@timber-js/app 0.2.0-alpha.97 → 0.2.0-alpha.99

package/dist/_chunks/merge-search-params-BphMdht_.js

@@ -0,0 +1,122 @@
+//#region src/cookies/validation.ts
+/**
+* Cookie name and value validation per RFC 6265 §4.1.1.
+*
+* This module is pure — no server or client imports — so it can be loaded
+* by both `server/request-context.ts` (which guards `getCookies().set()`)
+* and `client/use-cookie.ts` (which guards `useCookie()`'s setter). The
+* shared validator gives both sides identical encoding contracts:
+* **the framework never silently encodes — callers emit `cookie-octet`
+* bytes or get a developer-facing error.**
+*
+* Why this matters: see ONGOING_SECURITY.md H-3 (TIM-868) and
+* design/29-cookies.md §"Cookie Name and Value Validation".
+*/
+/**
+* RFC 7230 §3.2.6 token characters used as the cookie-name production in
+* RFC 6265 §4.1.1. Anchored, non-empty match.
+*
+* Allowed: US-ASCII letters, digits, and `!#$%&'*+-.^_` `` ` `` `|~`.
+* Disallowed: whitespace, controls, delimiters
+* (`(` `)` `<` `>` `@` `,` `;` `:` `\` `"` `/` `[` `]` `?` `=` `{` `}`).
+*/
+var COOKIE_NAME_RE = /^[!#$%&'*+\-.0-9A-Z^_`a-z|~]+$/;
+/**
+* Format a single byte for a clear error message — escape control bytes
+* and non-ASCII as `0x..` and quote printables.
+*/
+function describeChar(value, index) {
+	const code = value.charCodeAt(index);
+	if (code < 32 || code === 127 || code > 126) return `0x${code.toString(16).padStart(2, "0")}`;
+	return JSON.stringify(value[index]);
+}
+/**
+* Validate a cookie name against RFC 6265 §4.1.1 / RFC 7230 token rules.
+* Throws a developer-facing error naming the offending byte and its index.
+*/
+function assertValidCookieName(name) {
+	if (typeof name !== "string" || name.length === 0) throw new Error("[timber] cookie name must be a non-empty string.");
+	if (!COOKIE_NAME_RE.test(name)) {
+		for (let i = 0; i < name.length; i++) if (!COOKIE_NAME_RE.test(name[i])) throw new Error(`[timber] invalid cookie name ${JSON.stringify(name)} — disallowed character ${describeChar(name, i)} at index ${i}. Cookie names must match the RFC 6265 §4.1.1 token grammar (US-ASCII letters, digits, and \`!#$%&'*+-.^_\`|~\`; no whitespace, controls, or delimiters).`);
+		throw new Error(`[timber] invalid cookie name ${JSON.stringify(name)} — must match RFC 6265 §4.1.1 token grammar.`);
+	}
+}
+/** Single-byte test for RFC 6265 §4.1.1 cookie-octet. */
+function isCookieOctet(code) {
+	return code === 33 || code >= 35 && code <= 43 || code >= 45 && code <= 58 || code >= 60 && code <= 91 || code >= 93 && code <= 126;
+}
+/**
+* Validate a cookie value against the RFC 6265 §4.1.1 `cookie-value`
+* production:
+*
+*     cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE )
+*     cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E
+*
+* Both the bare `*cookie-octet` form and the DQUOTE-wrapped form are
+* valid. The wrapped form is common in upstream `Set-Cookie` headers
+* (e.g. `sid="abc"; Path=/`) and must be forwardable through
+* `setFromHeaders` verbatim — stripping or rejecting the surrounding
+* quotes would corrupt the on-the-wire bytes and break value semantics
+* for the upstream service.
+*
+* Excluded bytes (in either form): CTL, whitespace (CR/LF/TAB/SP),
+* interior DQUOTE, comma, semicolon, backslash, DEL, and anything
+* non-ASCII. The smuggling primitive (`;`) is rejected regardless of
+* wrapping.
+*
+* Throws a developer-facing error naming the offending byte and its
+* index. Callers passing user-controlled data through the default
+* `set()` path don't need to call this — `set()` auto-encodes via
+* `encodeURIComponent`, whose output is always valid cookie-octet.
+* This validator is for the `{ raw: true }` opt-out and for
+* `setFromHeaders` forwarding.
+*/
+function assertValidCookieValue(name, value) {
+	if (typeof value !== "string") throw new Error(`[timber] cookie ${JSON.stringify(name)}: cookie value must be a string.`);
+	const wrapped = value.length >= 2 && value.charCodeAt(0) === 34 && value.charCodeAt(value.length - 1) === 34;
+	const start = wrapped ? 1 : 0;
+	const end = wrapped ? value.length - 1 : value.length;
+	for (let i = start; i < end; i++) if (!isCookieOctet(value.charCodeAt(i))) throw new Error(`[timber] cookie ${JSON.stringify(name)}: invalid cookie value — disallowed character ${describeChar(value, i)} at index ${i}. Cookie values must contain only RFC 6265 §4.1.1 cookie-octet bytes (US-ASCII printable, excluding whitespace, \`"\`, \`,\`, \`;\`, and \`\\\`), optionally enclosed in a single DQUOTE pair. Encode the value (e.g. encodeURIComponent or jsonCookieCodec) before storing it.`);
+}
+//#endregion
+//#region src/shared/merge-search-params.ts
+/**
+* Shared utility for merging preserved search params into a target URL.
+*
+* Used by both <Link> (client) and redirect() (server). Extracted to a shared
+* module to avoid importing client code ('use client') from server modules.
+*/
+/**
+* Merge preserved search params from the current URL into a target href.
+*
+* When `preserve` is `true`, all current search params are merged.
+* When `preserve` is a `string[]`, only the named params are merged.
+*
+* The target href's own search params take precedence — preserved params
+* are only added if the target doesn't already define them.
+*
+* @param targetHref - The resolved target href (may already contain query string)
+* @param currentSearch - The current URL's search string (e.g. "?private=access&page=2")
+* @param preserve - `true` to preserve all, or `string[]` to preserve specific params
+* @returns The target href with preserved search params merged in
+*/
+function mergePreservedSearchParams(targetHref, currentSearch, preserve) {
+	const currentParams = new URLSearchParams(currentSearch);
+	if (currentParams.size === 0) return targetHref;
+	const hashIdx = targetHref.indexOf("#");
+	const hrefWithoutHash = hashIdx >= 0 ? targetHref.slice(0, hashIdx) : targetHref;
+	const hash = hashIdx >= 0 ? targetHref.slice(hashIdx) : "";
+	const qIdx = hrefWithoutHash.indexOf("?");
+	const targetPath = qIdx >= 0 ? hrefWithoutHash.slice(0, qIdx) : hrefWithoutHash;
+	const targetParams = new URLSearchParams(qIdx >= 0 ? hrefWithoutHash.slice(qIdx + 1) : "");
+	const merged = new URLSearchParams(targetParams);
+	for (const [key, value] of currentParams) if (!targetParams.has(key)) {
+		if (preserve === true || preserve.includes(key)) merged.append(key, value);
+	}
+	const qs = merged.toString();
+	return (qs ? `${targetPath}?${qs}` : targetPath) + hash;
+}
+//#endregion
+export { assertValidCookieName as n, assertValidCookieValue as r, mergePreservedSearchParams as t };
+
+//# sourceMappingURL=merge-search-params-BphMdht_.js.map

