@objectstack/core 0.9.1 → 1.0.0

package/dist/lite-kernel.js

@@ -0,0 +1,112 @@
+import { createLogger } from './logger.js';
+import { ObjectKernelBase } from './kernel-base.js';
+/**
+ * ObjectKernel - MiniKernel Architecture
+ *
+ * A highly modular, plugin-based microkernel that:
+ * - Manages plugin lifecycle (init, start, destroy)
+ * - Provides dependency injection via service registry
+ * - Implements event/hook system for inter-plugin communication
+ * - Handles dependency resolution (topological sort)
+ * - Provides configurable logging for server and browser
+ *
+ * Core philosophy:
+ * - Business logic is completely separated into plugins
+ * - Kernel only manages lifecycle, DI, and hooks
+ * - Plugins are loaded as equal building blocks
+ */
+export class LiteKernel extends ObjectKernelBase {
+    constructor(config) {
+        const logger = createLogger(config?.logger);
+        super(logger);
+        // Initialize context after logger is created
+        this.context = this.createContext();
+    }
+    /**
+     * Register a plugin
+     * @param plugin - Plugin instance
+     */
+    use(plugin) {
+        this.validateIdle();
+        const pluginName = plugin.name;
+        if (this.plugins.has(pluginName)) {
+            throw new Error(`[Kernel] Plugin '${pluginName}' already registered`);
+        }
+        this.plugins.set(pluginName, plugin);
+        return this;
+    }
+    /**
+     * Bootstrap the kernel
+     * 1. Resolve dependencies (topological sort)
+     * 2. Init phase - plugins register services
+     * 3. Start phase - plugins execute business logic
+     * 4. Trigger 'kernel:ready' hook
+     */
+    async bootstrap() {
+        this.validateState('idle');
+        this.state = 'initializing';
+        this.logger.info('Bootstrap started');
+        // Resolve dependencies
+        const orderedPlugins = this.resolveDependencies();
+        // Phase 1: Init - Plugins register services
+        this.logger.info('Phase 1: Init plugins');
+        for (const plugin of orderedPlugins) {
+            await this.runPluginInit(plugin);
+        }
+        // Phase 2: Start - Plugins execute business logic
+        this.logger.info('Phase 2: Start plugins');
+        this.state = 'running';
+        for (const plugin of orderedPlugins) {
+            await this.runPluginStart(plugin);
+        }
+        // Trigger ready hook
+        await this.triggerHook('kernel:ready');
+        this.logger.info('✅ Bootstrap complete', {
+            pluginCount: this.plugins.size
+        });
+    }
+    /**
+     * Shutdown the kernel
+     * Calls destroy on all plugins in reverse order
+     */
+    async shutdown() {
+        await this.destroy();
+    }
+    /**
+     * Graceful shutdown - destroy all plugins in reverse order
+     */
+    async destroy() {
+        if (this.state === 'stopped') {
+            this.logger.warn('Kernel already stopped');
+            return;
+        }
+        this.state = 'stopping';
+        this.logger.info('Shutdown started');
+        // Trigger shutdown hook
+        await this.triggerHook('kernel:shutdown');
+        // Destroy plugins in reverse order
+        const orderedPlugins = this.resolveDependencies();
+        for (const plugin of orderedPlugins.reverse()) {
+            await this.runPluginDestroy(plugin);
+        }
+        this.state = 'stopped';
+        this.logger.info('✅ Shutdown complete');
+        // Cleanup logger resources
+        if (this.logger && typeof this.logger.destroy === 'function') {
+            await this.logger.destroy();
+        }
+    }
+    /**
+     * Get a service from the registry
+     * Convenience method for external access
+     */
+    getService(name) {
+        return this.context.getService(name);
+    }
+    /**
+     * Check if kernel is running
+     */
+    isRunning() {
+        return this.state === 'running';
+    }
+}

package/dist/lite-kernel.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=lite-kernel.test.d.ts.map

package/dist/lite-kernel.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"lite-kernel.test.d.ts","sourceRoot":"","sources":["../src/lite-kernel.test.ts"],"names":[],"mappings":""}

