@revealui/utils 0.2.0

package/LICENSE

@@ -0,0 +1,22 @@
+MIT License
+
+Copyright (c) 2025 RevealUI Team
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+

package/README.md

@@ -0,0 +1,74 @@
+# @revealui/utils
+
+Shared utilities for RevealUI - logger, SSL config, and common helpers.
+
+## Purpose
+
+This package contains zero-dependency utilities that are used across multiple packages in the RevealUI monorepo. It was created to break circular dependencies between `@revealui/core`, `@revealui/db`, and `@revealui/contracts`.
+
+## Contents
+
+### Logger
+Structured logging infrastructure with support for:
+- Multiple log levels (debug, info, warn, error, fatal)
+- Context propagation
+- Pretty printing for development
+- Remote logging support
+- Child loggers with inherited context
+
+### Database Utilities
+- SSL configuration for PostgreSQL connections
+- Connection string parsing
+- Security validation for production environments
+
+## Usage
+
+```typescript
+// Import logger
+import { logger, createLogger } from '@revealui/utils'
+
+// Use default logger
+logger.info('Application started')
+
+// Create child logger with context
+const requestLogger = createLogger({ requestId: '123' })
+requestLogger.info('Processing request')
+
+// Import database utilities
+import { getSSLConfig } from '@revealui/utils/database'
+
+const sslConfig = getSSLConfig(process.env.DATABASE_URL)
+```
+
+## Why This Package Exists
+
+Previously, these utilities lived in `@revealui/core`, which created a circular dependency:
+```
+contracts → db → core → contracts (circular!)
+```
+
+By extracting shared utilities to `@revealui/utils`, we get a clean dependency graph:
+```
+utils (no dependencies)
+  ↑
+  ├── contracts
+  ├── db
+  └── core
+```
+
+## Development
+
+```bash
+# Build
+pnpm build
+
+# Type check
+pnpm typecheck
+
+# Watch mode
+pnpm dev
+```
+
+## License
+
+MIT

package/dist/chunk-KUMOGLHP.js

@@ -0,0 +1,32 @@
+// src/database/ssl-config.ts
+function getSSLConfig(connectionString) {
+  try {
+    const url = new URL(connectionString);
+    const sslmode = url.searchParams.get("sslmode");
+    if (!sslmode || sslmode === "disable") {
+      return false;
+    }
+    if (process.env.NODE_ENV !== "production" && process.env.DATABASE_SSL_REJECT_UNAUTHORIZED === "false") {
+      return { rejectUnauthorized: false };
+    }
+    return { rejectUnauthorized: true };
+  } catch (_error) {
+    return false;
+  }
+}
+function validateSSLConfig(connectionString, environment = process.env.NODE_ENV || "development") {
+  const sslConfig = getSSLConfig(connectionString);
+  if (environment === "production" && sslConfig === false) {
+    return false;
+  }
+  if (environment === "production" && sslConfig && !sslConfig.rejectUnauthorized) {
+    return false;
+  }
+  return true;
+}
+
+export {
+  getSSLConfig,
+  validateSSLConfig
+};
+//# sourceMappingURL=chunk-KUMOGLHP.js.map