package/dist/_chunks/merge-search-params-BphMdht_.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"merge-search-params-BphMdht_.js","names":[],"sources":["../../src/cookies/validation.ts","../../src/shared/merge-search-params.ts"],"sourcesContent":["/**\n * Cookie name and value validation per RFC 6265 §4.1.1.\n *\n * This module is pure — no server or client imports — so it can be loaded\n * by both `server/request-context.ts` (which guards `getCookies().set()`)\n * and `client/use-cookie.ts` (which guards `useCookie()`'s setter). The\n * shared validator gives both sides identical encoding contracts:\n * **the framework never silently encodes — callers emit `cookie-octet`\n * bytes or get a developer-facing error.**\n *\n * Why this matters: see ONGOING_SECURITY.md H-3 (TIM-868) and\n * design/29-cookies.md §\"Cookie Name and Value Validation\".\n */\n\n// ─── RFC 6265 cookie-octet ────────────────────────────────────────────────\n//\n//   cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E\n//\n// Equivalently: US-ASCII printable bytes excluding whitespace, `\"` (0x22),\n// `,` (0x2C), `;` (0x3B), `\\` (0x5C), and DEL (0x7F).\n\n/**\n * RFC 7230 §3.2.6 token characters used as the cookie-name production in\n * RFC 6265 §4.1.1. Anchored, non-empty match.\n *\n * Allowed: US-ASCII letters, digits, and `!#$%&'*+-.^_` `` ` `` `|~`.\n * Disallowed: whitespace, controls, delimiters\n * (`(` `)` `<` `>` `@` `,` `;` `:` `\\` `\"` `/` `[` `]` `?` `=` `{` `}`).\n */\nconst COOKIE_NAME_RE = /^[!#$%&'*+\\-.0-9A-Z^_`a-z|~]+$/;\n\n/**\n * Format a single byte for a clear error message — escape control bytes\n * and non-ASCII as `0x..` and quote printables.\n */\nfunction describeChar(value: string, index: number): string {\n  const code = value.charCodeAt(index);\n  if (code < 0x20 || code === 0x7f || code > 0x7e) {\n    return `0x${code.toString(16).padStart(2, '0')}`;\n  }\n  return JSON.stringify(value[index]);\n}\n\n/**\n * Validate a cookie name against RFC 6265 §4.1.1 / RFC 7230 token rules.\n * Throws a developer-facing error naming the offending byte and its index.\n */\nexport function assertValidCookieName(name: string): void {\n  if (typeof name !== 'string' || name.length === 0) {\n    throw new Error('[timber] cookie name must be a non-empty string.');\n  }\n  if (!COOKIE_NAME_RE.test(name)) {\n    for (let i = 0; i < name.length; i++) {\n      if (!COOKIE_NAME_RE.test(name[i])) {\n        throw new Error(\n          `[timber] invalid cookie name ${JSON.stringify(name)} — ` +\n            `disallowed character ${describeChar(name, i)} at index ${i}. ` +\n            `Cookie names must match the RFC 6265 §4.1.1 token grammar (US-ASCII letters, digits, ` +\n            `and \\`!#$%&'*+-.^_\\`|~\\`; no whitespace, controls, or delimiters).`\n        );\n      }\n    }\n    throw new Error(\n      `[timber] invalid cookie name ${JSON.stringify(name)} — ` +\n        `must match RFC 6265 §4.1.1 token grammar.`\n    );\n  }\n}\n\n/** Single-byte test for RFC 6265 §4.1.1 cookie-octet. */\nfunction isCookieOctet(code: number): boolean {\n  return (\n    code === 0x21 ||\n    (code >= 0x23 && code <= 0x2b) ||\n    (code >= 0x2d && code <= 0x3a) ||\n    (code >= 0x3c && code <= 0x5b) ||\n    (code >= 0x5d && code <= 0x7e)\n  );\n}\n\n/**\n * Validate a cookie value against the RFC 6265 §4.1.1 `cookie-value`\n * production:\n *\n *     cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE )\n *     cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E\n *\n * Both the bare `*cookie-octet` form and the DQUOTE-wrapped form are\n * valid. The wrapped form is common in upstream `Set-Cookie` headers\n * (e.g. `sid=\"abc\"; Path=/`) and must be forwardable through\n * `setFromHeaders` verbatim — stripping or rejecting the surrounding\n * quotes would corrupt the on-the-wire bytes and break value semantics\n * for the upstream service.\n *\n * Excluded bytes (in either form): CTL, whitespace (CR/LF/TAB/SP),\n * interior DQUOTE, comma, semicolon, backslash, DEL, and anything\n * non-ASCII. The smuggling primitive (`;`) is rejected regardless of\n * wrapping.\n *\n * Throws a developer-facing error naming the offending byte and its\n * index. Callers passing user-controlled data through the default\n * `set()` path don't need to call this — `set()` auto-encodes via\n * `encodeURIComponent`, whose output is always valid cookie-octet.\n * This validator is for the `{ raw: true }` opt-out and for\n * `setFromHeaders` forwarding.\n */\nexport function assertValidCookieValue(name: string, value: string): void {\n  if (typeof value !== 'string') {\n    throw new Error(`[timber] cookie ${JSON.stringify(name)}: cookie value must be a string.`);\n  }\n  // Detect the DQUOTE-wrapped form: at least two characters and both\n  // endpoints are `\"`. The interior must be pure cookie-octet (no\n  // interior DQUOTEs allowed — the grammar says *cookie-octet, and\n  // cookie-octet excludes 0x22).\n  const wrapped =\n    value.length >= 2 &&\n    value.charCodeAt(0) === 0x22 &&\n    value.charCodeAt(value.length - 1) === 0x22;\n  const start = wrapped ? 1 : 0;\n  const end = wrapped ? value.length - 1 : value.length;\n  for (let i = start; i < end; i++) {\n    const code = value.charCodeAt(i);\n    if (!isCookieOctet(code)) {\n      throw new Error(\n        `[timber] cookie ${JSON.stringify(name)}: invalid cookie value — ` +\n          `disallowed character ${describeChar(value, i)} at index ${i}. ` +\n          `Cookie values must contain only RFC 6265 §4.1.1 cookie-octet bytes ` +\n          `(US-ASCII printable, excluding whitespace, \\`\"\\`, \\`,\\`, \\`;\\`, and \\`\\\\\\`), ` +\n          `optionally enclosed in a single DQUOTE pair. ` +\n          `Encode the value (e.g. encodeURIComponent or jsonCookieCodec) before storing it.`\n      );\n    }\n  }\n}\n","/**\n * Shared utility for merging preserved search params into a target URL.\n *\n * Used by both <Link> (client) and redirect() (server). Extracted to a shared\n * module to avoid importing client code ('use client') from server modules.\n */\n\n/**\n * Merge preserved search params from the current URL into a target href.\n *\n * When `preserve` is `true`, all current search params are merged.\n * When `preserve` is a `string[]`, only the named params are merged.\n *\n * The target href's own search params take precedence — preserved params\n * are only added if the target doesn't already define them.\n *\n * @param targetHref - The resolved target href (may already contain query string)\n * @param currentSearch - The current URL's search string (e.g. \"?private=access&page=2\")\n * @param preserve - `true` to preserve all, or `string[]` to preserve specific params\n * @returns The target href with preserved search params merged in\n */\nexport function mergePreservedSearchParams(\n  targetHref: string,\n  currentSearch: string,\n  preserve: true | string[]\n): string {\n  const currentParams = new URLSearchParams(currentSearch);\n  if (currentParams.size === 0) return targetHref;\n\n  // Split hash fragment from target before processing query params.\n  // Hash must come after query string: /path?query=value#hash\n  const hashIdx = targetHref.indexOf('#');\n  const hrefWithoutHash = hashIdx >= 0 ? targetHref.slice(0, hashIdx) : targetHref;\n  const hash = hashIdx >= 0 ? targetHref.slice(hashIdx) : '';\n\n  // Split target into path and existing query\n  const qIdx = hrefWithoutHash.indexOf('?');\n  const targetPath = qIdx >= 0 ? hrefWithoutHash.slice(0, qIdx) : hrefWithoutHash;\n  const targetParams = new URLSearchParams(qIdx >= 0 ? hrefWithoutHash.slice(qIdx + 1) : '');\n\n  // Collect params to preserve (that aren't already in the target)\n  const merged = new URLSearchParams(targetParams);\n  for (const [key, value] of currentParams) {\n    // Only preserve if: (a) not already in target, and (b) included in preserve list\n    if (!targetParams.has(key)) {\n      if (preserve === true || preserve.includes(key)) {\n        merged.append(key, value);\n      }\n    }\n  }\n\n  const qs = merged.toString();\n  const pathWithQuery = qs ? `${targetPath}?${qs}` : targetPath;\n  return pathWithQuery + hash;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AA6BA,IAAM,iBAAiB;;;;;AAMvB,SAAS,aAAa,OAAe,OAAuB;CAC1D,MAAM,OAAO,MAAM,WAAW,MAAM;AACpC,KAAI,OAAO,MAAQ,SAAS,OAAQ,OAAO,IACzC,QAAO,KAAK,KAAK,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI;AAEhD,QAAO,KAAK,UAAU,MAAM,OAAO;;;;;;AAOrC,SAAgB,sBAAsB,MAAoB;AACxD,KAAI,OAAO,SAAS,YAAY,KAAK,WAAW,EAC9C,OAAM,IAAI,MAAM,mDAAmD;AAErE,KAAI,CAAC,eAAe,KAAK,KAAK,EAAE;AAC9B,OAAK,IAAI,IAAI,GAAG,IAAI,KAAK,QAAQ,IAC/B,KAAI,CAAC,eAAe,KAAK,KAAK,GAAG,CAC/B,OAAM,IAAI,MACR,gCAAgC,KAAK,UAAU,KAAK,CAAC,0BAC3B,aAAa,MAAM,EAAE,CAAC,YAAY,EAAE,2JAG/D;AAGL,QAAM,IAAI,MACR,gCAAgC,KAAK,UAAU,KAAK,CAAC,8CAEtD;;;;AAKL,SAAS,cAAc,MAAuB;AAC5C,QACE,SAAS,MACR,QAAQ,MAAQ,QAAQ,MACxB,QAAQ,MAAQ,QAAQ,MACxB,QAAQ,MAAQ,QAAQ,MACxB,QAAQ,MAAQ,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA8B7B,SAAgB,uBAAuB,MAAc,OAAqB;AACxE,KAAI,OAAO,UAAU,SACnB,OAAM,IAAI,MAAM,mBAAmB,KAAK,UAAU,KAAK,CAAC,kCAAkC;CAM5F,MAAM,UACJ,MAAM,UAAU,KAChB,MAAM,WAAW,EAAE,KAAK,MACxB,MAAM,WAAW,MAAM,SAAS,EAAE,KAAK;CACzC,MAAM,QAAQ,UAAU,IAAI;CAC5B,MAAM,MAAM,UAAU,MAAM,SAAS,IAAI,MAAM;AAC/C,MAAK,IAAI,IAAI,OAAO,IAAI,KAAK,IAE3B,KAAI,CAAC,cADQ,MAAM,WAAW,EAAE,CACR,CACtB,OAAM,IAAI,MACR,mBAAmB,KAAK,UAAU,KAAK,CAAC,gDACd,aAAa,OAAO,EAAE,CAAC,YAAY,EAAE,iRAKhE;;;;;;;;;;;;;;;;;;;;;;;;AC7GP,SAAgB,2BACd,YACA,eACA,UACQ;CACR,MAAM,gBAAgB,IAAI,gBAAgB,cAAc;AACxD,KAAI,cAAc,SAAS,EAAG,QAAO;CAIrC,MAAM,UAAU,WAAW,QAAQ,IAAI;CACvC,MAAM,kBAAkB,WAAW,IAAI,WAAW,MAAM,GAAG,QAAQ,GAAG;CACtE,MAAM,OAAO,WAAW,IAAI,WAAW,MAAM,QAAQ,GAAG;CAGxD,MAAM,OAAO,gBAAgB,QAAQ,IAAI;CACzC,MAAM,aAAa,QAAQ,IAAI,gBAAgB,MAAM,GAAG,KAAK,GAAG;CAChE,MAAM,eAAe,IAAI,gBAAgB,QAAQ,IAAI,gBAAgB,MAAM,OAAO,EAAE,GAAG,GAAG;CAG1F,MAAM,SAAS,IAAI,gBAAgB,aAAa;AAChD,MAAK,MAAM,CAAC,KAAK,UAAU,cAEzB,KAAI,CAAC,aAAa,IAAI,IAAI;MACpB,aAAa,QAAQ,SAAS,SAAS,IAAI,CAC7C,QAAO,OAAO,KAAK,MAAM;;CAK/B,MAAM,KAAK,OAAO,UAAU;AAE5B,SADsB,KAAK,GAAG,WAAW,GAAG,OAAO,cAC5B"}

package/dist/_chunks/{metadata-routes-DS3eKNmf.js → metadata-routes-BU684ls2.js}

@@ -150,4 +150,4 @@ function getMetadataRouteAutoLink(type, href) {
 //#endregion
 export { isDynamicMetadataExtension as a, getMetadataRouteServePath as i, classifyMetadataRoute as n, getMetadataRouteAutoLink as r, METADATA_ROUTE_CONVENTIONS as t };
 
-//# sourceMappingURL=metadata-routes-DS3eKNmf.js.map
+//# sourceMappingURL=metadata-routes-BU684ls2.js.map

package/dist/_chunks/{metadata-routes-DS3eKNmf.js.map → metadata-routes-BU684ls2.js.map}

