@sveltejs/kit 1.0.0-next.52 → 1.0.0-next.520

package/src/runtime/server/utils.js

@@ -0,0 +1,181 @@
+import * as devalue from 'devalue';
+import { DATA_SUFFIX } from '../../constants.js';
+import { negotiate } from '../../utils/http.js';
+import { HttpError } from '../control.js';
+
+/** @param {any} body */
+export function is_pojo(body) {
+	if (typeof body !== 'object') return false;
+
+	if (body) {
+		if (body instanceof Uint8Array) return false;
+		if (body instanceof ReadableStream) return false;
+
+		// if body is a node Readable, throw an error
+		// TODO remove this for 1.0
+		if (body._readableState && typeof body.pipe === 'function') {
+			throw new Error('Node streams are no longer supported — use a ReadableStream instead');
+		}
+	}
+
+	return true;
+}
+
+// TODO: Remove for 1.0
+/** @param {Record<string, any>} mod */
+export function check_method_names(mod) {
+	['get', 'post', 'put', 'patch', 'del'].forEach((m) => {
+		if (m in mod) {
+			const replacement = m === 'del' ? 'DELETE' : m.toUpperCase();
+			throw Error(
+				`Endpoint method "${m}" has changed to "${replacement}". See https://github.com/sveltejs/kit/discussions/5359 for more information.`
+			);
+		}
+	});
+}
+
+/** @type {import('types').SSRErrorPage} */
+export const GENERIC_ERROR = {
+	id: '__error'
+};
+
+/**
+ * @param {Partial<Record<import('types').HttpMethod, any>>} mod
+ * @param {import('types').HttpMethod} method
+ */
+export function method_not_allowed(mod, method) {
+	return new Response(`${method} method not allowed`, {
+		status: 405,
+		headers: {
+			// https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/405
+			// "The server must generate an Allow header field in a 405 status code response"
+			allow: allowed_methods(mod).join(', ')
+		}
+	});
+}
+
+/** @param {Partial<Record<import('types').HttpMethod, any>>} mod */
+export function allowed_methods(mod) {
+	const allowed = [];
+
+	for (const method in ['GET', 'POST', 'PUT', 'PATCH', 'DELETE']) {
+		if (method in mod) allowed.push(method);
+	}
+
+	if (mod.GET || mod.HEAD) allowed.push('HEAD');
+
+	return allowed;
+}
+
+/**
+ * @param {any} data
+ * @param {import('types').RequestEvent} event
+ */
+export function data_response(data, event) {
+	const headers = {
+		'content-type': 'application/json',
+		'cache-control': 'private, no-store'
+	};
+
+	try {
+		return new Response(devalue.stringify(data), { headers });
+	} catch (e) {
+		const error = /** @type {any} */ (e);
+		const match = /\[(\d+)\]\.data\.(.+)/.exec(error.path);
+		const message = match
+			? `Data returned from \`load\` while rendering /${event.routeId} is not serializable: ${error.message} (data.${match[2]})`
+			: error.message;
+		return new Response(JSON.stringify(message), { headers, status: 500 });
+	}
+}
+
+/**
+ * @template {'prerender' | 'ssr' | 'csr'} Option
+ * @template {Option extends 'prerender' ? import('types').PrerenderOption : boolean} Value
+ *
+ * @param {Array<import('types').SSRNode | undefined>} nodes
+ * @param {Option} option
+ *
+ * @returns {Value | undefined}
+ */
+export function get_option(nodes, option) {
+	return nodes.reduce((value, node) => {
+		// TODO remove for 1.0
+		for (const thing of [node?.server, node?.shared]) {
+			if (thing && ('router' in thing || 'hydrate' in thing)) {
+				throw new Error(
+					'`export const hydrate` and `export const router` have been replaced with `export const csr`. See https://github.com/sveltejs/kit/pull/6446'
+				);
+			}
+		}
+
+		return /** @type {any} TypeScript's too dumb to understand this */ (
+			node?.shared?.[option] ?? node?.server?.[option] ?? value
+		);
+	}, /** @type {Value | undefined} */ (undefined));
+}
+
+/**
+ * Return as a response that renders the error.html
+ *
+ * @param {import('types').SSROptions} options
+ * @param {number} status
+ * @param {string} message
+ */
+export function static_error_page(options, status, message) {
+	return new Response(options.error_template({ status, message }), {
+		headers: { 'content-type': 'text/html; charset=utf-8' },
+		status
+	});
+}
+
+/**
+ * @param {import('types').RequestEvent} event
+ * @param {import('types').SSROptions} options
+ * @param {Error | HttpError} error
+ */
+export function handle_fatal_error(event, options, error) {
+	const status = error instanceof HttpError ? error.status : 500;
+	const body = handle_error_and_jsonify(event, options, error);
+
+	// ideally we'd use sec-fetch-dest instead, but Safari — quelle surprise — doesn't support it
+	const type = negotiate(event.request.headers.get('accept') || 'text/html', [
+		'application/json',
+		'text/html'
+	]);
+
+	if (event.url.pathname.endsWith(DATA_SUFFIX) || type === 'application/json') {
+		return new Response(JSON.stringify(body), {
+			status,
+			headers: { 'content-type': 'application/json; charset=utf-8' }
+		});
+	}
+
+	return static_error_page(options, status, body.message);
+}
+
+/**
+ * @param {import('types').RequestEvent} event
+ * @param {import('types').SSROptions} options
+ * @param {any} error
+ * @returns {App.Error}
+ */
+export function handle_error_and_jsonify(event, options, error) {
+	if (error instanceof HttpError) {
+		return error.body;
+	} else {
+		return options.handle_error(error, event);
+	}
+}
+
+/**
+ * @param {number} status
+ * @param {string} location
+ */
+export function redirect_response(status, location) {
+	const response = new Response(undefined, {
+		status,
+		headers: { location }
+	});
+	return response;
+}