package/dist/chunk-KUMOGLHP.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/database/ssl-config.ts"],"sourcesContent":["/**\n * SSL Configuration Utility\n *\n * Provides centralized SSL configuration for PostgreSQL connections based on\n * connection string sslmode parameter and environment variables.\n *\n * Extracted from @revealui/core to break circular dependencies\n *\n * @module ssl-config\n */\n\n/**\n * PostgreSQL SSL configuration options\n */\nexport interface SSLConfig {\n  rejectUnauthorized: boolean\n}\n\n/**\n * Determines the appropriate SSL configuration for a PostgreSQL connection\n * based on the connection string's sslmode parameter.\n *\n * SSL Modes (aligned with PostgreSQL libpq standards):\n * - `disable`: No SSL connection\n * - `require`: SSL connection with certificate verification\n * - `verify-full`: Full SSL verification (same as require in pg v9+)\n * - `verify-ca`: CA verification (treated as verify-full)\n *\n * Environment Override:\n * - `DATABASE_SSL_REJECT_UNAUTHORIZED=false`: Force skip certificate verification\n *   (DEVELOPMENT ONLY - use for self-signed certificates in local environments)\n *\n * @param connectionString - PostgreSQL connection string (may include sslmode parameter)\n * @returns SSL configuration object or false to disable SSL\n *\n * @example\n * ```typescript\n * // Connection string with SSL required\n * const ssl = getSSLConfig('postgresql://user:pass@host/db?sslmode=require')\n * // Returns: { rejectUnauthorized: true }\n *\n * // Connection string without SSL\n * const ssl = getSSLConfig('postgresql://localhost:5432/db')\n * // Returns: false\n *\n * // Development override for self-signed certificates\n * process.env.DATABASE_SSL_REJECT_UNAUTHORIZED = 'false'\n * const ssl = getSSLConfig('postgresql://user:pass@host/db?sslmode=require')\n * // Returns: { rejectUnauthorized: false }\n * ```\n */\nexport function getSSLConfig(connectionString: string): SSLConfig | false {\n  try {\n    // Parse connection string\n    const url = new URL(connectionString)\n    const sslmode = url.searchParams.get('sslmode')\n\n    // No SSL if sslmode is explicitly disabled or not specified\n    if (!sslmode || sslmode === 'disable') {\n      return false\n    }\n\n    // Environment override for local development with self-signed certificates\n    // This should ONLY be used in development environments\n    // SECURITY: Explicitly check NODE_ENV to prevent accidental use in production\n    if (\n      process.env.NODE_ENV !== 'production' &&\n      process.env.DATABASE_SSL_REJECT_UNAUTHORIZED === 'false'\n    ) {\n      return { rejectUnauthorized: false }\n    }\n\n    // Default: verify certificates (security best practice)\n    // Handles: require, verify-full, verify-ca, prefer\n    // In pg v9+, these will all use verify-full semantics\n    return { rejectUnauthorized: true }\n  } catch (_error) {\n    // If URL parsing fails, assume local connection without SSL\n    // Silently fallback to no SSL for invalid connection strings\n    return false\n  }\n}\n\n/**\n * Validates SSL configuration for production environments.\n * Warns if insecure SSL settings are detected in production.\n *\n * @param connectionString - PostgreSQL connection string\n * @param environment - Current environment (e.g., 'production', 'development')\n */\nexport function validateSSLConfig(\n  connectionString: string,\n  environment: string = process.env.NODE_ENV || 'development',\n): boolean {\n  const sslConfig = getSSLConfig(connectionString)\n\n  // Check if SSL is disabled in production\n  if (environment === 'production' && sslConfig === false) {\n    return false // SSL disabled in production - security risk\n  }\n\n  // Check if certificate verification is disabled in production\n  if (environment === 'production' && sslConfig && !sslConfig.rejectUnauthorized) {\n    return false // Certificate verification disabled - security risk\n  }\n\n  return true // SSL configuration is valid\n}\n"],"mappings":";AAmDO,SAAS,aAAa,kBAA6C;AACxE,MAAI;AAEF,UAAM,MAAM,IAAI,IAAI,gBAAgB;AACpC,UAAM,UAAU,IAAI,aAAa,IAAI,SAAS;AAG9C,QAAI,CAAC,WAAW,YAAY,WAAW;AACrC,aAAO;AAAA,IACT;AAKA,QACE,QAAQ,IAAI,aAAa,gBACzB,QAAQ,IAAI,qCAAqC,SACjD;AACA,aAAO,EAAE,oBAAoB,MAAM;AAAA,IACrC;AAKA,WAAO,EAAE,oBAAoB,KAAK;AAAA,EACpC,SAAS,QAAQ;AAGf,WAAO;AAAA,EACT;AACF;AASO,SAAS,kBACd,kBACA,cAAsB,QAAQ,IAAI,YAAY,eACrC;AACT,QAAM,YAAY,aAAa,gBAAgB;AAG/C,MAAI,gBAAgB,gBAAgB,cAAc,OAAO;AACvD,WAAO;AAAA,EACT;AAGA,MAAI,gBAAgB,gBAAgB,aAAa,CAAC,UAAU,oBAAoB;AAC9E,WAAO;AAAA,EACT;AAEA,SAAO;AACT;","names":[]}

