npm - @rangojs/router - Versions diffs - 0.0.0-experimental.d7eeaa75 → 0.0.0-experimental.dc2bd2b4 - Mend

@rangojs/router 0.0.0-experimental.d7eeaa75 → 0.0.0-experimental.dc2bd2b4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (253) hide show

package/README.md +120 -25
package/dist/bin/rango.js +147 -57
package/dist/testing/vitest.js +48 -0
package/dist/vite/index.js +2151 -846
package/dist/vite/plugins/cloudflare-protocol-loader-hook.mjs +76 -0
package/package.json +57 -11
package/skills/breadcrumbs/SKILL.md +3 -1
package/skills/bundle-analysis/SKILL.md +159 -0
package/skills/cache-guide/SKILL.md +220 -30
package/skills/caching/SKILL.md +116 -8
package/skills/composability/SKILL.md +27 -2
package/skills/document-cache/SKILL.md +78 -55
package/skills/handler-use/SKILL.md +364 -0
package/skills/hooks/SKILL.md +229 -20
package/skills/host-router/SKILL.md +45 -20
package/skills/i18n/SKILL.md +276 -0
package/skills/intercept/SKILL.md +46 -4
package/skills/layout/SKILL.md +28 -7
package/skills/links/SKILL.md +247 -17
package/skills/loader/SKILL.md +219 -9
package/skills/middleware/SKILL.md +47 -12
package/skills/migrate-nextjs/SKILL.md +562 -0
package/skills/migrate-react-router/SKILL.md +769 -0
package/skills/mime-routes/SKILL.md +27 -0
package/skills/observability/SKILL.md +137 -0
package/skills/parallel/SKILL.md +71 -6
package/skills/prerender/SKILL.md +14 -33
package/skills/rango/SKILL.md +242 -22
package/skills/react-compiler/SKILL.md +168 -0
package/skills/response-routes/SKILL.md +66 -9
package/skills/route/SKILL.md +57 -4
package/skills/router-setup/SKILL.md +3 -3
package/skills/server-actions/SKILL.md +751 -0
package/skills/streams-and-websockets/SKILL.md +283 -0
package/skills/testing/SKILL.md +647 -0
package/skills/typesafety/SKILL.md +319 -27
package/skills/use-cache/SKILL.md +34 -5
package/skills/view-transitions/SKILL.md +294 -0
package/src/__augment-tests__/augment.ts +81 -0
package/src/__augment-tests__/augmented.check.ts +117 -0
package/src/browser/action-coordinator.ts +53 -36
package/src/browser/app-shell.ts +52 -0
package/src/browser/event-controller.ts +86 -70
package/src/browser/history-state.ts +21 -0
package/src/browser/index.ts +3 -3
package/src/browser/navigation-bridge.ts +84 -11
package/src/browser/navigation-client.ts +76 -28
package/src/browser/navigation-store.ts +32 -9
package/src/browser/navigation-transaction.ts +10 -28
package/src/browser/partial-update.ts +64 -26
package/src/browser/prefetch/cache.ts +129 -21
package/src/browser/prefetch/fetch.ts +148 -16
package/src/browser/prefetch/queue.ts +36 -5
package/src/browser/rango-state.ts +53 -13
package/src/browser/react/Link.tsx +30 -2
package/src/browser/react/NavigationProvider.tsx +72 -31
package/src/browser/react/filter-segment-order.ts +51 -7
package/src/browser/react/index.ts +3 -0
package/src/browser/react/location-state-shared.ts +175 -4
package/src/browser/react/location-state.ts +39 -13
package/src/browser/react/use-handle.ts +17 -9
package/src/browser/react/use-navigation.ts +22 -2
package/src/browser/react/use-params.ts +20 -8
package/src/browser/react/use-reverse.ts +106 -0
package/src/browser/react/use-router.ts +22 -2
package/src/browser/react/use-segments.ts +11 -8
package/src/browser/response-adapter.ts +25 -0
package/src/browser/rsc-router.tsx +64 -22
package/src/browser/scroll-restoration.ts +22 -14
package/src/browser/segment-reconciler.ts +36 -14
package/src/browser/segment-structure-assert.ts +2 -2
