@timber-js/app 0.2.0-alpha.98 → 0.2.0-alpha.99

package/dist/_chunks/actions-DLnUaR65.js

@@ -1,421 +0,0 @@
-import { t as isDebug } from "./debug-ECi_61pb.js";
-import { i as revalidationAls, s as waitUntilAls } from "./als-registry-HS0LGUl2.js";
-import { o as getRequestSearchString } from "./request-context-CK5tZqIP.js";
-import { t as mergePreservedSearchParams } from "./merge-search-params-Cm_KIWDX.js";
-import { d as withSpan, f as getCacheHandler } from "./tracing-CCYbKn5n.js";
-//#region src/server/waituntil-bridge.ts
-/**
-* Per-request waitUntil bridge — ALS bridge for platform adapters.
-*
-* The generated entry point (Nitro, Cloudflare) wraps the handler with
-* `runWithWaitUntil`, binding the platform's lifecycle extension function
-* (e.g., h3's `event.waitUntil()` or CF's `ctx.waitUntil()`) for the
-* request duration. The `waitUntil()` primitive reads from this ALS to
-* dispatch background work to the correct platform API.
-*
-* Design doc: design/11-platform.md §"waitUntil()"
-*/
-/**
-* Get the current request's waitUntil function, if available.
-*
-* Returns undefined when no platform adapter has installed a waitUntil
-* handler for the current request (e.g., on platforms that don't support
-* lifecycle extension, or outside a request context).
-*/
-function getWaitUntil() {
-	return waitUntilAls.getStore();
-}
-//#endregion
-//#region src/server/primitives.ts
-/**
-* Check if a value is JSON-serializable without data loss.
-* Returns a description of the first non-serializable value found, or null if OK.
-*
-* @internal Exported for testing only.
-*/
-function findNonSerializable(value, path = "data") {
-	if (value === null || value === void 0) return null;
-	switch (typeof value) {
-		case "string":
-		case "number":
-		case "boolean": return null;
-		case "bigint": return `${path} contains a BigInt — BigInt throws in JSON.stringify`;
-		case "function": return `${path} is a function — functions are not JSON-serializable`;
-		case "symbol": return `${path} is a symbol — symbols are not JSON-serializable`;
-		case "object": break;
-		default: return `${path} has unsupported type "${typeof value}"`;
-	}
-	if (value instanceof Date) return `${path} is a Date — Dates silently coerce to strings in JSON.stringify`;
-	if (value instanceof Map) return `${path} is a Map — Maps serialize as {} in JSON.stringify (data loss)`;
-	if (value instanceof Set) return `${path} is a Set — Sets serialize as {} in JSON.stringify (data loss)`;
-	if (value instanceof RegExp) return `${path} is a RegExp — RegExps serialize as {} in JSON.stringify`;
-	if (value instanceof Error) return `${path} is an Error — Errors serialize as {} in JSON.stringify`;
-	if (Array.isArray(value)) {
-		for (let i = 0; i < value.length; i++) {
-			const result = findNonSerializable(value[i], `${path}[${i}]`);
-			if (result) return result;
-		}
-		return null;
-	}
-	const proto = Object.getPrototypeOf(value);
-	if (proto === null) return `${path} is a null-prototype object — React Flight rejects null prototypes`;
-	if (proto !== Object.prototype) return `${path} is a ${value.constructor?.name ?? "unknown"} instance — class instances may lose data in JSON.stringify`;
-	for (const key of Object.keys(value)) {
-		const result = findNonSerializable(value[key], `${path}.${key}`);
-		if (result) return result;
-	}
-	return null;
-}
-/**
-* Emit a dev-mode warning if data is not JSON-serializable.
-* No-op in production.
-*/
-function warnIfNotSerializable(data, callerName) {
-	if (!isDebug()) return;
-	if (data === void 0) return;
-	const issue = findNonSerializable(data);
-	if (issue) console.warn(`[timber] ${callerName}: ${issue}. Data passed to deny() or RenderError must be JSON-serializable because the post-flush path uses JSON.stringify, not React Flight.`);
-}
-/**
-* Render-phase signal thrown by `deny()`. Caught by the framework to produce
-* the correct HTTP status code (segment context) or graceful degradation (slot context).
-*/
-var DenySignal = class extends Error {
-	status;
-	data;
-	constructor(status, data) {
-		super(`Access denied with status ${status}`);
-		this.name = "DenySignal";
-		this.status = status;
-		this.data = data;
-	}
-	/**
-	* Extract the file that called deny() from the stack trace.
-	* Returns a short path (e.g. "app/auth/access.ts") or undefined if
-	* the stack can't be parsed. Dev-only — used for dev log output.
-	*/
-	get sourceFile() {
-		if (!this.stack) return void 0;
-		const frames = this.stack.split("\n");
-		for (let i = 2; i < frames.length; i++) {
-			const frame = frames[i];
-			if (!frame) continue;
-			if (frame.includes("primitives.ts") || frame.includes("node_modules")) continue;
-			const match = frame.match(/\(([^)]+?)(?::\d+:\d+)\)/) ?? frame.match(/at\s+([^\s]+?)(?::\d+:\d+)/);
-			if (match?.[1]) {
-				const full = match[1];
-				const appIdx = full.indexOf("/app/");
-				return appIdx >= 0 ? full.slice(appIdx + 1) : full;
-			}
-		}
-	}
-};
-/**
-* Universal denial/error primitive. Throws a `DenySignal` that the framework catches.
-*
-* - In segment context (outside Suspense): produces HTTP status code
-* - In slot context: graceful degradation → denied.tsx → default.tsx → null
-* - Inside Suspense (hold window): promoted to pre-flush behavior
-* - Inside Suspense (after flush): error boundary + noindex meta
-*
-* Supports both positional and object signatures:
-* ```ts
-* deny()                                          // 403 (default)
-* deny(404)                                       // 404
-* deny(503, { retry: true })                      // 503 with data
-* deny({ status: 503, message: 'Maintenance' })   // object form
-* ```
-*
-* Accepts any 4xx or 5xx status code. This replaces the need for
-* `throw new RenderError(...)` in user code — RenderError is now an
-* internal pipeline detail.
-*
-* @param statusOrOptions - Status code (number) or options object. Default: 403.
-* @param data - Optional JSON-serializable data (positional form only).
-*/
-function deny(statusOrOptions, data) {
-	let status;
-	let resolvedData;
-	if (typeof statusOrOptions === "object" && statusOrOptions !== null) {
-		status = statusOrOptions.status ?? 403;
-		resolvedData = statusOrOptions.data;
-	} else {
-		status = statusOrOptions ?? 403;
-		resolvedData = data;
-	}
-	if (status < 400 || status > 599) throw new Error(`deny() requires a 4xx or 5xx status code, got ${status}.`);
-	warnIfNotSerializable(resolvedData, "deny()");
-	throw new DenySignal(status, resolvedData);
-}
-/**
-* Next.js redirect type discriminator.
-*
-* Provided for API compatibility with libraries that import `RedirectType`
-* from `next/navigation`. In timber, `redirect()` always uses `replace`
-* semantics (no history entry for the redirect itself).
-*/
-var RedirectType = {
-	push: "push",
-	replace: "replace"
-};
-/**
-* Render-phase signal thrown by `redirect()` and `redirectExternal()`.
-* Caught by the framework to produce a 3xx response or client-side navigation.
-*/
-var RedirectSignal = class extends Error {
-	location;
-	status;
-	constructor(location, status) {
-		super(`Redirect to ${location}`);
-		this.name = "RedirectSignal";
-		this.location = location;
-		this.status = status;
-	}
-};
-/** Pattern matching absolute URLs: http(s):// or protocol-relative // */
-var ABSOLUTE_URL_RE = /^(?:[a-zA-Z][a-zA-Z\d+\-.]*:|\/\/)/;
-/**
-* Redirect to a relative path. Rejects absolute and protocol-relative URLs.
-* Use `redirectExternal()` for external redirects with an allow-list.
-*
-* @param path - Relative path (e.g. '/login', 'settings', '/login?returnTo=/dash')
-* @param statusOrOptions - HTTP status code (3xx, default 302) or options object.
