@taujs/server 0.3.6 → 0.4.0

package/dist/config.d.ts

@@ -1,37 +0,0 @@
-import { PluginOption } from 'vite';
-import { R as Route, a as RouteParams, b as RouteAttributes } from './SSRServer-DPZped7n.js';
-import 'node:http';
-import 'fastify';
-
-/**
- * taujs [ τjs ] Orchestration System
- * (c) 2024-present Aoede Ltd
- * Author: John Smith
- *
- * Licensed under the MIT License — attribution appreciated.
- * Part of the taujs [ τjs ] system for declarative, build-time orchestration of microfrontend applications,
- * including CSR, SSR, streaming, and middleware composition.
- */
-
-type AppRoute = Omit<Route<RouteParams>, 'appId'> & {
-    attr?: RouteAttributes;
-};
-type AppConfig = {
-    appId: string;
-    entryPoint: string;
-    plugins?: PluginOption[];
-    routes?: AppRoute[];
-};
-type TaujsConfig = {
-    apps: AppConfig[];
-};
-declare const extractBuildConfigs: (config: {
-    apps: {
-        appId: string;
-        entryPoint: string;
-        plugins?: PluginOption[];
-    }[];
-}) => AppConfig[];
-declare const extractRoutes: (taujsConfig: TaujsConfig) => Route<RouteParams>[];
-
-export { type AppConfig, type AppRoute, type TaujsConfig, extractBuildConfigs, extractRoutes };

package/dist/security/csp.d.ts

@@ -1,4 +0,0 @@
-import 'fastify';
-export { q as CSPDirectives, r as CSPOptions, w as applyCSP, u as createCSPHook, s as defaultGenerateCSP, t as generateNonce, v as getRequestNonce } from '../SSRServer-DPZped7n.js';
-import 'node:http';
-import 'vite';

package/dist/security/csp.js

@@ -1,67 +0,0 @@
-// src/security/csp.ts
-import crypto from "crypto";
-
-// src/constants.ts
-var DEV_CSP_DIRECTIVES = {
-  "default-src": ["'self'"],
-  "connect-src": ["'self'", "ws:", "http:"],
-  "style-src": ["'self'", "'unsafe-inline'"],
-  "img-src": ["'self'", "data:"]
-};
-
-// src/utils/Utils.ts
-import { dirname, join } from "path";
-import "path";
-import { fileURLToPath } from "url";
-import { match } from "path-to-regexp";
-var isDevelopment = process.env.NODE_ENV === "development";
-var __filename = fileURLToPath(import.meta.url);
-var __dirname = join(dirname(__filename), !isDevelopment ? "./" : "..");
-
-// src/security/csp.ts
-var defaultGenerateCSP = (directives, nonce) => {
-  const merged = { ...directives };
-  merged["script-src"] = merged["script-src"] || ["'self'"];
-  if (!merged["script-src"].some((v) => v.startsWith("'nonce-"))) merged["script-src"].push(`'nonce-${nonce}'`);
-  if (isDevelopment) {
-    const connect = merged["connect-src"] || ["'self'"];
-    if (!connect.includes("ws:")) connect.push("ws:");
-    if (!connect.includes("http:")) connect.push("http:");
-    merged["connect-src"] = connect;
-    const style = merged["style-src"] || ["'self'"];
-    if (!style.includes("'unsafe-inline'")) style.push("'unsafe-inline'");
-    merged["style-src"] = style;
-  }
-  return Object.entries(merged).map(([key, values]) => `${key} ${values.join(" ")}`).join("; ");
-};
-var generateNonce = () => crypto.randomBytes(16).toString("base64");
-var createCSPHook = (options = {}) => (req, reply, done) => {
-  const nonce = generateNonce();
-  const directives = options.directives ?? DEV_CSP_DIRECTIVES;
-  const generate = options.generateCSP ?? defaultGenerateCSP;
-  const cspHeader = generate(directives, nonce);
-  reply.header("Content-Security-Policy", cspHeader);
-  if (typeof options.exposeNonce === "function") {
-    options.exposeNonce(req, nonce);
-  } else {
-    req.nonce = nonce;
-  }
-  done();
-};
-var getRequestNonce = (req) => req.nonce;
-var applyCSP = (security, reply) => {
-  const nonce = generateNonce();
-  const directives = security?.csp?.directives ?? DEV_CSP_DIRECTIVES;
-  const generate = security?.csp?.generateCSP ?? defaultGenerateCSP;
-  const header = generate(directives, nonce);
-  reply.header("Content-Security-Policy", header);
-  reply.request.nonce = nonce;
-  return nonce;
-};
-export {
-  applyCSP,
-  createCSPHook,
-  defaultGenerateCSP,
-  generateNonce,
-  getRequestNonce
-};