@q32/core 0.1.5 → 0.1.7

package/src/email.ts

@@ -0,0 +1,49 @@
+export type EmailAddress = {
+  email: string;
+  name?: string;
+};
+
+export type EmailAttachment = {
+  filename: string;
+  contentType: string;
+  data: Uint8Array | string;
+};
+
+export type SendEmailInput = {
+  from: EmailAddress;
+  to: EmailAddress[];
+  cc?: EmailAddress[];
+  bcc?: EmailAddress[];
+  replyTo?: EmailAddress[];
+  subject: string;
+  text?: string;
+  html?: string;
+  attachments?: EmailAttachment[];
+  tags?: Record<string, string>;
+};
+
+export type SendEmailResult = {
+  id: string;
+  provider?: string;
+  metadata?: Record<string, unknown>;
+};
+
+export interface EmailProvider {
+  send(input: SendEmailInput): Promise<SendEmailResult>;
+}
+
+export function formatEmailAddress(address: EmailAddress): string {
+  if (!address.name) return address.email;
+  const escaped = address.name.replace(/"/g, '\\"');
+  return `"${escaped}" <${address.email}>`;
+}
+
+export function normalizeEmailAddress(email: string): string {
+  const normalized = email.trim().toLowerCase();
+  if (!/^[^@\s]+@[^@\s]+\.[^@\s]+$/.test(normalized)) throw new Error(`Invalid email address: ${email}`);
+  return normalized;
+}
+
+export function appendUnsubscribeFooter(text: string, unsubscribeUrl: string): string {
+  return `${text.trim()}\n\nUnsubscribe: ${unsubscribeUrl}\n`;
+}

package/src/encoding.ts

@@ -0,0 +1,17 @@
+export function base64ToArrayBuffer(value: string): ArrayBuffer {
+  const binary = atob(value);
+  const bytes = new Uint8Array(binary.length);
+  for (let index = 0; index < binary.length; index += 1) {
+    bytes[index] = binary.charCodeAt(index);
+  }
+  return bytes.buffer;
+}
+
+export function arrayBufferToBase64(buffer: ArrayBuffer): string {
+  const bytes = new Uint8Array(buffer);
+  let binary = "";
+  for (let index = 0; index < bytes.length; index += 1) {
+    binary += String.fromCharCode(bytes[index]);
+  }
+  return btoa(binary);
+}

package/src/env.ts

@@ -0,0 +1,63 @@
+export type EnvSource = Record<string, unknown>;
+
+export class EnvError extends Error {
+  constructor(message: string) {
+    super(message);
+    this.name = "EnvError";
+  }
+}
+
+export function requiredString(env: EnvSource, key: string): string {
+  const value = env[key];
+  if (typeof value !== "string" || value.trim() === "") {
+    throw new EnvError(`Missing required env var: ${key}`);
+  }
+  return value;
+}
+
+export function optionalString(env: EnvSource, key: string, fallback?: string): string | undefined {
+  const value = env[key];
+  if (value === undefined || value === null || value === "") return fallback;
+  if (typeof value !== "string") throw new EnvError(`Expected ${key} to be a string.`);
+  return value;
+}
+
+export function requiredUrl(env: EnvSource, key: string): string {
+  const value = requiredString(env, key);
+  try {
+    return new URL(value).toString().replace(/\/$/, "");
+  } catch {
+    throw new EnvError(`Expected ${key} to be a valid URL.`);
+  }
+}
+
+export function optionalBoolean(env: EnvSource, key: string, fallback = false): boolean {
+  const value = env[key];
+  if (value === undefined || value === null || value === "") return fallback;
+  if (typeof value === "boolean") return value;
+  if (typeof value !== "string") throw new EnvError(`Expected ${key} to be boolean-like.`);
+  if (/^(1|true|yes|on)$/i.test(value)) return true;
+  if (/^(0|false|no|off)$/i.test(value)) return false;
+  throw new EnvError(`Expected ${key} to be boolean-like.`);
+}
+
+export function requiredBinding<T>(env: EnvSource, key: string): T {
+  const value = env[key];
+  if (value === undefined || value === null) throw new EnvError(`Missing required binding: ${key}`);
+  return value as T;
+}
+
+export type AppUrlOptions = {
+  fallback?: string;
+  keys?: string[];
+};
+
+export function appUrl(
+  env: EnvSource,
+  fallbackOrOptions: string | AppUrlOptions = "http://localhost:8787",
+): string {
+  const options = typeof fallbackOrOptions === "string" ? { fallback: fallbackOrOptions } : fallbackOrOptions;
+  const keys = options.keys ?? ["APP_URL", "BASE_URL", "PUBLIC_APP_URL"];
+  const value = keys.map((key) => optionalString(env, key)).find((candidate) => candidate !== undefined) ?? options.fallback ?? "http://localhost:8787";
+  return value.replace(/\/$/, "");
+}