-*
-* @example
-* // Simple redirect
-* redirect('/login');
-*
-* // With status code
-* redirect('/login', 301);
-*
-* // With preserved search params
-* redirect(`/docs/${version}/${slug}`, { preserveSearchParams: ['foo'] });
-*/
-function redirect(path, statusOrOptions) {
-	let status;
-	let preserveSearchParams;
-	if (typeof statusOrOptions === "number") status = statusOrOptions;
-	else if (statusOrOptions) {
-		status = statusOrOptions.status ?? (statusOrOptions.permanent ? 308 : 302);
-		preserveSearchParams = statusOrOptions.preserveSearchParams;
-	} else status = 302;
-	if (status < 300 || status > 399) throw new Error(`redirect() requires a 3xx status code, got ${status}.`);
-	if (ABSOLUTE_URL_RE.test(path)) throw new Error(`redirect() only accepts relative URLs. Got absolute URL: "${path}". Use redirectExternal(url, allowList) for external redirects.`);
-	let resolvedPath = path;
-	if (preserveSearchParams) resolvedPath = mergePreservedSearchParams(path, getRequestSearchString(), preserveSearchParams);
-	throw new RedirectSignal(resolvedPath, status);
-}
-/**
-* Redirect to an external URL. The hostname must be in the provided allow-list.
-*
-* @param url - Absolute URL to redirect to.
-* @param allowList - Array of allowed hostnames (e.g. ['example.com', 'auth.example.com']).
-* @param status - HTTP redirect status code (3xx). Defaults to 302.
-*/
-function redirectExternal(url, allowList, status = 302) {
-	if (status < 300 || status > 399) throw new Error(`redirectExternal() requires a 3xx status code, got ${status}.`);
-	let hostname;
-	try {
-		hostname = new URL(url).hostname;
-	} catch {
-		throw new Error(`redirectExternal() received an invalid URL: "${url}"`);
-	}
-	if (!allowList.includes(hostname)) throw new Error(`redirectExternal() target "${hostname}" is not in the allow-list. Allowed: [${allowList.join(", ")}]`);
-	throw new RedirectSignal(url, status);
-}
-/**
-* Typed throw for render-phase errors that carry structured context to error boundaries.
-*
-* The `digest` (code + data) is serialized into the RSC stream separately from the
-* Error instance — only the digest crosses the RSC → client boundary.
-*
-* @example
-* ```ts
-* throw new RenderError('PRODUCT_NOT_FOUND', {
-*   title: 'Product not found',
-*   resourceId: params.id,
-* })
-* ```
-*/
-var RenderError = class extends Error {
-	code;
-	digest;
-	status;
-	constructor(code, data, options) {
-		super(`RenderError: ${code}`);
-		this.name = "RenderError";
-		this.code = code;
-		this.digest = {
-			code,
-			data
-		};
-		warnIfNotSerializable(data, "RenderError");
-		const status = options?.status ?? 500;
-		if (status < 400 || status > 599) throw new Error(`RenderError status must be 4xx or 5xx, got ${status}.`);
-		this.status = status;
-	}
-};
-var _waitUntilWarned = false;
-/**
-* Register a promise to be kept alive after the response is sent.
-* Maps to `ctx.waitUntil()` on Cloudflare Workers and similar platforms.
-*
-* In production, the platform adapter installs a per-request waitUntil
-* function via ALS (see waituntil-bridge.ts). This function checks the
-* ALS bridge first, then falls back to the legacy adapter argument.
-*
-* If neither is available, a warning is logged once and the promise is
-* left to resolve (or reject) without being tracked.
-*
-* @param promise - The background work to keep alive.
-* @param adapter - Optional legacy adapter (prefer ALS bridge in production).
-*/
-function waitUntil(promise, adapter) {
-	const alsFn = getWaitUntil();
-	if (alsFn) {
-		alsFn(promise);
-		return;
-	}
-	if (adapter && typeof adapter.waitUntil === "function") {
-		adapter.waitUntil(promise);
-		return;
-	}
-	if (!_waitUntilWarned) {
-		_waitUntilWarned = true;
-		console.warn("[timber] waitUntil() is not supported by the current adapter. Background work will not be tracked. This warning is shown once.");
-	}
-}
-//#endregion
-//#region src/server/actions.ts
-/**
-* Server action primitives: revalidatePath, revalidateTag, and the action handler.
-*
-* - revalidatePath(path) re-renders the route at that path and returns the RSC
-*   flight payload for inline reconciliation.
-* - revalidateTag(tag) invalidates timber.cache entries by tag.
-*
-* Both are callable from anywhere on the server — actions, API routes, handlers.
-*
-* The action handler processes incoming action requests, validates CSRF,
-* enforces body limits, executes the action, and returns the response
-* (with piggybacked RSC payload if revalidatePath was called).
-*
-* See design/08-forms-and-actions.md
-*/
-/**
-* Get the current revalidation state. Throws if called outside an action context.
-* @internal
-*/
-function getRevalidationState() {
-	const state = revalidationAls.getStore();
-	if (!state) throw new Error("revalidatePath/revalidateTag called outside of a server action context. These functions can only be called during action execution.");
-	return state;
-}
-/**
-* Re-render the route at `path` and include the RSC flight payload in the
-* action response. The client reconciles inline — no separate fetch needed.
-*
-* Can be called from server actions, API routes, or any server-side context.
-*
-* @param path - The path to re-render (e.g. '/dashboard', '/todos').
-*/
-function revalidatePath(path) {
-	const state = getRevalidationState();
-	if (!state.paths.includes(path)) state.paths.push(path);
-}
-/**
-* Invalidate all timber.cache entries tagged with `tag`.
-* Does not return a payload — the next request for an invalidated entry re-executes.
-*
-* @param tag - The cache tag to invalidate (e.g. 'products', 'user:123').
-*/
-function revalidateTag(tag) {
-	const state = getRevalidationState();
-	if (!state.tags.includes(tag)) state.tags.push(tag);
-}
-/**
-* Execute a server action and process revalidation.
-*
-* 1. Sets up revalidation state
-* 2. Calls the action function
-* 3. Processes revalidateTag calls (invalidates cache entries)
-* 4. Processes revalidatePath calls (re-renders and captures RSC payload)
-* 5. Returns the action result + optional RSC payload
-*
-* @param actionFn - The server action function to execute.
-* @param args - Arguments to pass to the action.
-* @param config - Handler configuration (cache handler, renderer).
-*/
-async function executeAction(actionFn, args, config = {}, spanMeta) {
-	const state = {
-		paths: [],
-		tags: []
-	};
-	let actionResult;
-	let redirectTo;
-	let redirectStatus;
-	await revalidationAls.run(state, async () => {
-		try {
-			actionResult = await withSpan("timber.action", {
-				...spanMeta?.actionFile ? { "timber.action_file": spanMeta.actionFile } : {},
-				...spanMeta?.actionName ? { "timber.action_name": spanMeta.actionName } : {}
-			}, () => actionFn(...args));
-		} catch (error) {
-			if (error instanceof RedirectSignal) {
-				redirectTo = error.location;
-				redirectStatus = error.status;
-			} else throw error;
-		}
-	});
-	if (state.tags.length > 0) {
-		const handler = getCacheHandler();
-		await Promise.all(state.tags.map((tag) => handler.invalidate({ tag })));
-	}
-	let revalidation;
-	if (state.paths.length > 0 && config.renderer) {
-		const path = state.paths[0];
-		try {
-			revalidation = await config.renderer(path);
-		} catch (renderError) {
-			if (renderError instanceof RedirectSignal) {
-				redirectTo = renderError.location;
-				redirectStatus = renderError.status;
-			} else console.error("[timber] revalidatePath render failed:", renderError);
-		}
-	}
-	return {
-		actionResult,
-		revalidation,
-		...redirectTo ? {
-			redirectTo,
-			redirectStatus
-		} : {}
-	};
-}
-/**
-* Build an HTTP Response for a no-JS form submission.
-* Standard POST → 302 redirect pattern.
-*
-* @param redirectPath - Where to redirect after the action executes.
-*/
-function buildNoJsResponse(redirectPath, status = 302) {
-	return new Response(null, {
-		status,
-		headers: { Location: redirectPath }
-	});
-}
-/**
-* Detect whether the incoming request is an RSC action request (with JS)
-* or a plain HTML form POST (no JS).
-*
-* RSC action requests use Accept: text/x-component or Content-Type: text/x-component.
