npm - @timber-js/app - Versions diffs - 0.2.0-alpha.9 → 0.2.0-alpha.90 - Mend

@timber-js/app 0.2.0-alpha.9 → 0.2.0-alpha.90

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (610) hide show

package/dist/_chunks/actions-DLnUaR65.js +421 -0
package/dist/_chunks/actions-DLnUaR65.js.map +1 -0
package/dist/_chunks/{als-registry-B7DbZ2hS.js → als-registry-HS0LGUl2.js} +1 -1
package/dist/_chunks/als-registry-HS0LGUl2.js.map +1 -0
package/dist/_chunks/chunk-BYIpzuS7.js +39 -0
package/dist/_chunks/{debug-gwlJkDuf.js → debug-ECi_61pb.js} +2 -2
package/dist/_chunks/debug-ECi_61pb.js.map +1 -0
package/dist/_chunks/define-C77ScO0m.js +106 -0
package/dist/_chunks/define-C77ScO0m.js.map +1 -0
package/dist/_chunks/define-Itxvcd7F.js +199 -0
package/dist/_chunks/define-Itxvcd7F.js.map +1 -0
package/dist/_chunks/define-cookie-BowvzoP0.js +94 -0
package/dist/_chunks/define-cookie-BowvzoP0.js.map +1 -0
package/dist/_chunks/{format-DviM89f0.js → dev-warnings-DpGRGoDi.js} +5 -44
package/dist/_chunks/dev-warnings-DpGRGoDi.js.map +1 -0
package/dist/_chunks/format-CYBGxKtc.js +14 -0
package/dist/_chunks/format-CYBGxKtc.js.map +1 -0
package/dist/_chunks/{interception-BOoWmLUA.js → interception-DRlhJWbu.js} +219 -97
package/dist/_chunks/interception-DRlhJWbu.js.map +1 -0
package/dist/_chunks/merge-search-params-Cm_KIWDX.js +41 -0
package/dist/_chunks/merge-search-params-Cm_KIWDX.js.map +1 -0
package/dist/_chunks/{metadata-routes-Cjmvi3rQ.js → metadata-routes-DS3eKNmf.js} +1 -1
package/dist/_chunks/{metadata-routes-Cjmvi3rQ.js.map → metadata-routes-DS3eKNmf.js.map} +1 -1
package/dist/_chunks/request-context-CK5tZqIP.js +478 -0
package/dist/_chunks/request-context-CK5tZqIP.js.map +1 -0
package/dist/_chunks/schema-bridge-C3xl_vfb.js +86 -0
package/dist/_chunks/schema-bridge-C3xl_vfb.js.map +1 -0
package/dist/_chunks/segment-classify-BDNn6EzD.js +65 -0
package/dist/_chunks/segment-classify-BDNn6EzD.js.map +1 -0
package/dist/_chunks/segment-context-fHFLF1PE.js +34 -0
package/dist/_chunks/segment-context-fHFLF1PE.js.map +1 -0
package/dist/_chunks/{ssr-data-MjmprTmO.js → ssr-data-DzuI0bIV.js} +1 -1
package/dist/_chunks/{ssr-data-MjmprTmO.js.map → ssr-data-DzuI0bIV.js.map} +1 -1
package/dist/_chunks/stale-reload-BX5gL1r-.js +64 -0
package/dist/_chunks/stale-reload-BX5gL1r-.js.map +1 -0
package/dist/_chunks/{tracing-CemImE6h.js → tracing-CCYbKn5n.js} +60 -9
package/dist/_chunks/tracing-CCYbKn5n.js.map +1 -0
package/dist/_chunks/use-params-Br9YSUFV.js +295 -0
package/dist/_chunks/use-params-Br9YSUFV.js.map +1 -0
package/dist/_chunks/{use-query-states-D5KaffOK.js → use-query-states-BiV5GJgm.js} +7 -4
package/dist/_chunks/use-query-states-BiV5GJgm.js.map +1 -0
package/dist/adapters/cloudflare-dev.d.ts +109 -0
package/dist/adapters/cloudflare-dev.d.ts.map +1 -0
package/dist/adapters/cloudflare-dev.js +73 -0
package/dist/adapters/cloudflare-dev.js.map +1 -0
package/dist/adapters/cloudflare-kv-cache.d.ts +64 -0
package/dist/adapters/cloudflare-kv-cache.d.ts.map +1 -0
package/dist/adapters/cloudflare-kv-cache.js +95 -0
package/dist/adapters/cloudflare-kv-cache.js.map +1 -0
package/dist/adapters/cloudflare.d.ts +148 -12
package/dist/adapters/cloudflare.d.ts.map +1 -1
package/dist/adapters/cloudflare.js +135 -11
package/dist/adapters/cloudflare.js.map +1 -1
package/dist/adapters/compress-module.d.ts.map +1 -1
package/dist/adapters/nitro.d.ts +17 -1
package/dist/adapters/nitro.d.ts.map +1 -1
package/dist/adapters/nitro.js +56 -13
package/dist/adapters/nitro.js.map +1 -1
package/dist/cache/cache-api.d.ts +24 -0
package/dist/cache/cache-api.d.ts.map +1 -0
package/dist/cache/handler-store.d.ts +31 -0
package/dist/cache/handler-store.d.ts.map +1 -0
package/dist/cache/index.d.ts +23 -7
package/dist/cache/index.d.ts.map +1 -1
package/dist/cache/index.js +142 -80
package/dist/cache/index.js.map +1 -1
package/dist/cache/singleflight.d.ts +18 -1
package/dist/cache/singleflight.d.ts.map +1 -1
package/dist/cache/sizeof.d.ts +22 -0
package/dist/cache/sizeof.d.ts.map +1 -0
package/dist/cache/timber-cache.d.ts +1 -1
package/dist/cache/timber-cache.d.ts.map +1 -1
package/dist/cli.d.ts +6 -1
package/dist/cli.d.ts.map +1 -1
package/dist/cli.js +8 -3
package/dist/cli.js.map +1 -1
package/dist/client/browser-dev.d.ts +27 -1
package/dist/client/browser-dev.d.ts.map +1 -1
package/dist/client/browser-entry/action-dispatch.d.ts +17 -0
package/dist/client/browser-entry/action-dispatch.d.ts.map +1 -0
package/dist/client/browser-entry/hmr.d.ts +21 -0
package/dist/client/browser-entry/hmr.d.ts.map +1 -0
package/dist/client/browser-entry/hydrate.d.ts +46 -0
package/dist/client/browser-entry/hydrate.d.ts.map +1 -0
package/dist/client/browser-entry/index.d.ts +30 -0
package/dist/client/browser-entry/index.d.ts.map +1 -0
package/dist/client/browser-entry/post-hydration.d.ts +26 -0
package/dist/client/browser-entry/post-hydration.d.ts.map +1 -0
package/dist/client/browser-entry/router-init.d.ts +23 -0
package/dist/client/browser-entry/router-init.d.ts.map +1 -0
package/dist/client/browser-entry/rsc-stream.d.ts +24 -0
package/dist/client/browser-entry/rsc-stream.d.ts.map +1 -0
package/dist/client/browser-entry/scroll.d.ts +19 -0
package/dist/client/browser-entry/scroll.d.ts.map +1 -0
package/dist/client/error-boundary.d.ts +12 -5
package/dist/client/error-boundary.d.ts.map +1 -1
package/dist/client/error-boundary.js +10 -4
package/dist/client/error-boundary.js.map +1 -1
package/dist/client/error-reconstituter.d.ts +54 -0
package/dist/client/error-reconstituter.d.ts.map +1 -0
package/dist/client/form.d.ts +6 -3
package/dist/client/form.d.ts.map +1 -1
package/dist/client/history.d.ts +19 -4
package/dist/client/history.d.ts.map +1 -1
package/dist/client/index.d.ts +9 -21
package/dist/client/index.d.ts.map +1 -1
package/dist/client/index.js +229 -1018
package/dist/client/index.js.map +1 -1
package/dist/client/internal.d.ts +18 -0
package/dist/client/internal.d.ts.map +1 -0
package/dist/client/internal.js +890 -0
package/dist/client/internal.js.map +1 -0
package/dist/client/link-pending-store.d.ts +63 -0
package/dist/client/link-pending-store.d.ts.map +1 -0
package/dist/client/link.d.ts +62 -55
package/dist/client/link.d.ts.map +1 -1
package/dist/client/nav-link-store.d.ts +36 -0
package/dist/client/nav-link-store.d.ts.map +1 -0
package/dist/client/navigation-api-types.d.ts +90 -0
package/dist/client/navigation-api-types.d.ts.map +1 -0
package/dist/client/navigation-api.d.ts +115 -0
package/dist/client/navigation-api.d.ts.map +1 -0
package/dist/client/navigation-context.d.ts +13 -2
package/dist/client/navigation-context.d.ts.map +1 -1
package/dist/client/{transition-root.d.ts → navigation-root.d.ts} +42 -8
package/dist/client/navigation-root.d.ts.map +1 -0
package/dist/client/nuqs-adapter.d.ts.map +1 -1
package/dist/client/router-ref.d.ts +1 -1
package/dist/client/router.d.ts +70 -4
package/dist/client/router.d.ts.map +1 -1
package/dist/client/rsc-fetch.d.ts +38 -3
package/dist/client/rsc-fetch.d.ts.map +1 -1
package/dist/client/segment-cache.d.ts +1 -1
package/dist/client/segment-cache.d.ts.map +1 -1
package/dist/client/segment-outlet.d.ts +63 -0
package/dist/client/segment-outlet.d.ts.map +1 -0
package/dist/client/ssr-data.d.ts +13 -4
package/dist/client/ssr-data.d.ts.map +1 -1
package/dist/client/stale-reload.d.ts +15 -0
package/dist/client/stale-reload.d.ts.map +1 -1
package/dist/client/top-loader.d.ts +5 -5
package/dist/client/top-loader.d.ts.map +1 -1
package/dist/client/use-link-status.d.ts +5 -5
package/dist/client/use-link-status.d.ts.map +1 -1
package/dist/client/use-params.d.ts +6 -4
package/dist/client/use-params.d.ts.map +1 -1
package/dist/client/{use-navigation-pending.d.ts → use-pending-navigation.d.ts} +4 -4
package/dist/client/use-pending-navigation.d.ts.map +1 -0
package/dist/client/use-query-states.d.ts +1 -1
package/dist/client/use-query-states.d.ts.map +1 -1
package/dist/client/use-router.d.ts +1 -1
package/dist/codec.d.ts +33 -0
package/dist/codec.d.ts.map +1 -0
package/dist/codec.js +2 -0
package/dist/config-types.d.ts +266 -0
package/dist/config-types.d.ts.map +1 -0
package/dist/config-validation.d.ts +51 -0
package/dist/config-validation.d.ts.map +1 -0
package/dist/content/index.d.ts +1 -10
package/dist/content/index.d.ts.map +1 -1
package/dist/content/index.js +0 -2
package/dist/cookies/define-cookie.d.ts +35 -14
package/dist/cookies/define-cookie.d.ts.map +1 -1
package/dist/cookies/index.js +1 -83
package/dist/fonts/bundle.d.ts +48 -0
package/dist/fonts/bundle.d.ts.map +1 -0
package/dist/fonts/css.d.ts +1 -0
package/dist/fonts/css.d.ts.map +1 -1
package/dist/fonts/dev-middleware.d.ts +22 -0
package/dist/fonts/dev-middleware.d.ts.map +1 -0
package/dist/fonts/pipeline.d.ts +138 -0
package/dist/fonts/pipeline.d.ts.map +1 -0
package/dist/fonts/transform.d.ts +72 -0
package/dist/fonts/transform.d.ts.map +1 -0
package/dist/fonts/types.d.ts +45 -1
package/dist/fonts/types.d.ts.map +1 -1
package/dist/fonts/virtual-modules.d.ts +59 -0
package/dist/fonts/virtual-modules.d.ts.map +1 -0
package/dist/index.d.ts +45 -190
package/dist/index.d.ts.map +1 -1
package/dist/index.js +4294 -2453
package/dist/index.js.map +1 -1
package/dist/plugin-context.d.ts +107 -0
package/dist/plugin-context.d.ts.map +1 -0
package/dist/plugins/adapter-build.d.ts +1 -1
package/dist/plugins/adapter-build.d.ts.map +1 -1
package/dist/plugins/build-manifest.d.ts +2 -2
package/dist/plugins/build-manifest.d.ts.map +1 -1
package/dist/plugins/build-report.d.ts +3 -3
package/dist/plugins/build-report.d.ts.map +1 -1
package/dist/plugins/client-chunks.d.ts +32 -0
package/dist/plugins/client-chunks.d.ts.map +1 -0
package/dist/plugins/content.d.ts +1 -1
package/dist/plugins/content.d.ts.map +1 -1
package/dist/plugins/dev-404-page.d.ts +56 -0
package/dist/plugins/dev-404-page.d.ts.map +1 -0
package/dist/plugins/dev-browser-logs.d.ts +84 -0
package/dist/plugins/dev-browser-logs.d.ts.map +1 -0
package/dist/plugins/dev-error-overlay.d.ts +49 -9
package/dist/plugins/dev-error-overlay.d.ts.map +1 -1
package/dist/plugins/dev-error-page.d.ts +58 -0
package/dist/plugins/dev-error-page.d.ts.map +1 -0
package/dist/plugins/dev-logs.d.ts +1 -1
package/dist/plugins/dev-logs.d.ts.map +1 -1
package/dist/plugins/dev-server.d.ts +1 -1
package/dist/plugins/dev-server.d.ts.map +1 -1
package/dist/plugins/dev-terminal-error.d.ts +28 -0
package/dist/plugins/dev-terminal-error.d.ts.map +1 -0
package/dist/plugins/entries.d.ts +1 -1
package/dist/plugins/entries.d.ts.map +1 -1
package/dist/plugins/fonts.d.ts +17 -73
package/dist/plugins/fonts.d.ts.map +1 -1
package/dist/plugins/mdx.d.ts +1 -1
package/dist/plugins/mdx.d.ts.map +1 -1
package/dist/plugins/routing.d.ts +1 -1
package/dist/plugins/routing.d.ts.map +1 -1
package/dist/plugins/server-bundle.d.ts.map +1 -1
package/dist/plugins/shims.d.ts +6 -5
package/dist/plugins/shims.d.ts.map +1 -1
package/dist/plugins/static-build.d.ts +4 -4
package/dist/plugins/static-build.d.ts.map +1 -1
package/dist/routing/codegen.d.ts +2 -2
package/dist/routing/codegen.d.ts.map +1 -1
package/dist/routing/convention-lint.d.ts +41 -0
package/dist/routing/convention-lint.d.ts.map +1 -0
package/dist/routing/index.d.ts +2 -0
package/dist/routing/index.d.ts.map +1 -1
package/dist/routing/index.js +3 -2
package/dist/routing/scanner.d.ts.map +1 -1
package/dist/routing/segment-classify.d.ts +46 -0
package/dist/routing/segment-classify.d.ts.map +1 -0
package/dist/routing/status-file-lint.d.ts +2 -1
package/dist/routing/status-file-lint.d.ts.map +1 -1
package/dist/routing/types.d.ts +16 -4
package/dist/routing/types.d.ts.map +1 -1
package/dist/rsc-runtime/rsc.d.ts +1 -1
package/dist/rsc-runtime/rsc.d.ts.map +1 -1
package/dist/rsc-runtime/ssr.d.ts +12 -0
package/dist/rsc-runtime/ssr.d.ts.map +1 -1
package/dist/schema-bridge.d.ts +76 -0
package/dist/schema-bridge.d.ts.map +1 -0
package/dist/search-params/define.d.ts +139 -0
package/dist/search-params/define.d.ts.map +1 -0
package/dist/search-params/index.d.ts +4 -7
package/dist/search-params/index.d.ts.map +1 -1
package/dist/search-params/index.js +32 -441
package/dist/search-params/index.js.map +1 -1
package/dist/search-params/registry.d.ts +2 -2
package/dist/search-params/registry.d.ts.map +1 -1
package/dist/search-params/wrappers.d.ts +53 -0
package/dist/search-params/wrappers.d.ts.map +1 -0
package/dist/segment-params/define.d.ts +78 -0
package/dist/segment-params/define.d.ts.map +1 -0
package/dist/segment-params/index.d.ts +3 -0
package/dist/segment-params/index.d.ts.map +1 -0
package/dist/segment-params/index.js +2 -0
package/dist/server/access-gate.d.ts +4 -0
package/dist/server/access-gate.d.ts.map +1 -1
package/dist/server/action-client.d.ts +41 -6
package/dist/server/action-client.d.ts.map +1 -1
package/dist/server/action-encryption.d.ts +76 -0
package/dist/server/action-encryption.d.ts.map +1 -0
package/dist/server/action-handler.d.ts +7 -0
package/dist/server/action-handler.d.ts.map +1 -1
package/dist/server/actions.d.ts +3 -6
package/dist/server/actions.d.ts.map +1 -1
package/dist/server/als-registry.d.ts +32 -4
package/dist/server/als-registry.d.ts.map +1 -1
package/dist/server/build-manifest.d.ts +2 -2
package/dist/server/build-manifest.d.ts.map +1 -1
package/dist/server/debug.d.ts +1 -1
package/dist/server/default-logger.d.ts +22 -0
package/dist/server/default-logger.d.ts.map +1 -0
package/dist/server/deny-page-resolver.d.ts +52 -0
package/dist/server/deny-page-resolver.d.ts.map +1 -0
package/dist/server/deny-renderer.d.ts.map +1 -1
package/dist/server/dev-holding-server.d.ts +52 -0
package/dist/server/dev-holding-server.d.ts.map +1 -0
package/dist/server/dev-source-map.d.ts +22 -0
package/dist/server/dev-source-map.d.ts.map +1 -0
package/dist/server/dev-warnings.d.ts +1 -21
package/dist/server/dev-warnings.d.ts.map +1 -1
package/dist/server/early-hints.d.ts +13 -5
package/dist/server/early-hints.d.ts.map +1 -1
package/dist/server/error-boundary-wrapper.d.ts +7 -1
package/dist/server/error-boundary-wrapper.d.ts.map +1 -1
package/dist/server/fallback-error.d.ts +12 -7
package/dist/server/fallback-error.d.ts.map +1 -1
package/dist/server/flight-injection-state.d.ts +66 -0
package/dist/server/flight-injection-state.d.ts.map +1 -0
package/dist/server/flight-scripts.d.ts +42 -0
package/dist/server/flight-scripts.d.ts.map +1 -0
package/dist/server/flush.d.ts.map +1 -1
package/dist/server/form-data.d.ts +29 -0
package/dist/server/form-data.d.ts.map +1 -1
package/dist/server/html-injectors.d.ts +51 -11
