@nubjs/nub-linux-x64 0.2.1 → 0.2.3

package/runtime/preload-async-hooks.mjs

@@ -28,8 +28,8 @@
 // loader worker, not a user realm, so it installs no browser globals.)
 import "./floor-builtin.mjs";
 import {
-  TRANSPILE_EXTS, DATA_EXTS,
-  extname, resolveSpec, loadTranspile, loadData,
+  TRANSPILE_EXTS, PLAIN_JS_EXTS, DATA_EXTS,
+  extname, resolveSpec, loadTranspile, maybeTranspilePlainJs, loadData, isNodeModules,
 } from "./transform-core.mjs";
 import { createRequire, isBuiltin } from "node:module";
 import { existsSync } from "node:fs";
@@ -85,13 +85,26 @@ export async function resolve(specifier, context, nextResolve) {
 // ── Load hook ───────────────────────────────────────────────────────
 export async function load(url, context, nextLoad) {
   const ext = extname(url);
-  if (TRANSPILE_EXTS.has(ext)) {
+  // node_modules deps are NEVER transpiled (the byte-parity boundary). This guard is
+  // make-or-break now that TRANSPILE_EXTS includes `.js`/`.mjs`/`.cjs`: without it,
+  // the compat tier would route every dependency `.js` through oxc. (loadTranspile's
+  // own skip-gate handles the project-source no-op case; this keeps deps off the
+  // pipeline entirely.) Mirrors the fast-tier sync hook's `!isNodeModules` gate.
+  if (TRANSPILE_EXTS.has(ext) && !isNodeModules(url)) {
     // Module-format + decorator detection inside loadTranspile is a synchronous
     // native call (nub's addon), available on every supported Node — no parser
     // warm-up needed (the old `await ensureParser()` for the ESM-only oxc-parser
     // is gone with the package).
     return loadTranspile(url, ext);
   }
+  // Project-source plain JS: transpile ONLY when it carries transformable syntax. A
+  // no-op plain-JS file returns null and falls through to `nextLoad` — Node's own
+  // loader handles it byte-identically, preserving every native CJS/ESM behavior.
+  // node_modules excluded (the byte-parity boundary).
+  if (PLAIN_JS_EXTS.has(ext) && !isNodeModules(url)) {
+    const r = maybeTranspilePlainJs(url, ext);
+    if (r) return r;
+  }
   if (ext in DATA_EXTS) return loadData(url, ext);
   return nextLoad(url, context);
 }

package/runtime/preload-common.cjs

@@ -373,6 +373,13 @@ function makeHooks(core, watchReporting) {
       if (core.TRANSPILE_EXTS.has(ext) && !core.isNodeModules(url)) {
         return core.loadTranspile(url, ext);
       }
+      // Plain JS: transpile only when transformable; else fall through to the raw-
+      // source path below (which hands CJS back as `source:null` → Node's native
+      // CJS loader), byte-identical to a non-intercepted file.
+      if (core.PLAIN_JS_EXTS.has(ext) && !core.isNodeModules(url)) {
+        const r = core.maybeTranspilePlainJs(url, ext);
+        if (r) return r;
+      }
       if (ext in core.DATA_EXTS) return core.loadData(url, ext);
       const { readFileSync } = require("node:fs");
       const source = readFileSync(path);
@@ -432,6 +439,15 @@ function makeHooks(core, watchReporting) {
     if (core.TRANSPILE_EXTS.has(ext) && !core.isNodeModules(url)) {
       return core.loadTranspile(url, ext);
     }
+    // Project-source plain JS (`.js`/`.mjs`/`.cjs`): transpile ONLY when it carries
+    // transformable syntax. A no-op plain-JS file returns null here and falls through
+    // to Node's native loader (the `nextLoad`/relabel path below) BYTE-FOR-BYTE — it
+    // is never intercepted, so native CJS/ESM behavior (the relabel, require.cache,
+    // the require-of-ESM-syntax-`.cjs` error) is preserved. node_modules excluded.
+    if (core.PLAIN_JS_EXTS.has(ext) && !core.isNodeModules(url)) {
+      const r = core.maybeTranspilePlainJs(url, ext);
+      if (r) return r;
+    }
     if (ext in core.DATA_EXTS) return core.loadData(url, ext);
 
