Newly computed values (slug, outdir).
+* @returns Array of {@link DiffEntry} — empty when no drift.
+*/
+const diffWranglerConfig = (current, proposed) => {
+	if (current === null) return [{
+		field: "name",
+		current: "(missing)",
+		proposed: proposed.slug
+	}, {
+		field: "pages_build_output_dir",
+		current: "(missing)",
+		proposed: proposed.outdir
+	}];
+	const out = [];
+	if (current.name !== proposed.slug) out.push({
+		field: "name",
+		current: current.name,
+		proposed: proposed.slug
+	});
+	if (current.pages_build_output_dir !== proposed.outdir) out.push({
+		field: "pages_build_output_dir",
+		current: current.pages_build_output_dir,
+		proposed: proposed.outdir
+	});
+	return out;
+};
+/** Write `wrangler.jsonc` content to disk. */
+const writeWranglerConfig = async (cwd, content) => {
+	await (0, node_fs_promises.writeFile)((0, node_path.join)(cwd, "wrangler.jsonc"), content, "utf8");
+};
+
+//#endregion
+//#region src/plugins/deploy/wrangler.ts
+/** @file deploy plugin subprocess wrapper — Bun.spawn wrangler invocation, scrubSecrets, error taxonomy.
+*
+* Security note: This file is the credential seam — every wrangler call flows through here. `scrubSecrets()`
+* must be applied to every stderr capture BEFORE any `ctx.log` call. Tests for `scrubSecrets` must pass
+* before any other module touches wrangler stderr.
+*/
+/**
+* Single source of truth for the wrangler version, consumed by `ensureWrangler()` AND
+* `generators/github-workflow.ts`. Bumping this constant atomically updates both local and
+* CI surfaces. 4.34.0 is the documented minimum for 100k-file paid-tier Cloudflare Pages deploys.
+*/
+const MOKU_WRANGLER_VERSION = "4.34.0";
+/**
+* Pinned SHA of `cloudflare/wrangler-action`. Reviewable on each plugin release.
+* Semver tags are mutable and supply-chain-risky; SHA-pinning is required by
+* GitHub org/enterprise policy since August 2025.
+*
+* To bump: pick a fresh commit SHA from https://github.com/cloudflare/wrangler-action/commits/main,
+* paste it here, and add a CHANGELOG entry.
+*/
+const WRANGLER_ACTION_SHA = "f84a562284fc78278ff9052435d9526f9c718361";
+const MIN_ENTROPY_BITS_PER_CHAR = 3.5;
+const MIN_SECRET_LENGTH = 16;
+const ERROR_CODE_PROJECT_NOT_FOUND = 8000007;
+/** Default allowlist — values for these env vars are NEVER scrubbed. */
+const DEFAULT_SCRUB_ALLOWLIST = new Set(["CLOUDFLARE_ACCOUNT_ID"]);
+/**
+* Build the wrangler argv array — pure function consumed by BOTH `runWrangler()` (runtime)
+* AND `generators/github-workflow.ts` (CI workflow command string). Single point of change
+* for the future `target: 'workers'` migration.
+*
+* The Pages branch deliberately omits `--project-name` — wrangler reads the project name
+* from `wrangler.jsonc#name`, which is the deploy-time single source of truth.
+*
+* @param target - Deploy target. `'workers'` is not implemented in Phase 1.
+* @param outdir - Resolved build output directory (typically read from wrangler.jsonc).
+* @param branch - Branch name to deploy to (defaults to production branch).
+* @returns Argv array suitable for `Bun.spawn(['bunx', 'wrangler@VERSION', ...args])`.
+* @throws Error when `target === 'workers'`.
+*/
+const buildWranglerArgs = (target, outdir, branch) => {
+	if (target === "workers") throw new Error("deploy: target \"workers\" is not implemented in Phase 1 — Cloudflare Pages only");
+	return [
+		"pages",
+		"deploy",
+		outdir,
+		"--branch",
+		branch
+	];
+};
+/**
+* Compute Shannon entropy (bits per character) of a string.
