@valbuild/server 0.60.18 → 0.60.19

package/dist/declarations/src/LocalValServer.d.ts

@@ -42,7 +42,11 @@ export declare class LocalValServer extends ValServer {
     private getPatchFilePath;
     private badRequest;
     protected ensureRemoteFSInitialized(): Promise<result.Result<undefined, ValServerError>>;
-    protected getModule(moduleId: ModuleId): Promise<SerializedModuleContent>;
+    protected getModule(moduleId: ModuleId, options: {
+        validate: boolean;
+        source: boolean;
+        schema: boolean;
+    }): Promise<SerializedModuleContent>;
     protected execCommit(patches: [PatchId, ModuleId, Patch][]): Promise<{
         status: 200;
         json: Record<ModuleId, {

package/dist/declarations/src/Service.d.ts

@@ -25,7 +25,11 @@ export declare class Service {
     private readonly runtime;
     readonly valConfigPath: string;
     constructor({ valConfigPath }: ServiceOptions, sourceFileHandler: ValSourceFileHandler, runtime: QuickJSRuntime);
-    get(moduleId: ModuleId, modulePath?: ModulePath): Promise<SerializedModuleContent>;
+    get(moduleId: ModuleId, modulePath: ModulePath, options?: {
+        validate: boolean;
+        source: boolean;
+        schema: boolean;
+    }): Promise<SerializedModuleContent>;
     patch(moduleId: ModuleId, patch: Patch): Promise<void>;
     dispose(): void;
 }

package/dist/declarations/src/ValServer.d.ts

@@ -32,6 +32,7 @@ export declare abstract class ValServer implements IValServer {
         patch?: string;
         schema?: string;
         source?: string;
+        validate?: string;
     }, cookies: ValCookies<VAL_SESSION_COOKIE>, requestHeaders: RequestHeaders): Promise<ValServerJsonResult<ApiTreeResponse>>;
     postValidate(rawBody: unknown, cookies: ValCookies<VAL_SESSION_COOKIE>, requestHeaders: RequestHeaders): Promise<ValServerJsonResult<ApiPostValidationResponse | ApiPostValidationErrorResponse>>;
     postCommit(rawBody: unknown, cookies: ValCookies<VAL_SESSION_COOKIE>, requestHeaders: RequestHeaders): Promise<ValServerJsonResult<ApiCommitResponse, ApiPostValidationErrorResponse>>;
@@ -58,7 +59,11 @@ export declare abstract class ValServer implements IValServer {
      * 2) The error is returned via API if the remote FS could not be initialized
      * */
     protected abstract ensureRemoteFSInitialized(errorMessageType: string, cookies: ValCookies<VAL_SESSION_COOKIE>): Promise<result.Result<undefined, ValServerError>>;
-    protected abstract getModule(moduleId: ModuleId): Promise<SerializedModuleContent>;
+    protected abstract getModule(moduleId: ModuleId, options: {
+        validate: boolean;
+        source: boolean;
+        schema: boolean;
+    }): Promise<SerializedModuleContent>;
     protected abstract execCommit(patches: [PatchId, ModuleId, Patch][], cookies: ValCookies<VAL_SESSION_COOKIE>): Promise<{
         status: 200;
         json: Record<ModuleId, {
@@ -129,6 +134,7 @@ export interface IValServer {
         patch?: string;
         schema?: string;
         source?: string;
+        validate?: string;
     }, cookies: ValCookies<VAL_SESSION_COOKIE>, requestHeaders: RequestHeaders): Promise<ValServerJsonResult<ApiTreeResponse>>;
     getPatches(query: {
         id?: string[];

package/dist/valbuild-server.cjs.dev.js

@@ -10,6 +10,7 @@ var patch = require('@valbuild/core/patch');
 var path = require('path');
 var fs = require('fs');
 var sucrase = require('sucrase');
+var ui = require('@valbuild/ui');
 var z = require('zod');
 var internal = require('@valbuild/shared/internal');
 var sizeOf = require('image-size');
@@ -692,7 +693,7 @@ const patchSourceFile = (sourceFile, patch$1) => {
   return patch.applyPatch(sourceFile, ops$1, patch$1);
 };
 
-const readValFile = async (id, valConfigPath, runtime) => {
+const readValFile = async (id, valConfigPath, runtime, options) => {
   const context = runtime.newContext();
 
