npm - @orpc/server - Versions diffs - 0.51.0 → 0.53.0 - Mend

@orpc/server 0.51.0 → 0.53.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (37) hide show

package/README.md +1 -0
package/dist/adapters/fetch/index.d.mts +14 -10
package/dist/adapters/fetch/index.d.ts +14 -10
package/dist/adapters/fetch/index.mjs +6 -4
package/dist/adapters/hono/index.d.mts +6 -6
package/dist/adapters/hono/index.d.ts +6 -6
package/dist/adapters/hono/index.mjs +10 -7
package/dist/adapters/next/index.d.mts +6 -6
package/dist/adapters/next/index.d.ts +6 -6
package/dist/adapters/next/index.mjs +10 -7
package/dist/adapters/node/index.d.mts +14 -10
package/dist/adapters/node/index.d.ts +14 -10
package/dist/adapters/node/index.mjs +17 -12
package/dist/adapters/standard/index.d.mts +6 -6
package/dist/adapters/standard/index.d.ts +6 -6
package/dist/adapters/standard/index.mjs +6 -3
package/dist/index.d.mts +50 -36
package/dist/index.d.ts +50 -36
package/dist/index.mjs +32 -11
package/dist/plugins/index.d.mts +100 -6
package/dist/plugins/index.d.ts +100 -6
package/dist/plugins/index.mjs +138 -1
package/dist/shared/server.BW-nUGgA.mjs +36 -0
package/dist/shared/{server.B4eSvRkD.mjs → server.Bm0UqHzd.mjs} +16 -11
package/dist/shared/{server.BtxZnWJ9.mjs → server.C37gDhSZ.mjs} +19 -29
package/dist/shared/server.C8NkqxHo.d.ts +17 -0
package/dist/shared/{server.C-CCcROC.d.mts → server.CGCwEAt_.d.mts} +2 -2
package/dist/shared/server.DCQgF_JR.d.mts +17 -0
package/dist/shared/{server.23VRZIfj.d.ts → server.DFFT_EZo.d.ts} +18 -11
package/dist/shared/{server.DnR6v9pj.mjs → server.DFuJLDuo.mjs} +43 -13
package/dist/shared/{server.MZvbGc3n.d.mts → server.DLt5njUb.d.mts} +8 -8
package/dist/shared/{server.MZvbGc3n.d.ts → server.DLt5njUb.d.ts} +8 -8
package/dist/shared/{server.DJqfB27m.d.mts → server.DOYDVeMX.d.mts} +18 -11
package/dist/shared/{server.BG5ftPWa.d.ts → server._2UufoXA.d.ts} +2 -2
package/package.json +7 -7
package/dist/shared/server.CIbpOMZX.d.mts +0 -8
package/dist/shared/server.DCcCuA52.d.ts +0 -8

