@rvoh/psychic 2.3.8 → 3.0.0-alpha.1

package/dist/esm/src/server/index.js

@@ -1,7 +1,9 @@
 import { closeAllDbConnections } from '@rvoh/dream/db';
-import * as cookieParser from 'cookie-parser';
-import * as cors from 'cors';
-import * as express from 'express';
+import cors from '@koa/cors';
+import Koa from 'koa';
+import koaBodyparser from 'koa-bodyparser';
+import conditional from 'koa-conditional-get';
+import etag from 'koa-etag';
 import logIfDevelopment from '../controller/helpers/logIfDevelopment.js';
 import EnvInternal from '../helpers/EnvInternal.js';
 import PsychicApp from '../psychic-app/index.js';
@@ -15,14 +17,14 @@ export default class PsychicServer {
     static createPsychicHttpInstance(app, sslCredentials) {
         return createPsychicHttpInstance(app, sslCredentials);
     }
-    expressApp;
+    koaApp;
     httpServer;
     booted = false;
     constructor() {
         this.buildApp();
     }
     async routes() {
-        const r = new PsychicRouter(this.expressApp);
+        const r = new PsychicRouter(this.koaApp);
         await PsychicApp.getOrFail().routesCb(r);
         return r.routes;
     }
@@ -31,16 +33,19 @@ export default class PsychicServer {
             return;
         const psychicApp = PsychicApp.getOrFail();
         this.setSecureDefaultHeaders();
-        this.expressApp.use((_, res, next) => {
+        this.koaApp.use(async (ctx, next) => {
             Object.keys(psychicApp.defaultResponseHeaders).forEach(key => {
-                res.setHeader(key, psychicApp.defaultResponseHeaders[key]);
+                ctx.set(key, psychicApp.defaultResponseHeaders[key]);
             });
-            next();
+            await next();
         });
         for (const serverInitBeforeMiddlewareHook of PsychicApp.getOrFail().specialHooks
             .serverInitBeforeMiddleware) {
             await serverInitBeforeMiddlewareHook(this);
         }
+        // ETag support (Express has this built-in, Koa needs middleware)
+        this.koaApp.use(conditional());
+        this.koaApp.use(etag());
         this.initializeCors();
         this.initializeJSON();
         try {
@@ -69,29 +74,23 @@ export default class PsychicServer {
     applyNotFoundMiddleware() {
         if (!EnvInternal.isDevelopment)
             return;
-        this.expressApp.use((req, res, next) => {
-            // express by default will set the 200 status code. If a user explicitly
-            // provides anything other than 200, we should assume that a prior middleware
-            // would have have sent headers, which would prevent any of this from happening.
-            // this means that if we are here, we should not be sending a 200. Future middleware
-            // by express will automatically pick this up and turn it into a 404, so we are
-            // going to automatically set the status to 404 now, so that our logger can
-            // pick up the correct status code.
-            if (res.statusCode === 200)
-                res.status(404);
-            logIfDevelopment({ req, res, startTime: Date.now(), fallbackStatusCode: 404 });
-            // call next to let express handle sending the 404
-            next();
+        this.koaApp.use(async (ctx, next) => {
+            await next();
+            // Koa defaults to 404 for unmatched routes. If nothing set the body,
+            // log the 404 in development.
+            if (ctx.status === 404 && !ctx.body) {
+                logIfDevelopment({ ctx, startTime: Date.now(), fallbackStatusCode: 404 });
+            }
         });
     }
     setSecureDefaultHeaders() {
-        this.expressApp.disable('x-powered-by');
-        this.expressApp.use((_, res, next) => {
-            res.setHeader('X-Content-Type-Options', 'nosniff');
+        // Koa doesn't send x-powered-by by default, no need to disable it.
+        this.koaApp.use(async (ctx, next) => {
+            ctx.set('X-Content-Type-Options', 'nosniff');
             if (EnvInternal.isProduction) {
-                res.setHeader('Strict-Transport-Security', 'max-age=31536000; includeSubDomains');
+                ctx.set('Strict-Transport-Security', 'max-age=31536000; includeSubDomains');
             }
-            next();
+            await next();
         });
     }
     // TODO: use config helper for fetching default port
@@ -104,7 +103,7 @@ export default class PsychicServer {
         }
         else {
             const httpServer = await startPsychicServer({
-                app: this.expressApp,
+                app: this.koaApp,
                 port: port || psychicApp.port,
                 sslCredentials: PsychicApp.getOrFail().sslCredentials,
             });
@@ -146,26 +145,24 @@ export default class PsychicServer {
         await this.boot();
         let server;
         await new Promise(accept => {
-            server = this.expressApp.listen(port, () => accept({}));
+            server = this.koaApp.listen(port, () => accept({}));
         });
         await block();
         server.close();
         return true;
     }
     buildApp() {
-        this.expressApp = express.default();
-        this.expressApp.use(cookieParser.default());
+        this.koaApp = new Koa();
     }
     initializeCors() {
-        this.expressApp.use(
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        cors.default(PsychicApp.getOrFail().corsOptions));
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any, @typescript-eslint/no-unsafe-argument
+        this.koaApp.use(cors(PsychicApp.getOrFail().corsOptions));
     }
     initializeJSON() {
-        this.expressApp.use(express.json(PsychicApp.getOrFail().jsonOptions));
+        this.koaApp.use(koaBodyparser(PsychicApp.getOrFail().jsonOptions));
     }
     async buildRoutes() {
-        const r = new PsychicRouter(this.expressApp);
+        const r = new PsychicRouter(this.koaApp);
         await PsychicApp.getOrFail().routesCb(r);
         r.commit();
     }

