@trebired/git-host 0.1.0

package/CHANGELOG.md

@@ -0,0 +1,22 @@
+# Changelog
+
+All notable changes to `@trebired/git-host` will be documented here.
+
+This project follows semantic versioning once published.
+
+## 0.1.0
+
+- Added the initial `@trebired/git-host` package scaffold with publishable metadata, README, MIT license, contribution guide, and TypeScript build setup.
+- Added a reusable core `createGitHost()` API for worktree-backed repositories with real Git CLI execution, repository summary reads, tree and blob inspection, commit and ref comparison reads, working-tree mutation helpers, branch operations, checkout, remote fetch/pull/push helpers, and per-repository mutation locking.
+- Added `createGitHttpHandler()` for plain Node smart HTTP hosting with host-owned repository resolution and optional authorization hooks.
+- Added `createGitSshServer()` for plain Node SSH Git hosting with host-owned public key authentication, repository resolution, authorization hooks, and Git-only command execution.
+- Added `createGitApiHandler()` for plain Node JSON API routing over repository summaries, branches, commits, trees, blobs, and diffs.
+- Added `@trebired/git-host/react` as an optional React companion with a typed JSON API client, provider, and headless data hooks.
+- Added hosted transport identity and audit hook support for smart HTTP and SSH adapters.
+- Added `checkoutRef()`, `readStagedFile()`, and `readUnstagedFile()` to the core host API for detached ref checkout and pre-commit file inspection.
+- Added host-owned remote transport auth ergonomics for clone, fetch, pull, and push through `remoteCredentials`, `httpHeaders`, and `sshCommand` options.
+- Added SSH key utilities for generation, normalization, comparison, and fingerprinting.
+- Added `@trebired/logger`-style logger support across the main git-host entrypoints with optional verbose diagnostics.
+- Added hosted repository config defaults so worktree-backed repositories can accept smart HTTP push updates through the checked-out branch.
+- Added tests covering repository init, clone, summary reads, tree and blob reads, staged and unstaged file reads, commit detail reads, working-tree staging and commit flows, branch operations, checkout, detached ref checkout, ref comparison, fetch/pull/push helpers, authenticated HTTP remote sync, operation continue and abort, JSON API reads, smart HTTP clone/push, smart HTTP auth hooks, SSH clone/push, SSH audit hooks, locking, and path rejection.
+- Initial public release.