package/dist/plugins/index.d.mts CHANGED Viewed

@@ -1,9 +1,46 @@
-import { b as StandardHandlerInterceptorOptions, c as StandardHandlerPlugin, a as StandardHandlerOptions } from '../shared/server.DJqfB27m.mjs';
 import { Value } from '@orpc/shared';
-import { C as Context } from '../shared/server.MZvbGc3n.mjs';
-import '@orpc/contract';
-import '@orpc/standard-server';
-import '@orpc/client';
+import { StandardRequest, StandardHeaders } from '@orpc/standard-server';
+import { BatchResponseBodyItem } from '@orpc/standard-server/batch';
+import { h as StandardHandlerInterceptorOptions, i as StandardHandlerPlugin, a as StandardHandlerOptions } from '../shared/server.DOYDVeMX.mjs';
+import { C as Context, P as ProcedureClientInterceptorOptions } from '../shared/server.DLt5njUb.mjs';
+import { Meta, ORPCError as ORPCError$1 } from '@orpc/contract';
+import { ORPCError } from '@orpc/client';
+interface BatchHandlerOptions<T extends Context> {
+    /**
+     * The max size of the batch allowed.
+     *
+     * @default 10
+     */
+    maxSize?: Value<number, [StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * Map the request before processing it.
+     *
+     * @default merged back batch request headers into the request
+     */
+    mapRequestItem?(request: StandardRequest, batchOptions: StandardHandlerInterceptorOptions<T>): StandardRequest;
+    /**
+     * Success batch response status code.
+     *
+     * @default 207
+     */
+    successStatus?: Value<number, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * success batch response headers.
+     *
+     * @default {}
+     */
+    headers?: Value<StandardHeaders, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+}
+declare class BatchHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly maxSize;
+    private readonly mapRequestItem;
+    private readonly successStatus;
+    private readonly headers;
+    order: number;
+    constructor(options?: BatchHandlerOptions<T>);
+    init(options: StandardHandlerOptions<T>): void;
+}
 interface CORSOptions<T extends Context> {
     origin?: Value<string | readonly string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
@@ -16,6 +53,7 @@ interface CORSOptions<T extends Context> {
 }
 declare class CORSPlugin<T extends Context> implements StandardHandlerPlugin<T> {
     private readonly options;
+    order: number;
     constructor(options?: CORSOptions<T>);
     init(options: StandardHandlerOptions<T>): void;
 }
@@ -27,4 +65,60 @@ declare class ResponseHeadersPlugin<T extends ResponseHeadersPluginContext> impl
     init(options: StandardHandlerOptions<T>): void;
 }
-export { type CORSOptions, CORSPlugin, ResponseHeadersPlugin, type ResponseHeadersPluginContext };
+interface SimpleCsrfProtectionHandlerPluginOptions<T extends Context> {
+    /**
+     * The name of the header to check.
+     *
+     * @default 'x-csrf-token'
+     */
+    headerName?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * The value of the header to check.
+     *
+     * @default 'orpc'
+     *
+     */
+    headerValue?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * Exclude a procedure from the plugin.
+     *
+     * @default false
+     *
+     */
+    exclude?: Value<boolean, [options: ProcedureClientInterceptorOptions<T, Record<never, never>, Meta>]>;
+    /**
+     * The error thrown when the CSRF token is invalid.
+     *
+     * @default new ORPCError('CSRF_TOKEN_MISMATCH', {
+     *   status: 403,
+     *   message: 'Invalid CSRF token',
+     * })
+     */
+    error?: InstanceType<typeof ORPCError>;
+}
+declare class SimpleCsrfProtectionHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly headerName;
+    private readonly headerValue;
+    private readonly exclude;
+    private readonly error;
+    constructor(options?: SimpleCsrfProtectionHandlerPluginOptions<T>);
+    order: number;
+    init(options: StandardHandlerOptions<T>): void;
+}
+interface StrictGetMethodPluginOptions {
+    /**
+     * The error thrown when a GET request is made to a procedure that doesn't allow GET.
+     *
+     * @default new ORPCError('METHOD_NOT_SUPPORTED')
+     */
+    error?: InstanceType<typeof ORPCError$1>;
+}
+declare class StrictGetMethodPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly error;
+    order: number;
+    constructor(options?: StrictGetMethodPluginOptions);
+    init(options: StandardHandlerOptions<T>): void;
+}
+export { type BatchHandlerOptions, BatchHandlerPlugin, type CORSOptions, CORSPlugin, ResponseHeadersPlugin, type ResponseHeadersPluginContext, SimpleCsrfProtectionHandlerPlugin, type SimpleCsrfProtectionHandlerPluginOptions, StrictGetMethodPlugin, type StrictGetMethodPluginOptions };