package/dist/esm/src/server/params.js

@@ -1,4 +1,4 @@
-import { CalendarDate, DateTime } from '@rvoh/dream';
+import { CalendarDate, ClockTime, ClockTimeTz, DateTime } from '@rvoh/dream';
 import { camelize, compact, snakeify } from '@rvoh/dream/utils';
 import ParamValidationError from '../error/controller/ParamValidationError.js';
 import ParamValidationErrors from '../error/controller/ParamValidationErrors.js';
@@ -85,6 +85,22 @@ export default class Params {
                     case 'timestamp without time zone[]':
                         returnObj[columnName] = this.cast(params, columnName.toString(), 'datetime[]', { allowNull: columnMetadata.allowNull });
                         break;
+                    case 'time':
+                    case 'time without time zone':
+                        returnObj[columnName] = this.cast(params, columnName.toString(), 'time', { allowNull: columnMetadata.allowNull });
+                        break;
+                    case 'time[]':
+                    case 'time without time zone[]':
+                        returnObj[columnName] = this.cast(params, columnName.toString(), 'time[]', { allowNull: columnMetadata.allowNull });
+                        break;
+                    case 'timetz':
+                    case 'time with time zone':
+                        returnObj[columnName] = this.cast(params, columnName.toString(), 'timetz', { allowNull: columnMetadata.allowNull });
+                        break;
+                    case 'timetz[]':
+                    case 'time with time zone[]':
+                        returnObj[columnName] = this.cast(params, columnName.toString(), 'timetz[]', { allowNull: columnMetadata.allowNull });
+                        break;
                     case 'jsonb':
                         returnObj[columnName] = this.cast(params, columnName.toString(), 'json', { allowNull: columnMetadata.allowNull });
                         break;
@@ -203,7 +219,6 @@ export default class Params {
             }
             return paramValue;
         }
-        let dateClass;
         const integerRegexp = /^-?\d+$/;
         switch (expectedType) {
             case 'string':
@@ -227,7 +242,8 @@ export default class Params {
                     return false;
                 throw new ParamValidationError(paramName, [typeToError(expectedType)]);
             case 'datetime':
-            case 'date':
+            case 'date': {
+                let dateClass;
                 switch (expectedType) {
                     case 'datetime':
                         dateClass = DateTime;
@@ -252,6 +268,35 @@ export default class Params {
                     }
                 }
                 throw new ParamValidationError(paramName, [typeToError(expectedType)]);
+            }
+            case 'time':
+            case 'timetz': {
+                let timeClass;
+                switch (expectedType) {
+                    case 'time':
+                        timeClass = ClockTime;
+                        break;
+                    case 'timetz':
+                        timeClass = ClockTimeTz;
+                        break;
+                    default:
+                        if (typeof expectedType === 'string')
+                            throw Error(`${expectedType} must be "time" or "timetz"`);
+                        else
+                            throw Error(`expectedType is not a string`);
+                }
+                if (paramValue instanceof ClockTime || paramValue instanceof ClockTimeTz)
+                    return paramValue;
+                if (typeof paramValue === 'string') {
+                    try {
+                        return timeClass.fromISO(paramValue);
+                    }
+                    catch {
+                        throw new ParamValidationError(paramName, [typeToError(expectedType)]);
+                    }
+                }
+                throw new ParamValidationError(paramName, [typeToError(expectedType)]);
+            }
             case 'integer':
                 if (typeof paramValue !== 'string' && typeof paramValue !== 'number')
                     throw new ParamValidationError(paramName, [typeToError(expectedType)]);
@@ -287,6 +332,8 @@ export default class Params {
             case 'json[]':
             case 'number[]':
             case 'string[]':
+            case 'time[]':
+            case 'timetz[]':
             case 'uuid[]':
                 // eslint-disable-next-line @typescript-eslint/no-explicit-any
                 if (!Array.isArray(paramValue))
@@ -365,6 +412,8 @@ const typeToErrorMap = {
     null: 'expecting null',
     number: 'expected number or string number',
     string: 'expected string',
+    time: 'expected ISO time string',
+    timetz: 'expected ISO timetz string',
     uuid: 'expected uuid',
     'bigint[]': 'expected bigint array',
     'boolean[]': 'expected boolean array',
@@ -375,6 +424,8 @@ const typeToErrorMap = {
     'null[]': 'expecting null array',
     'number[]': 'expected number or string number array',
     'string[]': 'expected string array',
+    'time[]': 'expected ISO time string array',
+    'timetz[]': 'expected ISO timetz string array',
     'uuid[]': 'expected uuid array',
 };
 function typeToError(param) {
@@ -393,6 +444,8 @@ const arrayTypeToNonArrayTypeMap = {
     'null[]': 'null',
     'number[]': 'number',
     'string[]': 'string',
+    'time[]': 'time',
+    'timetz[]': 'timetz',
     'uuid[]': 'uuid',
 };
 function arrayTypeToNonArrayType(param) {