package/dist/lite-kernel.test.js

@@ -0,0 +1,161 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import { LiteKernel } from './lite-kernel';
+describe('LiteKernel with Configurable Logger', () => {
+    let kernel;
+    beforeEach(() => {
+        kernel = new LiteKernel();
+    });
+    describe('Logger Configuration', () => {
+        it('should create kernel with default logger', () => {
+            expect(kernel).toBeDefined();
+        });
+        it('should create kernel with custom logger config', async () => {
+            const customKernel = new LiteKernel({
+                logger: {
+                    level: 'debug',
+                    format: 'pretty',
+                    sourceLocation: true
+                }
+            });
+            expect(customKernel).toBeDefined();
+            // Cleanup
+            await customKernel.bootstrap();
+            await customKernel.shutdown();
+        });
+        it('should create kernel with file logging config', async () => {
+            const fileKernel = new LiteKernel({
+                logger: {
+                    level: 'info',
+                    format: 'json',
+                    file: '/tmp/test-kernel.log'
+                }
+            });
+            expect(fileKernel).toBeDefined();
+            // Cleanup
+            await fileKernel.bootstrap();
+            await fileKernel.shutdown();
+        });
+    });
+    describe('Plugin Context Logger', () => {
+        it('should provide logger to plugins', async () => {
+            let loggerReceived = false;
+            const testPlugin = {
+                name: 'test-plugin',
+                init: async (ctx) => {
+                    if (ctx.logger) {
+                        loggerReceived = true;
+                        ctx.logger.info('Plugin initialized', { plugin: 'test-plugin' });
+                    }
+                }
+            };
+            kernel.use(testPlugin);
+            await kernel.bootstrap();
+            expect(loggerReceived).toBe(true);
+            await kernel.shutdown();
+        });
+        it('should allow plugins to use all log levels', async () => {
+            const logCalls = [];
+            const loggingPlugin = {
+                name: 'logging-plugin',
+                init: async (ctx) => {
+                    ctx.logger.debug('Debug message');
+                    logCalls.push('debug');
+                    ctx.logger.info('Info message');
+                    logCalls.push('info');
+                    ctx.logger.warn('Warning message');
+                    logCalls.push('warn');
+                    ctx.logger.error('Error message');
+                    logCalls.push('error');
+                }
+            };
+            kernel.use(loggingPlugin);
+            await kernel.bootstrap();
+            expect(logCalls).toContain('debug');
+            expect(logCalls).toContain('info');
+            expect(logCalls).toContain('warn');
+            expect(logCalls).toContain('error');
+            await kernel.shutdown();
+        });
+        it('should support metadata in logs', async () => {
+            const metadataPlugin = {
+                name: 'metadata-plugin',
+                init: async (ctx) => {
+                    ctx.logger.info('User action', {
+                        userId: '123',
+                        action: 'create',
+                        resource: 'document'
+                    });
+                }
+            };
+            kernel.use(metadataPlugin);
+            await kernel.bootstrap();
+            await kernel.shutdown();
+        });
+    });
+    describe('Kernel Lifecycle Logging', () => {
+        it('should log bootstrap process', async () => {
+            const plugin = {
+                name: 'lifecycle-test',
+                init: async () => {
+                    // Init logic
+                },
+                start: async () => {
+                    // Start logic
+                }
+            };
+            kernel.use(plugin);
+            await kernel.bootstrap();
+            expect(kernel.isRunning()).toBe(true);
+            await kernel.shutdown();
+        });
+        it('should log shutdown process', async () => {
+            const plugin = {
+                name: 'shutdown-test',
+                init: async () => { },
+                destroy: async () => {
+                    // Cleanup
+                }
+            };
+            kernel.use(plugin);
+            await kernel.bootstrap();
+            await kernel.shutdown();
+            expect(kernel.getState()).toBe('stopped');
+        });
+    });
+    describe('Environment Compatibility', () => {
+        it('should work in Node.js environment', async () => {
+            const nodeKernel = new LiteKernel({
+                logger: {
+                    level: 'info',
+                    format: 'json'
+                }
+            });
+            const plugin = {
+                name: 'node-test',
+                init: async (ctx) => {
+                    ctx.logger.info('Running in Node.js');
+                }
+            };
+            nodeKernel.use(plugin);
+            await nodeKernel.bootstrap();
+            await nodeKernel.shutdown();
+        });
+        it('should support browser-friendly logging', async () => {
+            const browserKernel = new LiteKernel({
+                logger: {
+                    level: 'info',
+                    format: 'pretty'
+                }
+            });
+            const plugin = {
+                name: 'browser-test',
+                init: async (ctx) => {
+                    ctx.logger.info('Browser-friendly format');
+                }
+            };
+            browserKernel.use(plugin);
+            await browserKernel.bootstrap();
+            await browserKernel.shutdown();
+        });
+    });
+});