package/dist/server/html-injectors.d.ts.map +1 -1
package/dist/server/index.d.ts +5 -43
package/dist/server/index.d.ts.map +1 -1
package/dist/server/index.js +195 -2800
package/dist/server/index.js.map +1 -1
package/dist/server/internal.d.ts +46 -0
package/dist/server/internal.d.ts.map +1 -0
package/dist/server/internal.js +2900 -0
package/dist/server/internal.js.map +1 -0
package/dist/server/logger.d.ts +25 -7
package/dist/server/logger.d.ts.map +1 -1
package/dist/server/middleware-runner.d.ts +19 -4
package/dist/server/middleware-runner.d.ts.map +1 -1
package/dist/server/node-stream-transforms.d.ts +113 -0
package/dist/server/node-stream-transforms.d.ts.map +1 -0
package/dist/server/page-deny-boundary.d.ts +31 -0
package/dist/server/page-deny-boundary.d.ts.map +1 -0
package/dist/server/pipeline-interception.d.ts +1 -1
package/dist/server/pipeline-interception.d.ts.map +1 -1
package/dist/server/pipeline-metadata.d.ts +6 -0
package/dist/server/pipeline-metadata.d.ts.map +1 -1
package/dist/server/pipeline.d.ts +52 -10
package/dist/server/pipeline.d.ts.map +1 -1
package/dist/server/primitives.d.ts +69 -18
package/dist/server/primitives.d.ts.map +1 -1
package/dist/server/render-timeout.d.ts +51 -0
package/dist/server/render-timeout.d.ts.map +1 -0
package/dist/server/request-context.d.ts +112 -43
package/dist/server/request-context.d.ts.map +1 -1
package/dist/server/route-element-builder.d.ts +27 -1
package/dist/server/route-element-builder.d.ts.map +1 -1
package/dist/server/route-handler.d.ts.map +1 -1
package/dist/server/route-matcher.d.ts +16 -2
package/dist/server/route-matcher.d.ts.map +1 -1
package/dist/server/rsc-entry/api-handler.d.ts +2 -2
package/dist/server/rsc-entry/api-handler.d.ts.map +1 -1
package/dist/server/rsc-entry/error-renderer.d.ts +26 -13
package/dist/server/rsc-entry/error-renderer.d.ts.map +1 -1
package/dist/server/rsc-entry/helpers.d.ts +48 -5
package/dist/server/rsc-entry/helpers.d.ts.map +1 -1
package/dist/server/rsc-entry/index.d.ts +20 -3
package/dist/server/rsc-entry/index.d.ts.map +1 -1
package/dist/server/rsc-entry/rsc-payload.d.ts +3 -3
package/dist/server/rsc-entry/rsc-payload.d.ts.map +1 -1
package/dist/server/rsc-entry/rsc-stream.d.ts +14 -1
package/dist/server/rsc-entry/rsc-stream.d.ts.map +1 -1
package/dist/server/rsc-entry/ssr-bridge.d.ts +1 -1
package/dist/server/rsc-entry/ssr-bridge.d.ts.map +1 -1
package/dist/server/rsc-entry/ssr-renderer.d.ts +19 -4
package/dist/server/rsc-entry/ssr-renderer.d.ts.map +1 -1
package/dist/server/safe-load.d.ts +46 -0
package/dist/server/safe-load.d.ts.map +1 -0
package/dist/server/sensitive-fields.d.ts +74 -0
package/dist/server/sensitive-fields.d.ts.map +1 -0
package/dist/server/sitemap-generator.d.ts +129 -0
package/dist/server/sitemap-generator.d.ts.map +1 -0
package/dist/server/sitemap-handler.d.ts +22 -0
package/dist/server/sitemap-handler.d.ts.map +1 -0
package/dist/server/slot-resolver.d.ts +1 -1
package/dist/server/slot-resolver.d.ts.map +1 -1
package/dist/server/ssr-entry.d.ts +23 -0
package/dist/server/ssr-entry.d.ts.map +1 -1
package/dist/server/ssr-render.d.ts +39 -21
package/dist/server/ssr-render.d.ts.map +1 -1
package/dist/server/ssr-wrappers.d.ts +50 -0
package/dist/server/ssr-wrappers.d.ts.map +1 -0
package/dist/server/status-code-resolver.d.ts +1 -1
package/dist/server/status-code-resolver.d.ts.map +1 -1
package/dist/server/stream-utils.d.ts +36 -0
package/dist/server/stream-utils.d.ts.map +1 -0
package/dist/server/tracing.d.ts +4 -4
package/dist/server/tracing.d.ts.map +1 -1
package/dist/server/tree-builder.d.ts +22 -19
package/dist/server/tree-builder.d.ts.map +1 -1
package/dist/server/types.d.ts +1 -4
package/dist/server/types.d.ts.map +1 -1
package/dist/server/version-skew.d.ts +61 -0
package/dist/server/version-skew.d.ts.map +1 -0
package/dist/shared/merge-search-params.d.ts +22 -0
package/dist/shared/merge-search-params.d.ts.map +1 -0
package/dist/shims/font-google.d.ts +1 -1
package/dist/shims/font-google.d.ts.map +1 -1
package/dist/shims/font-google.js +42 -0
package/dist/shims/font-google.js.map +1 -0
package/dist/shims/font-local.d.ts +26 -0
package/dist/shims/font-local.d.ts.map +1 -0
package/dist/shims/font-local.js +20 -0
package/dist/shims/font-local.js.map +1 -0
package/dist/shims/headers.d.ts +2 -1
package/dist/shims/headers.d.ts.map +1 -1
package/dist/shims/navigation-client.d.ts +1 -1
package/dist/shims/navigation-client.d.ts.map +1 -1
package/dist/shims/navigation.d.ts +3 -2
package/dist/shims/navigation.d.ts.map +1 -1
package/dist/utils/directive-parser.d.ts +5 -2
package/dist/utils/directive-parser.d.ts.map +1 -1
package/dist/utils/state-machine.d.ts +80 -0
package/dist/utils/state-machine.d.ts.map +1 -0
package/package.json +51 -16
package/src/adapters/cloudflare-dev.ts +177 -0
package/src/adapters/cloudflare-kv-cache.ts +142 -0
package/src/adapters/cloudflare.ts +342 -28
package/src/adapters/compress-module.ts +24 -4
package/src/adapters/nitro.ts +52 -8
package/src/adapters/wrangler.d.ts +7 -0
package/src/cache/cache-api.ts +38 -0
package/src/cache/handler-store.ts +68 -0
package/src/cache/index.ts +81 -18
package/src/cache/singleflight.ts +62 -4
package/src/cache/sizeof.ts +31 -0
package/src/cache/timber-cache.ts +24 -20
package/src/cli.ts +16 -6
package/src/client/browser-dev.ts +128 -1
package/src/client/browser-entry/action-dispatch.ts +116 -0
package/src/client/browser-entry/hmr.ts +81 -0
package/src/client/browser-entry/hydrate.ts +145 -0
package/src/client/browser-entry/index.ts +143 -0
package/src/client/browser-entry/post-hydration.ts +119 -0
package/src/client/browser-entry/router-init.ts +193 -0
package/src/client/browser-entry/rsc-stream.ts +157 -0
package/src/client/browser-entry/scroll.ts +27 -0
package/src/client/error-boundary.tsx +48 -16
package/src/client/error-reconstituter.tsx +65 -0
package/src/client/form.tsx +14 -7
package/src/client/history.ts +26 -4
package/src/client/index.ts +65 -38
package/src/client/internal.ts +57 -0
package/src/client/link-pending-store.ts +111 -0
package/src/client/link.tsx +342 -113
package/src/client/nav-link-store.ts +47 -0
package/src/client/navigation-api-types.ts +112 -0
package/src/client/navigation-api.ts +332 -0
package/src/client/navigation-context.ts +31 -6
package/src/client/navigation-root.tsx +342 -0
package/src/client/nuqs-adapter.tsx +16 -3
package/src/client/router-ref.ts +1 -1
package/src/client/router.ts +299 -72
package/src/client/rsc-fetch.ts +97 -8
package/src/client/segment-cache.ts +1 -1
package/src/client/segment-outlet.tsx +86 -0
package/src/client/ssr-data.ts +13 -5
package/src/client/stale-reload.ts +72 -3
package/src/client/top-loader.tsx +18 -6
package/src/client/use-link-status.ts +7 -7
package/src/client/use-params.ts +7 -5
package/src/client/{use-navigation-pending.ts → use-pending-navigation.ts} +6 -6
package/src/client/use-query-states.ts +9 -3
package/src/client/use-router.ts +1 -1
package/src/codec.ts +49 -0
package/src/config-types.ts +264 -0
package/src/config-validation.ts +303 -0
package/src/content/index.ts +5 -13
package/src/cookies/define-cookie.ts +78 -25
package/src/cookies/index.ts +8 -0
package/src/fonts/bundle.ts +142 -0
package/src/fonts/css.ts +2 -1
package/src/fonts/dev-middleware.ts +74 -0
package/src/fonts/pipeline.ts +275 -0
package/src/fonts/transform.ts +353 -0
package/src/fonts/types.ts +50 -1
package/src/fonts/virtual-modules.ts +159 -0
package/src/index.ts +314 -355
package/src/plugin-context.ts +240 -0
package/src/plugins/adapter-build.ts +9 -3
package/src/plugins/build-manifest.ts +13 -2
package/src/plugins/build-report.ts +3 -3
package/src/plugins/client-chunks.ts +65 -0
package/src/plugins/content.ts +1 -1
package/src/plugins/dev-404-page.ts +418 -0
package/src/plugins/dev-browser-logs.ts +288 -0
package/src/plugins/dev-error-overlay.ts +286 -42
package/src/plugins/dev-error-page.ts +536 -0
package/src/plugins/dev-logs.ts +1 -1
package/src/plugins/dev-server.ts +146 -19
package/src/plugins/dev-terminal-error.ts +217 -0
package/src/plugins/entries.ts +111 -10
package/src/plugins/fonts.ts +133 -638
package/src/plugins/mdx.ts +1 -1
package/src/plugins/routing.ts +213 -31
package/src/plugins/server-action-exports.ts +1 -1
package/src/plugins/server-bundle.ts +32 -1
package/src/plugins/shims.ts +136 -35
package/src/plugins/static-build.ts +17 -11
package/src/routing/codegen.ts +273 -105
package/src/routing/convention-lint.ts +356 -0
package/src/routing/index.ts +2 -0
package/src/routing/scanner.ts +93 -23
package/src/routing/segment-classify.ts +89 -0
package/src/routing/status-file-lint.ts +3 -2
package/src/routing/types.ts +17 -4
package/src/rsc-runtime/rsc.ts +2 -0
package/src/rsc-runtime/ssr.ts +50 -0
package/src/rsc-runtime/vendor-types.d.ts +7 -0
package/src/{search-params/codecs.ts → schema-bridge.ts} +57 -20
package/src/search-params/define.ts +482 -0
package/src/search-params/index.ts +14 -20
package/src/search-params/registry.ts +2 -2
package/src/search-params/wrappers.ts +85 -0
package/src/segment-params/define.ts +279 -0
package/src/segment-params/index.ts +9 -0
package/src/server/access-gate.tsx +70 -29
package/src/server/action-client.ts +88 -15
package/src/server/action-encryption.ts +144 -0
package/src/server/action-handler.ts +53 -6
package/src/server/actions.ts +10 -9
package/src/server/als-registry.ts +34 -6
package/src/server/build-manifest.ts +10 -4
package/src/server/compress.ts +25 -7
package/src/server/debug.ts +1 -1
package/src/server/default-logger.ts +99 -0
package/src/server/deny-page-resolver.ts +154 -0
package/src/server/deny-renderer.ts +24 -38
package/src/server/dev-holding-server.ts +185 -0
package/src/server/dev-source-map.ts +31 -0
package/src/server/dev-warnings.ts +4 -49
package/src/server/early-hints.ts +36 -15
package/src/server/error-boundary-wrapper.ts +74 -22
package/src/server/fallback-error.ts +74 -102
package/src/server/flight-injection-state.ts +113 -0
package/src/server/flight-scripts.ts +62 -0
package/src/server/flush.ts +2 -1
package/src/server/form-data.ts +76 -0
package/src/server/html-injectors.ts +280 -120
package/src/server/index.ts +25 -177
package/src/server/internal.ts +169 -0
package/src/server/logger.ts +44 -36
package/src/server/middleware-runner.ts +31 -4
package/src/server/node-stream-transforms.ts +509 -0
package/src/server/page-deny-boundary.tsx +56 -0
package/src/server/pipeline-interception.ts +17 -16
package/src/server/pipeline-metadata.ts +13 -0
package/src/server/pipeline.ts +261 -66
package/src/server/primitives.ts +111 -28
package/src/server/render-timeout.ts +108 -0
package/src/server/request-context.ts +293 -132
package/src/server/route-element-builder.ts +283 -191
package/src/server/route-handler.ts +24 -4
package/src/server/route-matcher.ts +31 -20
package/src/server/rsc-entry/api-handler.ts +15 -16
package/src/server/rsc-entry/error-renderer.ts +305 -89
package/src/server/rsc-entry/helpers.ts +134 -5
package/src/server/rsc-entry/index.ts +304 -111
package/src/server/rsc-entry/rsc-payload.ts +65 -18
package/src/server/rsc-entry/rsc-stream.ts +81 -13
package/src/server/rsc-entry/ssr-bridge.ts +14 -5
package/src/server/rsc-entry/ssr-renderer.ts +171 -38
package/src/server/safe-load.ts +60 -0
package/src/server/sensitive-fields.ts +230 -0
package/src/server/sitemap-generator.ts +338 -0
package/src/server/sitemap-handler.ts +126 -0
package/src/server/slot-resolver.ts +244 -229
package/src/server/ssr-entry.ts +215 -32
package/src/server/ssr-render.ts +289 -67
package/src/server/ssr-wrappers.tsx +139 -0
package/src/server/status-code-resolver.ts +1 -1
package/src/server/stream-utils.ts +213 -0
package/src/server/tracing.ts +20 -9
package/src/server/tree-builder.ts +92 -58
package/src/server/types.ts +3 -6
package/src/server/version-skew.ts +104 -0
package/src/shared/merge-search-params.ts +55 -0
package/src/shims/font-google.ts +1 -1
package/src/shims/font-local.ts +34 -0
package/src/shims/headers.ts +5 -1
package/src/shims/navigation-client.ts +1 -1
package/src/shims/navigation.ts +7 -2
package/src/utils/directive-parser.ts +5 -2
package/src/utils/state-machine.ts +111 -0
package/dist/_chunks/als-registry-B7DbZ2hS.js.map +0 -1
package/dist/_chunks/debug-gwlJkDuf.js.map +0 -1
package/dist/_chunks/format-DviM89f0.js.map +0 -1
package/dist/_chunks/interception-BOoWmLUA.js.map +0 -1
package/dist/_chunks/request-context-DIkVh_jG.js +0 -330
package/dist/_chunks/request-context-DIkVh_jG.js.map +0 -1
package/dist/_chunks/tracing-CemImE6h.js.map +0 -1
package/dist/_chunks/use-cookie-DX-l1_5E.js +0 -91
package/dist/_chunks/use-cookie-DX-l1_5E.js.map +0 -1
package/dist/_chunks/use-query-states-D5KaffOK.js.map +0 -1
package/dist/cache/register-cached-function.d.ts +0 -17
package/dist/cache/register-cached-function.d.ts.map +0 -1
package/dist/client/browser-entry.d.ts +0 -21
package/dist/client/browser-entry.d.ts.map +0 -1
package/dist/client/link-status-provider.d.ts +0 -11
package/dist/client/link-status-provider.d.ts.map +0 -1
package/dist/client/transition-root.d.ts.map +0 -1
package/dist/client/use-navigation-pending.d.ts.map +0 -1
package/dist/cookies/index.js.map +0 -1
package/dist/plugins/cache-transform.d.ts +0 -36
package/dist/plugins/cache-transform.d.ts.map +0 -1
package/dist/plugins/dynamic-transform.d.ts +0 -72
package/dist/plugins/dynamic-transform.d.ts.map +0 -1
package/dist/search-params/analyze.d.ts +0 -54
package/dist/search-params/analyze.d.ts.map +0 -1
package/dist/search-params/builtin-codecs.d.ts +0 -105
package/dist/search-params/builtin-codecs.d.ts.map +0 -1
package/dist/search-params/codecs.d.ts +0 -53
package/dist/search-params/codecs.d.ts.map +0 -1
package/dist/search-params/create.d.ts +0 -106
package/dist/search-params/create.d.ts.map +0 -1
package/dist/server/prerender.d.ts +0 -77
package/dist/server/prerender.d.ts.map +0 -1
package/dist/server/response-cache.d.ts +0 -54
package/dist/server/response-cache.d.ts.map +0 -1
package/src/cache/register-cached-function.ts +0 -103
package/src/client/browser-entry.ts +0 -678
package/src/client/link-status-provider.tsx +0 -30
package/src/client/transition-root.tsx +0 -166
package/src/plugins/cache-transform.ts +0 -199
package/src/plugins/dynamic-transform.ts +0 -161
package/src/search-params/analyze.ts +0 -192
package/src/search-params/builtin-codecs.ts +0 -228
package/src/search-params/create.ts +0 -321
package/src/server/prerender.ts +0 -139
package/src/server/response-cache.ts +0 -410