package/dist/plugins/index.d.ts CHANGED Viewed

@@ -1,9 +1,46 @@
-import { b as StandardHandlerInterceptorOptions, c as StandardHandlerPlugin, a as StandardHandlerOptions } from '../shared/server.23VRZIfj.js';
 import { Value } from '@orpc/shared';
-import { C as Context } from '../shared/server.MZvbGc3n.js';
-import '@orpc/contract';
-import '@orpc/standard-server';
-import '@orpc/client';
+import { StandardRequest, StandardHeaders } from '@orpc/standard-server';
+import { BatchResponseBodyItem } from '@orpc/standard-server/batch';
+import { h as StandardHandlerInterceptorOptions, i as StandardHandlerPlugin, a as StandardHandlerOptions } from '../shared/server.DFFT_EZo.js';
+import { C as Context, P as ProcedureClientInterceptorOptions } from '../shared/server.DLt5njUb.js';
+import { Meta, ORPCError as ORPCError$1 } from '@orpc/contract';
+import { ORPCError } from '@orpc/client';
+interface BatchHandlerOptions<T extends Context> {
+    /**
+     * The max size of the batch allowed.
+     *
+     * @default 10
+     */
+    maxSize?: Value<number, [StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * Map the request before processing it.
+     *
+     * @default merged back batch request headers into the request
+     */
+    mapRequestItem?(request: StandardRequest, batchOptions: StandardHandlerInterceptorOptions<T>): StandardRequest;
+    /**
+     * Success batch response status code.
+     *
+     * @default 207
+     */
+    successStatus?: Value<number, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * success batch response headers.
+     *
+     * @default {}
+     */
+    headers?: Value<StandardHeaders, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+}
+declare class BatchHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly maxSize;
+    private readonly mapRequestItem;
+    private readonly successStatus;
+    private readonly headers;
+    order: number;
+    constructor(options?: BatchHandlerOptions<T>);
+    init(options: StandardHandlerOptions<T>): void;
+}
 interface CORSOptions<T extends Context> {
     origin?: Value<string | readonly string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
@@ -16,6 +53,7 @@ interface CORSOptions<T extends Context> {
 }
 declare class CORSPlugin<T extends Context> implements StandardHandlerPlugin<T> {
     private readonly options;
+    order: number;
     constructor(options?: CORSOptions<T>);
     init(options: StandardHandlerOptions<T>): void;
 }
@@ -27,4 +65,60 @@ declare class ResponseHeadersPlugin<T extends ResponseHeadersPluginContext> impl
     init(options: StandardHandlerOptions<T>): void;
 }
-export { type CORSOptions, CORSPlugin, ResponseHeadersPlugin, type ResponseHeadersPluginContext };
+interface SimpleCsrfProtectionHandlerPluginOptions<T extends Context> {
+    /**
+     * The name of the header to check.
+     *
+     * @default 'x-csrf-token'
+     */
+    headerName?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * The value of the header to check.
+     *
+     * @default 'orpc'
+     *
+     */
+    headerValue?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    /**
+     * Exclude a procedure from the plugin.
+     *
+     * @default false
+     *
+     */
+    exclude?: Value<boolean, [options: ProcedureClientInterceptorOptions<T, Record<never, never>, Meta>]>;
+    /**
+     * The error thrown when the CSRF token is invalid.
+     *
+     * @default new ORPCError('CSRF_TOKEN_MISMATCH', {
+     *   status: 403,
+     *   message: 'Invalid CSRF token',
+     * })
+     */
+    error?: InstanceType<typeof ORPCError>;
+}
+declare class SimpleCsrfProtectionHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly headerName;
+    private readonly headerValue;
+    private readonly exclude;
+    private readonly error;
+    constructor(options?: SimpleCsrfProtectionHandlerPluginOptions<T>);
+    order: number;
+    init(options: StandardHandlerOptions<T>): void;
+}
+interface StrictGetMethodPluginOptions {
+    /**
+     * The error thrown when a GET request is made to a procedure that doesn't allow GET.
+     *
+     * @default new ORPCError('METHOD_NOT_SUPPORTED')
+     */
+    error?: InstanceType<typeof ORPCError$1>;
+}
+declare class StrictGetMethodPlugin<T extends Context> implements StandardHandlerPlugin<T> {
+    private readonly error;
+    order: number;
+    constructor(options?: StrictGetMethodPluginOptions);
+    init(options: StandardHandlerOptions<T>): void;
+}
+export { type BatchHandlerOptions, BatchHandlerPlugin, type CORSOptions, CORSPlugin, ResponseHeadersPlugin, type ResponseHeadersPluginContext, SimpleCsrfProtectionHandlerPlugin, type SimpleCsrfProtectionHandlerPluginOptions, StrictGetMethodPlugin, type StrictGetMethodPluginOptions };

