npm - @timber-js/app - Versions diffs - 0.2.0-alpha.9 → 0.2.0-alpha.90 - Mend

@timber-js/app 0.2.0-alpha.9 → 0.2.0-alpha.90

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (610) hide show

package/dist/_chunks/actions-DLnUaR65.js +421 -0
package/dist/_chunks/actions-DLnUaR65.js.map +1 -0
package/dist/_chunks/{als-registry-B7DbZ2hS.js → als-registry-HS0LGUl2.js} +1 -1
package/dist/_chunks/als-registry-HS0LGUl2.js.map +1 -0
package/dist/_chunks/chunk-BYIpzuS7.js +39 -0
package/dist/_chunks/{debug-gwlJkDuf.js → debug-ECi_61pb.js} +2 -2
package/dist/_chunks/debug-ECi_61pb.js.map +1 -0
package/dist/_chunks/define-C77ScO0m.js +106 -0
package/dist/_chunks/define-C77ScO0m.js.map +1 -0
package/dist/_chunks/define-Itxvcd7F.js +199 -0
package/dist/_chunks/define-Itxvcd7F.js.map +1 -0
package/dist/_chunks/define-cookie-BowvzoP0.js +94 -0
package/dist/_chunks/define-cookie-BowvzoP0.js.map +1 -0
package/dist/_chunks/{format-DviM89f0.js → dev-warnings-DpGRGoDi.js} +5 -44
package/dist/_chunks/dev-warnings-DpGRGoDi.js.map +1 -0
package/dist/_chunks/format-CYBGxKtc.js +14 -0
package/dist/_chunks/format-CYBGxKtc.js.map +1 -0
package/dist/_chunks/{interception-BOoWmLUA.js → interception-DRlhJWbu.js} +219 -97
package/dist/_chunks/interception-DRlhJWbu.js.map +1 -0
package/dist/_chunks/merge-search-params-Cm_KIWDX.js +41 -0
package/dist/_chunks/merge-search-params-Cm_KIWDX.js.map +1 -0
package/dist/_chunks/{metadata-routes-Cjmvi3rQ.js → metadata-routes-DS3eKNmf.js} +1 -1
package/dist/_chunks/{metadata-routes-Cjmvi3rQ.js.map → metadata-routes-DS3eKNmf.js.map} +1 -1
package/dist/_chunks/request-context-CK5tZqIP.js +478 -0
package/dist/_chunks/request-context-CK5tZqIP.js.map +1 -0
package/dist/_chunks/schema-bridge-C3xl_vfb.js +86 -0
package/dist/_chunks/schema-bridge-C3xl_vfb.js.map +1 -0
package/dist/_chunks/segment-classify-BDNn6EzD.js +65 -0
package/dist/_chunks/segment-classify-BDNn6EzD.js.map +1 -0
package/dist/_chunks/segment-context-fHFLF1PE.js +34 -0
package/dist/_chunks/segment-context-fHFLF1PE.js.map +1 -0
package/dist/_chunks/{ssr-data-MjmprTmO.js → ssr-data-DzuI0bIV.js} +1 -1
package/dist/_chunks/{ssr-data-MjmprTmO.js.map → ssr-data-DzuI0bIV.js.map} +1 -1
package/dist/_chunks/stale-reload-BX5gL1r-.js +64 -0
package/dist/_chunks/stale-reload-BX5gL1r-.js.map +1 -0
package/dist/_chunks/{tracing-CemImE6h.js → tracing-CCYbKn5n.js} +60 -9
package/dist/_chunks/tracing-CCYbKn5n.js.map +1 -0
package/dist/_chunks/use-params-Br9YSUFV.js +295 -0
package/dist/_chunks/use-params-Br9YSUFV.js.map +1 -0
package/dist/_chunks/{use-query-states-D5KaffOK.js → use-query-states-BiV5GJgm.js} +7 -4
package/dist/_chunks/use-query-states-BiV5GJgm.js.map +1 -0
package/dist/adapters/cloudflare-dev.d.ts +109 -0
package/dist/adapters/cloudflare-dev.d.ts.map +1 -0
package/dist/adapters/cloudflare-dev.js +73 -0
package/dist/adapters/cloudflare-dev.js.map +1 -0
package/dist/adapters/cloudflare-kv-cache.d.ts +64 -0
package/dist/adapters/cloudflare-kv-cache.d.ts.map +1 -0
package/dist/adapters/cloudflare-kv-cache.js +95 -0
package/dist/adapters/cloudflare-kv-cache.js.map +1 -0
package/dist/adapters/cloudflare.d.ts +148 -12
package/dist/adapters/cloudflare.d.ts.map +1 -1
package/dist/adapters/cloudflare.js +135 -11
package/dist/adapters/cloudflare.js.map +1 -1
package/dist/adapters/compress-module.d.ts.map +1 -1
package/dist/adapters/nitro.d.ts +17 -1
package/dist/adapters/nitro.d.ts.map +1 -1
package/dist/adapters/nitro.js +56 -13
package/dist/adapters/nitro.js.map +1 -1
package/dist/cache/cache-api.d.ts +24 -0
package/dist/cache/cache-api.d.ts.map +1 -0
package/dist/cache/handler-store.d.ts +31 -0
package/dist/cache/handler-store.d.ts.map +1 -0
package/dist/cache/index.d.ts +23 -7
package/dist/cache/index.d.ts.map +1 -1
package/dist/cache/index.js +142 -80
package/dist/cache/index.js.map +1 -1
package/dist/cache/singleflight.d.ts +18 -1
package/dist/cache/singleflight.d.ts.map +1 -1
package/dist/cache/sizeof.d.ts +22 -0
package/dist/cache/sizeof.d.ts.map +1 -0
package/dist/cache/timber-cache.d.ts +1 -1
package/dist/cache/timber-cache.d.ts.map +1 -1
package/dist/cli.d.ts +6 -1
package/dist/cli.d.ts.map +1 -1
package/dist/cli.js +8 -3
package/dist/cli.js.map +1 -1
package/dist/client/browser-dev.d.ts +27 -1
package/dist/client/browser-dev.d.ts.map +1 -1
package/dist/client/browser-entry/action-dispatch.d.ts +17 -0
package/dist/client/browser-entry/action-dispatch.d.ts.map +1 -0
package/dist/client/browser-entry/hmr.d.ts +21 -0
package/dist/client/browser-entry/hmr.d.ts.map +1 -0
package/dist/client/browser-entry/hydrate.d.ts +46 -0
package/dist/client/browser-entry/hydrate.d.ts.map +1 -0
package/dist/client/browser-entry/index.d.ts +30 -0
package/dist/client/browser-entry/index.d.ts.map +1 -0
package/dist/client/browser-entry/post-hydration.d.ts +26 -0
package/dist/client/browser-entry/post-hydration.d.ts.map +1 -0
package/dist/client/browser-entry/router-init.d.ts +23 -0
package/dist/client/browser-entry/router-init.d.ts.map +1 -0
package/dist/client/browser-entry/rsc-stream.d.ts +24 -0
package/dist/client/browser-entry/rsc-stream.d.ts.map +1 -0
package/dist/client/browser-entry/scroll.d.ts +19 -0
package/dist/client/browser-entry/scroll.d.ts.map +1 -0
package/dist/client/error-boundary.d.ts +12 -5
package/dist/client/error-boundary.d.ts.map +1 -1
package/dist/client/error-boundary.js +10 -4
package/dist/client/error-boundary.js.map +1 -1
package/dist/client/error-reconstituter.d.ts +54 -0
package/dist/client/error-reconstituter.d.ts.map +1 -0
package/dist/client/form.d.ts +6 -3
package/dist/client/form.d.ts.map +1 -1
package/dist/client/history.d.ts +19 -4
package/dist/client/history.d.ts.map +1 -1
package/dist/client/index.d.ts +9 -21
package/dist/client/index.d.ts.map +1 -1
package/dist/client/index.js +229 -1018
package/dist/client/index.js.map +1 -1
package/dist/client/internal.d.ts +18 -0
package/dist/client/internal.d.ts.map +1 -0