package/dist/logger.d.ts

@@ -44,8 +44,8 @@ export declare class ObjectLogger implements Logger {
     debug(message: string, meta?: Record<string, any>): void;
     info(message: string, meta?: Record<string, any>): void;
     warn(message: string, meta?: Record<string, any>): void;
-    error(message: string, error?: Error, meta?: Record<string, any>): void;
-    fatal(message: string, error?: Error, meta?: Record<string, any>): void;
+    error(message: string, errorOrMeta?: Error | Record<string, any>, meta?: Record<string, any>): void;
+    fatal(message: string, errorOrMeta?: Error | Record<string, any>, meta?: Record<string, any>): void;
     /**
      * Create a child logger with additional context
      * Note: Child loggers share the parent's Pino instance

package/dist/logger.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"logger.d.ts","sourceRoot":"","sources":["../src/logger.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAY,MAAM,0BAA0B,CAAC;AACvE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,6BAA6B,CAAC;AAE1D;;;;;;;;;;;;;;GAcG;AACH,qBAAa,YAAa,YAAW,MAAM;IACvC,OAAO,CAAC,MAAM,CAAkJ;IAChK,OAAO,CAAC,MAAM,CAAU;IACxB,OAAO,CAAC,UAAU,CAAC,CAAM;IACzB,OAAO,CAAC,YAAY,CAAC,CAAM;IAC3B,OAAO,CAAC,OAAO,CAAC,CAAM;gBAEV,MAAM,GAAE,OAAO,CAAC,YAAY,CAAM;IAwB9C;;OAEG;IACH,OAAO,CAAC,cAAc;IAuGtB;;OAEG;IACH,OAAO,CAAC,eAAe;IAqBvB;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAsCxB;;OAEG;IACH,OAAO,CAAC,UAAU;IAelB;;OAEG;IACH,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI;IAQxD,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI;IAQvD,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI;IAQvD,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI;IASvE,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI;IASvE;;;OAGG;IACH,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,YAAY;IAYjD;;OAEG;IACH,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,YAAY;IAIzD;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ9B;;OAEG;IACH,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI;CAG7C;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,GAAG,YAAY,CAEzE"}
+{"version":3,"file":"logger.d.ts","sourceRoot":"","sources":["../src/logger.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAY,MAAM,0BAA0B,CAAC;AACvE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,6BAA6B,CAAC;AAE1D;;;;;;;;;;;;;;GAcG;AACH,qBAAa,YAAa,YAAW,MAAM;IACvC,OAAO,CAAC,MAAM,CAAkJ;IAChK,OAAO,CAAC,MAAM,CAAU;IACxB,OAAO,CAAC,UAAU,CAAC,CAAM;IACzB,OAAO,CAAC,YAAY,CAAC,CAAM;IAC3B,OAAO,CAAC,OAAO,CAAC,CAAM;gBAEV,MAAM,GAAE,OAAO,CAAC,YAAY,CAAM;IAwB9C;;OAEG;IACH,OAAO,CAAC,cAAc;IAuGtB;;OAEG;IACH,OAAO,CAAC,eAAe;IAqBvB;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAuCxB;;OAEG;IACH,OAAO,CAAC,UAAU;IAelB;;OAEG;IACH,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI;IAQxD,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI;IAQvD,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI;IAQvD,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI;IAmBnG,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI;IAmBnG;;;OAGG;IACH,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,YAAY;IAYjD;;OAEG;IACH,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,YAAY;IAIzD;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ9B;;OAEG;IACH,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI;CAG7C;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,GAAG,YAAY,CAEzE"}