-*/
-function isRscActionRequest(req) {
-	const accept = req.headers.get("Accept") ?? "";
-	const contentType = req.headers.get("Content-Type") ?? "";
-	return accept.includes("text/x-component") || contentType.includes("text/x-component");
-}
-//#endregion
-export { revalidateTag as a, RedirectType as c, redirect as d, redirectExternal as f, revalidatePath as i, RenderError as l, executeAction as n, DenySignal as o, waitUntil as p, isRscActionRequest as r, RedirectSignal as s, buildNoJsResponse as t, deny as u };
-
-//# sourceMappingURL=actions-DLnUaR65.js.map

package/dist/_chunks/actions-DLnUaR65.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"actions-DLnUaR65.js","names":[],"sources":["../../src/server/waituntil-bridge.ts","../../src/server/primitives.ts","../../src/server/actions.ts"],"sourcesContent":["/**\n * Per-request waitUntil bridge — ALS bridge for platform adapters.\n *\n * The generated entry point (Nitro, Cloudflare) wraps the handler with\n * `runWithWaitUntil`, binding the platform's lifecycle extension function\n * (e.g., h3's `event.waitUntil()` or CF's `ctx.waitUntil()`) for the\n * request duration. The `waitUntil()` primitive reads from this ALS to\n * dispatch background work to the correct platform API.\n *\n * Design doc: design/11-platform.md §\"waitUntil()\"\n */\n\nimport { waitUntilAls } from './als-registry.js';\n\n/**\n * Run a function with a per-request waitUntil handler installed.\n *\n * Called by generated entry points (Nitro node-server/bun, Cloudflare)\n * to bind the platform's lifecycle extension for the request duration.\n */\nexport function runWithWaitUntil<T>(\n  waitUntilFn: (promise: Promise<unknown>) => void,\n  fn: () => T\n): T {\n  return waitUntilAls.run(waitUntilFn, fn);\n}\n\n/**\n * Get the current request's waitUntil function, if available.\n *\n * Returns undefined when no platform adapter has installed a waitUntil\n * handler for the current request (e.g., on platforms that don't support\n * lifecycle extension, or outside a request context).\n */\nexport function getWaitUntil(): ((promise: Promise<unknown>) => void) | undefined {\n  return waitUntilAls.getStore();\n}\n","// Server-side primitives: deny, redirect, redirectExternal, RenderError, waitUntil, SsrStreamError\n//\n// These are the core runtime signals that components, middleware, and access gates\n// use to control request flow. See design/10-error-handling.md.\n\nimport type { JsonSerializable } from './types.js';\nimport { getWaitUntil as _getWaitUntil } from './waituntil-bridge.js';\nimport { isDebug } from './debug.js';\nimport { getRequestSearchString } from './request-context.js';\nimport { mergePreservedSearchParams } from '../shared/merge-search-params.js';\n\n// ─── Dev-mode validation ────────────────────────────────────────────────────\n\n/**\n * Check if a value is JSON-serializable without data loss.\n * Returns a description of the first non-serializable value found, or null if OK.\n *\n * @internal Exported for testing only.\n */\nexport function findNonSerializable(value: unknown, path = 'data'): string | null {\n  if (value === null || value === undefined) return null;\n\n  switch (typeof value) {\n    case 'string':\n    case 'number':\n    case 'boolean':\n      return null;\n    case 'bigint':\n      return `${path} contains a BigInt — BigInt throws in JSON.stringify`;\n    case 'function':\n      return `${path} is a function — functions are not JSON-serializable`;\n    case 'symbol':\n      return `${path} is a symbol — symbols are not JSON-serializable`;\n    case 'object':\n      break;\n    default:\n      return `${path} has unsupported type \"${typeof value}\"`;\n  }\n\n  if (value instanceof Date) {\n    return `${path} is a Date — Dates silently coerce to strings in JSON.stringify`;\n  }\n  if (value instanceof Map) {\n    return `${path} is a Map — Maps serialize as {} in JSON.stringify (data loss)`;\n  }\n  if (value instanceof Set) {\n    return `${path} is a Set — Sets serialize as {} in JSON.stringify (data loss)`;\n  }\n  if (value instanceof RegExp) {\n    return `${path} is a RegExp — RegExps serialize as {} in JSON.stringify`;\n  }\n  if (value instanceof Error) {\n    return `${path} is an Error — Errors serialize as {} in JSON.stringify`;\n  }\n\n  if (Array.isArray(value)) {\n    for (let i = 0; i < value.length; i++) {\n      const result = findNonSerializable(value[i], `${path}[${i}]`);\n      if (result) return result;\n    }\n    return null;\n  }\n\n  // Plain object — only Object.prototype is safe. Null-prototype objects\n  // (Object.create(null)) survive JSON.stringify but React Flight rejects\n  // them with \"Classes or null prototypes are not supported\", so the\n  // pre-flush deny path (renderDenyPage → renderToReadableStream) would throw.\n  const proto = Object.getPrototypeOf(value);\n  if (proto === null) {\n    return `${path} is a null-prototype object — React Flight rejects null prototypes`;\n  }\n  if (proto !== Object.prototype) {\n    const name = (value as object).constructor?.name ?? 'unknown';\n    return `${path} is a ${name} instance — class instances may lose data in JSON.stringify`;\n  }\n\n  for (const key of Object.keys(value as Record<string, unknown>)) {\n    const result = findNonSerializable((value as Record<string, unknown>)[key], `${path}.${key}`);\n    if (result) return result;\n  }\n  return null;\n}\n\n/**\n * Emit a dev-mode warning if data is not JSON-serializable.\n * No-op in production.\n */\nfunction warnIfNotSerializable(data: unknown, callerName: string): void {\n  if (!isDebug()) return;\n  if (data === undefined) return;\n\n  const issue = findNonSerializable(data);\n  if (issue) {\n    console.warn(\n      `[timber] ${callerName}: ${issue}. ` +\n        'Data passed to deny() or RenderError must be JSON-serializable because ' +\n        'the post-flush path uses JSON.stringify, not React Flight.'\n    );\n  }\n}\n\n// ─── DenySignal ─────────────────────────────────────────────────────────────\n\n/**\n * Render-phase signal thrown by `deny()`. Caught by the framework to produce\n * the correct HTTP status code (segment context) or graceful degradation (slot context).\n */\nexport class DenySignal extends Error {\n  readonly status: number;\n  readonly data: JsonSerializable | undefined;\n\n  constructor(status: number, data?: JsonSerializable) {\n    super(`Access denied with status ${status}`);\n    this.name = 'DenySignal';\n    this.status = status;\n    this.data = data;\n  }\n\n  /**\n   * Extract the file that called deny() from the stack trace.\n   * Returns a short path (e.g. \"app/auth/access.ts\") or undefined if\n   * the stack can't be parsed. Dev-only — used for dev log output.\n   */\n  get sourceFile(): string | undefined {\n    if (!this.stack) return undefined;\n    const frames = this.stack.split('\\n');\n    // Skip the Error line and the deny() frame — the caller is the 3rd line.\n    // Stack format: \"    at FnName (file:line:col)\" or \"    at file:line:col\"\n    for (let i = 2; i < frames.length; i++) {\n      const frame = frames[i];\n      if (!frame) continue;\n      // Skip framework internals\n      if (frame.includes('primitives.ts') || frame.includes('node_modules')) continue;\n      // Extract file path from the frame\n      const match =\n        frame.match(/\\(([^)]+?)(?::\\d+:\\d+)\\)/) ?? frame.match(/at\\s+([^\\s]+?)(?::\\d+:\\d+)/);\n      if (match?.