package/dist/chunk-QR4YAGWO.js

@@ -0,0 +1,264 @@
+// src/logger/index.ts
+var LOG_LEVELS = {
+  debug: 0,
+  info: 1,
+  warn: 2,
+  error: 3,
+  fatal: 4
+};
+var Logger = class _Logger {
+  config;
+  context = {};
+  extraHandlers = [];
+  constructor(config = {}) {
+    this.config = {
+      level: config.level || "info",
+      enabled: config.enabled !== void 0 ? config.enabled : true,
+      pretty: config.pretty !== void 0 ? config.pretty : process.env.NODE_ENV !== "production",
+      includeTimestamp: config.includeTimestamp !== void 0 ? config.includeTimestamp : true,
+      includeStack: config.includeStack !== void 0 ? config.includeStack : true,
+      destination: config.destination || "console",
+      remoteUrl: config.remoteUrl || "",
+      onLog: config.onLog || (() => {
+      })
+    };
+  }
+  /**
+   * Register an additional log handler (e.g. DB transport).
+   * Called after every log entry, fire-and-forget. Must not throw.
+   */
+  addLogHandler(handler) {
+    this.extraHandlers.push(handler);
+  }
+  /**
+   * Set global context
+   */
+  setContext(context) {
+    this.context = { ...this.context, ...context };
+  }
+  /**
+   * Clear global context
+   */
+  clearContext() {
+    this.context = {};
+  }
+  /**
+   * Debug log
+   */
+  debug(message, context) {
+    this.log("debug", message, context);
+  }
+  /**
+   * Info log
+   */
+  info(message, context) {
+    this.log("info", message, context);
+  }
+  /**
+   * Warning log
+   */
+  warn(message, context) {
+    this.log("warn", message, context);
+  }
+  /**
+   * Error log
+   */
+  error(message, error, context) {
+    const errorContext = error ? {
+      error: {
+        name: error.name,
+        message: error.message,
+        stack: this.config.includeStack ? error.stack : void 0,
+        cause: error.cause
+      }
+    } : {};
+    this.log("error", message, { ...context, ...errorContext });
+  }
+  /**
+   * Fatal log
+   */
+  fatal(message, error, context) {
+    const errorContext = error ? {
+      error: {
+        name: error.name,
+        message: error.message,
+        stack: this.config.includeStack ? error.stack : void 0,
+        cause: error.cause
+      }
+    } : {};
+    this.log("fatal", message, { ...context, ...errorContext });
+  }
+  /**
+   * Core logging method
+   */
+  log(level, message, context) {
+    if (!this.config.enabled) return;
+    if (LOG_LEVELS[level] < LOG_LEVELS[this.config.level]) {
+      return;
+    }
+    const entry = {
+      timestamp: this.config.includeTimestamp ? (/* @__PURE__ */ new Date()).toISOString() : "",
+      level,
+      message,
+      context: { ...this.context, ...context }
+    };
+    if (entry.context?.error) {
+      entry.error = entry.context.error;
+      entry.context.error = void 0;
+    }
+    this.config.onLog(entry);
+    for (const handler of this.extraHandlers) {
+      handler(entry);
+    }
+    this.output(entry);
+  }
+  /**
+   * Output log entry
+   */
+  output(entry) {
+    switch (this.config.destination) {
+      case "console":
+        this.outputConsole(entry);
+        break;
+      case "file":
+        this.outputFile(entry);
+        break;
+      case "remote":
+        this.outputRemote(entry);
+        break;
+    }
+  }
+  /**
+   * Output to console
+   */
+  outputConsole(entry) {
+    const output = this.config.pretty ? this.formatPretty(entry) : JSON.stringify(entry);
+    switch (entry.level) {
+      case "debug":
+        console.debug(output);
+        break;
+      case "info":
+        console.info(output);
+        break;
+      case "warn":
+        console.warn(output);
+        break;
+      case "error":
+      case "fatal":
+        console.error(output);
+        break;
+    }
+  }
+  /**
+   * Output to file
+   */
+  outputFile(entry) {
+    console.log(JSON.stringify(entry));
+  }
+  /**
+   * Output to remote service
+   */
+  async outputRemote(entry) {
+    if (!this.config.remoteUrl) return;
+    try {
+      await fetch(this.config.remoteUrl, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json"
+        },
+        body: JSON.stringify(entry)
+      });
+    } catch (error) {
+      console.error("Failed to send log to remote:", error);
+      this.outputConsole(entry);
+    }
+  }
+  /**
+   * Format log entry for pretty printing
+   */
+  formatPretty(entry) {
+    const levelColors = {
+      debug: "\x1B[36m",
+      // Cyan
+      info: "\x1B[32m",
+      // Green
+      warn: "\x1B[33m",
+      // Yellow
+      error: "\x1B[31m",
+      // Red
+      fatal: "\x1B[35m"
+      // Magenta
+    };
+    const reset = "\x1B[0m";
+    const color = levelColors[entry.level];
+    const parts = [];
+    if (entry.timestamp) {
+      parts.push(`\x1B[90m${entry.timestamp}${reset}`);
+    }
+    parts.push(`${color}${entry.level.toUpperCase()}${reset}`);
+    parts.push(entry.message);
+    if (entry.context && Object.keys(entry.context).length > 0) {
+      parts.push(JSON.stringify(entry.context, null, 2));
+    }
+    if (entry.error) {
+      parts.push(`
+${color}Error: ${entry.error.message}${reset}`);
+      if (entry.error.stack) {
+        parts.push(entry.error.stack);
+      }
+    }
+    return parts.join(" ");
+  }
+  /**
+   * Create child logger with additional context
+   */
+  child(context) {
+    const childLogger = new _Logger(this.config);
+    childLogger.setContext({ ...this.context, ...context });
+    for (const handler of this.extraHandlers) {
+      childLogger.addLogHandler(handler);
+    }
+    return childLogger;
+  }
+};
+var logger = new Logger({
+  level: process.env.LOG_LEVEL || "info",
+  pretty: process.env.NODE_ENV !== "production"
+});
+function createLogger(context) {
+  return logger.child(context);
+}
+function logError(error, context) {
+  logger.error(error.message, error, context);
+}
+function logAudit(action, context) {
+  logger.info(`Audit: ${action}`, {
+    ...context,
+    audit: true,
+    action
+  });
+}
+function logQuery(query, duration, context) {
+  logger.debug("Database query", {
+    ...context,
+    query,
+    duration
+  });
+  if (duration > 1e3) {
+    logger.warn("Slow query detected", {
+      ...context,
+      query,
+      duration
+    });
+  }
+}
+
+export {
+  Logger,
+  logger,
+  createLogger,
+  logError,
+  logAudit,
+  logQuery
+};
+//# sourceMappingURL=chunk-QR4YAGWO.js.map