+*
+* Exported for testing — used by `scrubSecrets` to decide whether a candidate value
+* is high-entropy enough to be treated as a secret.
+*
+* @param value - The string to measure.
+* @returns Entropy in bits per character (0 for empty strings).
+*/
+const shannonEntropy = (value) => {
+	if (value.length === 0) return 0;
+	const counts = /* @__PURE__ */ new Map();
+	for (const ch of value) counts.set(ch, (counts.get(ch) ?? 0) + 1);
+	let entropy = 0;
+	for (const count of counts.values()) {
+		const p = count / value.length;
+		entropy -= p * Math.log2(p);
+	}
+	return entropy;
+};
+/** Escape a string for safe insertion into a regular expression. */
+const escapeRegExp = (value) => value.replaceAll(/[.*+?^${}()|[\]\\]/g, "\\$&");
+/**
+* Replace high-entropy environment-variable values in `text` with `[REDACTED]`.
+*
+* Algorithm: for each env var, scrub its value when (a) the var name is NOT in
+* `allowlist`, (b) the value's length is at least {@link MIN_SECRET_LENGTH}, and
+* (c) the value's Shannon entropy is at least {@link MIN_ENTROPY_BITS_PER_CHAR} bits/char.
+*
+* Account IDs and similar low-entropy non-secret identifiers are NEVER scrubbed
+* (they appear in legitimate diagnostic URLs). Error code prefixes like `8000007`
+* are too short and too low-entropy to be flagged.
+*
+* @param text - The text to scrub (typically wrangler stderr).
+* @param env - Environment variable map whose values may appear in `text`.
+* @param allowlist - Env var names whose values must NEVER be scrubbed. Defaults to {@link DEFAULT_SCRUB_ALLOWLIST}.
+* @returns The scrubbed text — high-entropy values replaced by `[REDACTED]`.
+*/
+const scrubSecrets = (text, env, allowlist = DEFAULT_SCRUB_ALLOWLIST) => {
+	let scrubbed = text;
+	for (const [name, value] of Object.entries(env)) {
+		if (value === void 0 || value === "") continue;
+		if (allowlist.has(name)) continue;
+		if (value.length < MIN_SECRET_LENGTH) continue;
+		if (shannonEntropy(value) < MIN_ENTROPY_BITS_PER_CHAR) continue;
+		scrubbed = scrubbed.replaceAll(new RegExp(escapeRegExp(value), "g"), "[REDACTED]");
+	}
+	return scrubbed;
+};
+/** Read the optional `Bun` global without using an inline type assertion. */
+const getBunGlobal = () => globalThis;
+const defaultSpawn = (cmd, options) => {
+	const { Bun: bun } = getBunGlobal();
+	if (bun === void 0) throw new Error("deploy: Bun runtime is required to spawn wrangler subprocesses");
+	return bun.spawn(cmd, options);
+};
+/** Structured wrangler error carrying scrubbed stderr and classified `kind`. */
+var WranglerError = class extends Error {
+	kind;
+	exitCode;
+	scrubbedStderr;
+	constructor(kind, exitCode, scrubbedStderr, message) {
+		super(message ?? `wrangler exited with ${exitCode} (${kind})`);
+		this.name = "WranglerError";
+		this.kind = kind;
+		this.exitCode = exitCode;
+		this.scrubbedStderr = scrubbedStderr;
+	}
+};
+/**
+* Classify a wrangler failure into a structured {@link WranglerError}.
+*
+* Inspects parsed ND-JSON output first (looking for error code 8000007), then
+* falls back to stderr pattern matching for JWT-expiry, network, and auth signals.
+*
+* @param exitCode - Process exit code.
+* @param scrubbedStderr - Stderr text AFTER `scrubSecrets`.
+* @param ndJson - Parsed ND-JSON entries from `WRANGLER_OUTPUT_FILE_PATH` (may be empty).