package/src/browser/server-action-bridge.ts +23 -30
package/src/browser/types.ts +21 -0
package/src/build/collect-fallback-refs.ts +107 -0
package/src/build/generate-manifest.ts +60 -35
package/src/build/generate-route-types.ts +2 -0
package/src/build/index.ts +2 -0
package/src/build/route-trie.ts +52 -25
package/src/build/route-types/codegen.ts +4 -4
package/src/build/route-types/include-resolution.ts +1 -1
package/src/build/route-types/per-module-writer.ts +7 -4
package/src/build/route-types/router-processing.ts +55 -14
package/src/build/route-types/scan-filter.ts +1 -1
package/src/build/route-types/source-scan.ts +118 -0
package/src/build/runtime-discovery.ts +9 -20
package/src/cache/cache-scope.ts +28 -42
package/src/cache/cf/cf-cache-store.ts +54 -13
package/src/client.rsc.tsx +3 -0
package/src/client.tsx +92 -182
package/src/context-var.ts +5 -5
package/src/decode-loader-results.ts +36 -0
package/src/errors.ts +30 -1
package/src/handle.ts +26 -13
package/src/host/index.ts +2 -2
package/src/host/router.ts +129 -57
package/src/host/types.ts +31 -2
package/src/host/utils.ts +1 -1
package/src/href-client.ts +140 -20
package/src/index.rsc.ts +9 -4
package/src/index.ts +53 -15
package/src/loader-store.ts +500 -0
package/src/loader.rsc.ts +2 -5
package/src/loader.ts +3 -10
package/src/missing-id-error.ts +68 -0
package/src/outlet-context.ts +1 -1
package/src/prerender.ts +4 -4
package/src/response-utils.ts +37 -0
package/src/reverse.ts +65 -36
package/src/route-content-wrapper.tsx +6 -28
package/src/route-definition/dsl-helpers.ts +384 -257
package/src/route-definition/helper-factories.ts +29 -139
package/src/route-definition/helpers-types.ts +100 -28
package/src/route-definition/resolve-handler-use.ts +6 -0
package/src/route-definition/use-item-types.ts +32 -0
package/src/route-types.ts +26 -41
package/src/router/basename.ts +14 -0
package/src/router/content-negotiation.ts +15 -2
package/src/router/error-handling.ts +1 -1
package/src/router/handler-context.ts +21 -38
package/src/router/intercept-resolution.ts +4 -18
package/src/router/lazy-includes.ts +8 -8
package/src/router/loader-resolution.ts +19 -2
package/src/router/manifest.ts +22 -13
package/src/router/match-api.ts +4 -3
package/src/router/match-handlers.ts +63 -20
package/src/router/match-middleware/cache-lookup.ts +44 -91
package/src/router/match-middleware/cache-store.ts +3 -2
package/src/router/match-result.ts +53 -32
package/src/router/metrics.ts +1 -1
package/src/router/middleware-types.ts +15 -26
package/src/router/middleware.ts +99 -84
package/src/router/pattern-matching.ts +101 -17
package/src/router/prerender-match.ts +1 -1
package/src/router/preview-match.ts +3 -1
package/src/router/request-classification.ts +4 -28
package/src/router/revalidation.ts +58 -2
package/src/router/router-interfaces.ts +45 -28
package/src/router/router-options.ts +40 -1
package/src/router/router-registry.ts +2 -5
package/src/router/segment-resolution/fresh.ts +27 -6
package/src/router/segment-resolution/revalidation.ts +147 -106
package/src/router/segment-resolution/view-transition-default.ts +36 -0
package/src/router/substitute-pattern-params.ts +56 -0
package/src/router/telemetry.ts +99 -0
package/src/router/trie-matching.ts +18 -13
package/src/router/types.ts +8 -0
package/src/router/url-params.ts +49 -0
package/src/router.ts +38 -23
package/src/rsc/handler-context.ts +2 -2
package/src/rsc/handler.ts +28 -69
package/src/rsc/helpers.ts +91 -43