package/dist/client/internal.js +890 -0
package/dist/client/internal.js.map +1 -0
package/dist/client/link-pending-store.d.ts +63 -0
package/dist/client/link-pending-store.d.ts.map +1 -0
package/dist/client/link.d.ts +62 -55
package/dist/client/link.d.ts.map +1 -1
package/dist/client/nav-link-store.d.ts +36 -0
package/dist/client/nav-link-store.d.ts.map +1 -0
package/dist/client/navigation-api-types.d.ts +90 -0
package/dist/client/navigation-api-types.d.ts.map +1 -0
package/dist/client/navigation-api.d.ts +115 -0
package/dist/client/navigation-api.d.ts.map +1 -0
package/dist/client/navigation-context.d.ts +13 -2
package/dist/client/navigation-context.d.ts.map +1 -1
package/dist/client/{transition-root.d.ts → navigation-root.d.ts} +42 -8
package/dist/client/navigation-root.d.ts.map +1 -0
package/dist/client/nuqs-adapter.d.ts.map +1 -1
package/dist/client/router-ref.d.ts +1 -1
package/dist/client/router.d.ts +70 -4
package/dist/client/router.d.ts.map +1 -1
package/dist/client/rsc-fetch.d.ts +38 -3
package/dist/client/rsc-fetch.d.ts.map +1 -1
package/dist/client/segment-cache.d.ts +1 -1
package/dist/client/segment-cache.d.ts.map +1 -1
package/dist/client/segment-outlet.d.ts +63 -0
package/dist/client/segment-outlet.d.ts.map +1 -0
package/dist/client/ssr-data.d.ts +13 -4
package/dist/client/ssr-data.d.ts.map +1 -1
package/dist/client/stale-reload.d.ts +15 -0
package/dist/client/stale-reload.d.ts.map +1 -1
package/dist/client/top-loader.d.ts +5 -5
package/dist/client/top-loader.d.ts.map +1 -1
package/dist/client/use-link-status.d.ts +5 -5
package/dist/client/use-link-status.d.ts.map +1 -1
package/dist/client/use-params.d.ts +6 -4
package/dist/client/use-params.d.ts.map +1 -1
package/dist/client/{use-navigation-pending.d.ts → use-pending-navigation.d.ts} +4 -4
package/dist/client/use-pending-navigation.d.ts.map +1 -0
package/dist/client/use-query-states.d.ts +1 -1
package/dist/client/use-query-states.d.ts.map +1 -1
package/dist/client/use-router.d.ts +1 -1
package/dist/codec.d.ts +33 -0
package/dist/codec.d.ts.map +1 -0
package/dist/codec.js +2 -0
package/dist/config-types.d.ts +266 -0
package/dist/config-types.d.ts.map +1 -0
package/dist/config-validation.d.ts +51 -0
package/dist/config-validation.d.ts.map +1 -0
package/dist/content/index.d.ts +1 -10
package/dist/content/index.d.ts.map +1 -1
package/dist/content/index.js +0 -2
package/dist/cookies/define-cookie.d.ts +35 -14
package/dist/cookies/define-cookie.d.ts.map +1 -1
package/dist/cookies/index.js +1 -83
package/dist/fonts/bundle.d.ts +48 -0
package/dist/fonts/bundle.d.ts.map +1 -0
package/dist/fonts/css.d.ts +1 -0
package/dist/fonts/css.d.ts.map +1 -1
package/dist/fonts/dev-middleware.d.ts +22 -0
package/dist/fonts/dev-middleware.d.ts.map +1 -0
package/dist/fonts/pipeline.d.ts +138 -0
package/dist/fonts/pipeline.d.ts.map +1 -0
package/dist/fonts/transform.d.ts +72 -0
package/dist/fonts/transform.d.ts.map +1 -0
package/dist/fonts/types.d.ts +45 -1
package/dist/fonts/types.d.ts.map +1 -1
package/dist/fonts/virtual-modules.d.ts +59 -0
package/dist/fonts/virtual-modules.d.ts.map +1 -0
package/dist/index.d.ts +45 -190
package/dist/index.d.ts.map +1 -1
package/dist/index.js +4294 -2453
package/dist/index.js.map +1 -1
package/dist/plugin-context.d.ts +107 -0
package/dist/plugin-context.d.ts.map +1 -0
package/dist/plugins/adapter-build.d.ts +1 -1
package/dist/plugins/adapter-build.d.ts.map +1 -1
package/dist/plugins/build-manifest.d.ts +2 -2
package/dist/plugins/build-manifest.d.ts.map +1 -1
package/dist/plugins/build-report.d.ts +3 -3
package/dist/plugins/build-report.d.ts.map +1 -1
package/dist/plugins/client-chunks.d.ts +32 -0
package/dist/plugins/client-chunks.d.ts.map +1 -0
package/dist/plugins/content.d.ts +1 -1
package/dist/plugins/content.d.ts.map +1 -1
package/dist/plugins/dev-404-page.d.ts +56 -0
package/dist/plugins/dev-404-page.d.ts.map +1 -0
package/dist/plugins/dev-browser-logs.d.ts +84 -0
package/dist/plugins/dev-browser-logs.d.ts.map +1 -0
package/dist/plugins/dev-error-overlay.d.ts +49 -9
package/dist/plugins/dev-error-overlay.d.ts.map +1 -1
package/dist/plugins/dev-error-page.d.ts +58 -0
package/dist/plugins/dev-error-page.d.ts.map +1 -0
package/dist/plugins/dev-logs.d.ts +1 -1
package/dist/plugins/dev-logs.d.ts.map +1 -1
package/dist/plugins/dev-server.d.ts +1 -1
package/dist/plugins/dev-server.d.ts.map +1 -1
package/dist/plugins/dev-terminal-error.d.ts +28 -0
package/dist/plugins/dev-terminal-error.d.ts.map +1 -0
package/dist/plugins/entries.d.ts +1 -1
package/dist/plugins/entries.d.ts.map +1 -1
package/dist/plugins/fonts.d.ts +17 -73
package/dist/plugins/fonts.d.ts.map +1 -1
package/dist/plugins/mdx.d.ts +1 -1
package/dist/plugins/mdx.d.ts.map +1 -1
package/dist/plugins/routing.d.ts +1 -1
package/dist/plugins/routing.d.ts.map +1 -1
package/dist/plugins/server-bundle.d.ts.map +1 -1
package/dist/plugins/shims.d.ts +6 -5
package/dist/plugins/shims.d.ts.map +1 -1
package/dist/plugins/static-build.d.ts +4 -4
package/dist/plugins/static-build.d.ts.map +1 -1
package/dist/routing/codegen.d.ts +2 -2
package/dist/routing/codegen.d.ts.map +1 -1
package/dist/routing/convention-lint.d.ts +41 -0
package/dist/routing/convention-lint.d.ts.map +1 -0
package/dist/routing/index.d.ts +2 -0
package/dist/routing/index.d.ts.map +1 -1
package/dist/routing/index.js +3 -2
package/dist/routing/scanner.d.ts.map +1 -1
package/dist/routing/segment-classify.d.ts +46 -0
package/dist/routing/segment-classify.d.ts.map +1 -0
package/dist/routing/status-file-lint.d.ts +2 -1
package/dist/routing/status-file-lint.d.ts.map +1 -1
package/dist/routing/types.d.ts +16 -4
package/dist/routing/types.d.ts.map +1 -1
package/dist/rsc-runtime/rsc.d.ts +1 -1
package/dist/rsc-runtime/rsc.d.ts.map +1 -1
package/dist/rsc-runtime/ssr.d.ts +12 -0
package/dist/rsc-runtime/ssr.d.ts.map +1 -1
package/dist/schema-bridge.d.ts +76 -0
package/dist/schema-bridge.d.ts.map +1 -0
package/dist/search-params/define.d.ts +139 -0
