@terreno/api 0.11.7 → 0.11.9

package/dist/betterAuthSetup.js

@@ -62,6 +62,7 @@ var mongodb_1 = require("better-auth/adapters/mongodb");
 var node_1 = require("better-auth/node");
 var mongoose_1 = __importDefault(require("mongoose"));
 var logger_1 = require("./logger");
+var plugins_1 = require("./plugins");
 /**
  * Creates a Better Auth instance with MongoDB adapter.
  */
@@ -135,7 +136,9 @@ var createBetterAuthSessionMiddleware = function (auth, userModel) {
                     if (!((session === null || session === void 0 ? void 0 : session.user) && (session === null || session === void 0 ? void 0 : session.session))) return [3 /*break*/, 7];
                     betterAuthUser = session.user;
                     if (!userModel) return [3 /*break*/, 6];
-                    return [4 /*yield*/, userModel.findOne({ betterAuthId: betterAuthUser.id })];
+                    return [4 /*yield*/, (0, plugins_1.findOneOrNoneFor)(userModel, {
+                            betterAuthId: betterAuthUser.id,
+                        })];
                 case 2:
                     appUser = _a.sent();
                     if (!appUser) return [3 /*break*/, 3];
@@ -185,7 +188,9 @@ var syncBetterAuthUser = function (userModel, betterAuthUser, oauthProvider) { r
         switch (_a.label) {
             case 0:
                 _a.trys.push([0, 8, , 9]);
-                return [4 /*yield*/, userModel.findOne({ betterAuthId: betterAuthUser.id })];
+                return [4 /*yield*/, (0, plugins_1.findOneOrNoneFor)(userModel, {
+                        betterAuthId: betterAuthUser.id,
+                    })];
             case 1:
                 existingUser = _a.sent();
                 if (!existingUser) return [3 /*break*/, 3];
@@ -198,7 +203,9 @@ var syncBetterAuthUser = function (userModel, betterAuthUser, oauthProvider) { r
             case 2:
                 _a.sent();
                 return [2 /*return*/, existingUser];
-            case 3: return [4 /*yield*/, userModel.findOne({ email: betterAuthUser.email })];
+            case 3: return [4 /*yield*/, (0, plugins_1.findOneOrNoneFor)(userModel, {
+                    email: betterAuthUser.email,
+                })];
             case 4:
                 userByEmail = _a.sent();
                 if (!userByEmail) return [3 /*break*/, 6];

package/dist/configurationPlugin.d.ts

@@ -75,7 +75,8 @@ export interface ConfigurationStatics<T extends object> {
  * const full = await AppConfig.getConfig(); // typed as AppConfigDocument
  * ```
  */
-export type ConfigurationModel<T extends object> = Model<T> & ConfigurationStatics<T>;
+export interface ConfigurationModel<T extends object> extends Model<T>, ConfigurationStatics<T> {
+}
 /**
  * Mongoose schema plugin that adds singleton configuration behavior.
  *

package/dist/configurationPlugin.js

@@ -50,6 +50,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.configurationPlugin = void 0;
 var errors_1 = require("./errors");
 var logger_1 = require("./logger");
+var plugins_1 = require("./plugins");
 // ---------------------------------------------------------------------------
 // Plugin
 // ---------------------------------------------------------------------------
@@ -78,6 +79,8 @@ var logger_1 = require("./logger");
  */
 var configurationPlugin = function (schema, options) {
     var pluginOptions = options !== null && options !== void 0 ? options : {};
+    // Apply findOneOrNone so the singleton lookup avoids bare Model.findOne (idempotent).
+    (0, plugins_1.findOneOrNone)(schema);
     // Add a sentinel field with a unique index to enforce singleton at the DB level.