package/src/rsc/index.ts +1 -1
package/src/rsc/origin-guard.ts +28 -10
package/src/rsc/progressive-enhancement.ts +4 -0
package/src/rsc/response-route-handler.ts +46 -53
package/src/rsc/rsc-rendering.ts +35 -51
package/src/rsc/runtime-warnings.ts +9 -10
package/src/rsc/server-action.ts +17 -37
package/src/rsc/ssr-setup.ts +16 -0
package/src/rsc/types.ts +8 -2
package/src/search-params.ts +4 -4
package/src/segment-content-promise.ts +67 -0
package/src/segment-loader-promise.ts +122 -0
package/src/segment-system.tsx +132 -116
package/src/serialize.ts +243 -0
package/src/server/context.ts +143 -53
package/src/server/cookie-store.ts +28 -4
package/src/server/request-context.ts +20 -42
package/src/ssr/index.tsx +5 -1
package/src/static-handler.ts +1 -1
package/src/testing/cache-status.ts +166 -0
package/src/testing/collect-handle.ts +63 -0
package/src/testing/dispatch.ts +440 -0
package/src/testing/dom.entry.ts +22 -0
package/src/testing/e2e/fixture.ts +154 -0
package/src/testing/e2e/index.ts +149 -0
package/src/testing/e2e/matchers.ts +51 -0
package/src/testing/e2e/page-helpers.ts +272 -0
package/src/testing/e2e/parity.ts +306 -0
package/src/testing/e2e/server.ts +183 -0
package/src/testing/flight-matchers.ts +104 -0
package/src/testing/flight-runtime.d.ts +21 -0
package/src/testing/flight.entry.ts +22 -0
package/src/testing/flight.ts +182 -0
package/src/testing/generated-routes.ts +223 -0
package/src/testing/index.ts +105 -0
package/src/testing/internal/context.ts +193 -0
package/src/testing/render-route.tsx +536 -0
package/src/testing/run-loader.ts +296 -0
package/src/testing/run-middleware.ts +170 -0
package/src/testing/vitest-stubs/cloudflare-email.ts +9 -0
package/src/testing/vitest-stubs/cloudflare-workers.ts +21 -0
package/src/testing/vitest-stubs/plugin-rsc.ts +16 -0
package/src/testing/vitest-stubs/version.ts +5 -0
package/src/testing/vitest.ts +183 -0
package/src/types/global-namespace.ts +39 -26
package/src/types/handler-context.ts +68 -50
package/src/types/index.ts +1 -0
package/src/types/loader-types.ts +5 -6
package/src/types/request-scope.ts +126 -0
package/src/types/route-entry.ts +11 -0
package/src/types/segments.ts +35 -2
package/src/urls/include-helper.ts +34 -67
package/src/urls/index.ts +0 -3
package/src/urls/path-helper-types.ts +41 -7
package/src/urls/path-helper.ts +17 -52
package/src/urls/pattern-types.ts +36 -19
package/src/urls/response-types.ts +22 -29
package/src/urls/type-extraction.ts +26 -116
package/src/urls/urls-function.ts +1 -5
package/src/use-loader.tsx +413 -42
package/src/vite/debug.ts +185 -0
package/src/vite/discovery/bundle-postprocess.ts +6 -6
package/src/vite/discovery/discover-routers.ts +101 -51
package/src/vite/discovery/discovery-errors.ts +194 -0
package/src/vite/discovery/gate-state.ts +171 -0
package/src/vite/discovery/prerender-collection.ts +67 -26
package/src/vite/discovery/route-types-writer.ts +40 -84
package/src/vite/discovery/self-gen-tracking.ts +27 -1
package/src/vite/discovery/state.ts +33 -0
package/src/vite/discovery/virtual-module-codegen.ts +13 -23
package/src/vite/index.ts +2 -0
package/src/vite/plugin-types.ts +67 -0
package/src/vite/plugins/cjs-to-esm.ts +8 -7
package/src/vite/plugins/client-ref-dedup.ts +16 -0
package/src/vite/plugins/client-ref-hashing.ts +28 -5
package/src/vite/plugins/cloudflare-protocol-loader-hook.d.mts +23 -0
package/src/vite/plugins/cloudflare-protocol-loader-hook.mjs +76 -0