package/dist/search-params/define.d.ts.map +1 -0
package/dist/search-params/index.d.ts +4 -7
package/dist/search-params/index.d.ts.map +1 -1
package/dist/search-params/index.js +32 -441
package/dist/search-params/index.js.map +1 -1
package/dist/search-params/registry.d.ts +2 -2
package/dist/search-params/registry.d.ts.map +1 -1
package/dist/search-params/wrappers.d.ts +53 -0
package/dist/search-params/wrappers.d.ts.map +1 -0
package/dist/segment-params/define.d.ts +78 -0
package/dist/segment-params/define.d.ts.map +1 -0
package/dist/segment-params/index.d.ts +3 -0
package/dist/segment-params/index.d.ts.map +1 -0
package/dist/segment-params/index.js +2 -0
package/dist/server/access-gate.d.ts +4 -0
package/dist/server/access-gate.d.ts.map +1 -1
package/dist/server/action-client.d.ts +41 -6
package/dist/server/action-client.d.ts.map +1 -1
package/dist/server/action-encryption.d.ts +76 -0
package/dist/server/action-encryption.d.ts.map +1 -0
package/dist/server/action-handler.d.ts +7 -0
package/dist/server/action-handler.d.ts.map +1 -1
package/dist/server/actions.d.ts +3 -6
package/dist/server/actions.d.ts.map +1 -1
package/dist/server/als-registry.d.ts +32 -4
package/dist/server/als-registry.d.ts.map +1 -1
package/dist/server/build-manifest.d.ts +2 -2
package/dist/server/build-manifest.d.ts.map +1 -1
package/dist/server/debug.d.ts +1 -1
package/dist/server/default-logger.d.ts +22 -0
package/dist/server/default-logger.d.ts.map +1 -0
package/dist/server/deny-page-resolver.d.ts +52 -0
package/dist/server/deny-page-resolver.d.ts.map +1 -0
package/dist/server/deny-renderer.d.ts.map +1 -1
package/dist/server/dev-holding-server.d.ts +52 -0
package/dist/server/dev-holding-server.d.ts.map +1 -0
package/dist/server/dev-source-map.d.ts +22 -0
package/dist/server/dev-source-map.d.ts.map +1 -0
package/dist/server/dev-warnings.d.ts +1 -21
package/dist/server/dev-warnings.d.ts.map +1 -1
package/dist/server/early-hints.d.ts +13 -5
package/dist/server/early-hints.d.ts.map +1 -1
package/dist/server/error-boundary-wrapper.d.ts +7 -1
package/dist/server/error-boundary-wrapper.d.ts.map +1 -1
package/dist/server/fallback-error.d.ts +12 -7
package/dist/server/fallback-error.d.ts.map +1 -1
package/dist/server/flight-injection-state.d.ts +66 -0
package/dist/server/flight-injection-state.d.ts.map +1 -0
package/dist/server/flight-scripts.d.ts +42 -0
package/dist/server/flight-scripts.d.ts.map +1 -0
package/dist/server/flush.d.ts.map +1 -1
package/dist/server/form-data.d.ts +29 -0
package/dist/server/form-data.d.ts.map +1 -1
package/dist/server/html-injectors.d.ts +51 -11
package/dist/server/html-injectors.d.ts.map +1 -1
package/dist/server/index.d.ts +5 -43
package/dist/server/index.d.ts.map +1 -1
package/dist/server/index.js +195 -2800
package/dist/server/index.js.map +1 -1
package/dist/server/internal.d.ts +46 -0
package/dist/server/internal.d.ts.map +1 -0
package/dist/server/internal.js +2900 -0
package/dist/server/internal.js.map +1 -0
package/dist/server/logger.d.ts +25 -7
package/dist/server/logger.d.ts.map +1 -1
package/dist/server/middleware-runner.d.ts +19 -4
package/dist/server/middleware-runner.d.ts.map +1 -1
package/dist/server/node-stream-transforms.d.ts +113 -0
package/dist/server/node-stream-transforms.d.ts.map +1 -0
package/dist/server/page-deny-boundary.d.ts +31 -0
package/dist/server/page-deny-boundary.d.ts.map +1 -0
package/dist/server/pipeline-interception.d.ts +1 -1
package/dist/server/pipeline-interception.d.ts.map +1 -1
package/dist/server/pipeline-metadata.d.ts +6 -0
package/dist/server/pipeline-metadata.d.ts.map +1 -1
package/dist/server/pipeline.d.ts +52 -10
package/dist/server/pipeline.d.ts.map +1 -1
package/dist/server/primitives.d.ts +69 -18
package/dist/server/primitives.d.ts.map +1 -1
package/dist/server/render-timeout.d.ts +51 -0
package/dist/server/render-timeout.d.ts.map +1 -0
package/dist/server/request-context.d.ts +112 -43
package/dist/server/request-context.d.ts.map +1 -1
package/dist/server/route-element-builder.d.ts +27 -1
package/dist/server/route-element-builder.d.ts.map +1 -1
package/dist/server/route-handler.d.ts.map +1 -1
package/dist/server/route-matcher.d.ts +16 -2
package/dist/server/route-matcher.d.ts.map +1 -1
package/dist/server/rsc-entry/api-handler.d.ts +2 -2
package/dist/server/rsc-entry/api-handler.d.ts.map +1 -1
package/dist/server/rsc-entry/error-renderer.d.ts +26 -13
package/dist/server/rsc-entry/error-renderer.d.ts.map +1 -1
package/dist/server/rsc-entry/helpers.d.ts +48 -5
package/dist/server/rsc-entry/helpers.d.ts.map +1 -1
package/dist/server/rsc-entry/index.d.ts +20 -3
package/dist/server/rsc-entry/index.d.ts.map +1 -1
package/dist/server/rsc-entry/rsc-payload.d.ts +3 -3
package/dist/server/rsc-entry/rsc-payload.d.ts.map +1 -1
package/dist/server/rsc-entry/rsc-stream.d.ts +14 -1
package/dist/server/rsc-entry/rsc-stream.d.ts.map +1 -1
package/dist/server/rsc-entry/ssr-bridge.d.ts +1 -1
package/dist/server/rsc-entry/ssr-bridge.d.ts.map +1 -1
package/dist/server/rsc-entry/ssr-renderer.d.ts +19 -4
package/dist/server/rsc-entry/ssr-renderer.d.ts.map +1 -1
package/dist/server/safe-load.d.ts +46 -0
package/dist/server/safe-load.d.ts.map +1 -0
package/dist/server/sensitive-fields.d.ts +74 -0
package/dist/server/sensitive-fields.d.ts.map +1 -0
package/dist/server/sitemap-generator.d.ts +129 -0
package/dist/server/sitemap-generator.d.ts.map +1 -0
package/dist/server/sitemap-handler.d.ts +22 -0
package/dist/server/sitemap-handler.d.ts.map +1 -0
package/dist/server/slot-resolver.d.ts +1 -1
package/dist/server/slot-resolver.d.ts.map +1 -1
package/dist/server/ssr-entry.d.ts +23 -0
package/dist/server/ssr-entry.d.ts.map +1 -1
package/dist/server/ssr-render.d.ts +39 -21
package/dist/server/ssr-render.d.ts.map +1 -1
package/dist/server/ssr-wrappers.d.ts +50 -0
package/dist/server/ssr-wrappers.d.ts.map +1 -0
package/dist/server/status-code-resolver.d.ts +1 -1