package/src/hash.ts

@@ -0,0 +1,57 @@
+const encoder = new TextEncoder();
+
+export function toHex(bytes: Uint8Array): string {
+  return [...bytes].map((byte) => byte.toString(16).padStart(2, "0")).join("");
+}
+
+export function toBase64(bytes: Uint8Array): string {
+  let binary = "";
+  for (const byte of bytes) binary += String.fromCharCode(byte);
+  return btoa(binary);
+}
+
+export async function sha256Hex(value: string | ArrayBuffer): Promise<string> {
+  const data = typeof value === "string" ? encoder.encode(value) : value;
+  const digest = await crypto.subtle.digest("SHA-256", data);
+  return toHex(new Uint8Array(digest));
+}
+
+export async function hmacSha256Hex(
+  secret: string,
+  value: string | ArrayBuffer,
+): Promise<string> {
+  const signature = await hmacSha256(secret, value);
+  return toHex(new Uint8Array(signature));
+}
+
+export async function hmacSha256Base64(
+  secret: string,
+  value: string | ArrayBuffer,
+): Promise<string> {
+  const signature = await hmacSha256(secret, value);
+  return toBase64(new Uint8Array(signature));
+}
+
+export function timingSafeEqual(a: string, b: string): boolean {
+  if (a.length !== b.length) return false;
+  let mismatch = 0;
+  for (let index = 0; index < a.length; index += 1) {
+    mismatch |= a.charCodeAt(index) ^ b.charCodeAt(index);
+  }
+  return mismatch === 0;
+}
+
+async function hmacSha256(
+  secret: string,
+  value: string | ArrayBuffer,
+): Promise<ArrayBuffer> {
+  const key = await crypto.subtle.importKey(
+    "raw",
+    encoder.encode(secret),
+    { name: "HMAC", hash: "SHA-256" },
+    false,
+    ["sign"],
+  );
+  const data = typeof value === "string" ? encoder.encode(value) : value;
+  return crypto.subtle.sign("HMAC", key, data);
+}

package/src/http.ts

@@ -0,0 +1,78 @@
+export type JsonResponseInit = ResponseInit & {
+  pretty?: boolean;
+};
+
+export type FetchLike = typeof fetch;
+
+export const defaultFetch: FetchLike = (input, init) => fetch(input, init);
+
+export class HttpError extends Error {
+  constructor(
+    public readonly status: number,
+    message: string,
+    public readonly code = "http_error",
+  ) {
+    super(message);
+    this.name = "HttpError";
+  }
+}
+
+export function jsonResponse(value: unknown, init: JsonResponseInit = {}): Response {
+  const headers = new Headers(init.headers);
+  if (!headers.has("content-type")) headers.set("content-type", "application/json; charset=utf-8");
+  return new Response(JSON.stringify(value, null, init.pretty ? 2 : 0), {
+    ...init,
+    headers,
+  });
+}
+
+export function errorResponse(error: unknown, fallbackStatus = 500): Response {
+  if (error instanceof HttpError) {
+    return jsonResponse({ error: { code: error.code, message: error.message } }, { status: error.status });
+  }
+  const message = error instanceof Error ? error.message : String(error);
+  return jsonResponse({ error: { code: "internal_error", message } }, { status: fallbackStatus });
+}
+
+export async function readJson<T = unknown>(request: Request): Promise<T> {
+  const contentType = request.headers.get("content-type") ?? "";
+  if (!contentType.toLowerCase().includes("application/json")) {
+    throw new HttpError(415, "Expected application/json request body.", "unsupported_media_type");
+  }
+  try {
+    return (await request.json()) as T;
+  } catch {
+    throw new HttpError(400, "Invalid JSON request body.", "invalid_json");
+  }
+}
+
+export function requireBearerToken(request: Request): string {
+  const value = request.headers.get("authorization") ?? "";
+  const match = value.match(/^Bearer\s+(.+)$/i);
+  if (!match) throw new HttpError(401, "Missing bearer token.", "missing_bearer_token");
+  return match[1];
+}
+
+export function requireAdminToken(request: Request, expected: string | undefined): void {
+  if (!expected) throw new HttpError(500, "Admin token is not configured.", "admin_token_not_configured");
+  const provided = request.headers.get("x-admin-token") ?? requireBearerToken(request);
+  if (provided !== expected) throw new HttpError(403, "Invalid admin token.", "invalid_admin_token");
+}
+
+export function absoluteUrl(appUrl: string, path: string): string {
+  return `${appUrl.replace(/\/$/, "")}${path.startsWith("/") ? path : `/${path}`}`;
+}
+
+export function escapeHtml(value: string | null | undefined): string {
+  return String(value ?? "")
+    .replaceAll("&", "&amp;")
+    .replaceAll("<", "&lt;")
+    .replaceAll(">", "&gt;")
+    .replaceAll('"', "&quot;")
+    .replaceAll("'", "&#039;");
+}
+
+export async function readResponseExcerpt(response: Response, maxLength = 800): Promise<string> {
+  const text = await response.text().catch(() => "");
+  return text.slice(0, maxLength);
+}

