@pyreon/zero 0.21.0 → 0.23.0

package/src/theme.tsx

@@ -2,6 +2,10 @@ import type { VNodeChild } from '@pyreon/core'
 import { onMount } from '@pyreon/core'
 import { effect, signal } from '@pyreon/reactivity'
 
+// Dev-mode counter sink — see packages/internals/perf-harness for contract.
+const __DEV__ = typeof process !== 'undefined' && process.env.NODE_ENV !== 'production'
+const _countSink = globalThis as { __pyreon_count__?: (name: string, n?: number) => void }
+
 // ─── Theme system ───────────────────────────────────────────────────────────
 //
 // Provides dark/light/system theme support with:
@@ -75,52 +79,104 @@ export function setTheme(t: Theme) {
   }
 }
 
-/**
- * Initialize the theme system. Call once in your app entry or layout.
- * Reads from localStorage, listens for system preference changes.
- */
-export function initTheme() {
-  onMount(() => {
-    // Read persisted preference
-    try {
-      const stored = localStorage.getItem(STORAGE_KEY) as Theme | null
-      if (stored === 'light' || stored === 'dark' || stored === 'system') {
-        theme.set(stored)
-      }
-    } catch {
-      // localStorage may not be available
+// Refcount + shared-teardown for `initTheme()`. The first mount runs the
+// real setup (localStorage read + matchMedia listener + effect); subsequent
+// mounts (other ThemeToggles, or an explicit `initTheme()` call in a
+// layout alongside `<ThemeToggle>`) only bump the refcount. Each unmount
+// decrements; when the count returns to 0 the shared teardown runs.
+//
+// Pre-fix every `initTheme()` call ran its own `onMount(setup)` — N
+// mounted ThemeToggles → N matchMedia listeners + N effects, all writing
+// the SAME values to the SAME `document.documentElement.dataset.theme`.
+// Class D event-listener pile-up, real production case for any app with
+// header + footer ThemeToggle widgets.
+let _initRefCount = 0
+let _disposeShared: (() => void) | null = null
+
+function _setupShared(): () => void {
+  // Read persisted preference
+  try {
+    const stored = localStorage.getItem(STORAGE_KEY) as Theme | null
+    if (stored === 'light' || stored === 'dark' || stored === 'system') {
+      theme.set(stored)
     }
+  } catch {
+    // localStorage may not be available
+  }
 
-    // Apply to document
-    document.documentElement.dataset.theme = resolvedTheme()
+  // Apply to document
+  document.documentElement.dataset.theme = resolvedTheme()
+
+  // Watch for system preference changes. Seed the signal from the
+  // current media-query state, then update reactively on each OS
+  // preference flip. Components reading `resolvedTheme()` pick up the
+  // change automatically (they subscribe to `_osPrefersDark` when
+  // `theme === 'system'`).
+  const mq = window.matchMedia('(prefers-color-scheme: dark)')
+  _osPrefersDark.set(mq.matches)
+  function onChange(e: MediaQueryListEvent) {
+    _osPrefersDark.set(e.matches)
+  }
+  mq.addEventListener('change', onChange)
+
+  // Re-apply when theme signal changes — updates data-theme + favicons
+  const dispose = effect(() => {
+    const mode = resolvedTheme()
+    document.documentElement.dataset.theme = mode
 
-    // Watch for system preference changes. Seed the signal from the
-    // current media-query state, then update reactively on each OS
-    // preference flip. Components reading `resolvedTheme()` pick up the
-    // change automatically (they subscribe to `_osPrefersDark` when
-    // `theme === 'system'`).
-    const mq = window.matchMedia('(prefers-color-scheme: dark)')
-    _osPrefersDark.set(mq.matches)
-    function onChange(e: MediaQueryListEvent) {
-      _osPrefersDark.set(e.matches)
+    // Swap favicon variants (if dual-variant favicons are present)
+    const faviconLinks = document.querySelectorAll<HTMLLinkElement>('[data-favicon-theme]')
+    for (const link of faviconLinks) {
+      link.media = link.dataset.faviconTheme === mode ? '' : 'not all'
     }
-    mq.addEventListener('change', onChange)
+  })
 
-    // Re-apply when theme signal changes — updates data-theme + favicons
-    const dispose = effect(() => {
-      const mode = resolvedTheme()
-      document.documentElement.dataset.theme = mode
+  return () => {
+    mq.removeEventListener('change', onChange)
+    dispose?.dispose()
+  }
+}
 