package/src/vite/plugins/cloudflare-protocol-stub.ts +214 -0
package/src/vite/plugins/expose-action-id.ts +54 -30
package/src/vite/plugins/expose-id-utils.ts +12 -8
package/src/vite/plugins/expose-ids/export-analysis.ts +100 -20
package/src/vite/plugins/expose-ids/handler-transform.ts +8 -61
package/src/vite/plugins/expose-ids/loader-transform.ts +3 -5
package/src/vite/plugins/expose-ids/router-transform.ts +20 -3
package/src/vite/plugins/expose-internal-ids.ts +496 -486
package/src/vite/plugins/performance-tracks.ts +29 -25
package/src/vite/plugins/use-cache-transform.ts +65 -50
package/src/vite/plugins/version-injector.ts +39 -23
package/src/vite/plugins/version-plugin.ts +59 -2
package/src/vite/plugins/virtual-entries.ts +2 -2
package/src/vite/rango.ts +116 -29
package/src/vite/router-discovery.ts +750 -100
package/src/vite/utils/ast-handler-extract.ts +15 -15
package/src/vite/utils/banner.ts +1 -1
package/src/vite/utils/bundle-analysis.ts +4 -2
package/src/vite/utils/client-chunks.ts +190 -0
package/src/vite/utils/forward-user-plugins.ts +193 -0
package/src/vite/utils/manifest-utils.ts +21 -5
package/src/vite/utils/package-resolution.ts +41 -1
package/src/vite/utils/prerender-utils.ts +21 -6
package/src/vite/utils/shared-utils.ts +107 -26
package/src/browser/action-response-classifier.ts +0 -99

package/src/router/match-result.ts CHANGED Viewed

@@ -138,34 +138,38 @@ export async function collectSegments(
 function deduplicateLoaderSegments(
   segments: ResolvedSegment[],
   logPrefix: string,
-): ResolvedSegment[] {
-  // First pass: collect loaderIds of original (non-inherited) segments
-  // and whether their parent entry uses loading()
+): { segments: ResolvedSegment[]; removedIds: Set<string> } {
+  // Single pass: original (non-inherited) loaderIds, all loaderIds grouped by
+  // namespace, and namespaces of segments that declare loading().
   const originalLoaders = new Set<string>();
-  const loadersWithLoading = new Set<string>();
+  const loaderIdsByNamespace = new Map<string, string[]>();
+  const namespacesWithLoading = new Set<string>();
   for (const s of segments) {
-    if (s.type === "loader" && s.loaderId && !s._inherited) {
-      originalLoaders.add(s.loaderId);
-      // If the segment has a sibling with loading, the parent uses loading()
-      // We detect this by checking if any non-loader segment in the same
-      // namespace has loading defined
+    if (s.type === "loader" && s.loaderId) {
+      if (!s._inherited) originalLoaders.add(s.loaderId);
+      const ids = loaderIdsByNamespace.get(s.namespace);
+      if (ids) ids.push(s.loaderId);
+      else loaderIdsByNamespace.set(s.namespace, [s.loaderId]);
+    } else if (
+      s.type !== "loader" &&
+      s.loading !== undefined &&
+      s.loading !== false
+    ) {
+      namespacesWithLoading.add(s.namespace);
     }
   }
-  // Check if any layout/route segment has loading — if a loader's namespace
-  // matches a segment with loading, the inherited copy is needed
-  for (const s of segments) {
-    if (s.type !== "loader" && s.loading !== undefined && s.loading !== false) {
-      // Find loaders in this namespace
-      for (const l of segments) {
-        if (l.type === "loader" && l.namespace === s.namespace && l.loaderId) {
-          loadersWithLoading.add(l.loaderId);
-        }
-      }
+  // An inherited loader is needed when it shares a namespace with a
+  // loading-bearing segment (its data sits behind that LoaderBoundary).