package/src/utils/array.js

@@ -0,0 +1,9 @@
+/**
+ * Removes nullish values from an array.
+ *
+ * @template T
+ * @param {Array<T>} arr
+ */
+export function compact(arr) {
+	return arr.filter(/** @returns {val is NonNullable<T>} */ (val) => val != null);
+}

package/src/utils/error.js

@@ -0,0 +1,22 @@
+import { HttpError, Redirect } from '../runtime/control.js';
+
+/**
+ * @param {unknown} err
+ * @return {Error}
+ */
+export function coalesce_to_error(err) {
+	return err instanceof Error ||
+		(err && /** @type {any} */ (err).name && /** @type {any} */ (err).message)
+		? /** @type {Error} */ (err)
+		: new Error(JSON.stringify(err));
+}
+
+/**
+ * This is an identity function that exists to make TypeScript less
+ * paranoid about people throwing things that aren't errors, which
+ * frankly is not something we should care about
+ * @param {unknown} error
+ */
+export function normalize_error(error) {
+	return /** @type {Redirect | HttpError | Error} */ (error);
+}

package/src/utils/escape.js

@@ -0,0 +1,46 @@
+/**
+ * When inside a double-quoted attribute value, only `&` and `"` hold special meaning.
+ * @see https://html.spec.whatwg.org/multipage/parsing.html#attribute-value-(double-quoted)-state
+ * @type {Record<string, string>}
+ */
+const escape_html_attr_dict = {
+	'&': '&amp;',
+	'"': '&quot;'
+};
+
+const escape_html_attr_regex = new RegExp(
+	// special characters
+	`[${Object.keys(escape_html_attr_dict).join('')}]|` +
+		// high surrogate without paired low surrogate
+		'[\\ud800-\\udbff](?![\\udc00-\\udfff])|' +
+		// a valid surrogate pair, the only match with 2 code units
+		// we match it so that we can match unpaired low surrogates in the same pass
+		// TODO: use lookbehind assertions once they are widely supported: (?<![\ud800-udbff])[\udc00-\udfff]
+		'[\\ud800-\\udbff][\\udc00-\\udfff]|' +
+		// unpaired low surrogate (see previous match)
+		'[\\udc00-\\udfff]',
+	'g'
+);
+
+/**
+ * Formats a string to be used as an attribute's value in raw HTML.
+ *
+ * It escapes unpaired surrogates (which are allowed in js strings but invalid in HTML), escapes
+ * characters that are special in attributes, and surrounds the whole string in double-quotes.
+ *
+ * @param {string} str
+ * @returns {string} Escaped string surrounded by double-quotes.
+ * @example const html = `<tag data-value=${escape_html_attr('value')}>...</tag>`;
+ */
+export function escape_html_attr(str) {
+	const escaped_str = str.replace(escape_html_attr_regex, (match) => {
+		if (match.length === 2) {
+			// valid surrogate pair
+			return match;
+		}
+
+		return escape_html_attr_dict[match] ?? `&#${match.charCodeAt(0)};`;
+	});
+
+	return `"${escaped_str}"`;
+}