package/dist/_chunks/request-context-DIkVh_jG.js DELETED Viewed

@@ -1,330 +0,0 @@
-import { t as isDebug } from "./debug-gwlJkDuf.js";
-import { r as requestContextAls } from "./als-registry-B7DbZ2hS.js";
-import { createHmac, timingSafeEqual } from "node:crypto";
-//#region src/server/request-context.ts
-/**
-* Request Context — per-request ALS store for headers() and cookies().
-*
-* Follows the same pattern as tracing.ts: a module-level AsyncLocalStorage
-* instance, public accessor functions that throw outside request scope,
-* and a framework-internal `runWithRequestContext()` to establish scope.
-*
-* See design/04-authorization.md §"AccessContext does not include cookies or headers"
-* and design/11-platform.md §"AsyncLocalStorage".
-* See design/29-cookies.md for cookie mutation semantics.
-*/
-/**
-* Module-level cookie signing secrets. Index 0 is the newest (used for signing).
-* All entries are tried for verification (key rotation support).
-*
-* Set by the framework at startup via `setCookieSecrets()`.
-* See design/29-cookies.md §"Signed Cookies"
-*/
-var _cookieSecrets = [];
-/**
-* Configure the cookie signing secrets.
-*
-* Called by the framework during server initialization with values from
-* `cookies.secret` or `cookies.secrets` in timber.config.ts.
-*
-* The first secret (index 0) is used for signing new cookies.
-* All secrets are tried for verification (supports key rotation).
-*/
-function setCookieSecrets(secrets) {
-	_cookieSecrets = secrets.filter(Boolean);
-}
-/**
-* Returns a read-only view of the current request's headers.
-*
-* Available in middleware, access checks, server components, and server actions.
-* Throws if called outside a request context (security principle #2: no global fallback).
-*/
-function headers() {
-	const store = requestContextAls.getStore();
-	if (!store) throw new Error("[timber] headers() called outside of a request context. It can only be used in middleware, access checks, server components, and server actions.");
-	return store.headers;
-}
-/**
-* Returns a cookie accessor for the current request.
-*
-* Available in middleware, access checks, server components, and server actions.
-* Throws if called outside a request context (security principle #2: no global fallback).
-*
-* Read methods (.get, .has, .getAll) are always available and reflect
-* read-your-own-writes from .set() calls in the same request.
-*
-* Mutation methods (.set, .delete, .clear) are only available in mutable
-* contexts (middleware.ts, server actions, route.ts handlers). Calling them
-* in read-only contexts (access.ts, server components) throws.
-*
-* See design/29-cookies.md
-*/
-function cookies() {
-	const store = requestContextAls.getStore();
-	if (!store) throw new Error("[timber] cookies() called outside of a request context. It can only be used in middleware, access checks, server components, and server actions.");
-	if (!store.parsedCookies) store.parsedCookies = parseCookieHeader(store.cookieHeader);
-	const map = store.parsedCookies;
-	return {
-		get(name) {
-			return map.get(name);
-		},
-		has(name) {
-			return map.has(name);
-		},
-		getAll() {
-			return Array.from(map.entries()).map(([name, value]) => ({
-				name,
-				value
-			}));
-		},
-		get size() {
-			return map.size;
-		},
-		getSigned(name) {
-			const raw = map.get(name);
-			if (!raw || _cookieSecrets.length === 0) return void 0;
-			return verifySignedCookie(raw, _cookieSecrets);
-		},
-		set(name, value, options) {
-			assertMutable(store, "set");
-			if (store.flushed) {
-				if (isDebug()) console.warn(`[timber] warn: cookies().set('${name}') called after response headers were committed.\n  The cookie will NOT be sent. Move cookie mutations to middleware.ts, a server action,\n  or a route.ts handler.`);
-				return;
-			}
-			let storedValue = value;
-			if (options?.signed) {
-				if (_cookieSecrets.length === 0) throw new Error(`[timber] cookies().set('${name}', ..., { signed: true }) requires cookies.secret or cookies.secrets in timber.config.ts.`);
-				storedValue = signCookieValue(value, _cookieSecrets[0]);
-			}
-			const opts = {
-				...DEFAULT_COOKIE_OPTIONS,
-				...options
-			};
-			store.cookieJar.set(name, {
-				name,
-				value: storedValue,
-				options: opts
-			});
-			map.set(name, storedValue);
-		},
-		delete(name, options) {
-			assertMutable(store, "delete");
-			if (store.flushed) {
-				if (isDebug()) console.warn(`[timber] warn: cookies().delete('${name}') called after response headers were committed.\n  The cookie will NOT be deleted. Move cookie mutations to middleware.ts, a server action,\n  or a route.ts handler.`);
-				return;
-			}
-			const opts = {
-				...DEFAULT_COOKIE_OPTIONS,
-				...options,
-				maxAge: 0,
-				expires: /* @__PURE__ */ new Date(0)
-			};
-			store.cookieJar.set(name, {
-				name,
-				value: "",
-				options: opts
-			});
-			map.delete(name);
-		},
-		clear() {
-			assertMutable(store, "clear");
-			if (store.flushed) return;
-			for (const name of Array.from(map.keys())) store.cookieJar.set(name, {
-				name,
-				value: "",
-				options: {
-					...DEFAULT_COOKIE_OPTIONS,
-					maxAge: 0,
-					expires: /* @__PURE__ */ new Date(0)
-				}
-			});
-			map.clear();
-		},
-		toString() {
-			return Array.from(map.entries()).map(([name, value]) => `${name}=${value}`).join("; ");
-		}
-	};
-}
-function searchParams() {
-	const store = requestContextAls.getStore();
-	if (!store) throw new Error("[timber] searchParams() called outside of a request context. It can only be used in middleware, access checks, server components, and server actions.");
-	return store.searchParamsPromise;
-}
-/**
-* Replace the search params Promise for the current request with one that
-* resolves to the typed parsed result from the route's search-params.ts.
-* Called by the framework before rendering the page — not for app code.
-*/
-function setParsedSearchParams(parsed) {
-	const store = requestContextAls.getStore();
-	if (store) store.searchParamsPromise = Promise.resolve(parsed);
-}
-var DEFAULT_COOKIE_OPTIONS = {
-	path: "/",
-	httpOnly: true,
-	secure: true,
-	sameSite: "lax"
-};
-/**
-* Run a callback within a request context. Used by the pipeline to establish
-* per-request ALS scope so that `headers()` and `cookies()` work.
-*
-* @param req - The incoming Request object.
-* @param fn - The function to run within the request context.
-*/
-function runWithRequestContext(req, fn) {
-	const originalCopy = new Headers(req.headers);
-	const store = {
-		headers: freezeHeaders(req.headers),
-		originalHeaders: originalCopy,
-		cookieHeader: req.headers.get("cookie") ?? "",
-		searchParamsPromise: Promise.resolve(new URL(req.url).searchParams),
-		cookieJar: /* @__PURE__ */ new Map(),
-		flushed: false,
-		mutableContext: false
-	};
-	return requestContextAls.run(store, fn);
-}
-/**
-* Enable cookie mutation for the current context. Called by the framework
-* when entering middleware.ts, server actions, or route.ts handlers.
-*
-* See design/29-cookies.md §"Context Tracking"
-*/
-function setMutableCookieContext(mutable) {
-	const store = requestContextAls.getStore();
-	if (store) store.mutableContext = mutable;
-}
-/**
-* Mark the response as flushed (headers committed). After this point,
-* cookie mutations log a warning instead of throwing.
-*
-* See design/29-cookies.md §"Streaming Constraint: Post-Flush Cookie Warning"
-*/
-function markResponseFlushed() {
-	const store = requestContextAls.getStore();
-	if (store) store.flushed = true;
-}
-/**
-* Collect all Set-Cookie headers from the cookie jar.
-* Called by the framework at flush time to apply cookies to the response.
-*
-* Returns an array of serialized Set-Cookie header values.
-*/
-function getSetCookieHeaders() {
-	const store = requestContextAls.getStore();
-	if (!store) return [];
-	return Array.from(store.cookieJar.values()).map(serializeCookieEntry);
-}
-/**
-* Apply middleware-injected request headers to the current request context.
-*
-* Called by the pipeline after middleware.ts runs. Merges overlay headers
-* on top of the original request headers so downstream code (access.ts,
-* server components, server actions) sees them via `headers()`.
-*
-* The original request headers are never mutated — a new frozen Headers
-* object is created with the overlay applied on top.
-*
-* See design/07-routing.md §"Request Header Injection"
-*/
-function applyRequestHeaderOverlay(overlay) {
-	const store = requestContextAls.getStore();
-	if (!store) throw new Error("[timber] applyRequestHeaderOverlay() called outside of a request context.");
-	let hasOverlay = false;
-	overlay.forEach(() => {
-		hasOverlay = true;
-	});
-	if (!hasOverlay) return;
-	const merged = new Headers(store.originalHeaders);
-	overlay.forEach((value, key) => {
-		merged.set(key, value);
-	});
-	store.headers = freezeHeaders(merged);
-}
-var MUTATING_METHODS = new Set([
-	"set",
-	"append",
-	"delete"
-]);
-/**
-* Wrap a Headers object in a Proxy that throws on mutating methods.
-* Object.freeze doesn't work on Headers (native internal slots), so we
-* intercept property access and reject set/append/delete at runtime.
-*
-* Read methods (get, has, entries, etc.) must be bound to the underlying
-* Headers instance because they access private #headersList slots.
-*/
-function freezeHeaders(source) {
-	const copy = new Headers(source);
-	return new Proxy(copy, { get(target, prop) {
-		if (typeof prop === "string" && MUTATING_METHODS.has(prop)) return () => {
-			throw new Error(`[timber] headers() returns a read-only Headers object. Calling .${prop}() is not allowed. Use ctx.requestHeaders in middleware to inject headers for downstream components.`);
-		};
-		const value = Reflect.get(target, prop);
-		if (typeof value === "function") return value.bind(target);
-		return value;
-	} });
-}
-/** Throw if cookie mutation is attempted in a read-only context. */
-function assertMutable(store, method) {
-	if (!store.mutableContext) throw new Error(`[timber] cookies().${method}() cannot be called in this context.\n  Set cookies in middleware.ts, server actions, or route.ts handlers.`);
-}
-/**
-* Parse a Cookie header string into a Map of name → value pairs.
-* Follows RFC 6265 §4.2.1: cookies are semicolon-separated key=value pairs.
-*/
-function parseCookieHeader(header) {
-	const map = /* @__PURE__ */ new Map();
-	if (!header) return map;
-	for (const pair of header.split(";")) {
-		const eqIndex = pair.indexOf("=");
-		if (eqIndex === -1) continue;
-		const name = pair.slice(0, eqIndex).trim();
-		const value = pair.slice(eqIndex + 1).trim();
-		if (name) map.set(name, value);
-	}
-	return map;
-}
-/**
-* Sign a cookie value with HMAC-SHA256.
-* Returns `value.hex_signature`.
-*/
-function signCookieValue(value, secret) {
-	return `${value}.${createHmac("sha256", secret).update(value).digest("hex")}`;
-}
-/**
-* Verify a signed cookie value against an array of secrets.
-* Returns the original value if any secret produces a matching signature,
-* or undefined if none match. Uses timing-safe comparison.
-*
-* The signed format is `value.hex_signature` — split at the last `.`.
-*/
-function verifySignedCookie(raw, secrets) {
-	const lastDot = raw.lastIndexOf(".");
-	if (lastDot <= 0 || lastDot === raw.length - 1) return void 0;
-	const value = raw.slice(0, lastDot);
-	const signature = raw.slice(lastDot + 1);
-	if (signature.length !== 64) return void 0;
-	const signatureBuffer = Buffer.from(signature, "hex");
-	if (signatureBuffer.length !== 32) return void 0;
-	for (const secret of secrets) if (timingSafeEqual(createHmac("sha256", secret).update(value).digest(), signatureBuffer)) return value;
-}
-/** Serialize a CookieEntry into a Set-Cookie header value. */
-function serializeCookieEntry(entry) {
-	const parts = [`${entry.name}=${entry.value}`];
-	const opts = entry.options;
-	if (opts.domain) parts.push(`Domain=${opts.domain}`);
-	if (opts.path) parts.push(`Path=${opts.path}`);
-	if (opts.expires) parts.push(`Expires=${opts.expires.toUTCString()}`);
-	if (opts.maxAge !== void 0) parts.push(`Max-Age=${opts.maxAge}`);
-	if (opts.httpOnly) parts.push("HttpOnly");
-	if (opts.secure) parts.push("Secure");
-	if (opts.sameSite) parts.push(`SameSite=${opts.sameSite.charAt(0).toUpperCase()}${opts.sameSite.slice(1)}`);
-	if (opts.partitioned) parts.push("Partitioned");
-	return parts.join("; ");
-}
-//#endregion
-export { markResponseFlushed as a, setCookieSecrets as c, headers as i, setMutableCookieContext as l, cookies as n, runWithRequestContext as o, getSetCookieHeaders as r, searchParams as s, applyRequestHeaderOverlay as t, setParsedSearchParams as u };
-//# sourceMappingURL=request-context-DIkVh_jG.js.map