package/dist/server/status-code-resolver.d.ts.map +1 -1
package/dist/server/stream-utils.d.ts +36 -0
package/dist/server/stream-utils.d.ts.map +1 -0
package/dist/server/tracing.d.ts +4 -4
package/dist/server/tracing.d.ts.map +1 -1
package/dist/server/tree-builder.d.ts +22 -19
package/dist/server/tree-builder.d.ts.map +1 -1
package/dist/server/types.d.ts +1 -4
package/dist/server/types.d.ts.map +1 -1
package/dist/server/version-skew.d.ts +61 -0
package/dist/server/version-skew.d.ts.map +1 -0
package/dist/shared/merge-search-params.d.ts +22 -0
package/dist/shared/merge-search-params.d.ts.map +1 -0
package/dist/shims/font-google.d.ts +1 -1
package/dist/shims/font-google.d.ts.map +1 -1
package/dist/shims/font-google.js +42 -0
package/dist/shims/font-google.js.map +1 -0
package/dist/shims/font-local.d.ts +26 -0
package/dist/shims/font-local.d.ts.map +1 -0
package/dist/shims/font-local.js +20 -0
package/dist/shims/font-local.js.map +1 -0
package/dist/shims/headers.d.ts +2 -1
package/dist/shims/headers.d.ts.map +1 -1
package/dist/shims/navigation-client.d.ts +1 -1
package/dist/shims/navigation-client.d.ts.map +1 -1
package/dist/shims/navigation.d.ts +3 -2
package/dist/shims/navigation.d.ts.map +1 -1
package/dist/utils/directive-parser.d.ts +5 -2
package/dist/utils/directive-parser.d.ts.map +1 -1
package/dist/utils/state-machine.d.ts +80 -0
package/dist/utils/state-machine.d.ts.map +1 -0
package/package.json +51 -16
package/src/adapters/cloudflare-dev.ts +177 -0
package/src/adapters/cloudflare-kv-cache.ts +142 -0
package/src/adapters/cloudflare.ts +342 -28
package/src/adapters/compress-module.ts +24 -4
package/src/adapters/nitro.ts +52 -8
package/src/adapters/wrangler.d.ts +7 -0
package/src/cache/cache-api.ts +38 -0
package/src/cache/handler-store.ts +68 -0
package/src/cache/index.ts +81 -18
package/src/cache/singleflight.ts +62 -4
package/src/cache/sizeof.ts +31 -0
package/src/cache/timber-cache.ts +24 -20
package/src/cli.ts +16 -6
package/src/client/browser-dev.ts +128 -1
package/src/client/browser-entry/action-dispatch.ts +116 -0
package/src/client/browser-entry/hmr.ts +81 -0
package/src/client/browser-entry/hydrate.ts +145 -0
package/src/client/browser-entry/index.ts +143 -0
package/src/client/browser-entry/post-hydration.ts +119 -0
package/src/client/browser-entry/router-init.ts +193 -0
package/src/client/browser-entry/rsc-stream.ts +157 -0
package/src/client/browser-entry/scroll.ts +27 -0
package/src/client/error-boundary.tsx +48 -16
package/src/client/error-reconstituter.tsx +65 -0
package/src/client/form.tsx +14 -7
package/src/client/history.ts +26 -4
package/src/client/index.ts +65 -38
package/src/client/internal.ts +57 -0
package/src/client/link-pending-store.ts +111 -0
package/src/client/link.tsx +342 -113
package/src/client/nav-link-store.ts +47 -0
package/src/client/navigation-api-types.ts +112 -0
package/src/client/navigation-api.ts +332 -0
package/src/client/navigation-context.ts +31 -6
package/src/client/navigation-root.tsx +342 -0
package/src/client/nuqs-adapter.tsx +16 -3
package/src/client/router-ref.ts +1 -1
package/src/client/router.ts +299 -72
package/src/client/rsc-fetch.ts +97 -8
package/src/client/segment-cache.ts +1 -1
package/src/client/segment-outlet.tsx +86 -0
package/src/client/ssr-data.ts +13 -5
package/src/client/stale-reload.ts +72 -3
package/src/client/top-loader.tsx +18 -6
package/src/client/use-link-status.ts +7 -7
package/src/client/use-params.ts +7 -5
package/src/client/{use-navigation-pending.ts → use-pending-navigation.ts} +6 -6
package/src/client/use-query-states.ts +9 -3
package/src/client/use-router.ts +1 -1
package/src/codec.ts +49 -0
package/src/config-types.ts +264 -0
package/src/config-validation.ts +303 -0
package/src/content/index.ts +5 -13
package/src/cookies/define-cookie.ts +78 -25
package/src/cookies/index.ts +8 -0
package/src/fonts/bundle.ts +142 -0
package/src/fonts/css.ts +2 -1
package/src/fonts/dev-middleware.ts +74 -0
package/src/fonts/pipeline.ts +275 -0
package/src/fonts/transform.ts +353 -0
package/src/fonts/types.ts +50 -1
package/src/fonts/virtual-modules.ts +159 -0
package/src/index.ts +314 -355
package/src/plugin-context.ts +240 -0
package/src/plugins/adapter-build.ts +9 -3
package/src/plugins/build-manifest.ts +13 -2
package/src/plugins/build-report.ts +3 -3
package/src/plugins/client-chunks.ts +65 -0
package/src/plugins/content.ts +1 -1
package/src/plugins/dev-404-page.ts +418 -0
package/src/plugins/dev-browser-logs.ts +288 -0
package/src/plugins/dev-error-overlay.ts +286 -42
package/src/plugins/dev-error-page.ts +536 -0
package/src/plugins/dev-logs.ts +1 -1
package/src/plugins/dev-server.ts +146 -19
package/src/plugins/dev-terminal-error.ts +217 -0
package/src/plugins/entries.ts +111 -10
package/src/plugins/fonts.ts +133 -638
package/src/plugins/mdx.ts +1 -1
package/src/plugins/routing.ts +213 -31
package/src/plugins/server-action-exports.ts +1 -1
package/src/plugins/server-bundle.ts +32 -1
package/src/plugins/shims.ts +136 -35
package/src/plugins/static-build.ts +17 -11
package/src/routing/codegen.ts +273 -105
package/src/routing/convention-lint.ts +356 -0
package/src/routing/index.ts +2 -0
package/src/routing/scanner.ts +93 -23
package/src/routing/segment-classify.ts +89 -0
package/src/routing/status-file-lint.ts +3 -2
package/src/routing/types.ts +17 -4
package/src/rsc-runtime/rsc.ts +2 -0
package/src/rsc-runtime/ssr.ts +50 -0
package/src/rsc-runtime/vendor-types.d.ts +7 -0
package/src/{search-params/codecs.ts → schema-bridge.ts} +57 -20
package/src/search-params/define.ts +482 -0
package/src/search-params/index.ts +14 -20
package/src/search-params/registry.ts +2 -2
package/src/search-params/wrappers.ts +85 -0
package/src/segment-params/define.ts +279 -0
package/src/segment-params/index.ts +9 -0
package/src/server/access-gate.tsx +70 -29
package/src/server/action-client.ts +88 -15
package/src/server/action-encryption.ts +144 -0
package/src/server/action-handler.ts +53 -6