package/dist/esm/src/session/index.js

@@ -3,31 +3,28 @@ import cookieMaxAgeFromCookieOpts from '../helpers/cookieMaxAgeFromCookieOpts.js
 import EnvInternal from '../helpers/EnvInternal.js';
 import PsychicApp from '../psychic-app/index.js';
 export default class Session {
-    req;
-    res;
-    constructor(req, res) {
-        this.req = req;
-        this.res = res;
+    ctx;
+    constructor(ctx) {
+        this.ctx = ctx;
     }
     getCookie(name) {
-        const cookies = this.req.cookies;
-        const value = cookies[name];
+        const value = this.ctx.cookies.get(name);
         if (value)
             return InternalEncrypt.decryptCookie(value);
         return null;
     }
     setCookie(name, data, opts = {}) {
-        this.res.cookie(name, InternalEncrypt.encryptCookie(data), {
-            secure: EnvInternal.isProduction,
-            httpOnly: true,
+        this.ctx.cookies.set(name, InternalEncrypt.encryptCookie(data), {
             ...opts,
+            secure: opts.secure ?? EnvInternal.isProduction,
+            httpOnly: opts.httpOnly ?? true,
             maxAge: opts.maxAge
                 ? cookieMaxAgeFromCookieOpts(opts.maxAge)
-                : PsychicApp.getOrFail().cookieOptions?.maxAge,
+                : (PsychicApp.getOrFail().cookieOptions?.maxAge ?? cookieMaxAgeFromCookieOpts()),
         });
     }
     clearCookie(name) {
-        this.res.clearCookie(name);
+        this.ctx.cookies.set(name, '', { maxAge: 0 });
     }
     daysToMilliseconds(numDays) {
         return numDays * 60 * 60 * 24 * 1000;

package/dist/types/src/controller/helpers/logIfDevelopment.d.ts

@@ -1,7 +1,6 @@
-import { Request, Response } from 'express';
-export default function logIfDevelopment({ req, res, startTime, fallbackStatusCode, }: {
-    req: Request;
-    res: Response;
+import Koa from 'koa';
+export default function logIfDevelopment({ ctx, startTime, fallbackStatusCode, }: {
+    ctx: Koa.Context;
     startTime: number;
     fallbackStatusCode?: number;
 }): void;