-      // Swap favicon variants (if dual-variant favicons are present)
-      const faviconLinks = document.querySelectorAll<HTMLLinkElement>('[data-favicon-theme]')
-      for (const link of faviconLinks) {
-        link.media = link.dataset.faviconTheme === mode ? '' : 'not all'
-      }
-    })
+/**
+ * Reset the refcount + shared teardown. Useful for tests.
+ * @internal
+ */
+export function _resetInitThemeForTests(): void {
+  if (_disposeShared) _disposeShared()
+  _initRefCount = 0
+  _disposeShared = null
+}
+
+/**
+ * Initialize the theme system. Safe to call multiple times — uses a
+ * mount-based refcount so multiple `<ThemeToggle>` instances (or
+ * `<ThemeToggle>` plus an explicit `initTheme()` in your layout) share
+ * a SINGLE matchMedia listener + effect.
+ *
+ * Reads from localStorage, listens for system preference changes.
+ */
+export function initTheme() {
+  onMount(() => {
+    if (_initRefCount === 0) {
+      _disposeShared = _setupShared()
+    }
+    _initRefCount++
+    // Leak-class D diagnostic — emit per refcount++. Net (acquire -
+    // release) = currently-mounted ThemeToggle count; should be
+    // bounded by the user's UI shape. Steady-state monotonic growth
+    // signals the refcount guard regressed (every mount registers a
+    // fresh listener again).
+    if (__DEV__) _countSink.__pyreon_count__?.('theme.initRefAcquire')
 
     return () => {
-      mq.removeEventListener('change', onChange)
-      dispose?.dispose()
+      _initRefCount--
+      // Pair with `theme.initRefAcquire`. Equal counts at process exit
+      // = healthy lifecycle. Diff = active subscribers / orphan inits.
+      if (__DEV__) _countSink.__pyreon_count__?.('theme.initRefRelease')
+      if (_initRefCount === 0 && _disposeShared) {
+        _disposeShared()
+        _disposeShared = null
+      }
     }
   })
 }

package/src/types.ts

@@ -103,6 +103,82 @@ export interface ISRConfig {
    * }
    */
   cacheKey?: (req: Request) => string
+  /**
+   * Pluggable cache backing for multi-instance / horizontally-scaled
+   * production. Default: in-memory `Map` per-process (capped by
+   * `maxEntries`). Pass a Redis / Vercel KV / Cloudflare KV / Upstash
+   * adapter (anything matching the `ISRStore` interface from
+   * `@pyreon/zero/server`) for state shared across instances — a
+   * revalidation in one pod is visible to all pods.
+   *
+   * The store interface accepts BOTH sync and async returns; the
+   * handler `await`s the result either way, so an in-memory store
+   * stays cheap (no Promise allocation per request) while a Redis
+   * store can return its native promises directly.
+   *
+   * When set, `maxEntries` is ignored — the custom store owns its own
+   * eviction / TTL policy.
+   *
+   * @example
+   * // Redis adapter (uses `ioredis` or `@upstash/redis`):
+   * const redis = new Redis(...)
+   * const store: ISRStore = {
+   *   async get(key) {
+   *     const v = await redis.get(`isr:${key}`)
+   *     return v ? JSON.parse(v) : undefined
+   *   },
+   *   async set(key, entry) {
+   *     await redis.set(`isr:${key}`, JSON.stringify(entry), 'EX', 86400)
+   *   },
+   *   async delete(key) {
+   *     await redis.del(`isr:${key}`)
+   *   },
+   * }
+   *
+   * isr: { revalidate: 60, store }
+   */
+  // The actual type lives in `./isr` to avoid `types.ts` pulling the
+  // implementation file; we type it as `unknown` here and let consumers
+  // pass an `ISRStore` directly — `createISRHandler`'s signature checks
+  // the shape statically.
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  store?: import('./isr').ISRStore<any>
+  /**
+   * Construct the `Request` used for background revalidation. Default:
+   * the ORIGINAL user's request (headers, method, URL) — which means a
+   * `cacheKey`-bearing entry triggered by user A is revalidated against
+   * A's cookies / auth headers. For auth-gated `cacheKey` setups this
+   * is risky: if A's session expires before the revalidation runs, the
+   * new render may misbehave (auth-gate hits redirect path, or worse,
+   * still emits A's personalized HTML because the server hasn't yet
+   * invalidated the session token).
+   *
+   * Supply `revalidateRequest` to construct a request scoped to the
+   * cache key — e.g. anonymous for anonymous entries, service-account
+   * for shared entries. Returning `null` SKIPS revalidation entirely
+   * for this entry (stale stays stale until the next live request).
+   *
+   * Compatible with `store`: the revalidate path still reads/writes
+   * the configured store; this hook only controls what request the
+   * re-render runs against.
+   *
+   * @example
+   * isr: {
+   *   revalidate: 60,
+   *   cacheKey: (req) => {
+   *     const session = req.headers.get('cookie')?.match(/session=([^;]+)/)?.[1] ?? 'anon'
+   *     return `${new URL(req.url).pathname}::${session}`
+   *   },
+   *   revalidateRequest: (req) => {
+   *     // Anonymous entries re-revalidate as anonymous (safe default).
+   *     // Authenticated entries skip revalidation — the user's next
+   *     // hit will re-render with their current cookies on cache miss.
+   *     const hasAuth = /session=(?!anon)/.test(req.headers.get('cookie') ?? '')
+   *     return hasAuth ? null : new Request(req.url, { method: 'GET' })
+   *   },
+   * }
+   */
+  revalidateRequest?: (req: Request) => Request | null
 }
 