     // All config documents get _singleton: "config", and the unique index prevents duplicates.
     schema.add({
@@ -92,7 +95,7 @@ var configurationPlugin = function (schema, options) {
                 switch (_a.label) {
                     case 0:
                         if (!this.isNew) return [3 /*break*/, 2];
-                        return [4 /*yield*/, this.constructor.findOne({})];
+                        return [4 /*yield*/, this.constructor.exists({})];
                     case 1:
                         existing = _a.sent();
                         if (existing) {
@@ -126,28 +129,32 @@ var configurationPlugin = function (schema, options) {
     // Static: get the singleton configuration document or a value at a path (race-safe via upsert)
     schema.statics.getConfig = function (key) {
         return __awaiter(this, void 0, void 0, function () {
-            var config, err_1, parts, value, parts_1, parts_1_1, part;
+            var findSingleton, config, created, err_1, parts, value, parts_1, parts_1_1, part;
             var e_1, _a;
+            var _this = this;
             return __generator(this, function (_b) {
                 switch (_b.label) {
-                    case 0: return [4 /*yield*/, this.findOne({})];
+                    case 0:
+                        findSingleton = function () {
+                            return _this.findOneOrNone({});
+                        };
+                        return [4 /*yield*/, findSingleton()];
                     case 1:
                         config = _b.sent();
                         if (!!config) return [3 /*break*/, 8];
                         _b.label = 2;
                     case 2:
                         _b.trys.push([2, 4, , 8]);
-                        // Use `new` + `save` instead of `create({})` so Mongoose initializes
-                        // nested subdocument defaults (create({}) skips them).
-                        config = new this();
-                        return [4 /*yield*/, config.save()];
+                        created = new this();
+                        return [4 /*yield*/, created.save()];
                     case 3:
                         _b.sent();
+                        config = created;
                         return [3 /*break*/, 8];
                     case 4:
                         err_1 = _b.sent();
                         if (!((err_1 === null || err_1 === void 0 ? void 0 : err_1.status) === 409)) return [3 /*break*/, 6];
-                        return [4 /*yield*/, this.findOne({})];
+                        return [4 /*yield*/, findSingleton()];
                     case 5:
                         config = _b.sent();
                         return [3 /*break*/, 7];
@@ -158,7 +165,7 @@ var configurationPlugin = function (schema, options) {
                             return [2 /*return*/, config];
                         }
                         parts = key.split(".");
-                        value = config.toObject();
+                        value = config === null || config === void 0 ? void 0 : config.toObject();
                         try {
                             for (parts_1 = __values(parts), parts_1_1 = parts_1.next(); !parts_1_1.done; parts_1_1 = parts_1.next()) {
                                 part = parts_1_1.value;

package/dist/errors.d.ts

@@ -60,16 +60,16 @@ export declare class APIError extends Error {
     disableExternalErrorTracking?: boolean;
     constructor(data: APIErrorConstructor);
 }
-export declare function errorsPlugin(schema: Schema): void;
-export declare function isAPIError(error: Error): error is APIError;
+export declare const errorsPlugin: (schema: Schema) => void;
+export declare const isAPIError: (error: Error) => error is APIError;
 /**
  * Safely extracts the disableExternalErrorTracking property from an error.
  * Works with both APIError instances and regular Error objects that may have
  * this property attached.