[1]) {\n        // Shorten to app-relative path\n        const full = match[1];\n        const appIdx = full.indexOf('/app/');\n        return appIdx >= 0 ? full.slice(appIdx + 1) : full;\n      }\n    }\n    return undefined;\n  }\n}\n\n/** Options for deny() when using the object form. */\nexport interface DenyOptions {\n  /** HTTP status code (4xx or 5xx). Default: 403. */\n  status?: number;\n  /** Human-readable message (logged server-side, not sent to client). */\n  message?: string;\n  /** JSON-serializable data passed as `dangerouslyPassData` prop to status-code files. */\n  data?: JsonSerializable;\n}\n\n/**\n * Universal denial/error primitive. Throws a `DenySignal` that the framework catches.\n *\n * - In segment context (outside Suspense): produces HTTP status code\n * - In slot context: graceful degradation → denied.tsx → default.tsx → null\n * - Inside Suspense (hold window): promoted to pre-flush behavior\n * - Inside Suspense (after flush): error boundary + noindex meta\n *\n * Supports both positional and object signatures:\n * ```ts\n * deny()                                          // 403 (default)\n * deny(404)                                       // 404\n * deny(503, { retry: true })                      // 503 with data\n * deny({ status: 503, message: 'Maintenance' })   // object form\n * ```\n *\n * Accepts any 4xx or 5xx status code. This replaces the need for\n * `throw new RenderError(...)` in user code — RenderError is now an\n * internal pipeline detail.\n *\n * @param statusOrOptions - Status code (number) or options object. Default: 403.\n * @param data - Optional JSON-serializable data (positional form only).\n */\nexport function deny(statusOrOptions?: number | DenyOptions, data?: JsonSerializable): never {\n  let status: number;\n  let resolvedData: JsonSerializable | undefined;\n\n  if (typeof statusOrOptions === 'object' && statusOrOptions !== null) {\n    status = statusOrOptions.status ?? 403;\n    resolvedData = statusOrOptions.data;\n  } else {\n    status = statusOrOptions ?? 403;\n    resolvedData = data;\n  }\n\n  if (status < 400 || status > 599) {\n    throw new Error(`deny() requires a 4xx or 5xx status code, got ${status}.`);\n  }\n  warnIfNotSerializable(resolvedData, 'deny()');\n  throw new DenySignal(status, resolvedData);\n}\n\n/**\n * @deprecated Use `deny(404)` instead.\n * Kept for internal use by the Next.js shim layer.\n * @internal\n */\nexport function notFound(): never {\n  deny(404);\n}\n\n/**\n * Next.js redirect type discriminator.\n *\n * Provided for API compatibility with libraries that import `RedirectType`\n * from `next/navigation`. In timber, `redirect()` always uses `replace`\n * semantics (no history entry for the redirect itself).\n */\nexport const RedirectType = {\n  push: 'push',\n  replace: 'replace',\n} as const;\n\n// ─── RedirectSignal ─────────────────────────────────────────────────────────\n\n/**\n * Render-phase signal thrown by `redirect()` and `redirectExternal()`.\n * Caught by the framework to produce a 3xx response or client-side navigation.\n */\nexport class RedirectSignal extends Error {\n  readonly location: string;\n  readonly status: number;\n\n  constructor(location: string, status: number) {\n    super(`Redirect to ${location}`);\n    this.name = 'RedirectSignal';\n    this.location = location;\n    this.status = status;\n  }\n}\n\n/** Pattern matching absolute URLs: http(s):// or protocol-relative // */\nconst ABSOLUTE_URL_RE = /^(?:[a-zA-Z][a-zA-Z\\d+\\-.]*:|\\/\\/)/;\n\n/**\n * Options for redirect() — alternative to passing a bare status code.\n */\nexport interface RedirectOptions {\n  /** HTTP redirect status code (3xx). Defaults to 302 (or 308 when `permanent: true`). */\n  status?: number;\n  /**\n   * When true, defaults the status to 308 (Permanent Redirect, preserves HTTP method).\n   * If `status` is also provided, `status` takes precedence.\n   *\n   * @example\n   * redirect('/new-path', { permanent: true });       // 308\n   * redirect('/new-path', { permanent: true, status: 301 }); // 301\n   */\n  permanent?: boolean;\n  /**\n   * Preserve search params from the current request URL on the redirect target.\n   *\n   * - `true` — preserve ALL current search params (target params take precedence)\n   * - `string[]` — preserve only the named params (e.g. `['private', 'token']`)\n   *\n   * Target path's own query params always take precedence over preserved ones.\n   */\n  preserveSearchParams?: true | string[];\n}\n\n/**\n * Redirect to a relative path. Rejects absolute and protocol-relative URLs.\n * Use `redirectExternal()` for external redirects with an allow-list.\n *\n * @param path - Relative path (e.g. '/login', 'settings', '/login?returnTo=/dash')\n * @param statusOrOptions - HTTP status code (3xx, default 302) or options object.\n *\n * @example\n * // Simple redirect\n * redirect('/login');\n *\n * // With status code\n * redirect('/login', 301);\n *\n * // With preserved search params\n * redirect(`/docs/${version}/${slug}`, { preserveSearchParams: ['foo'] });\n */\nexport function redirect(path: string, statusOrOptions?: number | RedirectOptions): never {\n  let status: number;\n  let preserveSearchParams: true | string[] | undefined;\n\n  if (typeof statusOrOptions === 'number') {\n    status = statusOrOptions;\n  } else if (statusOrOptions) {\n    // Explicit status wins. Otherwise permanent: true → 308, default → 302.\n    status = statusOrOptions.status ?? (statusOrOptions.permanent ? 308 : 302);\n    preserveSearchParams = statusOrOptions.preserveSearchParams;\n  } else {\n    status = 302;\n  }\n\n  if (status < 300 || status > 399) {\n    throw new Error(`redirect() requires a 3xx status code, got ${status}.`);\n  }\n  if (ABSOLUTE_URL_RE.test(path)) {\n    throw new Error(\n      `redirect() only accepts relative URLs. Got absolute URL: \"${path}\". ` +\n        'Use redirectExternal(url, allowList) for external redirects.'\n    );\n  }\n\n  let resolvedPath = path;\n  if (preserveSearchParams) {\n    const currentSearch = getRequestSearchString();\n    resolvedPath = mergePreservedSearchParams(path, currentSearch, preserveSearchParams);\n  }\n\n  throw new RedirectSignal(resolvedPath, status);\n}\n\n/**\n * @deprecated Use `redirect(path, { permanent: true })` instead.\n * Kept for internal use by the Next.js shim layer.\n * @internal\n */\nexport function permanentRedirect(path: string, options?: Omit<RedirectOptions, 'status'>): never {\n  redirect(path, { permanent: true, ...options });\n}\n\n/**\n * Redirect to an external URL. The hostname must be in the provided allow-list.\n *\n * @param url - Absolute URL to redirect to.\n * @param allowList - Array of allowed hostnames (e.g. ['example.com', 'auth.example.com']).\n * @param status - HTTP redirect status code (3xx). Defaults to 302.\n */\nexport function redirectExternal(url: string, allowList: string[], status: number = 302): never {\n  if (status < 300 || status > 399) {\n    throw new Error(`redirectExternal() requires a 3xx status code, got ${status}.`);\n  }\n\n  let hostname: string;\n  try {\n    hostname = new URL(url).hostname;\n  } catch {\n    throw new Error(`redirectExternal() received an invalid URL: \"${url}\"`);\n  }\n\n  if (!allowList.includes(hostname)) {\n    throw new Error(\n      `redirectExternal() target \"${hostname}\" is not in the allow-list. ` +\n        `Allowed: [${allowList.join(', ')}]`\n    );\n  }\n\n  throw new RedirectSignal(url, status);\n}\n\n// ─── RenderError ────────────────────────────────────────────────────────────\n\n/**\n * Typed digest that crosses the RSC → client boundary.\n * The `code` identifies the error class; `data` carries JSON-serializable context.\n */\nexport interface RenderErrorDigest<\n  TCode extends string = string,\n  TData extends JsonSerializable = JsonSerializable,\n> {\n  code: TCode;\n  data: TData;\n}\n\n/**\n * Typed throw for render-phase errors that carry structured context to error boundaries.