+  const loadersWithLoading = new Set<string>();
+  for (const ns of namespacesWithLoading) {
+    for (const id of loaderIdsByNamespace.get(ns) ?? []) {
+      loadersWithLoading.add(id);
     }
   }
   const result: ResolvedSegment[] = [];
-  let dedupCount = 0;
+  const removedIds = new Set<string>();
   for (const s of segments) {
     if (
@@ -175,17 +179,20 @@ function deduplicateLoaderSegments(
       originalLoaders.has(s.loaderId) &&
       !loadersWithLoading.has(s.loaderId)
     ) {
-      dedupCount++;
+      removedIds.add(s.id);
       continue;
     }
     result.push(s);
   }
-  if (dedupCount > 0) {
-    debugLog(logPrefix, `deduped ${dedupCount} inherited loader segment(s)`);
+  if (removedIds.size > 0) {
+    debugLog(
+      logPrefix,
+      `deduped ${removedIds.size} inherited loader segment(s)`,
+    );
   }
-  return result;
+  return { segments: result, removedIds };
 }
 /**
@@ -244,7 +251,7 @@ export function buildMatchResult<TEnv>(
     );
   }
-  const dedupedSegments = deduplicateLoaderSegments(
+  const { segments: dedupedSegments, removedIds } = deduplicateLoaderSegments(
     segmentsToRender,
     logPrefix,
   );
@@ -262,18 +269,32 @@ export function buildMatchResult<TEnv>(
   // Remove deduped loader IDs from matched so the client doesn't treat
   // them as missing segments and trigger a fallback refetch.
-  const removedIds = new Set(
-    segmentsToRender
-      .filter((s) => !dedupedSegments.includes(s))
-      .map((s) => s.id),
-  );
   const matchedIds =
     removedIds.size > 0 ? allIds.filter((id) => !removedIds.has(id)) : allIds;
+  // resolvedIds: every segment whose handler actually ran this request.
+  // For full-match every segment is fresh; for partial-match we filter by
+  // the internal `_handlerRan` flag set in revalidation.ts. Drives the
+  // client's handle-bucket cleanup — a slot that re-resolved and pushed
+  // nothing must have its previous handle data cleared, but `diff` won't
+  // carry it because the segment payload skips null-component cached
+  // segments to save bytes.
+  const resolvedIds = ctx.isFullMatch
+    ? allSegments.map((s) => s.id)
+    : allSegments.filter((s) => s._handlerRan).map((s) => s.id);
+  // Strip internal-only fields from the segments going on the wire.
+  const cleanedSegments = dedupedSegments.map((s) => {
+    if (s._handlerRan === undefined) return s;
+    const { _handlerRan: _drop, ...rest } = s;
+    return rest as ResolvedSegment;
+  });
   return {
-    segments: dedupedSegments,
+    segments: cleanedSegments,
     matched: matchedIds,
-    diff: dedupedSegments.map((s) => s.id),
+    diff: cleanedSegments.map((s) => s.id),
+    resolvedIds,
     params: ctx.matched.params,
     routeName: ctx.routeKey,
     slots: Object.keys(state.slots).length > 0 ? state.slots : undefined,

package/src/router/metrics.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 /**
  * Router Metrics Utilities
  *
- * Performance metrics collection and reporting for RSC Router.
+ * Performance metrics collection and reporting for Rango.
  */
 import type { MetricsStore, PerformanceMetric } from "../server/context";

package/src/router/middleware-types.ts CHANGED Viewed

@@ -14,6 +14,7 @@ import type {
 import type { ScopedReverseFunction } from "../reverse.js";
 import type { Theme } from "../theme/types.js";
 import type { LocationStateEntry } from "../browser/react/location-state-shared.js";
+import type { RequestScope } from "../types/request-scope.js";
 /**
  * Get variable function type
@@ -52,33 +53,15 @@ export interface CookieOptions {
  * Context passed to middleware
  *
  * @template TEnv - Environment type (bindings, variables) - defaults to any for internal flexibility
- * @template TParams - URL params type (typed for route middleware, Record<string, string> for global middleware)
+ * @template TParams - URL params type (typed for route middleware,
+ *   `Record<string, string | undefined>` for global middleware — absent
+ *   optional segments are omitted from the params record at runtime, so
+ *   the index signature must include `undefined`)
  */
 export interface MiddlewareContext<
   TEnv = any,
-  TParams = Record<string, string>,
-> {
-  /** Original request */
-  request: Request;
-  /** Parsed URL (with internal `_rsc*` params stripped) */
-  url: URL;
-  /**
-   * The original request URL with all parameters intact, including
-   * internal `_rsc*` transport params.