+* @returns A {@link WranglerError} with a user-actionable message.
+*/
+const classifyWranglerError = (exitCode, scrubbedStderr, ndJson) => {
+	for (const entry of ndJson) {
+		const code = entry.code;
+		if (typeof code === "number" && code === ERROR_CODE_PROJECT_NOT_FOUND) return new WranglerError("project-not-found", exitCode, scrubbedStderr, "Cloudflare project not found. Run `wrangler pages project create <slug>` or `moku deploy init --create-project`.");
+	}
+	if (/Expired JWT|403[^\n]*upload/i.test(scrubbedStderr)) return new WranglerError("jwt-expired", exitCode, scrubbedStderr, "Wrangler JWT expired mid-upload (large site). Re-run `moku deploy` to retry.");
+	if (/ETIMEDOUT|ENETUNREACH|ECONNREFUSED/i.test(scrubbedStderr)) return new WranglerError("network", exitCode, scrubbedStderr, "Network error contacting Cloudflare. Check connectivity and retry.");
+	if (exitCode === 401 || exitCode === 403 || /unauthorized|forbidden/i.test(scrubbedStderr)) return new WranglerError("auth", exitCode, scrubbedStderr, "Cloudflare auth failed. Local: run `wrangler login`. CI: verify CLOUDFLARE_API_TOKEN + CLOUDFLARE_ACCOUNT_ID secrets are set and the token has \"Account → Cloudflare Pages → Edit\" permission.");
+	return new WranglerError("unknown", exitCode, scrubbedStderr, `wrangler exited with code ${exitCode}.`);
+};
+/** Cast a parsed JSON value to a typed Record without an inline assertion. */
+const asObject = (value) => {
+	if (typeof value !== "object" || value === null) return null;
+	if (Array.isArray(value)) return null;
+	const result = {};
+	for (const [k, v] of Object.entries(value)) result[k] = v;
+	return result;
+};
+/**
+* Parse a wrangler ND-JSON output file (one JSON object per line).
+*
+* Lines that fail to parse are silently skipped — wrangler emits human-readable
+* lines interleaved with structured entries in some failure modes.
+*
+* @param filePath - Path written by `WRANGLER_OUTPUT_FILE_PATH`.
+* @returns Array of parsed entries; empty array if the file is missing or empty.
+*/
+const parseNdJson = async (filePath) => {
+	let raw;
+	try {
+		raw = await (0, node_fs_promises.readFile)(filePath, "utf8");
+	} catch {
+		return [];
+	}
+	const lines = raw.split("\n").filter((line) => line.trim() !== "");
+	const out = [];
+	for (const line of lines) try {
+		const parsed = asObject(JSON.parse(line));
+		if (parsed !== null) out.push(parsed);
+	} catch {}
+	return out;
+};
+/**
+* Spawn `bunx wrangler@VERSION <args>` and return structured output.
+*
+* Always sets `WRANGLER_OUTPUT_FILE_PATH` (ND-JSON) and `WRANGLER_SEND_METRICS=false`.
+* Always scrubs stderr via {@link scrubSecrets} before returning or throwing.
+*
+* @param args - Wrangler subcommand argv (e.g., `['pages', 'deploy', 'dist', '--branch', 'main']`).
+* @param env - Environment passed to the subprocess. Token-bearing values are scrubbed from stderr output.
+* @param spawn - Spawn implementation. Injectable for tests.
+* @returns Stdout, scrubbed stderr, parsed ND-JSON, and exit code.
+* @throws {@link WranglerError} on non-zero exit.