     // Fidelity: a `data:` URL whose MIME maps to no module format (e.g.
@@ -673,6 +689,39 @@ function installCjsRequireHooks(core, withClassicTranspile) {
   for (const ext of [".ts", ".cts", ".mts", ".tsx", ".jsx"]) {
     module_._extensions[ext] = transpileExtension;
   }
+
+  // Project-source plain JS (`.js`/`.cjs`) routes through the SAME pipeline so
+  // `using`/`v`-flag-RegExp/decorators lower uniformly on the classic require tier —
+  // but ONLY when the file carries transformable syntax. THREE cases, each preserving
+  // Node's native behavior where it must:
+  //   (1) node_modules dep → native handler (deps are NEVER transpiled). Node has no
+  //       own `_extensions['.cjs']` (only `.js`/`.json`/`.node`), and compiles `.cjs`
+  //       through the same CJS path as `.js`, so the `.cjs` bail falls back to the
+  //       `.js` handler (`|| nativeJs`) — without it a node_modules `.cjs` require
+  //       would call `undefined` and crash.
+  //   (2) project file with transformable syntax → transpile (lower it).
+  //   (3) project file with NOTHING to lower → the ORIGINAL native handler, raw bytes
+  //       compiled exactly as Node would. We never serve our own source for a no-op
+  //       file, so require.cache / the require-of-ESM-syntax-`.cjs` SyntaxError / every
+  //       native CJS behavior is byte-identical.
+  // `.mjs` is ESM-only; Node registers no require.extensions handler for it, so a
+  // `require()` of `.mjs` throws ERR_REQUIRE_ESM as before — we don't override it.
+  const nativeJs = module_._extensions[".js"];
+  for (const ext of [".js", ".cjs"]) {
+    const origExtension = module_._extensions[ext] || nativeJs;
+    module_._extensions[ext] = (mod, filename) => {
+      if (core.isNodeModules(pathToFileURL(filename).href)) {
+        return origExtension.call(module_._extensions, mod, filename); // (1)
+      }
+      const r = core.maybeTranspilePlainJs(pathToFileURL(filename).href, pathExtname(filename));
+      if (r) {
+        if (r.format === "module") throw requireEsmError(filename); // (2)
+        mod._compile(r.source, filename);
+        return;
+      }
+      return origExtension.call(module_._extensions, mod, filename); // (3)
+    };
+  }
 }
 
 // ── Clobbered-polyfill preloading + Temporal lazy global ────────────

package/runtime/preload.cjs

@@ -209,6 +209,21 @@ function installLazyEsmPolyfills() {
     }
   };
 
+  // navigator backfill, ordered BEFORE the navigator.locks installs below so locks
+  // always has a host. The fast tier floor is 22.15 (navigator is always native, >= 21),
+  // so installNavigatorShim() version-checks and returns WITHOUT reading globalThis
+  // .navigator — never triggering the 24.5+ lazy-navigator realization. It does real
+  // work only if this preload is ever reached on Node < 21; on the fast floor it is a
+  // cheap no-op, wired for symmetry with the compat tier. See navigator-shim.mjs.
+  try {
+    __require("./navigator-shim.mjs").installNavigatorShim();
+  } catch (err) {
+    // require(esm) disabled (--no-experimental-require-module): navigator is native at
+    // the fast floor, so skipping the no-op shim is harmless. Any OTHER error is a real
+    // fault in the module — surface it rather than swallow it.
+    if (!err || err.code !== "ERR_REQUIRE_ESM") throw err;
+  }
+
   if (inWorkerThread) {
     // Worker-side scope bootstrap must be present synchronously where possible.
     loadEsmSideEffect("./worker-polyfill.mjs");