@@ -1 +1 @@
-{"version":3,"file":"metadata-routes-DS3eKNmf.js","names":[],"sources":["../../src/server/metadata-routes.ts"],"sourcesContent":["/**\n * Metadata route classification for timber.js.\n *\n * Metadata routes are file-based endpoints that generate well-known URLs for\n * crawlers and browsers (sitemap.xml, robots.txt, OG images, etc.).\n *\n * These routes run through proxy.ts but NOT through middleware.ts or access.ts —\n * they are public endpoints by nature.\n *\n * See design/16-metadata.md §\"Metadata Routes\"\n */\n\n// ─── Types ───────────────────────────────────────────────────────────────────\n\n/** Classification of a metadata route file. */\nexport interface MetadataRouteInfo {\n  /** The metadata route type. */\n  type: MetadataRouteType;\n  /** The content type to serve this route with. */\n  contentType: string;\n  /** Whether this route can appear in nested segments (not just app root). */\n  nestable: boolean;\n}\n\nexport type MetadataRouteType =\n  | 'sitemap'\n  | 'robots'\n  | 'manifest'\n  | 'favicon'\n  | 'icon'\n  | 'opengraph-image'\n  | 'twitter-image'\n  | 'apple-icon';\n\n// ─── Convention Table ────────────────────────────────────────────────────────\n\n/**\n * All recognized metadata route file conventions.\n *\n * Each entry maps a base file name (without extension) to its route info.\n * The extensions determine whether the file is static or dynamic.\n *\n * Static extensions: .xml, .txt, .json, .png, .jpg, .ico, .svg\n * Dynamic extensions: .ts, .tsx\n */\nexport const METADATA_ROUTE_CONVENTIONS: Record<\n  string,\n  {\n    type: MetadataRouteType;\n    contentType: string;\n    nestable: boolean;\n    staticExtensions: string[];\n    dynamicExtensions: string[];\n    /** The URL path this file serves at (relative to segment). */\n    servePath: string;\n  }\n> = {\n  'sitemap': {\n    type: 'sitemap',\n    contentType: 'application/xml',\n    nestable: true,\n    staticExtensions: ['xml'],\n    dynamicExtensions: ['ts'],\n    servePath: 'sitemap.xml',\n  },\n  'robots': {\n    type: 'robots',\n    contentType: 'text/plain',\n    nestable: false,\n    staticExtensions: ['txt'],\n    dynamicExtensions: ['ts'],\n    servePath: 'robots.txt',\n  },\n  'manifest': {\n    type: 'manifest',\n    contentType: 'application/manifest+json',\n    nestable: false,\n    staticExtensions: ['json'],\n    dynamicExtensions: ['ts'],\n    servePath: 'manifest.webmanifest',\n  },\n  'favicon': {\n    type: 'favicon',\n    contentType: 'image/x-icon',\n    nestable: false,\n    staticExtensions: ['ico'],\n    dynamicExtensions: [],\n    servePath: 'favicon.ico',\n  },\n  'icon': {\n    type: 'icon',\n    contentType: 'image/*',\n    nestable: true,\n    staticExtensions: ['png', 'jpg', 'svg'],\n    dynamicExtensions: ['ts', 'tsx'],\n    servePath: 'icon',\n  },\n  'opengraph-image': {\n    type: 'opengraph-image',\n    contentType: 'image/*',\n    nestable: true,\n    staticExtensions: ['png', 'jpg'],\n    dynamicExtensions: ['ts', 'tsx'],\n    servePath: 'opengraph-image',\n  },\n  'twitter-image': {\n    type: 'twitter-image',\n    contentType: 'image/*',\n    nestable: true,\n    staticExtensions: ['png', 'jpg'],\n    dynamicExtensions: ['ts', 'tsx'],\n    servePath: 'twitter-image',\n  },\n  'apple-icon': {\n    type: 'apple-icon',\n    contentType: 'image/*',\n    nestable: true,\n    staticExtensions: ['png'],\n    dynamicExtensions: ['ts', 'tsx'],\n    servePath: 'apple-icon',\n  },\n};\n\n// ─── MIME Type Resolution ─────────────────────────────────────────────────────\n\n/**\n * Map of file extensions to MIME types for static metadata route files.\n * Used to resolve the generic `image/*` content type for static image files.\n */\nconst EXTENSION_MIME_TYPES: Record<string, string> = {\n  xml: 'application/xml',\n  txt: 'text/plain',\n  json: 'application/json',\n  ico: 'image/x-icon',\n  png: 'image/png',\n  jpg: 'image/jpeg',\n  jpeg: 'image/jpeg',\n  svg: 'image/svg+xml',\n  webp: 'image/webp',\n};\n\n/**\n * Resolve the concrete MIME type for a static metadata route file.\n *\n * For generic content types like `image/*`, this resolves to the actual\n * MIME type based on the file extension (e.g. `image/png` for `.png`).\n *\n * @param conventionContentType - The content type from the convention table (may be generic like `image/*`)\n * @param extension - The file extension without leading dot (e.g. \"png\", \"xml\")\n * @returns The resolved MIME type\n */\nexport function resolveStaticContentType(conventionContentType: string, extension: string): string {\n  if (conventionContentType.includes('*')) {\n    return EXTENSION_MIME_TYPES[extension] ?? 'application/octet-stream';\n  }\n  return conventionContentType;\n}\n\n/**\n * Check if a file extension represents a static (non-code) metadata route file.\n *\n * @param baseName - The base file name without extension (e.g. \"sitemap\", \"icon\")\n * @param extension - The file extension without leading dot (e.g. \"xml\", \"png\", \"ts\")\n * @returns true if this is a static file, false if dynamic or unrecognized\n */\nexport function isStaticMetadataExtension(baseName: string, extension: string): boolean {\n  const convention = METADATA_ROUTE_CONVENTIONS[baseName];\n  if (!convention) return false;\n  return convention.staticExtensions.includes(extension);\n}\n\n/**\n * Check if a file extension represents a dynamic (code) metadata route file.\n *\n * @param baseName - The base file name without extension (e.g. \"sitemap\", \"icon\")\n * @param extension - The file extension without leading dot (e.g. \"ts\", \"tsx\")\n * @returns true if this is a dynamic file, false if static or unrecognized\n */\nexport function isDynamicMetadataExtension(baseName: string, extension: string): boolean {\n  const convention = METADATA_ROUTE_CONVENTIONS[baseName];\n  if (!convention) return false;\n  return convention.dynamicExtensions.includes(extension);\n}\n\n// ─── Classification ──────────────────────────────────────────────────────────\n\n/**\n * Classify a file name as a metadata route, or return null if it's not one.\n *\n * @param fileName - The full file name including extension (e.g. \"sitemap.xml\", \"icon.tsx\")\n * @returns Classification info, or null if not a metadata route\n */\nexport function classifyMetadataRoute(fileName: string): MetadataRouteInfo | null {\n  const dotIndex = fileName.lastIndexOf('.');\n  if (dotIndex === -1) return null;\n\n  const baseName = fileName.slice(0, dotIndex);\n  const ext = fileName.slice(dotIndex + 1);\n\n  const convention = METADATA_ROUTE_CONVENTIONS[baseName];\n  if (!convention) return null;\n\n  const isStatic = convention.staticExtensions.includes(ext);\n  const isDynamic = convention.dynamicExtensions.includes(ext);\n\n  if (!isStatic && !isDynamic) return null;\n\n  return {\n    type: convention.type,\n    contentType: convention.contentType,\n    nestable: convention.nestable,\n  };\n}\n\n/**\n * Get the serve path for a metadata route type.\n *\n * @param type - The metadata route type\n * @returns The URL path fragment this route serves at\n */\nexport function getMetadataRouteServePath(type: MetadataRouteType): string {\n  for (const convention of Object.values(METADATA_ROUTE_CONVENTIONS)) {\n    if (convention.type === type) return convention.servePath;\n  }\n  throw new Error(`[timber] Unknown metadata route type: ${type}`);\n}\n\n/**\n * Get the auto-link tags to inject into <head> for metadata route files\n * discovered in a segment.\n *\n * @param type - The metadata route type\n * @param href - The resolved URL path to the metadata route\n * @returns An object with tag/attrs for the <head>, or null if no auto-link\n */\nexport function getMetadataRouteAutoLink(\n  type: MetadataRouteType,\n  href: string\n): { rel: string; href: string; type?: string } | null {\n  switch (type) {\n    case 'icon':\n      return { rel: 'icon', href };\n    case 'apple-icon':\n      return { rel: 'apple-touch-icon', href };\n    case 'manifest':\n      return { rel: 'manifest', href };\n    default:\n      return null;\n  }\n}\n"],"mappings":";;;;;;;;;;AA6CA,IAAa,6BAWT;CACF,WAAW;EACT,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,MAAM;EACzB,mBAAmB,CAAC,KAAK;EACzB,WAAW;EACZ;CACD,UAAU;EACR,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,MAAM;EACzB,mBAAmB,CAAC,KAAK;EACzB,WAAW;EACZ;CACD,YAAY;EACV,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,OAAO;EAC1B,mBAAmB,CAAC,KAAK;EACzB,WAAW;EACZ;CACD,WAAW;EACT,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,MAAM;EACzB,mBAAmB,EAAE;EACrB,WAAW;EACZ;CACD,QAAQ;EACN,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB;GAAC;GAAO;GAAO;GAAM;EACvC,mBAAmB,CAAC,MAAM,MAAM;EAChC,WAAW;EACZ;CACD,mBAAmB;EACjB,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,OAAO,MAAM;EAChC,mBAAmB,CAAC,MAAM,MAAM;EAChC,WAAW;EACZ;CACD,iBAAiB;EACf,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,OAAO,MAAM;EAChC,mBAAmB,CAAC,MAAM,MAAM;EAChC,WAAW;EACZ;CACD,cAAc;EACZ,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,MAAM;EACzB,mBAAmB,CAAC,MAAM,MAAM;EAChC,WAAW;EACZ;CACF;;;;;;;;AAyDD,SAAgB,2BAA2B,UAAkB,WAA4B;CACvF,MAAM,aAAa,2BAA2B;AAC9C,KAAI,CAAC,WAAY,QAAO;AACxB,QAAO,WAAW,kBAAkB,SAAS,UAAU;;;;;;;;AAWzD,SAAgB,sBAAsB,UAA4C;CAChF,MAAM,WAAW,SAAS,YAAY,IAAI;AAC1C,KAAI,aAAa,GAAI,QAAO;CAE5B,MAAM,WAAW,SAAS,MAAM,GAAG,SAAS;CAC5C,MAAM,MAAM,SAAS,MAAM,WAAW,EAAE;CAExC,MAAM,aAAa,2BAA2B;AAC9C,KAAI,CAAC,WAAY,QAAO;CAExB,MAAM,WAAW,WAAW,iBAAiB,SAAS,IAAI;CAC1D,MAAM,YAAY,WAAW,kBAAkB,SAAS,IAAI;AAE5D,KAAI,CAAC,YAAY,CAAC,UAAW,QAAO;AAEpC,QAAO;EACL,MAAM,WAAW;EACjB,aAAa,WAAW;EACxB,UAAU,WAAW;EACtB;;;;;;;;AASH,SAAgB,0BAA0B,MAAiC;AACzE,MAAK,MAAM,cAAc,OAAO,OAAO,2BAA2B,CAChE,KAAI,WAAW,SAAS,KAAM,QAAO,WAAW;AAElD,OAAM,IAAI,MAAM,yCAAyC,OAAO;;;;;;;;;;AAWlE,SAAgB,yBACd,MACA,MACqD;AACrD,SAAQ,MAAR;EACE,KAAK,OACH,QAAO;GAAE,KAAK;GAAQ;GAAM;EAC9B,KAAK,aACH,QAAO;GAAE,KAAK;GAAoB;GAAM;EAC1C,KAAK,WACH,QAAO;GAAE,KAAK;GAAY;GAAM;EAClC,QACE,QAAO"}
+{"version":3,"file":"metadata-routes-BU684ls2.js","names":[],"sources":["../../src/server/metadata-routes.ts"],"sourcesContent":["/**\n * Metadata route classification for timber.js.\n *\n * Metadata routes are file-based endpoints that generate well-known URLs for\n * crawlers and browsers (sitemap.xml, robots.txt, OG images, etc.).\n *\n * These routes run through proxy.ts but NOT through middleware.ts or access.ts —\n * they are public endpoints by nature.\n *\n * See design/16-metadata.md §\"Metadata Routes\"\n */\n\n// ─── Types ───────────────────────────────────────────────────────────────────\n\n/** Classification of a metadata route file. */\nexport interface MetadataRouteInfo {\n  /** The metadata route type. */\n  type: MetadataRouteType;\n  /** The content type to serve this route with. */\n  contentType: string;\n  /** Whether this route can appear in nested segments (not just app root). */\n  nestable: boolean;\n}\n\nexport type MetadataRouteType =\n  | 'sitemap'\n  | 'robots'\n  | 'manifest'\n  | 'favicon'\n  | 'icon'\n  | 'opengraph-image'\n  | 'twitter-image'\n  | 'apple-icon';\n\n// ─── Convention Table ────────────────────────────────────────────────────────\n\n/**\n * All recognized metadata route file conventions.\n *\n * Each entry maps a base file name (without extension) to its route info.\n * The extensions determine whether the file is static or dynamic.\n *\n * Static extensions: .xml, .txt, .json, .png, .jpg, .ico, .svg\n * Dynamic extensions: .ts, .tsx\n */\nexport const METADATA_ROUTE_CONVENTIONS: Record<\n  string,\n  {\n    type: MetadataRouteType;\n    contentType: string;\n    nestable: boolean;\n    staticExtensions: string[];\n    dynamicExtensions: string[];\n    /** The URL path this file serves at (relative to segment). */\n    servePath: string;\n  }\n> = {\n  'sitemap': {\n    type: 'sitemap',\n    contentType: 'application/xml',\n    nestable: true,\n    staticExtensions: ['xml'],\n    dynamicExtensions: ['ts'],\n    servePath: 'sitemap.xml',\n  },\n  'robots': {\n    type: 'robots',\n    contentType: 'text/plain',\n    nestable: false,\n    staticExtensions: ['txt'],\n    dynamicExtensions: ['ts'],\n    servePath: 'robots.txt',\n  },\n  'manifest': {\n    type: 'manifest',\n    contentType: 'application/manifest+json',\n    nestable: false,\n    staticExtensions: ['json'],\n    dynamicExtensions: ['ts'],\n    servePath: 'manifest.webmanifest',\n  },\n  'favicon': {\n    type: 'favicon',\n    contentType: 'image/x-icon',\n    nestable: false,\n    staticExtensions: ['ico'],\n    dynamicExtensions: [],\n    servePath: 'favicon.ico',\n  },\n  'icon': {\n    type: 'icon',\n    contentType: 'image/*',\n    nestable: true,\n    staticExtensions: ['png', 'jpg', 'svg'],\n    dynamicExtensions: ['ts', 'tsx'],\n    servePath: 'icon',\n  },\n  'opengraph-image': {\n    type: 'opengraph-image',\n    contentType: 'image/*',\n    nestable: true,\n    staticExtensions: ['png', 'jpg'],\n    dynamicExtensions: ['ts', 'tsx'],\n    servePath: 'opengraph-image',\n  },\n  'twitter-image': {\n    type: 'twitter-image',\n    contentType: 'image/*',\n    nestable: true,\n    staticExtensions: ['png', 'jpg'],\n    dynamicExtensions: ['ts', 'tsx'],\n    servePath: 'twitter-image',\n  },\n  'apple-icon': {\n    type: 'apple-icon',\n    contentType: 'image/*',\n    nestable: true,\n    staticExtensions: ['png'],\n    dynamicExtensions: ['ts', 'tsx'],\n    servePath: 'apple-icon',\n  },\n};\n\n// ─── MIME Type Resolution ─────────────────────────────────────────────────────\n\n/**\n * Map of file extensions to MIME types for static metadata route files.\n * Used to resolve the generic `image/*` content type for static image files.\n */\nconst EXTENSION_MIME_TYPES: Record<string, string> = {\n  xml: 'application/xml',\n  txt: 'text/plain',\n  json: 'application/json',\n  ico: 'image/x-icon',\n  png: 'image/png',\n  jpg: 'image/jpeg',\n  jpeg: 'image/jpeg',\n  svg: 'image/svg+xml',\n  webp: 'image/webp',\n};\n\n/**\n * Resolve the concrete MIME type for a static metadata route file.\n *\n * For generic content types like `image/*`, this resolves to the actual\n * MIME type based on the file extension (e.g. `image/png` for `.png`).\n *\n * @param conventionContentType - The content type from the convention table (may be generic like `image/*`)\n * @param extension - The file extension without leading dot (e.g. \"png\", \"xml\")\n * @returns The resolved MIME type\n */\nexport function resolveStaticContentType(conventionContentType: string, extension: string): string {\n  if (conventionContentType.includes('*')) {\n    return EXTENSION_MIME_TYPES[extension] ?? 'application/octet-stream';\n  }\n  return conventionContentType;\n}\n\n/**\n * Check if a file extension represents a static (non-code) metadata route file.\n *\n * @param baseName - The base file name without extension (e.g. \"sitemap\", \"icon\")\n * @param extension - The file extension without leading dot (e.g. \"xml\", \"png\", \"ts\")\n * @returns true if this is a static file, false if dynamic or unrecognized\n */\nexport function isStaticMetadataExtension(baseName: string, extension: string): boolean {\n  const convention = METADATA_ROUTE_CONVENTIONS[baseName];\n  if (!convention) return false;\n  return convention.staticExtensions.includes(extension);\n}\n\n/**\n * Check if a file extension represents a dynamic (code) metadata route file.\n *\n * @param baseName - The base file name without extension (e.g. \"sitemap\", \"icon\")\n * @param extension - The file extension without leading dot (e.g. \"ts\", \"tsx\")\n * @returns true if this is a dynamic file, false if static or unrecognized\n */\nexport function isDynamicMetadataExtension(baseName: string, extension: string): boolean {\n  const convention = METADATA_ROUTE_CONVENTIONS[baseName];\n  if (!convention) return false;\n  return convention.dynamicExtensions.includes(extension);\n}\n\n// ─── Classification ──────────────────────────────────────────────────────────\n\n/**\n * Classify a file name as a metadata route, or return null if it's not one.\n *\n * @param fileName - The full file name including extension (e.g. \"sitemap.xml\", \"icon.tsx\")\n * @returns Classification info, or null if not a metadata route\n */\nexport function classifyMetadataRoute(fileName: string): MetadataRouteInfo | null {\n  const dotIndex = fileName.lastIndexOf('.');\n  if (dotIndex === -1) return null;\n\n  const baseName = fileName.slice(0, dotIndex);\n  const ext = fileName.slice(dotIndex + 1);\n\n  const convention = METADATA_ROUTE_CONVENTIONS[baseName];\n  if (!convention) return null;\n\n  const isStatic = convention.staticExtensions.includes(ext);\n  const isDynamic = convention.dynamicExtensions.includes(ext);\n\n  if (!isStatic && !isDynamic) return null;\n\n  return {\n    type: convention.type,\n    contentType: convention.contentType,\n    nestable: convention.nestable,\n  };\n}\n\n/**\n * Get the serve path for a metadata route type.\n *\n * @param type - The metadata route type\n * @returns The URL path fragment this route serves at\n */\nexport function getMetadataRouteServePath(type: MetadataRouteType): string {\n  for (const convention of Object.values(METADATA_ROUTE_CONVENTIONS)) {\n    if (convention.type === type) return convention.servePath;\n  }\n  throw new Error(`[timber] Unknown metadata route type: ${type}`);\n}\n\n/**\n * Get the auto-link tags to inject into <head> for metadata route files\n * discovered in a segment.\n *\n * @param type - The metadata route type\n * @param href - The resolved URL path to the metadata route\n * @returns An object with tag/attrs for the <head>, or null if no auto-link\n */\nexport function getMetadataRouteAutoLink(\n  type: MetadataRouteType,\n  href: string\n): { rel: string; href: string; type?: string } | null {\n  switch (type) {\n    case 'icon':\n      return { rel: 'icon', href };\n    case 'apple-icon':\n      return { rel: 'apple-touch-icon', href };\n    case 'manifest':\n      return { rel: 'manifest', href };\n    default:\n      return null;\n  }\n}\n"],"mappings":";;;;;;;;;;AA6CA,IAAa,6BAWT;CACF,WAAW;EACT,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,MAAM;EACzB,mBAAmB,CAAC,KAAK;EACzB,WAAW;EACZ;CACD,UAAU;EACR,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,MAAM;EACzB,mBAAmB,CAAC,KAAK;EACzB,WAAW;EACZ;CACD,YAAY;EACV,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,OAAO;EAC1B,mBAAmB,CAAC,KAAK;EACzB,WAAW;EACZ;CACD,WAAW;EACT,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,MAAM;EACzB,mBAAmB,EAAE;EACrB,WAAW;EACZ;CACD,QAAQ;EACN,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB;GAAC;GAAO;GAAO;GAAM;EACvC,mBAAmB,CAAC,MAAM,MAAM;EAChC,WAAW;EACZ;CACD,mBAAmB;EACjB,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,OAAO,MAAM;EAChC,mBAAmB,CAAC,MAAM,MAAM;EAChC,WAAW;EACZ;CACD,iBAAiB;EACf,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,OAAO,MAAM;EAChC,mBAAmB,CAAC,MAAM,MAAM;EAChC,WAAW;EACZ;CACD,cAAc;EACZ,MAAM;EACN,aAAa;EACb,UAAU;EACV,kBAAkB,CAAC,MAAM;EACzB,mBAAmB,CAAC,MAAM,MAAM;EAChC,WAAW;EACZ;CACF;;;;;;;;AAyDD,SAAgB,2BAA2B,UAAkB,WAA4B;CACvF,MAAM,aAAa,2BAA2B;AAC9C,KAAI,CAAC,WAAY,QAAO;AACxB,QAAO,WAAW,kBAAkB,SAAS,UAAU;;;;;;;;AAWzD,SAAgB,sBAAsB,UAA4C;CAChF,MAAM,WAAW,SAAS,YAAY,IAAI;AAC1C,KAAI,aAAa,GAAI,QAAO;CAE5B,MAAM,WAAW,SAAS,MAAM,GAAG,SAAS;CAC5C,MAAM,MAAM,SAAS,MAAM,WAAW,EAAE;CAExC,MAAM,aAAa,2BAA2B;AAC9C,KAAI,CAAC,WAAY,QAAO;CAExB,MAAM,WAAW,WAAW,iBAAiB,SAAS,IAAI;CAC1D,MAAM,YAAY,WAAW,kBAAkB,SAAS,IAAI;AAE5D,KAAI,CAAC,YAAY,CAAC,UAAW,QAAO;AAEpC,QAAO;EACL,MAAM,WAAW;EACjB,aAAa,WAAW;EACxB,UAAU,WAAW;EACtB;;;;;;;;AASH,SAAgB,0BAA0B,MAAiC;AACzE,MAAK,MAAM,cAAc,OAAO,OAAO,2BAA2B,CAChE,KAAI,WAAW,SAAS,KAAM,QAAO,WAAW;AAElD,OAAM,IAAI,MAAM,yCAAyC,OAAO;;;;;;;;;;AAWlE,SAAgB,yBACd,MACA,MACqD;AACrD,SAAQ,MAAR;EACE,KAAK,OACH,QAAO;GAAE,KAAK;GAAQ;GAAM;EAC9B,KAAK,aACH,QAAO;GAAE,KAAK;GAAoB;GAAM;EAC1C,KAAK,WACH,QAAO;GAAE,KAAK;GAAY;GAAM;EAClC,QACE,QAAO"}