+*/
+const runWrangler = async (args, env, spawn = defaultSpawn) => {
+	const temporaryDir = await (0, node_fs_promises.mkdtemp)((0, node_path.join)((0, node_os.tmpdir)(), "moku-deploy-"));
+	const outputPath = (0, node_path.join)(temporaryDir, "wrangler-output.ndjson");
+	const spawnEnv = {
+		...env,
+		WRANGLER_OUTPUT_FILE_PATH: outputPath,
+		WRANGLER_SEND_METRICS: "false"
+	};
+	try {
+		const proc = spawn([
+			"bunx",
+			`wrangler@${MOKU_WRANGLER_VERSION}`,
+			...args
+		], {
+			env: spawnEnv,
+			stdout: "pipe",
+			stderr: "pipe"
+		});
+		const [stdoutText, stderrText] = await Promise.all([new Response(proc.stdout).text(), new Response(proc.stderr).text()]);
+		const exitCode = await proc.exited;
+		const scrubbedStderr = scrubSecrets(stderrText, env);
+		const ndJson = await parseNdJson(outputPath);
+		if (exitCode !== 0) throw classifyWranglerError(exitCode, scrubbedStderr, ndJson);
+		return {
+			stdout: stdoutText,
+			scrubbedStderr,
+			ndJson,
+			exitCode
+		};
+	} finally {
+		await (0, node_fs_promises.rm)(temporaryDir, {
+			recursive: true,
+			force: true
+		}).catch(() => {});
+	}
+};
+/** Read `url` + deployment id from a single ND-JSON entry, if both are present. */
+const readDeploymentEntry = (entry) => {
+	const url = entry.url;
+	const id = entry.deployment_id ?? entry.id;
+	if (typeof url !== "string" || typeof id !== "string") return null;
+	return {
+		url,
+		deploymentId: id
+	};
+};
+/**
+* Extract the deployment URL and deployment ID from wrangler's ND-JSON output.
+*
+* Wrangler `pages deploy` writes a `deployment` entry containing the live URL
+* and ID once the upload finalizes. Falls back to scanning the entries for any
+* `url` field if the canonical entry shape is missing.
+*
+* @param ndJson - Parsed entries from {@link parseNdJson}.
+* @returns `{ url, deploymentId }` if discoverable; `null` otherwise.
+*/
+const extractDeploymentInfo = (ndJson) => {
+	for (const entry of ndJson) {
+		const type = entry.type;
+		if (type === "deployment" || type === "pages-deployment") {
+			const info = readDeploymentEntry(entry);
+			if (info !== null) return info;
+		}
+	}
+	for (const entry of ndJson) {
+		const info = readDeploymentEntry(entry);
+		if (info !== null) return info;
+	}
+	return null;
+};
+
+//#endregion
+Object.defineProperty(exports, 'MOKU_WRANGLER_VERSION', {
+  enumerable: true,
+  get: function () {
+    return MOKU_WRANGLER_VERSION;
+  }
+});
+Object.defineProperty(exports, 'WRANGLER_ACTION_SHA', {
+  enumerable: true,
+  get: function () {
+    return WRANGLER_ACTION_SHA;
+  }
+});
+Object.defineProperty(exports, 'buildWranglerArgs', {
+  enumerable: true,
+  get: function () {
+    return buildWranglerArgs;
+  }
+});
+Object.defineProperty(exports, 'diffWranglerConfig', {
+  enumerable: true,
+  get: function () {
+    return diffWranglerConfig;
+  }
+});
+Object.defineProperty(exports, 'extractDeploymentInfo', {
+  enumerable: true,
+  get: function () {
+    return extractDeploymentInfo;
+  }
+});
+Object.defineProperty(exports, 'generateWranglerConfig', {
+  enumerable: true,
+  get: function () {
+    return generateWranglerConfig;
+  }
+});
+Object.defineProperty(exports, 'readWranglerConfig', {
+  enumerable: true,
+  get: function () {
+    return readWranglerConfig;
+  }
+});
+Object.defineProperty(exports, 'runWrangler', {
+  enumerable: true,
+  get: function () {
+    return runWrangler;
+  }
+});
+Object.defineProperty(exports, 'writeWranglerConfig', {
+  enumerable: true,
+  get: function () {
+    return writeWranglerConfig;
+  }
+});