   // avoid failures when console.log is called
@@ -710,8 +711,22 @@ const readValFile = async (id, valConfigPath, runtime) => {
   const processHandle = context.newObject();
   context.setProp(processHandle, "env", envHandle);
   context.setProp(context.global, "process", processHandle);
+  const optionsHandle = context.newObject();
+  if (options) {
+    if (options.validate !== undefined) {
+      context.setProp(optionsHandle, "validate", context.newNumber(+options.validate));
+    }
+    if (options.source !== undefined) {
+      context.setProp(optionsHandle, "source", context.newNumber(+options.source));
+    }
+    if (options.schema !== undefined) {
+      context.setProp(optionsHandle, "schema", context.newNumber(+options.schema));
+    }
+  }
+  context.setProp(context.global, "__VAL_OPTIONS__", optionsHandle);
   envHandle.dispose();
   processHandle.dispose();
+  optionsHandle.dispose();
   try {
     const modulePath = `.${id}.val`;
     const code = `import * as valModule from ${JSON.stringify(modulePath)};
@@ -719,12 +734,12 @@ import { Internal } from "@valbuild/core";
 
 globalThis.valModule = { 
   id: valModule?.default && Internal.getValPath(valModule?.default),
-  schema: valModule?.default && Internal.getSchema(valModule?.default)?.serialize(),
-  source: valModule?.default && Internal.getSource(valModule?.default),
-  validation: valModule?.default && Internal.getSchema(valModule?.default)?.validate(
+  schema: !!globalThis['__VAL_OPTIONS__'].schema ? valModule?.default && Internal.getSchema(valModule?.default)?.serialize() : undefined,
+  source: !!globalThis['__VAL_OPTIONS__'].source ? valModule?.default && Internal.getSource(valModule?.default) : undefined,
+  validation: !!globalThis['__VAL_OPTIONS__'].validate ? valModule?.default && Internal.getSchema(valModule?.default)?.validate(
     valModule?.default && Internal.getValPath(valModule?.default) || "/",
     valModule?.default && Internal.getSource(valModule?.default)
-  ),
+  ) : undefined,
   defaultExport: !!valModule?.default,
 };
 `;
@@ -755,9 +770,9 @@ globalThis.valModule = {
           fatalErrors.push(`Wrong c.define id! Expected: '${id}', found: '${valModule.id}'`);
         } else if (encodeURIComponent(valModule.id).replace(/%2F/g, "/") !== valModule.id) {
           fatalErrors.push(`Invalid c.define id! Must be a web-safe path without escape characters, found: '${valModule.id}', which was encoded as: '${encodeURIComponent(valModule.id).replace("%2F", "/")}'`);
-        } else if ((valModule === null || valModule === void 0 ? void 0 : valModule.schema) === undefined) {
+        } else if ((valModule === null || valModule === void 0 ? void 0 : valModule.schema) === undefined && options.schema) {
           fatalErrors.push(`Expected val id: '${id}' to have a schema`);
-        } else if ((valModule === null || valModule === void 0 ? void 0 : valModule.source) === undefined) {
+        } else if ((valModule === null || valModule === void 0 ? void 0 : valModule.source) === undefined && options.source) {
           fatalErrors.push(`Expected val id: '${id}' to have a source`);
         }
       }
@@ -998,7 +1013,10 @@ async function newValQuickJSRuntime(quickJSModule, moduleLoader, {
       }
       if (modulePath === "@valbuild/react/internal") {
         return {
-          value: "export const useVal = () => { throw Error(`Cannot use 'useVal' in this type of file`) }; export function ValProvider() { throw Error(`Cannot use 'ValProvider' in this type of file`) }; export function ValRichText() { throw Error(`Cannot use 'ValRichText' in this type of file`)};"
+          value: `
+const useVal = () => { throw Error('Cannot use \\'useVal\\' in this type of file') };
+export function ValProvider() { throw Error('Cannot use \\'ValProvider\\' in this type of file') }; 