package/src/server/actions.ts +10 -9
package/src/server/als-registry.ts +34 -6
package/src/server/build-manifest.ts +10 -4
package/src/server/compress.ts +25 -7
package/src/server/debug.ts +1 -1
package/src/server/default-logger.ts +99 -0
package/src/server/deny-page-resolver.ts +154 -0
package/src/server/deny-renderer.ts +24 -38
package/src/server/dev-holding-server.ts +185 -0
package/src/server/dev-source-map.ts +31 -0
package/src/server/dev-warnings.ts +4 -49
package/src/server/early-hints.ts +36 -15
package/src/server/error-boundary-wrapper.ts +74 -22
package/src/server/fallback-error.ts +74 -102
package/src/server/flight-injection-state.ts +113 -0
package/src/server/flight-scripts.ts +62 -0
package/src/server/flush.ts +2 -1
package/src/server/form-data.ts +76 -0
package/src/server/html-injectors.ts +280 -120
package/src/server/index.ts +25 -177
package/src/server/internal.ts +169 -0
package/src/server/logger.ts +44 -36
package/src/server/middleware-runner.ts +31 -4
package/src/server/node-stream-transforms.ts +509 -0
package/src/server/page-deny-boundary.tsx +56 -0
package/src/server/pipeline-interception.ts +17 -16
package/src/server/pipeline-metadata.ts +13 -0
package/src/server/pipeline.ts +261 -66
package/src/server/primitives.ts +111 -28
package/src/server/render-timeout.ts +108 -0
package/src/server/request-context.ts +293 -132
package/src/server/route-element-builder.ts +283 -191
package/src/server/route-handler.ts +24 -4
package/src/server/route-matcher.ts +31 -20
package/src/server/rsc-entry/api-handler.ts +15 -16
package/src/server/rsc-entry/error-renderer.ts +305 -89
package/src/server/rsc-entry/helpers.ts +134 -5
package/src/server/rsc-entry/index.ts +304 -111
package/src/server/rsc-entry/rsc-payload.ts +65 -18
package/src/server/rsc-entry/rsc-stream.ts +81 -13
package/src/server/rsc-entry/ssr-bridge.ts +14 -5
package/src/server/rsc-entry/ssr-renderer.ts +171 -38
package/src/server/safe-load.ts +60 -0
package/src/server/sensitive-fields.ts +230 -0
package/src/server/sitemap-generator.ts +338 -0
package/src/server/sitemap-handler.ts +126 -0
package/src/server/slot-resolver.ts +244 -229
package/src/server/ssr-entry.ts +215 -32
package/src/server/ssr-render.ts +289 -67
package/src/server/ssr-wrappers.tsx +139 -0
package/src/server/status-code-resolver.ts +1 -1
package/src/server/stream-utils.ts +213 -0
package/src/server/tracing.ts +20 -9
package/src/server/tree-builder.ts +92 -58
package/src/server/types.ts +3 -6
package/src/server/version-skew.ts +104 -0
package/src/shared/merge-search-params.ts +55 -0
package/src/shims/font-google.ts +1 -1
package/src/shims/font-local.ts +34 -0
package/src/shims/headers.ts +5 -1
package/src/shims/navigation-client.ts +1 -1
package/src/shims/navigation.ts +7 -2
package/src/utils/directive-parser.ts +5 -2
package/src/utils/state-machine.ts +111 -0
package/dist/_chunks/als-registry-B7DbZ2hS.js.map +0 -1
package/dist/_chunks/debug-gwlJkDuf.js.map +0 -1
package/dist/_chunks/format-DviM89f0.js.map +0 -1
package/dist/_chunks/interception-BOoWmLUA.js.map +0 -1
package/dist/_chunks/request-context-DIkVh_jG.js +0 -330
package/dist/_chunks/request-context-DIkVh_jG.js.map +0 -1
package/dist/_chunks/tracing-CemImE6h.js.map +0 -1
package/dist/_chunks/use-cookie-DX-l1_5E.js +0 -91
package/dist/_chunks/use-cookie-DX-l1_5E.js.map +0 -1
package/dist/_chunks/use-query-states-D5KaffOK.js.map +0 -1
package/dist/cache/register-cached-function.d.ts +0 -17
package/dist/cache/register-cached-function.d.ts.map +0 -1
package/dist/client/browser-entry.d.ts +0 -21
package/dist/client/browser-entry.d.ts.map +0 -1
package/dist/client/link-status-provider.d.ts +0 -11
package/dist/client/link-status-provider.d.ts.map +0 -1
package/dist/client/transition-root.d.ts.map +0 -1
package/dist/client/use-navigation-pending.d.ts.map +0 -1
package/dist/cookies/index.js.map +0 -1
package/dist/plugins/cache-transform.d.ts +0 -36
package/dist/plugins/cache-transform.d.ts.map +0 -1
package/dist/plugins/dynamic-transform.d.ts +0 -72
package/dist/plugins/dynamic-transform.d.ts.map +0 -1
package/dist/search-params/analyze.d.ts +0 -54
package/dist/search-params/analyze.d.ts.map +0 -1
package/dist/search-params/builtin-codecs.d.ts +0 -105
package/dist/search-params/builtin-codecs.d.ts.map +0 -1
package/dist/search-params/codecs.d.ts +0 -53
package/dist/search-params/codecs.d.ts.map +0 -1
package/dist/search-params/create.d.ts +0 -106
package/dist/search-params/create.d.ts.map +0 -1
package/dist/server/prerender.d.ts +0 -77
package/dist/server/prerender.d.ts.map +0 -1
package/dist/server/response-cache.d.ts +0 -54
package/dist/server/response-cache.d.ts.map +0 -1
package/src/cache/register-cached-function.ts +0 -103
package/src/client/browser-entry.ts +0 -678
package/src/client/link-status-provider.tsx +0 -30
package/src/client/transition-root.tsx +0 -166
package/src/plugins/cache-transform.ts +0 -199
package/src/plugins/dynamic-transform.ts +0 -161
package/src/search-params/analyze.ts +0 -192
package/src/search-params/builtin-codecs.ts +0 -228
package/src/search-params/create.ts +0 -321
package/src/server/prerender.ts +0 -139
package/src/server/response-cache.ts +0 -410

package/src/server/safe-load.ts ADDED Viewed

@@ -0,0 +1,60 @@
+/**
+ * loadModule — enriched error context for route manifest .load() failures.
+ *
+ * Wraps the lazy `load()` functions from the route manifest with a
+ * try/catch that re-throws with the file path and original cause.
+ *
+ * Callers that need fallthrough behavior (error renderers) can use
+ * `.catch(() => null)` or try/catch — the decision stays at the call site.
+ *
+ * See design/spike-TIM-551-dynamic-import-audit.md §"Proposed Wrapping Strategy"
+ */
+/** A manifest file reference with a lazy import function and file path. */
+export interface ManifestLoader {
+  load: () => Promise<unknown>;
+  filePath: string;
+}
+/**
+ * Custom error class for module load failures.