package/dist/logger.js

@@ -179,7 +179,8 @@ export class ObjectLogger {
             info: '\x1b[32m', // Green
             warn: '\x1b[33m', // Yellow
             error: '\x1b[31m', // Red
-            fatal: '\x1b[35m' // Magenta
+            fatal: '\x1b[35m', // Magenta
+            silent: ''
         };
         const reset = '\x1b[0m';
         const color = levelColors[level] || '';
@@ -230,22 +231,40 @@ export class ObjectLogger {
             this.logBrowser('warn', message, meta);
         }
     }
-    error(message, error, meta) {
+    error(message, errorOrMeta, meta) {
+        let error;
+        let context = {};
+        if (errorOrMeta instanceof Error) {
+            error = errorOrMeta;
+            context = meta || {};
+        }
+        else {
+            context = errorOrMeta || {};
+        }
         if (this.isNode && this.pinoLogger) {
-            const errorContext = error ? { err: error, ...meta } : meta || {};
+            const errorContext = error ? { err: error, ...context } : context;
             this.pinoLogger.error(errorContext, message);
         }
         else {
-            this.logBrowser('error', message, meta, error);
+            this.logBrowser('error', message, context, error);
         }
     }
-    fatal(message, error, meta) {
+    fatal(message, errorOrMeta, meta) {
+        let error;
+        let context = {};
+        if (errorOrMeta instanceof Error) {
+            error = errorOrMeta;
+            context = meta || {};
+        }
+        else {
+            context = errorOrMeta || {};
+        }
         if (this.isNode && this.pinoLogger) {
-            const errorContext = error ? { err: error, ...meta } : meta || {};
+            const errorContext = error ? { err: error, ...context } : context;
             this.pinoLogger.fatal(errorContext, message);
         }
         else {
-            this.logBrowser('fatal', message, meta, error);
+            this.logBrowser('fatal', message, context, error);
         }
     }
     /**

package/dist/plugin-loader.d.ts

@@ -96,11 +96,22 @@ export interface VersionCompatibility {
  */
 export declare class PluginLoader {
     private logger;
+    private context?;
+    private configValidator;
     private loadedPlugins;
     private serviceFactories;
     private serviceInstances;
     private scopedServices;
+    private creating;
     constructor(logger: Logger);
+    /**
+     * Set the plugin context for service factories
+     */
+    setContext(context: PluginContext): void;
+    /**
+     * Get a synchronous service instance if it exists (Sync Helper)
+     */
+    getServiceInstance<T>(name: string): T | undefined;
     /**
      * Load a plugin asynchronously with validation
      */
@@ -117,6 +128,10 @@ export declare class PluginLoader {
      * Register a static service instance (legacy support)
      */
     registerService(name: string, service: any): void;
+    /**
+     * Check if a service is registered (either as instance or factory)
+     */
+    hasService(name: string): boolean;
     /**
      * Detect circular dependencies in service factories
      * Note: This only detects cycles in service dependencies, not plugin dependencies.