package/src/ids.ts

@@ -0,0 +1,55 @@
+const DEFAULT_TOKEN_BYTES = 32;
+const BASE36_ALPHABET = "0123456789abcdefghijklmnopqrstuvwxyz";
+
+export function createId(prefix: string, bytes = 12): string {
+  const cleanPrefix = prefix.trim().replace(/[^a-zA-Z0-9_-]/g, "_");
+  if (!cleanPrefix) throw new Error("ID prefix is required.");
+  return `${cleanPrefix}_${randomBase64Url(bytes)}`;
+}
+
+export function createToken(prefix = "tok", bytes = DEFAULT_TOKEN_BYTES): string {
+  return createId(prefix, bytes);
+}
+
+export function randomBase36(length: number): string {
+  const safeLength = Math.max(1, Math.floor(length));
+  const bytes = new Uint8Array(safeLength);
+  crypto.getRandomValues(bytes);
+  let value = "";
+  for (const byte of bytes) value += BASE36_ALPHABET[byte % BASE36_ALPHABET.length];
+  return value;
+}
+
+export function createBase36Id(prefix: string, length = 20): string {
+  return `${prefix}_${randomBase36(length)}`;
+}
+
+export function createBase36Token(prefix: string, length = 40): string {
+  return `${prefix}_${randomBase36(length)}`;
+}
+
+export function randomBase64Url(bytes = DEFAULT_TOKEN_BYTES): string {
+  const data = new Uint8Array(Math.max(1, Math.floor(bytes)));
+  crypto.getRandomValues(data);
+  return toBase64Url(data);
+}
+
+export function toBase64Url(input: string | Uint8Array): string {
+  const bytes = typeof input === "string" ? new TextEncoder().encode(input) : input;
+  let binary = "";
+  for (const byte of bytes) binary += String.fromCharCode(byte);
+  return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
+}
+
+export function fromBase64Url(value: string): Uint8Array {
+  const padded = value.replace(/-/g, "+").replace(/_/g, "/").padEnd(Math.ceil(value.length / 4) * 4, "=");
+  const binary = atob(padded);
+  const bytes = new Uint8Array(binary.length);
+  for (let i = 0; i < binary.length; i += 1) bytes[i] = binary.charCodeAt(i);
+  return bytes;
+}
+
+export async function sha256Hex(input: string): Promise<string> {
+  const digest = await crypto.subtle.digest("SHA-256", new TextEncoder().encode(input));
+  return [...new Uint8Array(digest)].map((byte) => byte.toString(16).padStart(2, "0")).join("");
+}