package/dist/chunk-QR4YAGWO.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/logger/index.ts"],"sourcesContent":["/**\n * Structured Logging Infrastructure\n *\n * Provides consistent, structured logging across the application\n * Extracted from @revealui/core to break circular dependencies\n */\n\n/* eslint-disable no-console */\n/* console-allowed */\n\nexport type LogLevel = 'debug' | 'info' | 'warn' | 'error' | 'fatal'\n\nexport interface LogContext {\n  [key: string]: unknown\n  userId?: string\n  requestId?: string\n  sessionId?: string\n  traceId?: string\n  spanId?: string\n}\n\nexport interface LogEntry {\n  timestamp: string\n  level: LogLevel\n  message: string\n  context?: LogContext\n  error?: {\n    name: string\n    message: string\n    stack?: string\n    cause?: unknown\n  }\n  metadata?: Record<string, unknown>\n}\n\nexport interface LoggerConfig {\n  level?: LogLevel\n  enabled?: boolean\n  pretty?: boolean\n  includeTimestamp?: boolean\n  includeStack?: boolean\n  destination?: 'console' | 'file' | 'remote'\n  remoteUrl?: string\n  onLog?: (entry: LogEntry) => void\n}\n\nconst LOG_LEVELS: Record<LogLevel, number> = {\n  debug: 0,\n  info: 1,\n  warn: 2,\n  error: 3,\n  fatal: 4,\n}\n\nexport class Logger {\n  private config: Required<LoggerConfig>\n  private context: LogContext = {}\n  private extraHandlers: Array<(entry: LogEntry) => void> = []\n\n  constructor(config: LoggerConfig = {}) {\n    this.config = {\n      level: config.level || 'info',\n      enabled: config.enabled !== undefined ? config.enabled : true,\n      pretty: config.pretty !== undefined ? config.pretty : process.env.NODE_ENV !== 'production',\n      includeTimestamp: config.includeTimestamp !== undefined ? config.includeTimestamp : true,\n      includeStack: config.includeStack !== undefined ? config.includeStack : true,\n      destination: config.destination || 'console',\n      remoteUrl: config.remoteUrl || '',\n      onLog:\n        config.onLog ||\n        (() => {\n          // No-op function\n        }),\n    }\n  }\n\n  /**\n   * Register an additional log handler (e.g. DB transport).\n   * Called after every log entry, fire-and-forget. Must not throw.\n   */\n  addLogHandler(handler: (entry: LogEntry) => void): void {\n    this.extraHandlers.push(handler)\n  }\n\n  /**\n   * Set global context\n   */\n  setContext(context: LogContext): void {\n    this.context = { ...this.context, ...context }\n  }\n\n  /**\n   * Clear global context\n   */\n  clearContext(): void {\n    this.context = {}\n  }\n\n  /**\n   * Debug log\n   */\n  debug(message: string, context?: LogContext): void {\n    this.log('debug', message, context)\n  }\n\n  /**\n   * Info log\n   */\n  info(message: string, context?: LogContext): void {\n    this.log('info', message, context)\n  }\n\n  /**\n   * Warning log\n   */\n  warn(message: string, context?: LogContext): void {\n    this.log('warn', message, context)\n  }\n\n  /**\n   * Error log\n   */\n  error(message: string, error?: Error, context?: LogContext): void {\n    const errorContext = error\n      ? {\n          error: {\n            name: error.name,\n            message: error.message,\n            stack: this.config.includeStack ? error.stack : undefined,\n            cause: error.cause,\n          },\n        }\n      : {}\n\n    this.log('error', message, { ...context, ...errorContext })\n  }\n\n  /**\n   * Fatal log\n   */\n  fatal(message: string, error?: Error, context?: LogContext): void {\n    const errorContext = error\n      ? {\n          error: {\n            name: error.name,\n            message: error.message,\n            stack: this.config.includeStack ? error.stack : undefined,\n            cause: error.cause,\n          },\n        }\n      : {}\n\n    this.log('fatal', message, { ...context, ...errorContext })\n  }\n\n  /**\n   * Core logging method\n   */\n  private log(level: LogLevel, message: string, context?: LogContext): void {\n    if (!this.config.enabled) return\n\n    if (LOG_LEVELS[level] < LOG_LEVELS[this.config.level]) {\n      return\n    }\n\n    const entry: LogEntry = {\n      timestamp: this.config.includeTimestamp ? new Date().toISOString() : '',\n      level,\n      message,\n      context: { ...this.context, ...context },\n    }\n\n    // Extract error if in context\n    if (entry.context?.error) {\n      entry.error = entry.context.error as LogEntry['error']\n      entry.context.error = undefined\n    }\n\n    // Call custom handler\n    