package/dist/plugin-loader.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"plugin-loader.d.ts","sourceRoot":"","sources":["../src/plugin-loader.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AACnD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,6BAA6B,CAAC;AAC1D,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB;;;GAGG;AACH,oBAAY,gBAAgB;IACxB,iDAAiD;IACjD,SAAS,cAAc;IACvB,4CAA4C;IAC5C,SAAS,cAAc;IACvB,sDAAsD;IACtD,MAAM,WAAW;CACpB;AAED;;;GAGG;AACH,MAAM,MAAM,cAAc,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,aAAa,KAAK,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;AAE7E;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,cAAc,CAAC;IACxB,SAAS,EAAE,gBAAgB,CAAC;IAC5B,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED;;;;GAIG;AACH,MAAM,WAAW,sBAAsB;IACnC,MAAM,EAAE,CAAC,CAAC,SAAS,CAAC;IACpB,QAAQ,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,MAAM;IAC1C,uCAAuC;IACvC,OAAO,EAAE,MAAM,CAAC;IAEhB,0CAA0C;IAC1C,YAAY,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC;IAE3B,iDAAiD;IACjD,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,mCAAmC;IACnC,WAAW,CAAC,IAAI,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAE5C,uDAAuD;IACvD,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,yCAAyC;IACzC,aAAa,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC9B,SAAS,CAAC,EAAE,IAAI,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,cAAc,CAAC;IACxB,KAAK,CAAC,EAAE,KAAK,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,KAAK,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACjC,UAAU,EAAE,OAAO,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;;GAGG;AACH,qBAAa,YAAY;IACrB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,aAAa,CAA0C;IAC/D,OAAO,CAAC,gBAAgB,CAA+C;IACvE,OAAO,CAAC,gBAAgB,CAA+B;IACvD,OAAO,CAAC,cAAc,CAA4C;gBAEtD,MAAM,EAAE,MAAM;IAI1B;;OAEG;IACG,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAiD3D;;OAEG;IACH,sBAAsB,CAAC,YAAY,EAAE,mBAAmB,GAAG,IAAI;IAS/D;;OAEG;IACG,UAAU,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IA8B/D;;OAEG;IACH,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,IAAI;IAOjD;;;;OAIG;IACH,0BAA0B,IAAI,MAAM,EAAE;IAoCtC;;OAEG;IACG,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAkCxE;;OAEG;IACH,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI;IAKjC;;OAEG;IACH,gBAAgB,IAAI,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC;IAM/C,OAAO,CAAC,gBAAgB;IAOxB,OAAO,CAAC,uBAAuB;IAc/B,OAAO,CAAC,yBAAyB;IAmBjC,OAAO,CAAC,sBAAsB;IAK9B,OAAO,CAAC,oBAAoB;YAgBd,qBAAqB;YAWrB,mBAAmB;YAanB,sBAAsB;YAMtB,gBAAgB;YAiBhB,qBAAqB;CAMtC"}
+{"version":3,"file":"plugin-loader.d.ts","sourceRoot":"","sources":["../src/plugin-loader.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AACnD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,6BAA6B,CAAC;AAC1D,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB;;;GAGG;AACH,oBAAY,gBAAgB;IACxB,iDAAiD;IACjD,SAAS,cAAc;IACvB,4CAA4C;IAC5C,SAAS,cAAc;IACvB,sDAAsD;IACtD,MAAM,WAAW;CACpB;AAED;;;GAGG;AACH,MAAM,MAAM,cAAc,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,aAAa,KAAK,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;AAE7E;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,cAAc,CAAC;IACxB,SAAS,EAAE,gBAAgB,CAAC;IAC5B,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED;;;;GAIG;AACH,MAAM,WAAW,sBAAsB;IACnC,MAAM,EAAE,CAAC,CAAC,SAAS,CAAC;IACpB,QAAQ,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,MAAM;IAC1C,uCAAuC;IACvC,OAAO,EAAE,MAAM,CAAC;IAEhB,0CAA0C;IAC1C,YAAY,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC;IAE3B,iDAAiD;IACjD,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,mCAAmC;IACnC,WAAW,CAAC,IAAI,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAE5C,uDAAuD;IACvD,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,yCAAyC;IACzC,aAAa,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC9B,SAAS,CAAC,EAAE,IAAI,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,cAAc,CAAC;IACxB,KAAK,CAAC,EAAE,KAAK,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,KAAK,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACjC,UAAU,EAAE,OAAO,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;;GAGG;AACH,qBAAa,YAAY;IACrB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,OAAO,CAAC,CAAgB;IAChC,OAAO,CAAC,eAAe,CAAwB;IAC/C,OAAO,CAAC,aAAa,CAA0C;IAC/D,OAAO,CAAC,gBAAgB,CAA+C;IACvE,OAAO,CAAC,gBAAgB,CAA+B;IACvD,OAAO,CAAC,cAAc,CAA4C;IAClE,OAAO,CAAC,QAAQ,CAA0B;gBAE9B,MAAM,EAAE,MAAM;IAK1B;;OAEG;IACH,UAAU,CAAC,OAAO,EAAE,aAAa,GAAG,IAAI;IAIxC;;OAEG;IACH,kBAAkB,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,GAAG,CAAC,GAAG,SAAS;IAIlD;;OAEG;IACG,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAiD3D;;OAEG;IACH,sBAAsB,CAAC,YAAY,EAAE,mBAAmB,GAAG,IAAI;IAS/D;;OAEG;IACG,UAAU,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IA8B/D;;OAEG;IACH,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,IAAI;IAOjD;;OAEG;IACH,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAIjC;;;;OAIG;IACH,0BAA0B,IAAI,MAAM,EAAE;IAoCtC;;OAEG;IACG,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAkCxE;;OAEG;IACH,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI;IAKjC;;OAEG;IACH,gBAAgB,IAAI,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC;IAM/C,OAAO,CAAC,gBAAgB;IAOxB,OAAO,CAAC,uBAAuB;IAc/B,OAAO,CAAC,yBAAyB;IAmBjC,OAAO,CAAC,sBAAsB;IAK9B,OAAO,CAAC,oBAAoB;YAgBd,qBAAqB;YAWrB,mBAAmB;YAanB,sBAAsB;YAMtB,gBAAgB;YAiBhB,qBAAqB;CAgBtC"}

