npm - @pureq/pureq - Versions diffs - 1.1.1 → 1.1.4 - Mend

@pureq/pureq 1.1.1 → 1.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (40) hide show

package/README.md +135 -30
package/dist/src/middleware/dedupe.d.ts.map +1 -1
package/dist/src/middleware/dedupe.js +11 -2
package/dist/src/middleware/dedupe.js.map +1 -1
package/dist/src/utils/crypto.d.ts.map +1 -1
package/dist/src/utils/crypto.js +2 -1
package/dist/src/utils/crypto.js.map +1 -1
package/dist/tests/auth-refresh.test.d.ts +2 -0
package/dist/tests/auth-refresh.test.d.ts.map +1 -0
package/dist/tests/auth-refresh.test.js +75 -0
package/dist/tests/auth-refresh.test.js.map +1 -0
package/dist/tests/chaos-heavy.test.d.ts +2 -0
package/dist/tests/chaos-heavy.test.d.ts.map +1 -0
package/dist/tests/chaos-heavy.test.js +164 -0
package/dist/tests/chaos-heavy.test.js.map +1 -0
package/dist/tests/crypto-utils.test.d.ts +2 -0
package/dist/tests/crypto-utils.test.d.ts.map +1 -0
package/dist/tests/crypto-utils.test.js +34 -0
package/dist/tests/crypto-utils.test.js.map +1 -0
package/dist/tests/fallback-validation-stale-policy.test.d.ts +2 -0
package/dist/tests/fallback-validation-stale-policy.test.d.ts.map +1 -0
package/dist/tests/fallback-validation-stale-policy.test.js +138 -0
package/dist/tests/fallback-validation-stale-policy.test.js.map +1 -0
package/dist/tests/invariant-fuzz.test.d.ts +2 -0
package/dist/tests/invariant-fuzz.test.d.ts.map +1 -0
package/dist/tests/invariant-fuzz.test.js +149 -0
package/dist/tests/invariant-fuzz.test.js.map +1 -0
package/dist/tests/resilience-shock.test.d.ts +2 -0
package/dist/tests/resilience-shock.test.d.ts.map +1 -0
package/dist/tests/resilience-shock.test.js +114 -0
package/dist/tests/resilience-shock.test.js.map +1 -0
package/dist/tests/storage-adapters.test.d.ts +2 -0
package/dist/tests/storage-adapters.test.d.ts.map +1 -0
package/dist/tests/storage-adapters.test.js +101 -0
package/dist/tests/storage-adapters.test.js.map +1 -0
package/dist/tests/traffic-load.test.d.ts +2 -0
package/dist/tests/traffic-load.test.d.ts.map +1 -0
package/dist/tests/traffic-load.test.js +91 -0
package/dist/tests/traffic-load.test.js.map +1 -0
package/package.json +6 -3

package/README.md CHANGED Viewed

@@ -6,7 +6,7 @@ Functional, immutable, type-safe HTTP transport layer for TypeScript.
 ---
-**pureq** is not another fetch wrapper. It's a **policy-first transport layer** that makes HTTP behavior explicit, composable, and observable — across frontend, BFF, backend, and edge runtimes.
+**pureq** is not another fetch wrapper. It's a **policy-first transport layer** that makes HTTP behavior explicit, composable, and observable across frontend, BFF, backend, and edge runtimes.
 ```ts
 import { createClient, retry, circuitBreaker, dedupe } from "pureq";
@@ -19,7 +19,7 @@ const api = createClient({ baseURL: "https://api.example.com" })
 const user = await api.getJson<User>("/users/:id", { params: { id: "42" } });
 ```
-Zero runtime dependencies. Works everywhere `fetch` works.
+Zero runtime dependencies in the core package. Works everywhere `fetch` works.
 ## Install
@@ -36,55 +36,83 @@ import { FileSystemQueueStorageAdapter } from "pureq/node";
 ```
 > [!NOTE]
-> Using this subpath ensures that Node.js native modules (like `fs` or `path`) are not accidentally bundled into your frontend builds (Webpack/Vite/Esbuild), preventing build-time errors and keeping bundle sizes small.
+> Core package (`pureq`) is zero-dependency and runtime-agnostic.
+> Node-only adapters (for example `FileSystemQueueStorageAdapter`) live behind `pureq/node` so browser bundles stay clean and small.
 ## Quick Start
-### The simplest case
+### A quicker start than raw fetch
 ```ts
 import { createClient } from "pureq";
-const client = createClient();
+type User = { id: string; name: string };
-const response = await client.get("https://api.example.com/health");
-console.log(response.status); // 200
-```
-### Typed path parameters
+const client = createClient({ baseURL: "https://api.example.com" });
-```ts
-// TypeScript ensures you provide { id: string } for :id
-const response = await client.get("/users/:id", {
-  params: { id: "42" },
+// GET + status check + JSON parse + typed path params
+const user = await client.getJson<User>("/users/:userId", {
+  params: { userId: "42" },
 });
-const user = await response.json<{ id: string; name: string }>();
+console.log(user.name);
 ```
-### JSON helpers (one-liner)
+### Type-safe path parameters (Template Literal Types)
 ```ts
-// GET + status check + JSON parse in one step
-const user = await client.getJson<User>("/users/:id", {
-  params: { id: "42" },
+// Param keys are derived from the URL template at compile time.
+// ✅ Compiles
+await client.get("/users/:userId/posts/:postId", {
+  params: { userId: "1", postId: "42" },
+});
+// ❌ TypeScript error: missing postId
+await client.get("/users/:userId/posts/:postId", {
+  params: { userId: "1" },
 });
 ```
-### Non-throwing Result API
+### Result API to prevent missed error handling
 ```ts
-const result = await client.getResult("/users/:id", {
-  params: { id: "42" },
+const result = await client.getJsonResult<User>("/users/:userId", {
+  params: { userId: "42" },
 });
 if (!result.ok) {
-  // kind: human-friendly, code: machine-friendly (same error concept in two formats)
-  console.error(result.error.kind, result.error.code, result.error.message);
+  // Switching on kind gives explicit, exhaustive transport handling.