\n *\n * The `digest` (code + data) is serialized into the RSC stream separately from the\n * Error instance — only the digest crosses the RSC → client boundary.\n *\n * @example\n * ```ts\n * throw new RenderError('PRODUCT_NOT_FOUND', {\n *   title: 'Product not found',\n *   resourceId: params.id,\n * })\n * ```\n */\nexport class RenderError<\n  TCode extends string = string,\n  TData extends JsonSerializable = JsonSerializable,\n> extends Error {\n  readonly code: TCode;\n  readonly digest: RenderErrorDigest<TCode, TData>;\n  readonly status: number;\n\n  constructor(code: TCode, data: TData, options?: { status?: number }) {\n    super(`RenderError: ${code}`);\n    this.name = 'RenderError';\n    this.code = code;\n    this.digest = { code, data };\n\n    warnIfNotSerializable(data, 'RenderError');\n\n    const status = options?.status ?? 500;\n    if (status < 400 || status > 599) {\n      throw new Error(`RenderError status must be 4xx or 5xx, got ${status}.`);\n    }\n    this.status = status;\n  }\n}\n\n// ─── waitUntil ──────────────────────────────────────────────────────────────\n\n/** Minimal interface for adapters that support background work. */\nexport interface WaitUntilAdapter {\n  waitUntil?(promise: Promise<unknown>): void;\n}\n\n// Intentional per-app singleton — warn-once flag that persists for the\n// lifetime of the process/isolate. Not per-request; do not migrate to ALS.\nlet _waitUntilWarned = false;\n\n/**\n * Register a promise to be kept alive after the response is sent.\n * Maps to `ctx.waitUntil()` on Cloudflare Workers and similar platforms.\n *\n * In production, the platform adapter installs a per-request waitUntil\n * function via ALS (see waituntil-bridge.ts). This function checks the\n * ALS bridge first, then falls back to the legacy adapter argument.\n *\n * If neither is available, a warning is logged once and the promise is\n * left to resolve (or reject) without being tracked.\n *\n * @param promise - The background work to keep alive.\n * @param adapter - Optional legacy adapter (prefer ALS bridge in production).\n */\nexport function waitUntil(promise: Promise<unknown>, adapter?: WaitUntilAdapter): void {\n  // Check ALS bridge first (installed by generated entry points)\n  const alsFn = _getWaitUntil();\n  if (alsFn) {\n    alsFn(promise);\n    return;\n  }\n\n  // Fall back to legacy adapter argument\n  if (adapter && typeof adapter.waitUntil === 'function') {\n    adapter.waitUntil(promise);\n    return;\n  }\n\n  if (!_waitUntilWarned) {\n    _waitUntilWarned = true;\n    console.warn(\n      '[timber] waitUntil() is not supported by the current adapter. ' +\n        'Background work will not be tracked. This warning is shown once.'\n    );\n  }\n}\n\n/**\n * Reset the waitUntil warning state. Exported for testing only.\n * @internal\n */\nexport function _resetWaitUntilWarning(): void {\n  _waitUntilWarned = false;\n}\n\n// ─── SsrStreamError ─────────────────────────────────────────────────────────\n\n/**\n * Error thrown when SSR's renderToReadableStream fails due to an error\n * in the decoded RSC stream (e.g., uncontained slot errors).\n *\n * The RSC entry checks for this error type in its catch block to avoid\n * re-executing server components via renderDenyPage. Instead, it renders\n * a bare deny/error page without layout wrapping.\n *\n * Defined in primitives.ts (not ssr-entry.ts) because ssr-entry.ts imports\n * react-dom/server which cannot be loaded in the RSC environment.\n */\nexport class SsrStreamError extends Error {\n  constructor(\n    message: string,\n    public readonly cause: unknown\n  ) {\n    super(message);\n    this.name = 'SsrStreamError';\n  }\n}\n","/**\n * Server action primitives: revalidatePath, revalidateTag, and the action handler.\n *\n * - revalidatePath(path) re-renders the route at that path and returns the RSC\n *   flight payload for inline reconciliation.\n * - revalidateTag(tag) invalidates timber.cache entries by tag.\n *\n * Both are callable from anywhere on the server — actions, API routes, handlers.\n *\n * The action handler processes incoming action requests, validates CSRF,\n * enforces body limits, executes the action, and returns the response\n * (with piggybacked RSC payload if revalidatePath was called).\n *\n * See design/08-forms-and-actions.md\n */\n\nimport { getCacheHandler } from '../cache/handler-store';\nimport { RedirectSignal } from './primitives';\nimport { withSpan } from './tracing';\nimport { revalidationAls, type RevalidationState } from './als-registry.js';\n\n// ─── Types ───────────────────────────────────────────────────────────────\n\n/** Result of rendering a revalidation — element tree before RSC serialization. */\nexport interface RevalidationResult {\n  /** React element tree (pre-serialization — passed to renderToReadableStream). */\n  element: unknown;\n  /** Resolved head elements for metadata. */\n  headElements: unknown[];\n}\n\n/** Renderer function that builds a React element tree for a given path. */\nexport type RevalidateRenderer = (path: string) => Promise<RevalidationResult>;\n\n// Re-export the type from the registry for public API consumers.\nexport type { RevalidationState } from './als-registry.js';\n\n/** Options for creating the action handler. */\nexport interface ActionHandlerConfig {\n  /** Renderer for producing RSC payloads during revalidation. */\n  renderer?: RevalidateRenderer;\n}\n\n/** Result of handling a server action request. */\nexport interface ActionHandlerResult {\n  /** The action's return value (serialized). */\n  actionResult: unknown;\n  /** Revalidation result if revalidatePath was called (element tree, not yet serialized). */\n  revalidation?: RevalidationResult;\n  /** Redirect location if a RedirectSignal was thrown during revalidation. */\n  redirectTo?: string;\n  /** Redirect status code. */\n  redirectStatus?: number;\n}\n\n// ─── Revalidation State ──────────────────────────────────────────────────\n\n// Per-request revalidation state stored in AsyncLocalStorage (from als-registry.ts).\n// This ensures concurrent requests never share or overwrite each other's state\n// (the previous module-level global was vulnerable to cross-request pollution).\n\n/**\n * Set the revalidation state for the current action execution.\n * @internal — kept for test compatibility; prefer executeAction() which uses ALS.\n */\nexport function _setRevalidationState(state: RevalidationState): void {\n  // Enter ALS scope — this is only used by tests that call revalidatePath/Tag\n  // directly without going through executeAction().\n  revalidationAls.enterWith(state);\n}\n\n/**\n * Clear the revalidation state after action execution.\n * @internal — kept for test compatibility.\n */\nexport function _clearRevalidationState(): void {\n  revalidationAls.enterWith(undefined as unknown as RevalidationState);\n}\n\n/**\n * Get the current revalidation state. Throws if called outside an action context.\n * @internal\n */\nfunction getRevalidationState(): RevalidationState {\n  const state = revalidationAls.getStore();\n  if (!state) {\n    throw new Error(\n      'revalidatePath/revalidateTag called outside of a server action context. ' +\n        'These functions can only be called during action execution.'\n    );\n  }\n  return state;\n}\n\n// ─── Public API ──────────────────────────────────────────────────────────\n\n/**\n * Re-render the route at `path` and include the RSC flight payload in the\n * action response. The client reconciles inline — no separate fetch needed.