+export function ValRichText() { throw Error('Cannot use \\'ValRichText\\' in this type of file')};`
         };
       }
       if (modulePath === "@valbuild/ui") {
@@ -1007,10 +1025,10 @@ async function newValQuickJSRuntime(quickJSModule, moduleLoader, {
 export const ValOverlay = () => {
   throw Error("Cannot use 'ValOverlay' in this type of file")
 };
-export const VAL_CSS_PATH = "/spa/index.css";
-export const VAL_APP_PATH = "/app";
-export const VAL_APP_ID = "val-app";
-export const VAL_OVERLAY_ID = "val-overlay";
+export const VAL_CSS_PATH = "${ui.VAL_CSS_PATH}";
+export const VAL_APP_PATH = "${ui.VAL_CSS_PATH}";
+export const VAL_APP_ID = "${ui.VAL_APP_ID}";
+export const VAL_OVERLAY_ID = "${ui.VAL_OVERLAY_ID}";
 export const IS_DEV = false;
 `
         };
@@ -1037,7 +1055,21 @@ export const IS_DEV = false;
       }
       if (modulePath.startsWith("react")) {
         return {
-          value: "export const createContext = () => new Proxy({}, { get() { return () => { throw new Error(`Cannot use 'createContext' in this file`) } } } ); export const useTransition = () => { throw Error(`Cannot use 'useTransition' in this type of file`) }; export default new Proxy({}, { get() { return () => { throw new Error(`Cannot import 'react' in this file`) } } } )"
+          value: `
+export const createContext = () => new Proxy({}, { get() { return () => { throw new Error('Cannot use \\'createContext\\' in this file') } } } );
+export const useTransition = () => { throw Error('Cannot use \\'useTransition\\' in this type of file') }; 
+
+export default new Proxy({}, { 
+  get(target, props) { 
+    // React.createContext might be called on top-level
+    if (props === 'createContext') {
+      return createContext;
+    }
+    return () => {
+      throw new Error('Cannot import \\'react\\' in this file');
+    }
+  }
+})`
         };
       }
       if (modulePath.includes("/ValNextProvider")) {
@@ -1168,8 +1200,12 @@ class Service {
     this.runtime = runtime;
     this.valConfigPath = valConfigPath || "./val.config";
   }
-  async get(moduleId, modulePath = "") {
-    const valModule = await readValFile(moduleId, this.valConfigPath, this.runtime);
+  async get(moduleId, modulePath, options) {
+    const valModule = await readValFile(moduleId, this.valConfigPath, this.runtime, options ?? {
+      validate: true,
+      source: true,
+      schema: true
+    });
     if (valModule.source && valModule.schema) {
       const resolved = core.Internal.resolvePath(modulePath, valModule.source, valModule.schema);
       const sourcePath = resolved.path ? [moduleId, resolved.path].join(".") : moduleId;
@@ -1434,8 +1470,11 @@ class ValServer {
     if (fp.result.isErr(ensureRes)) {
       return ensureRes.error;
     }
-    const moduleIds = this.getAllModules(treePath);
     const applyPatches = query.patch === "true";
+    const execValidations = query.validate === "true";
+    const includeSource = query.source === "true";
+    const includeSchema = query.schema === "true";
+    const moduleIds = this.getAllModules(treePath);
     let {
       patchIdsByModuleId,
       patchesById,
@@ -1455,7 +1494,7 @@ class ValServer {
       fileUpdates = res.value.fileUpdates;
     }
     const possiblyPatchedContent = await Promise.all(moduleIds.map(async moduleId => {
-      return this.applyAllPatchesThenValidate(moduleId, patchIdsByModuleId, patchesById, fileUpdates, applyPatches, cookies, requestHeaders);
+      return this.applyAllPatchesThenValidate(moduleId, patchIdsByModuleId, patchesById, fileUpdates, cookies, requestHeaders, applyPatches, execValidations, includeSource, includeSchema);
     }));
     const modules = Object.fromEntries(possiblyPatchedContent.map(serializedModuleContent => {
       const module = {
@@ -1509,13 +1548,17 @@ class ValServer {
 