+  switch (result.error.kind) {
+    case "network":
+      showOfflineBanner();
+      break;
+    case "timeout":
+      showRetryToast();
+      break;
+    case "http":
+      if (result.error.status === 401) redirectToLogin();
+      break;
+    case "circuit-open":
+      switchToFallbackMode();
+      break;
+    case "aborted":
+    case "storage-error":
+    case "auth-error":
+    case "validation-error":
+    case "unknown":
+      reportTransportError(result.error);
+      break;
+    default: {
+      const exhaustive: never = result.error.kind;
+      throw new Error(`Unhandled error kind: ${exhaustive}`);
+    }
+  }
   return;
 }
-const response = result.data; // HttpResponse
+// result.data is strongly typed JSON
+renderUser(result.data);
 ```
 Every request method has a `*Result` variant that never throws — transport failures become values you can pattern-match on.
@@ -243,16 +271,56 @@ const withAuth = withRetry.useRequestInterceptor((req) => ({
 This makes it trivial to share a base client while customizing per-dependency behavior.
+### The "Why" of Immutability
+Unlike mutable interceptor stacks, pureq clients are branchable snapshots.
+```ts
+import { authRefresh, createClient, dedupe, retry } from "pureq";
+const base = createClient({ baseURL: "https://api.example.com" })
+  .use(retry({ maxRetries: 2, delay: 200 }));
+// Public API: cache-friendly and lightweight
+const publicApi = base.use(dedupe({ methods: ["GET", "HEAD"] }));
+// Auth API: isolated auth policy without mutating publicApi
+const authedApi = base
+  .use(authRefresh({ refresh: refreshToken }))
+  .useRequestInterceptor((req) => ({
+    ...req,
+    headers: { ...req.headers, Authorization: `Bearer ${getToken()}` },
+  }));
+```
+This pattern is especially useful in BFFs: you keep shared defaults, then safely branch per upstream or trust boundary.
 ### Middleware: the Onion Model
 Middleware wraps the entire request lifecycle. Each middleware can intercept the request before it happens, await the result, and post-process the response:
 ```text
-Request → [dedupe] → [retry] → [circuitBreaker] → fetch() → Response
-                                                       ↑
-                                              the "onion" unwinds
+Request
+  -> [dedupe]
+  -> [retry]
+  -> [circuitBreaker]
+  -> [adapter/fetch]
+  <- [circuitBreaker]
+  <- [retry]
+  <- [dedupe]
+Response
 ```
+Think of `retry` and `circuitBreaker` as wrappers around `next()`.
+- Outer wrappers see the whole execution envelope.
+- Inner wrappers only see what reaches them.
+That is why order changes behavior. Example:
+- `retry` outside `circuitBreaker`: each retry attempt passes through breaker logic.
+- `circuitBreaker` outside `retry`: breaker sees one wrapped operation that may include internal retries.
 Middleware can:
 - Transform the request before `next()`
@@ -333,6 +401,23 @@ const client = createClient({ baseURL: "https://api.example.com" })
   .use(fallback({ value: { body: "default", status: 200 } as any })); // graceful degradation
 ```
+### Standard Order (recommended)
+For most production stacks, this order is a safe default:
+```text
+[dedupe] -> [httpCache] -> [retry] -> [circuitBreaker] -> [validation] -> [adapter]
+```
+Why this order:
+- `dedupe` outermost to collapse duplicate in-flight work early.
+- `httpCache` before retry to short-circuit cache hits.
+- `retry` before `circuitBreaker` so each attempt is still guarded by breaker state.
+- `validation` near the inner edge to validate final payloads before returning to callers.
+If order is reversed accidentally, behavior can drift (for example, retrying inside a layer you expected to run once).
 ### Retry
 Full-featured retry with exponential backoff, Retry-After header respect, and retry budget.
@@ -496,6 +581,7 @@ import { authRefresh } from "pureq";
 client.use(authRefresh({
   refresh: async () => {
+    // Multiple 401s will only trigger ONE refresh call.
     const res = await fetch("/api/refresh", { method: "POST" });
     return (await res.json()).token;
   },
@@ -587,7 +673,7 @@ for (const mw of backendPreset()) backend = backend.use(mw);
 | `frontendPreset()` | 5s | 1 | GET/HEAD | 4 failures / 10s cooldown | ✅ |
 | `bffPreset()` | 3s | 2 | GET/HEAD | 5 failures / 20s cooldown | ✅ body-only |
 | `backendPreset()` | 2.5s | 3 | off | 6 failures / 30s cooldown | ✅ body-only |
-| `resilientPreset()` | — | 2 | All | 5 failures / 30s cooldown | ✅ |
+| `resilientPreset()` | none (pair with `defaultTimeout()` if needed) | 2 | GET/HEAD | 5 failures / 30s cooldown | ✅ |
 All presets are built from the same public middleware. You can inspect and override any parameter.
@@ -915,6 +1001,20 @@ More details: [Runtime compatibility matrix](./docs/runtime_compatibility_matrix
 ---
+## Production Readiness Checklist
+If you are adopting pureq in a production service, start with these defaults:
+- Set a request time budget (`defaultTimeout()` or `deadline()`) first.
+- Add `retry()` with explicit status/method policy.
+- Add `validation()` for critical response payloads.
+- Add `circuitBreaker()` for unstable upstreams.
+- Enable diagnostics hooks (`onRequestStart/onRequestSuccess/onRequestError`).
+- Prefer `*Result` APIs on boundary layers to avoid unhandled transport errors.
+- Use `idempotencyKey()` before retrying write operations.