package/dist/_chunks/request-context-DIkVh_jG.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"request-context-DIkVh_jG.js","names":[],"sources":["../../src/server/request-context.ts"],"sourcesContent":["/**\n * Request Context — per-request ALS store for headers() and cookies().\n *\n * Follows the same pattern as tracing.ts: a module-level AsyncLocalStorage\n * instance, public accessor functions that throw outside request scope,\n * and a framework-internal `runWithRequestContext()` to establish scope.\n *\n * See design/04-authorization.md §\"AccessContext does not include cookies or headers\"\n * and design/11-platform.md §\"AsyncLocalStorage\".\n * See design/29-cookies.md for cookie mutation semantics.\n */\n\nimport { createHmac, timingSafeEqual } from 'node:crypto';\nimport type { Routes } from '#/index.js';\nimport { requestContextAls, type RequestContextStore, type CookieEntry } from './als-registry.js';\nimport { isDebug } from './debug.js';\n\n// Re-export the ALS for framework-internal consumers that need direct access.\nexport { requestContextAls };\n\n// No fallback needed — we use enterWith() instead of run() to ensure\n// the ALS context persists for the entire request lifecycle including\n// async stream consumption by React's renderToReadableStream.\n\n// ─── Cookie Signing Secrets ──────────────────────────────────────────────\n\n/**\n * Module-level cookie signing secrets. Index 0 is the newest (used for signing).\n * All entries are tried for verification (key rotation support).\n *\n * Set by the framework at startup via `setCookieSecrets()`.\n * See design/29-cookies.md §\"Signed Cookies\"\n */\nlet _cookieSecrets: string[] = [];\n\n/**\n * Configure the cookie signing secrets.\n *\n * Called by the framework during server initialization with values from\n * `cookies.secret` or `cookies.secrets` in timber.config.ts.\n *\n * The first secret (index 0) is used for signing new cookies.\n * All secrets are tried for verification (supports key rotation).\n */\nexport function setCookieSecrets(secrets: string[]): void {\n _cookieSecrets = secrets.filter(Boolean);\n}\n\n// ─── Public API ───────────────────────────────────────────────────────────\n\n/**\n * Returns a read-only view of the current request's headers.\n *\n * Available in middleware, access checks, server components, and server actions.\n * Throws if called outside a request context (security principle #2: no global fallback).\n */\nexport function headers(): ReadonlyHeaders {\n const store = requestContextAls.getStore();\n if (!store) {\n throw new Error(\n '[timber] headers() called outside of a request context. ' +\n 'It can only be used in middleware, access checks, server components, and server actions.'\n );\n }\n return store.headers;\n}\n\n/**\n * Returns a cookie accessor for the current request.\n *\n * Available in middleware, access checks, server components, and server actions.\n * Throws if called outside a request context (security principle #2: no global fallback).\n *\n * Read methods (.get, .has, .getAll) are always available and reflect\n * read-your-own-writes from .set() calls in the same request.\n *\n * Mutation methods (.set, .delete, .clear) are only available in mutable\n * contexts (middleware.ts, server actions, route.ts handlers). Calling them\n * in read-only contexts (access.ts, server components) throws.\n *\n * See design/29-cookies.md\n */\nexport function cookies(): RequestCookies {\n const store = requestContextAls.getStore();\n if (!store) {\n throw new Error(\n '[timber] cookies() called outside of a request context. ' +\n 'It can only be used in middleware, access checks, server components, and server actions.'\n );\n }\n\n // Parse cookies lazily on first access\n if (!store.parsedCookies) {\n store.parsedCookies = parseCookieHeader(store.cookieHeader);\n }\n\n const map = store.parsedCookies;\n return {\n get(name: string): string | undefined {\n return map.get(name);\n },\n has(name: string): boolean {\n return map.has(name);\n },\n getAll(): Array<{ name: string; value: string }> {\n return Array.from(map.entries()).map(([name, value]) => ({ name, value }));\n },\n get size(): number {\n return map.size;\n },\n\n getSigned(name: string): string | undefined {\n const raw = map.get(name);\n if (!raw || _cookieSecrets.length === 0) return undefined;\n return verifySignedCookie(raw, _cookieSecrets);\n },\n\n set(name: string, value: string, options?: CookieOptions): void {\n assertMutable(store, 'set');\n if (store.flushed) {\n if (isDebug()) {\n console.warn(\n `[timber] warn: cookies().set('${name}') called after response headers were committed.\\n` +\n ` The cookie will NOT be sent. Move cookie mutations to middleware.ts, a server action,\\n` +\n ` or a route.ts handler.`\n );\n }\n return;\n }\n let storedValue = value;\n if (options?.signed) {\n if (_cookieSecrets.length === 0) {\n throw new Error(\n `[timber] cookies().set('${name}', ..., { signed: true }) requires ` +\n `cookies.secret or cookies.secrets in timber.config.ts.`\n );\n }\n storedValue = signCookieValue(value, _cookieSecrets[0]);\n }\n const opts = { ...DEFAULT_COOKIE_OPTIONS, ...options };\n store.cookieJar.set(name, { name, value: storedValue, options: opts });\n // Read-your-own-writes: update the parsed cookies map with the signed value\n // so getSigned() can verify it in the same request\n map.set(name, storedValue);\n },\n\n delete(name: string, options?: Pick<CookieOptions, 'path' | 'domain'>): void {\n assertMutable(store, 'delete');\n if (store.flushed) {\n if (isDebug()) {\n console.warn(\n `[timber] warn: cookies().delete('${name}') called after response headers were committed.\\n` +\n ` The cookie will NOT be deleted. Move cookie mutations to middleware.ts, a server action,\\n` +\n ` or a route.ts handler.`\n );\n }\n return;\n }\n const opts: CookieOptions = {\n ...DEFAULT_COOKIE_OPTIONS,\n ...options,\n maxAge: 0,\n expires: new Date(0),\n };\n store.cookieJar.set(name, { name, value: '', options: opts });\n // Remove from read view\n map.delete(name);\n },\n\n clear(): void {\n assertMutable(store, 'clear');\n if (store.flushed) return;\n // Delete every incoming cookie\n for (const name of Array.from(map.keys())) {\n store.cookieJar.set(name, {\n name,\n value: '',\n options: { ...DEFAULT_COOKIE_OPTIONS, maxAge: 0, expires: new Date(0) },\n });\n }\n map.clear();\n },\n\n toString(): string {\n return Array.from(map.entries())\n .map(([name, value]) => `${name}=${value}`)\n .join('; ');\n },\n };\n}\n\n/**\n * Returns a Promise resolving to the current request's search params.\n *\n * In `page.tsx`, `middleware.ts`, and `access.ts` the framework pre-parses the\n * route's `search-params.ts` definition and the Promise resolves to the typed\n * object. In all other server component contexts it resolves to raw\n * `URLSearchParams`.\n *\n * Returned as a Promise to match the `params` prop convention and to allow\n * future partial pre-rendering support where param resolution may be deferred.\n *\n * Throws if called outside a request context.\n */\nexport function searchParams<R extends keyof Routes>(): Promise<Routes[R]['searchParams']>;\nexport function searchParams(): Promise<URLSearchParams | Record<string, unknown>>;\nexport function searchParams(): Promise<URLSearchParams | Record<string, unknown>> {\n const store = requestContextAls.getStore();\n if (!store) {\n throw new Error(\n '[timber] searchParams() called outside of a request context. ' +\n 'It can only be used in middleware, access checks, server components, and server actions.'\n );\n }\n return store.searchParamsPromise;\n}\n\n/**\n * Replace the search params Promise for the current request with one that\n * resolves to the typed parsed result from the route's search-params.ts.\n * Called by the framework before rendering the page — not for app code.\n */\nexport function setParsedSearchParams(parsed: Record<string, unknown>): void {\n const store = requestContextAls.getStore();\n if (store) {\n store.searchParamsPromise = Promise.resolve(parsed);\n }\n}\n\n// ─── Types ────────────────────────────────────────────────────────────────\n\n/**\n * Read-only Headers interface. The standard Headers class is mutable;\n * this type narrows it to read-only methods. The underlying object is\n * still a Headers instance, but user code should not mutate it.\n */\nexport type ReadonlyHeaders = Pick<\n Headers,\n 'get' | 'has' | 'entries' | 'keys' | 'values' | 'forEach' | typeof Symbol.iterator\n>;\n\n/** Options for setting a cookie. See design/29-cookies.md. */\nexport interface CookieOptions {\n /** Domain scope. Default: omitted (current domain only). */\n domain?: string;\n /** URL path scope. Default: '/'. */\n path?: string;\n /** Expiration date. Mutually exclusive with maxAge. */\n expires?: Date;\n /** Max age in seconds. Mutually exclusive with expires. */\n maxAge?: number;\n /** Prevent client-side JS access. Default: true. */\n httpOnly?: boolean;\n /** Only send over HTTPS. Default: true. */\n secure?: boolean;\n /** Cross-site request policy. Default: 'lax'. */\n sameSite?: 'strict' | 'lax' | 'none';\n /** Partitioned (CHIPS) — isolate cookie per top-level site. Default: false. */\n partitioned?: boolean;\n /**\n * Sign the cookie value with HMAC-SHA256 for integrity verification.\n * Requires `cookies.secret` or `cookies.secrets` in timber.config.ts.\n * See design/29-cookies.md §\"Signed Cookies\".\n */\n signed?: boolean;\n}\n\nconst DEFAULT_COOKIE_OPTIONS: CookieOptions = {\n path: '/',\n httpOnly: true,\n secure: true,\n sameSite: 'lax',\n};\n\n/**\n * Cookie accessor returned by `cookies()`.\n *\n * Read methods are always available. Mutation methods throw in read-only\n * contexts (access.ts, server components).\n */\nexport interface RequestCookies {\n /** Get a cookie value by name. Returns undefined if not present. */\n get(name: string): string | undefined;\n /** Check if a cookie exists. */\n has(name: string): boolean;\n /** Get all cookies as an array of { name, value } pairs. */\n getAll(): Array<{ name: string; value: string }>;\n /** Number of cookies. */\n readonly size: number;\n /**\n * Get a signed cookie value, verifying its HMAC-SHA256 signature.\n * Returns undefined if the cookie is missing, the signature is invalid,\n * or no secrets are configured. Never throws.\n *\n * See design/29-cookies.md §\"Signed Cookies\"\n */\n getSigned(name: string): string | undefined;\n /** Set a cookie. Only available in mutable contexts (middleware, actions, route handlers). */\n set(name: string, value: string, options?: CookieOptions): void;\n /** Delete a cookie. Only available in mutable contexts. */\n delete(name: string, options?: Pick<CookieOptions, 'path' | 'domain'>): void;\n /** Delete all cookies. Only available in mutable contexts. */\n clear(): void;\n /** Serialize cookies as a Cookie header string. */\n toString(): string;\n}\n\n// ─── Framework-Internal Helpers ───────────────────────────────────────────\n\n/**\n * Run a callback within a request context. Used by the pipeline to establish\n * per-request ALS scope so that `headers()` and `cookies()` work.\n *\n * @param req - The incoming Request object.\n * @param fn - The function to run within the request context.\n */\nexport function runWithRequestContext<T>(req: Request, fn: () => T): T {\n const originalCopy = new Headers(req.headers);\n const store: RequestContextStore = {\n headers: freezeHeaders(req.headers),\n originalHeaders: originalCopy,\n cookieHeader: req.headers.get('cookie') ?? '',\n searchParamsPromise: Promise.resolve(new URL(req.url).searchParams),\n cookieJar: new Map(),\n flushed: false,\n mutableContext: false,\n };\n return requestContextAls.run(store, fn);\n}\n\n/**\n * Enable cookie mutation for the current context. Called by the framework\n * when entering middleware.ts, server actions, or route.ts handlers.\n *\n * See design/29-cookies.md §\"Context Tracking\"\n */\nexport function setMutableCookieContext(mutable: boolean): void {\n const store = requestContextAls.getStore();\n if (store) {\n store.mutableContext = mutable;\n }\n}\n\n/**\n * Mark the response as flushed (headers committed). After this point,\n * cookie mutations log a warning instead of throwing.\n *\n * See design/29-cookies.md §\"Streaming Constraint: Post-Flush Cookie Warning\"\n */\nexport function markResponseFlushed(): void {\n const store = requestContextAls.getStore();\n if (store) {\n store.flushed = true;\n }\n}\n\n/**\n * Collect all Set-Cookie headers from the cookie jar.\n * Called by the framework at flush time to apply cookies to the response.\n *\n * Returns an array of serialized Set-Cookie header values.\n */\nexport function getSetCookieHeaders(): string[] {\n const store = requestContextAls.getStore();\n if (!store) return [];\n return Array.from(store.cookieJar.values()).map(serializeCookieEntry);\n}\n\n/**\n * Apply middleware-injected request headers to the current request context.\n *\n * Called by the pipeline after middleware.ts runs. Merges overlay headers\n * on top of the original request headers so downstream code (access.ts,\n * server components, server actions) sees them via `headers()`.\n *\n * The original request headers are never mutated — a new frozen Headers\n * object is created with the overlay applied on top.\n *\n * See design/07-routing.md §\"Request Header Injection\"\n */\nexport function applyRequestHeaderOverlay(overlay: Headers): void {\n const store = requestContextAls.getStore();\n if (!store) {\n throw new Error('[timber] applyRequestHeaderOverlay() called outside of a request context.');\n }\n\n // Check if the overlay has any headers — skip if empty\n let hasOverlay = false;\n overlay.forEach(() => {\n hasOverlay = true;\n });\n if (!hasOverlay) return;\n\n // Merge: start with original headers, overlay on top\n const merged = new Headers(store.originalHeaders);\n overlay.forEach((value, key) => {\n merged.set(key, value);\n });\n store.headers = freezeHeaders(merged);\n}\n\n// ─── Read-Only Headers ────────────────────────────────────────────────────\n\nconst MUTATING_METHODS = new Set(['set', 'append', 'delete']);\n\n/**\n * Wrap a Headers object in a Proxy that throws on mutating methods.\n * Object.freeze doesn't work on Headers (native internal slots), so we\n * intercept property access and reject set/append/delete at runtime.\n *\n * Read methods (get, has, entries, etc.) must be bound to the underlying\n * Headers instance because they access private #headersList slots.\n */\nfunction freezeHeaders(source: Headers): Headers {\n const copy = new Headers(source);\n return new Proxy(copy, {\n get(target, prop) {\n if (typeof prop === 'string' && MUTATING_METHODS.has(prop)) {\n return () => {\n throw new Error(\n `[timber] headers() returns a read-only Headers object. ` +\n `Calling .${prop}() is not allowed. ` +\n `Use ctx.requestHeaders in middleware to inject headers for downstream components.`\n );\n };\n }\n const value = Reflect.get(target, prop);\n // Bind methods to the real Headers instance so private slot access works\n if (typeof value === 'function') {\n return value.bind(target);\n }\n return value;\n },\n });\n}\n\n// ─── Cookie Helpers ───────────────────────────────────────────────────────\n\n/** Throw if cookie mutation is attempted in a read-only context. */\nfunction assertMutable(store: RequestContextStore, method: string): void {\n if (!store.mutableContext) {\n throw new Error(\n `[timber] cookies().${method}() cannot be called in this context.\\n` +\n ` Set cookies in middleware.ts, server actions, or route.ts handlers.`\n );\n }\n}\n\n/**\n * Parse a Cookie header string into a Map of name → value pairs.\n * Follows RFC 6265 §4.2.1: cookies are semicolon-separated key=value pairs.\n */\nfunction parseCookieHeader(header: string): Map<string, string> {\n const map = new Map<string, string>();\n if (!header) return map;\n\n for (const pair of header.split(';')) {\n const eqIndex = pair.indexOf('=');\n if (eqIndex === -1) continue;\n const name = pair.slice(0, eqIndex).trim();\n const value = pair.slice(eqIndex + 1).trim();\n if (name) {\n map.set(name, value);\n }\n }\n\n return map;\n}\n\n// ─── Cookie Signing ──────────────────────────────────────────────────────\n\n/**\n * Sign a cookie value with HMAC-SHA256.\n * Returns `value.hex_signature`.\n */\nfunction signCookieValue(value: string, secret: string): string {\n const signature = createHmac('sha256', secret).update(value).digest('hex');\n return `${value}.${signature}`;\n}\n\n/**\n * Verify a signed cookie value against an array of secrets.\n * Returns the original value if any secret produces a matching signature,\n * or undefined if none match. Uses timing-safe comparison.\n *\n * The signed format is `value.hex_signature` — split at the last `.`.\n */\nfunction verifySignedCookie(raw: string, secrets: string[]): string | undefined {\n const lastDot = raw.lastIndexOf('.');\n if (lastDot <= 0 || lastDot === raw.length - 1) return undefined;\n\n const value = raw.slice(0, lastDot);\n const signature = raw.slice(lastDot + 1);\n\n // Hex-encoded SHA-256 is always 64 chars\n if (signature.length !== 64) return undefined;\n\n const signatureBuffer = Buffer.from(signature, 'hex');\n // If the hex decode produced fewer bytes, the signature was not valid hex\n if (signatureBuffer.length !== 32) return undefined;\n\n for (const secret of secrets) {\n const expected = createHmac('sha256', secret).update(value).digest();\n if (timingSafeEqual(expected, signatureBuffer)) {\n return value;\n }\n }\n return undefined;\n}\n\n/** Serialize a CookieEntry into a Set-Cookie header value. */\nfunction serializeCookieEntry(entry: CookieEntry): string {\n const parts = [`${entry.name}=${entry.value}`];\n const opts = entry.options;\n\n if (opts.domain) parts.push(`Domain=${opts.domain}`);\n if (opts.path) parts.push(`Path=${opts.path}`);\n if (opts.expires) parts.push(`Expires=${opts.expires.toUTCString()}`);\n if (opts.maxAge !== undefined) parts.push(`Max-Age=${opts.maxAge}`);\n if (opts.httpOnly) parts.push('HttpOnly');\n if (opts.secure) parts.push('Secure');\n if (opts.sameSite) {\n parts.push(`SameSite=${opts.sameSite.charAt(0).toUpperCase()}${opts.sameSite.slice(1)}`);\n }\n if (opts.partitioned) parts.push('Partitioned');\n\n return parts.join('; ');\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAiCA,IAAI,iBAA2B,EAAE;;;;;;;;;;AAWjC,SAAgB,iBAAiB,SAAyB;AACxD,kBAAiB,QAAQ,OAAO,QAAQ;;;;;;;;AAW1C,SAAgB,UAA2B;CACzC,MAAM,QAAQ,kBAAkB,UAAU;AAC1C,KAAI,CAAC,MACH,OAAM,IAAI,MACR,mJAED;AAEH,QAAO,MAAM;;;;;;;;;;;;;;;;;AAkBf,SAAgB,UAA0B;CACxC,MAAM,QAAQ,kBAAkB,UAAU;AAC1C,KAAI,CAAC,MACH,OAAM,IAAI,MACR,mJAED;AAIH,KAAI,CAAC,MAAM,cACT,OAAM,gBAAgB,kBAAkB,MAAM,aAAa;CAG7D,MAAM,MAAM,MAAM;AAClB,QAAO;EACL,IAAI,MAAkC;AACpC,UAAO,IAAI,IAAI,KAAK;;EAEtB,IAAI,MAAuB;AACzB,UAAO,IAAI,IAAI,KAAK;;EAEtB,SAAiD;AAC/C,UAAO,MAAM,KAAK,IAAI,SAAS,CAAC,CAAC,KAAK,CAAC,MAAM,YAAY;IAAE;IAAM;IAAO,EAAE;;EAE5E,IAAI,OAAe;AACjB,UAAO,IAAI;;EAGb,UAAU,MAAkC;GAC1C,MAAM,MAAM,IAAI,IAAI,KAAK;AACzB,OAAI,CAAC,OAAO,eAAe,WAAW,EAAG,QAAO,KAAA;AAChD,UAAO,mBAAmB,KAAK,eAAe;;EAGhD,IAAI,MAAc,OAAe,SAA+B;AAC9D,iBAAc,OAAO,MAAM;AAC3B,OAAI,MAAM,SAAS;AACjB,QAAI,SAAS,CACX,SAAQ,KACN,iCAAiC,KAAK,qKAGvC;AAEH;;GAEF,IAAI,cAAc;AAClB,OAAI,SAAS,QAAQ;AACnB,QAAI,eAAe,WAAW,EAC5B,OAAM,IAAI,MACR,2BAA2B,KAAK,2FAEjC;AAEH,kBAAc,gBAAgB,OAAO,eAAe,GAAG;;GAEzD,MAAM,OAAO;IAAE,GAAG;IAAwB,GAAG;IAAS;AACtD,SAAM,UAAU,IAAI,MAAM;IAAE;IAAM,OAAO;IAAa,SAAS;IAAM,CAAC;AAGtE,OAAI,IAAI,MAAM,YAAY;;EAG5B,OAAO,MAAc,SAAwD;AAC3E,iBAAc,OAAO,SAAS;AAC9B,OAAI,MAAM,SAAS;AACjB,QAAI,SAAS,CACX,SAAQ,KACN,oCAAoC,KAAK,wKAG1C;AAEH;;GAEF,MAAM,OAAsB;IAC1B,GAAG;IACH,GAAG;IACH,QAAQ;IACR,yBAAS,IAAI,KAAK,EAAE;IACrB;AACD,SAAM,UAAU,IAAI,MAAM;IAAE;IAAM,OAAO;IAAI,SAAS;IAAM,CAAC;AAE7D,OAAI,OAAO,KAAK;;EAGlB,QAAc;AACZ,iBAAc,OAAO,QAAQ;AAC7B,OAAI,MAAM,QAAS;AAEnB,QAAK,MAAM,QAAQ,MAAM,KAAK,IAAI,MAAM,CAAC,CACvC,OAAM,UAAU,IAAI,MAAM;IACxB;IACA,OAAO;IACP,SAAS;KAAE,GAAG;KAAwB,QAAQ;KAAG,yBAAS,IAAI,KAAK,EAAE;KAAE;IACxE,CAAC;AAEJ,OAAI,OAAO;;EAGb,WAAmB;AACjB,UAAO,MAAM,KAAK,IAAI,SAAS,CAAC,CAC7B,KAAK,CAAC,MAAM,WAAW,GAAG,KAAK,GAAG,QAAQ,CAC1C,KAAK,KAAK;;EAEhB;;AAkBH,SAAgB,eAAmE;CACjF,MAAM,QAAQ,kBAAkB,UAAU;AAC1C,KAAI,CAAC,MACH,OAAM,IAAI,MACR,wJAED;AAEH,QAAO,MAAM;;;;;;;AAQf,SAAgB,sBAAsB,QAAuC;CAC3E,MAAM,QAAQ,kBAAkB,UAAU;AAC1C,KAAI,MACF,OAAM,sBAAsB,QAAQ,QAAQ,OAAO;;AA0CvD,IAAM,yBAAwC;CAC5C,MAAM;CACN,UAAU;CACV,QAAQ;CACR,UAAU;CACX;;;;;;;;AA4CD,SAAgB,sBAAyB,KAAc,IAAgB;CACrE,MAAM,eAAe,IAAI,QAAQ,IAAI,QAAQ;CAC7C,MAAM,QAA6B;EACjC,SAAS,cAAc,IAAI,QAAQ;EACnC,iBAAiB;EACjB,cAAc,IAAI,QAAQ,IAAI,SAAS,IAAI;EAC3C,qBAAqB,QAAQ,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,aAAa;EACnE,2BAAW,IAAI,KAAK;EACpB,SAAS;EACT,gBAAgB;EACjB;AACD,QAAO,kBAAkB,IAAI,OAAO,GAAG;;;;;;;;AASzC,SAAgB,wBAAwB,SAAwB;CAC9D,MAAM,QAAQ,kBAAkB,UAAU;AAC1C,KAAI,MACF,OAAM,iBAAiB;;;;;;;;AAU3B,SAAgB,sBAA4B;CAC1C,MAAM,QAAQ,kBAAkB,UAAU;AAC1C,KAAI,MACF,OAAM,UAAU;;;;;;;;AAUpB,SAAgB,sBAAgC;CAC9C,MAAM,QAAQ,kBAAkB,UAAU;AAC1C,KAAI,CAAC,MAAO,QAAO,EAAE;AACrB,QAAO,MAAM,KAAK,MAAM,UAAU,QAAQ,CAAC,CAAC,IAAI,qBAAqB;;;;;;;;;;;;;;AAevE,SAAgB,0BAA0B,SAAwB;CAChE,MAAM,QAAQ,kBAAkB,UAAU;AAC1C,KAAI,CAAC,MACH,OAAM,IAAI,MAAM,4EAA4E;CAI9F,IAAI,aAAa;AACjB,SAAQ,cAAc;AACpB,eAAa;GACb;AACF,KAAI,CAAC,WAAY;CAGjB,MAAM,SAAS,IAAI,QAAQ,MAAM,gBAAgB;AACjD,SAAQ,SAAS,OAAO,QAAQ;AAC9B,SAAO,IAAI,KAAK,MAAM;GACtB;AACF,OAAM,UAAU,cAAc,OAAO;;AAKvC,IAAM,mBAAmB,IAAI,IAAI;CAAC;CAAO;CAAU;CAAS,CAAC;;;;;;;;;AAU7D,SAAS,cAAc,QAA0B;CAC/C,MAAM,OAAO,IAAI,QAAQ,OAAO;AAChC,QAAO,IAAI,MAAM,MAAM,EACrB,IAAI,QAAQ,MAAM;AAChB,MAAI,OAAO,SAAS,YAAY,iBAAiB,IAAI,KAAK,CACxD,cAAa;AACX,SAAM,IAAI,MACR,mEACc,KAAK,sGAEpB;;EAGL,MAAM,QAAQ,QAAQ,IAAI,QAAQ,KAAK;AAEvC,MAAI,OAAO,UAAU,WACnB,QAAO,MAAM,KAAK,OAAO;AAE3B,SAAO;IAEV,CAAC;;;AAMJ,SAAS,cAAc,OAA4B,QAAsB;AACvE,KAAI,CAAC,MAAM,eACT,OAAM,IAAI,MACR,sBAAsB,OAAO,6GAE9B;;;;;;AAQL,SAAS,kBAAkB,QAAqC;CAC9D,MAAM,sBAAM,IAAI,KAAqB;AACrC,KAAI,CAAC,OAAQ,QAAO;AAEpB,MAAK,MAAM,QAAQ,OAAO,MAAM,IAAI,EAAE;EACpC,MAAM,UAAU,KAAK,QAAQ,IAAI;AACjC,MAAI,YAAY,GAAI;EACpB,MAAM,OAAO,KAAK,MAAM,GAAG,QAAQ,CAAC,MAAM;EAC1C,MAAM,QAAQ,KAAK,MAAM,UAAU,EAAE,CAAC,MAAM;AAC5C,MAAI,KACF,KAAI,IAAI,MAAM,MAAM;;AAIxB,QAAO;;;;;;AAST,SAAS,gBAAgB,OAAe,QAAwB;AAE9D,QAAO,GAAG,MAAM,GADE,WAAW,UAAU,OAAO,CAAC,OAAO,MAAM,CAAC,OAAO,MAAM;;;;;;;;;AAW5E,SAAS,mBAAmB,KAAa,SAAuC;CAC9E,MAAM,UAAU,IAAI,YAAY,IAAI;AACpC,KAAI,WAAW,KAAK,YAAY,IAAI,SAAS,EAAG,QAAO,KAAA;CAEvD,MAAM,QAAQ,IAAI,MAAM,GAAG,QAAQ;CACnC,MAAM,YAAY,IAAI,MAAM,UAAU,EAAE;AAGxC,KAAI,UAAU,WAAW,GAAI,QAAO,KAAA;CAEpC,MAAM,kBAAkB,OAAO,KAAK,WAAW,MAAM;AAErD,KAAI,gBAAgB,WAAW,GAAI,QAAO,KAAA;AAE1C,MAAK,MAAM,UAAU,QAEnB,KAAI,gBADa,WAAW,UAAU,OAAO,CAAC,OAAO,MAAM,CAAC,QAAQ,EACtC,gBAAgB,CAC5C,QAAO;;;AAOb,SAAS,qBAAqB,OAA4B;CACxD,MAAM,QAAQ,CAAC,GAAG,MAAM,KAAK,GAAG,MAAM,QAAQ;CAC9C,MAAM,OAAO,MAAM;AAEnB,KAAI,KAAK,OAAQ,OAAM,KAAK,UAAU,KAAK,SAAS;AACpD,KAAI,KAAK,KAAM,OAAM,KAAK,QAAQ,KAAK,OAAO;AAC9C,KAAI,KAAK,QAAS,OAAM,KAAK,WAAW,KAAK,QAAQ,aAAa,GAAG;AACrE,KAAI,KAAK,WAAW,KAAA,EAAW,OAAM,KAAK,WAAW,KAAK,SAAS;AACnE,KAAI,KAAK,SAAU,OAAM,KAAK,WAAW;AACzC,KAAI,KAAK,OAAQ,OAAM,KAAK,SAAS;AACrC,KAAI,KAAK,SACP,OAAM,KAAK,YAAY,KAAK,SAAS,OAAO,EAAE,CAAC,aAAa,GAAG,KAAK,SAAS,MAAM,EAAE,GAAG;AAE1F,KAAI,KAAK,YAAa,OAAM,KAAK,cAAc;AAE/C,QAAO,MAAM,KAAK,KAAK"}