package/runtime/preload.mjs

@@ -112,6 +112,14 @@ if (__isFastTier) {
 // modules is unreliable, so they load via dynamic `import()` here.
 const __preloadedPolyfills = common.preloadPolyfillPackages(__require);
 installSyncPolyfills(__preloadedPolyfills);
+// navigator backfill (Node < 21: the `navigator` global is wholly absent). MUST run
+// BEFORE navigator-locks so Web Locks has a host on the 18.19–20.x floor. On Node >= 21
+// it is a no-op (navigator is native). Thread the floor's createRequire so the shim can
+// fetch node:os where process.getBuiltinModule is absent (the narrow floor). See
+// navigator-shim.mjs.
+const __navShim = await import("./navigator-shim.mjs");
+__navShim.setBootstrapCreateRequire(floorCreateRequire);
+__navShim.installNavigatorShim();
 if (typeof globalThis.navigator?.locks === "undefined") {
   await import("./navigator-locks.mjs");
 }

package/runtime/transform-core.mjs

@@ -156,7 +156,21 @@ if (typeof process.getBuiltinModule === "function") __ensureBuiltins();
 // natively now, and this file no longer needs to read version.mjs.
 
 // ── Constants ───────────────────────────────────────────────────────
+// TS/JSX exts ALWAYS transform (type-stripping is required), so they live in
+// TRANSPILE_EXTS — the set every dispatch site checks to route a file to
+// loadTranspile. Plain JS (.js/.mjs/.cjs) is DELIBERATELY NOT here: a plain-JS file
+// is transpiled ONLY when it carries transformable syntax (`using`/`await using`,
+// `v`-flag RegExp, decorators), and a no-op plain-JS file must take Node's OWN load
+// path BYTE-FOR-BYTE — putting it in TRANSPILE_EXTS would route every `.js`/`.cjs`
+// through nub's hook and change native CJS/ESM behavior (the `commonjs-sync` relabel,
+// require.cache, the require-of-ESM-syntax-.cjs error). So plain JS is handled by a
+// SEPARATE narrow path (`maybeTranspilePlainJs`) that fires only for transformable
+// files and is a no-op (returns null) otherwise — see PLAIN_JS_EXTS below.
 export const TRANSPILE_EXTS = new Set([".ts", ".tsx", ".mts", ".cts", ".jsx"]);
+// Project-source plain JS. Routed to the transpiler ONLY when transformable (the
+// `maybeTranspilePlainJs` gate); a no-op plain-JS file falls through to Node's
+// native loader untouched, byte-identical. node_modules is excluded at the gate.
+export const PLAIN_JS_EXTS = new Set([".js", ".mjs", ".cjs"]);
 export const DATA_EXTS = { ".jsonc": "jsonc", ".json5": "json5", ".toml": "toml", ".yaml": "yaml", ".yml": "yaml", ".txt": "txt" };
 export const TS_PARENT_EXTS = new Set([".ts", ".tsx", ".mts", ".cts"]);
 
@@ -328,7 +342,7 @@ export function resolveSpec(specifier, parentURL) {
   // from a nub-dependency ESM entry) delegated to a strict user loader is exactly
   // the R11 leak. See isNubInternalParent.
   if (isNubInternalParent(parentURL)) {
-    if (specifier.startsWith("node:") || module.builtinModules.includes(specifier)) {
+    if (specifier.startsWith("node:") || module.isBuiltin(specifier)) {
       const url = specifier.startsWith("node:") ? specifier : `node:${specifier}`;
       return { url, shortCircuit: true };
     }
@@ -349,7 +363,7 @@ export function resolveSpec(specifier, parentURL) {
 
   // node: and data: protocols, and bare Node built-ins, are never ours.
   if (specifier.startsWith("node:") || specifier.startsWith("data:")) return null;
-  if (module.builtinModules.includes(specifier)) return null;
+  if (module.isBuiltin(specifier)) return null;
 