package/dist/types/src/controller/index.d.ts

@@ -1,7 +1,7 @@
 import { Dream } from '@rvoh/dream';
 import { OpenapiSchemaBody } from '@rvoh/dream/openapi';
 import { DreamParamSafeAttributes, DreamParamSafeColumnNames, SerializerRendererOpts, StrictInterface } from '@rvoh/dream/types';
-import { Request, Response } from 'express';
+import Koa from 'koa';
 import { ControllerHook } from '../controller/hooks.js';
 import { HttpStatusCodeInt, HttpStatusSymbol } from '../error/http/status-codes.js';
 import OpenapiEndpointRenderer from '../openapi-renderer/endpoint.js';
@@ -14,7 +14,7 @@ export type ControllerActionMetadata = Record<string, {
     serializerKey?: string;
 }>;
 export type PsychicParamsPrimitive = string | number | boolean | null | undefined | PsychicParamsPrimitive[];
-export declare const PsychicParamsPrimitiveLiterals: readonly ["bigint", "bigint[]", "boolean", "boolean[]", "date", "date[]", "datetime", "datetime[]", "integer", "integer[]", "json", "json[]", "null", "null[]", "number", "number[]", "string", "string[]", "uuid", "uuid[]"];
+export declare const PsychicParamsPrimitiveLiterals: readonly ["bigint", "bigint[]", "boolean", "boolean[]", "date", "date[]", "datetime", "datetime[]", "integer", "integer[]", "json", "json[]", "null", "null[]", "number", "number[]", "string", "string[]", "time", "time[]", "timetz", "timetz[]", "uuid", "uuid[]"];
 export type PsychicParamsPrimitiveLiteral = (typeof PsychicParamsPrimitiveLiterals)[number];
 export interface PsychicParamsDictionary {
     [key: string]: PsychicParamsPrimitive | PsychicParamsDictionary | PsychicParamsDictionary[];
@@ -101,13 +101,13 @@ export default class PsychicController {
      * and non-controllers
      */
     get isPsychicControllerInstance(): boolean;
-    req: Request;
-    res: Response;
+    ctx: Koa.Context;
     session: Session;
     action: string;
     renderOpts: SerializerRendererOpts;
     private startTime;
-    constructor(req: Request, res: Response, { action, }: {
+    private _responseSent;
+    constructor(ctx: Koa.Context, { action, }: {
         action: string;
     });
     /**
@@ -384,9 +384,20 @@ export default class PsychicController {
      * @param data - the data to validate and render
      */
     private validateAndRenderJsonResponse;
-    private expressSendJson;
-    private expressSendStatus;
-    private expressRedirect;
+    private koaSendJson;
+    /**
+     * @internal
+     *
+     * Attempts to retrieve or create a cached fast-json-stringify function
+     * for the current endpoint and status code. Returns undefined if no
+     * OpenAPI schema exists or if the controller's globalName is not set.
+     *
+     * @param statusCode - the HTTP status code
+     * @returns A stringify function, or undefined if no schema exists
+     */
+    private getFastJsonStringifyFunction;
+    private koaSendStatus;
+    private koaRedirect;
     private logIfDevelopment;
     protected defaultSerializerPassthrough: SerializerResult;
     /**

package/dist/types/src/devtools/helpers/launchDevServer.d.ts

@@ -1,8 +1,9 @@
-export declare function launchDevServer(key: string, { port, cmd, timeout }?: LaunchDevServerOpts): Promise<void>;
+export declare function launchDevServer(key: string, { port, cmd, timeout, onStdOut }?: LaunchDevServerOpts): Promise<void>;
 export declare function stopDevServer(key: string): void;
 export declare function stopDevServers(): void;
 export interface LaunchDevServerOpts {
     port?: number;
     cmd?: string;
     timeout?: number;
+    onStdOut?: (message: string) => void;
 }

package/dist/types/src/error/openapi/UnrecognizedDbTypeFoundWhileComputingOpenapiAttribute.d.ts