package/dist/plugins/index.mjs CHANGED Viewed

@@ -1,7 +1,101 @@
 import { value } from '@orpc/shared';
+import { parseBatchRequest, toBatchResponse } from '@orpc/standard-server/batch';
+import { ORPCError } from '@orpc/client';
+export { S as StrictGetMethodPlugin } from '../shared/server.BW-nUGgA.mjs';
+import '@orpc/contract';
+class BatchHandlerPlugin {
+  maxSize;
+  mapRequestItem;
+  successStatus;
+  headers;
+  order = 5e6;
+  constructor(options = {}) {
+    this.maxSize = options.maxSize ?? 10;
+    this.mapRequestItem = options.mapRequestItem ?? ((request, { request: batchRequest }) => ({
+      ...request,
+      headers: {
+        ...batchRequest.headers,
+        ...request.headers
+      }
+    }));
+    this.successStatus = options.successStatus ?? 207;
+    this.headers = options.headers ?? {};
+  }
+  init(options) {
+    options.rootInterceptors ??= [];
+    options.rootInterceptors.unshift(async (options2) => {
+      if (options2.request.headers["x-orpc-batch"] !== "1") {
+        return options2.next();
+      }
+      let isParsing = false;
+      try {
+        isParsing = true;
+        const parsed = parseBatchRequest({ ...options2.request, body: await options2.request.body() });
+        isParsing = false;
+        const maxSize = await value(this.maxSize, options2);
+        if (parsed.length > maxSize) {
+          return {
+            matched: true,
+            response: {
+              status: 413,
+              headers: {},
+              body: "Batch request size exceeds the maximum allowed size"
+            }
+          };
+        }
+        const responses = parsed.map(
+          (request, index) => {
+            const mapped = this.mapRequestItem(request, options2);
+            return options2.next({ ...options2, request: { ...mapped, body: () => Promise.resolve(mapped.body) } }).then(({ response: response2, matched }) => {
+              if (matched) {
+                return { ...response2, index };
+              }
+              return { index, status: 404, headers: {}, body: "No procedure matched" };
+            }).catch(() => {
+              return { index, status: 500, headers: {}, body: "Internal server error" };
+            });
+          }
+        );
+        await Promise.race(responses);
+        const status = await value(this.successStatus, responses, options2);
+        const headers = await value(this.headers, responses, options2);
+        const response = toBatchResponse({
+          status,
+          headers,
+          body: async function* () {
+            const promises = [...responses];
+            while (true) {
+              const handling = promises.filter((p) => p !== void 0);
+              if (handling.length === 0) {
+                return;
+              }
+              const result = await Promise.race(handling);
+              promises[result.index] = void 0;
+              yield result;
+            }
+          }()
+        });
+        return {
+          matched: true,
+          response
+        };
+      } catch (cause) {
+        if (isParsing) {
+          return {
+            matched: true,
+            response: { status: 400, headers: {}, body: "Invalid batch request, this could be caused by a malformed request body or a missing header" }
+          };
+        }
+        throw cause;
+      }
+    });
+  }
+}
 class CORSPlugin {
   options;
+  order = 9e6;
   constructor(options = {}) {
     const defaults = {
       origin: (origin) => origin,
@@ -104,4 +198,47 @@ class ResponseHeadersPlugin {
   }
 }
-export { CORSPlugin, ResponseHeadersPlugin };
+const SIMPLE_CSRF_PROTECTION_CONTEXT_SYMBOL = Symbol("SIMPLE_CSRF_PROTECTION_CONTEXT");
+class SimpleCsrfProtectionHandlerPlugin {
+  headerName;
+  headerValue;
+  exclude;
+  error;
+  constructor(options = {}) {
+    this.headerName = options.headerName ?? "x-csrf-token";
+    this.headerValue = options.headerValue ?? "orpc";
+    this.exclude = options.exclude ?? false;
+    this.error = options.error ?? new ORPCError("CSRF_TOKEN_MISMATCH", {
+      status: 403,
+      message: "Invalid CSRF token"
+    });
+  }
+  order = 8e6;
+  init(options) {
+    options.rootInterceptors ??= [];
+    options.clientInterceptors ??= [];
+    options.rootInterceptors.unshift(async (options2) => {
+      const headerName = await value(this.headerName, options2);
+      const headerValue = await value(this.headerValue, options2);
+      return options2.next({
+        ...options2,
+        context: {
+          ...options2.context,
+          [SIMPLE_CSRF_PROTECTION_CONTEXT_SYMBOL]: options2.request.headers[headerName] === headerValue
+        }
+      });
+    });
+    options.clientInterceptors.unshift(async (options2) => {
+      if (typeof options2.context[SIMPLE_CSRF_PROTECTION_CONTEXT_SYMBOL] !== "boolean") {
+        throw new TypeError("[SimpleCsrfProtectionHandlerPlugin] CSRF protection context has been corrupted or modified by another plugin or interceptor");
+      }
+      const excluded = await value(this.exclude, options2);
+      if (!excluded && !options2.context[SIMPLE_CSRF_PROTECTION_CONTEXT_SYMBOL]) {
+        throw this.error;
+      }
+      return options2.next();
+    });
+  }
+}
+export { BatchHandlerPlugin, CORSPlugin, ResponseHeadersPlugin, SimpleCsrfProtectionHandlerPlugin };