this.config.onLog(entry)\n\n    // Call additional handlers (e.g. DB transport)\n    for (const handler of this.extraHandlers) {\n      handler(entry)\n    }\n\n    // Output log\n    this.output(entry)\n  }\n\n  /**\n   * Output log entry\n   */\n  private output(entry: LogEntry): void {\n    switch (this.config.destination) {\n      case 'console':\n        this.outputConsole(entry)\n        break\n      case 'file':\n        this.outputFile(entry)\n        break\n      case 'remote':\n        this.outputRemote(entry)\n        break\n    }\n  }\n\n  /**\n   * Output to console\n   */\n  private outputConsole(entry: LogEntry): void {\n    const output = this.config.pretty ? this.formatPretty(entry) : JSON.stringify(entry)\n\n    switch (entry.level) {\n      case 'debug':\n        console.debug(output)\n        break\n      case 'info':\n        console.info(output)\n        break\n      case 'warn':\n        console.warn(output)\n        break\n      case 'error':\n      case 'fatal':\n        console.error(output)\n        break\n    }\n  }\n\n  /**\n   * Output to file\n   */\n  private outputFile(entry: LogEntry): void {\n    // Would require fs module - placeholder for server-side logging\n    console.log(JSON.stringify(entry))\n  }\n\n  /**\n   * Output to remote service\n   */\n  private async outputRemote(entry: LogEntry): Promise<void> {\n    if (!this.config.remoteUrl) return\n\n    try {\n      await fetch(this.config.remoteUrl, {\n        method: 'POST',\n        headers: {\n          'Content-Type': 'application/json',\n        },\n        body: JSON.stringify(entry),\n      })\n    } catch (error) {\n      // Fallback to console if remote fails\n      console.error('Failed to send log to remote:', error)\n      this.outputConsole(entry)\n    }\n  }\n\n  /**\n   * Format log entry for pretty printing\n   */\n  private formatPretty(entry: LogEntry): string {\n    const levelColors: Record<LogLevel, string> = {\n      debug: '\\x1b[36m', // Cyan\n      info: '\\x1b[32m', // Green\n      warn: '\\x1b[33m', // Yellow\n      error: '\\x1b[31m', // Red\n      fatal: '\\x1b[35m', // Magenta\n    }\n\n    const reset = '\\x1b[0m'\n    const color = levelColors[entry.level]\n\n    const parts: string[] = []\n\n    if (entry.timestamp) {\n      parts.push(`\\x1b[90m${entry.timestamp}${reset}`)\n    }\n\n    parts.push(`${color}${entry.level.toUpperCase()}${reset}`)\n    parts.push(entry.message)\n\n    if (entry.context && Object.keys(entry.context).length > 0) {\n      parts.push(JSON.stringify(entry.context, null, 2))\n    }\n\n    if (entry.error) {\n      parts.push(`\\n${color}Error: ${entry.error.message}${reset}`)\n      if (entry.error.stack) {\n        parts.push(entry.error.stack)\n      }\n    }\n\n    return parts.join(' ')\n  }\n\n  /**\n   * Create child logger with additional context\n   */\n  child(context: LogContext): Logger {\n    const childLogger = new Logger(this.config)\n    childLogger.setContext({ ...this.context, ...context })\n    // Share parent's extra handlers so DB transport applies to child loggers too\n    for (const handler of this.extraHandlers) {\n      childLogger.addLogHandler(handler)\n    }\n    return childLogger\n  }\n}\n\n/**\n * Default logger instance\n */\nexport const logger = new Logger({\n  level: (process.env.LOG_LEVEL as LogLevel) || 'info',\n  pretty: process.env.NODE_ENV !== 'production',\n})\n\n/**\n * Create logger with context\n */\nexport function createLogger(context: LogContext): Logger {\n  return logger.child(context)\n}\n\n/**\n * Error logger\n */\nexport function logError(error: Error, context?: LogContext): void {\n  logger.error(error.message, error, context)\n}\n\n/**\n * Audit logger for security-sensitive operations\n */\nexport function logAudit(action: string, context?: LogContext): void {\n  logger.info(`Audit: ${action}`, {\n    ...context,\n    audit: true,\n    action,\n  })\n}\n\n/**\n * Database query logger\n */\nexport function logQuery(query: string, duration: number, context?: LogContext): void {\n  logger.debug('Database query', {\n    ...context,\n    query,\n    duration,\n  })\n\n  if (duration > 1000) {\n    logger.warn('Slow query detected', {\n      ...context,\n      query,\n      duration,\n    })\n  }\n}\n"],"mappings":";AA8CA,IAAM,aAAuC;AAAA,EAC3C,OAAO;AAAA,EACP,MAAM;AAAA,EACN,MAAM;AAAA,EACN,OAAO;AAAA,EACP,OAAO;AACT;AAEO,IAAM,SAAN,MAAM,QAAO;AAAA,EACV;AAAA,EACA,UAAsB,CAAC;AAAA,EACvB,gBAAkD,CAAC;AAAA,EAE3D,YAAY,SAAuB,CAAC,GAAG;AACrC,SAAK,SAAS;AAAA,MACZ,OAAO,OAAO,SAAS;AAAA,MACvB,SAAS,OAAO,YAAY,SAAY,OAAO,UAAU;AAAA,MACzD,QAAQ,OAAO,WAAW,SAAY,OAAO,SAAS,QAAQ,IAAI,aAAa;AAAA,MAC/E,kBAAkB,OAAO,qBAAqB,SAAY,OAAO,mBAAmB;AAAA,MACpF,cAAc,OAAO,iBAAiB,SAAY,OAAO,eAAe;AAAA,MACxE,aAAa,OAAO,eAAe;AAAA,MACnC,WAAW,OAAO,aAAa;AAAA,MAC/B,OACE,OAAO,UACN,MAAM;AAAA,MAEP;AAAA,IACJ;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,cAAc,SAA0C;AACtD,SAAK,cAAc,KAAK,OAAO;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA,EAKA,WAAW,SAA2B;AACpC,SAAK,UAAU,EAAE,GAAG,KAAK,SAAS,GAAG,QAAQ;AAAA,EAC/C;AAAA;AAAA;AAAA;AAAA,EAKA,eAAqB;AACnB,SAAK,UAAU,CAAC;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAiB,SAA4B;AACjD,SAAK,IAAI,SAAS,SAAS,OAAO;AAAA,EACpC;AAAA;AAAA;AAAA;AAAA,EAKA,KAAK,SAAiB,SAA4B;AAChD,SAAK,IAAI,QAAQ,SAAS,OAAO;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKA,KAAK,SAAiB,SAA4B;AAChD,SAAK,IAAI,QAAQ,SAAS,OAAO;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAiB,OAAe,SAA4B;AAChE,UAAM,eAAe,QACjB;AAAA,MACE,OAAO;AAAA,QACL,MAAM,MAAM;AAAA,QACZ,SAAS,MAAM;AAAA,QACf,OAAO,KAAK,OAAO,eAAe,MAAM,QAAQ;AAAA,QAChD,OAAO,MAAM;AAAA,MACf;AAAA,IACF,IACA,CAAC;AAEL,SAAK,IAAI,SAAS,SAAS,EAAE,GAAG,SAAS,GAAG,aAAa,CAAC;AAAA,EAC5D;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAiB,OAAe,SAA4B;AAChE,UAAM,eAAe,QACjB;AAAA,MACE,OAAO;AAAA,QACL,MAAM,MAAM;AAAA,QACZ,SAAS,MAAM;AAAA,QACf,OAAO,KAAK,OAAO,eAAe,MAAM,QAAQ;AAAA,QAChD,OAAO,MAAM;AAAA,MACf;AAAA,IACF,IACA,CAAC;AAEL,SAAK,IAAI,SAAS,SAAS,EAAE,GAAG,SAAS,GAAG,aAAa,CAAC;AAAA,EAC5D;AAAA;AAAA;AAAA;AAAA,EAKQ,IAAI,OAAiB,SAAiB,SAA4B;AACxE,QAAI,CAAC,KAAK,OAAO,QAAS;AAE1B,QAAI,WAAW,KAAK,IAAI,WAAW,KAAK,OAAO,KAAK,GAAG;AACrD;AAAA,IACF;AAEA,UAAM,QAAkB;AAAA,MACtB,WAAW,KAAK,OAAO,oBAAmB,oBAAI,KAAK,GAAE,YAAY,IAAI;AAAA,MACrE;AAAA,MACA;AAAA,MACA,SAAS,EAAE,GAAG,KAAK,SAAS,GAAG,QAAQ;AAAA,IACzC;AAGA,QAAI,MAAM,SAAS,OAAO;AACxB,YAAM,QAAQ,MAAM,QAAQ;AAC5B,YAAM,QAAQ,QAAQ;AAAA,IACxB;AAGA,SAAK,OAAO,MAAM,KAAK;AAGvB,eAAW,WAAW,KAAK,eAAe;AACxC,cAAQ,KAAK;AAAA,IACf;AAGA,SAAK,OAAO,KAAK;AAAA,EACnB;AAAA;AAAA;AAAA;AAAA,EAKQ,OAAO,OAAuB;AACpC,YAAQ,KAAK,OAAO,aAAa;AAAA,MAC/B,KAAK;AACH,aAAK,cAAc,KAAK;AACxB;AAAA,MACF,KAAK;AACH,aAAK,WAAW,KAAK;AACrB;AAAA,MACF,KAAK;AACH,aAAK,aAAa,KAAK;AACvB;AAAA,IACJ;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,cAAc,OAAuB;AAC3C,UAAM,SAAS,KAAK,OAAO,SAAS,KAAK,aAAa,KAAK,IAAI,KAAK,UAAU,KAAK;AAEnF,YAAQ,MAAM,OAAO;AAAA,MACnB,KAAK;AACH,gBAAQ,MAAM,MAAM;AACpB;AAAA,MACF,KAAK;AACH,gBAAQ,KAAK,MAAM;AACnB;AAAA,MACF,KAAK;AACH,gBAAQ,KAAK,MAAM;AACnB;AAAA,MACF,KAAK;AAAA,MACL,KAAK;AACH,gBAAQ,MAAM,MAAM;AACpB;AAAA,IACJ;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,WAAW,OAAuB;AAExC,YAAQ,IAAI,KAAK,UAAU,KAAK,CAAC;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,aAAa,OAAgC;AACzD,QAAI,CAAC,KAAK,OAAO,UAAW;AAE5B,QAAI;AACF,YAAM,MAAM,KAAK,OAAO,WAAW;AAAA,QACjC,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,KAAK;AAAA,MAC5B,CAAC;AAAA,IACH,SAAS,OAAO;AAEd,cAAQ,MAAM,iCAAiC,KAAK;AACpD,WAAK,cAAc,KAAK;AAAA,IAC1B;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,aAAa,OAAyB;AAC5C,UAAM,cAAwC;AAAA,MAC5C,OAAO;AAAA;AAAA,MACP,MAAM;AAAA;AAAA,MACN,MAAM;AAAA;AAAA,MACN,OAAO;AAAA;AAAA,MACP,OAAO;AAAA;AAAA,IACT;AAEA,UAAM,QAAQ;AACd,UAAM,QAAQ,YAAY,MAAM,KAAK;AAErC,UAAM,QAAkB,CAAC;AAEzB,QAAI,MAAM,WAAW;AACnB,YAAM,KAAK,WAAW,MAAM,SAAS,GAAG,KAAK,EAAE;AAAA,IACjD;AAEA,UAAM,KAAK,GAAG,KAAK,GAAG,MAAM,MAAM,YAAY,CAAC,GAAG,KAAK,EAAE;AACzD,UAAM,KAAK,MAAM,OAAO;AAExB,QAAI,MAAM,WAAW,OAAO,KAAK,MAAM,OAAO,EAAE,SAAS,GAAG;AAC1D,YAAM,KAAK,KAAK,UAAU,MAAM,SAAS,MAAM,CAAC,CAAC;AAAA,IACnD;AAEA,QAAI,MAAM,OAAO;AACf,YAAM,KAAK;AAAA,EAAK,KAAK,UAAU,MAAM,MAAM,OAAO,GAAG,KAAK,EAAE;AAC5D,UAAI,MAAM,MAAM,OAAO;AACrB,cAAM,KAAK,MAAM,MAAM,KAAK;AAAA,MAC9B;AAAA,IACF;AAEA,WAAO,MAAM,KAAK,GAAG;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAA6B;AACjC,UAAM,cAAc,IAAI,QAAO,KAAK,MAAM;AAC1C,gBAAY,WAAW,EAAE,GAAG,KAAK,SAAS,GAAG,QAAQ,CAAC;AAEtD,eAAW,WAAW,KAAK,eAAe;AACxC,kBAAY,cAAc,OAAO;AAAA,IACnC;AACA,WAAO;AAAA,EACT;AACF;AAKO,IAAM,SAAS,IAAI,OAAO;AAAA,EAC/B,OAAQ,QAAQ,IAAI,aAA0B;AAAA,EAC9C,QAAQ,QAAQ,IAAI,aAAa;AACnC,CAAC;AAKM,SAAS,aAAa,SAA6B;AACxD,SAAO,OAAO,MAAM,OAAO;AAC7B;AAKO,SAAS,SAAS,OAAc,SAA4B;AACjE,SAAO,MAAM,MAAM,SAAS,OAAO,OAAO;AAC5C;AAKO,SAAS,SAAS,QAAgB,SAA4B;AACnE,SAAO,KAAK,UAAU,MAAM,IAAI;AAAA,IAC9B,GAAG;AAAA,IACH,OAAO;AAAA,IACP;AAAA,EACF,CAAC;AACH;AAKO,SAAS,SAAS,OAAe,UAAkB,SAA4B;AACpF,SAAO,MAAM,kBAAkB;AAAA,IAC7B,GAAG;AAAA,IACH;AAAA,IACA;AAAA,EACF,CAAC;AAED,MAAI,WAAW,KAAM;AACnB,WAAO,KAAK,uBAAuB;AAAA,MACjC,GAAG;AAAA,MACH;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AACF;","names":[]}