-   */
-  originalUrl: URL;
-  /** URL pathname */
-  pathname: string;
-  /** URL search params */
-  searchParams: URLSearchParams;
-  /** Platform bindings (Cloudflare, etc.) */
-  env: TEnv;
+  TParams = Record<string, string | undefined>,
+> extends RequestScope<TEnv> {
   /** URL params extracted from route/middleware pattern */
   params: TParams;
@@ -157,7 +140,7 @@ export interface MiddlewareContext<
  * @template TEnv - Environment type - defaults to any for internal flexibility
  * @template TParams - URL params type (typed for route middleware)
  *
- * When using middleware with global augmentation (RSCRouter.Env), explicitly
+ * When using middleware with global augmentation (Rango.Env), explicitly
  * annotate your middleware functions, or the types will be inferred from context:
  *
  * @example
@@ -169,7 +152,10 @@ export interface MiddlewareContext<
  * router.use((ctx, next) => {...}) // ctx is typed from router's TEnv
  * ```
  */
-export type MiddlewareFn<TEnv = any, TParams = Record<string, string>> = (
+export type MiddlewareFn<
+  TEnv = any,
+  TParams = Record<string, string | undefined>,
+> = (
   ctx: MiddlewareContext<TEnv, TParams>,
   next: () => Promise<Response>,
 ) => Response | void | Promise<Response | void>;
@@ -216,5 +202,8 @@ export interface MiddlewareCollectableEntry {
  */
 export interface CollectedMiddleware {
   handler: MiddlewareFn<any, any>;
+  // Internal shape only. The user-facing `MiddlewareContext.params` is
+  // typed `Record<string, string | undefined>` to reflect that absent
+  // optional segments are omitted from the params record at runtime.
   params: Record<string, string>;
 }

package/src/router/middleware.ts CHANGED Viewed

@@ -10,6 +10,8 @@
  */
 import { contextGet, contextSet } from "../context-var.js";
+import { safeDecodeURIComponent } from "./url-params.js";
+import { fireAndForgetWaitUntil } from "../types/request-scope.js";
 import type {
   CollectedMiddleware,
   MiddlewareCollectableEntry,
@@ -22,6 +24,7 @@ import { _getRequestContext } from "../server/request-context.js";
 import { isAutoGeneratedRouteName } from "../route-name.js";
 import { appendMetric, createMetricsStore } from "./metrics.js";
 import { stripInternalParams } from "./handler-context.js";
+import { isWebSocketUpgradeResponse } from "../response-utils.js";
 // Re-export types and cookie utilities for backward compatibility
 export type {
@@ -112,7 +115,12 @@ function escapeRegex(str: string): string {
 }
 /**
- * Extract params from a pathname using a pattern's regex and param names
+ * Extract params from a pathname using a pattern's regex and param names.
+ *
+ * Values are URL-decoded so apps see the raw string (e.g. "ivo@example.com")
+ * instead of the percent-encoded form ("ivo%40example.com"). This matches the
+ * contract assumed by ctx.reverse (which re-encodes) and aligns with
+ * Express/React Router/Fastify/Koa.
  */
 export function extractParams(
   pathname: string,
@@ -124,7 +132,7 @@ export function extractParams(
   const params: Record<string, string> = {};
   for (let i = 0; i < paramNames.length; i++) {
-    params[paramNames[i]] = match[i + 1] || "";
+    params[paramNames[i]] = safeDecodeURIComponent(match[i + 1] || "");
   }
   return params;
 }
@@ -179,14 +187,22 @@ export function createMiddlewareContext<TEnv>(
     return responseHolder.response;
   };
+  // Capture reqCtx once: the request-scoped platform fields
+  // (originalUrl, executionContext, waitUntil) are immutable per request,
+  // so snapshotting beats re-reading ALS on every access. The lazy getters
+  // below (routeName, theme, setTheme) stay lazy because those can change
+  // during `await next()`.
+  const reqCtx = _getRequestContext();
   return {
     request,
     url,
-    originalUrl: new URL(request.url),
+    originalUrl: reqCtx?.originalUrl ?? new URL(request.url),
     pathname: url.pathname,
     searchParams: url.searchParams,
     env: env as MiddlewareContext<TEnv>["env"],
     params,
+    executionContext: reqCtx?.executionContext,
+    waitUntil: reqCtx ? reqCtx.waitUntil.bind(reqCtx) : fireAndForgetWaitUntil,
     // Getter: re-derives from request context on each access so that global
     // middleware sees the matched route name after await next().
     get routeName(): MiddlewareContext<TEnv>["routeName"] {
@@ -291,6 +307,46 @@ export function matchMiddleware<TEnv>(
   return matches;
 }
+// Set-Cookie is appended; for other headers stubOverridesNonCookie=true
+// overwrites (chain ran to completion), false fills only missing slots (an
+// explicit short-circuit Response's own headers win).