package/dist/_chunks/navigation-root-BCYczjml.js

@@ -0,0 +1,96 @@
+import "./use-segment-params-BkpKAQ7D.js";
+import "react";
+//#region src/client/link-pending-store.ts
+var LINK_PENDING_KEY = Symbol.for("__timber_link_pending");
+/** Status object: link idle */
+var LINK_IDLE = { isPending: false };
+function getStore() {
+	const g = globalThis;
+	if (!g[LINK_PENDING_KEY]) g[LINK_PENDING_KEY] = { current: null };
+	return g[LINK_PENDING_KEY];
+}
+/**
+* Register the link instance that initiated the current navigation.
+* Called from Link's click handler. Does NOT call setIsPending —
+* that happens inside NavigationRoot's startTransition via
+* activateLinkPending().
+*
+* Resets the previous link to idle immediately (the old link's
+* useOptimistic reverts since its transition already settled).
+*/
+function setLinkForCurrentNavigation(link) {
+	const store = getStore();
+	store.current = link;
+}
+/**
+* Unmount a link instance from navigation tracking.
+*/
+function unmountLinkForCurrentNavigation(link) {
+	const store = getStore();
+	if (store.current === link) store.current = null;
+}
+//#endregion
+//#region src/client/top-loader.tsx
+/**
+* TopLoader — Built-in progress bar for client navigations.
+*
+* Shows an animated progress bar at the top of the viewport while an RSC
+* navigation is in flight. Injected automatically by the framework into
+* NavigationRoot — users never render this component directly.
+*
+* Configuration is via timber.config.ts `topLoader` key. Enabled by default.
+* Users who want a fully custom progress indicator disable the built-in one
+* (`topLoader: { enabled: false }`) and use `usePendingNavigation()` directly.
+*
+* Animation approach: pure CSS @keyframes. The bar crawls from 0% to ~90%
+* width over ~30s using ease-out timing. When navigation completes, the bar
+* snaps to 100% and fades out over 200ms. No JS animation loops (RAF, setInterval).
+*
+* Phase transitions are derived synchronously during render (React's
+* getDerivedStateFromProps pattern) — no useEffect needed for state tracking.
+* The finishing → hidden cleanup uses onTransitionEnd from the CSS transition.
+*
+* When delay > 0, CSS animation-delay + a visibility keyframe ensure the bar
+* stays invisible during the delay period. If navigation finishes before the
+* delay, the bar was never visible so the finish transition is also invisible.
+*
+* See design/19-client-navigation.md §"usePendingNavigation()"
+* See LOCAL-336 for design decisions.
+*/
+//#endregion
+//#region src/client/navigation-root.tsx
+/**
+* Module-level flag indicating a hard (MPA) navigation is in progress.
+*
+* When true:
+* - NavigationRoot throws an unresolved thenable to suspend forever,
+*   preventing React from rendering children during page teardown
+*   (avoids "Rendered more hooks" crashes).
+* - The Navigation API handler skips interception, letting the browser
+*   perform a full page load (prevents infinite loops where
+*   window.location.href → navigate event → router.navigate → 500 →
+*   window.location.href → ...).
+*
+* Uses globalThis for singleton guarantee across chunks (same pattern
+* as NavigationContext). See design/19-client-navigation.md §"Singleton
+* Guarantee via globalThis".
+*/
+var HARD_NAV_KEY = Symbol.for("__timber_hard_navigating");
+function getHardNavStore() {
+	const g = globalThis;
+	if (!g[HARD_NAV_KEY]) g[HARD_NAV_KEY] = { value: false };
+	return g[HARD_NAV_KEY];
+}
+/**
+* Set the hard-navigating flag. Call this BEFORE setting
+* window.location.href or window.location.reload() to prevent:
+* 1. React from rendering children during page teardown
+* 2. Navigation API from intercepting the hard navigation
+*/
+function setHardNavigating(value) {
+	getHardNavStore().value = value;
+}
+//#endregion
+export { unmountLinkForCurrentNavigation as i, LINK_IDLE as n, setLinkForCurrentNavigation as r, setHardNavigating as t };
+
+//# sourceMappingURL=navigation-root-BCYczjml.js.map