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Miroslav M. and Trebired contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,451 @@
+# @trebired/git-host
+
+Embeddable Git host for Node.js and Bun apps.
+
+`@trebired/git-host` gives your app real Git repository operations and real Git transports without making you adopt a full forge product. It runs the real Git CLI, helps you resolve repository paths safely, serializes mutations per repository, and exposes a reusable API for repository initialization, summary reads, content inspection, branch operations, working-tree changes, remote sync helpers, JSON API handlers, and smart HTTP and SSH hosting.
+
+It is aimed at platforms and products that already own users, permissions, tokens, repository records, and UI, but want to stop hand-rolling the Git layer underneath all of that.
+
+The package keeps auth, permission, and persistence decisions host-owned while giving you reusable Git behavior and transport adapters.
+
+It also exposes an optional React companion at `@trebired/git-host/react` for typed API clients, providers, and headless data hooks on top of the JSON API.
+
+In plain terms:
+
+- it is a Git hosting layer you embed into your app
+- it is not a full Git forge like GitLab, Gitea, or Forgejo
+- it is not a reimplementation of Git
+- it uses the real `git` binary for the hard parts
+
+## Install
+
+Runtime support: Bun 1+ and Node.js 18+.
+
+```sh
+npm install @trebired/git-host
+```
+
+```sh
+npm install @trebired/logger
+```
+
+Optional React companion:
+
+```sh
+npm install react
+```
+
+```ts
+import { createGitHost, resolveRepositoryPath } from "@trebired/git-host";
+import { createLog } from "@trebired/logger";
+
+const log = createLog({
+  console: true,
+  quiet: true,
+  save: false,
+});
+
+const repositoriesRoot = "/srv/git-workspaces";
+
+const gitHost = createGitHost({
+  logger: log,
+  resolveRepository(repositoryId) {
+    return {
+      id: repositoryId,
+      path: resolveRepositoryPath({
+        rootDir: repositoriesRoot,
+        repositoryPath: `${repositoryId}/workspace`,
+      }),
+    };
+  },
+});
+
+await gitHost.ensureRepository("demo", {
+  actor: {
+    name: "Alice",
+    email: "alice@example.com",
+  },
+});
+
+const summary = await gitHost.readSummary("demo");
+console.log(summary.repository.current_branch);
+
+const workingTree = await gitHost.readWorkingTree("demo");
+console.log(workingTree.unstaged_entries);
+
+await gitHost.fetch("demo", {
+  remoteCredentials: {
+    username: "git-user",
+    password: process.env.GIT_TOKEN || "",
+  },
+});
+```
+
+Smart HTTP hosting:
+
+```ts
+import { createServer } from "node:http";
+import { createGitHost, createGitHttpHandler } from "@trebired/git-host";
+import { createLog } from "@trebired/logger";
+
+const log = createLog({
+  console: true,
+  quiet: true,
+  save: false,
+});
+
+const gitHost = createGitHost({
+  resolveRepository(repositoryId) {
+    return {
+      id: repositoryId,
+      path: `/srv/git-workspaces/${repositoryId}/workspace`,
+    };
+  },
+});
+
+const server = createServer(createGitHttpHandler({
+  basePath: "/git",
+  logger: log,
+  resolveRepository(repositoryKey) {
+    return {
+      id: repositoryKey,
+      path: `/srv/git-workspaces/${repositoryKey}/workspace`,
+    };
+  },
+}));
+
+server.listen(3000);
+```
+
+Then clients can use:
+
+```sh
+git clone http://127.0.0.1:3000/git/demo.git
+git push
+```
+
+SSH hosting:
+
+```ts
+import { createGitSshServer } from "@trebired/git-host";
+import { createLog } from "@trebired/logger";
+
+const log = createLog({
+  console: true,
+  quiet: true,
+  save: false,
+});
+
+const sshServer = createGitSshServer({
+  hostKeys: [hostPrivateKeyPem],
+  logger: log,
+  authenticate({ publicKey, username }) {
+    if (username !== "git") return null;
+    const account = findAccountBySshPublicKey(publicKey);
+    if (!account) return null;
+    return {
+      publicKey: account.publicKey,
+      remoteUser: account.username,
+      identity: account,
+    };
+  },
+  resolveRepository(repositoryKey) {
+    return {
+      id: repositoryKey,
+      path: `/srv/git-workspaces/${repositoryKey}/workspace`,
+    };
+  },
+});
+
+sshServer.listen(2222, "0.0.0.0");
+```
+
+Then clients can use:
+
+```sh
+git clone ssh://git@127.0.0.1:2222/demo.git
+git push
+```
+
+JSON API hosting:
+
+```ts
+import { createServer } from "node:http";
+import { createGitApiHandler, createGitHost } from "@trebired/git-host";
+import { createLog } from "@trebired/logger";
+
+const log = createLog({