\n *\n * Can be called from server actions, API routes, or any server-side context.\n *\n * @param path - The path to re-render (e.g. '/dashboard', '/todos').\n */\nexport function revalidatePath(path: string): void {\n  const state = getRevalidationState();\n  if (!state.paths.includes(path)) {\n    state.paths.push(path);\n  }\n}\n\n/**\n * Invalidate all timber.cache entries tagged with `tag`.\n * Does not return a payload — the next request for an invalidated entry re-executes.\n *\n * @param tag - The cache tag to invalidate (e.g. 'products', 'user:123').\n */\nexport function revalidateTag(tag: string): void {\n  const state = getRevalidationState();\n  if (!state.tags.includes(tag)) {\n    state.tags.push(tag);\n  }\n}\n\n// ─── Action Handler ──────────────────────────────────────────────────────\n\n/**\n * Execute a server action and process revalidation.\n *\n * 1. Sets up revalidation state\n * 2. Calls the action function\n * 3. Processes revalidateTag calls (invalidates cache entries)\n * 4. Processes revalidatePath calls (re-renders and captures RSC payload)\n * 5. Returns the action result + optional RSC payload\n *\n * @param actionFn - The server action function to execute.\n * @param args - Arguments to pass to the action.\n * @param config - Handler configuration (cache handler, renderer).\n */\nexport async function executeAction(\n  actionFn: (...args: unknown[]) => Promise<unknown>,\n  args: unknown[],\n  config: ActionHandlerConfig = {},\n  spanMeta?: { actionFile?: string; actionName?: string }\n): Promise<ActionHandlerResult> {\n  const state: RevalidationState = { paths: [], tags: [] };\n  let actionResult: unknown;\n  let redirectTo: string | undefined;\n  let redirectStatus: number | undefined;\n\n  // Run the action inside ALS scope so revalidatePath/Tag resolve to this\n  // request's state object — concurrent requests each get their own scope.\n  await revalidationAls.run(state, async () => {\n    try {\n      actionResult = await withSpan(\n        'timber.action',\n        {\n          ...(spanMeta?.actionFile ? { 'timber.action_file': spanMeta.actionFile } : {}),\n          ...(spanMeta?.actionName ? { 'timber.action_name': spanMeta.actionName } : {}),\n        },\n        () => actionFn(...args)\n      );\n    } catch (error) {\n      if (error instanceof RedirectSignal) {\n        redirectTo = error.location;\n        redirectStatus = error.status;\n      } else {\n        throw error;\n      }\n    }\n  });\n\n  // Process tag invalidation via the module-level cache handler singleton.\n  // setCacheHandler() is called at boot from rsc-entry when timber.config.ts\n  // provides a cacheHandler; otherwise falls back to in-memory LRU (TIM-599).\n  if (state.tags.length > 0) {\n    const handler = getCacheHandler();\n    await Promise.all(state.tags.map((tag) => handler.invalidate({ tag })));\n  }\n\n  // Process path revalidation — build element tree (not yet serialized)\n  let revalidation: RevalidationResult | undefined;\n  if (state.paths.length > 0 && config.renderer) {\n    // For now, render the first revalidated path.\n    // Multiple paths could be supported via multipart streaming in the future.\n    const path = state.paths[0];\n    try {\n      revalidation = await config.renderer(path);\n    } catch (renderError) {\n      if (renderError instanceof RedirectSignal) {\n        // Revalidation triggered a redirect (e.g., session expired)\n        redirectTo = renderError.location;\n        redirectStatus = renderError.status;\n      } else {\n        // Log but don't fail the action — revalidation is best-effort\n        console.error('[timber] revalidatePath render failed:', renderError);\n      }\n    }\n  }\n\n  return {\n    actionResult,\n    revalidation,\n    ...(redirectTo ? { redirectTo, redirectStatus } : {}),\n  };\n}\n\n/**\n * Build an HTTP Response for a no-JS form submission.\n * Standard POST → 302 redirect pattern.\n *\n * @param redirectPath - Where to redirect after the action executes.\n */\nexport function buildNoJsResponse(redirectPath: string, status: number = 302): Response {\n  return new Response(null, {\n    status,\n    headers: { Location: redirectPath },\n  });\n}\n\n/**\n * Detect whether the incoming request is an RSC action request (with JS)\n * or a plain HTML form POST (no JS).\n *\n * RSC action requests use Accept: text/x-component or Content-Type: text/x-component.\n */\nexport function isRscActionRequest(req: Request): boolean {\n  const accept = req.headers.get('Accept') ?? '';\n  const contentType = req.headers.get('Content-Type') ?? '';\n  return accept.includes('text/x-component') || contentType.includes('text/x-component');\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAkCA,SAAgB,eAAkE;AAChF,QAAO,aAAa,UAAU;;;;;;;;;;AChBhC,SAAgB,oBAAoB,OAAgB,OAAO,QAAuB;AAChF,KAAI,UAAU,QAAQ,UAAU,KAAA,EAAW,QAAO;AAElD,SAAQ,OAAO,OAAf;EACE,KAAK;EACL,KAAK;EACL,KAAK,UACH,QAAO;EACT,KAAK,SACH,QAAO,GAAG,KAAK;EACjB,KAAK,WACH,QAAO,GAAG,KAAK;EACjB,KAAK,SACH,QAAO,GAAG,KAAK;EACjB,KAAK,SACH;EACF,QACE,QAAO,GAAG,KAAK,yBAAyB,OAAO,MAAM;;AAGzD,KAAI,iBAAiB,KACnB,QAAO,GAAG,KAAK;AAEjB,KAAI,iBAAiB,IACnB,QAAO,GAAG,KAAK;AAEjB,KAAI,iBAAiB,IACnB,QAAO,GAAG,KAAK;AAEjB,KAAI,iBAAiB,OACnB,QAAO,GAAG,KAAK;AAEjB,KAAI,iBAAiB,MACnB,QAAO,GAAG,KAAK;AAGjB,KAAI,MAAM,QAAQ,MAAM,EAAE;AACxB,OAAK,IAAI,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;GACrC,MAAM,SAAS,oBAAoB,MAAM,IAAI,GAAG,KAAK,GAAG,EAAE,GAAG;AAC7D,OAAI,OAAQ,QAAO;;AAErB,SAAO;;CAOT,MAAM,QAAQ,OAAO,eAAe,MAAM;AAC1C,KAAI,UAAU,KACZ,QAAO,GAAG,KAAK;AAEjB,KAAI,UAAU,OAAO,UAEnB,QAAO,GAAG,KAAK,QADD,MAAiB,aAAa,QAAQ,UACxB;AAG9B,MAAK,MAAM,OAAO,OAAO,KAAK,MAAiC,EAAE;EAC/D,MAAM,SAAS,oBAAqB,MAAkC,MAAM,GAAG,KAAK,GAAG,MAAM;AAC7F,MAAI,OAAQ,QAAO;;AAErB,QAAO;;;;;;AAOT,SAAS,sBAAsB,MAAe,YAA0B;AACtE,KAAI,CAAC,SAAS,CAAE;AAChB,KAAI,SAAS,KAAA,EAAW;CAExB,MAAM,QAAQ,oBAAoB,KAAK;AACvC,KAAI,MACF,SAAQ,KACN,YAAY,WAAW,IAAI,MAAM,qIAGlC;;;;;;AAUL,IAAa,aAAb,cAAgC,MAAM;CACpC;CACA;CAEA,YAAY,QAAgB,MAAyB;AACnD,QAAM,6BAA6B,SAAS;AAC5C,OAAK,OAAO;AACZ,OAAK,SAAS;AACd,OAAK,OAAO;;;;;;;CAQd,IAAI,aAAiC;AACnC,MAAI,CAAC,KAAK,MAAO,QAAO,KAAA;EACxB,MAAM,SAAS,KAAK,MAAM,MAAM,KAAK;AAGrC,OAAK,IAAI,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;GACtC,MAAM,QAAQ,OAAO;AACrB,OAAI,CAAC,MAAO;AAEZ,OAAI,MAAM,SAAS,gBAAgB,IAAI,MAAM,SAAS,eAAe,CAAE;GAEvE,MAAM,QACJ,MAAM,MAAM,2BAA2B,IAAI,MAAM,MAAM,6BAA6B;AACtF,OAAI,QAAQ,IAAI;IAEd,MAAM,OAAO,MAAM;IACnB,MAAM,SAAS,KAAK,QAAQ,QAAQ;AACpC,WAAO,UAAU,IAAI,KAAK,MAAM,SAAS,EAAE,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwCtD,SAAgB,KAAK,iBAAwC,MAAgC;CAC3F,IAAI;CACJ,IAAI;AAEJ,KAAI,OAAO,oBAAoB,YAAY,oBAAoB,MAAM;AACnE,WAAS,gBAAgB,UAAU;AACnC,iBAAe,gBAAgB;QAC1B;AACL,WAAS,mBAAmB;AAC5B,iBAAe;;AAGjB,KAAI,SAAS,OAAO,SAAS,IAC3B,OAAM,IAAI,MAAM,iDAAiD,OAAO,GAAG;AAE7E,uBAAsB,cAAc,SAAS;AAC7C,OAAM,IAAI,WAAW,QAAQ,aAAa;;;;;;;;;AAmB5C,IAAa,eAAe;CAC1B,MAAM;CACN,SAAS;CACV;;;;;AAQD,IAAa,iBAAb,cAAoC,MAAM;CACxC;CACA;CAEA,YAAY,UAAkB,QAAgB;AAC5C,QAAM,eAAe,WAAW;AAChC,OAAK,OAAO;AACZ,OAAK,WAAW;AAChB,OAAK,SAAS;;;;AAKlB,IAAM,kBAAkB;;;;;;;;;;;;;;;;;;AA6CxB,SAAgB,SAAS,MAAc,iBAAmD;CACxF,IAAI;CACJ,IAAI;AAEJ,KAAI,OAAO,oBAAoB,SAC7B,UAAS;UACA,iBAAiB;AAE1B,WAAS,gBAAgB,WAAW,gBAAgB,YAAY,MAAM;AACtE,yBAAuB,gBAAgB;OAEvC,UAAS;AAGX,KAAI,SAAS,OAAO,SAAS,IAC3B,OAAM,IAAI,MAAM,8CAA8C,OAAO,GAAG;AAE1E,KAAI,gBAAgB,KAAK,KAAK,CAC5B,OAAM,IAAI,MACR,6DAA6D,KAAK,iEAEnE;CAGH,IAAI,eAAe;AACnB,KAAI,qBAEF,gBAAe,2BAA2B,MADpB,wBAAwB,EACiB,qBAAqB;AAGtF,OAAM,IAAI,eAAe,cAAc,OAAO;;;;;;;;;AAmBhD,SAAgB,iBAAiB,KAAa,WAAqB,SAAiB,KAAY;AAC9F,KAAI,SAAS,OAAO,SAAS,IAC3B,OAAM,IAAI,MAAM,sDAAsD,OAAO,GAAG;CAGlF,IAAI;AACJ,KAAI;AACF,aAAW,IAAI,IAAI,IAAI,CAAC;SAClB;AACN,QAAM,IAAI,MAAM,gDAAgD,IAAI,GAAG;;AAGzE,KAAI,CAAC,UAAU,SAAS,SAAS,CAC/B