   /* */
 
-  async applyAllPatchesThenValidate(moduleId, patchIdsByModuleId, patchesById, fileUpdates, applyPatches, cookies, requestHeaders) {
-    const serializedModuleContent = await this.getModule(moduleId);
-    const schema = serializedModuleContent.schema;
-    const maybeSource = serializedModuleContent.source;
+  async applyAllPatchesThenValidate(moduleId, patchIdsByModuleId, patchesById, fileUpdates, cookies, requestHeaders, applyPatches, validate, includeSource, includeSchema) {
+    const serializedModuleContent = await this.getModule(moduleId, {
+      validate: validate,
+      source: includeSource,
+      schema: includeSchema
+    });
     if (!applyPatches) {
       return serializedModuleContent;
     }
+    const schema = serializedModuleContent.schema;
+    const maybeSource = serializedModuleContent.source;
     if (serializedModuleContent.errors && (serializedModuleContent.errors.fatal || serializedModuleContent.errors.invalidModuleId)) {
       return serializedModuleContent;
     }
@@ -1551,17 +1594,19 @@ class ValServer {
         };
       }
     }
-    const validationErrors = core.deserializeSchema(schema).validate(moduleId, source);
-    if (validationErrors) {
-      const revalidated = await this.revalidateImageAndFileValidation(validationErrors, fileUpdates, cookies, requestHeaders);
-      return {
-        path: moduleId,
-        schema,
-        source,
-        errors: revalidated && {
-          validation: revalidated
-        }
-      };
+    if (validate) {
+      const validationErrors = core.deserializeSchema(schema).validate(moduleId, source);
+      if (validationErrors) {
+        const revalidated = await this.revalidateImageAndFileValidation(validationErrors, fileUpdates, cookies, requestHeaders);
+        return {
+          path: moduleId,
+          schema,
+          source,
+          errors: revalidated && {
+            validation: revalidated
+          }
+        };
+      }
     }
     return {
       path: moduleId,
@@ -1576,7 +1621,7 @@ class ValServer {
   // The reason is that validate will be called inside QuickJS (in the future, hopefully),
   // which does not have access to the filesystem, at least not at the time of writing this comment.
   // If you are reading this, and we still are not using QuickJS to validate, this assumption might be wrong.
-  async revalidateImageAndFileValidation(validationErrors, fileUpdates, cookies, requestHeaders) {
+  async revalidateImageAndFileValidation(validationErrors, fileUpdates, cookies, reqHeaders) {
     const revalidatedValidationErrors = {};
     for (const pathStr in validationErrors) {
       const errorSourcePath = pathStr;
@@ -1598,7 +1643,7 @@ class ValServer {
               if (updatedFileMetadata) {
                 const fileRes = await this.getFiles(fileRef, {
                   sha256: updatedFileMetadata.sha256
-                }, cookies, requestHeaders);
+                }, cookies, reqHeaders);
                 if (fileRes.status === 200 && fileRes.body) {
                   const res = new Response(fileRes.body);
                   fileBuffer = Buffer.from(await res.arrayBuffer());
@@ -1608,14 +1653,23 @@ class ValServer {
                   });
                 }
               }
-              if (!fileBuffer) {
-                try {
-                  fileBuffer = await this.readStaticBinaryFile(filePath);
-                } catch (err) {
-                  console.error("Val: unexpected error while reading image / file:", filePath, {
-                    error: err
+              // try fetch file directly via http
+              if (fileRef.startsWith("/public")) {
+                const host = `${reqHeaders["x-forwarded-proto"]}://${reqHeaders["host"]}`;
+                const fileUrl = fileRef.slice("/public".length);
+                const fetchRes = await fetch(new URL(fileUrl, host));
+                if (fetchRes.status === 200) {
+                  fileBuffer = Buffer.from(await fetchRes.arrayBuffer());
+                } else {
+                  console.error("Val: unexpected error while fetching image / file:", fileRef, {
+                    error: {
+                      status: fetchRes.status,
+                      url: fetchRes.url
+                    }
                   });
                 }
+              } else {
+                console.error("Val: unexpected while getting public image / file (file reference did not start with /public)", fileRef);
               }
               if (!fileBuffer) {
                 revalidatedValidationErrors[errorSourcePath].push({
@@ -1762,7 +1816,7 @@ class ValServer {
       const moduleId = moduleIdStr;
       const serializedModuleContent = await this.applyAllPatchesThenValidate(moduleId, filterPatchesByModuleIdRes.data.patches ||
       // TODO: refine to ModuleId and PatchId when parsing
-      patchIdsByModuleId, patchesById, fileUpdates, true, cookies, requestHeaders);
+      patchIdsByModuleId, patchesById, fileUpdates, cookies, requestHeaders, true, true, true, true);
       if (serializedModuleContent.errors) {
         validationErrorsByModuleId[moduleId] = serializedModuleContent;
       }
@@ -2266,8 +2320,8 @@ class LocalValServer extends ValServer {
     // No RemoteFS so nothing to ensure
     return fp.result.ok(undefined);
   }
-  getModule(moduleId) {
-    return this.options.service.get(moduleId);
+  getModule(moduleId, options) {
+    return this.options.service.get(moduleId, "", options);
   }
   async execCommit(patches) {
     for (const [patchId, moduleId, patch] of patches) {
@@ -2555,11 +2609,11 @@ class ProxyValServer extends ValServer {
 