package/src/index.ts

@@ -0,0 +1,23 @@
+export * from "./api.js";
+export * from "./ai.js";
+export * from "./billing.js";
+export * from "./cloudflare.js";
+export * from "./crypto.js";
+export * from "./d1.js";
+export * from "./encoding.js";
+export * from "./email.js";
+export * from "./env.js";
+export * from "./http.js";
+export * from "./ids.js";
+export * from "./jobs.js";
+export * from "./mcp.js";
+export * from "./oauth.js";
+export * from "./ops-events.js";
+export * from "./pg.js";
+export * from "./pg-kysely.js";
+export * from "./r2-json.js";
+export * from "./rate-limit.js";
+export * from "./seo.js";
+export * from "./session.js";
+export * from "./testing.js";
+export * from "./time.js";

package/src/jobs.ts

@@ -0,0 +1,276 @@
+import type { D1DatabaseLike } from "./d1.js";
+import { parseJsonColumn, stringifyJsonColumn } from "./d1.js";
+import { createId } from "./ids.js";
+import { isFutureIso, nowIso } from "./time.js";
+
+export type JobStatus = "queued" | "running" | "succeeded" | "failed";
+
+export type JobHandlerResult<TResult = unknown> =
+  | { kind: "done"; result?: TResult | null }
+  | { kind: "requeue"; result?: TResult | null; availableAt?: string | null };
+
+export type JobRecord<TPayload = unknown, TResult = unknown> = {
+  jobId: string;
+  jobType: string;
+  status: JobStatus;
+  payload: TPayload;
+  result: TResult | null;
+  lockKey: string | null;
+  attemptCount: number;
+  maxAttempts: number;
+  availableAt: string | null;
+  startedAt: string | null;
+  completedAt: string | null;
+  lastError: string | null;
+  createdAt: string;
+  updatedAt: string;
+};
+
+export type EnqueueJobInput<TPayload = unknown> = {
+  jobType: string;
+  payload?: TPayload;
+  lockKey?: string | null;
+  maxAttempts?: number;
+  availableAt?: string | null;
+};
+
+export class D1JobStore {
+  constructor(
+    private readonly db: D1DatabaseLike,
+    private readonly options: { tableName?: string; idPrefix?: string } = {},
+  ) {}
+
+  get tableName(): string {
+    return this.options.tableName ?? "jobs";
+  }
+
+  async enqueue<TPayload = unknown>(input: EnqueueJobInput<TPayload>): Promise<JobRecord<TPayload>> {
+    const jobId = createId(this.options.idPrefix ?? "job");
+    const now = nowIso();
+    await this.db
+      .prepare(
+        `INSERT INTO ${this.tableName} (
+          job_id, job_type, status, payload_json, result_json, lock_key,
+          attempt_count, max_attempts, available_at, created_at, updated_at
+        ) VALUES (?, ?, 'queued', ?, NULL, ?, 0, ?, ?, ?, ?)`,
+      )
+      .bind(
+        jobId,
+        input.jobType,
+        stringifyJsonColumn(input.payload ?? {}),
+        input.lockKey ?? null,
+        Math.max(1, Math.floor(input.maxAttempts ?? 3)),
+        input.availableAt ?? null,
+        now,
+        now,
+      )
+      .run();
+
+    const job = await this.get<TPayload>(jobId);
+    if (!job) throw new Error(`Failed to load enqueued job: ${jobId}`);
+    return job;
+  }
+
+  async get<TPayload = unknown, TResult = unknown>(jobId: string): Promise<JobRecord<TPayload, TResult> | null> {
+    const row = await this.db
+      .prepare(
+        `SELECT
+          job_id AS jobId,
+          job_type AS jobType,
+          status,
+          payload_json AS payloadJson,
+          result_json AS resultJson,
+          lock_key AS lockKey,
+          attempt_count AS attemptCount,
+          max_attempts AS maxAttempts,
+          available_at AS availableAt,
+          started_at AS startedAt,
+          completed_at AS completedAt,
+          last_error AS lastError,
+          created_at AS createdAt,
+          updated_at AS updatedAt
+        FROM ${this.tableName}
+        WHERE job_id = ?
+        LIMIT 1`,
+      )
+      .bind(jobId)
+      .first<JobRow>();
+    return row ? rowToJob<TPayload, TResult>(row) : null;
+  }
+
+  async listQueued(limit = 25): Promise<JobRecord[]> {
+    const now = nowIso();
+    const rows = await this.db
+      .prepare(
+        `SELECT
+          job_id AS jobId, job_type AS jobType, status, payload_json AS payloadJson,
+          result_json AS resultJson, lock_key AS lockKey, attempt_count AS attemptCount,
+          max_attempts AS maxAttempts, available_at AS availableAt, started_at AS startedAt,
+          completed_at AS completedAt, last_error AS lastError, created_at AS createdAt, updated_at AS updatedAt
+        FROM ${this.tableName}
+        WHERE status = 'queued' AND (available_at IS NULL OR available_at <= ?)
+        ORDER BY created_at ASC
+        LIMIT ?`,
+      )
+      .bind(now, Math.max(1, Math.min(100, Math.floor(limit))))
+      .all<JobRow>();
+    return (rows.results ?? []).map(rowToJob);
+  }
+
+  async claim<TPayload = unknown>(jobId: string): Promise<JobRecord<TPayload> | null> {
+    const current = await this.get<TPayload>(jobId);
+    if (!current || current.status === "succeeded" || current.status === "failed") return null;
+    if (current.status === "queued" && isFutureIso(current.availableAt)) return null;
+    if (current.attemptCount >= current.maxAttempts) {
+      await this.fail(jobId, "Job exhausted all attempts.");