,OAAM,IAAI,MACR,8BAA8B,SAAS,wCACxB,UAAU,KAAK,KAAK,CAAC,GACrC;AAGH,OAAM,IAAI,eAAe,KAAK,OAAO;;;;;;;;;;;;;;;;AA+BvC,IAAa,cAAb,cAGU,MAAM;CACd;CACA;CACA;CAEA,YAAY,MAAa,MAAa,SAA+B;AACnE,QAAM,gBAAgB,OAAO;AAC7B,OAAK,OAAO;AACZ,OAAK,OAAO;AACZ,OAAK,SAAS;GAAE;GAAM;GAAM;AAE5B,wBAAsB,MAAM,cAAc;EAE1C,MAAM,SAAS,SAAS,UAAU;AAClC,MAAI,SAAS,OAAO,SAAS,IAC3B,OAAM,IAAI,MAAM,8CAA8C,OAAO,GAAG;AAE1E,OAAK,SAAS;;;AAalB,IAAI,mBAAmB;;;;;;;;;;;;;;;AAgBvB,SAAgB,UAAU,SAA2B,SAAkC;CAErF,MAAM,QAAQ,cAAe;AAC7B,KAAI,OAAO;AACT,QAAM,QAAQ;AACd;;AAIF,KAAI,WAAW,OAAO,QAAQ,cAAc,YAAY;AACtD,UAAQ,UAAU,QAAQ;AAC1B;;AAGF,KAAI,CAAC,kBAAkB;AACrB,qBAAmB;AACnB,UAAQ,KACN,iIAED;;;;;;;;;;;;;;;;;;;;;;;;AChXL,SAAS,uBAA0C;CACjD,MAAM,QAAQ,gBAAgB,UAAU;AACxC,KAAI,CAAC,MACH,OAAM,IAAI,MACR,sIAED;AAEH,QAAO;;;;;;;;;;AAaT,SAAgB,eAAe,MAAoB;CACjD,MAAM,QAAQ,sBAAsB;AACpC,KAAI,CAAC,MAAM,MAAM,SAAS,KAAK,CAC7B,OAAM,MAAM,KAAK,KAAK;;;;;;;;AAU1B,SAAgB,cAAc,KAAmB;CAC/C,MAAM,QAAQ,sBAAsB;AACpC,KAAI,CAAC,MAAM,KAAK,SAAS,IAAI,CAC3B,OAAM,KAAK,KAAK,IAAI;;;;;;;;;;;;;;;AAmBxB,eAAsB,cACpB,UACA,MACA,SAA8B,EAAE,EAChC,UAC8B;CAC9B,MAAM,QAA2B;EAAE,OAAO,EAAE;EAAE,MAAM,EAAE;EAAE;CACxD,IAAI;CACJ,IAAI;CACJ,IAAI;AAIJ,OAAM,gBAAgB,IAAI,OAAO,YAAY;AAC3C,MAAI;AACF,kBAAe,MAAM,SACnB,iBACA;IACE,GAAI,UAAU,aAAa,EAAE,sBAAsB,SAAS,YAAY,GAAG,EAAE;IAC7E,GAAI,UAAU,aAAa,EAAE,sBAAsB,SAAS,YAAY,GAAG,EAAE;IAC9E,QACK,SAAS,GAAG,KAAK,CACxB;WACM,OAAO;AACd,OAAI,iBAAiB,gBAAgB;AACnC,iBAAa,MAAM;AACnB,qBAAiB,MAAM;SAEvB,OAAM;;GAGV;AAKF,KAAI,MAAM,KAAK,SAAS,GAAG;EACzB,MAAM,UAAU,iBAAiB;AACjC,QAAM,QAAQ,IAAI,MAAM,KAAK,KAAK,QAAQ,QAAQ,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;;CAIzE,IAAI;AACJ,KAAI,MAAM,MAAM,SAAS,KAAK,OAAO,UAAU;EAG7C,MAAM,OAAO,MAAM,MAAM;AACzB,MAAI;AACF,kBAAe,MAAM,OAAO,SAAS,KAAK;WACnC,aAAa;AACpB,OAAI,uBAAuB,gBAAgB;AAEzC,iBAAa,YAAY;AACzB,qBAAiB,YAAY;SAG7B,SAAQ,MAAM,0CAA0C,YAAY;;;AAK1E,QAAO;EACL;EACA;EACA,GAAI,aAAa;GAAE;GAAY;GAAgB,GAAG,EAAE;EACrD;;;;;;;;AASH,SAAgB,kBAAkB,cAAsB,SAAiB,KAAe;AACtF,QAAO,IAAI,SAAS,MAAM;EACxB;EACA,SAAS,EAAE,UAAU,cAAc;EACpC,CAAC;;;;;;;;AASJ,SAAgB,mBAAmB,KAAuB;CACxD,MAAM,SAAS,IAAI,QAAQ,IAAI,SAAS,IAAI;CAC5C,MAAM,cAAc,IAAI,QAAQ,IAAI,eAAe,IAAI;AACvD,QAAO,OAAO,SAAS,mBAAmB,IAAI,YAAY,SAAS,mBAAmB"}

package/dist/_chunks/als-registry-HS0LGUl2.js

@@ -1,41 +0,0 @@
-import { AsyncLocalStorage } from "node:async_hooks";
-//#region src/server/als-registry.ts
-/**
-* Centralized AsyncLocalStorage registry for server-side per-request state.
-*
-* ALL ALS instances used by the server framework live here. Individual
-* modules (request-context.ts, tracing.ts, actions.ts, etc.) import from
-* this registry and re-export public accessor functions.
-*
-* Why: ALS instances require singleton semantics — if two copies of the
-* same ALS exist (one from a relative import, one from a barrel import),
-* one module writes to its copy and another reads from an empty copy.
-* Centralizing ALS creation in a single module eliminates this class of bug.
-*
-* The `timber-shims` plugin ensures `@timber-js/app/server` resolves to
-* src/ in RSC and SSR environments, so all import paths converge here.
-*
-* DO NOT create ALS instances outside this file. If you need a new ALS,
-* add it here and import from `./als-registry.js` in the consuming module.
-*
-* See design/18-build-system.md §"Module Singleton Strategy" and
-* §"Singleton State Registry".
-*/
-/** @internal — import via request-context.ts public API */
-var requestContextAls = new AsyncLocalStorage();
-/** @internal — import via tracing.ts public API */
-var traceAls = new AsyncLocalStorage();
-/** @internal — import via server-timing.ts public API */
-var timingAls = new AsyncLocalStorage();
-/** @internal — import via actions.ts public API */
-var revalidationAls = new AsyncLocalStorage();
-/** @internal — import via form-flash.ts public API */
-var formFlashAls = new AsyncLocalStorage();
-/** @internal — import via early-hints-sender.ts public API */
-var earlyHintsSenderAls = new AsyncLocalStorage();
-/** @internal — import via waituntil-bridge.ts public API */
-var waitUntilAls = new AsyncLocalStorage();
-//#endregion
-export { timingAls as a, revalidationAls as i, formFlashAls as n, traceAls as o, requestContextAls as r, waitUntilAls as s, earlyHintsSenderAls as t };
-
-//# sourceMappingURL=als-registry-HS0LGUl2.js.map

package/dist/_chunks/als-registry-HS0LGUl2.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"als-registry-HS0LGUl2.js","names":[],"sources":["../../src/server/als-registry.ts"],"sourcesContent":["/**\n * Centralized AsyncLocalStorage registry for server-side per-request state.\n *\n * ALL ALS instances used by the server framework live here. Individual\n * modules (request-context.ts, tracing.ts, actions.ts, etc.) import from\n * this registry and re-export public accessor functions.\n *\n * Why: ALS instances require singleton semantics — if two copies of the\n * same ALS exist (one from a relative import, one from a barrel import),\n * one module writes to its copy and another reads from an empty copy.\n * Centralizing ALS creation in a single module eliminates this class of bug.\n *\n * The `timber-shims` plugin ensures `@timber-js/app/server` resolves to\n * src/ in RSC and SSR environments, so all import paths converge here.\n *\n * DO NOT create ALS instances outside this file. If you need a new ALS,\n * add it here and import from `./als-registry.js` in the consuming module.\n *\n * See design/18-build-system.md §\"Module Singleton Strategy\" and\n * §\"Singleton State Registry\".\n */\n\nimport { AsyncLocalStorage } from 'node:async_hooks';\nimport type { DebugComponentEntry } from './rsc-entry/helpers.js';\n\n// ─── Request Context ──────────────────────────────────────────────────────\n// Used by: request-context.ts (getHeaders(), getCookies(), getSearchParams())\n// Design doc: design/04-authorization.md\n\n/** @internal — import via request-context.ts public API */\nexport const requestContextAls = new AsyncLocalStorage<RequestContextStore>();\n\nexport interface RequestContextStore {\n  /** Incoming request headers (read-only view). */\n  headers: Headers;\n  /** Raw cookie header string, parsed lazily into a Map on first access. */\n  cookieHeader: string;\n  /** Lazily-parsed cookie map (mutable — reflects write-overlay from set()). */\n  parsedCookies?: Map<string, string>;\n  /** Original (pre-overlay) frozen headers, kept for overlay merging. */\n  originalHeaders: Headers;\n  /**\n   * Promise resolving to the raw URLSearchParams for the current request.\n   * To get typed parsed params, import a search params definition and\n   * call `.parse(searchParams())`.\n   */\n  searchParamsPromise: Promise<URLSearchParams>;\n  /**\n   * Raw search string from the request URL (e.g. \"?foo=bar&baz=1\").\n   * Available synchronously for use in `redirect()` with `preserveSearchParams`.\n   */\n  searchString: string;\n  /**\n   * Promise resolving to the coerced segment params for the current request.\n   * Set by the pipeline after route matching and param coercion, before\n   * middleware and rendering. Pages and layouts read params via\n   * `getSegmentParams()` instead of receiving them as a prop.\n   *\n   * See design/07-routing.md §\"params.ts — Convention File for Typed Params\"\n   */\n  segmentParamsPromise?: Promise<Record<string, string | string[]>>;\n  /** Outgoing Set-Cookie entries (name → serialized value + options). Last write wins. */\n  cookieJar: Map<string, CookieEntry>;\n  /** Whether the response has flushed (headers committed). */\n  flushed: boolean;\n  /** Whether the current context allows cookie mutation. */\n  mutableContext: boolean;\n  /**\n   * Set by AccessGate or PageDenyBoundary when a DenySignal is caught\n   * server-side (inside the React tree, before React Flight sees it).