package/dist/shared/server.BW-nUGgA.mjs ADDED Viewed

@@ -0,0 +1,36 @@
+import { ORPCError, fallbackContractConfig } from '@orpc/contract';
+const STRICT_GET_METHOD_PLUGIN_IS_GET_METHOD_CONTEXT_SYMBOL = Symbol("STRICT_GET_METHOD_PLUGIN_IS_GET_METHOD_CONTEXT");
+class StrictGetMethodPlugin {
+  error;
+  order = 7e6;
+  constructor(options = {}) {
+    this.error = options.error ?? new ORPCError("METHOD_NOT_SUPPORTED");
+  }
+  init(options) {
+    options.rootInterceptors ??= [];
+    options.clientInterceptors ??= [];
+    options.rootInterceptors.unshift((options2) => {
+      const isGetMethod = options2.request.method === "GET";
+      return options2.next({
+        ...options2,
+        context: {
+          ...options2.context,
+          [STRICT_GET_METHOD_PLUGIN_IS_GET_METHOD_CONTEXT_SYMBOL]: isGetMethod
+        }
+      });
+    });
+    options.clientInterceptors.unshift((options2) => {
+      if (typeof options2.context[STRICT_GET_METHOD_PLUGIN_IS_GET_METHOD_CONTEXT_SYMBOL] !== "boolean") {
+        throw new TypeError("[StrictGetMethodPlugin] strict GET method context has been corrupted or modified by another plugin or interceptor");
+      }
+      const procedureMethod = fallbackContractConfig("defaultMethod", options2.procedure["~orpc"].route.method);
+      if (options2.context[STRICT_GET_METHOD_PLUGIN_IS_GET_METHOD_CONTEXT_SYMBOL] && procedureMethod !== "GET") {
+        throw this.error;
+      }
+      return options2.next();
+    });
+  }
+}
+export { StrictGetMethodPlugin as S };

package/dist/shared/{server.B4eSvRkD.mjs → server.Bm0UqHzd.mjs} RENAMED Viewed

@@ -1,9 +1,11 @@
 import { ORPCError } from '@orpc/client';
-import { StandardRPCJsonSerializer, StandardRPCSerializer } from '@orpc/client/standard';
-import { S as StandardHandler, b as StandardRPCMatcher, a as StandardRPCCodec } from './server.DnR6v9pj.mjs';
 import { toArray, intercept, resolveMaybeOptionalOptions } from '@orpc/shared';
+import '@orpc/contract';
+import { C as CompositeStandardHandlerPlugin, b as StandardRPCHandler } from './server.DFuJLDuo.mjs';
+import '@orpc/client/standard';
 import { toStandardLazyRequest, toFetchResponse } from '@orpc/standard-server-fetch';
 import { r as resolveFriendlyStandardHandleOptions } from './server.BVwwTHyO.mjs';
+import '@orpc/standard-server/batch';
 class BodyLimitPlugin {
   maxBodySize;
@@ -51,12 +53,19 @@ class BodyLimitPlugin {
   }
 }
+class CompositeFetchHandlerPlugin extends CompositeStandardHandlerPlugin {
+  initRuntimeAdapter(options) {
+    for (const plugin of this.plugins) {
+      plugin.initRuntimeAdapter?.(options);
+    }
+  }
+}
 class FetchHandler {
   constructor(standardHandler, options = {}) {
     this.standardHandler = standardHandler;
-    for (const plugin of toArray(options.plugins)) {
-      plugin.initRuntimeAdapter?.(options);
-    }
+    const plugin = new CompositeFetchHandlerPlugin(options.plugins);
+    plugin.initRuntimeAdapter(options);
     this.adapterInterceptors = toArray(options.adapterInterceptors);
     this.toFetchResponseOptions = options;
   }
@@ -87,12 +96,8 @@ class FetchHandler {
 class RPCHandler extends FetchHandler {
   constructor(router, options = {}) {
-    const jsonSerializer = new StandardRPCJsonSerializer(options);
-    const serializer = new StandardRPCSerializer(jsonSerializer);
-    const matcher = new StandardRPCMatcher();
-    const codec = new StandardRPCCodec(serializer);
-    super(new StandardHandler(router, matcher, codec, options), options);
+    super(new StandardRPCHandler(router, options), options);
   }
 }
-export { BodyLimitPlugin as B, FetchHandler as F, RPCHandler as R };
+export { BodyLimitPlugin as B, CompositeFetchHandlerPlugin as C, FetchHandler as F, RPCHandler as R };