package/dist/chunk-UEYUNTMY.js

@@ -0,0 +1,8 @@
+// src/validation/password-schema.ts
+import { z } from "zod";
+var passwordSchema = z.string().min(8, "Password must be at least 8 characters").max(128, "Password is too long").regex(/[A-Z]/, "Password must contain at least one uppercase letter").regex(/[a-z]/, "Password must contain at least one lowercase letter").regex(/[0-9]/, "Password must contain at least one number");
+
+export {
+  passwordSchema
+};
+//# sourceMappingURL=chunk-UEYUNTMY.js.map

package/dist/chunk-UEYUNTMY.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/validation/password-schema.ts"],"sourcesContent":["import { z } from 'zod'\n\n/**\n * Password validation schema\n *\n * Requirements:\n * - Minimum 8 characters\n * - Maximum 128 characters\n * - At least one uppercase letter\n * - At least one lowercase letter\n * - At least one number\n */\nexport const passwordSchema = z\n  .string()\n  .min(8, 'Password must be at least 8 characters')\n  .max(128, 'Password is too long')\n  .regex(/[A-Z]/, 'Password must contain at least one uppercase letter')\n  .regex(/[a-z]/, 'Password must contain at least one lowercase letter')\n  .regex(/[0-9]/, 'Password must contain at least one number')\n\nexport type Password = z.infer<typeof passwordSchema>\n"],"mappings":";AAAA,SAAS,SAAS;AAYX,IAAM,iBAAiB,EAC3B,OAAO,EACP,IAAI,GAAG,wCAAwC,EAC/C,IAAI,KAAK,sBAAsB,EAC/B,MAAM,SAAS,qDAAqD,EACpE,MAAM,SAAS,qDAAqD,EACpE,MAAM,SAAS,2CAA2C;","names":[]}

package/dist/database/index.d.ts

@@ -0,0 +1,60 @@
+/**
+ * SSL Configuration Utility
+ *
+ * Provides centralized SSL configuration for PostgreSQL connections based on
+ * connection string sslmode parameter and environment variables.
+ *
+ * Extracted from @revealui/core to break circular dependencies
+ *
+ * @module ssl-config
+ */
+/**
+ * PostgreSQL SSL configuration options
+ */
+interface SSLConfig {
+    rejectUnauthorized: boolean;
+}
+/**
+ * Determines the appropriate SSL configuration for a PostgreSQL connection
+ * based on the connection string's sslmode parameter.
+ *
+ * SSL Modes (aligned with PostgreSQL libpq standards):
+ * - `disable`: No SSL connection
+ * - `require`: SSL connection with certificate verification
+ * - `verify-full`: Full SSL verification (same as require in pg v9+)
+ * - `verify-ca`: CA verification (treated as verify-full)
+ *
+ * Environment Override:
+ * - `DATABASE_SSL_REJECT_UNAUTHORIZED=false`: Force skip certificate verification
+ *   (DEVELOPMENT ONLY - use for self-signed certificates in local environments)
+ *
+ * @param connectionString - PostgreSQL connection string (may include sslmode parameter)
+ * @returns SSL configuration object or false to disable SSL
+ *
+ * @example
+ * ```typescript
+ * // Connection string with SSL required
+ * const ssl = getSSLConfig('postgresql://user:pass@host/db?sslmode=require')
+ * // Returns: { rejectUnauthorized: true }
+ *
+ * // Connection string without SSL
+ * const ssl = getSSLConfig('postgresql://localhost:5432/db')
+ * // Returns: false
+ *
+ * // Development override for self-signed certificates
+ * process.env.DATABASE_SSL_REJECT_UNAUTHORIZED = 'false'
+ * const ssl = getSSLConfig('postgresql://user:pass@host/db?sslmode=require')
+ * // Returns: { rejectUnauthorized: false }
+ * ```
+ */
+declare function getSSLConfig(connectionString: string): SSLConfig | false;
+/**
+ * Validates SSL configuration for production environments.
+ * Warns if insecure SSL settings are detected in production.
+ *
+ * @param connectionString - PostgreSQL connection string
+ * @param environment - Current environment (e.g., 'production', 'development')
+ */
+declare function validateSSLConfig(connectionString: string, environment?: string): boolean;
+
+export { type SSLConfig, getSSLConfig, validateSSLConfig };

package/dist/database/index.js

@@ -0,0 +1,9 @@
+import {
+  getSSLConfig,
+  validateSSLConfig
+} from "../chunk-KUMOGLHP.js";
+export {
+  getSSLConfig,
+  validateSSLConfig
+};
+//# sourceMappingURL=index.js.map

package/dist/database/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/index.d.ts

@@ -0,0 +1,4 @@
+export { SSLConfig, getSSLConfig, validateSSLConfig } from './database/index.js';
+export { LogContext, LogEntry, LogLevel, Logger, LoggerConfig, createLogger, logAudit, logError, logQuery, logger } from './logger/index.js';
+export { Password, passwordSchema } from './validation/index.js';
+import 'zod';

package/dist/index.js

@@ -0,0 +1,27 @@
+import {
+  getSSLConfig,
+  validateSSLConfig
+} from "./chunk-KUMOGLHP.js";
+import {
+  Logger,
+  createLogger,
+  logAudit,
+  logError,
+  logQuery,
+  logger
+} from "./chunk-QR4YAGWO.js";
+import {
+  passwordSchema
+} from "./chunk-UEYUNTMY.js";
+export {
+  Logger,
+  createLogger,
+  getSSLConfig,
+  logAudit,
+  logError,
+  logQuery,
+  logger,
+  passwordSchema,
+  validateSSLConfig
+};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/logger/index.d.ts