@@ -0,0 +1,7 @@
+export default class UnrecognizedDbTypeFoundWhileComputingOpenapiAttribute extends Error {
+    private source;
+    private attributeName;
+    private dbType;
+    constructor(source: string, attributeName: string, dbType: string);
+    get message(): string;
+}

package/dist/types/src/error/router/cannot-commit-routes-without-koa-app.d.ts

@@ -0,0 +1,3 @@
+export default class CannotCommitRoutesWithoutKoaApp extends Error {
+    get message(): string;
+}

package/dist/types/src/helpers/cookieMaxAgeFromCookieOpts.d.ts

@@ -1,2 +1,2 @@
 import { CustomCookieMaxAgeOptions } from '../psychic-app/index.js';
-export default function cookieMaxAgeFromCookieOpts(cookieOpts: CustomCookieMaxAgeOptions | undefined): number;
+export default function cookieMaxAgeFromCookieOpts(cookieOpts?: CustomCookieMaxAgeOptions): number;

package/dist/types/src/helpers/toJson.d.ts

@@ -1 +1 @@
-export default function toJson<T>(data: T, sanitize: boolean): string;
+export default function toJson<T>(data: T): string;

package/dist/types/src/helpers/validateOpenApiSchema.d.ts

@@ -1,4 +1,4 @@
-import { Ajv, type JSONSchemaType, type ValidateFunction } from 'ajv';
+import { Ajv, type ErrorObject, type JSONSchemaType, type ValidateFunction } from 'ajv';
 /**
  * @internal
  *
@@ -56,6 +56,10 @@ export declare function validateObject<T = unknown>(data: unknown, schema: JSONS
  * @returns A validator function that can be reused for multiple validations
  */
 export declare function createValidator<T = unknown>(schema: JSONSchemaType<T> | object, options?: ValidateOpenapiSchemaOptions): ValidateFunction<T>;
+/**
+ * Formats AJV errors into a more readable format
+ */
+export declare function formatAjvErrors(ajvErrors: ErrorObject[]): ValidationError[];
 export interface ValidationResult<T = unknown> {
     isValid: boolean;
     data?: T;

package/dist/types/src/openapi-renderer/helpers/OpenapiPayloadValidator.d.ts

@@ -98,6 +98,27 @@ export default class OpenapiPayloadValidator {
      * @param statusCode - the status code used to render
      */
     validateOpenapiResponseBody(data: any, statusCode: number): void;
+    /**
+     * @internal
+     *
+     * Retrieves the OpenAPI response schema for a given status code.
+     * Returns undefined if no schema is defined for this endpoint/status code.
+     *
+     * @param statusCode - the HTTP status code
+     * @returns The response schema, or undefined if not found
+     */
+    getResponseSchema(statusCode: number): object | undefined;
+    /**
+     * @internal
+     *
+     * Retrieves the OpenAPI response schema for a given status code with
+     * all components merged in. This is the schema format needed by
+     * fast-json-stringify and AJV validators.
+     *
+     * @param statusCode - the HTTP status code
+     * @returns The response schema with components, or undefined if not found
+     */
+    getResponseSchemaWithComponents(statusCode: number): object | undefined;
     /**
      * @internal
      *
@@ -137,6 +158,26 @@ export default class OpenapiPayloadValidator {
      * @param headers - the request headers
      */
     private validateOrFail;
+    /**
+     * @internal
+     *
+     * Generates a cache key for the validator based on controller, action, openapiName, and target.
+     *
+     * @param target - the validation target (one of: 'requestBody', 'query', 'headers', 'responseBody')
+     * @returns cache key string
+     */
+    private getCacheKey;
+    /**
+     * @internal
+     *
+     * Compiles a validator using AJV and caches it for future use.
+     *
+     * @param cacheKey - the cache key for this validator
+     * @param schema - the schema to compile
+     * @param options - AJV options
+     * @returns compiled validator function
+     */
+    private compileAndCacheValidator;
     /**
      * @internal
      *

package/dist/types/src/openapi-renderer/helpers/{dreamAttributeOpenapiShape.d.ts → dreamColumnOpenapiShape.d.ts}