package/dist/shared/{server.BtxZnWJ9.mjs → server.C37gDhSZ.mjs} RENAMED Viewed

@@ -1,6 +1,6 @@
 import { isContractProcedure, ValidationError, mergePrefix, mergeErrorMap, enhanceRoute } from '@orpc/contract';
 import { fallbackORPCErrorStatus, ORPCError } from '@orpc/client';
-import { value, intercept, toError } from '@orpc/shared';
+import { value, intercept } from '@orpc/shared';
 const LAZY_SYMBOL = Symbol("ORPC_LAZY_SYMBOL");
 function lazy(loader, meta = {}) {
@@ -127,7 +127,7 @@ function createProcedureClient(lazyableProcedure, ...[options]) {
       );
     } catch (e) {
       if (!(e instanceof ORPCError)) {
-        throw toError(e);
+        throw e;
       }
       const validated = await validateORPCError(procedure["~orpc"].errorMap, e);
       throw validated;
@@ -169,35 +169,29 @@ async function executeProcedureInternal(procedure, options) {
   const middlewares = procedure["~orpc"].middlewares;
   const inputValidationIndex = Math.min(Math.max(0, procedure["~orpc"].inputValidationIndex), middlewares.length);
   const outputValidationIndex = Math.min(Math.max(0, procedure["~orpc"].outputValidationIndex), middlewares.length);
-  let currentIndex = 0;
-  let currentContext = options.context;
-  let currentInput = options.input;
-  const next = async (...[nextOptions]) => {
-    const index = currentIndex;
-    const midContext = nextOptions?.context ?? {};
-    currentIndex += 1;
-    currentContext = mergeCurrentContext(currentContext, midContext);
+  const next = async (index, context, input) => {
+    let currentInput = input;
     if (index === inputValidationIndex) {
       currentInput = await validateInput(procedure, currentInput);
     }
     const mid = middlewares[index];
-    const result = mid ? {
-      context: midContext,
-      output: (await mid({ ...options, context: currentContext, next }, currentInput, middlewareOutputFn)).output
-    } : {
-      context: midContext,
-      output: await procedure["~orpc"].handler({ ...options, context: currentContext, input: currentInput })
-    };
+    const output = mid ? (await mid({
+      ...options,
+      context,
+      next: async (...[nextOptions]) => {
+        const nextContext = nextOptions?.context ?? {};
+        return {
+          output: await next(index + 1, mergeCurrentContext(context, nextContext), currentInput),
+          context: nextContext
+        };
+      }
+    }, currentInput, middlewareOutputFn)).output : await procedure["~orpc"].handler({ ...options, context, input: currentInput });
     if (index === outputValidationIndex) {
-      const validatedOutput = await validateOutput(procedure, result.output);
-      return {
-        context: result.context,
-        output: validatedOutput
-      };
+      return await validateOutput(procedure, output);
     }
-    return result;
+    return output;
   };
-  return (await next()).output;
+  return next(0, options.context, options.input);
 }
 const HIDDEN_ROUTER_CONTRACT_SYMBOL = Symbol("ORPC_HIDDEN_ROUTER_CONTRACT");
@@ -367,8 +361,4 @@ function call(procedure, input, ...rest) {
   return createProcedureClient(procedure, ...rest)(input);
 }
-function toHttpPath(path) {
-  return `/${path.map(encodeURIComponent).join("/")}`;
-}
-export { LAZY_SYMBOL as L, Procedure as P, toHttpPath as a, createContractedProcedure as b, createProcedureClient as c, addMiddleware as d, enhanceRouter as e, isLazy as f, getRouter as g, createAssertedLazyProcedure as h, isProcedure as i, createORPCErrorConstructorMap as j, getLazyMeta as k, lazy as l, mergeCurrentContext as m, middlewareOutputFn as n, isStartWithMiddlewares as o, mergeMiddlewares as p, call as q, getHiddenRouterContract as r, setHiddenRouterContract as s, traverseContractProcedures as t, unlazy as u, validateORPCError as v, createAccessibleLazyRouter as w, resolveContractProcedures as x, unlazyRouter as y };
+export { LAZY_SYMBOL as L, Procedure as P, createContractedProcedure as a, addMiddleware as b, createProcedureClient as c, isLazy as d, enhanceRouter as e, createAssertedLazyProcedure as f, getRouter as g, createORPCErrorConstructorMap as h, isProcedure as i, getLazyMeta as j, middlewareOutputFn as k, lazy as l, mergeCurrentContext as m, isStartWithMiddlewares as n, mergeMiddlewares as o, call as p, getHiddenRouterContract as q, createAccessibleLazyRouter as r, setHiddenRouterContract as s, traverseContractProcedures as t, unlazy as u, validateORPCError as v, resolveContractProcedures as w, unlazyRouter as x };