@@ -0,0 +1,127 @@
+/**
+ * Structured Logging Infrastructure
+ *
+ * Provides consistent, structured logging across the application
+ * Extracted from @revealui/core to break circular dependencies
+ */
+type LogLevel = 'debug' | 'info' | 'warn' | 'error' | 'fatal';
+interface LogContext {
+    [key: string]: unknown;
+    userId?: string;
+    requestId?: string;
+    sessionId?: string;
+    traceId?: string;
+    spanId?: string;
+}
+interface LogEntry {
+    timestamp: string;
+    level: LogLevel;
+    message: string;
+    context?: LogContext;
+    error?: {
+        name: string;
+        message: string;
+        stack?: string;
+        cause?: unknown;
+    };
+    metadata?: Record<string, unknown>;
+}
+interface LoggerConfig {
+    level?: LogLevel;
+    enabled?: boolean;
+    pretty?: boolean;
+    includeTimestamp?: boolean;
+    includeStack?: boolean;
+    destination?: 'console' | 'file' | 'remote';
+    remoteUrl?: string;
+    onLog?: (entry: LogEntry) => void;
+}
+declare class Logger {
+    private config;
+    private context;
+    private extraHandlers;
+    constructor(config?: LoggerConfig);
+    /**
+     * Register an additional log handler (e.g. DB transport).
+     * Called after every log entry, fire-and-forget. Must not throw.
+     */
+    addLogHandler(handler: (entry: LogEntry) => void): void;
+    /**
+     * Set global context
+     */
+    setContext(context: LogContext): void;
+    /**
+     * Clear global context
+     */
+    clearContext(): void;
+    /**
+     * Debug log
+     */
+    debug(message: string, context?: LogContext): void;
+    /**
+     * Info log
+     */
+    info(message: string, context?: LogContext): void;
+    /**
+     * Warning log
+     */
+    warn(message: string, context?: LogContext): void;
+    /**
+     * Error log
+     */
+    error(message: string, error?: Error, context?: LogContext): void;
+    /**
+     * Fatal log
+     */
+    fatal(message: string, error?: Error, context?: LogContext): void;
+    /**
+     * Core logging method
+     */
+    private log;
+    /**
+     * Output log entry
+     */
+    private output;
+    /**
+     * Output to console
+     */
+    private outputConsole;
+    /**
+     * Output to file
+     */
+    private outputFile;
+    /**
+     * Output to remote service
+     */
+    private outputRemote;
+    /**
+     * Format log entry for pretty printing
+     */
+    private formatPretty;
+    /**
+     * Create child logger with additional context
+     */
+    child(context: LogContext): Logger;
+}
+/**
+ * Default logger instance
+ */
+declare const logger: Logger;
+/**
+ * Create logger with context
+ */
+declare function createLogger(context: LogContext): Logger;
+/**
+ * Error logger
+ */
+declare function logError(error: Error, context?: LogContext): void;
+/**
+ * Audit logger for security-sensitive operations
+ */
+declare function logAudit(action: string, context?: LogContext): void;
+/**
+ * Database query logger
+ */
+declare function logQuery(query: string, duration: number, context?: LogContext): void;
+
+export { type LogContext, type LogEntry, type LogLevel, Logger, type LoggerConfig, createLogger, logAudit, logError, logQuery, logger };

package/dist/logger/index.js

@@ -0,0 +1,17 @@
+import {
+  Logger,
+  createLogger,
+  logAudit,
+  logError,
+  logQuery,
+  logger
+} from "../chunk-QR4YAGWO.js";
+export {
+  Logger,
+  createLogger,
+  logAudit,
+  logError,
+  logQuery,
+  logger
+};
+//# sourceMappingURL=index.js.map

package/dist/logger/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/validation/index.d.ts

@@ -0,0 +1,16 @@
+import { z } from 'zod';
+
+/**
+ * Password validation schema
+ *
+ * Requirements:
+ * - Minimum 8 characters
+ * - Maximum 128 characters
+ * - At least one uppercase letter
+ * - At least one lowercase letter
+ * - At least one number
+ */
+declare const passwordSchema: z.ZodString;
+type Password = z.infer<typeof passwordSchema>;
+
+export { type Password, passwordSchema };

package/dist/validation/index.js

@@ -0,0 +1,7 @@
+import {
+  passwordSchema
+} from "../chunk-UEYUNTMY.js";
+export {
+  passwordSchema
+};
+//# sourceMappingURL=index.js.map

package/dist/validation/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/package.json

@@ -0,0 +1,52 @@
+{
+  "name": "@revealui/utils",
+  "version": "0.2.0",
+  "description": "Shared utilities for RevealUI - logger, SSL config, and common helpers",
+  "license": "MIT",
+  "type": "module",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    },
+    "./logger": {
+      "types": "./dist/logger/index.d.ts",
+      "import": "./dist/logger/index.js"
+    },
+    "./database": {
+      "types": "./dist/database/index.d.ts",
+      "import": "./dist/database/index.js"
+    },
+    "./validation": {
+      "types": "./dist/validation/index.d.ts",
+      "import": "./dist/validation/index.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "publishConfig": {
+    "access": "public",
+    "registry": "https://registry.npmjs.org"
+  },
+  "dependencies": {
+    "zod": "^4.3.6"
+  },
+  "devDependencies": {
+    "@types/node": "^25.3.0",
+    "tsup": "^8.5.1",
+    "typescript": "^5.9.3",
+    "vitest": "^4.0.18",
+    "dev": "0.0.1"
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run --passWithNoTests",
+    "test:watch": "vitest",
+    "lint": "biome check .",
+    "lint:fix": "biome check --write .",
+    "clean": "rm -rf dist"
+  }
+}