package/dist/plugin-loader.js

@@ -1,3 +1,4 @@
+import { PluginConfigValidator } from './security/plugin-config-validator.js';
 /**
  * Service Lifecycle Types
  * Defines how services are instantiated and managed
@@ -21,7 +22,21 @@ export class PluginLoader {
         this.serviceFactories = new Map();
         this.serviceInstances = new Map();
         this.scopedServices = new Map();
+        this.creating = new Set();
         this.logger = logger;
+        this.configValidator = new PluginConfigValidator(logger);
+    }
+    /**
+     * Set the plugin context for service factories
+     */
+    setContext(context) {
+        this.context = context;
+    }
+    /**
+     * Get a synchronous service instance if it exists (Sync Helper)
+     */
+    getServiceInstance(name) {
+        return this.serviceInstances.get(name);
     }
     /**
      * Load a plugin asynchronously with validation
@@ -112,6 +127,12 @@ export class PluginLoader {
         }
         this.serviceInstances.set(name, service);
     }
+    /**
+     * Check if a service is registered (either as instance or factory)
+     */
+    hasService(name) {
+        return this.serviceInstances.has(name) || this.serviceFactories.has(name);
+    }
     /**
      * Detect circular dependencies in service factories
      * Note: This only detects cycles in service dependencies, not plugin dependencies.
@@ -234,14 +255,14 @@ export class PluginLoader {
         if (!plugin.configSchema) {
             return;
         }
-        if (!config) {
-            this.logger.debug(`Plugin ${plugin.name} has configuration schema but no config provided`);
+        if (config === undefined) {
+            // In loadPlugin, we often don't have the config yet.
+            // We skip validation here or valid against empty object if schema allows?
+            // For now, let's keep the logging behavior but note it's delegating
+            this.logger.debug(`Plugin ${plugin.name} has configuration schema (config validation postponed)`);
             return;
         }
-        // Configuration validation is now implemented in PluginConfigValidator
-        // This is a placeholder that logs the validation would happen
-        // The actual validation should be done by the caller when config is available
-        this.logger.debug(`Plugin ${plugin.name} has configuration schema (use PluginConfigValidator for validation)`);
+        this.configValidator.validatePluginConfig(plugin, config);
     }
     async verifyPluginSignature(plugin) {
         if (!plugin.signature) {
@@ -281,9 +302,18 @@ export class PluginLoader {
         return instance;
     }
     async createServiceInstance(registration) {
-        // This is a simplified version - in real implementation,
-        // we would need to pass proper context with resolved dependencies
-        const mockContext = {};
-        return await registration.factory(mockContext);
+        if (!this.context) {
+            throw new Error(`[PluginLoader] Context not set - cannot create service '${registration.name}'`);
+        }
+        if (this.creating.has(registration.name)) {
+            throw new Error(`Circular dependency detected: ${Array.from(this.creating).join(' -> ')} -> ${registration.name}`);
+        }
+        this.creating.add(registration.name);
+        try {
+            return await registration.factory(this.context);
+        }
+        finally {
+            this.creating.delete(registration.name);
+        }
     }
 }