+  console: true,
+  quiet: true,
+  save: false,
+});
+
+const gitHost = createGitHost({
+  resolveRepository(repositoryId) {
+    return {
+      id: repositoryId,
+      path: `/srv/git-workspaces/${repositoryId}/workspace`,
+    };
+  },
+});
+
+const apiServer = createServer(createGitApiHandler({
+  basePath: "/api/git",
+  gitHost,
+  logger: log,
+  authorize({ action, repositoryId }) {
+    return canReadRepository(repositoryId, action);
+  },
+}));
+
+apiServer.listen(3100);
+```
+
+Then apps can use routes like:
+
+```txt
+GET /api/git/repositories/demo/summary
+GET /api/git/repositories/demo/branches
+GET /api/git/repositories/demo/commits?limit=20
+GET /api/git/repositories/demo/commits/<commit-ref>
+GET /api/git/repositories/demo/tree?ref=HEAD&path=src
+GET /api/git/repositories/demo/blob?ref=HEAD&path=README.md
+GET /api/git/repositories/demo/diff?baseRef=main&headRef=feature%2Fx
+```
+
+React companion:
+
+```ts
+import { createGitApiClient, GitApiClientProvider, useGitRepositorySummary } from "@trebired/git-host/react";
+
+const gitClient = createGitApiClient({
+  baseUrl: "/api/git",
+});
+
+function RepositorySummaryCard() {
+  const summary = useGitRepositorySummary("demo");
+
+  if (summary.loading) return "Loading...";
+  if (summary.error) return summary.error.message;
+  if (!summary.data) return "Missing repository";
+
+  return `${summary.data.repository.current_branch} @ ${summary.data.repository.head_short}`;
+}
+
+function App() {
+  return (
+    <GitApiClientProvider client={gitClient}>
+      <RepositorySummaryCard />
+    </GitApiClientProvider>
+  );
+}
+```
+
+The React entry is intentionally headless. It helps apps fetch and mutate Git data consistently, but it does not ship a bundled styled UI.
+
+## Current API
+
+The first public slice is intentionally small:
+
+- `createGitHost()`
+- `resolveRepositoryPath()`
+- `runGit()`
+- `buildGitEnv()`
+- `RepositoryLockManager`
+- `createGitApiHandler()`
+- `createGitHttpHandler()`
+- `generateSshKeyPair()`
+- `normalizeSshPublicKey()`
+- `compareSshPublicKeys()`
+- `fingerprintSshPublicKey()`
+- `createGitSshServer()`
+- `@trebired/git-host/react`
+
+And the main host instance methods:
+
+- `ensureRepository()`
+- `readSummary()`
+- `listBranches()`
+- `listCommits()`
+- `listTree()`
+- `readBlob()`
+- `readCommit()`
+- `diff()`
+- `readWorkingTree()`
+- `readStagedFile()`
+- `readUnstagedFile()`
+- `createBranch()`
+- `checkoutBranch()`
+- `checkoutRef()`
+- `deleteBranch()`
+- `stagePaths()`
+- `unstagePaths()`
+- `discardPaths()`
+- `commit()`
+- `continueOperation()`
+- `abortOperation()`
+- `fetch()`
+- `pull()`
+- `push()`
+- `withRepositoryLock()`
+
+The React entry currently exports:
+
+- `createGitApiClient()`
+- `GitApiClientProvider`
+- `useGitRepositorySummary()`
+- `useGitBranches()`
+- `useGitCommits()`
+- `useGitCommit()`
+- `useGitTree()`
+- `useGitBlob()`
+- `useGitDiff()`
+- `useGitApiQuery()`
+
+## Repository Model
+
+This package does not own your app database.
+
+Your app resolves a repository id to an absolute repository path. The package then runs Git operations against that path. This keeps repository metadata, permissions, tokens, SSH keys, and UI decisions inside the host app where they belong.
+
+The current public API is worktree-first because that keeps the reusable boundary compact and predictable.
+
+Private remotes are still host-owned. The package now helps with the transport plumbing by supporting:
+
+- `remoteCredentials` for clone, fetch, pull, and push
+- `httpHeaders` for per-command HTTP headers such as bearer auth
+- `sshCommand` for per-command SSH transport overrides
+
+## Why This Package
+
+Most alternatives fall into one of three buckets:
+
+- full forge products such as GitLab, Gitea, or Forgejo
+- Git implementation libraries that reimplement Git behavior in another runtime
+- one-off app code that shells out to `git` without a reusable boundary
+
+`@trebired/git-host` is aiming at the gap between those options.
+
+Use it when you want:
+
+- your app to keep owning users, permissions, tokens, SSH keys, repository records, and UI
+- real Git behavior from the system `git` binary
+- clone, fetch, pull, and push over smart HTTP and SSH
+- a reusable Git runtime instead of spreading Git shell calls all over your platform code
+- optional headless React helpers over the JSON API without coupling the core package to a UI framework
+
+Do not use it when you want:
+
+- a ready-made Git product with issues, pull requests, teams, admin screens, and built-in account management