package/dist/shared/server.C8NkqxHo.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import { C as Context, R as Router } from './server.DLt5njUb.js';
+import { StandardRPCJsonSerializerOptions } from '@orpc/client/standard';
+import { a as StandardHandlerOptions, b as StandardHandler } from './server.DFFT_EZo.js';
+interface StandardRPCHandlerOptions<T extends Context> extends StandardHandlerOptions<T>, StandardRPCJsonSerializerOptions {
+    /**
+     * Enables or disables the StrictGetMethodPlugin.
+     *
+     * @default true
+     */
+    strictGetMethodPluginEnabled?: boolean;
+}
+declare class StandardRPCHandler<T extends Context> extends StandardHandler<T> {
+    constructor(router: Router<any, T>, options: StandardRPCHandlerOptions<T>);
+}
+export { type StandardRPCHandlerOptions as S, StandardRPCHandler as a };

package/dist/shared/{server.C-CCcROC.d.mts → server.CGCwEAt_.d.mts} RENAMED Viewed

@@ -1,5 +1,5 @@
-import { C as Context } from './server.MZvbGc3n.mjs';
-import { S as StandardHandleOptions } from './server.DJqfB27m.mjs';
+import { C as Context } from './server.DLt5njUb.mjs';
+import { S as StandardHandleOptions } from './server.DOYDVeMX.mjs';
 type FriendlyStandardHandleOptions<T extends Context> = Omit<StandardHandleOptions<T>, 'context'> & (Record<never, never> extends T ? {
     context?: T;

package/dist/shared/server.DCQgF_JR.d.mts ADDED Viewed

@@ -0,0 +1,17 @@
+import { C as Context, R as Router } from './server.DLt5njUb.mjs';
+import { StandardRPCJsonSerializerOptions } from '@orpc/client/standard';
+import { a as StandardHandlerOptions, b as StandardHandler } from './server.DOYDVeMX.mjs';
+interface StandardRPCHandlerOptions<T extends Context> extends StandardHandlerOptions<T>, StandardRPCJsonSerializerOptions {
+    /**
+     * Enables or disables the StrictGetMethodPlugin.
+     *
+     * @default true
+     */
+    strictGetMethodPluginEnabled?: boolean;
+}
+declare class StandardRPCHandler<T extends Context> extends StandardHandler<T> {
+    constructor(router: Router<any, T>, options: StandardRPCHandlerOptions<T>);
+}
+export { type StandardRPCHandlerOptions as S, StandardRPCHandler as a };