   // 1. Built-in modules provided by Nub.
   if (BUILTIN_MODULES.has(specifier)) {
@@ -392,7 +406,7 @@ export function resolveSpec(specifier, parentURL) {
 // file's absolute path (from the CJS parent Module), or null for the entry.
 export function resolveCjsPath(request, parentPath) {
   if (request.startsWith("node:") || request.startsWith("data:") ||
-      module.builtinModules.includes(request)) {
+      module.isBuiltin(request)) {
     return null;
   }
   // The SAME native additive resolver as resolveSpec, returning an absolute path
@@ -435,13 +449,15 @@ function detectModuleInfo(filePath, source, lang) {
   // Addon missing (should never happen in a real install): default to ESM for
   // format (the common case) and "no decorators" for the guard — the same fallback
   // the old oxc-parser-unavailable branches used.
-  if (!nubNative) return { hasValueEsmSyntax: true, hasDecorators: false };
+  if (!nubNative) return { hasValueEsmSyntax: true, hasDecorators: false, transformableSyntax: false };
   try {
     return nubNative.detectModuleInfo(filePath, source, lang);
   } catch {
     // Unparseable → CJS for format + no decorators (the transpile/V8 surfaces the
-    // real error), matching the old per-call catch blocks.
-    return { hasValueEsmSyntax: false, hasDecorators: false };
+    // real error), matching the old per-call catch blocks. `transformableSyntax:
+    // false` is the SAFE plain-JS default — the verbatim path hands the raw bytes
+    // back, so V8 surfaces the real syntax error exactly where Node would.
+    return { hasValueEsmSyntax: false, hasDecorators: false, transformableSyntax: false };
   }
 }
 
@@ -450,13 +466,28 @@ function detectModuleInfo(filePath, source, lang) {
 // `type` is authoritative; otherwise (ambiguous) we detect from source syntax —
 // full Node parity (`--experimental-detect-module`), so a CJS-syntax `.ts` with
 // no `type` runs as CJS on nub exactly as on Node. See wiki/runtime/module-format.md.
+// `.mjs`→module / `.cjs`→commonjs are explicit (mirroring `.mts`/`.cts`), so the
+// plain-JS gate gets the right format without a needless detect.
 export function moduleFormatFor(ext, pkgType, filePath, source) {
-  if (ext === ".mts") return "module";
-  if (ext === ".cts") return "commonjs";
-  if (pkgType === "module") return "module";
-  if (pkgType === "commonjs") return "commonjs";
+  return moduleFormatWithInfo(ext, pkgType, filePath, source).format;
+}
+
+// Same format decision as moduleFormatFor, but ALSO returns the `ModuleInfo`
+// (`detectModuleInfo`) result when a parse was needed — `{ format, info }`, with
+// `info` null on the no-parse short-circuits (`.mts`/`.mjs`/`.cts`/`.cjs`, explicit
+// `type`). loadTranspile uses this so its ONE parse serves BOTH readers — the
+// format decision (`hasValueEsmSyntax`) and the Stage-3 decorator guard
+// (`hasDecorators`) — instead of `moduleFormatFor` + `hasDecoratorSyntax` each
+// parsing the same source. On a short-circuit (`info` null) no parse happened, so
+// the decorator guard runs its own single parse: still ≤1 detect per file.
+function moduleFormatWithInfo(ext, pkgType, filePath, source) {
+  if (ext === ".mts" || ext === ".mjs") return { format: "module", info: null };
+  if (ext === ".cts" || ext === ".cjs") return { format: "commonjs", info: null };
+  if (pkgType === "module") return { format: "module", info: null };
+  if (pkgType === "commonjs") return { format: "commonjs", info: null };
   const lang = ext === ".tsx" ? "tsx" : ext === ".jsx" ? "jsx" : "ts";
-  return detectModuleInfo(filePath, source, lang).hasValueEsmSyntax ? "module" : "commonjs";
+  const info = detectModuleInfo(filePath, source, lang);
+  return { format: info.hasValueEsmSyntax ? "module" : "commonjs", info };
 }
 
 // The Stage-3-decorator rejection diagnostic. oxc does not lower TC39 Stage 3
@@ -568,9 +599,13 @@ export function loadTranspile(url, ext) {
   // (.ts/.tsx/.jsx); .mts/.cts are explicit so its lookup is skipped. The chosen
   // format is folded into the cache key (and the entry's leading byte) by native.
   const pkgType = ext === ".mts" || ext === ".cts" ? undefined : getPackageType(dir);
-  const format = moduleFormatFor(ext, pkgType, filePath, source);
+  // ONE detectModuleInfo parse for both the format decision and the decorator
+  // guard below: `moduleInfo` is the parsed ModuleInfo when the format needed a
+  // parse (ambiguous ext, no explicit `type`), else null (a no-parse short-circuit).
+  const { format, info: moduleInfo } = moduleFormatWithInfo(ext, pkgType, filePath, source);
 