+- a pure JavaScript Git implementation with no `git` binary dependency
+
+That makes it useful for internal developer platforms, product-specific source management, deployment systems, controlled automation environments, and apps that need Git as a capability rather than Git hosting as a separate product.
+
+## Path Safety
+
+Repository paths should never come straight from request input.
+
+The intended flow is:
+
+```txt
+request repo id -> host app record lookup -> absolute repository path -> git-host
+```
+
+`resolveRepositoryPath()` is provided as a safe join helper when your host app stores repository-relative paths under one known root.
+
+## Hosted Transport Hooks
+
+Hosted transports keep identity and permission policy in your app.
+
+- `createGitHttpHandler()` supports host-owned repository resolution, optional identity resolution, permission checks, and request audit events.
+- `createGitSshServer()` supports host-owned public key authentication, permission checks, and command audit events.
+- `createGitApiHandler()` supports host-owned repository id mapping and per-route authorization.
+- `generateSshKeyPair()`, `normalizeSshPublicKey()`, `compareSshPublicKeys()`, and `fingerprintSshPublicKey()` help host apps manage SSH transport setup without owning the parsing details themselves.
+
+## Platform Fit
+
+`@trebired/git-host` is a good fit when a larger platform already owns users, permissions, repository records, tokens, SSH keys, and UI, but wants to stop hand-rolling the reusable Git layer.
+
+The package is meant to replace or simplify:
+
+- Git CLI execution and environment shaping
+- repository locking and mutation coordination
+- repository summary, tree, blob, commit, diff, and working-tree reads
+- branch, checkout, commit, fetch, pull, and push operations
+- smart HTTP and SSH Git transport handling
+- thin JSON API route internals around those Git operations
+
+The host platform should still own:
+
+- repository and source metadata persistence
+- permission checks and route authorization policy
+- access token issuance, revocation, and storage
+- SSH key ownership, private key storage, and known-host persistence
+- merge requests, reviews, UI flows, and other product-specific features
+
+That boundary is where the package simplifies a platform the most without turning into a forge product of its own.
+
+## Logger Support
+
+`@trebired/git-host` works best with `@trebired/logger`, and that is the recommended logger.
+
+Why we recommend it:
+
+- it is simple
+- it already matches git-host's expected method shape
+- it keeps application logs and git-host diagnostics in one consistent format
+
+The logger style:
+
+```ts
+log.info("git-host", "initializing repository", { repositoryId: "demo" });
+```
+
+comes from `@trebired/logger`.
+
+You can pass that same `log` object into `createGitHost()`, `createGitHttpHandler()`, `createGitSshServer()`, and `createGitApiHandler()` through their `logger` option.
+
+If you do not pass a logger and `@trebired/logger` is installed in the host app, git-host will create a quiet console-only logger automatically before falling back to raw `console`.
+
+If you also set `verbose: true`, git-host will emit successful lifecycle and transport diagnostics through that logger. Without `verbose`, it stays much quieter and mainly reports rejected or failed operations.
+
+Custom loggers can also use one of these shapes:
+
+```ts
+type Logger = {
+  info(group: string, message: string, metadata?: unknown): void;
+  warn(group: string, message: string, metadata?: unknown): void;
+  error(group: string, message: string, metadata?: unknown): void;
+  fail(group: string, message: string, metadata?: unknown): void;
+};
+
+type Event = {
+  level: "info" | "warn" | "error" | "fail";
+  group: string;
+  message: string;
+  metadata?: unknown;
+};
+
+type EventLogger = (event: Event) => void;
+
+type SinkLogger = {
+  log?(event: Event): void;
+  write?(event: Event): void;
+  fatal?(message: string, metadata?: unknown): void;
+};
+```
+
+Common logger objects such as `console`, pino-style level methods, or Winston-style sinks are also adapted as sensibly as possible.
+
+If no logger is provided and `@trebired/logger` is not installed, git-host falls back to plain `console` output for its own diagnostics.
+
+## Roadmap
+
+The remaining package work is mostly convenience and hardening:
+
+- thin Express wrappers when they stay truly thin
+- broader examples for host-app integration patterns
+
+## Contributing
+
+See `CONTRIBUTING.md` for development commands and package guidelines.