package/dist/_chunks/tracing-CemImE6h.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"tracing-CemImE6h.js","names":[],"sources":["../../src/server/tracing.ts"],"sourcesContent":["/**\n * Tracing — per-request trace ID via AsyncLocalStorage, OTEL span helpers.\n *\n * traceId() is always available in server code (middleware, access, components, actions).\n * Returns a 32-char lowercase hex string — the OTEL trace ID when an SDK is active,\n * or a crypto.randomUUID()-derived fallback otherwise.\n *\n * See design/17-logging.md §\"trace_id is Always Set\"\n */\n\nimport { randomUUID } from 'node:crypto';\nimport { traceAls, type TraceStore } from './als-registry.js';\n\n// Re-export the TraceStore type for public API consumers.\nexport type { TraceStore } from './als-registry.js';\n\n// ─── Public API ───────────────────────────────────────────────────────────\n\n/**\n * Returns the current request's trace ID — always a 32-char lowercase hex string.\n *\n * With OTEL: the real OTEL trace ID (matches Jaeger/Honeycomb/Datadog).\n * Without OTEL: crypto.randomUUID() with hyphens stripped.\n *\n * Throws if called outside a request context (no ALS store).\n */\nexport function traceId(): string {\n const store = traceAls.getStore();\n if (!store) {\n throw new Error(\n '[timber] traceId() called outside of a request context. ' +\n 'It can only be used in middleware, access checks, server components, and server actions.'\n );\n }\n return store.traceId;\n}\n\n/**\n * Returns the current OTEL span ID if available, undefined otherwise.\n */\nexport function spanId(): string | undefined {\n return traceAls.getStore()?.spanId;\n}\n\n// ─── Framework-Internal Helpers ───────────────────────────────────────────\n\n/**\n * Generate a 32-char lowercase hex ID from crypto.randomUUID().\n * Same format as OTEL trace IDs — zero-friction upgrade path.\n */\nexport function generateTraceId(): string {\n return randomUUID().replace(/-/g, '');\n}\n\n/**\n * Run a callback within a trace context. Used by the pipeline to establish\n * per-request ALS scope.\n */\nexport function runWithTraceId<T>(id: string, fn: () => T): T {\n return traceAls.run({ traceId: id }, fn);\n}\n\n/**\n * Replace the trace ID in the current ALS store. Used when OTEL creates\n * a root span and we want to switch from the UUID fallback to the real\n * OTEL trace ID.\n */\nexport function replaceTraceId(newTraceId: string, newSpanId?: string): void {\n const store = traceAls.getStore();\n if (store) {\n store.traceId = newTraceId;\n store.spanId = newSpanId;\n }\n}\n\n/**\n * Update the span ID in the current ALS store. Used when entering a new\n * OTEL span to keep log–trace correlation accurate.\n */\nexport function updateSpanId(newSpanId: string | undefined): void {\n const store = traceAls.getStore();\n if (store) {\n store.spanId = newSpanId;\n }\n}\n\n/**\n * Get the current trace store, or undefined if outside a request context.\n * Framework-internal — use traceId()/spanId() in user code.\n */\nexport function getTraceStore(): TraceStore | undefined {\n return traceAls.getStore();\n}\n\n// ─── Dev-Mode OTEL Auto-Init ─────────────────────────────────────────────\n\n/**\n * Initialize a minimal OTEL SDK in dev mode so spans are recorded and\n * fed to the DevSpanProcessor for dev log output.\n *\n * If the user already configured an OTEL SDK in register(), we add\n * our DevSpanProcessor alongside theirs. If no SDK is configured,\n * we create a BasicTracerProvider with our processor.\n *\n * Only called in dev mode — zero overhead in production.\n */\nexport async function initDevTracing(\n config: import('./dev-logger.js').DevLoggerConfig\n): Promise<void> {\n const api = await getOtelApi();\n if (!api) return;\n\n const { DevSpanProcessor } = await import('./dev-span-processor.js');\n const { BasicTracerProvider } = await import('@opentelemetry/sdk-trace-base');\n const { AsyncLocalStorageContextManager } = await import('@opentelemetry/context-async-hooks');\n const processor = new DevSpanProcessor(config);\n\n // Register a context manager so OTEL can propagate the active span\n // across async boundaries. Without this, startActiveSpan can't make\n // spans \"active\" — child spans get random trace IDs and getActiveSpan()\n // returns undefined.\n const contextManager = new AsyncLocalStorageContextManager();\n contextManager.enable();\n api.context.setGlobalContextManager(contextManager);\n\n // Create a minimal TracerProvider with our DevSpanProcessor.\n // If the user also configures an SDK in register(), their provider\n // will coexist — the global provider set last wins for new tracers,\n // but our processor captures all spans from the timber.js tracer.\n const provider = new BasicTracerProvider({\n spanProcessors: [processor],\n });\n api.trace.setGlobalTracerProvider(provider);\n\n // Reset cached tracer so next getTracer() picks up the new provider\n _tracer = undefined;\n}\n\n// ─── OTEL Span Helpers ───────────────────────────────────────────────────\n\n/**\n * Attempt to get the @opentelemetry/api tracer. Returns undefined if the\n * package is not installed or no SDK is registered.\n *\n * timber.js depends on @opentelemetry/api as the vendor-neutral interface.\n * The API is a no-op by default — spans are only emitted when the developer\n * initializes an SDK in register().\n */\nlet _otelApi: typeof import('@opentelemetry/api') | null | undefined;\n\nasync function getOtelApi(): Promise<typeof import('@opentelemetry/api') | null> {\n if (_otelApi === undefined) {\n try {\n _otelApi = await import('@opentelemetry/api');\n } catch {\n _otelApi = null;\n }\n }\n return _otelApi;\n}\n\n/** OTEL tracer instance, lazily created. */\nlet _tracer: import('@opentelemetry/api').Tracer | null | undefined;\n\n/**\n * Get the timber.js OTEL tracer. Returns null if @opentelemetry/api is not available.\n */\nexport async function getTracer(): Promise<import('@opentelemetry/api').Tracer | null> {\n if (_tracer === undefined) {\n const api = await getOtelApi();\n if (api) {\n _tracer = api.trace.getTracer('timber.js');\n } else {\n _tracer = null;\n }\n }\n return _tracer;\n}\n\n/**\n * Run a function within an OTEL span. If OTEL is not available, runs the function\n * directly without any span overhead.\n *\n * Automatically:\n * - Creates the span as a child of the current context\n * - Updates the ALS span ID for log–trace correlation\n * - Ends the span when the function completes\n * - Records exceptions on error\n */\nexport async function withSpan<T>(\n name: string,\n attributes: Record<string, string | number | boolean>,\n fn: () => T | Promise<T>\n): Promise<T> {\n const tracer = await getTracer();\n if (!tracer) {\n return fn();\n }\n\n const api = (await getOtelApi())!;\n return tracer.startActiveSpan(name, { attributes }, async (span) => {\n const prevSpanId = spanId();\n updateSpanId(span.spanContext().spanId);\n try {\n const result = await fn();\n span.setStatus({ code: api.SpanStatusCode.OK });\n return result;\n } catch (error) {\n span.setStatus({ code: api.SpanStatusCode.ERROR });\n if (error instanceof Error) {\n span.recordException(error);\n }\n throw error;\n } finally {\n span.end();\n updateSpanId(prevSpanId);\n }\n });\n}\n\n/**\n * Set an attribute on the current active span (if any).\n * Used for setting span attributes after span creation (e.g. timber.result on access spans).\n */\nexport async function setSpanAttribute(\n key: string,\n value: string | number | boolean\n): Promise<void> {\n const api = await getOtelApi();\n if (!api) return;\n\n const activeSpan = api.trace.getActiveSpan();\n if (activeSpan) {\n activeSpan.setAttribute(key, value);\n }\n}\n\n/**\n * Add a span event to the current active span (if any).\n * Used for timber.cache HIT/MISS events — recorded as span events, not child spans.\n */\nexport async function addSpanEvent(\n name: string,\n attributes?: Record<string, string | number | boolean>\n): Promise<void> {\n const api = await getOtelApi();\n if (!api) return;\n\n const activeSpan = api.trace.getActiveSpan();\n if (activeSpan) {\n activeSpan.addEvent(name, attributes);\n }\n}\n\n/**\n * Fire-and-forget span event — no await, no microtask overhead.\n *\n * Used on the cache hot path where awaiting addSpanEvent creates an\n * unnecessary microtask per cache operation. If OTEL is not loaded yet,\n * the event is silently dropped (acceptable for diagnostics).\n *\n * See TIM-370 for perf motivation.\n */\nexport function addSpanEventSync(\n name: string,\n attributes?: Record<string, string | number | boolean>\n): void {\n // Fast path: if OTEL API hasn't been loaded yet, skip entirely.\n // _otelApi is undefined (not yet loaded), null (failed to load), or the module.\n if (!_otelApi) return;\n\n const activeSpan = _otelApi.trace.getActiveSpan();\n if (activeSpan) {\n activeSpan.addEvent(name, attributes);\n }\n}\n\n/**\n * Try to extract the OTEL trace ID from the current active span context.\n * Returns undefined if OTEL is not active or no span exists.\n */\nexport async function getOtelTraceId(): Promise<{ traceId: string; spanId: string } | undefined> {\n const api = await getOtelApi();\n if (!api) return undefined;\n\n const activeSpan = api.trace.getActiveSpan();\n if (!activeSpan) return undefined;\n\n const ctx = activeSpan.spanContext();\n // OTEL uses \"0000000000000000\" as invalid trace IDs\n if (!ctx.traceId || ctx.traceId === '00000000000000000000000000000000') {\n return undefined;\n }\n\n return { traceId: ctx.traceId, spanId: ctx.spanId };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AA0BA,SAAgB,UAAkB;CAChC,MAAM,QAAQ,SAAS,UAAU;AACjC,KAAI,CAAC,MACH,OAAM,IAAI,MACR,mJAED;AAEH,QAAO,MAAM;;;;;AAMf,SAAgB,SAA6B;AAC3C,QAAO,SAAS,UAAU,EAAE;;;;;;AAS9B,SAAgB,kBAA0B;AACxC,QAAO,YAAY,CAAC,QAAQ,MAAM,GAAG;;;;;;AAOvC,SAAgB,eAAkB,IAAY,IAAgB;AAC5D,QAAO,SAAS,IAAI,EAAE,SAAS,IAAI,EAAE,GAAG;;;;;;;AAQ1C,SAAgB,eAAe,YAAoB,WAA0B;CAC3E,MAAM,QAAQ,SAAS,UAAU;AACjC,KAAI,OAAO;AACT,QAAM,UAAU;AAChB,QAAM,SAAS;;;;;;;AAQnB,SAAgB,aAAa,WAAqC;CAChE,MAAM,QAAQ,SAAS,UAAU;AACjC,KAAI,MACF,OAAM,SAAS;;;;;;AAQnB,SAAgB,gBAAwC;AACtD,QAAO,SAAS,UAAU;;;;;;;;;;AAyD5B,IAAI;AAEJ,eAAe,aAAkE;AAC/E,KAAI,aAAa,KAAA,EACf,KAAI;AACF,aAAW,MAAM,OAAO;SAClB;AACN,aAAW;;AAGf,QAAO;;;AAIT,IAAI;;;;AAKJ,eAAsB,YAAiE;AACrF,KAAI,YAAY,KAAA,GAAW;EACzB,MAAM,MAAM,MAAM,YAAY;AAC9B,MAAI,IACF,WAAU,IAAI,MAAM,UAAU,YAAY;MAE1C,WAAU;;AAGd,QAAO;;;;;;;;;;;;AAaT,eAAsB,SACpB,MACA,YACA,IACY;CACZ,MAAM,SAAS,MAAM,WAAW;AAChC,KAAI,CAAC,OACH,QAAO,IAAI;CAGb,MAAM,MAAO,MAAM,YAAY;AAC/B,QAAO,OAAO,gBAAgB,MAAM,EAAE,YAAY,EAAE,OAAO,SAAS;EAClE,MAAM,aAAa,QAAQ;AAC3B,eAAa,KAAK,aAAa,CAAC,OAAO;AACvC,MAAI;GACF,MAAM,SAAS,MAAM,IAAI;AACzB,QAAK,UAAU,EAAE,MAAM,IAAI,eAAe,IAAI,CAAC;AAC/C,UAAO;WACA,OAAO;AACd,QAAK,UAAU,EAAE,MAAM,IAAI,eAAe,OAAO,CAAC;AAClD,OAAI,iBAAiB,MACnB,MAAK,gBAAgB,MAAM;AAE7B,SAAM;YACE;AACR,QAAK,KAAK;AACV,gBAAa,WAAW;;GAE1B;;;;;;AAOJ,eAAsB,iBACpB,KACA,OACe;CACf,MAAM,MAAM,MAAM,YAAY;AAC9B,KAAI,CAAC,IAAK;CAEV,MAAM,aAAa,IAAI,MAAM,eAAe;AAC5C,KAAI,WACF,YAAW,aAAa,KAAK,MAAM;;;;;;AAQvC,eAAsB,aACpB,MACA,YACe;CACf,MAAM,MAAM,MAAM,YAAY;AAC9B,KAAI,CAAC,IAAK;CAEV,MAAM,aAAa,IAAI,MAAM,eAAe;AAC5C,KAAI,WACF,YAAW,SAAS,MAAM,WAAW;;;;;;;;;;;AAazC,SAAgB,iBACd,MACA,YACM;AAGN,KAAI,CAAC,SAAU;CAEf,MAAM,aAAa,SAAS,MAAM,eAAe;AACjD,KAAI,WACF,YAAW,SAAS,MAAM,WAAW;;;;;;AAQzC,eAAsB,iBAA2E;CAC/F,MAAM,MAAM,MAAM,YAAY;AAC9B,KAAI,CAAC,IAAK,QAAO,KAAA;CAEjB,MAAM,aAAa,IAAI,MAAM,eAAe;AAC5C,KAAI,CAAC,WAAY,QAAO,KAAA;CAExB,MAAM,MAAM,WAAW,aAAa;AAEpC,KAAI,CAAC,IAAI,WAAW,IAAI,YAAY,mCAClC;AAGF,QAAO;EAAE,SAAS,IAAI;EAAS,QAAQ,IAAI;EAAQ"}