+---
 ## API Reference
 ### Client
@@ -1021,7 +1121,12 @@ pureq takes a defense-in-depth approach to transport layer security:
 ```bash
 npm run typecheck      # type checking
 npm test               # all tests
-npm run test:ci        # unit + integration + contract + stress + typecheck
+npm run test:unit      # lightweight unit tests (heavy load tests excluded)
+npm run test:stress    # baseline stress test
+npm run test:heavy     # heavy load + shock + chaos + invariant-fuzz tests (nightly-recommended)
+npm run test:nightly   # alias of test:heavy
+npm run test:ci        # lightweight CI: unit + integration + contract + stress + typecheck
+npm run test:ci:full   # CI + heavy tests
 npm run test:browser   # browser runtime smoke test
 npm run test:edge      # edge runtime smoke test
 npm run build          # production build

package/dist/src/middleware/dedupe.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"dedupe.d.ts","sourceRoot":"","sources":["../../../src/middleware/dedupe.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAe,aAAa,EAAE,MAAM,eAAe,CAAC;AAI5E,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,OAAO,CAAC,EAAE,SAAS,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC;IACtD,QAAQ,CAAC,cAAc,CAAC,EAAE,OAAO,CAAC;IAClC,QAAQ,CAAC,WAAW,CAAC,EAAE,OAAO,CAAC;IAC/B,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,GAAG,EAAE,QAAQ,CAAC,aAAa,CAAC,KAAK,MAAM,CAAC;CAChE;AAkBD;;;GAGG;AACH,wBAAgB,MAAM,CAAC,OAAO,GAAE,aAAkB,GAAG,UAAU,~~CAgC9D~~"}
1	+ {"version":3,"file":"dedupe.d.ts","sourceRoot":"","sources":["../../../src/middleware/dedupe.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAe,aAAa,EAAE,MAAM,eAAe,CAAC;AAI5E,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,OAAO,CAAC,EAAE,SAAS,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC;IACtD,QAAQ,CAAC,cAAc,CAAC,EAAE,OAAO,CAAC;IAClC,QAAQ,CAAC,WAAW,CAAC,EAAE,OAAO,CAAC;IAC/B,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,GAAG,EAAE,QAAQ,CAAC,aAAa,CAAC,KAAK,MAAM,CAAC;CAChE;AAkBD;;;GAGG;AACH,wBAAgB,MAAM,CAAC,OAAO,GAAE,aAAkB,GAAG,UAAU,CAuC9D"}

package/dist/src/middleware/dedupe.js CHANGED Viewed

@@ -23,8 +23,17 @@ export function dedupe(options = {}) {
         if (!methods.has(req.method)) {
             return next(req);
         }
-        const key = options.keyBuilder?.(req) ??
-            defaultKeyBuilder(req, options.includeHeaders ?? false, options.includeBody ?? false);
+        let key;
+        try {
+            key =
+                options.keyBuilder?.(req) ??
+                    defaultKeyBuilder(req, options.includeHeaders ?? false, options.includeBody ?? false);
+        }
+        catch {
+            // If signature generation fails (e.g., circular body),
+            // safely bypass dedupe and execute request normally.
+            return next(req);
+        }
         const existing = inflight.get(key);
         if (existing) {
             const sharedResponse = await existing;

package/dist/src/middleware/dedupe.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"dedupe.js","sourceRoot":"","sources":["../../../src/middleware/dedupe.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AASlE,uEAAuE;AAEvE,SAAS,iBAAiB,CAAC,GAA4B,EAAE,cAAuB,EAAE,WAAoB;IACpG,MAAM,WAAW,GAAG,cAAc,CAAC,CAAC,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACvE,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAErE,OAAO;QACL,GAAG,CAAC,MAAM;QACV,GAAG,CAAC,GAAG;QACP,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC;QAC3B,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC;QACtB,WAAW;QACX,QAAQ;KACT,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,MAAM,CAAC,UAAyB,EAAE;IAChD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5D,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAiC,CAAC;IAE1D,OAAO,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACzB,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC;QACnB,CAAC;QAED,~~MAAM~~,GAAG,~~GACP,~~OAAO,CAAC,UAAU,EAAE,CAAC,GAAG,CAAC;~~YACzB~~,iBAAiB,CAAC,GAAG,EAAE,OAAO,CAAC,cAAc,IAAI,KAAK,EAAE,OAAO,CAAC,WAAW,IAAI,KAAK,CAAC,CAAC;~~QAExF~~,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACnC,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,cAAc,GAAG,MAAM,QAAQ,CAAC;YACtC,OAAO,cAAc,CAAC,KAAK,EAAE,CAAC;QAChC,CAAC;QAED,MAAM,OAAO,GAAG,CAAC,KAAK,IAAI,EAAE;YAC1B,IAAI,CAAC;gBACH,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,CAAC;YACzB,CAAC;oBAAS,CAAC;gBACT,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACvB,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE3B,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC;QAC/B,OAAO,QAAQ,CAAC,KAAK,EAAE,CAAC;IAC1B,CAAC,CAAC;AACJ,CAAC"}
1	+ {"version":3,"file":"dedupe.js","sourceRoot":"","sources":["../../../src/middleware/dedupe.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AASlE,uEAAuE;AAEvE,SAAS,iBAAiB,CAAC,GAA4B,EAAE,cAAuB,EAAE,WAAoB;IACpG,MAAM,WAAW,GAAG,cAAc,CAAC,CAAC,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACvE,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAErE,OAAO;QACL,GAAG,CAAC,MAAM;QACV,GAAG,CAAC,GAAG;QACP,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC;QAC3B,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC;QACtB,WAAW;QACX,QAAQ;KACT,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,MAAM,CAAC,UAAyB,EAAE;IAChD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5D,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAiC,CAAC;IAE1D,OAAO,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACzB,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC;QACnB,CAAC;QAED,IAAI,GAAW,CAAC;QAChB,IAAI,CAAC;YACH,GAAG;gBACD,OAAO,CAAC,UAAU,EAAE,CAAC,GAAG,CAAC;oBACzB,iBAAiB,CAAC,GAAG,EAAE,OAAO,CAAC,cAAc,IAAI,KAAK,EAAE,OAAO,CAAC,WAAW,IAAI,KAAK,CAAC,CAAC;QAC1F,CAAC;QAAC,MAAM,CAAC;YACP,uDAAuD;YACvD,qDAAqD;YACrD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC;QACnB,CAAC;QAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACnC,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,cAAc,GAAG,MAAM,QAAQ,CAAC;YACtC,OAAO,cAAc,CAAC,KAAK,EAAE,CAAC;QAChC,CAAC;QAED,MAAM,OAAO,GAAG,CAAC,KAAK,IAAI,EAAE;YAC1B,IAAI,CAAC;gBACH,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,CAAC;YACzB,CAAC;oBAAS,CAAC;gBACT,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACvB,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE3B,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC;QAC/B,OAAO,QAAQ,CAAC,KAAK,EAAE,CAAC;IAC1B,CAAC,CAAC;AACJ,CAAC"}