package/dist/api/handler/action.d.ts

@@ -0,0 +1,5 @@
+import type { CreateGitApiHandlerOptions } from "../../types.js";
+import { parseGitApiRoute } from "./route.js";
+declare function runGitApiAction(options: CreateGitApiHandlerOptions, route: ReturnType<typeof parseGitApiRoute>, repositoryId: string, searchParams: URLSearchParams): Promise<import("../../types.js").GitCommitDetail | import("../../types.js").GitCommitSummary[] | import("../../types.js").GitCompareSummary | import("../../types.js").GitBlob | import("../../types.js").GitBranchSummary[] | import("../../types.js").GitRepositorySummary | import("../../types.js").GitTreeEntry[]>;
+export { runGitApiAction };
+//# sourceMappingURL=action.d.ts.map

package/dist/api/handler/action.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../../src/api/handler/action.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,gBAAgB,CAAC;AAGjE,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAE9C,iBAAe,eAAe,CAC5B,OAAO,EAAE,0BAA0B,EACnC,KAAK,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,EAC1C,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,eAAe,2TAwC9B;AAED,OAAO,EAAE,eAAe,EAAE,CAAC"}

package/dist/api/handler/action.js

@@ -0,0 +1,47 @@
+import { GitHostError } from "../../errors.js";
+import { isTruthy, text } from "../../utils/text.js";
+import { parsePositiveInt } from "./response.js";
+async function runGitApiAction(options, route, repositoryId, searchParams) {
+    if (!route)
+        throw new GitHostError("git_command_failed", "API route is required.");
+    switch (route.action) {
+        case "summary":
+            return await options.gitHost.readSummary(repositoryId, {
+                commitLimit: parsePositiveInt(searchParams.get("commitLimit"), "commitLimit"),
+            });
+        case "branches":
+            return await options.gitHost.listBranches(repositoryId);
+        case "commits":
+            return await options.gitHost.listCommits(repositoryId, {
+                limit: parsePositiveInt(searchParams.get("limit"), "limit"),
+            });
+        case "commit":
+            return await options.gitHost.readCommit(repositoryId, route.commitRef);
+        case "tree":
+            return await options.gitHost.listTree(repositoryId, {
+                path: text(searchParams.get("path")),
+                recursive: isTruthy(searchParams.get("recursive")),
+                ref: text(searchParams.get("ref")),
+            });
+        case "blob": {
+            const blobPath = text(searchParams.get("path"));
+            if (!blobPath)
+                throw new GitHostError("invalid_repository_path", "blob path is required.");
+            return await options.gitHost.readBlob(repositoryId, {
+                path: blobPath,
+                ref: text(searchParams.get("ref")),
+            });
+        }
+        case "diff": {
+            const baseRef = text(searchParams.get("baseRef"));
+            const headRef = text(searchParams.get("headRef"));
+            if (!baseRef || !headRef)
+                throw new GitHostError("git_command_failed", "baseRef and headRef are required.");
+            return await options.gitHost.diff(repositoryId, { baseRef, headRef });
+        }
+        default:
+            throw new GitHostError("git_command_failed", "Unsupported Git API action.");
+    }
+}
+export { runGitApiAction };
+//# sourceMappingURL=action.js.map