  */
-export declare function getDisableExternalErrorTracking(error: unknown): boolean | undefined;
-export declare function getAPIErrorBody(error: APIError): {
+export declare const getDisableExternalErrorTracking: (error: unknown) => boolean | undefined;
+export declare const getAPIErrorBody: (error: APIError) => {
     [id: string]: any;
 };
-export declare function apiUnauthorizedMiddleware(err: Error, _req: Request, res: Response, next: NextFunction): void;
-export declare function apiErrorMiddleware(err: Error, _req: Request, res: Response, next: NextFunction): void;
+export declare const apiUnauthorizedMiddleware: (err: Error, _req: Request, res: Response, next: NextFunction) => void;
+export declare const apiErrorMiddleware: (err: Error, _req: Request, res: Response, next: NextFunction) => void;

package/dist/errors.js

@@ -59,13 +59,7 @@ var __values = (this && this.__values) || function(o) {
     throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.APIError = void 0;
-exports.errorsPlugin = errorsPlugin;
-exports.isAPIError = isAPIError;
-exports.getDisableExternalErrorTracking = getDisableExternalErrorTracking;
-exports.getAPIErrorBody = getAPIErrorBody;
-exports.apiUnauthorizedMiddleware = apiUnauthorizedMiddleware;
-exports.apiErrorMiddleware = apiErrorMiddleware;
+exports.apiErrorMiddleware = exports.apiUnauthorizedMiddleware = exports.getAPIErrorBody = exports.getDisableExternalErrorTracking = exports.isAPIError = exports.errorsPlugin = exports.APIError = void 0;
 // https://jsonapi.org/format/#errors
 var Sentry = __importStar(require("@sentry/bun"));
 var mongoose_1 = require("mongoose");
@@ -129,7 +123,7 @@ exports.APIError = APIError;
 // may not be fully initialized when this module loads.
 // Create an errors field for storing error information in a JSONAPI compatible form directly on a
 // model.
-function errorsPlugin(schema) {
+var errorsPlugin = function (schema) {
     var errorSchema = new mongoose_1.Schema({
         code: { description: "Application-specific error code", type: String },
         detail: { description: "Human-readable explanation of the error", type: String },
@@ -151,18 +145,20 @@ function errorsPlugin(schema) {
         title: { description: "Short summary of the error", required: true, type: String },
     });
     schema.add({ apiErrors: errorSchema });
-}
-function isAPIError(error) {
+};
+exports.errorsPlugin = errorsPlugin;
+var isAPIError = function (error) {
     return error.name === "APIError";
-}
+};
+exports.isAPIError = isAPIError;
 /**
  * Safely extracts the disableExternalErrorTracking property from an error.
  * Works with both APIError instances and regular Error objects that may have
  * this property attached.
  */
-function getDisableExternalErrorTracking(error) {
+var getDisableExternalErrorTracking = function (error) {
     if (error instanceof Error) {
-        if (isAPIError(error)) {
+        if ((0, exports.isAPIError)(error)) {
             return error.disableExternalErrorTracking;
         }
     }
@@ -170,11 +166,12 @@ function getDisableExternalErrorTracking(error) {
         return error.disableExternalErrorTracking;
     }
     return undefined;
-}
+};
+exports.getDisableExternalErrorTracking = getDisableExternalErrorTracking;
 // Creates an APIError body to send to clients as JSON. Errors don't have a toJSON defined,
 // and we want to strip out things like message, name, and stack for the client.
 // There is almost certainly a more elegant solution to this.
-function getAPIErrorBody(error) {
+var getAPIErrorBody = function (error) {
     var e_1, _a;
     var errorData = { status: error.status, title: error.title };
     try {
@@ -202,8 +199,9 @@ function getAPIErrorBody(error) {
         finally { if (e_1) throw e_1.error; }
     }
     return errorData;
-}
-function apiUnauthorizedMiddleware(err, _req, res, next) {
+};
+exports.getAPIErrorBody = getAPIErrorBody;
+var apiUnauthorizedMiddleware = function (err, _req, res, next) {
     if (err.message === "Unauthorized") {
         // not using the actual APIError class here because we don't want to log it as an error.