\n   * The pipeline reads this after render to set the HTTP status code.\n   * See TIM-666.\n   */\n  denyStatus?: number;\n  /**\n   * Dev-only: getter for the current request's RSC debug components.\n   * Set by renderRoute() so onPipelineError can include component tree\n   * context for render-phase errors without module-level shared state.\n   */\n  debugComponentsGetter?: () => DebugComponentEntry[];\n}\n\n/** A single outgoing cookie entry in the cookie jar. */\nexport interface CookieEntry {\n  name: string;\n  value: string;\n  options: import('./request-context.js').CookieOptions;\n}\n\n// ─── Tracing ──────────────────────────────────────────────────────────────\n// Used by: tracing.ts (getTraceId(), getSpanId())\n// Design doc: design/17-logging.md\n\nexport interface TraceStore {\n  /** 32-char lowercase hex trace ID (OTEL or UUID fallback). */\n  traceId: string;\n  /** OTEL span ID if available, undefined otherwise. */\n  spanId?: string;\n}\n\n/** @internal — import via tracing.ts public API */\nexport const traceAls = new AsyncLocalStorage<TraceStore>();\n\n// ─── Server-Timing ────────────────────────────────────────────────────────\n// Used by: server-timing.ts (recordTiming(), withTiming())\n// Design doc: (dev-only performance instrumentation)\n\nexport interface TimingStore {\n  entries: import('./server-timing.js').TimingEntry[];\n}\n\n/** @internal — import via server-timing.ts public API */\nexport const timingAls = new AsyncLocalStorage<TimingStore>();\n\n// ─── Revalidation ─────────────────────────────────────────────────────────\n// Used by: actions.ts (revalidatePath(), revalidateTag())\n// Design doc: design/08-forms-and-actions.md\n\nexport interface RevalidationState {\n  /** Paths to re-render (populated by revalidatePath calls). */\n  paths: string[];\n  /** Tags to invalidate (populated by revalidateTag calls). */\n  tags: string[];\n}\n\n/** @internal — import via actions.ts public API */\nexport const revalidationAls = new AsyncLocalStorage<RevalidationState>();\n\n// ─── Form Flash ───────────────────────────────────────────────────────────\n// Used by: form-flash.ts (getFormFlash())\n// Design doc: design/08-forms-and-actions.md §\"No-JS Error Round-Trip\"\n\n/** @internal — import via form-flash.ts public API */\nexport const formFlashAls = new AsyncLocalStorage<import('./form-flash.js').FormFlashData>();\n\n// ─── Early Hints Sender ──────────────────────────────────────────────────\n// Used by: early-hints-sender.ts (sendEarlyHints103())\n// Design doc: design/02-rendering-pipeline.md §\"Early Hints (103)\"\n\n/** Function that sends Link header values as a 103 Early Hints response. */\nexport type EarlyHintsSenderFn = (links: string[]) => void;\n\n/** @internal — import via early-hints-sender.ts public API */\nexport const earlyHintsSenderAls = new AsyncLocalStorage<EarlyHintsSenderFn>();\n\n// ─── waitUntil Bridge ────────────────────────────────────────────────────\n// Used by: waituntil-bridge.ts (waitUntil())\n// Design doc: design/11-platform.md §\"waitUntil()\"\n\n/** Function that extends the request lifecycle with a background promise. */\nexport type WaitUntilFn = (promise: Promise<unknown>) => void;\n\n/** @internal — import via waituntil-bridge.ts public API */\nexport const waitUntilAls = new AsyncLocalStorage<WaitUntilFn>();\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AA8BA,IAAa,oBAAoB,IAAI,mBAAwC;;AAuE7E,IAAa,WAAW,IAAI,mBAA+B;;AAW3D,IAAa,YAAY,IAAI,mBAAgC;;AAc7D,IAAa,kBAAkB,IAAI,mBAAsC;;AAOzE,IAAa,eAAe,IAAI,mBAA4D;;AAU5F,IAAa,sBAAsB,IAAI,mBAAuC;;AAU9E,IAAa,eAAe,IAAI,mBAAgC"}

package/dist/_chunks/debug-ECi_61pb.js

@@ -1,108 +0,0 @@
-//#region src/server/debug.ts
-/**
-* Runtime debug flag for timber.js.
-*
-* Two distinct functions for two distinct security levels:
-*
-* ## `isDebug()` — server-side logging only
-*
-* Returns true when timber's debug/warning messages should be written to
-* stderr / the server console. This NEVER affects what is sent to the
-* client (no error details, no timing headers, no stack traces).
-*
-* Active when any of:
-* - `NODE_ENV !== 'production'` (standard dev mode)
-* - `TIMBER_DEBUG` env var is set to a truthy value at runtime
-* - `timber.config.ts` has `debug: true`
-*
-* ## `isDevMode()` — client-visible dev behavior
-*
-* Returns true ONLY when `NODE_ENV !== 'production'`. This gates anything
-* that changes what clients can observe:
-* - Dev error pages with stack traces (fallback-error.ts)
-* - Detailed Server-Timing headers (pipeline.ts)
-* - Error messages in action INTERNAL_ERROR payloads (action-client.ts)
-* - Pipeline error handler wiring (Vite overlay)
-*
-* `isDevMode()` is statically replaced in production builds → the guarded
-* code is tree-shaken to zero bytes. TIMBER_DEBUG cannot enable it.
-*
-* Usage:
-*   In Cloudflare Workers wrangler.toml:
-*     [vars]
-*     TIMBER_DEBUG = "1"
-*
-*   In Node.js:
-*     TIMBER_DEBUG=1 node server.js
-*
-*   In timber.config.ts:
-*     export default { debug: true }
-*
-* See design/13-security.md for the security taxonomy.
-* See design/18-build-system.md for build pipeline details.
-*/
-/**
-* Check if the application is running in development mode.
-*
-* This is the ONLY function that should gate client-visible dev behavior:
-* - Dev error pages with stack traces
-* - Server-Timing mode default (`'detailed'` in dev, `'total'` in prod)
-* - Error messages in action `INTERNAL_ERROR` payloads
-* - Pipeline error handler wiring (Vite overlay)
-*
-* Returns `process.env.NODE_ENV !== 'production'`, which is statically
-* replaced by the bundler in production builds. Code guarded by this
-* function is tree-shaken to zero bytes in production.
-*
-* TIMBER_DEBUG does NOT enable this — that would leak server internals
-* to clients. Use `isDebug()` for server-side-only logging.
-*/
-function isDevMode() {
-	return process.env.NODE_ENV !== "production";
-}
-/**
-* Config-level debug override. Set via `setDebugFromConfig()` during
-* initialization when timber.config.ts has `debug: true`.
-*/
-var _configDebug = false;
-/**
-* Check if timber debug logging is active (server-side only).
-*
-* Returns true if ANY of these conditions hold:
-* - NODE_ENV is not 'production' (standard dev mode)
-* - TIMBER_DEBUG environment variable is set to a truthy value at runtime
-* - timber.config.ts has `debug: true`
-*
-* This function controls ONLY server-side logging — messages written to
-* stderr or the server console. It NEVER affects client-visible behavior
-* (error pages, response headers, action payloads). For client-visible
-* behavior, use `isDevMode()`.
-*
-* The TIMBER_DEBUG check is deliberately written as a dynamic property
-* access so bundlers cannot statically replace it.
-*/
-function isDebug() {
-	if (process.env.NODE_ENV !== "production") return true;
-	if (_configDebug) return true;
-	return _readTimberDebugEnv();
-}
-/**
-* Read TIMBER_DEBUG from the environment at runtime.
-*
-* Extracted to a separate function to:
-* 1. Prevent bundler inlining (cross-module function calls are not inlined)
-* 2. Handle platforms where `process` may not exist (Cloudflare Workers)
-* 3. Support globalThis.__TIMBER_DEBUG for programmatic control
-*/
-function _readTimberDebugEnv() {
-	if (globalThis.__TIMBER_DEBUG) return true;
-	try {
-		const val = typeof process !== "undefined" && process.env ? process.env["TIMBER_DEBUG"] : void 0;
-		if (val && val !== "0" && val !== "false") return true;
-	} catch {}
-	return false;
-}
-//#endregion
-export { isDevMode as n, isDebug as t };
-
-//# sourceMappingURL=debug-ECi_61pb.js.map