@@ -5,7 +5,7 @@ export interface VirtualAttributeStatement {
     type: OpenapiShorthandPrimitiveTypes | OpenapiSchemaBodyShorthand | undefined;
 }
 type DreamClassColumnNames<DreamClass extends typeof Dream, DreamInstance extends InstanceType<DreamClass> = InstanceType<DreamClass>, DB = DreamInstance['DB'], TableName extends keyof DB = DreamInstance['table'] & keyof DB, Table extends DB[keyof DB] = DB[TableName]> = keyof Table & string;
-export declare function dreamColumnOpenapiShape<DreamClass extends typeof Dream>(dreamClass: DreamClass, column: DreamClassColumnNames<DreamClass>, openapi?: OpenapiDescription | OpenapiSchemaBodyShorthand | OpenapiShorthandPrimitiveTypes | undefined, { suppressResponseEnums, allowGenericJson, }?: {
+export declare function dreamColumnOpenapiShape<DreamClass extends typeof Dream>(source: string, dreamClass: DreamClass, column: DreamClassColumnNames<DreamClass>, openapi?: OpenapiDescription | OpenapiSchemaBodyShorthand | OpenapiShorthandPrimitiveTypes | undefined, { suppressResponseEnums, allowGenericJson, }?: {
     suppressResponseEnums?: boolean;
     allowGenericJson?: boolean;
 }): OpenapiSchemaBody;

package/dist/types/src/openapi-renderer/helpers/stringify-cache.d.ts

@@ -0,0 +1,34 @@
+/**
+ * @internal
+ *
+ * Retrieves a cached stringify function if it exists.
+ *
+ * @param cacheKey - The cache key identifying the stringify function
+ * @returns The cached stringify function, or undefined if not found
+ */
+export declare function getCachedStringify(cacheKey: string): ((data: any) => string) | undefined;
+/**
+ * @internal
+ *
+ * Stores a compiled stringify function in the cache.
+ *
+ * @param cacheKey - The cache key identifying the stringify function
+ * @param stringifyFn - The compiled fast-json-stringify function to cache
+ */
+export declare function cacheStringify(cacheKey: string, stringifyFn: (data: any) => string): void;
+/**
+ * @internal
+ *
+ * Clears a specific stringify function from the cache.
+ * Used in test environments to ensure test isolation.
+ *
+ * @param cacheKey - The cache key identifying the stringify function to clear
+ */
+export declare function _testOnlyClearStringify(cacheKey: string): void;
+/**
+ * @internal
+ *
+ * Clears all stringify functions from the cache.
+ * Used in test environments to ensure test isolation.
+ */
+export declare function _testOnlyClearStringifyCache(): void;

package/dist/types/src/openapi-renderer/helpers/validator-cache.d.ts

@@ -0,0 +1,35 @@
+import { ValidateFunction } from 'ajv';
+/**
+ * @internal
+ *
+ * Retrieves a cached validator function if it exists.
+ *
+ * @param cacheKey - The cache key identifying the validator
+ * @returns The cached validator function, or undefined if not found
+ */
+export declare function getCachedValidator(cacheKey: string): ValidateFunction | undefined;
+/**
+ * @internal
+ *
+ * Stores a compiled validator function in the cache.
+ *
+ * @param cacheKey - The cache key identifying the validator
+ * @param validator - The compiled AJV validator function to cache
+ */
+export declare function cacheValidator(cacheKey: string, validator: ValidateFunction): void;
+/**
+ * @internal
+ *
+ * Clears a specific validator from the cache.
+ * Used in test environments to ensure test isolation.
+ *
+ * @param cacheKey - The cache key identifying the validator to clear
+ */
+export declare function _testOnlyClearValidator(cacheKey: string): void;
+/**
+ * @internal
+ *
+ * Clears all validators from the cache.
+ * Used in test environments to ensure test isolation.
+ */
+export declare function _testOnlyClearValidatorCache(): void;