package/dist/_chunks/navigation-root-BCYczjml.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"navigation-root-BCYczjml.js","names":[],"sources":["../../src/client/link-pending-store.ts","../../src/client/top-loader.tsx","../../src/client/navigation-root.tsx"],"sourcesContent":["/**\n * Link Pending Store — per-link optimistic pending state.\n *\n * Tracks which link instance is currently navigating so that only the\n * clicked link shows pending. Uses `useOptimistic` from React 19 —\n * the optimistic value (isPending=true) is set inside NavigationRoot's\n * async startTransition so it persists for the duration of the RSC\n * fetch, then auto-reverts to idle when the transition settles.\n *\n * Flow:\n * 1. Link click → setLinkForCurrentNavigation(instance) stores the ref\n * 2. NavigationRoot startTransition → activateLinkPending() calls\n *    instance.setIsPending(LINK_PENDING) inside the async transition\n * 3. Transition settles → useOptimistic auto-reverts to LINK_IDLE\n *\n * SINGLETON GUARANTEE: Uses `globalThis` via `Symbol.for` keys because\n * the RSC client bundler can duplicate this module across chunks.\n *\n * See design/19-client-navigation.md §\"Per-Link Pending State\"\n */\n\nimport type { LinkStatus } from './use-link-status.js';\n\n// ─── Types ───────────────────────────────────────────────────────\n\nexport interface LinkPendingInstance {\n  setIsPending: (status: LinkStatus) => void;\n}\n\n// ─── Constants ───────────────────────────────────────────────────\n\nconst LINK_PENDING_KEY = Symbol.for('__timber_link_pending');\n\n/** Status object: link navigation in flight */\nexport const LINK_PENDING: LinkStatus = { isPending: true };\n\n/** Status object: link idle */\nexport const LINK_IDLE: LinkStatus = { isPending: false };\n\n// ─── Singleton Storage ───────────────────────────────────────────\n\nfunction getStore(): { current: LinkPendingInstance | null } {\n  const g = globalThis as Record<symbol, unknown>;\n  if (!g[LINK_PENDING_KEY]) {\n    g[LINK_PENDING_KEY] = { current: null };\n  }\n  return g[LINK_PENDING_KEY] as { current: LinkPendingInstance | null };\n}\n\n// ─── Public API ──────────────────────────────────────────────────\n\n/**\n * Register the link instance that initiated the current navigation.\n * Called from Link's click handler. Does NOT call setIsPending —\n * that happens inside NavigationRoot's startTransition via\n * activateLinkPending().\n *\n * Resets the previous link to idle immediately (the old link's\n * useOptimistic reverts since its transition already settled).\n */\nexport function setLinkForCurrentNavigation(link: LinkPendingInstance | null): void {\n  const store = getStore();\n  store.current = link;\n}\n\n/**\n * Activate pending state on the current link instance.\n * MUST be called inside NavigationRoot's async startTransition —\n * this is what makes useOptimistic persist for the navigation duration.\n */\nexport function activateLinkPending(): void {\n  const store = getStore();\n  store.current?.setIsPending(LINK_PENDING);\n}\n\n/**\n * Reset the current link's pending state. With useOptimistic this is\n * handled automatically when the transition settles. Kept for callers\n * that explicitly need to clear on error paths.\n */\nexport function resetLinkPending(): void {\n  const store = getStore();\n  if (store.current) {\n    store.current.setIsPending(LINK_IDLE);\n    store.current = null;\n  }\n}\n\n/**\n * @deprecated No longer needed with useOptimistic. Kept for callers.\n */\nexport function getCurrentNavId(): number {\n  return 0;\n}\n\n/**\n * Clean up the link pending store entirely.\n */\nexport function clearLinkPendingSetter(): void {\n  getStore().current = null;\n}\n\n/**\n * Unmount a link instance from navigation tracking.\n */\nexport function unmountLinkForCurrentNavigation(link: LinkPendingInstance): void {\n  const store = getStore();\n  if (store.current === link) {\n    store.current = null;\n  }\n}\n","/**\n * TopLoader — Built-in progress bar for client navigations.\n *\n * Shows an animated progress bar at the top of the viewport while an RSC\n * navigation is in flight. Injected automatically by the framework into\n * NavigationRoot — users never render this component directly.\n *\n * Configuration is via timber.config.ts `topLoader` key. Enabled by default.\n * Users who want a fully custom progress indicator disable the built-in one\n * (`topLoader: { enabled: false }`) and use `usePendingNavigation()` directly.\n *\n * Animation approach: pure CSS @keyframes. The bar crawls from 0% to ~90%\n * width over ~30s using ease-out timing. When navigation completes, the bar\n * snaps to 100% and fades out over 200ms. No JS animation loops (RAF, setInterval).\n *\n * Phase transitions are derived synchronously during render (React's\n * getDerivedStateFromProps pattern) — no useEffect needed for state tracking.\n * The finishing → hidden cleanup uses onTransitionEnd from the CSS transition.\n *\n * When delay > 0, CSS animation-delay + a visibility keyframe ensure the bar\n * stays invisible during the delay period. If navigation finishes before the\n * delay, the bar was never visible so the finish transition is also invisible.\n *\n * See design/19-client-navigation.md §\"usePendingNavigation()\"\n * See LOCAL-336 for design decisions.\n */\n\n'use client';\n\nimport { useState, createElement } from 'react';\nimport { usePendingNavigationUrl } from './navigation-context.js';\n\n// ─── Types ───────────────────────────────────────────────────────\n\nexport interface TopLoaderConfig {\n  /** Whether the top-loader is enabled. Default: true. */\n  enabled?: boolean;\n  /** Bar color. Default: '#2299DD'. */\n  color?: string;\n  /** Bar height in pixels. Default: 3. */\n  height?: number;\n  /** Show subtle glow/shadow effect. Default: false. */\n  shadow?: boolean;\n  /** Delay in ms before showing the bar. Default: 0. */\n  delay?: number;\n  /** CSS z-index. Default: 1600. */\n  zIndex?: number;\n}\n\n// ─── Defaults ────────────────────────────────────────────────────\n\nconst DEFAULT_COLOR = '#2299DD';\nconst DEFAULT_HEIGHT = 3;\nconst DEFAULT_SHADOW = false;\nconst DEFAULT_DELAY = 0;\nconst DEFAULT_Z_INDEX = 1600;\n\n// ─── Keyframes ───────────────────────────────────────────────────\n\n// Unique keyframes name to avoid collisions with user styles.\nconst CRAWL_KEYFRAMES = '__timber_top_loader_crawl';\nconst APPEAR_KEYFRAMES = '__timber_top_loader_appear';\nconst FINISH_KEYFRAMES = '__timber_top_loader_finish';\n\n// Track whether the @keyframes rules have been injected into the document.\nlet keyframesInjected = false;\n\n/**\n * Inject the @keyframes rules into the document head once.\n * Called during render (idempotent). Uses a <style> tag so the\n * animations are available for inline-styled elements.\n */\nfunction ensureKeyframes(): void {\n  if (keyframesInjected) return;\n  if (typeof document === 'undefined') return;\n\n  const style = document.createElement('style');\n  style.textContent = `\n@keyframes ${CRAWL_KEYFRAMES} {\n  0% { width: 0%; }\n  100% { width: 90%; }\n}\n@keyframes ${APPEAR_KEYFRAMES} {\n  from { opacity: 0; }\n  to { opacity: 1; }\n}\n@keyframes ${FINISH_KEYFRAMES} {\n  0% { width: 90%; opacity: 1; }\n  50% { width: 100%; opacity: 1; }\n  100% { width: 100%; opacity: 0; }\n}\n`;\n  document.head.appendChild(style);\n  keyframesInjected = true;\n}\n\n// ─── Component ───────────────────────────────────────────────────\n\n/**\n * Internal top-loader component. Injected by NavigationRoot.\n *\n * Reads pending navigation state from PendingNavigationContext.\n * Phase transitions are derived synchronously during render:\n *\n *   hidden → crawling:   when isPending becomes true\n *   crawling → finishing: when isPending becomes false\n *   finishing → hidden:   when CSS transition ends (onTransitionEnd)\n *   finishing → crawling: when isPending becomes true again\n *\n * No useEffect — all state changes are either derived during render\n * (getDerivedStateFromProps pattern) or triggered by DOM events.\n */\nexport function TopLoader({ config }: { config?: TopLoaderConfig }): React.ReactElement | null {\n  const pendingUrl = usePendingNavigationUrl();\n  // Navigation is pending when the React-based pending URL is set.\n  // pendingUrl is set as an urgent update in navigateTransition() —\n  // React commits it before the next paint, so the TopLoader appears\n  // immediately when a real RSC navigation starts.\n  //\n  // We intentionally do NOT check hasNativeNavigationTransition() here.\n  // The Navigation API's transition is active for ALL intercepted\n  // navigations, including shallow URL updates (nuqs search param\n  // changes with shallow: true) and prevented navigations. Those\n  // briefly set navigation.transition via event.intercept() but do\n  // NOT trigger RSC fetches — showing the TopLoader would be incorrect.\n  // pendingUrl is the authoritative signal for \"we're fetching RSC data.\"\n  const isPending = pendingUrl !== null;\n\n  const color = config?.color ?? DEFAULT_COLOR;\n  const height = config?.height ?? DEFAULT_HEIGHT;\n  const shadow = config?.shadow ?? DEFAULT_SHADOW;\n  const delay = config?.delay ?? DEFAULT_DELAY;\n  const zIndex = config?.zIndex ?? DEFAULT_Z_INDEX;\n\n  const [phase, setPhase] = useState<'hidden' | 'crawling' | 'finishing'>('hidden');\n\n  // ─── Synchronous phase derivation (getDerivedStateFromProps) ──\n  // React allows setState during render if the value changes — it\n  // immediately re-renders with the updated state before committing.\n\n  if (isPending && (phase === 'hidden' || phase === 'finishing')) {\n    setPhase('crawling');\n  }\n  if (!isPending && phase === 'crawling') {\n    setPhase('finishing');\n  }\n\n  // Inject keyframes on first visible render (idempotent)\n  if (phase !== 'hidden') {\n    ensureKeyframes();\n  }\n\n  if (phase === 'hidden') return null;\n\n  // ─── Styles ──────────────────────────────────────────────────\n\n  const containerStyle: React.CSSProperties = {\n    position: 'fixed',\n    top: 0,\n    left: 0,\n    width: '100%',\n    height: `${height}px`,\n    zIndex,\n    pointerEvents: 'none',\n  };\n\n  const barStyle: React.CSSProperties = {\n    height: '100%',\n    backgroundColor: color,\n    ...(phase === 'crawling'\n      ? {\n          // Crawl from 0% to 90% over 30s. When delay > 0, both the crawl\n          // and a visibility animation are delayed — the bar stays at width 0%\n          // and opacity 0 during the delay, then appears and starts crawling.\n          // With delay 0, the appear animation is instant (0s duration, no delay).\n          animation: [\n            `${CRAWL_KEYFRAMES} 30s ease-out ${delay}ms forwards`,\n            `${APPEAR_KEYFRAMES} 0s ${delay}ms both`,\n          ].join(', '),\n        }\n      : {\n          // Finishing: fill to 100% then fade out via a keyframe animation.\n          // We use a keyframe instead of a CSS transition because the\n          // animation-to-transition handoff is unreliable — the browser\n          // may not capture the animated width as the transition's \"from\"\n          // value when both the animation removal and transition are\n          // applied in the same render frame.\n          animation: `${FINISH_KEYFRAMES} 400ms ease forwards`,\n        }),\n    ...(shadow\n      ? {\n          boxShadow: `0 0 10px ${color}, 0 0 5px ${color}`,\n        }\n      : {}),\n  };\n\n  // Clean up the finishing phase when the finish animation completes.\n  const handleAnimationEnd =\n    phase === 'finishing'\n      ? (e: React.AnimationEvent) => {\n          if (e.animationName === FINISH_KEYFRAMES) {\n            setPhase('hidden');\n          }\n        }\n      : undefined;\n\n  return createElement(\n    'div',\n    {\n      'style': containerStyle,\n      'aria-hidden': 'true',\n      'data-timber-top-loader': '',\n    },\n    createElement('div', { style: barStyle, onAnimationEnd: handleAnimationEnd })\n  );\n}\n","/**\n * NavigationRoot — Wrapper component for transition-based rendering.\n *\n * Solves the \"new boundary has no old content\" problem for client-side\n * navigation. When React renders a completely new Suspense boundary via\n * root.render(), it shows the fallback immediately — root.render() is\n * always an urgent update regardless of startTransition.\n *\n * NavigationRoot holds the current element in React state. Navigation\n * updates call startTransition(() => setState(newElement)), which IS\n * a transition update. React keeps the old committed tree visible while\n * any new Suspense boundaries in the transition resolve.\n *\n * Also manages `pendingUrl` as React state with an urgent/transition split:\n * - Navigation START: `setPendingUrl(url)` is an urgent update — React\n *   commits it before the next paint, showing the spinner immediately.\n * - Navigation END: `setPendingUrl(null)` is inside `startTransition`\n *   alongside `setElement(newTree)` — both commit atomically, so the\n *   spinner disappears in the same frame as the new content appears.\n *\n * Hard navigation guard: When a hard navigation is triggered (500 error,\n * version skew), the component throws an unresolved thenable AFTER all\n * hooks to suspend forever — preventing React from rendering children\n * during page teardown. The throw must come after hooks to satisfy\n * React's rules (same hook count every render) while still preventing\n * child renders that could hit hook count mismatches in components\n * whose positions shift during teardown. This pattern is borrowed from\n * Next.js (app-router.tsx pushRef.mpaNavigation — also after hooks).\n *\n * See design/05-streaming.md §\"deferSuspenseFor\"\n * See design/19-client-navigation.md §\"NavigationContext\"\n */\n\nimport { createElement, Fragment, startTransition, useState, type ReactNode } from 'react';\nimport { activateLinkPending, resetLinkPending } from './link-pending-store.js';\nimport { PendingNavigationProvider } from './navigation-context.js';\nimport { TopLoader, type TopLoaderConfig } from './top-loader.js';\n\n// ─── Navigation Transition Counter ──────────────────────────────\n// Monotonically increasing counter that increments each time\n// navigateTransition() is called. Used to detect stale transitions:\n// if a newer transition started while the current one's perform()\n// was in flight, the current transition is stale and should reject.\n//\n// Separate from the link-pending navId (which only increments on\n// link clicks). This counter covers all navigation types: link clicks,\n// programmatic navigate(), refresh(), and handlePopState().\n//\n// Uses globalThis for singleton guarantee across chunks — same pattern\n// as NavigationContext and the link pending store.\n\nconst NAV_TRANSITION_KEY = Symbol.for('__timber_nav_transition_counter');\n\nfunction getTransitionCounter(): { id: number } {\n  const g = globalThis as Record<symbol, unknown>;\n  if (!g[NAV_TRANSITION_KEY]) {\n    g[NAV_TRANSITION_KEY] = { id: 0 };\n  }\n  return g[NAV_TRANSITION_KEY] as { id: number };\n}\n\n// ─── Hard Navigation Guard ──────────────────────────────────────\n\n/**\n * Module-level flag indicating a hard (MPA) navigation is in progress.\n *\n * When true:\n * - NavigationRoot throws an unresolved thenable to suspend forever,\n *   preventing React from rendering children during page teardown\n *   (avoids \"Rendered more hooks\" crashes).\n * - The Navigation API handler skips interception, letting the browser\n *   perform a full page load (prevents infinite loops where\n *   window.location.href → navigate event → router.navigate → 500 →\n *   window.location.href → ...).\n *\n * Uses globalThis for singleton guarantee across chunks (same pattern\n * as NavigationContext). See design/19-client-navigation.md §\"Singleton\n * Guarantee via globalThis\".\n */\nconst HARD_NAV_KEY = Symbol.for('__timber_hard_navigating');\n\nfunction getHardNavStore(): { value: boolean } {\n  const g = globalThis as Record<symbol, unknown>;\n  if (!g[HARD_NAV_KEY]) {\n    g[HARD_NAV_KEY] = { value: false };\n  }\n  return g[HARD_NAV_KEY] as { value: boolean };\n}\n\n/**\n * Set the hard-navigating flag. Call this BEFORE setting\n * window.location.href or window.location.reload() to prevent:\n * 1. React from rendering children during page teardown\n * 2. Navigation API from intercepting the hard navigation\n */\nexport function setHardNavigating(value: boolean): void {\n  getHardNavStore().value = value;\n}\n\n/**\n * Check if a hard navigation is in progress.\n * Used by NavigationRoot (throw unresolvedThenable) and by the\n * Navigation API handler (skip interception).\n */\nexport function isHardNavigating(): boolean {\n  return getHardNavStore().value;\n}\n\n/**\n * A thenable that never resolves. When thrown during React render,\n * it causes the component to suspend forever — React keeps the\n * old committed tree visible and never attempts to render children.\n *\n * This is the same pattern Next.js uses in app-router.tsx for MPA\n * navigations (pushRef.mpaNavigation → throw unresolvedThenable).\n */\n// for React's Suspense mechanism. Same pattern as Next.js's unresolvedThenable.\n// eslint-disable-next-line unicorn/no-thenable -- Intentionally a never-resolving thenable\nconst unresolvedThenable = { then() {} } as PromiseLike<never>;\n\n// ─── Module-level functions ──────────────────────────────────────\n\n/**\n * Module-level reference to the state setter wrapped in startTransition.\n * Used for non-navigation renders (applyRevalidation, popstate replay).\n */\nlet _transitionRender: ((element: ReactNode) => void) | null = null;\n\n/**\n * Module-level reference to the navigation transition function.\n * Wraps a full navigation (fetch + render) in a single startTransition\n * with the pending URL.\n */\nlet _navigateTransition:\n  | ((pendingUrl: string, perform: () => Promise<ReactNode>) => Promise<void>)\n  | null = null;\n\n// ─── Component ───────────────────────────────────────────────────\n\n/**\n * Root wrapper component that enables transition-based rendering.\n *\n * Renders PendingNavigationProvider around children for the pending URL\n * context. The DOM tree matches the server-rendered HTML during hydration\n * (the provider renders no extra DOM elements).\n *\n * Usage in browser-entry.ts:\n *   const rootEl = createElement(NavigationRoot, { initial: wrapped });\n *   reactRoot = hydrateRoot(document, rootEl);\n *\n * Subsequent navigations:\n *   navigateTransition(url, async () => { fetch; return wrappedElement; });\n *\n * Non-navigation renders:\n *   transitionRender(newWrappedElement);\n */\nexport function NavigationRoot({\n  initial,\n  topLoaderConfig,\n}: {\n  initial: ReactNode;\n  topLoaderConfig?: TopLoaderConfig;\n}): ReactNode {\n  const [element, setElement] = useState<ReactNode>(initial);\n  const [pendingUrl, setPendingUrl] = useState<string | null>(null);\n\n  // NOTE: We use standalone `startTransition` (imported from 'react'),\n  // NOT `useTransition`. The `useTransition` hook's `startTransition`\n  // is tied to a single fiber and tracks one async callback at a time.\n  // When two navigations overlap (click slow-page, then click dashboard),\n  // calling useTransition's startTransition twice with concurrent async\n  // callbacks corrupts React's internal hook tracking — causing\n  // \"Rendered more hooks than during the previous render.\"\n  //\n  // Standalone `startTransition` creates independent transition lanes\n  // for each call, so concurrent navigations don't interfere. We don't\n  // need useTransition's `isPending` — we track pending state via our\n  // own `pendingUrl` useState.\n  //\n  // This matches the Next.js pattern (TIM-625): \"No useTransition in\n  // the router at all — only standalone startTransition.\"\n\n  // Non-navigation render (revalidation, popstate cached replay).\n  _transitionRender = (newElement: ReactNode) => {\n    startTransition(() => {\n      setElement(newElement);\n    });\n  };\n\n  // Full navigation transition.\n  // setPendingUrl(url) is an URGENT update — React commits it before the next\n  // paint, so the pending spinner appears immediately when navigation starts.\n  // Inside startTransition: the async fetch + setElement + setPendingUrl(null)\n  // are deferred. When the transition commits, the new tree and pendingUrl=null\n  // both apply in the same React commit — making the pending→active transition\n  // atomic (no frame where pending is false but the old tree is still visible).\n  _navigateTransition = (url: string, perform: () => Promise<ReactNode>) => {\n    // Urgent: show pending state immediately (for TopLoader / usePendingNavigation)\n    setPendingUrl(url);\n\n    // Increment the transition counter SYNCHRONOUSLY (before startTransition\n    // schedules the async work). Each call gets a unique transId; the counter\n    // is the same globalThis singleton, so a newer call always has a higher id.\n    const counter = getTransitionCounter();\n    const transId = ++counter.id;\n\n    return new Promise<void>((resolve, reject) => {\n      startTransition(async () => {\n        // Activate per-link pending state inside this async transition.\n        // useOptimistic persists the isPending=true value for the duration\n        // of this transition, then auto-reverts when it settles.\n        activateLinkPending();\n        try {\n          const newElement = await perform();\n          // Only commit state if this is still the active navigation.\n          // A superseded transition's updates must be dropped entirely.\n          if (counter.id === transId) {\n            setElement(newElement);\n            setPendingUrl(null);\n            resolve();\n          } else {\n            // Stale transition — a newer navigation has superseded this one.\n            // Reject so the caller (navigate/refresh/handlePopState) doesn't\n            // run post-transition side effects (applyHead, scroll, event\n            // dispatch) with stale data. All callers catch AbortError.\n            reject(new DOMException('Navigation superseded', 'AbortError'));\n          }\n        } catch (err) {\n          // Only clear pending if this is still the active navigation.\n          if (counter.id === transId) {\n            setPendingUrl(null);\n            resetLinkPending();\n          }\n          reject(err);\n        }\n      });\n    });\n  };\n\n  // ─── Hard navigation guard ─────────────────────────────────\n  // When a hard navigation is in progress (500 error, version skew),\n  // suspend forever to prevent React from rendering children during\n  // page teardown. This avoids \"Rendered more hooks\" crashes in\n  // CHILD components whose hook counts may shift during teardown.\n  //\n  // CRITICAL: This throw MUST come AFTER all hooks (the two\n  // useState calls above). React requires the same hooks to run on\n  // every render. If we threw before hooks, React would see 0 hooks\n  // on the re-render vs 2 hooks on the initial render — triggering\n  // the exact \"Rendered more hooks\" error we're trying to prevent.\n  //\n  // By placing it after hooks but before the return, all hooks\n  // satisfy React's rules, but the thrown thenable prevents any\n  // children from rendering. Same pattern as Next.js app-router.tsx\n  // (pushRef.mpaNavigation — also placed after all hooks).\n  if (isHardNavigating()) {\n    throw unresolvedThenable;\n  }\n\n  // Inject TopLoader alongside the element tree inside PendingNavigationProvider.\n  // The TopLoader reads pendingUrl from context to show/hide the progress bar.\n  // It is rendered only when not explicitly disabled via config.\n  const showTopLoader = topLoaderConfig?.enabled !== false;\n  const children = showTopLoader\n    ? createElement(Fragment, null, createElement(TopLoader, { config: topLoaderConfig }), element)\n    : element;\n  return createElement(PendingNavigationProvider, { value: pendingUrl }, children);\n}\n\n// ─── Public API ──────────────────────────────────────────────────\n\n/**\n * Trigger a transition render for non-navigation updates.\n * React keeps the old committed tree visible while any new Suspense\n * boundaries in the update resolve.\n *\n * Used for: applyRevalidation, popstate replay with cached payload.\n */\nexport function transitionRender(element: ReactNode): void {\n  if (_transitionRender) {\n    _transitionRender(element);\n  }\n}\n\n/**\n * Run a full navigation inside a React transition with optimistic pending URL.\n *\n * The `perform` callback runs inside `startTransition` — it should fetch the\n * RSC payload, update router state, and return the wrapped React element.\n * The pending URL shows immediately (urgent update) and reverts\n * to null when the transition commits (atomic with the new tree).\n *\n * Returns a Promise that resolves when the async work completes (note: the\n * React transition may not have committed yet, but all state updates are done).\n *\n * Used for: navigate(), refresh(), popstate with fetch.\n */\nexport function navigateTransition(\n  pendingUrl: string,\n  perform: () => Promise<ReactNode>\n): Promise<void> {\n  if (_navigateTransition) {\n    return _navigateTransition(pendingUrl, perform);\n  }\n  // Fallback: no NavigationRoot mounted (shouldn't happen in production)\n  return perform().then(() => {});\n}\n\n/**\n * Check if the NavigationRoot is mounted and ready for renders.\n * Used by browser-entry.ts to guard against renders before hydration.\n */\nexport function isNavigationRootReady(): boolean {\n  return _transitionRender !== null;\n}\n\n/**\n * Install one-shot deferred callbacks for the no-RSC bootstrap path (TIM-600).\n *\n * When there's no RSC payload, we can't create a React root immediately —\n * `createRoot(document).render(...)` would blank the SSR HTML. Instead,\n * this sets up `_transitionRender` and `_navigateTransition` so that the\n * first client navigation triggers root creation via `createAndMount`.\n *\n * After `createAndMount` runs, NavigationRoot renders and overwrites these\n * callbacks with its real `startTransition`-based implementations.\n */\nexport function installDeferredNavigation(createAndMount: (initial: ReactNode) => void): void {\n  let mounted = false;\n  const mountOnce = (element: ReactNode) => {\n    if (mounted) return;\n    mounted = true;\n    createAndMount(element);\n  };\n  _transitionRender = (element: ReactNode) => {\n    mountOnce(element);\n  };\n  _navigateTransition = async (_pendingUrl: string, perform: () => Promise<ReactNode>) => {\n    const element = await perform();\n    mountOnce(element);\n  };\n}\n"],"mappings":";;;AA+BA,IAAM,mBAAmB,OAAO,IAAI,wBAAwB;;AAM5D,IAAa,YAAwB,EAAE,WAAW,OAAO;AAIzD,SAAS,WAAoD;CAC3D,MAAM,IAAI;AACV,KAAI,CAAC,EAAE,kBACL,GAAE,oBAAoB,EAAE,SAAS,MAAM;AAEzC,QAAO,EAAE;;;;;;;;;;;AAcX,SAAgB,4BAA4B,MAAwC;CAClF,MAAM,QAAQ,UAAU;AACxB,OAAM,UAAU;;;;;AA2ClB,SAAgB,gCAAgC,MAAiC;CAC/E,MAAM,QAAQ,UAAU;AACxB,KAAI,MAAM,YAAY,KACpB,OAAM,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AE7BpB,IAAM,eAAe,OAAO,IAAI,2BAA2B;AAE3D,SAAS,kBAAsC;CAC7C,MAAM,IAAI;AACV,KAAI,CAAC,EAAE,cACL,GAAE,gBAAgB,EAAE,OAAO,OAAO;AAEpC,QAAO,EAAE;;;;;;;;AASX,SAAgB,kBAAkB,OAAsB;AACtD,kBAAiB,CAAC,QAAQ"}