         res.status(401).json({ status: 401, title: "Unauthorized" }).send();
@@ -211,15 +209,17 @@ function apiUnauthorizedMiddleware(err, _req, res, next) {
     else {
         next(err);
     }
-}
-function apiErrorMiddleware(err, _req, res, next) {
-    if (isAPIError(err)) {
+};
+exports.apiUnauthorizedMiddleware = apiUnauthorizedMiddleware;
+var apiErrorMiddleware = function (err, _req, res, next) {
+    if ((0, exports.isAPIError)(err)) {
         if (!err.disableExternalErrorTracking) {
             Sentry.captureException(err);
         }
-        res.status(err.status).json(getAPIErrorBody(err)).send();
+        res.status(err.status).json((0, exports.getAPIErrorBody)(err)).send();
     }
     else {
         next(err);
     }
-}
+};
+exports.apiErrorMiddleware = apiErrorMiddleware;

package/dist/errors.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/errors.test.js

@@ -0,0 +1,280 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+var bun_test_1 = require("bun:test");
+var Sentry = __importStar(require("@sentry/bun"));
+var mongoose_1 = require("mongoose");
+var errors_1 = require("./errors");
+var buildResponse = function () {
+    var res = {
+        json: (0, bun_test_1.mock)(function () { return res; }),
+        send: (0, bun_test_1.mock)(function () { return res; }),
+        status: (0, bun_test_1.mock)(function () { return res; }),
+    };
+    return res;
+};
+(0, bun_test_1.describe)("APIError", function () {
+    (0, bun_test_1.it)("creates an error with the provided fields", function () {
+        var error = new errors_1.APIError({
+            code: "validation-failed",
+            detail: "Email is invalid",
+            id: "abc-123",
+            links: { about: "https://example.com/help", type: "https://example.com/types/validation" },
+            meta: { requestId: "req-1" },
+            source: { header: "x-foo", parameter: "limit", pointer: "/data/email" },
+            status: 400,
+            title: "Validation failed",
+        });
+        (0, bun_test_1.expect)(error).toBeInstanceOf(Error);
+        (0, bun_test_1.expect)(error.name).toBe("APIError");
+        (0, bun_test_1.expect)(error.title).toBe("Validation failed");
+        (0, bun_test_1.expect)(error.detail).toBe("Email is invalid");
+        (0, bun_test_1.expect)(error.code).toBe("validation-failed");
+        (0, bun_test_1.expect)(error.status).toBe(400);
+        (0, bun_test_1.expect)(error.id).toBe("abc-123");
+        (0, bun_test_1.expect)(error.links).toEqual({
+            about: "https://example.com/help",
+            type: "https://example.com/types/validation",
+        });
+        (0, bun_test_1.expect)(error.source).toEqual({
+            header: "x-foo",
+            parameter: "limit",
+            pointer: "/data/email",
+        });
+        (0, bun_test_1.expect)(error.meta).toEqual({ requestId: "req-1" });
+    });
+    (0, bun_test_1.it)("includes the title and detail in the error message", function () {
+        var error = new errors_1.APIError({ detail: "Something exploded", title: "Boom" });
+        (0, bun_test_1.expect)(error.message).toBe("Boom: Something exploded");
+    });
+    (0, bun_test_1.it)("includes the wrapped error stack in the message", function () {
+        var _a;
+        var wrapped = new Error("inner");
+        var error = new errors_1.APIError({ error: wrapped, title: "Outer" });
+        (0, bun_test_1.expect)(error.message).toContain("Outer");
+        (0, bun_test_1.expect)(error.message).toContain((_a = wrapped.stack) !== null && _a !== void 0 ? _a : "");
+    });
+    (0, bun_test_1.it)("defaults status to 500 when status is omitted", function () {
+        var error = new errors_1.APIError({ title: "No status" });