package/dist/src/utils/crypto.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../../src/utils/crypto.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,~~CAexD~~;AAcD;;;GAGG;AACH,wBAAsB,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,CAe3E;AAED;;GAEG;AACH,wBAAsB,OAAO,CAAC,aAAa,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,CAyBpF"}
1	+ {"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../../src/utils/crypto.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,CAgBxD;AAcD;;;GAGG;AACH,wBAAsB,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,CAe3E;AAED;;GAEG;AACH,wBAAsB,OAAO,CAAC,aAAa,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,CAyBpF"}

package/dist/src/utils/crypto.js CHANGED Viewed

@@ -6,7 +6,8 @@
  */
 export function generateSecureId(prefix) {
     if (typeof crypto !== "undefined" && typeof crypto.randomUUID === "function") {
-        return crypto.randomUUID();
+        const value = crypto.randomUUID();
+        return prefix ? `${prefix}-${value}` : value;
     }
     if (typeof crypto !== "undefined" && typeof crypto.getRandomValues === "function") {
         const bytes = new Uint8Array(16);

package/dist/src/utils/crypto.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../../src/utils/crypto.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAe;IAC9C,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,OAAO,MAAM,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;QAC7E,~~OAAO~~,MAAM,CAAC,UAAU,EAAE,CAAC;~~IAC7B~~,CAAC;IAED,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,OAAO,MAAM,CAAC,eAAe,KAAK,UAAU,EAAE,CAAC;QAClF,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAC9B,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC/E,OAAO,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;IAC3C,CAAC;IAED,uEAAuE;IACvE,wCAAwC;IACxC,OAAO,GAAG,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;AAClF,CAAC;AAED,SAAS,kBAAkB,CAAC,KAAiB;IAC3C,MAAM,SAAS,GAAG,MAAM,CAAC;IACzB,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,SAAS,EAAE,CAAC;QACjD,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,CAAC;QAC/C,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC;IAC1C,CAAC;IAED,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC;AACtB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,IAAY,EAAE,GAAc;IACxD,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,EAAE,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IAEtD,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CAC5C,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE,EACvB,GAAG,EACH,IAAI,CACL,CAAC;IAEF,MAAM,QAAQ,GAAG,kBAAkB,CAAC,EAAE,CAAC,CAAC;IACxC,MAAM,YAAY,GAAG,kBAAkB,CAAC,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC;IAEpE,OAAO,GAAG,QAAQ,IAAI,YAAY,EAAE,CAAC;AACvC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,aAAqB,EAAE,GAAc;IACjE,MAAM,CAAC,QAAQ,EAAE,YAAY,CAAC,GAAG,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC1D,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IAED,IAAI,KAAa,CAAC;IAClB,IAAI,SAAiB,CAAC;IACtB,IAAI,CAAC;QACH,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvB,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,EAAE,GAAG,UAAU,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1D,MAAM,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;IAEtE,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CAC3C,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE,EACvB,GAAG,EACH,UAAU,CACX,CAAC;IAEF,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;AAC7C,CAAC"}
1	+ {"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../../src/utils/crypto.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAe;IAC9C,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,OAAO,MAAM,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;QAC7E,MAAM,KAAK,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;IAC/C,CAAC;IAED,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,OAAO,MAAM,CAAC,eAAe,KAAK,UAAU,EAAE,CAAC;QAClF,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAC9B,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC/E,OAAO,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;IAC3C,CAAC;IAED,uEAAuE;IACvE,wCAAwC;IACxC,OAAO,GAAG,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;AAClF,CAAC;AAED,SAAS,kBAAkB,CAAC,KAAiB;IAC3C,MAAM,SAAS,GAAG,MAAM,CAAC;IACzB,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,SAAS,EAAE,CAAC;QACjD,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,CAAC;QAC/C,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC;IAC1C,CAAC;IAED,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC;AACtB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,IAAY,EAAE,GAAc;IACxD,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,EAAE,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IAEtD,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CAC5C,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE,EACvB,GAAG,EACH,IAAI,CACL,CAAC;IAEF,MAAM,QAAQ,GAAG,kBAAkB,CAAC,EAAE,CAAC,CAAC;IACxC,MAAM,YAAY,GAAG,kBAAkB,CAAC,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC;IAEpE,OAAO,GAAG,QAAQ,IAAI,YAAY,EAAE,CAAC;AACvC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,aAAqB,EAAE,GAAc;IACjE,MAAM,CAAC,QAAQ,EAAE,YAAY,CAAC,GAAG,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC1D,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IAED,IAAI,KAAa,CAAC;IAClB,IAAI,SAAiB,CAAC;IACtB,IAAI,CAAC;QACH,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvB,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,EAAE,GAAG,UAAU,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1D,MAAM,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;IAEtE,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CAC3C,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE,EACvB,GAAG,EACH,UAAU,CACX,CAAC;IAEF,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;AAC7C,CAAC"}