   const lang = ext === ".tsx" ? "tsx" : ext === ".jsx" ? "jsx" : "ts";
+
   const opts = {
     lang,
     sourceType: format === "commonjs" ? "commonjs" : "module",
@@ -604,9 +639,12 @@ export function loadTranspile(url, ext) {
   // SyntaxError. When legacy mode is off and decorator syntax is present, reject
   // with the documented Option-A diagnostic instead. (Cheap `source.includes("@")`
   // pre-filter keeps decorator-free files off the native parser; runs BEFORE the
-  // cache so the diagnostic surfaces even on what would be a warm hit.)
+  // cache so the diagnostic surfaces even on what would be a warm hit.) Reuse the
+  // `hasDecorators` flag from the format parse above when it ran (`moduleInfo`
+  // non-null), so the ambiguous-ext + `@` path detects ONCE; on a no-parse
+  // short-circuit (`.mts`/`.cts`/explicit `type`) it does its own single parse.
   if (co?.experimentalDecorators !== true && source.includes("@") &&
-      hasDecoratorSyntax(filePath, source, lang)) {
+      (moduleInfo ? moduleInfo.hasDecorators : hasDecoratorSyntax(filePath, source, lang))) {
     throw stage3DecoratorError(filePath);
   }
 
@@ -626,6 +664,40 @@ export function loadTranspile(url, ext) {
   return { format: result.format, source: result.code, shortCircuit: true };
 }
 
+// Project-source plain JS (`.js`/`.mjs`/`.cjs`) gate. Returns a transpiled load
+// result ONLY when the file carries syntax oxc lowers at nub's es2022 target
+// (`using`/`await using`, a `v`-flag RegExp, or decorators); otherwise returns
+// `null`, meaning "this file needs no transform — handle it with Node's OWN loader,
+// exactly as a non-listed extension." This is why `.js`/`.mjs`/`.cjs` are NOT in
+// TRANSPILE_EXTS: a no-op plain-JS file must take Node's native load path
+// byte-for-byte (preserving the `commonjs-sync` relabel, require.cache, the
+// require-of-ESM-syntax-`.cjs` error — all of which intercepting the file would
+// break), and oxc would reformat it (quotes/semicolons/whitespace + a sourcemap
+// footer) if we ran it through anyway. The verdict rides ONE parse (the same one
+// `detectModuleInfo` does for format detection). node_modules is gated at the call
+// sites (the byte-parity boundary). JSX-in-`.js` is out of scope (lang is "ts",
+// which does not parse JSX); use `.jsx`.
+export function maybeTranspilePlainJs(url, ext) {
+  __ensureBuiltins();
+  const filePath = fileURLToPath(url);
+  let source;
+  try {
+    source = readFileSync(filePath, "utf8");
+  } catch {
+    // Unreadable here → let Node's loader surface its own error.
+    return null;
+  }
+  // lang "ts" parses all JS (a TS superset) but NOT JSX — JSX-in-.js is out of scope.
+  const info = detectModuleInfo(filePath, source, "ts");
+  if (!info.transformableSyntax && !info.hasDecorators) {
+    return null; // no-op: Node's native loader handles it, byte-identical.
+  }
+  // Transformable: run the SAME pipeline as TS/JSX (target es2022 lowering, tsconfig,
+  // source maps, the Stage-3 decorator guard, format detection, cache). loadTranspile
+  // re-reads + re-parses, but only for the rare file that actually needs lowering.
+  return loadTranspile(url, ext);
+}
+
 // ── Data-format imports ─────────────────────────────────────────────
 function lazyRequire(pkg) {
   try { return __require(pkg); } catch {

package/runtime/version.mjs

@@ -9,4 +9,4 @@
 // previously lived as a literal inside preload.mjs, which `make version` patched,
 // while the worker carried a hand-maintained "…-compat" copy that `make version`
 // never touched — a latent staleness bug this module closes.)
-export const NUB_VERSION = "0.2.1";
+export const NUB_VERSION = "0.2.3";