+        (0, bun_test_1.expect)(error.status).toBe(500);
+    });
+    (0, bun_test_1.it)("forces status to 500 when below 400", function () {
+        var error = new errors_1.APIError({ status: 200, title: "Too low" });
+        (0, bun_test_1.expect)(error.status).toBe(500);
+    });
+    (0, bun_test_1.it)("forces status to 500 when above 599", function () {
+        var error = new errors_1.APIError({ status: 600, title: "Too high" });
+        (0, bun_test_1.expect)(error.status).toBe(500);
+    });
+    (0, bun_test_1.it)("defaults meta to an empty object when not provided", function () {
+        var error = new errors_1.APIError({ title: "No meta" });
+        (0, bun_test_1.expect)(error.meta).toEqual({});
+    });
+    (0, bun_test_1.it)("merges fields into meta", function () {
+        var _a;
+        var error = new errors_1.APIError({
+            fields: { email: "Required", name: "Required" },
+            title: "Validation",
+        });
+        (0, bun_test_1.expect)((_a = error.meta) === null || _a === void 0 ? void 0 : _a.fields).toEqual({ email: "Required", name: "Required" });
+    });
+    (0, bun_test_1.it)("respects disableExternalErrorTracking", function () {
+        var trackedError = new errors_1.APIError({ title: "Tracked" });
+        var untrackedError = new errors_1.APIError({
+            disableExternalErrorTracking: true,
+            title: "Untracked",
+        });
+        (0, bun_test_1.expect)(trackedError.disableExternalErrorTracking).toBeUndefined();
+        (0, bun_test_1.expect)(untrackedError.disableExternalErrorTracking).toBe(true);
+    });
+});
+(0, bun_test_1.describe)("isAPIError", function () {
+    (0, bun_test_1.it)("returns true for an APIError instance", function () {
+        (0, bun_test_1.expect)((0, errors_1.isAPIError)(new errors_1.APIError({ title: "Boom" }))).toBe(true);
+    });
+    (0, bun_test_1.it)("returns false for a regular Error", function () {
+        (0, bun_test_1.expect)((0, errors_1.isAPIError)(new Error("nope"))).toBe(false);
+    });
+    (0, bun_test_1.it)("returns true for any error whose name is APIError", function () {
+        var err = new Error("custom");
+        err.name = "APIError";
+        (0, bun_test_1.expect)((0, errors_1.isAPIError)(err)).toBe(true);
+    });
+});
+(0, bun_test_1.describe)("getDisableExternalErrorTracking", function () {
+    (0, bun_test_1.it)("returns the flag from an APIError", function () {
+        var error = new errors_1.APIError({ disableExternalErrorTracking: true, title: "Test" });
+        (0, bun_test_1.expect)((0, errors_1.getDisableExternalErrorTracking)(error)).toBe(true);
+    });
+    (0, bun_test_1.it)("returns undefined for a plain Error without the flag", function () {
+        (0, bun_test_1.expect)((0, errors_1.getDisableExternalErrorTracking)(new Error("plain"))).toBeUndefined();
+    });
+    (0, bun_test_1.it)("returns the flag when attached to a non-APIError object", function () {
+        var error = { disableExternalErrorTracking: false };
+        (0, bun_test_1.expect)((0, errors_1.getDisableExternalErrorTracking)(error)).toBe(false);
+    });
+    (0, bun_test_1.it)("returns undefined for primitives and null", function () {
+        (0, bun_test_1.expect)((0, errors_1.getDisableExternalErrorTracking)(null)).toBeUndefined();
+        (0, bun_test_1.expect)((0, errors_1.getDisableExternalErrorTracking)(undefined)).toBeUndefined();
+        (0, bun_test_1.expect)((0, errors_1.getDisableExternalErrorTracking)("string")).toBeUndefined();
+        (0, bun_test_1.expect)((0, errors_1.getDisableExternalErrorTracking)(42)).toBeUndefined();
+    });
+    (0, bun_test_1.it)("returns undefined for an object missing the property", function () {