package/dist/api/handler/action.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"action.js","sourceRoot":"","sources":["../../../src/api/handler/action.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAE/C,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAGjD,KAAK,UAAU,eAAe,CAC5B,OAAmC,EACnC,KAA0C,EAC1C,YAAoB,EACpB,YAA6B;IAE7B,IAAI,CAAC,KAAK;QAAE,MAAM,IAAI,YAAY,CAAC,oBAAoB,EAAE,wBAAwB,CAAC,CAAC;IAEnF,QAAQ,KAAK,CAAC,MAAM,EAAE,CAAC;QACrB,KAAK,SAAS;YACZ,OAAO,MAAM,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,YAAY,EAAE;gBACrD,WAAW,EAAE,gBAAgB,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,aAAa,CAAC;aAC9E,CAAC,CAAC;QACL,KAAK,UAAU;YACb,OAAO,MAAM,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;QAC1D,KAAK,SAAS;YACZ,OAAO,MAAM,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,YAAY,EAAE;gBACrD,KAAK,EAAE,gBAAgB,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;aAC5D,CAAC,CAAC;QACL,KAAK,QAAQ;YACX,OAAO,MAAM,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;QACzE,KAAK,MAAM;YACT,OAAO,MAAM,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,EAAE;gBAClD,IAAI,EAAE,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gBACpC,SAAS,EAAE,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;gBAClD,GAAG,EAAE,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;aACnC,CAAC,CAAC;QACL,KAAK,MAAM,CAAC,CAAC,CAAC;YACZ,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,QAAQ;gBAAE,MAAM,IAAI,YAAY,CAAC,yBAAyB,EAAE,wBAAwB,CAAC,CAAC;YAC3F,OAAO,MAAM,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,EAAE;gBAClD,IAAI,EAAE,QAAQ;gBACd,GAAG,EAAE,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;aACnC,CAAC,CAAC;QACL,CAAC;QACD,KAAK,MAAM,CAAC,CAAC,CAAC;YACZ,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC;YAClD,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC;YAClD,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO;gBAAE,MAAM,IAAI,YAAY,CAAC,oBAAoB,EAAE,mCAAmC,CAAC,CAAC;YAC5G,OAAO,MAAM,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;QACxE,CAAC;QACD;YACE,MAAM,IAAI,YAAY,CAAC,oBAAoB,EAAE,6BAA6B,CAAC,CAAC;IAChF,CAAC;AACH,CAAC;AAED,OAAO,EAAE,eAAe,EAAE,CAAC"}

package/dist/api/handler/response.d.ts

@@ -0,0 +1,34 @@
+import type { IncomingMessage, ServerResponse } from "node:http";
+import type { GitApiAuthorizationResult } from "../../types.js";
+declare function applyAuthorizationHeaders(res: ServerResponse, headers: Record<string, string> | undefined): void;
+declare function authorizationAllowed(value: GitApiAuthorizationResult | undefined): {
+    allowed: boolean;
+    status: number;
+    message: string;
+    headers?: undefined;
+} | {
+    allowed: boolean;
+    headers: Record<string, string>;
+    message: string;
+    status: number;
+};
+declare function parsePositiveInt(value: string | null, name: string): number | undefined;
+declare function statusForError(error: unknown): number;
+declare function serializeError(error: unknown): {
+    ok: boolean;
+    error: {
+        code: string;
+        details: Record<string, unknown>;
+        message: string;
+    };
+} | {
+    ok: boolean;
+    error: {
+        code: string;
+        message: string;
+        details?: undefined;
+    };
+};
+declare function writeJson(req: IncomingMessage, res: ServerResponse, status: number, payload: unknown): void;
+export { applyAuthorizationHeaders, authorizationAllowed, parsePositiveInt, serializeError, statusForError, writeJson };
+//# sourceMappingURL=response.d.ts.map