+      return null;
+    }
+
+    const now = nowIso();
+    const result = await this.db
+      .prepare(
+        `UPDATE ${this.tableName}
+         SET status = 'running',
+             attempt_count = attempt_count + 1,
+             started_at = COALESCE(started_at, ?),
+             updated_at = ?,
+             last_error = NULL
+         WHERE job_id = ?
+           AND status IN ('queued', 'running')
+           AND (available_at IS NULL OR available_at <= ?)`,
+      )
+      .bind(now, now, jobId, now)
+      .run();
+
+    if (!Number(result.meta.changes ?? 0)) return null;
+    return this.get<TPayload>(jobId);
+  }
+
+  async succeed<TResult = unknown>(jobId: string, result: TResult | null = null): Promise<void> {
+    const now = nowIso();
+    await this.db
+      .prepare(
+        `UPDATE ${this.tableName}
+         SET status = 'succeeded', result_json = ?, completed_at = ?, updated_at = ?
+         WHERE job_id = ?`,
+      )
+      .bind(stringifyJsonColumn(result), now, now, jobId)
+      .run();
+  }
+
+  async requeue<TResult = unknown>(jobId: string, result: TResult | null = null, availableAt: string | null = null): Promise<void> {
+    const now = nowIso();
+    await this.db
+      .prepare(
+        `UPDATE ${this.tableName}
+         SET status = 'queued', result_json = ?, available_at = ?, updated_at = ?
+         WHERE job_id = ?`,
+      )
+      .bind(stringifyJsonColumn(result), availableAt, now, jobId)
+      .run();
+  }
+
+  async fail(jobId: string, error: unknown): Promise<void> {
+    const now = nowIso();
+    const message = error instanceof Error ? error.message : String(error);
+    await this.db
+      .prepare(
+        `UPDATE ${this.tableName}
+         SET status = 'failed', last_error = ?, completed_at = ?, updated_at = ?
+         WHERE job_id = ?`,
+      )
+      .bind(message, now, now, jobId)
+      .run();
+  }
+
+  async run<TPayload = unknown, TResult = unknown>(
+    jobId: string,
+    handler: (job: JobRecord<TPayload, TResult>) => Promise<JobHandlerResult<TResult> | TResult | void>,
+  ): Promise<JobHandlerResult<TResult>> {
+    const job = await this.claim<TPayload>(jobId);
+    if (!job) return { kind: "done", result: null };
+
+    try {
+      const output = await handler(job as JobRecord<TPayload, TResult>);
+      const normalized = normalizeJobResult<TResult>(output);
+      if (normalized.kind === "requeue") {
+        await this.requeue(jobId, normalized.result ?? null, normalized.availableAt ?? null);
+      } else {
+        await this.succeed(jobId, normalized.result ?? null);
+      }
+      return normalized;
+    } catch (error) {
+      const latest = await this.get(jobId);
+      if (latest && latest.attemptCount < latest.maxAttempts) {
+        await this.requeue(jobId, { retryError: error instanceof Error ? error.message : String(error) });
+        return { kind: "requeue", result: null };
+      }
+      await this.fail(jobId, error);
+      throw error;
+    }
+  }
+}
+
+export const D1_JOBS_SCHEMA = `
+CREATE TABLE IF NOT EXISTS jobs (
+  job_id TEXT PRIMARY KEY,
+  job_type TEXT NOT NULL,
+  status TEXT NOT NULL,
+  payload_json TEXT NOT NULL DEFAULT '{}',
+  result_json TEXT,
+  lock_key TEXT,
+  attempt_count INTEGER NOT NULL DEFAULT 0,
+  max_attempts INTEGER NOT NULL DEFAULT 3,
+  available_at TEXT,
+  started_at TEXT,
+  completed_at TEXT,
+  last_error TEXT,
+  created_at TEXT NOT NULL,
+  updated_at TEXT NOT NULL
+);
+CREATE INDEX IF NOT EXISTS jobs_status_available_idx ON jobs(status, available_at, created_at);
+CREATE INDEX IF NOT EXISTS jobs_type_status_idx ON jobs(job_type, status, created_at);
+CREATE UNIQUE INDEX IF NOT EXISTS jobs_active_lock_key_idx ON jobs(lock_key)
+  WHERE lock_key IS NOT NULL AND status IN ('queued', 'running');
+`;
+
+type JobRow = {
+  jobId: string;
+  jobType: string;
+  status: JobStatus;
+  payloadJson: string;
+  resultJson: string | null;
+  lockKey: string | null;
+  attemptCount: number;
+  maxAttempts: number;
+  availableAt: string | null;
+  startedAt: string | null;
+  completedAt: string | null;
+  lastError: string | null;
+  createdAt: string;
+  updatedAt: string;
+};
+
+function rowToJob<TPayload = unknown, TResult = unknown>(row: JobRow): JobRecord<TPayload, TResult> {
+  return {
+    jobId: row.jobId,
+    jobType: row.jobType,
+    status: row.status,
+    payload: parseJsonColumn<TPayload>(row.payloadJson, {} as TPayload),
+    result: parseJsonColumn<TResult | null>(row.resultJson, null),
+    lockKey: row.lockKey,
+    attemptCount: Number(row.attemptCount),
+    maxAttempts: Number(row.maxAttempts),
+    availableAt: row.availableAt,
+    startedAt: row.startedAt,
+    completedAt: row.completedAt,
+    lastError: row.lastError,
+    createdAt: row.createdAt,
+    updatedAt: row.updatedAt,
+  };
+}
+
+function normalizeJobResult<TResult>(output: JobHandlerResult<TResult> | TResult | void): JobHandlerResult<TResult> {
+  if (output && typeof output === "object" && "kind" in output) return output as JobHandlerResult<TResult>;
+  return { kind: "done", result: (output ?? null) as TResult | null };
+}