+        (0, bun_test_1.expect)((0, errors_1.getDisableExternalErrorTracking)({ foo: "bar" })).toBeUndefined();
+    });
+});
+(0, bun_test_1.describe)("getAPIErrorBody", function () {
+    (0, bun_test_1.it)("returns title and status by default", function () {
+        var error = new errors_1.APIError({ status: 404, title: "Not Found" });
+        var body = (0, errors_1.getAPIErrorBody)(error);
+        (0, bun_test_1.expect)(body).toEqual({ meta: {}, status: 404, title: "Not Found" });
+    });
+    (0, bun_test_1.it)("includes optional fields when set", function () {
+        var error = new errors_1.APIError({
+            code: "not-found",
+            detail: "Could not find resource",
+            disableExternalErrorTracking: true,
+            id: "err-1",
+            links: { about: "https://example.com/help" },
+            source: { pointer: "/data/id" },
+            status: 404,
+            title: "Not Found",
+        });
+        var body = (0, errors_1.getAPIErrorBody)(error);
+        (0, bun_test_1.expect)(body).toEqual({
+            code: "not-found",
+            detail: "Could not find resource",
+            disableExternalErrorTracking: true,
+            id: "err-1",
+            links: { about: "https://example.com/help" },
+            meta: {},
+            source: { pointer: "/data/id" },
+            status: 404,
+            title: "Not Found",
+        });
+    });
+    (0, bun_test_1.it)("omits empty meta and unset optional fields", function () {
+        var error = new errors_1.APIError({ status: 400, title: "Bad" });
+        // meta defaults to {} which is truthy, so it is included.
+        var body = (0, errors_1.getAPIErrorBody)(error);
+        (0, bun_test_1.expect)(body.meta).toEqual({});
+        (0, bun_test_1.expect)(body.code).toBeUndefined();
+        (0, bun_test_1.expect)(body.detail).toBeUndefined();
+        (0, bun_test_1.expect)(body.id).toBeUndefined();
+        (0, bun_test_1.expect)(body.links).toBeUndefined();
+        (0, bun_test_1.expect)(body.source).toBeUndefined();
+    });
+});
+(0, bun_test_1.describe)("errorsPlugin", function () {
+    (0, bun_test_1.it)("adds an apiErrors array field to the schema", function () {
+        var schema = new mongoose_1.Schema({ name: String });
+        (0, errors_1.errorsPlugin)(schema);
+        var path = schema.path("apiErrors");
+        (0, bun_test_1.expect)(path).toBeDefined();
+    });
+    (0, bun_test_1.it)("requires title on each error subdocument", function () {
+        var schema = new mongoose_1.Schema({ name: String });
+        (0, errors_1.errorsPlugin)(schema);
+        var path = schema.path("apiErrors");
+        // Inspect the embedded error schema for the title definition.
+        var embedded = path;
+        var titlePath = embedded.schema.path("title");
+        (0, bun_test_1.expect)(titlePath).toBeDefined();
+        (0, bun_test_1.expect)(titlePath.isRequired).toBe(true);
+    });
+});
+(0, bun_test_1.describe)("apiUnauthorizedMiddleware", function () {
+    var res;
+    var next;
+    var req = {};
+    (0, bun_test_1.beforeEach)(function () {
+        res = buildResponse();
+        next = (0, bun_test_1.mock)(function () { });
+    });
+    (0, bun_test_1.it)("returns a 401 JSON response when the message is Unauthorized", function () {
+        (0, errors_1.apiUnauthorizedMiddleware)(new Error("Unauthorized"), req, res, next);
+        (0, bun_test_1.expect)(res.status).toHaveBeenCalledWith(401);
+        (0, bun_test_1.expect)(res.json).toHaveBeenCalledWith({ status: 401, title: "Unauthorized" });
+        (0, bun_test_1.expect)(res.send).toHaveBeenCalled();
+        (0, bun_test_1.expect)(next).not.toHaveBeenCalled();
+    });
+    (0, bun_test_1.it)("forwards other errors to next", function () {