package/dist/_chunks/use-cookie-DX-l1_5E.js DELETED Viewed

@@ -1,91 +0,0 @@
-import { n as getSsrData } from "./ssr-data-MjmprTmO.js";
-import { useSyncExternalStore } from "react";
-//#region src/client/use-cookie.ts
-/**
-* useCookie — reactive client-side cookie hook.
-*
-* Uses useSyncExternalStore for SSR-safe, reactive cookie access.
-* All components reading the same cookie name re-render on change.
-* No cross-tab sync (intentional — see design/29-cookies.md).
-*
-* See design/29-cookies.md §"useCookie(name) Hook"
-*/
-/** Per-name subscriber sets. */
-var listeners = /* @__PURE__ */ new Map();
-/** Parse a cookie name from document.cookie. */
-function getCookieValue(name) {
-	if (typeof document === "undefined") return void 0;
-	const match = document.cookie.match(new RegExp("(?:^|;\\s*)" + name.replace(/[.*+?^${}()|[\]\\]/g, "\\$&") + "\\s*=\\s*([^;]*)"));
-	return match ? decodeURIComponent(match[1]) : void 0;
-}
-/** Serialize options into a cookie string suffix. */
-function serializeOptions(options) {
-	if (!options) return "; Path=/; SameSite=Lax";
-	const parts = [];
-	parts.push(`Path=${options.path ?? "/"}`);
-	if (options.domain) parts.push(`Domain=${options.domain}`);
-	if (options.maxAge !== void 0) parts.push(`Max-Age=${options.maxAge}`);
-	if (options.expires) parts.push(`Expires=${options.expires.toUTCString()}`);
-	const sameSite = options.sameSite ?? "lax";
-	parts.push(`SameSite=${sameSite.charAt(0).toUpperCase()}${sameSite.slice(1)}`);
-	if (options.secure) parts.push("Secure");
-	return "; " + parts.join("; ");
-}
-/** Notify all subscribers for a given cookie name. */
-function notify(name) {
-	const subs = listeners.get(name);
-	if (subs) for (const fn of subs) fn();
-}
-/**
-* Reactive hook for reading/writing a client-side cookie.
-*
-* Returns `[value, setCookie, deleteCookie]`:
-* - `value`: current cookie value (string | undefined)
-* - `setCookie`: sets the cookie and triggers re-renders
-* - `deleteCookie`: deletes the cookie and triggers re-renders
-*
-* @param name - Cookie name.
-* @param defaultOptions - Default options for setCookie calls.
-*/
-function useCookie(name, defaultOptions) {
-	const subscribe = (callback) => {
-		let subs = listeners.get(name);
-		if (!subs) {
-			subs = /* @__PURE__ */ new Set();
-			listeners.set(name, subs);
-		}
-		subs.add(callback);
-		return () => {
-			subs.delete(callback);
-			if (subs.size === 0) listeners.delete(name);
-		};
-	};
-	const getSnapshot = () => getCookieValue(name);
-	const getServerSnapshot = () => getSsrData()?.cookies.get(name);
-	const value = useSyncExternalStore(subscribe, getSnapshot, getServerSnapshot);
-	const setCookie = (newValue, options) => {
-		const merged = {
-			...defaultOptions,
-			...options
-		};
-		document.cookie = `${name}=${encodeURIComponent(newValue)}${serializeOptions(merged)}`;
-		notify(name);
-	};
-	const deleteCookie = () => {
-		const path = defaultOptions?.path ?? "/";
-		const domain = defaultOptions?.domain;
-		let cookieStr = `${name}=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Path=${path}`;
-		if (domain) cookieStr += `; Domain=${domain}`;
-		document.cookie = cookieStr;
-		notify(name);
-	};
-	return [
-		value,
-		setCookie,
-		deleteCookie
-	];
-}
-//#endregion
-export { useCookie as t };
-//# sourceMappingURL=use-cookie-DX-l1_5E.js.map