package/dist/shared/{server.23VRZIfj.d.ts → server.DFFT_EZo.d.ts} RENAMED Viewed

@@ -1,8 +1,8 @@
-import { HTTPPath, AnySchema, Meta, InferSchemaOutput, ErrorFromErrorMap } from '@orpc/contract';
-import { Interceptor } from '@orpc/shared';
+import { HTTPPath, ORPCError } from '@orpc/client';
+import { Meta, InferSchemaOutput, AnySchema, ErrorFromErrorMap } from '@orpc/contract';
+import { Interceptor, ThrowableError } from '@orpc/shared';
 import { StandardResponse, StandardLazyRequest } from '@orpc/standard-server';
-import { a as AnyRouter, A as AnyProcedure, C as Context, P as ProcedureClientInterceptorOptions, R as Router } from './server.MZvbGc3n.js';
-import { ORPCError } from '@orpc/client';
+import { a as AnyRouter, A as AnyProcedure, C as Context, P as ProcedureClientInterceptorOptions, R as Router } from './server.DLt5njUb.js';
 type StandardParams = Record<string, string>;
 type StandardMatchResult = {
@@ -20,6 +20,16 @@ interface StandardCodec {
     decode(request: StandardLazyRequest, params: StandardParams | undefined, procedure: AnyProcedure): Promise<unknown>;
 }
+interface StandardHandlerPlugin<TContext extends Context> {
+    order?: number;
+    init?(options: StandardHandlerOptions<TContext>): void;
+}
+declare class CompositeStandardHandlerPlugin<T extends Context, TPlugin extends StandardHandlerPlugin<T>> implements StandardHandlerPlugin<T> {
+    protected readonly plugins: TPlugin[];
+    constructor(plugins?: readonly TPlugin[]);
+    init(options: StandardHandlerOptions<T>): void;
+}
 interface StandardHandleOptions<T extends Context> {
     prefix?: HTTPPath;
     context: T;
@@ -31,9 +41,6 @@ type StandardHandleResult = {
     matched: false;
     response: undefined;
 };
-interface StandardHandlerPlugin<TContext extends Context> {
-    init?(options: StandardHandlerOptions<TContext>): void;
-}
 interface StandardHandlerInterceptorOptions<T extends Context> extends StandardHandleOptions<T> {
     request: StandardLazyRequest;
 }
@@ -42,16 +49,16 @@ interface StandardHandlerOptions<TContext extends Context> {
     /**
      * Interceptors at the request level, helpful when you want catch errors
      */
-    interceptors?: Interceptor<StandardHandlerInterceptorOptions<TContext>, StandardHandleResult, unknown>[];
+    interceptors?: Interceptor<StandardHandlerInterceptorOptions<TContext>, StandardHandleResult, ThrowableError>[];
     /**
      * Interceptors at the root level, helpful when you want override the request/response
      */
-    rootInterceptors?: Interceptor<StandardHandlerInterceptorOptions<TContext>, StandardHandleResult, unknown>[];
+    rootInterceptors?: Interceptor<StandardHandlerInterceptorOptions<TContext>, StandardHandleResult, ThrowableError>[];
     /**
      *
      * Interceptors for procedure client.
      */
-    clientInterceptors?: Interceptor<ProcedureClientInterceptorOptions<TContext, AnySchema, Record<never, never>, Meta>, InferSchemaOutput<AnySchema>, ErrorFromErrorMap<Record<never, never>>>[];
+    clientInterceptors?: Interceptor<ProcedureClientInterceptorOptions<TContext, Record<never, never>, Meta>, InferSchemaOutput<AnySchema>, ErrorFromErrorMap<Record<never, never>>>[];
 }
 declare class StandardHandler<T extends Context> {
     private readonly matcher;
@@ -63,4 +70,4 @@ declare class StandardHandler<T extends Context> {
     handle(request: StandardLazyRequest, options: StandardHandleOptions<T>): Promise<StandardHandleResult>;
 }
-export { type StandardHandleOptions as S, type StandardHandlerOptions as a, type StandardHandlerInterceptorOptions as b, type StandardHandlerPlugin as c, type StandardCodec as d, type StandardParams as e, type StandardMatcher as f, type StandardMatchResult as g, type StandardHandleResult as h, StandardHandler as i };
+export { CompositeStandardHandlerPlugin as C, type StandardHandleOptions as S, type StandardHandlerOptions as a, StandardHandler as b, type StandardCodec as c, type StandardParams as d, type StandardMatcher as e, type StandardMatchResult as f, type StandardHandleResult as g, type StandardHandlerInterceptorOptions as h, type StandardHandlerPlugin as i };