package/dist/_chunks/registry-I2ss-lvy.js

@@ -0,0 +1,20 @@
+//#region src/search-params/registry.ts
+var registry = /* @__PURE__ */ new Map();
+/**
+* Register a route's search params definition.
+* Called by the generated route manifest loader when a route's modules load.
+*/
+function registerSearchParams(route, definition) {
+	registry.set(route, definition);
+}
+/**
+* Look up a route's search params definition.
+* Returns undefined if the route hasn't been loaded yet.
+*/
+function getSearchParamsDefinition(route) {
+	return registry.get(route);
+}
+//#endregion
+export { registerSearchParams as n, getSearchParamsDefinition as t };
+
+//# sourceMappingURL=registry-I2ss-lvy.js.map

package/dist/_chunks/registry-I2ss-lvy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"registry-I2ss-lvy.js","names":[],"sources":["../../src/search-params/registry.ts"],"sourcesContent":["/**\n * Runtime registry for route-scoped search params definitions.\n *\n * When a route's modules load, the framework registers its search-params\n * definition here. useQueryStates('/route') resolves codecs from this map.\n *\n * Design doc: design/23-search-params.md §\"Runtime: Registration at Route Load\"\n */\n\nimport type { SearchParamsDefinition } from './define.js';\n\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nconst registry = new Map<string, SearchParamsDefinition<any>>();\n\n/**\n * Register a route's search params definition.\n * Called by the generated route manifest loader when a route's modules load.\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport function registerSearchParams(route: string, definition: SearchParamsDefinition<any>): void {\n  registry.set(route, definition);\n}\n\n/**\n * Look up a route's search params definition.\n * Returns undefined if the route hasn't been loaded yet.\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport function getSearchParamsDefinition(route: string): SearchParamsDefinition<any> | undefined {\n  return registry.get(route);\n}\n"],"mappings":";AAYA,IAAM,2BAAW,IAAI,KAA0C;;;;;AAO/D,SAAgB,qBAAqB,OAAe,YAA+C;AACjG,UAAS,IAAI,OAAO,WAAW;;;;;;AAQjC,SAAgB,0BAA0B,OAAwD;AAChG,QAAO,SAAS,IAAI,MAAM"}

package/dist/_chunks/router-ref-h3-UaCQv.js

@@ -0,0 +1,28 @@
+import { o as _setGlobalRouter, u as globalRouter } from "./ssr-data-B4CdH7rE.js";
+//#region src/client/router-ref.ts
+/**
+* Set the global router instance. Called once during bootstrap.
+*/
+function setGlobalRouter(router) {
+	_setGlobalRouter(router);
+}
+/**
+* Get the global router instance. Throws if called before bootstrap.
+* Used by client-side hooks (usePendingNavigation, etc.)
+*/
+function getRouter() {
+	if (!globalRouter) throw new Error("[timber] Router not initialized. getRouter() was called before bootstrap().");
+	return globalRouter;
+}
+/**
+* Get the global router instance or null if not yet initialized.
+* Used by useRouter() methods to avoid silent failures — callers
+* can log a meaningful warning instead of silently no-oping.
+*/
+function getRouterOrNull() {
+	return globalRouter;
+}
+//#endregion
+export { getRouterOrNull as n, setGlobalRouter as r, getRouter as t };
+
+//# sourceMappingURL=router-ref-h3-UaCQv.js.map