package/dist/_chunks/use-cookie-DX-l1_5E.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"use-cookie-DX-l1_5E.js","names":[],"sources":["../../src/client/use-cookie.ts"],"sourcesContent":["/**\n * useCookie — reactive client-side cookie hook.\n *\n * Uses useSyncExternalStore for SSR-safe, reactive cookie access.\n * All components reading the same cookie name re-render on change.\n * No cross-tab sync (intentional — see design/29-cookies.md).\n *\n * See design/29-cookies.md §\"useCookie(name) Hook\"\n */\n\nimport { useSyncExternalStore } from 'react';\nimport { getSsrData } from './ssr-data.js';\n\n// ─── Types ────────────────────────────────────────────────────────────────\n\nexport interface ClientCookieOptions {\n /** URL path scope. Default: '/'. */\n path?: string;\n /** Domain scope. Default: omitted (current domain). */\n domain?: string;\n /** Max age in seconds. */\n maxAge?: number;\n /** Expiration date. */\n expires?: Date;\n /** Cross-site policy. Default: 'lax'. */\n sameSite?: 'strict' | 'lax' | 'none';\n /** Only send over HTTPS. Default: true in production. */\n secure?: boolean;\n}\n\nexport type CookieSetter = (value: string, options?: ClientCookieOptions) => void;\n\n// ─── Module-Level Cookie Store ────────────────────────────────────────────\n\ntype Listener = () => void;\n\n/** Per-name subscriber sets. */\nconst listeners = new Map<string, Set<Listener>>();\n\n/** Parse a cookie name from document.cookie. */\nfunction getCookieValue(name: string): string | undefined {\n if (typeof document === 'undefined') return undefined;\n const match = document.cookie.match(\n new RegExp('(?:^|;\\\\s*)' + name.replace(/[.*+?^${}()|[\\]\\\\]/g, '\\\\$&') + '\\\\s*=\\\\s*([^;]*)')\n );\n return match ? decodeURIComponent(match[1]) : undefined;\n}\n\n/** Serialize options into a cookie string suffix. */\nfunction serializeOptions(options?: ClientCookieOptions): string {\n if (!options) return '; Path=/; SameSite=Lax';\n const parts: string[] = [];\n parts.push(`Path=${options.path ?? '/'}`);\n if (options.domain) parts.push(`Domain=${options.domain}`);\n if (options.maxAge !== undefined) parts.push(`Max-Age=${options.maxAge}`);\n if (options.expires) parts.push(`Expires=${options.expires.toUTCString()}`);\n const sameSite = options.sameSite ?? 'lax';\n parts.push(`SameSite=${sameSite.charAt(0).toUpperCase()}${sameSite.slice(1)}`);\n if (options.secure) parts.push('Secure');\n return '; ' + parts.join('; ');\n}\n\n/** Notify all subscribers for a given cookie name. */\nfunction notify(name: string): void {\n const subs = listeners.get(name);\n if (subs) {\n for (const fn of subs) fn();\n }\n}\n\n// ─── Hook ─────────────────────────────────────────────────────────────────\n\n/**\n * Reactive hook for reading/writing a client-side cookie.\n *\n * Returns `[value, setCookie, deleteCookie]`:\n * - `value`: current cookie value (string | undefined)\n * - `setCookie`: sets the cookie and triggers re-renders\n * - `deleteCookie`: deletes the cookie and triggers re-renders\n *\n * @param name - Cookie name.\n * @param defaultOptions - Default options for setCookie calls.\n */\nexport function useCookie(\n name: string,\n defaultOptions?: ClientCookieOptions\n): [value: string | undefined, setCookie: CookieSetter, deleteCookie: () => void] {\n const subscribe = (callback: Listener): (() => void) => {\n let subs = listeners.get(name);\n if (!subs) {\n subs = new Set();\n listeners.set(name, subs);\n }\n subs.add(callback);\n return () => {\n subs!.delete(callback);\n if (subs!.size === 0) listeners.delete(name);\n };\n };\n\n const getSnapshot = (): string | undefined => getCookieValue(name);\n const getServerSnapshot = (): string | undefined => getSsrData()?.cookies.get(name);\n\n const value = useSyncExternalStore(subscribe, getSnapshot, getServerSnapshot);\n\n const setCookie: CookieSetter = (newValue: string, options?: ClientCookieOptions) => {\n const merged = { ...defaultOptions, ...options };\n document.cookie = `${name}=${encodeURIComponent(newValue)}${serializeOptions(merged)}`;\n notify(name);\n };\n\n const deleteCookie = (): void => {\n const path = defaultOptions?.path ?? '/';\n const domain = defaultOptions?.domain;\n let cookieStr = `${name}=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Path=${path}`;\n if (domain) cookieStr += `; Domain=${domain}`;\n document.cookie = cookieStr;\n notify(name);\n };\n\n return [value, setCookie, deleteCookie];\n}\n"],"mappings":";;;;;;;;;;;;;AAqCA,IAAM,4BAAY,IAAI,KAA4B;;AAGlD,SAAS,eAAe,MAAkC;AACxD,KAAI,OAAO,aAAa,YAAa,QAAO,KAAA;CAC5C,MAAM,QAAQ,SAAS,OAAO,MAC5B,IAAI,OAAO,gBAAgB,KAAK,QAAQ,uBAAuB,OAAO,GAAG,mBAAmB,CAC7F;AACD,QAAO,QAAQ,mBAAmB,MAAM,GAAG,GAAG,KAAA;;;AAIhD,SAAS,iBAAiB,SAAuC;AAC/D,KAAI,CAAC,QAAS,QAAO;CACrB,MAAM,QAAkB,EAAE;AAC1B,OAAM,KAAK,QAAQ,QAAQ,QAAQ,MAAM;AACzC,KAAI,QAAQ,OAAQ,OAAM,KAAK,UAAU,QAAQ,SAAS;AAC1D,KAAI,QAAQ,WAAW,KAAA,EAAW,OAAM,KAAK,WAAW,QAAQ,SAAS;AACzE,KAAI,QAAQ,QAAS,OAAM,KAAK,WAAW,QAAQ,QAAQ,aAAa,GAAG;CAC3E,MAAM,WAAW,QAAQ,YAAY;AACrC,OAAM,KAAK,YAAY,SAAS,OAAO,EAAE,CAAC,aAAa,GAAG,SAAS,MAAM,EAAE,GAAG;AAC9E,KAAI,QAAQ,OAAQ,OAAM,KAAK,SAAS;AACxC,QAAO,OAAO,MAAM,KAAK,KAAK;;;AAIhC,SAAS,OAAO,MAAoB;CAClC,MAAM,OAAO,UAAU,IAAI,KAAK;AAChC,KAAI,KACF,MAAK,MAAM,MAAM,KAAM,KAAI;;;;;;;;;;;;;AAiB/B,SAAgB,UACd,MACA,gBACgF;CAChF,MAAM,aAAa,aAAqC;EACtD,IAAI,OAAO,UAAU,IAAI,KAAK;AAC9B,MAAI,CAAC,MAAM;AACT,0BAAO,IAAI,KAAK;AAChB,aAAU,IAAI,MAAM,KAAK;;AAE3B,OAAK,IAAI,SAAS;AAClB,eAAa;AACX,QAAM,OAAO,SAAS;AACtB,OAAI,KAAM,SAAS,EAAG,WAAU,OAAO,KAAK;;;CAIhD,MAAM,oBAAwC,eAAe,KAAK;CAClE,MAAM,0BAA8C,YAAY,EAAE,QAAQ,IAAI,KAAK;CAEnF,MAAM,QAAQ,qBAAqB,WAAW,aAAa,kBAAkB;CAE7E,MAAM,aAA2B,UAAkB,YAAkC;EACnF,MAAM,SAAS;GAAE,GAAG;GAAgB,GAAG;GAAS;AAChD,WAAS,SAAS,GAAG,KAAK,GAAG,mBAAmB,SAAS,GAAG,iBAAiB,OAAO;AACpF,SAAO,KAAK;;CAGd,MAAM,qBAA2B;EAC/B,MAAM,OAAO,gBAAgB,QAAQ;EACrC,MAAM,SAAS,gBAAgB;EAC/B,IAAI,YAAY,GAAG,KAAK,4DAA4D;AACpF,MAAI,OAAQ,cAAa,YAAY;AACrC,WAAS,SAAS;AAClB,SAAO,KAAK;;AAGd,QAAO;EAAC;EAAO;EAAW;EAAa"}

package/dist/_chunks/use-query-states-D5KaffOK.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"use-query-states-D5KaffOK.js","names":[],"sources":["../../src/search-params/registry.ts","../../src/client/use-query-states.ts"],"sourcesContent":["/**\n * Runtime registry for route-scoped search params definitions.\n *\n * When a route's modules load, the framework registers its search-params\n * definition here. useQueryStates('/route') resolves codecs from this map.\n *\n * Design doc: design/23-search-params.md §\"Runtime: Registration at Route Load\"\n */\n\nimport type { SearchParamsDefinition } from './create.js';\n\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nconst registry = new Map<string, SearchParamsDefinition<any>>();\n\n/**\n * Register a route's search params definition.\n * Called by the generated route manifest loader when a route's modules load.\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport function registerSearchParams(route: string, definition: SearchParamsDefinition<any>): void {\n registry.set(route, definition);\n}\n\n/**\n * Look up a route's search params definition.\n * Returns undefined if the route hasn't been loaded yet.\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport function getSearchParams(route: string): SearchParamsDefinition<any> | undefined {\n return registry.get(route);\n}\n","/**\n * useQueryStates — client-side hook for URL-synced search params.\n *\n * Delegates to nuqs for URL synchronization, batching, React 19 transitions,\n * and throttled URL writes. Bridges timber's SearchParamCodec protocol to\n * nuqs-compatible parsers.\n *\n * Design doc: design/23-search-params.md §\"Codec Bridge\"\n */\n\n'use client';\n\nimport { useQueryStates as nuqsUseQueryStates } from 'nuqs';\nimport type { SingleParser } from 'nuqs';\nimport type {\n SearchParamCodec,\n SearchParamsDefinition,\n SetParams,\n QueryStatesOptions,\n} from '#/search-params/create.js';\nimport { getSearchParams } from '#/search-params/registry.js';\n\n// ─── Codec Bridge ─────────────────────────────────────────────────\n\n/**\n * Bridge a timber SearchParamCodec to a nuqs-compatible SingleParser.\n *\n * nuqs parsers: { parse(string) → T|null, serialize?(T) → string, eq?, defaultValue? }\n * timber codecs: { parse(string|string[]|undefined) → T, serialize(T) → string|null }\n */\nfunction bridgeCodec<T>(codec: SearchParamCodec<T>): SingleParser<T> & { defaultValue: T } {\n return {\n parse: (v: string) => codec.parse(v),\n serialize: (v: T) => codec.serialize(v) ?? '',\n defaultValue: codec.parse(undefined) as T,\n eq: (a: T, b: T) => codec.serialize(a) === codec.serialize(b),\n };\n}\n\n/**\n * Bridge an entire codec map to nuqs-compatible parsers.\n */\nfunction bridgeCodecs<T extends Record<string, unknown>>(codecs: {\n [K in keyof T]: SearchParamCodec<T[K]>;\n}) {\n const result: Record<string, SingleParser<unknown> & { defaultValue: unknown }> = {};\n for (const key of Object.keys(codecs)) {\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n result[key] = bridgeCodec(codecs[key as keyof T]) as any;\n }\n return result as { [K in keyof T]: SingleParser<T[K]> & { defaultValue: T[K] } };\n}\n\n// ─── Hook ─────────────────────────────────────────────────────────\n\n/**\n * Read and write typed search params from/to the URL.\n *\n * Delegates to nuqs internally. The timber nuqs adapter (auto-injected in\n * browser-entry.ts) handles RSC navigation on non-shallow updates.\n *\n * Usage:\n * ```ts\n * // Via a SearchParamsDefinition\n * const [params, setParams] = definition.useQueryStates()\n *\n * // Standalone with inline codecs\n * const [params, setParams] = useQueryStates({\n * page: fromSchema(z.coerce.number().int().min(1).default(1)),\n * })\n * ```\n */\nexport function useQueryStates<T extends Record<string, unknown>>(\n codecsOrRoute: { [K in keyof T]: SearchParamCodec<T[K]> } | string,\n _options?: QueryStatesOptions,\n urlKeys?: Readonly<Record<string, string>>\n): [T, SetParams<T>] {\n // Route-string overload: resolve codecs from the registry\n let codecs: { [K in keyof T]: SearchParamCodec<T[K]> };\n let resolvedUrlKeys = urlKeys;\n if (typeof codecsOrRoute === 'string') {\n const definition = getSearchParams(codecsOrRoute);\n if (!definition) {\n throw new Error(\n `useQueryStates('${codecsOrRoute}'): no search params registered for this route. ` +\n `Either the route has no search-params.ts file, or it hasn't been loaded yet. ` +\n `For cross-route usage, import the definition explicitly.`\n );\n }\n codecs = definition.codecs as { [K in keyof T]: SearchParamCodec<T[K]> };\n resolvedUrlKeys = definition.urlKeys;\n } else {\n codecs = codecsOrRoute;\n }\n\n const bridged = bridgeCodecs(codecs);\n\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n const nuqsOptions: any = {};\n if (resolvedUrlKeys && Object.keys(resolvedUrlKeys).length > 0) {\n nuqsOptions.urlKeys = resolvedUrlKeys;\n }\n\n let values: Record<string, unknown>;\n let setValues: Function;\n try {\n [values, setValues] = nuqsUseQueryStates(bridged, nuqsOptions);\n } catch (err) {\n if (\n err instanceof Error &&\n /Invalid hook call|cannot be called|Cannot read properties of null/i.test(err.message)\n ) {\n throw new Error(\n 'useQueryStates is a client component hook and cannot be called outside a React component. ' +\n 'Use definition.parse(searchParams) in server components instead.'\n );\n }\n throw err;\n }\n\n // Wrap the nuqs setter to match timber's SetParams<T> signature.\n // nuqs's setter accepts Partial<Nullable<Values>> | UpdaterFn | null.\n // timber's setter accepts Partial<T> with optional SetParamsOptions.\n const setParams: SetParams<T> = (partial, setOptions?) => {\n const nuqsSetOptions: Record<string, unknown> = {};\n if (setOptions?.shallow !== undefined) nuqsSetOptions.shallow = setOptions.shallow;\n if (setOptions?.scroll !== undefined) nuqsSetOptions.scroll = setOptions.scroll;\n if (setOptions?.history !== undefined) nuqsSetOptions.history = setOptions.history;\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n void setValues(partial as any, nuqsSetOptions);\n };\n\n return [values as T, setParams];\n}\n\n// ─── Definition binding ───────────────────────────────────────────\n\n/**\n * Create a useQueryStates binding for a SearchParamsDefinition.\n * This is used internally by SearchParamsDefinition.useQueryStates().\n */\nexport function bindUseQueryStates<T extends Record<string, unknown>>(\n definition: SearchParamsDefinition<T>\n): (options?: QueryStatesOptions) => [T, SetParams<T>] {\n return (options?: QueryStatesOptions) => {\n return useQueryStates<T>(definition.codecs, options, definition.urlKeys);\n };\n}\n"],"mappings":";;AAYA,IAAM,2BAAW,IAAI,KAA0C;;;;;AAO/D,SAAgB,qBAAqB,OAAe,YAA+C;AACjG,UAAS,IAAI,OAAO,WAAW;;;;;;AAQjC,SAAgB,gBAAgB,OAAwD;AACtF,QAAO,SAAS,IAAI,MAAM;;;;;;;;;;;;;;;;;;;ACC5B,SAAS,YAAe,OAAmE;AACzF,QAAO;EACL,QAAQ,MAAc,MAAM,MAAM,EAAE;EACpC,YAAY,MAAS,MAAM,UAAU,EAAE,IAAI;EAC3C,cAAc,MAAM,MAAM,KAAA,EAAU;EACpC,KAAK,GAAM,MAAS,MAAM,UAAU,EAAE,KAAK,MAAM,UAAU,EAAE;EAC9D;;;;;AAMH,SAAS,aAAgD,QAEtD;CACD,MAAM,SAA4E,EAAE;AACpF,MAAK,MAAM,OAAO,OAAO,KAAK,OAAO,CAEnC,QAAO,OAAO,YAAY,OAAO,KAAgB;AAEnD,QAAO;;;;;;;;;;;;;;;;;;;AAsBT,SAAgB,iBACd,eACA,UACA,SACmB;CAEnB,IAAI;CACJ,IAAI,kBAAkB;AACtB,KAAI,OAAO,kBAAkB,UAAU;EACrC,MAAM,aAAa,gBAAgB,cAAc;AACjD,MAAI,CAAC,WACH,OAAM,IAAI,MACR,mBAAmB,cAAc,uLAGlC;AAEH,WAAS,WAAW;AACpB,oBAAkB,WAAW;OAE7B,UAAS;CAGX,MAAM,UAAU,aAAa,OAAO;CAGpC,MAAM,cAAmB,EAAE;AAC3B,KAAI,mBAAmB,OAAO,KAAK,gBAAgB,CAAC,SAAS,EAC3D,aAAY,UAAU;CAGxB,IAAI;CACJ,IAAI;AACJ,KAAI;AACF,GAAC,QAAQ,aAAa,eAAmB,SAAS,YAAY;UACvD,KAAK;AACZ,MACE,eAAe,SACf,qEAAqE,KAAK,IAAI,QAAQ,CAEtF,OAAM,IAAI,MACR,6JAED;AAEH,QAAM;;CAMR,MAAM,aAA2B,SAAS,eAAgB;EACxD,MAAM,iBAA0C,EAAE;AAClD,MAAI,YAAY,YAAY,KAAA,EAAW,gBAAe,UAAU,WAAW;AAC3E,MAAI,YAAY,WAAW,KAAA,EAAW,gBAAe,SAAS,WAAW;AACzE,MAAI,YAAY,YAAY,KAAA,EAAW,gBAAe,UAAU,WAAW;AAEtE,YAAU,SAAgB,eAAe;;AAGhD,QAAO,CAAC,QAAa,UAAU;;;;;;AASjC,SAAgB,mBACd,YACqD;AACrD,SAAQ,YAAiC;AACvC,SAAO,iBAAkB,WAAW,QAAQ,SAAS,WAAW,QAAQ"}