package/src/utils/filesystem.js

@@ -0,0 +1,142 @@
+import fs from 'fs';
+import path from 'path';
+
+/** @param {string} dir */
+export function mkdirp(dir) {
+	try {
+		fs.mkdirSync(dir, { recursive: true });
+	} catch (/** @type {any} */ e) {
+		if (e.code === 'EEXIST') {
+			if (!fs.statSync(dir).isDirectory()) {
+				throw new Error(`Cannot create directory ${dir}, a file already exists at this position`);
+			}
+			return;
+		}
+		throw e;
+	}
+}
+
+/** @param {string} path */
+export function rimraf(path) {
+	fs.rmSync(path, { force: true, recursive: true });
+}
+
+/**
+ * @param {string} source
+ * @param {string} target
+ * @param {{
+ *   filter?: (basename: string) => boolean;
+ *   replace?: Record<string, string>;
+ * }} opts
+ */
+export function copy(source, target, opts = {}) {
+	if (!fs.existsSync(source)) return [];
+
+	/** @type {string[]} */
+	const files = [];
+
+	const prefix = posixify(target) + '/';
+
+	const regex = opts.replace
+		? new RegExp(`\\b(${Object.keys(opts.replace).join('|')})\\b`, 'g')
+		: null;
+
+	/**
+	 * @param {string} from
+	 * @param {string} to
+	 */
+	function go(from, to) {
+		if (opts.filter && !opts.filter(path.basename(from))) return;
+
+		const stats = fs.statSync(from);
+
+		if (stats.isDirectory()) {
+			fs.readdirSync(from).forEach((file) => {
+				go(path.join(from, file), path.join(to, file));
+			});
+		} else {
+			mkdirp(path.dirname(to));
+
+			if (opts.replace) {
+				const data = fs.readFileSync(from, 'utf-8');
+				fs.writeFileSync(
+					to,
+					data.replace(
+						/** @type {RegExp} */ (regex),
+						(_match, key) => /** @type {Record<string, string>} */ (opts.replace)[key]
+					)
+				);
+			} else {
+				fs.copyFileSync(from, to);
+			}
+
+			files.push(to === target ? posixify(path.basename(to)) : posixify(to).replace(prefix, ''));
+		}
+	}
+
+	go(source, target);
+
+	return files;
+}
+
+/**
+ * Get a list of all files in a directory
+ * @param {string} cwd - the directory to walk
+ * @param {boolean} [dirs] - whether to include directories in the result
+ */
+export function walk(cwd, dirs = false) {
+	/** @type {string[]} */
+	const all_files = [];
+
+	/** @param {string} dir */
+	function walk_dir(dir) {
+		const files = fs.readdirSync(path.join(cwd, dir));
+
+		for (const file of files) {
+			const joined = path.join(dir, file);
+			const stats = fs.statSync(path.join(cwd, joined));
+			if (stats.isDirectory()) {
+				if (dirs) all_files.push(joined);
+				walk_dir(joined);
+			} else {
+				all_files.push(joined);
+			}
+		}
+	}
+
+	return walk_dir(''), all_files;
+}
+
+/** @param {string} str */
+export function posixify(str) {
+	return str.replace(/\\/g, '/');
+}
+
+/**
+ * Given an entry point like [cwd]/src/hooks, returns a filename like [cwd]/src/hooks.js or [cwd]/src/hooks/index.js
+ * @param {string} entry
+ * @returns {string|null}
+ */
+export function resolve_entry(entry) {
+	if (fs.existsSync(entry)) {
+		const stats = fs.statSync(entry);
+		if (stats.isDirectory()) {
+			return resolve_entry(path.join(entry, 'index'));
+		}
+
+		return entry;
+	} else {
+		const dir = path.dirname(entry);
+
+		if (fs.existsSync(dir)) {
+			const base = path.basename(entry);
+			const files = fs.readdirSync(dir);
+
+			const found = files.find((file) => file.replace(/\.[^.]+$/, '') === base);
+
+			if (found) return path.join(dir, found);
+		}
+	}
+
+	return null;
+}