package/dist/plugin-loader.test.js

@@ -6,6 +6,15 @@ describe('PluginLoader', () => {
     beforeEach(() => {
         const logger = createLogger({ level: 'error' }); // Suppress logs in tests
         loader = new PluginLoader(logger);
+        loader.setContext({
+            registerService: () => { },
+            getService: () => { throw new Error('Mock service not found'); },
+            hook: () => { },
+            trigger: async () => { },
+            getServices: () => new Map(),
+            logger: logger,
+            getKernel: () => ({})
+        });
     });
     describe('Plugin Loading', () => {
         it('should load a valid plugin', async () => {

package/dist/security/index.d.ts

@@ -11,4 +11,7 @@
 export { PluginSignatureVerifier, type PluginSignatureConfig, type SignatureVerificationResult, } from './plugin-signature-verifier.js';
 export { PluginConfigValidator, createPluginConfigValidator, } from './plugin-config-validator.js';
 export { PluginPermissionEnforcer, SecurePluginContext, createPluginPermissionEnforcer, type PluginPermissions, type PermissionCheckResult, } from './plugin-permission-enforcer.js';
+export { PluginPermissionManager, type PermissionGrant, type PermissionCheckResult as PluginPermissionCheckResult, } from './permission-manager.js';
+export { PluginSandboxRuntime, type SandboxContext, type ResourceUsage, } from './sandbox-runtime.js';
+export { PluginSecurityScanner, type ScanTarget, type SecurityIssue, } from './security-scanner.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/security/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EACL,uBAAuB,EACvB,KAAK,qBAAqB,EAC1B,KAAK,2BAA2B,GACjC,MAAM,gCAAgC,CAAC;AAExC,OAAO,EACL,qBAAqB,EACrB,2BAA2B,GAC5B,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EACL,wBAAwB,EACxB,mBAAmB,EACnB,8BAA8B,EAC9B,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,GAC3B,MAAM,iCAAiC,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EACL,uBAAuB,EACvB,KAAK,qBAAqB,EAC1B,KAAK,2BAA2B,GACjC,MAAM,gCAAgC,CAAC;AAExC,OAAO,EACL,qBAAqB,EACrB,2BAA2B,GAC5B,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EACL,wBAAwB,EACxB,mBAAmB,EACnB,8BAA8B,EAC9B,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,GAC3B,MAAM,iCAAiC,CAAC;AAGzC,OAAO,EACL,uBAAuB,EACvB,KAAK,eAAe,EACpB,KAAK,qBAAqB,IAAI,2BAA2B,GAC1D,MAAM,yBAAyB,CAAC;AAEjC,OAAO,EACL,oBAAoB,EACpB,KAAK,cAAc,EACnB,KAAK,aAAa,GACnB,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EACL,qBAAqB,EACrB,KAAK,UAAU,EACf,KAAK,aAAa,GACnB,MAAM,uBAAuB,CAAC"}

package/dist/security/index.js

@@ -11,3 +11,7 @@
 export { PluginSignatureVerifier, } from './plugin-signature-verifier.js';
 export { PluginConfigValidator, createPluginConfigValidator, } from './plugin-config-validator.js';
 export { PluginPermissionEnforcer, SecurePluginContext, createPluginPermissionEnforcer, } from './plugin-permission-enforcer.js';
+// Advanced security components (Phase 2)
+export { PluginPermissionManager, } from './permission-manager.js';
+export { PluginSandboxRuntime, } from './sandbox-runtime.js';
+export { PluginSecurityScanner, } from './security-scanner.js';