package/dist/cache/register-cached-function.d.ts DELETED Viewed

@@ -1,17 +0,0 @@
-import type { CacheHandler } from './index';
-export interface RegisterCachedFunctionOptions<Fn extends (...args: any[]) => any> {
-    ttl: number;
-    id: string;
-    tags?: string[] | ((...args: Parameters<Fn>) => string[]);
-    /** True when the cached function is a React component (PascalCase name). */
-    isComponent?: boolean;
-}
-/**
- * Runtime for the "use cache" directive transform. Wraps an async function
- * with caching using the same cache handler as timber.cache.
- *
- * The stable `id` (file path + function name) ensures cache keys are consistent
- * across builds. Args/props are hashed with SHA-256 for the per-call key.
- */
-export declare function registerCachedFunction<Fn extends (...args: any[]) => Promise<any>>(fn: Fn, opts: RegisterCachedFunctionOptions<Fn>, handler: CacheHandler): (...args: Parameters<Fn>) => Promise<Awaited<ReturnType<Fn>>>;
-//# sourceMappingURL=register-cached-function.d.ts.map

package/dist/cache/register-cached-function.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"register-cached-function.d.ts","sourceRoot":"","sources":["../../src/cache/register-cached-function.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAoB5C,MAAM,WAAW,6BAA6B,CAAC,EAAE,SAAS,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,GAAG;IAC/E,GAAG,EAAE,MAAM,CAAC;IACZ,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC,EAAE,CAAC,KAAK,MAAM,EAAE,CAAC,CAAC;IAC1D,4EAA4E;IAC5E,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AA4CD;;;;;;GAMG;AAEH,wBAAgB,sBAAsB,CAAC,EAAE,SAAS,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG,CAAC,EAChF,EAAE,EAAE,EAAE,EACN,IAAI,EAAE,6BAA6B,CAAC,EAAE,CAAC,EACvC,OAAO,EAAE,YAAY,GACpB,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC,EAAE,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,CAoB/D"}

package/dist/client/browser-entry.d.ts DELETED Viewed

@@ -1,21 +0,0 @@
-/**
- * Browser Entry — Client-side hydration and navigation bootstrap.
- *
- * This is a real TypeScript file, not codegen. It initializes the
- * client navigation runtime: segment router, prefetch cache, and
- * history stack.
- *
- * Hydration works by:
- * 1. Decoding the RSC payload embedded in the initial HTML response
- *    via createFromReadableStream from @vitejs/plugin-rsc/browser
- * 2. Hydrating the decoded React tree via hydrateRoot
- * 3. Setting up client-side navigation for subsequent page transitions
- *
- * After hydration, the browser entry:
- * - Link click handling is per-component (Link's onClick), not global delegation
- * - Listens for popstate events for back/forward navigation
- *
- * Design docs: 18-build-system.md §"Entry Files", 19-client-navigation.md
- */
-export {};
-//# sourceMappingURL=browser-entry.d.ts.map

package/dist/client/browser-entry.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"browser-entry.d.ts","sourceRoot":"","sources":["../../src/client/browser-entry.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG"}

package/dist/client/link-status-provider.d.ts DELETED Viewed

@@ -1,11 +0,0 @@
-import type { ReactNode } from 'react';
-/**
- * Client component that reads the pending URL from PendingNavigationContext
- * and provides a scoped LinkStatusContext to children. Renders no extra DOM —
- * just a context provider around children.
- */
-export declare function LinkStatusProvider({ href, children }: {
-    href: string;
-    children?: ReactNode;
-}): import("react/jsx-runtime").JSX.Element;
-//# sourceMappingURL=link-status-provider.d.ts.map

package/dist/client/link-status-provider.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"link-status-provider.d.ts","sourceRoot":"","sources":["../../src/client/link-status-provider.tsx"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,OAAO,CAAC;AAOvC;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,SAAS,CAAA;CAAE,2CAK5F"}

package/dist/client/transition-root.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"transition-root.d.ts","sourceRoot":"","sources":["../../src/client/transition-root.tsx"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAEH,OAAO,EAAoD,KAAK,SAAS,EAAE,MAAM,OAAO,CAAC;AAEzF,OAAO,EAAa,KAAK,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAqBlE;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,cAAc,CAAC,EAC7B,OAAO,EACP,eAAe,GAChB,EAAE;IACD,OAAO,EAAE,SAAS,CAAC;IACnB,eAAe,CAAC,EAAE,eAAe,CAAC;CACnC,GAAG,SAAS,CAgDZ;AAID;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,SAAS,GAAG,IAAI,CAIzD;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,kBAAkB,CAChC,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,OAAO,CAAC,SAAS,CAAC,GAChC,OAAO,CAAC,IAAI,CAAC,CAMf;AAED;;;GAGG;AACH,wBAAgB,qBAAqB,IAAI,OAAO,CAE/C"}

package/dist/client/use-navigation-pending.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"use-navigation-pending.d.ts","sourceRoot":"","sources":["../../src/client/use-navigation-pending.ts"],"names":[],"mappings":"AASA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAgB,oBAAoB,IAAI,OAAO,CAI9C"}

package/dist/cookies/index.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"index.js","names":[],"sources":["../../src/cookies/define-cookie.ts"],"sourcesContent":["/**\n * defineCookie — typed cookie definitions.\n *\n * Bundles name + codec + options into a reusable CookieDefinition<T>\n * with .get(), .set(), .delete() server methods and a .useCookie() client hook.\n *\n * Reuses the SearchParamCodec protocol via fromSchema() bridge.\n * Validation on read returns the codec default (never throws).\n *\n * See design/29-cookies.md §\"Typed Cookies with Schema Validation\"\n */\n\nimport { cookies } from '#/server/request-context.js';\nimport type { CookieOptions } from '#/server/request-context.js';\nimport { useCookie as useRawCookie } from '#/client/use-cookie.js';\nimport type { ClientCookieOptions } from '#/client/use-cookie.js';\n\n// ─── Types ────────────────────────────────────────────────────────────────\n\n/**\n * A codec that converts between string cookie values and typed values.\n * Intentionally identical to SearchParamCodec<T>.\n */\nexport interface CookieCodec<T> {\n parse(value: string | string[] | undefined): T;\n serialize(value: T): string | null;\n}\n\n/** Options for defineCookie: codec + CookieOptions merged. */\nexport interface DefineCookieOptions<T> extends Omit<CookieOptions, 'signed'> {\n /** Codec for parsing/serializing the cookie value. */\n codec: CookieCodec<T>;\n /** Sign the cookie with HMAC-SHA256. */\n signed?: boolean;\n}\n\n/** A fully typed cookie definition with server and client methods. */\nexport interface CookieDefinition<T> {\n /** The cookie name. */\n readonly name: string;\n /** The resolved cookie options (without codec). */\n readonly options: CookieOptions;\n /** The codec used for parsing/serializing. */\n readonly codec: CookieCodec<T>;\n\n /** Server: read the typed value from the current request. */\n get(): T;\n /** Server: set the typed value on the response. */\n set(value: T): void;\n /** Server: delete the cookie. */\n delete(): void;\n\n /** Client: React hook for reading/writing this cookie. Returns [value, setter, deleter]. */\n useCookie(): [T, (value: T) => void, () => void];\n}\n\n// ─── Factory ──────────────────────────────────────────────────────────────\n\n/**\n * Define a typed cookie.\n *\n * ```ts\n * import { defineCookie } from '@timber-js/app/cookies';\n * import { fromSchema } from '@timber-js/app/search-params';\n * import { z } from 'zod/v4';\n *\n * export const themeCookie = defineCookie('theme', {\n * codec: fromSchema(z.enum(['light', 'dark', 'system']).default('system')),\n * httpOnly: false,\n * maxAge: 60 * 60 * 24 * 365,\n * });\n * ```\n */\nexport function defineCookie<T>(\n name: string,\n options: DefineCookieOptions<T>\n): CookieDefinition<T> {\n const { codec, ...cookieOpts } = options;\n const resolvedOptions: CookieOptions = { ...cookieOpts };\n\n return {\n name,\n options: resolvedOptions,\n codec,\n\n get(): T {\n const jar = cookies();\n const raw = resolvedOptions.signed ? jar.getSigned(name) : jar.get(name);\n return codec.parse(raw);\n },\n\n set(value: T): void {\n const serialized = codec.serialize(value);\n if (serialized === null) {\n cookies().delete(name, {\n path: resolvedOptions.path,\n domain: resolvedOptions.domain,\n });\n } else {\n cookies().set(name, serialized, resolvedOptions);\n }\n },\n\n delete(): void {\n cookies().delete(name, {\n path: resolvedOptions.path,\n domain: resolvedOptions.domain,\n });\n },\n\n useCookie(): [T, (value: T) => void, () => void] {\n // Extract client-safe options (no httpOnly — client cookies can't be httpOnly)\n const clientOpts: ClientCookieOptions = {\n path: resolvedOptions.path,\n domain: resolvedOptions.domain,\n maxAge: resolvedOptions.maxAge,\n expires: resolvedOptions.expires,\n sameSite: resolvedOptions.sameSite,\n secure: resolvedOptions.secure,\n };\n\n const [raw, setRaw, deleteRaw] = useRawCookie(name, clientOpts);\n const parsed = codec.parse(raw);\n\n const setTyped = (value: T): void => {\n const serialized = codec.serialize(value);\n if (serialized === null) {\n deleteRaw();\n } else {\n setRaw(serialized);\n }\n };\n\n return [parsed, setTyped, deleteRaw];\n },\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAyEA,SAAgB,aACd,MACA,SACqB;CACrB,MAAM,EAAE,OAAO,GAAG,eAAe;CACjC,MAAM,kBAAiC,EAAE,GAAG,YAAY;AAExD,QAAO;EACL;EACA,SAAS;EACT;EAEA,MAAS;GACP,MAAM,MAAM,SAAS;GACrB,MAAM,MAAM,gBAAgB,SAAS,IAAI,UAAU,KAAK,GAAG,IAAI,IAAI,KAAK;AACxE,UAAO,MAAM,MAAM,IAAI;;EAGzB,IAAI,OAAgB;GAClB,MAAM,aAAa,MAAM,UAAU,MAAM;AACzC,OAAI,eAAe,KACjB,UAAS,CAAC,OAAO,MAAM;IACrB,MAAM,gBAAgB;IACtB,QAAQ,gBAAgB;IACzB,CAAC;OAEF,UAAS,CAAC,IAAI,MAAM,YAAY,gBAAgB;;EAIpD,SAAe;AACb,YAAS,CAAC,OAAO,MAAM;IACrB,MAAM,gBAAgB;IACtB,QAAQ,gBAAgB;IACzB,CAAC;;EAGJ,YAAiD;GAW/C,MAAM,CAAC,KAAK,QAAQ,aAAa,UAAa,MATN;IACtC,MAAM,gBAAgB;IACtB,QAAQ,gBAAgB;IACxB,QAAQ,gBAAgB;IACxB,SAAS,gBAAgB;IACzB,UAAU,gBAAgB;IAC1B,QAAQ,gBAAgB;IACzB,CAE8D;GAC/D,MAAM,SAAS,MAAM,MAAM,IAAI;GAE/B,MAAM,YAAY,UAAmB;IACnC,MAAM,aAAa,MAAM,UAAU,MAAM;AACzC,QAAI,eAAe,KACjB,YAAW;QAEX,QAAO,WAAW;;AAItB,UAAO;IAAC;IAAQ;IAAU;IAAU;;EAEvC"}