package/src/utils/functions.js

@@ -0,0 +1,16 @@
+/**
+ * @template T
+ * @param {() => T} fn
+ */
+export function once(fn) {
+	let done = false;
+
+	/** @type T */
+	let result;
+
+	return () => {
+		if (done) return result;
+		done = true;
+		return (result = fn());
+	};
+}

package/src/utils/http.js

@@ -0,0 +1,72 @@
+/**
+ * Given an Accept header and a list of possible content types, pick
+ * the most suitable one to respond with
+ * @param {string} accept
+ * @param {string[]} types
+ */
+export function negotiate(accept, types) {
+	/** @type {Array<{ type: string, subtype: string, q: number, i: number }>} */
+	const parts = [];
+
+	accept.split(',').forEach((str, i) => {
+		const match = /([^/]+)\/([^;]+)(?:;q=([0-9.]+))?/.exec(str);
+
+		// no match equals invalid header — ignore
+		if (match) {
+			const [, type, subtype, q = '1'] = match;
+			parts.push({ type, subtype, q: +q, i });
+		}
+	});
+
+	parts.sort((a, b) => {
+		if (a.q !== b.q) {
+			return b.q - a.q;
+		}
+
+		if ((a.subtype === '*') !== (b.subtype === '*')) {
+			return a.subtype === '*' ? 1 : -1;
+		}
+
+		if ((a.type === '*') !== (b.type === '*')) {
+			return a.type === '*' ? 1 : -1;
+		}
+
+		return a.i - b.i;
+	});
+
+	let accepted;
+	let min_priority = Infinity;
+
+	for (const mimetype of types) {
+		const [type, subtype] = mimetype.split('/');
+		const priority = parts.findIndex(
+			(part) =>
+				(part.type === type || part.type === '*') &&
+				(part.subtype === subtype || part.subtype === '*')
+		);
+
+		if (priority !== -1 && priority < min_priority) {
+			accepted = mimetype;
+			min_priority = priority;
+		}
+	}
+
+	return accepted;
+}
+
+/**
+ * Returns `true` if the request contains a `content-type` header with the given type
+ * @param {Request} request
+ * @param  {...string} types
+ */
+export function is_content_type(request, ...types) {
+	const type = request.headers.get('content-type')?.split(';', 1)[0].trim() ?? '';
+	return types.includes(type);
+}
+
+/**
+ * @param {Request} request
+ */
+export function is_form_content_type(request) {
+	return is_content_type(request, 'application/x-www-form-urlencoded', 'multipart/form-data');
+}

package/src/utils/misc.js

@@ -0,0 +1 @@
+export const s = JSON.stringify;

package/src/utils/promises.js

@@ -0,0 +1,17 @@
+/**
+ * Given an object, return a new object where all top level values are awaited
+ *
+ * @param {Record<string, any>} object
+ * @returns {Promise<Record<string, any>>}
+ */
+export async function unwrap_promises(object) {
+	for (const key in object) {
+		if (typeof object[key]?.then === 'function') {
+			return Object.fromEntries(
+				await Promise.all(Object.entries(object).map(async ([key, value]) => [key, await value]))
+			);
+		}
+	}
+
+	return object;
+}