 // ─── Zero config ─────────────────────────────────────────────────────────────

package/lib/api-routes-CMsLztoj.js

@@ -1,148 +0,0 @@
-import { t as __exportAll } from "./rolldown-runtime-CjeV3_4I.js";
-
-//#region src/api-routes.ts
-var api_routes_exports = /* @__PURE__ */ __exportAll({
-	apiFilePathToPattern: () => apiFilePathToPattern,
-	createApiMiddleware: () => createApiMiddleware,
-	generateApiRouteModule: () => generateApiRouteModule,
-	isApiRoute: () => isApiRoute,
-	matchApiRoute: () => matchApiRoute
-});
-/**
-* Match a URL path against an API route pattern.
-* Returns extracted params or null if no match.
-*/
-function matchApiRoute(pattern, path) {
-	const patternParts = pattern.split("/").filter(Boolean);
-	const pathParts = path.split("/").filter(Boolean);
-	const params = {};
-	const isUnsafeParam = (name) => name === "__proto__" || name === "constructor" || name === "prototype";
-	for (let i = 0; i < patternParts.length; i++) {
-		const pp = patternParts[i];
-		if (!pp) continue;
-		if (pp.endsWith("*")) {
-			const paramName = pp.slice(1, -1);
-			if (!isUnsafeParam(paramName)) params[paramName] = pathParts.slice(i).join("/");
-			return params;
-		}
-		if (i >= pathParts.length) return null;
-		if (pp.startsWith(":")) {
-			const paramName = pp.slice(1);
-			if (!isUnsafeParam(paramName)) params[paramName] = pathParts[i];
-			continue;
-		}
-		if (pp !== pathParts[i]) return null;
-	}
-	return patternParts.length === pathParts.length ? params : null;
-}
-const HTTP_METHODS = [
-	"GET",
-	"POST",
-	"PUT",
-	"PATCH",
-	"DELETE",
-	"HEAD",
-	"OPTIONS"
-];
-/**
-* Create a middleware that dispatches API route requests.
-* API routes are matched by URL pattern and HTTP method.
-*/
-function createApiMiddleware(routes) {
-	return async (ctx) => {
-		for (const route of routes) {
-			const params = matchApiRoute(route.pattern, ctx.path);
-			if (!params) continue;
-			const method = ctx.req.method.toUpperCase();
-			const handler = route.module[method];
-			if (!handler) {
-				const allowed = HTTP_METHODS.filter((m) => route.module[m]).join(", ");
-				return new Response(null, {
-					status: 405,
-					headers: {
-						Allow: allowed,
-						"Content-Type": "application/json"
-					}
-				});
-			}
-			return handler({
-				request: ctx.req,
-				url: ctx.url,
-				path: ctx.path,
-				params,
-				headers: ctx.req.headers
-			});
-		}
-	};
-}
-/**
-* Detect whether a route file is an API route.
-* API routes are `.ts` or `.js` files inside an `api/` directory.
-*/
-function isApiRoute(filePath) {
-	const normalized = filePath.replace(/\\/g, "/");
-	return normalized.startsWith("api/") && (normalized.endsWith(".ts") || normalized.endsWith(".js")) && !normalized.endsWith(".tsx") && !normalized.endsWith(".jsx");
-}
-/**
-* Convert an API route file path to a URL pattern.
-*
-* Examples:
-*   "api/posts.ts"        → "/api/posts"
-*   "api/posts/index.ts"  → "/api/posts"
-*   "api/posts/[id].ts"   → "/api/posts/:id"
-*   "api/[...path].ts"    → "/api/:path*"
-*/
-function apiFilePathToPattern(filePath) {
-	let route = filePath;
-	for (const ext of [".ts", ".js"]) if (route.endsWith(ext)) {
-		route = route.slice(0, -ext.length);
-		break;
-	}
-	const segments = route.split("/");
-	const urlSegments = [];
-	for (const seg of segments) {
-		if (seg === "index") continue;
-		const catchAll = seg.match(/^\[\.\.\.(\w+)\]$/);
-		if (catchAll) {
-			urlSegments.push(`:${catchAll[1]}*`);
-			continue;
-		}
-		const dynamic = seg.match(/^\[(\w+)\]$/);
-		if (dynamic) {
-			urlSegments.push(`:${dynamic[1]}`);
-			continue;
-		}
-		urlSegments.push(seg);
-	}
-	return `/${urlSegments.join("/")}`;
-}
-/**
-* Generate a virtual module that exports API route entries.
-* Each entry maps a URL pattern to a module with HTTP method handlers.
-*/
-function generateApiRouteModule(files, routesDir) {
-	const apiFiles = files.filter(isApiRoute);
-	if (apiFiles.length === 0) return "export const apiRoutes = []\n";
-	const imports = [];
-	const entries = [];
-	for (let i = 0; i < apiFiles.length; i++) {
-		const name = `_api${i}`;
-		const file = apiFiles[i];
-		if (!file) continue;
-		const fullPath = `${routesDir}/${file}`;
-		const pattern = apiFilePathToPattern(file);
-		imports.push(`import * as ${name} from "${fullPath}"`);
-		entries.push(`  { pattern: ${JSON.stringify(pattern)}, module: ${name} }`);
-	}
-	return [
-		...imports,
-		"",
-		"export const apiRoutes = [",
-		entries.join(",\n"),
-		"]"
-	].join("\n");
-}
-
-//#endregion
-export { matchApiRoute as i, createApiMiddleware as n, generateApiRouteModule as r, api_routes_exports as t };
-//# sourceMappingURL=api-routes-CMsLztoj.js.map