+function mergeStubHeaders(
+  target: Headers,
+  stub: Headers,
+  stubOverridesNonCookie: boolean,
+): void {
+  stub.forEach((value, name) => {
+    if (name.toLowerCase() === "set-cookie") {
+      target.append(name, value);
+    } else if (stubOverridesNonCookie || !target.has(name)) {
+      target.set(name, value);
+    }
+  });
+}
+// Set-Cookie is deduped so a nested inner executeMiddleware that already merged
+// the same reqCtx cookies does not duplicate them; other headers fill if missing.
+function mergeReqCtxStub(
+  target: Headers,
+  reqCtx: ReturnType<typeof _getRequestContext>,
+): void {
+  if (!reqCtx) return;
+  const stubCookies = reqCtx.res.headers.getSetCookie();
+  if (stubCookies.length > 0) {
+    const existing = new Set(target.getSetCookie());
+    for (const cookie of stubCookies) {
+      if (!existing.has(cookie)) {
+        target.append("set-cookie", cookie);
+      }
+    }
+  }
+  reqCtx.res.headers.forEach((value, name) => {
+    if (name !== "set-cookie" && !target.has(name)) {
+      target.set(name, value);
+    }
+  });
+}
 /**
  * Execute middleware chain
  *
@@ -329,35 +385,13 @@ export async function executeMiddleware<TEnv>(
       // End of chain - call actual RSC handler
       const response = await finalHandler();
-      // Merge headers set on stub into the real response.
-      // Use append for Set-Cookie to preserve multiple cookies.
       const mergedHeaders = new Headers(response.headers);
-      stubResponse.headers.forEach((value, name) => {
-        if (name.toLowerCase() === "set-cookie") {
-          mergedHeaders.append(name, value);
-        } else {
-          mergedHeaders.set(name, value);
-        }
-      });
-      // Also merge shared RequestContext stub (cookies written via cookies().set()).
-      // Dedup Set-Cookie: an inner executeMiddleware (route-level middleware)
-      // may have already merged the same reqCtx cookies into the response.
-      const reqCtx = _getRequestContext();
-      if (reqCtx) {
-        const stubCookies = reqCtx.res.headers.getSetCookie();
-        if (stubCookies.length > 0) {
-          const existing = new Set(mergedHeaders.getSetCookie());
-          for (const cookie of stubCookies) {
-            if (!existing.has(cookie)) {
-              mergedHeaders.append("set-cookie", cookie);
-            }
-          }
-        }
-        reqCtx.res.headers.forEach((value, name) => {
-          if (name !== "set-cookie" && !mergedHeaders.has(name)) {
-            mergedHeaders.set(name, value);
-          }
-        });
+      mergeStubHeaders(mergedHeaders, stubResponse.headers, true);
+      mergeReqCtxStub(mergedHeaders, _getRequestContext());
+      if (isWebSocketUpgradeResponse(response)) {
+        responseHolder.response = response;
+        return response;
       }
       // Clone response with merged headers (mutable for post-next() modifications)
@@ -426,8 +460,16 @@ export async function executeMiddleware<TEnv>(
     try {
       result = await entry.handler(ctx, wrappedNext);
     } catch (error) {
-      finishMiddleware();
-      throw error;
+      // Thrown Response is short-circuit control flow, not an error.
+      // Fall through to the `if (result instanceof Response)` branch below
+      // so stub headers and request-context cookies merge as they do for
+      // an explicit `return new Response(...)`. Real errors propagate.