+ *
+ * Preserves the original error as `cause` while providing a
+ * human-readable message with the file path.
+ */
+export class ModuleLoadError extends Error {
+  /** The file path that failed to load. */
+  readonly filePath: string;
+  constructor(filePath: string, cause: unknown) {
+    const originalMessage = cause instanceof Error ? cause.message : String(cause);
+    super(`[timber] Failed to load module ${filePath}\n  ${originalMessage}`, { cause });
+    this.name = 'ModuleLoadError';
+    this.filePath = filePath;
+  }
+}
+/**
+ * Load a route manifest module with enriched error context.
+ *
+ * On success: returns the module object (same as `loader.load()`).
+ * On failure: throws `ModuleLoadError` with file path and original cause.
+ *
+ * For error rendering paths that need fallthrough instead of throwing,
+ * callers should catch at the call site:
+ *
+ * ```ts
+ * // Throwing (default) — route-element-builder, api-handler, etc.
+ * const mod = await loadModule(segment.page);
+ *
+ * // Fallthrough — error-renderer, error-boundary-wrapper
+ * const mod = await loadModule(segment.error).catch(() => null);
+ * ```
+ */
+export async function loadModule<T = Record<string, unknown>>(loader: ManifestLoader): Promise<T> {
+  try {
+    return (await loader.load()) as T;
+  } catch (error) {
+    throw new ModuleLoadError(loader.filePath, error);
+  }
+}

package/src/server/sensitive-fields.ts ADDED Viewed

@@ -0,0 +1,230 @@
+/**
+ * Sensitive field stripping — removes password/token/CVV-style fields
+ * from form values before they are echoed back to the client as
+ * `submittedValues` for form repopulation.
+ *
+ * Applied to both action paths:
+ *  - With-JS action path: `createActionClient()` in `action-client.ts`
+ *  - No-JS form POST path: `handleFormAction()` in `action-handler.ts`
+ *
+ * Why: on a validation failure, timber echoes submitted form values back so
+ * the user doesn't have to re-type everything. Without filtering, plaintext
+ * passwords / credit-card numbers / TOTP codes would travel through the RSC
+ * stream (with-JS) or land in the HTML as `defaultValue` attributes (no-JS)
+ * — ending up in browser history, proxy logs, disk caches, and the
+ * back-forward cache.
+ *
+ * Safe by default: the built-in deny-list is applied unconditionally unless
+ * the user explicitly opts out via `forms.stripSensitiveFields: false` in
+ * `timber.config.ts` or per-action via `createActionClient({ stripSensitiveFields: false })`.
+ *
+ * See design/08-forms-and-actions.md §"Validation errors"
+ * See design/13-security.md §"Sensitive field stripping"
+ * See TIM-816
+ */
+import { isDebug } from './debug.js';
+// ─── Public types ────────────────────────────────────────────────────────
+/**
+ * How to strip sensitive fields from `submittedValues`.
+ *
+ * - `true` / `undefined` — use the built-in deny-list (default, safe).
+ * - `false` — do not strip anything (dev convenience; never do this in prod).
+ * - `string[]` — additional field names to strip, merged with the built-in list.
+ * - `(name) => boolean` — custom predicate, fully replaces the built-in list.
+ *   Return `true` to strip, `false` to keep. The `name` argument is the raw
+ *   (un-normalized) field name as it appeared in the submitted form.
+ */
+export type SensitiveFieldsOption = boolean | readonly string[] | ((name: string) => boolean);
+// ─── Built-in deny-list ──────────────────────────────────────────────────
+/**
+ * Substring patterns matched against the normalized field name.
+ * Normalization = lowercase + strip `_` and `-`.
+ *
+ * Any field whose normalized name *contains* one of these strings is
+ * considered sensitive. Entries like `currentPassword`, `passwordConfirmation`,
+ * and `user.password` all match via the `password` substring.
+ */
+const BUILTIN_SUBSTRING_PATTERNS: readonly string[] = [
+  'password',
+  'passwd',
+  'pwd',
+  'secret',
+  'apikey',
+  'accesstoken',
+  'refreshtoken',
+  'cvv',
+  'cvc',
+  'cardnumber',
+  'cardcvc',
+  'ssn',
+  'socialsecuritynumber',
+  'otp',
+  'totp',
+  'mfacode',
+  'twofactorcode',
+  'privatekey',
+];
+/**
+ * Exact matches against the normalized field name. These are field names that
+ * are too short or too common to substring-match safely. e.g. `token` alone
+ * would match `csrfToken`, which is not sensitive — so `token` is exact-only,
+ * while legitimate token fields are covered by `accesstoken` / `refreshtoken`.
+ */
+const BUILTIN_EXACT_PATTERNS: readonly string[] = ['token'];
+/**
+ * Normalize a field name for deny-list comparison.
+ * Lowercases the string and strips `_` and `-` so camelCase, snake_case, and
+ * kebab-case variants all compare equal (`api_key` / `apiKey` / `api-key` →
+ * `apikey`).
+ */
+function normalize(name: string): string {
+  let out = '';
+  for (let i = 0; i < name.length; i++) {
+    const ch = name.charCodeAt(i);
+    if (ch === 0x5f /* _ */ || ch === 0x2d /* - */) continue;
+    // A-Z → a-z
+    if (ch >= 0x41 && ch <= 0x5a) {
+      out += String.fromCharCode(ch + 32);
+    } else {
+      out += name[i];
+    }
+  }
+  return out;
+}
+/**
+ * Check whether a name matches the built-in deny-list (with optional extras).
+ * Extras are merged into the substring pattern list after normalization.
+ */
+function isBuiltinSensitive(name: string, extras?: readonly string[]): boolean {
+  const normalized = normalize(name);
+  if (BUILTIN_EXACT_PATTERNS.includes(normalized)) return true;
+  for (const pattern of BUILTIN_SUBSTRING_PATTERNS) {
+    if (normalized.includes(pattern)) return true;
+  }
+  if (extras && extras.length > 0) {
+    for (const extra of extras) {
+      const normExtra = normalize(extra);
+      if (normExtra.length === 0) continue;
+      if (normalized.includes(normExtra)) return true;
+    }
+  }
+  return false;
+}
+// ─── Predicate resolution ────────────────────────────────────────────────
+/**
+ * A resolved predicate: `null` means "don't strip anything" (the option was
+ * explicitly `false`). Otherwise a function from raw field name → boolean.
+ */
+export type ResolvedSensitivePredicate = ((name: string) => boolean) | null;
+/**
+ * Resolve a `SensitiveFieldsOption` into a concrete predicate.
+ * Precedence: per-action > global > built-in default.
+ *
+ * - Per-action `undefined` → fall back to global.
+ * - Global `undefined` → use built-in list.
+ * - Either level set to `false` → disable stripping entirely (returns `null`).
+ * - `true` → built-in list.
+ * - `string[]` → built-in ∪ extras.
+ * - function → custom, replaces the built-in list entirely.
+ */
+export function resolveSensitivePredicate(
+  perAction: SensitiveFieldsOption | undefined,
+  global: SensitiveFieldsOption | undefined
+): ResolvedSensitivePredicate {
+  const chosen = perAction !== undefined ? perAction : global;
+  if (chosen === false) return null;
+  if (chosen === undefined || chosen === true) {
+    return (name) => isBuiltinSensitive(name);
+  }
+  if (typeof chosen === 'function') {
+    return chosen;
+  }
+  // Array of extra names merged with the built-in list.