package/src/mcp.ts

@@ -0,0 +1,52 @@
+import type { ApiOperationRegistry } from "./api.js";
+
+export type McpToolDescriptor = {
+  name: string;
+  title?: string;
+  description?: string;
+  inputSchema: Record<string, unknown>;
+  annotations?: Record<string, unknown>;
+};
+
+export function mcpToolsFromApiRegistry<TContext>(
+  registry: ApiOperationRegistry<TContext>,
+  options: { includeScopes?: boolean } = {},
+): McpToolDescriptor[] {
+  return Object.values(registry).map((operation) => ({
+    name: operation.name,
+    title: operation.title,
+    description: operation.description,
+    inputSchema: jsonSchemaPlaceholder(operation.path),
+    annotations: options.includeScopes && operation.scope ? { scope: operation.scope } : undefined,
+  }));
+}
+
+export function mcpWellKnownServerMetadata(options: {
+  name: string;
+  url: string;
+  description?: string;
+  authorizationServers?: string[];
+}): Record<string, unknown> {
+  return {
+    name: options.name,
+    description: options.description,
+    transport: "http",
+    url: options.url,
+    authorization_servers: options.authorizationServers,
+  };
+}
+
+function jsonSchemaPlaceholder(path: string): Record<string, unknown> {
+  const properties: Record<string, unknown> = {};
+  const required: string[] = [];
+  for (const match of path.matchAll(/\{([A-Za-z_][A-Za-z0-9_]*)\}/g)) {
+    properties[match[1]] = { type: "string" };
+    required.push(match[1]);
+  }
+  return {
+    type: "object",
+    properties,
+    required,
+    additionalProperties: true,
+  };
+}