package/dist/types/src/psychic-app/index.d.ts

@@ -1,11 +1,11 @@
+import cors from '@koa/cors';
 import { DreamApp } from '@rvoh/dream';
 import { OpenapiSchemaBody } from '@rvoh/dream/openapi';
 import { DreamAppAllowedPackageManagersEnum } from '@rvoh/dream/system';
 import { DreamAppInitOptions, DreamLogLevel, DreamLogger, EncryptOptions } from '@rvoh/dream/types';
-import * as bodyParser from 'body-parser';
 import { Command } from 'commander';
-import { CorsOptions } from 'cors';
-import { Express, Request, RequestHandler, Response } from 'express';
+import Koa from 'koa';
+import bodyParser from 'koa-bodyparser';
 import * as http from 'node:http';
 import * as https from 'node:https';
 import { OpenapiValidateTarget } from '../openapi-renderer/defaults.js';
@@ -35,7 +35,7 @@ export default class PsychicApp {
     /**
      * @internal
      */
-    static getPsychicHttpInstance(app: Express, sslCredentials: PsychicSslCredentials | undefined): http.Server<typeof http.IncomingMessage, typeof http.ServerResponse> | https.Server<typeof http.IncomingMessage, typeof http.ServerResponse>;
+    static getPsychicHttpInstance(app: Koa, sslCredentials: PsychicSslCredentials | undefined): http.Server<typeof http.IncomingMessage, typeof http.ServerResponse> | https.Server<typeof http.IncomingMessage, typeof http.ServerResponse>;
     /**
      * Builds the routes cache if it does not already
      * exist. This is called during PsychicApp.init,
@@ -143,7 +143,7 @@ export default class PsychicApp {
     private _httpServerOptions;
     get httpServerOptions(): http.ServerOptions<typeof http.IncomingMessage, typeof http.ServerResponse> | https.ServerOptions<typeof http.IncomingMessage, typeof http.ServerResponse>;
     private _corsOptions;
-    get corsOptions(): CorsOptions;
+    get corsOptions(): cors.Options;
     private _jsonOptions;
     get jsonOptions(): bodyParser.Options;
     private _cookieOptions;
@@ -156,8 +156,6 @@ export default class PsychicApp {
     get sslCredentials(): PsychicSslCredentials | undefined;
     private _saltRounds;
     get saltRounds(): number | undefined;
-    private _sanitizeResponseJson;
-    get sanitizeResponseJson(): boolean;
     private _packageManager;
     get packageManager(): "pnpm" | "yarn" | "npm";
     private _importExtension;
@@ -219,16 +217,15 @@ export default class PsychicApp {
     load<RT extends 'controllers' | 'services' | 'initializers'>(resourceType: RT, resourcePath: string, importCb: (path: string) => Promise<any>): Promise<void>;
     private booted;
     boot(force?: boolean): Promise<void>;
-    use(on: PsychicUseEventType, handler: RequestHandler): void;
-    use(handler: RequestHandler): void;
-    use(handler: () => void): void;
+    use(on: PsychicUseEventType, handler: Koa.Middleware): void;
+    use(handler: Koa.Middleware): void;
     plugin(cb: (app: PsychicApp) => void | Promise<void>): void;
-    on<T extends PsychicHookEventType>(hookEventType: T, cb: T extends 'server:error' ? (err: Error, req: Request, res: Response) => void | Promise<void> : T extends 'server:init:before-middleware' ? (psychicServer: PsychicServer) => void | Promise<void> : T extends 'server:init:after-middleware' ? (psychicServer: PsychicServer) => void | Promise<void> : T extends 'server:start' ? (psychicServer: PsychicServer) => void | Promise<void> : T extends 'server:shutdown' ? (psychicServer: PsychicServer) => void | Promise<void> : T extends 'server:init:after-routes' ? (psychicServer: PsychicServer) => void | Promise<void> : T extends 'cli:start' ? (program: Command) => void | Promise<void> : T extends 'cli:sync' ? () => any : (conf: PsychicApp) => void | Promise<void>): void;
+    on<T extends PsychicHookEventType>(hookEventType: T, cb: T extends 'server:error' ? (err: Error, ctx: Koa.Context) => void | Promise<void> : T extends 'server:init:before-middleware' ? (psychicServer: PsychicServer) => void | Promise<void> : T extends 'server:init:after-middleware' ? (psychicServer: PsychicServer) => void | Promise<void> : T extends 'server:start' ? (psychicServer: PsychicServer) => void | Promise<void> : T extends 'server:shutdown' ? (psychicServer: PsychicServer) => void | Promise<void> : T extends 'server:init:after-routes' ? (psychicServer: PsychicServer) => void | Promise<void> : T extends 'cli:start' ? (program: Command) => void | Promise<void> : T extends 'cli:sync' ? () => any : (conf: PsychicApp) => void | Promise<void>): void;