+  const extras = chosen;
+  return (name) => isBuiltinSensitive(name, extras);
+}
+// ─── Module-level global config ──────────────────────────────────────────
+let globalConfig: SensitiveFieldsOption | undefined;
+/**
+ * Set the global `forms.stripSensitiveFields` config from `timber.config.ts`.
+ * Called once at startup from `rsc-entry`.
+ */
+export function setGlobalSensitiveFieldsConfig(option: SensitiveFieldsOption | undefined): void {
+  globalConfig = option;
+}
+/** Read the global `forms.stripSensitiveFields` config. */
+export function getGlobalSensitiveFieldsConfig(): SensitiveFieldsOption | undefined {
+  return globalConfig;
+}
+// ─── Stripping ───────────────────────────────────────────────────────────
+// One warning per field name per process — prevents log spam when a form is
+// submitted many times in dev mode.
+const warnedFields = new Set<string>();
+function warnStripped(name: string): void {
+  if (!isDebug()) return;
+  if (warnedFields.has(name)) return;
+  warnedFields.add(name);
+  console.warn(
+    `[timber] stripped sensitive field "${name}" from submittedValues. ` +
+      `Override via forms.stripSensitiveFields in timber.config.ts.`
+  );
+}
+/**
+ * Walk an object (recursively) and return a copy with every key matching
+ * `predicate` removed. Nested objects like `{ user: { password: '...' } }`
+ * are handled — `user.password` is stripped while other `user.*` fields remain.
+ *
+ * - Arrays are walked element-wise (object entries inside arrays are cleaned).
+ * - Non-plain values (strings, numbers, Files, Dates, etc.) are returned as-is.
+ * - When a stripped key is encountered, it is omitted from the result entirely
+ *   — we do NOT set it to an empty string, because that would overwrite a
+ *   valid `defaultValue` the form author might have set.
+ */
+export function stripSensitiveFields<T>(value: T, predicate: ResolvedSensitivePredicate): T {
+  // Null predicate = stripping disabled entirely.
+  if (predicate === null) return value;
+  if (value === null || value === undefined) return value;
+  if (typeof value !== 'object') return value;
+  if (value instanceof File || value instanceof Date) return value;
+  if (Array.isArray(value)) {
+    return value.map((item) => stripSensitiveFields(item, predicate)) as unknown as T;
+  }
+  const result: Record<string, unknown> = {};
+  for (const [key, nested] of Object.entries(value as Record<string, unknown>)) {
+    if (predicate(key)) {
+      warnStripped(key);
+      continue;
+    }
+    result[key] = stripSensitiveFields(nested, predicate);
+  }
+  return result as unknown as T;
+}
+// ─── Test helpers ────────────────────────────────────────────────────────
+/** Reset the "warned once" cache. Exposed for tests. */
+export function __resetSensitiveFieldsWarnings(): void {
+  warnedFields.clear();
+}

package/src/server/sitemap-generator.ts ADDED Viewed

@@ -0,0 +1,338 @@
+/**
+ * Auto-generate sitemap.xml from the route tree.
+ *
+ * When enabled via `sitemap: { enabled: true, baseUrl: '...' }` in timber.config.ts,
+ * this module walks the route tree and produces sitemap XML for all discoverable pages.
+ *
+ * Features:
+ * - Collects all static page routes automatically
+ * - Calls `generateStaticParams()` on dynamic routes to enumerate URLs
+ * - Skips API routes (route.ts), layout-only segments, slots, intercepting routes
+ * - Skips auth-protected routes (access.ts in segment chain) by default
+ * - Automatic pagination: sitemap index when > 50,000 URLs
+ *
+ * See design/16-metadata.md §"Auto-generated Sitemap"
+ */
+import { serializeSitemap, serializeSitemapIndex } from './pipeline-metadata.js';
+import type { SegmentNode } from '../routing/types.js';
+// ─── Types ───────────────────────────────────────────────────────────────────
+/** Configuration for sitemap generation from timber.config.ts. */
+export interface SitemapConfig {
+  /** Must be explicitly true to enable auto-generation. */
+  enabled: boolean;
+  /** Base URL for absolute URLs in the sitemap. Required. e.g., 'https://example.com' */
+  baseUrl: string;
+  /** Default changefreq for all entries. Optional. */
+  defaultChangeFrequency?: string;
+  /** Default priority for all entries (0.0–1.0). Optional. */
+  defaultPriority?: number;
+  /** Include routes protected by access.ts. Default: false. */
+  includeProtected?: boolean;
+}
+/** A single sitemap entry ready for serialization. */
+export interface SitemapEntry {
+  url: string;
+  changeFrequency?: string;
+  priority?: number;
+}
+/**
+ * A route discovered during tree walk that may need async resolution
+ * (dynamic routes with generateStaticParams).
+ */
+export interface SitemapRoute {
+  /** The URL path pattern (e.g., '/products/[id]'). */
+  urlPath: string;
+  /** Whether this route has dynamic segments that need generateStaticParams. */
+  isDynamic: boolean;
+  /** Loader for the page module (from route manifest). */
+  pageLoader?: { load: () => Promise<unknown>; filePath: string };
+}
+/**
+ * Function signature for loading a page module.
+ * Takes the manifest loader and returns the module exports.
+ */
+export type ModuleLoader = (loader: {
+  load: () => Promise<unknown>;
+  filePath: string;
+}) => Promise<Record<string, unknown>>;
+/** Result of sitemap generation. */
+export type SitemapResult =
+  | { type: 'single'; xml: string }
+  | { type: 'index'; indexXml: string; pages: Map<number, string> };
+// ─── Constants ───────────────────────────────────────────────────────────────
+/** Maximum URLs per sitemap file per the sitemap protocol. */
+export const URLS_PER_SITEMAP = 50_000;
+// ─── Tree Walking ────────────────────────────────────────────────────────────
+/**
+ * Walk the route tree and collect all routes eligible for the sitemap.
+ *
+ * Pure synchronous function — no module loading. Returns routes that may
+ * need async resolution (dynamic routes with generateStaticParams).
+ *
+ * @param root - The root segment node from the route tree
+ * @param config - Sitemap configuration
+ * @returns Array of sitemap routes to resolve
+ */
+export function collectSitemapRoutes(root: SegmentNode, config: SitemapConfig): SitemapRoute[] {
+  const routes: SitemapRoute[] = [];
+  walkNode(root, routes, config.includeProtected ?? false, false);
+  return routes;
+}
+/**
+ * Recursive tree walker. Collects page routes, skipping ineligible segments.
+ *
+ * @param node - Current segment node
+ * @param routes - Accumulator for discovered routes
+ * @param includeProtected - Whether to include routes with access.ts
+ * @param hasAccessInChain - Whether any ancestor has access.ts
+ */
+function walkNode(
+  node: SegmentNode,
+  routes: SitemapRoute[],
+  includeProtected: boolean,
+  hasAccessInChain: boolean
+): void {
+  // Track whether this node or any ancestor has access.ts
+  const protectedChain = hasAccessInChain || !!node.access;
+  // Skip intercepting routes — they're conditional rewrites, not real pages
+  if (node.segmentType === 'intercepting') return;
+  // Skip private folders
+  if (node.segmentType === 'private') return;
+  // Skip slots — parallel routes don't contribute independent URLs
+  // (slots are handled via the parent's slots map, but we skip them here)
+  // Check if this node has a page (not a route.ts API endpoint)
+  if (node.page && !node.route) {
+    // Skip protected routes unless configured to include them
+    if (!protectedChain || includeProtected) {
+      const isDynamic = hasDynamicSegments(node.urlPath);
+      // At runtime (manifest), page has a `load` function. At scan time (RouteFile),
+      // it only has filePath + extension. We check for `load` at runtime.