package/dist/_chunks/router-ref-h3-UaCQv.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"router-ref-h3-UaCQv.js","names":[],"sources":["../../src/client/router-ref.ts"],"sourcesContent":["// Global router reference — shared between browser-entry and client hooks.\n//\n// Delegates to client/state.ts for the actual module-level variable.\n// This ensures singleton semantics regardless of import path — all\n// callers converge on the same state.ts instance via the barrel.\n//\n// See design/18-build-system.md §\"Module Singleton Strategy\"\n\nimport type { RouterInstance } from './router.js';\nimport { globalRouter, _setGlobalRouter } from './state.js';\n\n/**\n * Set the global router instance. Called once during bootstrap.\n */\nexport function setGlobalRouter(router: RouterInstance): void {\n  _setGlobalRouter(router);\n}\n\n/**\n * Get the global router instance. Throws if called before bootstrap.\n * Used by client-side hooks (usePendingNavigation, etc.)\n */\nexport function getRouter(): RouterInstance {\n  if (!globalRouter) {\n    throw new Error('[timber] Router not initialized. getRouter() was called before bootstrap().');\n  }\n  return globalRouter;\n}\n\n/**\n * Get the global router instance or null if not yet initialized.\n * Used by useRouter() methods to avoid silent failures — callers\n * can log a meaningful warning instead of silently no-oping.\n */\nexport function getRouterOrNull(): RouterInstance | null {\n  return globalRouter;\n}\n\n/**\n * Reset the global router to null. Used only in tests to isolate\n * module-level state between test cases.\n * @internal\n */\nexport function resetGlobalRouter(): void {\n  _setGlobalRouter(null);\n}\n"],"mappings":";;;;;AAcA,SAAgB,gBAAgB,QAA8B;AAC5D,kBAAiB,OAAO;;;;;;AAO1B,SAAgB,YAA4B;AAC1C,KAAI,CAAC,aACH,OAAM,IAAI,MAAM,8EAA8E;AAEhG,QAAO;;;;;;;AAQT,SAAgB,kBAAyC;AACvD,QAAO"}

package/dist/_chunks/{schema-bridge-C3xl_vfb.js → schema-bridge-Cxu4l-7p.js}

@@ -83,4 +83,4 @@ function fromArraySchema(schema) {
 //#endregion
 export { validateSync as a, isStandardSchema as i, fromSchema as n, isCodec as r, fromArraySchema as t };
 
-//# sourceMappingURL=schema-bridge-C3xl_vfb.js.map
+//# sourceMappingURL=schema-bridge-Cxu4l-7p.js.map

package/dist/_chunks/{schema-bridge-C3xl_vfb.js.map → schema-bridge-Cxu4l-7p.js.map}

@@ -1 +1 @@
-{"version":3,"file":"schema-bridge-C3xl_vfb.js","names":[],"sources":["../../src/schema-bridge.ts"],"sourcesContent":["/**\n * Standard Schema bridge — shared helpers for bridging Standard Schema-compatible\n * validation libraries (Zod, Valibot, ArkType) to the Codec<T> protocol.\n *\n * This module is the single source of truth for:\n * - StandardSchemaV1 interface (subset of the Standard Schema spec)\n * - validateSync() helper\n * - fromSchema() — bridge from Standard Schema to Codec<T>\n * - fromArraySchema() — bridge for array-valued codecs\n *\n * These are re-exported from @timber-js/app/search-params, @timber-js/app/segment-params,\n * and @timber-js/app/cookies for convenience. The canonical import is\n * @timber-js/app/codec.\n *\n * Design doc: design/23a-search-params-triage.md §\"Unify Codec<T> type\"\n */\n\nimport type { Codec } from './codec.js';\n\n// ---------------------------------------------------------------------------\n// Standard Schema interface (subset)\n//\n// Standard Schema (https://github.com/standard-schema/standard-schema) defines\n// a minimal interface that Zod ≥3.24, Valibot ≥1.0, and ArkType all implement.\n// We depend only on `~standard.validate` to avoid coupling to any specific lib.\n// ---------------------------------------------------------------------------\n\n/** Minimal Standard Schema interface for auto-detection. */\nexport interface StandardSchemaV1<Output = unknown> {\n  '~standard': {\n    validate(value: unknown): StandardSchemaResult<Output> | Promise<StandardSchemaResult<Output>>;\n  };\n}\n\nexport type StandardSchemaResult<Output> =\n  | { value: Output; issues?: undefined }\n  | { value?: undefined; issues: ReadonlyArray<{ message: string }> };\n\n// ---------------------------------------------------------------------------\n// Sync validate helper\n// ---------------------------------------------------------------------------\n\n/**\n * Run a Standard Schema's `~standard.validate()` synchronously.\n *\n * Zod v4's signature includes `Promise` in the return union to satisfy the\n * Standard Schema spec, but in practice Zod always validates synchronously\n * for the schema types we use. We assert the result is sync and throw if\n * it isn't — codec parsing must be synchronous.\n */\nexport function validateSync<Output>(\n  schema: StandardSchemaV1<Output>,\n  value: unknown\n): StandardSchemaResult<Output> {\n  const result = schema['~standard'].validate(value);\n  if (result instanceof Promise) {\n    throw new Error(\n      '[timber] fromSchema: schema returned a Promise — only sync schemas are supported.'\n    );\n  }\n  return result;\n}\n\n// ---------------------------------------------------------------------------\n// Type guards\n// ---------------------------------------------------------------------------\n\n/** Check if a value is a Standard Schema object. */\nexport function isStandardSchema(value: unknown): value is StandardSchemaV1 {\n  return (\n    typeof value === 'object' &&\n    value !== null &&\n    '~standard' in value &&\n    typeof (value as StandardSchemaV1)['~standard']?.validate === 'function'\n  );\n}\n\n/** Check if a value is a Codec (has parse + serialize methods). */\nexport function isCodec(value: unknown): value is Codec<unknown> {\n  return (\n    typeof value === 'object' &&\n    value !== null &&\n    typeof (value as Codec<unknown>).parse === 'function' &&\n    typeof (value as Codec<unknown>).serialize === 'function'\n  );\n}\n\n// ---------------------------------------------------------------------------\n// fromSchema — bridge from Standard Schema to Codec<T>\n// ---------------------------------------------------------------------------\n\n/**\n * Bridge a Standard Schema-compatible schema (Zod, Valibot, ArkType) to a\n * Codec<T>.\n *\n * Parse: coerces the raw string through the schema. On validation failure,\n * parses `undefined` to get the schema's default value (the schema should have\n * a `.default()` call). If that also fails, returns `undefined`.\n *\n * Serialize: uses `String()` for primitives, `null` for null/undefined.\n *\n * ```ts\n * import { fromSchema } from '@timber-js/app/codec'\n * import { z } from 'zod/v4'\n *\n * const pageCodec = fromSchema(z.coerce.number().int().min(1).default(1))\n * ```\n */\nexport function fromSchema<T>(schema: StandardSchemaV1<T>): Codec<T> {\n  return {\n    parse(value: string | string[] | undefined): T {\n      // For array inputs, take the last value (consistent with URLSearchParams.get())\n      const input = Array.isArray(value) ? value[value.length - 1] : value;\n\n      // Try parsing the raw value\n      const result = validateSync(schema, input);\n      if (!result.issues) {\n        return result.value;\n      }\n\n      // On failure, try parsing undefined to get the default\n      const defaultResult = validateSync(schema, undefined);\n      if (!defaultResult.issues) {\n        return defaultResult.value;\n      }\n\n      // No default available — return undefined (codec design choice)\n      return undefined as T;\n    },\n\n    serialize(value: T): string | null {\n      if (value === null || value === undefined) {\n        return null;\n      }\n      return String(value);\n    },\n  };\n}\n\n// ---------------------------------------------------------------------------\n// fromArraySchema — bridge for array-valued codecs\n// ---------------------------------------------------------------------------\n\n/**\n * Bridge a Standard Schema for array values. Handles both single strings\n * and repeated query keys (`?tag=a&tag=b`).\n *\n * ```ts\n * import { fromArraySchema } from '@timber-js/app/codec'\n * import { z } from 'zod/v4'\n *\n * const tagsCodec = fromArraySchema(z.array(z.string()).default([]))\n * ```\n */\nexport function fromArraySchema<T>(schema: StandardSchemaV1<T>): Codec<T> {\n  return {\n    parse(value: string | string[] | undefined): T {\n      // Coerce single string to array for array schemas\n      let input: unknown = value;\n      if (typeof value === 'string') {\n        input = [value];\n      } else if (value === undefined) {\n        input = undefined;\n      }\n\n      const result = validateSync(schema, input);\n      if (!result.issues) {\n        return result.value;\n      }\n\n      // On failure, try undefined for default\n      const defaultResult = validateSync(schema, undefined);\n      if (!defaultResult.issues) {\n        return defaultResult.value;\n      }\n\n      return undefined as T;\n    },\n\n    serialize(value: T): string | null {\n      if (value === null || value === undefined) {\n        return null;\n      }\n      if (Array.isArray(value)) {\n        return value.length === 0 ? null : value.join(',');\n      }\n      return String(value);\n    },\n  };\n}\n"],"mappings":";;;;;;;;;AAkDA,SAAgB,aACd,QACA,OAC8B;CAC9B,MAAM,SAAS,OAAO,aAAa,SAAS,MAAM;AAClD,KAAI,kBAAkB,QACpB,OAAM,IAAI,MACR,oFACD;AAEH,QAAO;;;AAQT,SAAgB,iBAAiB,OAA2C;AAC1E,QACE,OAAO,UAAU,YACjB,UAAU,QACV,eAAe,SACf,OAAQ,MAA2B,cAAc,aAAa;;;AAKlE,SAAgB,QAAQ,OAAyC;AAC/D,QACE,OAAO,UAAU,YACjB,UAAU,QACV,OAAQ,MAAyB,UAAU,cAC3C,OAAQ,MAAyB,cAAc;;;;;;;;;;;;;;;;;;;AAyBnD,SAAgB,WAAc,QAAuC;AACnE,QAAO;EACL,MAAM,OAAyC;GAK7C,MAAM,SAAS,aAAa,QAHd,MAAM,QAAQ,MAAM,GAAG,MAAM,MAAM,SAAS,KAAK,MAGrB;AAC1C,OAAI,CAAC,OAAO,OACV,QAAO,OAAO;GAIhB,MAAM,gBAAgB,aAAa,QAAQ,KAAA,EAAU;AACrD,OAAI,CAAC,cAAc,OACjB,QAAO,cAAc;;EAOzB,UAAU,OAAyB;AACjC,OAAI,UAAU,QAAQ,UAAU,KAAA,EAC9B,QAAO;AAET,UAAO,OAAO,MAAM;;EAEvB;;;;;;;;;;;;;AAkBH,SAAgB,gBAAmB,QAAuC;AACxE,QAAO;EACL,MAAM,OAAyC;GAE7C,IAAI,QAAiB;AACrB,OAAI,OAAO,UAAU,SACnB,SAAQ,CAAC,MAAM;YACN,UAAU,KAAA,EACnB,SAAQ,KAAA;GAGV,MAAM,SAAS,aAAa,QAAQ,MAAM;AAC1C,OAAI,CAAC,OAAO,OACV,QAAO,OAAO;GAIhB,MAAM,gBAAgB,aAAa,QAAQ,KAAA,EAAU;AACrD,OAAI,CAAC,cAAc,OACjB,QAAO,cAAc;;EAMzB,UAAU,OAAyB;AACjC,OAAI,UAAU,QAAQ,UAAU,KAAA,EAC9B,QAAO;AAET,OAAI,MAAM,QAAQ,MAAM,CACtB,QAAO,MAAM,WAAW,IAAI,OAAO,MAAM,KAAK,IAAI;AAEpD,UAAO,OAAO,MAAM;;EAEvB"}
+{"version":3,"file":"schema-bridge-Cxu4l-7p.js","names":[],"sources":["../../src/schema-bridge.ts"],"sourcesContent":["/**\n * Standard Schema bridge — shared helpers for bridging Standard Schema-compatible\n * validation libraries (Zod, Valibot, ArkType) to the Codec<T> protocol.\n *\n * This module is the single source of truth for:\n * - StandardSchemaV1 interface (subset of the Standard Schema spec)\n * - validateSync() helper\n * - fromSchema() — bridge from Standard Schema to Codec<T>\n * - fromArraySchema() — bridge for array-valued codecs\n *\n * These are re-exported from @timber-js/app/search-params, @timber-js/app/segment-params,\n * and @timber-js/app/cookies for convenience. The canonical import is\n * @timber-js/app/codec.\n *\n * Design doc: design/23a-search-params-triage.md §\"Unify Codec<T> type\"\n */\n\nimport type { Codec } from './codec.js';\n\n// ---------------------------------------------------------------------------\n// Standard Schema interface (subset)\n//\n// Standard Schema (https://github.com/standard-schema/standard-schema) defines\n// a minimal interface that Zod ≥3.24, Valibot ≥1.0, and ArkType all implement.\n// We depend only on `~standard.validate` to avoid coupling to any specific lib.\n// ---------------------------------------------------------------------------\n\n/** Minimal Standard Schema interface for auto-detection. */\nexport interface StandardSchemaV1<Output = unknown> {\n  '~standard': {\n    validate(value: unknown): StandardSchemaResult<Output> | Promise<StandardSchemaResult<Output>>;\n  };\n}\n\nexport type StandardSchemaResult<Output> =\n  | { value: Output; issues?: undefined }\n  | { value?: undefined; issues: ReadonlyArray<{ message: string }> };\n\n// ---------------------------------------------------------------------------\n// Sync validate helper\n// ---------------------------------------------------------------------------\n\n/**\n * Run a Standard Schema's `~standard.validate()` synchronously.\n *\n * Zod v4's signature includes `Promise` in the return union to satisfy the\n * Standard Schema spec, but in practice Zod always validates synchronously\n * for the schema types we use. We assert the result is sync and throw if\n * it isn't — codec parsing must be synchronous.\n */\nexport function validateSync<Output>(\n  schema: StandardSchemaV1<Output>,\n  value: unknown\n): StandardSchemaResult<Output> {\n  const result = schema['~standard'].validate(value);\n  if (result instanceof Promise) {\n    throw new Error(\n      '[timber] fromSchema: schema returned a Promise — only sync schemas are supported.'\n    );\n  }\n  return result;\n}\n\n// ---------------------------------------------------------------------------\n// Type guards\n// ---------------------------------------------------------------------------\n\n/** Check if a value is a Standard Schema object. */\nexport function isStandardSchema(value: unknown): value is StandardSchemaV1 {\n  return (\n    typeof value === 'object' &&\n    value !== null &&\n    '~standard' in value &&\n    typeof (value as StandardSchemaV1)['~standard']?.validate === 'function'\n  );\n}\n\n/** Check if a value is a Codec (has parse + serialize methods). */\nexport function isCodec(value: unknown): value is Codec<unknown> {\n  return (\n    typeof value === 'object' &&\n    value !== null &&\n    typeof (value as Codec<unknown>).parse === 'function' &&\n    typeof (value as Codec<unknown>).serialize === 'function'\n  );\n}\n\n// ---------------------------------------------------------------------------\n// fromSchema — bridge from Standard Schema to Codec<T>\n// ---------------------------------------------------------------------------\n\n/**\n * Bridge a Standard Schema-compatible schema (Zod, Valibot, ArkType) to a\n * Codec<T>.\n *\n * Parse: coerces the raw string through the schema. On validation failure,\n * parses `undefined` to get the schema's default value (the schema should have\n * a `.default()` call). If that also fails, returns `undefined`.\n *\n * Serialize: uses `String()` for primitives, `null` for null/undefined.\n *\n * ```ts\n * import { fromSchema } from '@timber-js/app/codec'\n * import { z } from 'zod/v4'\n *\n * const pageCodec = fromSchema(z.coerce.number().int().min(1).default(1))\n * ```\n */\nexport function fromSchema<T>(schema: StandardSchemaV1<T>): Codec<T> {\n  return {\n    parse(value: string | string[] | undefined): T {\n      // For array inputs, take the last value (consistent with URLSearchParams.get())\n      const input = Array.isArray(value) ? value[value.length - 1] : value;\n\n      // Try parsing the raw value\n      const result = validateSync(schema, input);\n      if (!result.issues) {\n        return result.value;\n      }\n\n      // On failure, try parsing undefined to get the default\n      const defaultResult = validateSync(schema, undefined);\n      if (!defaultResult.issues) {\n        return defaultResult.value;\n      }\n\n      // No default available — return undefined (codec design choice)\n      return undefined as T;\n    },\n\n    serialize(value: T): string | null {\n      if (value === null || value === undefined) {\n        return null;\n      }\n      return String(value);\n    },\n  };\n}\n\n// ---------------------------------------------------------------------------\n// fromArraySchema — bridge for array-valued codecs\n// ---------------------------------------------------------------------------\n\n/**\n * Bridge a Standard Schema for array values. Handles both single strings\n * and repeated query keys (`?tag=a&tag=b`).\n *\n * ```ts\n * import { fromArraySchema } from '@timber-js/app/codec'\n * import { z } from 'zod/v4'\n *\n * const tagsCodec = fromArraySchema(z.array(z.string()).default([]))\n * ```\n */\nexport function fromArraySchema<T>(schema: StandardSchemaV1<T>): Codec<T> {\n  return {\n    parse(value: string | string[] | undefined): T {\n      // Coerce single string to array for array schemas\n      let input: unknown = value;\n      if (typeof value === 'string') {\n        input = [value];\n      } else if (value === undefined) {\n        input = undefined;\n      }\n\n      const result = validateSync(schema, input);\n      if (!result.issues) {\n        return result.value;\n      }\n\n      // On failure, try undefined for default\n      const defaultResult = validateSync(schema, undefined);\n      if (!defaultResult.issues) {\n        return defaultResult.value;\n      }\n\n      return undefined as T;\n    },\n\n    serialize(value: T): string | null {\n      if (value === null || value === undefined) {\n        return null;\n      }\n      if (Array.isArray(value)) {\n        return value.length === 0 ? null : value.join(',');\n      }\n      return String(value);\n    },\n  };\n}\n"],"mappings":";;;;;;;;;AAkDA,SAAgB,aACd,QACA,OAC8B;CAC9B,MAAM,SAAS,OAAO,aAAa,SAAS,MAAM;AAClD,KAAI,kBAAkB,QACpB,OAAM,IAAI,MACR,oFACD;AAEH,QAAO;;;AAQT,SAAgB,iBAAiB,OAA2C;AAC1E,QACE,OAAO,UAAU,YACjB,UAAU,QACV,eAAe,SACf,OAAQ,MAA2B,cAAc,aAAa;;;AAKlE,SAAgB,QAAQ,OAAyC;AAC/D,QACE,OAAO,UAAU,YACjB,UAAU,QACV,OAAQ,MAAyB,UAAU,cAC3C,OAAQ,MAAyB,cAAc;;;;;;;;;;;;;;;;;;;AAyBnD,SAAgB,WAAc,QAAuC;AACnE,QAAO;EACL,MAAM,OAAyC;GAK7C,MAAM,SAAS,aAAa,QAHd,MAAM,QAAQ,MAAM,GAAG,MAAM,MAAM,SAAS,KAAK,MAGrB;AAC1C,OAAI,CAAC,OAAO,OACV,QAAO,OAAO;GAIhB,MAAM,gBAAgB,aAAa,QAAQ,KAAA,EAAU;AACrD,OAAI,CAAC,cAAc,OACjB,QAAO,cAAc;;EAOzB,UAAU,OAAyB;AACjC,OAAI,UAAU,QAAQ,UAAU,KAAA,EAC9B,QAAO;AAET,UAAO,OAAO,MAAM;;EAEvB;;;;;;;;;;;;;AAkBH,SAAgB,gBAAmB,QAAuC;AACxE,QAAO;EACL,MAAM,OAAyC;GAE7C,IAAI,QAAiB;AACrB,OAAI,OAAO,UAAU,SACnB,SAAQ,CAAC,MAAM;YACN,UAAU,KAAA,EACnB,SAAQ,KAAA;GAGV,MAAM,SAAS,aAAa,QAAQ,MAAM;AAC1C,OAAI,CAAC,OAAO,OACV,QAAO,OAAO;GAIhB,MAAM,gBAAgB,aAAa,QAAQ,KAAA,EAAU;AACrD,OAAI,CAAC,cAAc,OACjB,QAAO,cAAc;;EAMzB,UAAU,OAAyB;AACjC,OAAI,UAAU,QAAQ,UAAU,KAAA,EAC9B,QAAO;AAET,OAAI,MAAM,QAAQ,MAAM,CACtB,QAAO,MAAM,WAAW,IAAI,OAAO,MAAM,KAAK,IAAI;AAEpD,UAAO,OAAO,MAAM;;EAEvB"}