+        var err = new Error("Something else");
+        (0, errors_1.apiUnauthorizedMiddleware)(err, req, res, next);
+        (0, bun_test_1.expect)(next).toHaveBeenCalledWith(err);
+        (0, bun_test_1.expect)(res.status).not.toHaveBeenCalled();
+    });
+});
+(0, bun_test_1.describe)("apiErrorMiddleware", function () {
+    var res;
+    var next;
+    var req = {};
+    var captureExceptionSpy = Sentry.captureException;
+    (0, bun_test_1.beforeEach)(function () {
+        var _a;
+        res = buildResponse();
+        next = (0, bun_test_1.mock)(function () { });
+        (_a = captureExceptionSpy.mockClear) === null || _a === void 0 ? void 0 : _a.call(captureExceptionSpy);
+    });
+    (0, bun_test_1.it)("responds with the APIError status and body", function () {
+        var err = new errors_1.APIError({ detail: "missing", status: 404, title: "Not Found" });
+        (0, errors_1.apiErrorMiddleware)(err, req, res, next);
+        (0, bun_test_1.expect)(res.status).toHaveBeenCalledWith(404);
+        (0, bun_test_1.expect)(res.json).toHaveBeenCalledWith((0, errors_1.getAPIErrorBody)(err));
+        (0, bun_test_1.expect)(res.send).toHaveBeenCalled();
+        (0, bun_test_1.expect)(next).not.toHaveBeenCalled();
+    });
+    (0, bun_test_1.it)("captures the exception with Sentry by default", function () {
+        var err = new errors_1.APIError({ status: 500, title: "Boom" });
+        (0, errors_1.apiErrorMiddleware)(err, req, res, next);
+        (0, bun_test_1.expect)(captureExceptionSpy).toHaveBeenCalledWith(err);
+    });
+    (0, bun_test_1.it)("does not capture the exception when disableExternalErrorTracking is true", function () {
+        var err = new errors_1.APIError({
+            disableExternalErrorTracking: true,
+            status: 500,
+            title: "Quiet",
+        });
+        (0, errors_1.apiErrorMiddleware)(err, req, res, next);
+        (0, bun_test_1.expect)(captureExceptionSpy).not.toHaveBeenCalled();
+        (0, bun_test_1.expect)(res.status).toHaveBeenCalledWith(500);
+    });
+    (0, bun_test_1.it)("forwards non-APIError errors to next", function () {
+        var err = new Error("not an api error");
+        (0, errors_1.apiErrorMiddleware)(err, req, res, next);
+        (0, bun_test_1.expect)(next).toHaveBeenCalledWith(err);
+        (0, bun_test_1.expect)(res.status).not.toHaveBeenCalled();
+    });
+});

package/dist/githubAuth.d.ts

@@ -46,12 +46,12 @@ export interface GitHubUserFields {
  * userSchema.plugin(githubUserPlugin);
  * ```
  */
-export declare function githubUserPlugin(schema: any): void;
+export declare const githubUserPlugin: (schema: any) => void;
 /**
  * Sets up GitHub OAuth authentication strategy.
  * Call this after setupAuth() in your server initialization.
  */
-export declare function setupGitHubAuth(_app: express.Application, userModel: UserModel, githubOptions: GitHubAuthOptions): void;
+export declare const setupGitHubAuth: (_app: express.Application, userModel: UserModel, githubOptions: GitHubAuthOptions) => void;
 /**
  * Adds GitHub OAuth routes to the Express application.
  *
@@ -61,4 +61,4 @@ export declare function setupGitHubAuth(_app: express.Application, userModel: Us
  * - POST /auth/github/link - Links GitHub account to authenticated user (requires JWT auth)
  * - DELETE /auth/github/unlink - Unlinks GitHub account from authenticated user (requires JWT auth)
  */
-export declare function addGitHubAuthRoutes(app: express.Application, userModel: UserModel, githubOptions: GitHubAuthOptions, authOptions?: AuthOptions): void;
+export declare const addGitHubAuthRoutes: (app: express.Application, userModel: UserModel, githubOptions: GitHubAuthOptions, authOptions?: AuthOptions) => void;