package/dist/tests/auth-refresh.test.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=auth-refresh.test.d.ts.map

package/dist/tests/auth-refresh.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"auth-refresh.test.d.ts","sourceRoot":"","sources":["../../tests/auth-refresh.test.ts"],"names":[],"mappings":""}

package/dist/tests/auth-refresh.test.js ADDED Viewed

@@ -0,0 +1,75 @@
+import { describe, expect, it, vi } from "vitest";
+import { authRefresh } from "../src/middleware/authRefresh";
+import { HttpResponse } from "../src/response/response";
+describe("authRefresh middleware", () => {
+    it("refreshes token and retries once on 401", async () => {
+        const refresh = vi.fn(async () => "token-2");
+        const middleware = authRefresh({ refresh });
+        const seenAuth = [];
+        const req = {
+            method: "GET",
+            url: "/profile",
+            headers: { Authorization: "Bearer token-1" },
+        };
+        const res = await middleware(req, async (nextReq) => {
+            seenAuth.push(nextReq.headers?.Authorization ?? "");
+            if (seenAuth.length === 1) {
+                return new HttpResponse(new Response("unauthorized", { status: 401 }));
+            }
+            return new HttpResponse(new Response("ok", { status: 200 }));
+        });
+        expect(res.status).toBe(200);
+        expect(refresh).toHaveBeenCalledTimes(1);
+        expect(seenAuth).toEqual(["Bearer token-1", "Bearer token-2"]);
+    });
+    it("shares a single refresh call across concurrent 401s", async () => {
+        let refreshCount = 0;
+        const middleware = authRefresh({
+            refresh: async () => {
+                refreshCount += 1;
+                return "shared-token";
+            },
+        });
+        const reqA = { method: "GET", url: "/a" };
+        const reqB = { method: "GET", url: "/b" };
+        const next = async (req) => {
+            if (req.headers?.Authorization === "Bearer shared-token") {
+                return new HttpResponse(new Response("ok", { status: 200 }));
+            }
+            return new HttpResponse(new Response("unauthorized", { status: 401 }));
+        };
+        const [resA, resB] = await Promise.all([
+            middleware(reqA, next),
+            middleware(reqB, next),
+        ]);
+        expect(resA.status).toBe(200);
+        expect(resB.status).toBe(200);
+        expect(refreshCount).toBe(1);
+    });
+    it("throws wrapped error when refresh fails", async () => {
+        const rootError = new Error("refresh down");
+        const middleware = authRefresh({
+            refresh: async () => {
+                throw rootError;
+            },
+        });
+        await expect(middleware({ method: "GET", url: "/x" }, async () => {
+            return new HttpResponse(new Response("unauthorized", { status: 401 }));
+        })).rejects.toMatchObject({
+            message: "pureq: token refresh failed",
+            code: "PUREQ_AUTH_REFRESH_FAILED",
+            kind: "auth-error",
+            cause: rootError,
+        });
+    });
+    it("does not refresh when maxAttempts is zero", async () => {
+        const refresh = vi.fn(async () => "unused");
+        const middleware = authRefresh({ refresh, maxAttempts: 0 });
+        const res = await middleware({ method: "GET", url: "/x" }, async () => {
+            return new HttpResponse(new Response("unauthorized", { status: 401 }));
+        });
+        expect(res.status).toBe(401);
+        expect(refresh).not.toHaveBeenCalled();
+    });
+});
+//# sourceMappingURL=auth-refresh.test.js.map

package/dist/tests/auth-refresh.test.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth-refresh.test.js","sourceRoot":"","sources":["../../tests/auth-refresh.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAC;AAC5D,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAExD,QAAQ,CAAC,wBAAwB,EAAE,GAAG,EAAE;IACtC,EAAE,CAAC,yCAAyC,EAAE,KAAK,IAAI,EAAE;QACvD,MAAM,OAAO,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,SAAS,CAAC,CAAC;QAC7C,MAAM,UAAU,GAAG,WAAW,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;QAE5C,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,MAAM,GAAG,GAAG;YACV,MAAM,EAAE,KAAc;YACtB,GAAG,EAAE,UAAU;YACf,OAAO,EAAE,EAAE,aAAa,EAAE,gBAAgB,EAAE;SAC7C,CAAC;QAEF,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,GAAG,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;YAClD,QAAQ,CAAC,IAAI,CAAE,OAAO,CAAC,OAAO,EAAE,aAAwB,IAAI,EAAE,CAAC,CAAC;YAChE,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC1B,OAAO,IAAI,YAAY,CAAC,IAAI,QAAQ,CAAC,cAAc,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;YACzE,CAAC;YACD,OAAO,IAAI,YAAY,CAAC,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,CAAC,OAAO,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;QACzC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;QACnE,IAAI,YAAY,GAAG,CAAC,CAAC;QACrB,MAAM,UAAU,GAAG,WAAW,CAAC;YAC7B,OAAO,EAAE,KAAK,IAAI,EAAE;gBAClB,YAAY,IAAI,CAAC,CAAC;gBAClB,OAAO,cAAc,CAAC;YACxB,CAAC;SACF,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,EAAE,MAAM,EAAE,KAAc,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;QACnD,MAAM,IAAI,GAAG,EAAE,MAAM,EAAE,KAAc,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;QAEnD,MAAM,IAAI,GAAG,KAAK,EAAE,GAAyC,EAAE,EAAE;YAC/D,IAAI,GAAG,CAAC,OAAO,EAAE,aAAa,KAAK,qBAAqB,EAAE,CAAC;gBACzD,OAAO,IAAI,YAAY,CAAC,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;YAC/D,CAAC;YACD,OAAO,IAAI,YAAY,CAAC,IAAI,QAAQ,CAAC,cAAc,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;QACzE,CAAC,CAAC;QAEF,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YACrC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC;YACtB,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC;SACvB,CAAC,CAAC;QAEH,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yCAAyC,EAAE,KAAK,IAAI,EAAE;QACvD,MAAM,SAAS,GAAG,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC;QAC5C,MAAM,UAAU,GAAG,WAAW,CAAC;YAC7B,OAAO,EAAE,KAAK,IAAI,EAAE;gBAClB,MAAM,SAAS,CAAC;YAClB,CAAC;SACF,CAAC,CAAC;QAEH,MAAM,MAAM,CACV,UAAU,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,KAAK,IAAI,EAAE;YAClD,OAAO,IAAI,YAAY,CAAC,IAAI,QAAQ,CAAC,cAAc,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;QACzE,CAAC,CAAC,CACH,CAAC,OAAO,CAAC,aAAa,CAAC;YACtB,OAAO,EAAE,6BAA6B;YACtC,IAAI,EAAE,2BAA2B;YACjC,IAAI,EAAE,YAAY;YAClB,KAAK,EAAE,SAAS;SACjB,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,KAAK,IAAI,EAAE;QACzD,MAAM,OAAO,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,QAAQ,CAAC,CAAC;QAC5C,MAAM,UAAU,GAAG,WAAW,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAC;QAE5D,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,KAAK,IAAI,EAAE;YACpE,OAAO,IAAI,YAAY,CAAC,IAAI,QAAQ,CAAC,cAAc,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;QACzE,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;IACzC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/tests/chaos-heavy.test.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=chaos-heavy.test.d.ts.map

package/dist/tests/chaos-heavy.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"chaos-heavy.test.d.ts","sourceRoot":"","sources":["../../tests/chaos-heavy.test.ts"],"names":[],"mappings":""}

package/dist/tests/chaos-heavy.test.js ADDED Viewed

@@ -0,0 +1,164 @@
+import { afterEach, describe, expect, it, vi } from "vitest";
+import { createCircuitBreaker, PureqCircuitOpenError } from "../src/middleware/circuitBreaker";
+import { concurrencyLimit } from "../src/middleware/concurrencyLimit";
+import { dedupe } from "../src/middleware/dedupe";
+import { retry } from "../src/middleware/retry";
+import { compose } from "../src/middleware/compose";
+import { execute } from "../src/executor/execute";
+import { HttpResponse } from "../src/response/response";
+import { INTERNAL_MIDDLEWARES } from "../src/types/internal";
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function makePrng(seed = 0x12345678) {
+    let value = seed >>> 0;
+    return () => {
+        value = (value * 1664525 + 1013904223) >>> 0;
+        return value / 0x100000000;
+    };
+}
+afterEach(() => {
+    vi.useRealTimers();
+    vi.restoreAllMocks();
+});
+describe("chaos/heavy: half-open stampede", () => {
+    it("allows only one half-open probe under concurrent burst", async () => {
+        vi.useFakeTimers();
+        vi.setSystemTime(new Date("2026-01-01T00:00:00.000Z"));
+        const breaker = createCircuitBreaker({
+            failureThreshold: 1,
+            successThreshold: 1,
+            cooldownMs: 1000,
+            keyBuilder: () => "dep:critical",
+        });
+        const req = { method: "GET", url: "/critical" };
+        await expect(breaker.middleware(req, async () => {
+            throw new Error("boom");
+        })).rejects.toThrow("boom");
+        vi.setSystemTime(new Date("2026-01-01T00:00:01.100Z"));
+        let nextCalls = 0;
+        let releaseProbe;
+        const probePromise = breaker.middleware(req, async () => {
+            nextCalls += 1;
+            await new Promise((resolve) => {
+                releaseProbe = resolve;
+            });
+            return new HttpResponse(new Response("ok", { status: 200 }));
+        });
+        const followers = await Promise.allSettled(Array.from({ length: 40 }, () => breaker.middleware(req, async () => {
+            nextCalls += 1;
+            return new HttpResponse(new Response("unexpected", { status: 200 }));
+        })));
+        const openErrors = followers.filter((entry) => entry.status === "rejected" &&
+            entry.reason instanceof PureqCircuitOpenError).length;
+        releaseProbe?.();
+        const probe = await probePromise;
+        expect(probe.status).toBe(200);
+        expect(nextCalls).toBe(1);
+        expect(openErrors).toBe(40);
+        vi.useRealTimers();
+    });
+});
+describe("chaos/heavy: mixed failure traffic", () => {
+    it("settles large mixed traffic without deadlock and respects concurrency ceiling", async () => {
+        const prng = makePrng(42);
+        let inFlight = 0;
+        let maxInFlight = 0;
+        const base = async (_req) => {
+            inFlight += 1;
+            maxInFlight = Math.max(maxInFlight, inFlight);
+            try {
+                await sleep(Math.floor(prng() * 4));
+                const r = prng();
+                if (r < 0.12) {
+                    throw new TypeError("network chaos");
+                }
+                if (r < 0.32) {
+                    return new HttpResponse(new Response("temporary", { status: 503 }));
+                }
+                return new HttpResponse(new Response("ok", { status: 200 }));
+            }
+            finally {