package/lib/fs-router-3xzp-4Wj.js

@@ -1,32 +0,0 @@
-import { join } from "node:path";
-
-//#region src/fs-router.ts
-const ROUTE_EXTENSIONS = [
-	".tsx",
-	".jsx",
-	".ts",
-	".js"
-];
-/**
-* Scan a directory for route files.
-* Returns paths relative to the routes directory.
-*/
-async function scanRouteFiles(routesDir) {
-	const { readdir } = await import("node:fs/promises");
-	const { relative } = await import("node:path");
-	const files = [];
-	async function walk(dir) {
-		const entries = await readdir(dir, { withFileTypes: true });
-		for (const entry of entries) {
-			const fullPath = join(dir, entry.name);
-			if (entry.isDirectory()) await walk(fullPath);
-			else if (ROUTE_EXTENSIONS.some((ext) => entry.name.endsWith(ext))) files.push(relative(routesDir, fullPath));
-		}
-	}
-	await walk(routesDir);
-	return files;
-}
-
-//#endregion
-export { scanRouteFiles };
-//# sourceMappingURL=fs-router-3xzp-4Wj.js.map

package/lib/rolldown-runtime-CjeV3_4I.js

@@ -1,18 +0,0 @@
-//#region \0rolldown/runtime.js
-var __defProp = Object.defineProperty;
-var __exportAll = (all, no_symbols) => {
-	let target = {};
-	for (var name in all) {
-		__defProp(target, name, {
-			get: all[name],
-			enumerable: true
-		});
-	}
-	if (!no_symbols) {
-		__defProp(target, Symbol.toStringTag, { value: "Module" });
-	}
-	return target;
-};
-
-//#endregion
-export { __exportAll as t };