package/dist/security/permission-manager.d.ts

@@ -0,0 +1,96 @@
+import type { Permission, PermissionSet, PermissionAction, ResourceType } from '@objectstack/spec/kernel';
+import type { ObjectLogger } from '../logger.js';
+/**
+ * Permission Grant
+ * Represents a granted permission at runtime
+ */
+export interface PermissionGrant {
+    permissionId: string;
+    pluginId: string;
+    grantedAt: Date;
+    grantedBy?: string;
+    expiresAt?: Date;
+    conditions?: Record<string, any>;
+}
+/**
+ * Permission Check Result
+ */
+export interface PermissionCheckResult {
+    allowed: boolean;
+    reason?: string;
+    requiredPermission?: string;
+    grantedPermissions?: string[];
+}
+/**
+ * Plugin Permission Manager
+ *
+ * Manages fine-grained permissions for plugin security and access control
+ */
+export declare class PluginPermissionManager {
+    private logger;
+    private permissionSets;
+    private grants;
+    private grantDetails;
+    constructor(logger: ObjectLogger);
+    /**
+     * Register permission requirements for a plugin
+     */
+    registerPermissions(pluginId: string, permissionSet: PermissionSet): void;
+    /**
+     * Grant a permission to a plugin
+     */
+    grantPermission(pluginId: string, permissionId: string, grantedBy?: string, expiresAt?: Date): void;
+    /**
+     * Revoke a permission from a plugin
+     */
+    revokePermission(pluginId: string, permissionId: string): void;
+    /**
+     * Grant all permissions for a plugin
+     */
+    grantAllPermissions(pluginId: string, grantedBy?: string): void;
+    /**
+     * Check if a plugin has a specific permission
+     */
+    hasPermission(pluginId: string, permissionId: string): boolean;
+    /**
+     * Check if plugin can perform an action on a resource
+     */
+    checkAccess(pluginId: string, resource: ResourceType, action: PermissionAction, resourceId?: string): PermissionCheckResult;
+    /**
+     * Get all permissions for a plugin
+     */
+    getPluginPermissions(pluginId: string): Permission[];
+    /**
+     * Get granted permissions for a plugin
+     */
+    getGrantedPermissions(pluginId: string): string[];
+    /**
+     * Get required but not granted permissions
+     */
+    getMissingPermissions(pluginId: string): Permission[];
+    /**
+     * Check if all required permissions are granted
+     */
+    hasAllRequiredPermissions(pluginId: string): boolean;
+    /**
+     * Get permission grant details
+     */
+    getGrantDetails(pluginId: string, permissionId: string): PermissionGrant | undefined;
+    /**
+     * Validate permission against scope constraints
+     */
+    validatePermissionScope(permission: Permission, context: {
+        tenantId?: string;
+        userId?: string;
+        resourceId?: string;
+    }): boolean;
+    /**
+     * Clear all permissions for a plugin
+     */
+    clearPluginPermissions(pluginId: string): void;
+    /**
+     * Shutdown permission manager
+     */
+    shutdown(): void;
+}
+//# sourceMappingURL=permission-manager.d.ts.map

package/dist/security/permission-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"permission-manager.d.ts","sourceRoot":"","sources":["../../src/security/permission-manager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,UAAU,EACV,aAAa,EACb,gBAAgB,EAChB,YAAY,EACb,MAAM,0BAA0B,CAAC;AAClC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAEjD;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC9B,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,IAAI,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAClC;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC/B;AAED;;;;GAIG;AACH,qBAAa,uBAAuB;IAClC,OAAO,CAAC,MAAM,CAAe;IAG7B,OAAO,CAAC,cAAc,CAAoC;IAG1D,OAAO,CAAC,MAAM,CAAkC;IAGhD,OAAO,CAAC,YAAY,CAAsC;gBAE9C,MAAM,EAAE,YAAY;IAIhC;;OAEG;IACH,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,aAAa,EAAE,aAAa,GAAG,IAAI;IASzE;;OAEG;IACH,eAAe,CACb,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,SAAS,CAAC,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,IAAI,GACf,IAAI;IAmCP;;OAEG;IACH,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,IAAI;IAY9D;;OAEG;IACH,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI;IAa/D;;OAEG;IACH,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO;IAsB9D;;OAEG;IACH,WAAW,CACT,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,YAAY,EACtB,MAAM,EAAE,gBAAgB,EACxB,UAAU,CAAC,EAAE,MAAM,GAClB,qBAAqB;IAyDxB;;OAEG;IACH,oBAAoB,CAAC,QAAQ,EAAE,MAAM,GAAG,UAAU,EAAE;IAKpD;;OAEG;IACH,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,EAAE;IAKjD;;OAEG;IACH,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,UAAU,EAAE;IAarD;;OAEG;IACH,yBAAyB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAIpD;;OAEG;IACH,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS;IAKpF;;OAEG;IACH,uBAAuB,CACrB,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE;QACP,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,UAAU,CAAC,EAAE,MAAM,CAAC;KACrB,GACA,OAAO;IAsBV;;OAEG;IACH,sBAAsB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAe9C;;OAEG;IACH,QAAQ,IAAI,IAAI;CAOjB"}