     set(option: 'openapi', name: string, value: NamedPsychicOpenapiOptions): void;
-    set<Opt extends PsychicAppOption>(option: Opt, value: Opt extends 'appName' ? string : Opt extends 'apiOnly' ? boolean : Opt extends 'defaultResponseHeaders' ? Record<string, string | null> : Opt extends 'httpServerOptions' ? http.ServerOptions | https.ServerOptions : Opt extends 'encryption' ? PsychicAppEncryptionOptions : Opt extends 'cors' ? CorsOptions : Opt extends 'cookie' ? CustomCookieOptions : Opt extends 'apiRoot' ? string : Opt extends 'importExtension' ? GeneratorImportStyle : Opt extends 'sessionCookieName' ? string : Opt extends 'json' ? bodyParser.Options : Opt extends 'logger' ? PsychicLogger : Opt extends 'ssl' ? PsychicSslCredentials : Opt extends 'openapi' ? DefaultPsychicOpenapiOptions : Opt extends 'paths' ? PsychicPathOptions : Opt extends 'port' ? number : Opt extends 'saltRounds' ? number : Opt extends 'sanitizeResponseJson' ? boolean : Opt extends 'packageManager' ? DreamAppAllowedPackageManagersEnum : Opt extends 'inflections' ? () => void | Promise<void> : Opt extends 'routes' ? (r: PsychicRouter) => void | Promise<void> : never): void;
+    set<Opt extends PsychicAppOption>(option: Opt, value: Opt extends 'appName' ? string : Opt extends 'apiOnly' ? boolean : Opt extends 'defaultResponseHeaders' ? Record<string, string | null> : Opt extends 'httpServerOptions' ? http.ServerOptions | https.ServerOptions : Opt extends 'encryption' ? PsychicAppEncryptionOptions : Opt extends 'cors' ? cors.Options : Opt extends 'cookie' ? CustomCookieOptions : Opt extends 'apiRoot' ? string : Opt extends 'importExtension' ? GeneratorImportStyle : Opt extends 'sessionCookieName' ? string : Opt extends 'json' ? bodyParser.Options : Opt extends 'logger' ? PsychicLogger : Opt extends 'ssl' ? PsychicSslCredentials : Opt extends 'openapi' ? DefaultPsychicOpenapiOptions : Opt extends 'paths' ? PsychicPathOptions : Opt extends 'port' ? number : Opt extends 'saltRounds' ? number : Opt extends 'packageManager' ? DreamAppAllowedPackageManagersEnum : Opt extends 'inflections' ? () => void | Promise<void> : Opt extends 'routes' ? (r: PsychicRouter) => void | Promise<void> : never): void;
     override<Override extends keyof PsychicAppOverrides>(override: Override, value: PsychicAppOverrides[Override]): void;
 }
-export type PsychicAppOption = 'appName' | 'apiOnly' | 'apiRoot' | 'httpServerOptions' | 'importExtension' | 'encryption' | 'sessionCookieName' | 'cookie' | 'cors' | 'defaultResponseHeaders' | 'inflections' | 'json' | 'logger' | 'openapi' | 'packageManager' | 'paths' | 'port' | 'routes' | 'saltRounds' | 'sanitizeResponseJson' | 'ssl';
+export type PsychicAppOption = 'appName' | 'apiOnly' | 'apiRoot' | 'httpServerOptions' | 'importExtension' | 'encryption' | 'sessionCookieName' | 'cookie' | 'cors' | 'defaultResponseHeaders' | 'inflections' | 'json' | 'logger' | 'openapi' | 'packageManager' | 'paths' | 'port' | 'routes' | 'saltRounds' | 'ssl';
 export interface PsychicAppSpecialHooks {
     cliSync: (() => any)[];
     serverInitBeforeMiddleware: ((server: PsychicServer) => void | Promise<void>)[];
@@ -236,7 +233,7 @@ export interface PsychicAppSpecialHooks {
     serverInitAfterRoutes: ((server: PsychicServer) => void | Promise<void>)[];
     serverStart: ((server: PsychicServer) => void | Promise<void>)[];
     serverShutdown: ((server: PsychicServer) => void | Promise<void>)[];
-    serverError: ((err: Error, req: Request, res: Response) => void | Promise<void>)[];
+    serverError: ((err: Error, ctx: Koa.Context) => void | Promise<void>)[];
 }
 export interface PsychicAppOverrides {
     ['server:start']: ((psychicServer: PsychicServer, opts: PsychicServerStartProviderOptions) => http.Server | Promise<http.Server>) | null;