+      if (error instanceof Response) {
+        result = error;
+      } else {
+        finishMiddleware();
+        throw error;
+      }
     }
     finishMiddleware();
@@ -451,34 +493,13 @@ export async function executeMiddleware<TEnv>(
     // RequestContext stub headers (from ctx.setCookie) into the
     // returned Response so they are not lost.
     if (result instanceof Response) {
-      const mergedHeaders = new Headers(result.headers);
-      stubResponse.headers.forEach((value, name) => {
-        if (name.toLowerCase() === "set-cookie") {
-          mergedHeaders.append(name, value);
-        } else if (!mergedHeaders.has(name)) {
-          mergedHeaders.set(name, value);
-        }
-      });
-      // Also merge shared RequestContext stub (cookies written via setCookie).
-      // Dedup Set-Cookie: an inner executeMiddleware (route-level middleware)
-      // may have already merged the same reqCtx cookies into the response.
-      const reqCtx = _getRequestContext();
-      if (reqCtx) {
-        const stubCookies = reqCtx.res.headers.getSetCookie();
-        if (stubCookies.length > 0) {
-          const existing = new Set(mergedHeaders.getSetCookie());
-          for (const cookie of stubCookies) {
-            if (!existing.has(cookie)) {
-              mergedHeaders.append("set-cookie", cookie);
-            }
-          }
-        }
-        reqCtx.res.headers.forEach((value, name) => {
-          if (name !== "set-cookie" && !mergedHeaders.has(name)) {
-            mergedHeaders.set(name, value);
-          }
-        });
+      if (isWebSocketUpgradeResponse(result)) {
+        responseHolder.response = result;
+        return result;
       }
+      const mergedHeaders = new Headers(result.headers);
+      mergeStubHeaders(mergedHeaders, stubResponse.headers, false);
+      mergeReqCtxStub(mergedHeaders, _getRequestContext());
       const merged = new Response(result.body, {
         status: result.status,
         statusText: result.statusText,
@@ -527,23 +548,12 @@ export async function executeMiddleware<TEnv>(
   // last merge point (e.g. cookies().set() called after await next()).
   // The reqCtx stub may have already been partially merged during finalHandler
   // or early-return paths; only append *new* Set-Cookie entries to avoid dupes.
+  //
+  // Skip for upgrade responses: upgrade headers are semantically immutable and
+  // set-cookie on an upgrade is not meaningful.
   const reqCtx = _getRequestContext();
-  if (reqCtx) {
-    const stubCookies = reqCtx.res.headers.getSetCookie();
-    if (stubCookies.length > 0) {
-      const existingCookies = new Set(finalResponse.headers.getSetCookie());
-      for (const cookie of stubCookies) {
-        if (!existingCookies.has(cookie)) {
-          finalResponse.headers.append("set-cookie", cookie);
-        }
-      }
-    }
-    // Fill in non-cookie headers that aren't already on the response
-    reqCtx.res.headers.forEach((value, name) => {
-      if (name !== "set-cookie" && !finalResponse.headers.has(name)) {
-        finalResponse.headers.set(name, value);
-      }
-    });
+  if (reqCtx && !isWebSocketUpgradeResponse(finalResponse)) {
+    mergeReqCtxStub(finalResponse.headers, reqCtx);
   }
   return finalResponse;
@@ -613,7 +623,18 @@ export async function executeInterceptMiddleware<TEnv>(
       return next();
     };
-    const result = await middleware(ctx, guardedNext);
+    let result: Response | void;
+    try {
+      result = await middleware(ctx, guardedNext);
+    } catch (error) {
+      // Thrown Response is short-circuit control flow, parity with the
+      // explicit-return path below. Real errors propagate.
+      if (error instanceof Response) {
+        result = error;
+      } else {
+        throw error;
+      }
+    }
     if (result instanceof Response) {
       earlyResponse = result;
@@ -641,13 +662,7 @@ export async function executeInterceptMiddleware<TEnv>(
       // Only fill in missing headers — the returned Response's explicit
       // headers take precedence, matching executeMiddleware behavior.
       const mergedHeaders = new Headers(response.headers);
-      stubResponse.headers.forEach((value, name) => {
-        if (name.toLowerCase() === "set-cookie") {
-          mergedHeaders.append(name, value);
-        } else if (!mergedHeaders.has(name)) {
-          mergedHeaders.set(name, value);
-        }
-      });
+      mergeStubHeaders(mergedHeaders, stubResponse.headers, false);
       return new Response(response.body, {
         status: response.status,
         statusText: response.statusText,