package/dist/_chunks/segment-classify-BjfuctV2.js

@@ -0,0 +1,137 @@
+//#region src/routing/types.ts
+/** All recognized interception markers, ordered longest-first for parsing. */
+var INTERCEPTION_MARKERS = [
+	"(..)(..)",
+	"(.)",
+	"(..)",
+	"(...)"
+];
+/** Default page extensions */
+var DEFAULT_PAGE_EXTENSIONS = [
+	"tsx",
+	"ts",
+	"jsx",
+	"js"
+];
+//#endregion
+//#region src/routing/segment-classify.ts
+/**
+* Classify a URL path segment token.
+*
+* Walks the string left-to-right in one pass:
+*   1. If it doesn't start with '[', it's static.
+*   2. Count opening brackets (1 or 2) to detect optional.
+*   3. Check for '...' to detect catch-all.
+*   4. Read the param name up to the closing bracket.
+*   5. Validate the expected closing sequence (']' or ']]').
+*   6. Reject if there are leftover characters after the close.
+*
+* Any structural violation → static (safe default).
+*/
+function classifyUrlSegment(token) {
+	const len = token.length;
+	if (len === 0 || token[0] !== "[") return {
+		kind: "static",
+		value: token
+	};
+	let i = 1;
+	const optional = token[i] === "[";
+	if (optional) i++;
+	const catchAll = i + 2 < len && token[i] === "." && token[i + 1] === "." && token[i + 2] === ".";
+	if (catchAll) i += 3;
+	const nameStart = i;
+	while (i < len && token[i] !== "]") i++;
+	if (i >= len || i === nameStart) return {
+		kind: "static",
+		value: token
+	};
+	const name = token.slice(nameStart, i);
+	i++;
+	if (optional) {
+		if (i >= len || token[i] !== "]") return {
+			kind: "static",
+			value: token
+		};
+		i++;
+	}
+	if (i !== len) return {
+		kind: "static",
+		value: token
+	};
+	if (optional && catchAll) return {
+		kind: "optional-catch-all",
+		name
+	};
+	if (catchAll) return {
+		kind: "catch-all",
+		name
+	};
+	if (optional) return {
+		kind: "static",
+		value: token
+	};
+	return {
+		kind: "dynamic",
+		name
+	};
+}
+/**
+* Classify a directory name into its segment type.
+*
+* Recognizes all timber file-system conventions in priority order:
+*   1. Private folders: `_name` (excluded from routing)
+*   2. Parallel route slots: `@name`
+*   3. Intercepting routes: `(.)name`, `(..)name`, `(...)name`, `(..)(..)name`
+*   4. Route groups: `(name)`
+*   5. Bracket syntax: `[id]`, `[...slug]`, `[[...path]]` (delegated to
+*      `classifyUrlSegment`)
+*   6. Static: anything else
+*
+* If you change the bracket syntax, update only `classifyUrlSegment`.
+* If you change the directory-prefix conventions, update this function.
+*/
+function classifySegment(dirName) {
+	if (dirName.startsWith("_")) return { type: "private" };
+	if (dirName.startsWith("@")) return { type: "slot" };
+	const interception = parseInterceptionMarker(dirName);
+	if (interception) return {
+		type: "intercepting",
+		interceptionMarker: interception.marker,
+		interceptedSegmentName: interception.segmentName
+	};
+	if (dirName.startsWith("(") && dirName.endsWith(")")) return { type: "group" };
+	const urlSeg = classifyUrlSegment(dirName);
+	if (urlSeg.kind !== "static") return {
+		type: urlSeg.kind,
+		paramName: urlSeg.name
+	};
+	return { type: "static" };
+}
+/**
+* Parse an interception marker from a directory name.
+*
+* Returns the marker and the remaining segment name, or null if not an
+* intercepting route. Markers are checked longest-first to avoid `(..)`
+* matching before `(..)(..)`.
+*
+* Examples:
+*   "(.)photo"      → { marker: "(.)", segmentName: "photo" }
+*   "(..)feed"      → { marker: "(..)", segmentName: "feed" }
+*   "(...)photos"   → { marker: "(...)", segmentName: "photos" }
+*   "(..)(..)admin" → { marker: "(..)(..)", segmentName: "admin" }
+*   "(marketing)"   → null (route group, not interception)
+*/
+function parseInterceptionMarker(dirName) {
+	for (const marker of INTERCEPTION_MARKERS) if (dirName.startsWith(marker)) {
+		const rest = dirName.slice(marker.length);
+		if (rest.length > 0 && !rest.endsWith(")")) return {
+			marker,
+			segmentName: rest
+		};
+	}
+	return null;
+}
+//#endregion
+export { INTERCEPTION_MARKERS as i, classifyUrlSegment as n, DEFAULT_PAGE_EXTENSIONS as r, classifySegment as t };
+
+//# sourceMappingURL=segment-classify-BjfuctV2.js.map