package/dist/api/handler/response.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"response.d.ts","sourceRoot":"","sources":["../../../src/api/handler/response.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAGjE,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,gBAAgB,CAAC;AAGhE,iBAAS,yBAAyB,CAAC,GAAG,EAAE,cAAc,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,SAAS,QAMlG;AAED,iBAAS,oBAAoB,CAAC,KAAK,EAAE,yBAAyB,GAAG,SAAS;;;;;;;;;;EAUzE;AAED,iBAAS,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAOhF;AAED,iBAAS,cAAc,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAiB9C;AAED,iBAAS,cAAc,CAAC,KAAK,EAAE,OAAO;;;;;;;;;;;;;;EA6BrC;AAED,iBAAS,SAAS,CAAC,GAAG,EAAE,eAAe,EAAE,GAAG,EAAE,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,QAQ7F;AAED,OAAO,EAAE,yBAAyB,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,cAAc,EAAE,cAAc,EAAE,SAAS,EAAE,CAAC"}

package/dist/api/handler/response.js

@@ -0,0 +1,87 @@
+import { GitHostError, isGitHostError } from "../../errors.js";
+import { text } from "../../utils/text.js";
+function applyAuthorizationHeaders(res, headers) {
+    const nextHeaders = headers && typeof headers === "object" ? headers : {};
+    for (const [name, value] of Object.entries(nextHeaders)) {
+        if (!name || typeof value !== "string")
+            continue;
+        res.setHeader(name, value);
+    }
+}
+function authorizationAllowed(value) {
+    if (value == null)
+        return { allowed: true, status: 200, message: "" };
+    if (typeof value === "boolean")
+        return { allowed: value, status: value ? 200 : 403, message: "" };
+    return {
+        allowed: value.allowed === true,
+        headers: value.headers,
+        message: text(value.message),
+        status: Number(value.status) || (value.allowed === true ? 200 : 403),
+    };
+}
+function parsePositiveInt(value, name) {
+    if (value == null || text(value) === "")
+        return undefined;
+    const next = Number(value);
+    if (!Number.isInteger(next) || next <= 0) {
+        throw new GitHostError("git_command_failed", `${name} must be a positive integer.`, { value });
+    }
+    return next;
+}
+function statusForError(error) {
+    if (isGitHostError(error)) {
+        switch (error.code) {
+            case "invalid_branch_name":
+            case "invalid_repository_path":
+                return 400;
+            case "repository_not_found":
+                return 404;
+            case "repository_not_initialized":
+            case "repository_clone_target_not_empty":
+                return 409;
+            default:
+                return 400;
+        }
+    }
+    return 500;
+}
+function serializeError(error) {
+    if (isGitHostError(error)) {
+        return {
+            ok: false,
+            error: {
+                code: error.code,
+                details: error.details,
+                message: error.message,
+            },
+        };
+    }
+    if (error instanceof Error) {
+        return {
+            ok: false,
+            error: {
+                code: "internal_error",
+                message: error.message,
+            },
+        };
+    }
+    return {
+        ok: false,
+        error: {
+            code: "internal_error",
+            message: "Git API request failed.",
+        },
+    };
+}
+function writeJson(req, res, status, payload) {
+    res.statusCode = status;
+    res.setHeader("content-type", "application/json; charset=utf-8");
+    if (text(req.method).toUpperCase() === "HEAD") {
+        res.end();
+        return;
+    }
+    res.end(JSON.stringify(payload, null, 2));
+}
+export { applyAuthorizationHeaders, authorizationAllowed, parsePositiveInt, serializeError, statusForError, writeJson };
+//# sourceMappingURL=response.js.map