package/src/utils/routing.js

@@ -0,0 +1,130 @@
+const param_pattern = /^(\[)?(\.\.\.)?(\w+)(?:=(\w+))?(\])?$/;
+
+/** @param {string} id */
+export function parse_route_id(id) {
+	/** @type {string[]} */
+	const names = [];
+
+	/** @type {string[]} */
+	const types = [];
+
+	// `/foo` should get an optional trailing slash, `/foo.json` should not
+	// const add_trailing_slash = !/\.[a-z]+$/.test(key);
+	let add_trailing_slash = true;
+
+	const pattern =
+		id === ''
+			? /^\/$/
+			: new RegExp(
+					`^${id
+						.split(/(?:\/|$)/)
+						.filter(affects_path)
+						.map((segment, i, segments) => {
+							const decoded_segment = decodeURIComponent(segment);
+							// special case — /[...rest]/ could contain zero segments
+							const rest_match = /^\[\.\.\.(\w+)(?:=(\w+))?\]$/.exec(decoded_segment);
+							if (rest_match) {
+								names.push(rest_match[1]);
+								types.push(rest_match[2]);
+								return '(?:/(.*))?';
+							}
+							// special case — /[[optional]]/ could contain zero segments
+							const optional_match = /^\[\[(\w+)(?:=(\w+))?\]\]$/.exec(decoded_segment);
+							if (optional_match) {
+								names.push(optional_match[1]);
+								types.push(optional_match[2]);
+								return '(?:/([^/]+))?';
+							}
+
+							const is_last = i === segments.length - 1;
+
+							if (!decoded_segment) {
+								return;
+							}
+
+							const parts = decoded_segment.split(/\[(.+?)\](?!\])/);
+							const result = parts
+								.map((content, i) => {
+									if (i % 2) {
+										const match = param_pattern.exec(content);
+										if (!match) {
+											throw new Error(
+												`Invalid param: ${content}. Params and matcher names can only have underscores and alphanumeric characters.`
+											);
+										}
+
+										const [, optional, rest, name, type] = match;
+										// It's assumed that the following invalid route id cases are already checked
+										// - unbalanced brackets
+										// - optional param following rest param
+
+										names.push(name);
+										types.push(type);
+										return rest ? '(.*?)' : optional ? '([^/]*)?' : '([^/]+?)';
+									}
+
+									if (is_last && content.includes('.')) add_trailing_slash = false;
+
+									return (
+										content // allow users to specify characters on the file system in an encoded manner
+											.normalize()
+											// We use [ and ] to denote parameters, so users must encode these on the file
+											// system to match against them. We don't decode all characters since others
+											// can already be epressed and so that '%' can be easily used directly in filenames
+											.replace(/%5[Bb]/g, '[')
+											.replace(/%5[Dd]/g, ']')
+											// '#', '/', and '?' can only appear in URL path segments in an encoded manner.
+											// They will not be touched by decodeURI so need to be encoded here, so
+											// that we can match against them.
+											// We skip '/' since you can't create a file with it on any OS
+											.replace(/#/g, '%23')
+											.replace(/\?/g, '%3F')
+											// escape characters that have special meaning in regex
+											.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')
+									); // TODO handle encoding
+								})
+								.join('');
+
+							return '/' + result;
+						})
+						.join('')}${add_trailing_slash ? '/?' : ''}$`
+			  );
+
+	return { pattern, names, types };
+}
+
+/**
+ * Returns `false` for `(group)` segments
+ * @param {string} segment
+ */
+export function affects_path(segment) {
+	return !/^\([^)]+\)$/.test(segment);
+}
+
+/**
+ * @param {RegExpMatchArray} match
+ * @param {string[]} names
+ * @param {string[]} types
+ * @param {Record<string, import('types').ParamMatcher>} matchers
+ */
+export function exec(match, names, types, matchers) {
+	/** @type {Record<string, string>} */
+	const params = {};
+
+	for (let i = 0; i < names.length; i += 1) {
+		const name = names[i];
+		const type = types[i];
+		let value = match[i + 1] || '';
+
+		if (type) {
+			const matcher = matchers[type];
+			if (!matcher) throw new Error(`Missing "${type}" param matcher`); // TODO do this ahead of time?
+
+			if (!matcher(value)) return;
+		}
+
+		params[name] = value;
+	}
+
+	return params;
+}

package/src/utils/unit_test.js

@@ -0,0 +1,11 @@
+import { suite } from 'uvu';
+
+/**
+ * @param {string} name
+ * @param {(suite: import('uvu').Test<import('uvu').Context>) => void} fn
+ */
+export function describe(name, fn) {
+	const s = suite(name);
+	fn(s);
+	s.run();
+}