+      const page = node.page as {
+        filePath: string;
+        extension: string;
+        load?: () => Promise<unknown>;
+      };
+      routes.push({
+        urlPath: node.urlPath,
+        isDynamic,
+        pageLoader: page.load ? { load: page.load, filePath: page.filePath } : undefined,
+      });
+    }
+  }
+  // Recurse into children (not slots — slots don't contribute sitemap URLs)
+  for (const child of node.children) {
+    walkNode(child, routes, includeProtected, protectedChain);
+  }
+  // Do NOT recurse into slots — they are parallel routes at the same URL
+}
+/**
+ * Check if a URL path contains dynamic segments.
+ *
+ * Dynamic segments are enclosed in brackets: [param], [...param], [[...param]]
+ */
+export function hasDynamicSegments(urlPath: string): boolean {
+  return /\[/.test(urlPath);
+}
+// ─── URL Resolution ──────────────────────────────────────────────────────────
+/**
+ * Resolve sitemap routes into concrete URLs.
+ *
+ * For static routes, the URL is derived directly from the path.
+ * For dynamic routes, calls `generateStaticParams()` from the page module.
+ *
+ * @param routes - Routes collected by collectSitemapRoutes
+ * @param config - Sitemap configuration
+ * @param loadModule - Async function to load a page module by file path
+ * @returns Array of sitemap entries with absolute URLs
+ */
+export async function resolveSitemapUrls(
+  routes: SitemapRoute[],
+  config: SitemapConfig,
+  loadModule?: ModuleLoader
+): Promise<SitemapEntry[]> {
+  const baseUrl = config.baseUrl.replace(/\/+$/, ''); // strip trailing slash
+  const entries: SitemapEntry[] = [];
+  for (const route of routes) {
+    if (!route.isDynamic) {
+      // Static route — direct URL
+      const url = route.urlPath === '/' ? baseUrl + '/' : baseUrl + route.urlPath;
+      entries.push({
+        url,
+        changeFrequency: config.defaultChangeFrequency,
+        priority: config.defaultPriority,
+      });
+    } else if (loadModule && route.pageLoader) {
+      // Dynamic route — try to call generateStaticParams
+      try {
+        const mod = await loadModule(route.pageLoader);
+        const generateFn = mod.generateStaticParams;
+        if (typeof generateFn !== 'function') {
+          // No generateStaticParams export — skip this dynamic route
+          continue;
+        }
+        const paramSets: Record<string, string>[] = await generateFn();
+        for (const params of paramSets) {
+          const resolvedPath = resolvePathWithParams(route.urlPath, params);
+          if (resolvedPath) {
+            entries.push({
+              url: baseUrl + resolvedPath,
+              changeFrequency: config.defaultChangeFrequency,
+              priority: config.defaultPriority,
+            });
+          }
+        }
+      } catch (error) {
+        // Log and skip — don't fail the entire sitemap for one bad route
+        const filePath = route.pageLoader.filePath;
+        console.warn(
+          `[timber] sitemap: failed to call generateStaticParams for ${filePath}:`,
+          error instanceof Error ? error.message : error
+        );
+      }
+    }
+    // If no loadModule provided and route is dynamic, skip it
+  }
+  return entries;
+}
+/**
+ * Replace dynamic segments in a URL path with concrete param values.
+ *
+ * Handles:
+ * - `[param]` → single value
+ * - `[...param]` → slash-joined values
+ * - `[[...param]]` → slash-joined values (or empty string if not provided)
+ *
+ * @returns The resolved path, or null if params are missing
+ */
+export function resolvePathWithParams(
+  urlPath: string,
+  params: Record<string, string | string[]>
+): string | null {
+  let resolved = urlPath;
+  // Optional catch-all: [[...param]]
+  resolved = resolved.replace(/\[\[\.\.\.([^\]]+)\]\]/g, (_, name) => {
+    const value = params[name];
+    if (value === undefined || value === '') return '';
+    if (Array.isArray(value)) return value.join('/');
+    return value;
+  });
+  // Catch-all: [...param]
+  resolved = resolved.replace(/\[\.\.\.([^\]]+)\]/g, (_, name) => {
+    const value = params[name];
+    if (value === undefined) return '';
+    if (Array.isArray(value)) return value.join('/');
+    return value;
+  });
+  // Single dynamic: [param] — return null if a required param is missing
+  let missingRequired = false;
+  resolved = resolved.replace(/\[([^\]]+)\]/g, (match, name) => {
+    const value = params[name];
+    if (value === undefined) {
+      missingRequired = true;
+      return match; // keep original to avoid malformed URL
+    }
+    if (Array.isArray(value)) return value[0] ?? '';
+    return value;
+  });
+  if (missingRequired) return null;
+  // Clean up double slashes from empty optional catch-alls
+  resolved = resolved.replace(/\/+/g, '/');
+  // Remove trailing slash (except for root)
+  if (resolved.length > 1 && resolved.endsWith('/')) {
+    resolved = resolved.slice(0, -1);
+  }
+  return resolved;
+}
+// ─── Sitemap Generation ──────────────────────────────────────────────────────
+/**
+ * Generate the complete sitemap result from a route tree.
+ *
+ * Orchestrates tree walking, URL resolution, and XML serialization.
+ * Returns either a single sitemap or a paginated sitemap index.
+ *
+ * @param root - The root segment node from the route tree
+ * @param config - Sitemap configuration
+ * @param loadModule - Optional async function to load page modules (for generateStaticParams)
+ * @returns The sitemap result (single or index with pages)
+ */
+export async function generateSitemap(
+  root: SegmentNode,
+  config: SitemapConfig,
+  loadModule?: ModuleLoader
+): Promise<SitemapResult> {
+  const routes = collectSitemapRoutes(root, config);
+  const entries = await resolveSitemapUrls(routes, config, loadModule);
+  if (entries.length <= URLS_PER_SITEMAP) {
+    // Single sitemap
+    return {
+      type: 'single',
+      xml: serializeSitemap(entries),
+    };
+  }
+  // Paginated — split into chunks
+  const baseUrl = config.baseUrl.replace(/\/+$/, '');
+  const pageCount = Math.ceil(entries.length / URLS_PER_SITEMAP);
+  const pages = new Map<number, string>();
+  const sitemapUrls: string[] = [];
+  for (let i = 0; i < pageCount; i++) {
+    const start = i * URLS_PER_SITEMAP;
+    const end = Math.min(start + URLS_PER_SITEMAP, entries.length);
+    const chunk = entries.slice(start, end);
+    pages.set(i, serializeSitemap(chunk));
+    sitemapUrls.push(`${baseUrl}/sitemap/${i}.xml`);
+  }
+  return {
+    type: 'index',
+    indexXml: serializeSitemapIndex(sitemapUrls),
+    pages,
+  };
+}
+/**
+ * Check if the route tree root has a user-authored sitemap metadata route.
+ *
+ * When a user-authored sitemap exists at the root, auto-generation is disabled
+ * to avoid conflicts — the user takes full control.
+ */
+export function hasUserSitemap(root: SegmentNode): boolean {
+  if (!root.metadataRoutes) return false;
+  return root.metadataRoutes.has('sitemap');
+}