+                inFlight -= 1;
+            }
+        };
+        const pipeline = compose([
+            concurrencyLimit({ maxConcurrent: 20 }),
+            dedupe(),
+            retry({
+                maxRetries: 2,
+                delay: 0,
+                backoff: false,
+                retryOnStatus: [503],
+                retryOnNetworkError: true,
+            }),
+        ], base);
+        const total = 320;
+        const tasks = Array.from({ length: total }, (_, i) => pipeline({
+            method: "GET",
+            url: `https://example.com/hot/${i % 80}`,
+            [INTERNAL_MIDDLEWARES]: [],
+        }).then(() => ({ ok: true }), () => ({ ok: false })));
+        const startedAt = Date.now();
+        const settled = await Promise.all(tasks);
+        const durationMs = Date.now() - startedAt;
+        const success = settled.filter((x) => x.ok).length;
+        const failure = settled.length - success;
+        console.info("[pureq][chaos-metrics]", {
+            scenario: "mixed-failure-traffic",
+            total,
+            success,
+            failure,
+            maxInFlight,
+            durationMs,
+            throughputRps: Number((total / Math.max(durationMs / 1000, 0.001)).toFixed(2)),
+        });
+        expect(settled).toHaveLength(total);
+        expect(maxInFlight).toBeLessThanOrEqual(20);
+        expect(success).toBeGreaterThan(0);
+        expect(failure).toBeGreaterThan(0);
+    });
+});
+describe("chaos/heavy: hostile input", () => {
+    it("handles hostile query keys without prototype pollution", async () => {
+        const query = Object.create(null);
+        query["__proto__"] = "x";
+        query["constructor"] = "y";
+        query["prototype"] = "z";
+        query["normal"] = "ok";
+        let capturedUrl = "";
+        await execute({
+            method: "GET",
+            url: "/hostile",
+            query,
+        }, {
+            adapter: async (url) => {
+                capturedUrl = url;
+                return new Response("ok", { status: 200 });
+            },
+        });
+        expect(capturedUrl.includes("__proto__=x")).toBe(true);
+        expect(capturedUrl.includes("constructor=y")).toBe(true);
+        expect(capturedUrl.includes("prototype=z")).toBe(true);
+        expect({}.polluted).toBeUndefined();
+    });
+    it("bypasses dedupe safely for circular request body", async () => {
+        const middleware = dedupe({ includeBody: true, methods: ["POST"] });
+        const circular = { a: 1 };
+        circular.self = circular;
+        let upstreamCalls = 0;
+        const send = () => middleware({
+            method: "POST",
+            url: "/circular",
+            body: circular,
+        }, async () => {
+            upstreamCalls += 1;
+            return new HttpResponse(new Response("ok", { status: 200 }));
+        });
+        const [r1, r2] = await Promise.all([send(), send()]);
+        expect(r1.status).toBe(200);
+        expect(r2.status).toBe(200);
+        expect(upstreamCalls).toBe(2);
+    });
+});
+//# sourceMappingURL=chaos-heavy.test.js.map

package/dist/tests/chaos-heavy.test.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"chaos-heavy.test.js","sourceRoot":"","sources":["../../tests/chaos-heavy.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAC7D,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,MAAM,kCAAkC,CAAC;AAC/F,OAAO,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,0BAA0B,CAAC;AAClD,OAAO,EAAE,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAChD,OAAO,EAAE,OAAO,EAAE,MAAM,2BAA2B,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAExD,OAAO,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAE7D,SAAS,KAAK,CAAC,EAAU;IACvB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,QAAQ,CAAC,IAAI,GAAG,UAAU;IACjC,IAAI,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC;IACvB,OAAO,GAAG,EAAE;QACV,KAAK,GAAG,CAAC,KAAK,GAAG,OAAO,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;QAC7C,OAAO,KAAK,GAAG,WAAW,CAAC;IAC7B,CAAC,CAAC;AACJ,CAAC;AAED,SAAS,CAAC,GAAG,EAAE;IACb,EAAE,CAAC,aAAa,EAAE,CAAC;IACnB,EAAE,CAAC,eAAe,EAAE,CAAC;AACvB,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,iCAAiC,EAAE,GAAG,EAAE;IAC/C,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,EAAE,CAAC,aAAa,CAAC,IAAI,IAAI,CAAC,0BAA0B,CAAC,CAAC,CAAC;QAEvD,MAAM,OAAO,GAAG,oBAAoB,CAAC;YACnC,gBAAgB,EAAE,CAAC;YACnB,gBAAgB,EAAE,CAAC;YACnB,UAAU,EAAE,IAAK;YACjB,UAAU,EAAE,GAAG,EAAE,CAAC,cAAc;SACjC,CAAC,CAAC;QAEH,MAAM,GAAG,GAAG,EAAE,MAAM,EAAE,KAAc,EAAE,GAAG,EAAE,WAAW,EAAE,CAAC;QAEzD,MAAM,MAAM,CACV,OAAO,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,IAAI,EAAE;YACjC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC;QAC1B,CAAC,CAAC,CACH,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAE1B,EAAE,CAAC,aAAa,CAAC,IAAI,IAAI,CAAC,0BAA0B,CAAC,CAAC,CAAC;QAEvD,IAAI,SAAS,GAAG,CAAC,CAAC;QAClB,IAAI,YAAsC,CAAC;QAE3C,MAAM,YAAY,GAAG,OAAO,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,IAAI,EAAE;YACtD,SAAS,IAAI,CAAC,CAAC;YACf,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;gBAClC,YAAY,GAAG,OAAO,CAAC;YACzB,CAAC,CAAC,CAAC;YACH,OAAO,IAAI,YAAY,CAAC,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,UAAU,CACxC,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,CAC9B,OAAO,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,IAAI,EAAE;YACjC,SAAS,IAAI,CAAC,CAAC;YACf,OAAO,IAAI,YAAY,CAAC,IAAI,QAAQ,CAAC,YAAY,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;QACvE,CAAC,CAAC,CACH,CACF,CAAC;QAEF,MAAM,UAAU,GAAG,SAAS,CAAC,MAAM,CACjC,CAAC,KAAK,EAAE,EAAE,CACR,KAAK,CAAC,MAAM,KAAK,UAAU;YAC3B,KAAK,CAAC,MAAM,YAAY,qBAAqB,CAChD,CAAC,MAAM,CAAC;QAET,YAAY,EAAE,EAAE,CAAC;QACjB,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC;QAEjC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAE5B,EAAE,CAAC,aAAa,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,oCAAoC,EAAE,GAAG,EAAE;IAClD,EAAE,CAAC,+EAA+E,EAAE,KAAK,IAAI,EAAE;QAC7F,MAAM,IAAI,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC1B,IAAI,QAAQ,GAAG,CAAC,CAAC;QACjB,IAAI,WAAW,GAAG,CAAC,CAAC;QAEpB,MAAM,IAAI,GAAG,KAAK,EAAE,IAAmB,EAAyB,EAAE;YAChE,QAAQ,IAAI,CAAC,CAAC;YACd,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YAE9C,IAAI,CAAC;gBACH,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;gBACpC,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC;gBACjB,IAAI,CAAC,GAAG,IAAI,EAAE,CAAC;oBACb,MAAM,IAAI,SAAS,CAAC,eAAe,CAAC,CAAC;gBACvC,CAAC;gBACD,IAAI,CAAC,GAAG,IAAI,EAAE,CAAC;oBACb,OAAO,IAAI,YAAY,CAAC,IAAI,QAAQ,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;gBACtE,CAAC;gBACD,OAAO,IAAI,YAAY,CAAC,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;YAC/D,CAAC;oBAAS,CAAC;gBACT,QAAQ,IAAI,CAAC,CAAC;YAChB,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,QAAQ,GAAG,OAAO,CACtB;YACE,gBAAgB,CAAC,EAAE,aAAa,EAAE,EAAE,EAAE,CAAC;YACvC,MAAM,EAAE;YACR,KAAK,CAAC;gBACJ,UAAU,EAAE,CAAC;gBACb,KAAK,EAAE,CAAC;gBACR,OAAO,EAAE,KAAK;gBACd,aAAa,EAAE,CAAC,GAAG,CAAC;gBACpB,mBAAmB,EAAE,IAAI;aAC1B,CAAC;SACH,EACD,IAAI,CACL,CAAC;QAEF,MAAM,KAAK,GAAG,GAAG,CAAC;QAClB,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACnD,QAAQ,CAAC;YACP,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,2BAA2B,CAAC,GAAG,EAAE,EAAE;YACxC,CAAC,oBAAoB,CAAC,EAAE,EAAE;SAC3B,CAAC,CAAC,IAAI,CACL,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,IAAa,EAAE,CAAC,EAC7B,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,KAAc,EAAE,CAAC,CAC/B,CACF,CAAC;QAEF,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACzC,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC;QACnD,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,GAAG,OAAO,CAAC;QAEzC,OAAO,CAAC,IAAI,CAAC,wBAAwB,EAAE;YACrC,QAAQ,EAAE,uBAAuB;YACjC,KAAK;YACL,OAAO;YACP,OAAO;YACP,WAAW;YACX,UAAU;YACV,aAAa,EAAE,MAAM,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,GAAG,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;SAC/E,CAAC,CAAC;QAEH,MAAM,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;QACpC,MAAM,CAAC,WAAW,CAAC,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC;QAC5C,MAAM,CAAC,OAAO,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACnC,MAAM,CAAC,OAAO,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,4BAA4B,EAAE,GAAG,EAAE;IAC1C,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAA2B,CAAC;QAC5D,KAAK,CAAC,WAAW,CAAC,GAAG,GAAG,CAAC;QACzB,KAAK,CAAC,aAAa,CAAC,GAAG,GAAG,CAAC;QAC3B,KAAK,CAAC,WAAW,CAAC,GAAG,GAAG,CAAC;QACzB,KAAK,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC;QAEvB,IAAI,WAAW,GAAG,EAAE,CAAC;QACrB,MAAM,OAAO,CACX;YACE,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,UAAU;YACf,KAAK;SACN,EACD;YACE,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBACrB,WAAW,GAAG,GAAG,CAAC;gBAClB,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;YAC7C,CAAC;SACF,CACF,CAAC;QAEF,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzD,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,CAAE,EAA6B,CAAC,QAAQ,CAAC,CAAC,aAAa,EAAE,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;QAChE,MAAM,UAAU,GAAG,MAAM,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACpE,MAAM,QAAQ,GAA4B,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;QACnD,QAAQ,CAAC,IAAI,GAAG,QAAQ,CAAC;QAEzB,IAAI,aAAa,GAAG,CAAC,CAAC;QACtB,MAAM,IAAI,GAAG,GAAG,EAAE,CAChB,UAAU,CACR;YACE,MAAM,EAAE,MAAM;YACd,GAAG,EAAE,WAAW;YAChB,IAAI,EAAE,QAAQ;SACf,EACD,KAAK,IAAI,EAAE;YACT,aAAa,IAAI,CAAC,CAAC;YACnB,OAAO,IAAI,YAAY,CAAC,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;QAC/D,CAAC,CACF,CAAC;QAEJ,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QACrD,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/tests/crypto-utils.test.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=crypto-utils.test.d.ts.map

package/dist/tests/crypto-utils.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"crypto-utils.test.d.ts","sourceRoot":"","sources":["../../tests/crypto-utils.test.ts"],"names":[],"mappings":""}

package/dist/tests/crypto-utils.test.js ADDED Viewed

@@ -0,0 +1,34 @@
+import { afterEach, describe, expect, it, vi } from "vitest";
+import { decrypt, encrypt, generateSecureId } from "../src/utils/crypto";
+describe("crypto utils", () => {
+    afterEach(() => {
+        vi.restoreAllMocks();
+    });
+    it("applies prefix even when randomUUID is available", () => {
+        const spy = vi
+            .spyOn(globalThis.crypto, "randomUUID")
+            .mockReturnValue("123e4567-e89b-12d3-a456-426614174000");
+        const id = generateSecureId("pureq");
+        expect(id).toBe("pureq-123e4567-e89b-12d3-a456-426614174000");
+        expect(spy).toHaveBeenCalledTimes(1);
+    });
+    it("round-trips encrypt/decrypt with AES-GCM key", async () => {
+        const key = await crypto.subtle.generateKey({ name: "AES-GCM", length: 256 }, true, [
+            "encrypt",
+            "decrypt",
+        ]);
+        const input = JSON.stringify({ userId: "u1", roles: ["admin"] });
+        const encrypted = await encrypt(input, key);
+        const decrypted = await decrypt(encrypted, key);
+        expect(encrypted.includes(":")).toBe(true);
+        expect(decrypted).toBe(input);
+    });
+    it("throws helpful error for invalid encrypted format", async () => {
+        const key = await crypto.subtle.generateKey({ name: "AES-GCM", length: 256 }, true, [
+            "encrypt",
+            "decrypt",
+        ]);
+        await expect(decrypt("not-valid", key)).rejects.toThrow("pureq: invalid encrypted data format");
+    });
+});
+//# sourceMappingURL=crypto-utils.test.js.map