   /** Remote FS dependent methods: */
 
-  async getModule(moduleId) {
+  async getModule(moduleId, options) {
     if (!this.lazyService) {
       this.lazyService = await createService(this.cwd, this.apiOptions, this.remoteFS);
     }
-    return this.lazyService.get(moduleId);
+    return this.lazyService.get(moduleId, "", options);
   }
   execCommit(patches, cookies) {
     return withAuth(this.options.valSecret, cookies, "execCommit", async ({
@@ -3421,7 +3475,8 @@ function createValApiRouter(route, valServerPromise, convert) {
       return withTreePath(path, TREE_PATH_PREFIX)(async treePath => convert(await valServer.getTree(treePath, {
         patch: url.searchParams.get("patch") || undefined,
         schema: url.searchParams.get("schema") || undefined,
-        source: url.searchParams.get("source") || undefined
+        source: url.searchParams.get("source") || undefined,
+        validate: url.searchParams.get("validate") || undefined
       }, getCookies(req, [VAL_SESSION_COOKIE]), requestHeaders)));
     } else if (method === "GET" && path.startsWith(PATCHES_PATH_PREFIX)) {
       return withTreePath(path, PATCHES_PATH_PREFIX)(async () => convert(await valServer.getPatches({

package/dist/valbuild-server.cjs.prod.js

@@ -10,6 +10,7 @@ var patch = require('@valbuild/core/patch');
 var path = require('path');
 var fs = require('fs');
 var sucrase = require('sucrase');
+var ui = require('@valbuild/ui');
 var z = require('zod');
 var internal = require('@valbuild/shared/internal');
 var sizeOf = require('image-size');
@@ -692,7 +693,7 @@ const patchSourceFile = (sourceFile, patch$1) => {
   return patch.applyPatch(sourceFile, ops$1, patch$1);
 };
 
-const readValFile = async (id, valConfigPath, runtime) => {
+const readValFile = async (id, valConfigPath, runtime, options) => {
   const context = runtime.newContext();
 
   // avoid failures when console.log is called
@@ -710,8 +711,22 @@ const readValFile = async (id, valConfigPath, runtime) => {
   const processHandle = context.newObject();
   context.setProp(processHandle, "env", envHandle);
   context.setProp(context.global, "process", processHandle);
+  const optionsHandle = context.newObject();
+  if (options) {
+    if (options.validate !== undefined) {
+      context.setProp(optionsHandle, "validate", context.newNumber(+options.validate));
+    }
+    if (options.source !== undefined) {
+      context.setProp(optionsHandle, "source", context.newNumber(+options.source));
+    }
+    if (options.schema !== undefined) {
+      context.setProp(optionsHandle, "schema", context.newNumber(+options.schema));
+    }
+  }
+  context.setProp(context.global, "__VAL_OPTIONS__", optionsHandle);
   envHandle.dispose();
   processHandle.dispose();
+  optionsHandle.dispose();
   try {
     const modulePath = `.${id}.val`;
     const code = `import * as valModule from ${JSON.stringify(modulePath)};
@@ -719,12 +734,12 @@ import { Internal } from "@valbuild/core";
 
 globalThis.valModule = { 
   id: valModule?.default && Internal.getValPath(valModule?.default),
-  schema: valModule?.default && Internal.getSchema(valModule?.default)?.serialize(),
-  source: valModule?.default && Internal.getSource(valModule?.default),
-  validation: valModule?.default && Internal.getSchema(valModule?.default)?.validate(
+  schema: !!globalThis['__VAL_OPTIONS__'].schema ? valModule?.default && Internal.getSchema(valModule?.default)?.serialize() : undefined,
+  source: !!globalThis['__VAL_OPTIONS__'].source ? valModule?.default && Internal.getSource(valModule?.default) : undefined,
+  validation: !!globalThis['__VAL_OPTIONS__'].validate ? valModule?.default && Internal.getSchema(valModule?.default)?.validate(
     valModule?.default && Internal.getValPath(valModule?.default) || "/",
     valModule?.default && Internal.getSource(valModule?.default)
-  ),
+  ) : undefined,
   defaultExport: !!valModule?.default,
 };
 `;
@@ -755,9 +770,9 @@ globalThis.valModule = {
           fatalErrors.push(`Wrong c.define id! Expected: '${id}', found: '${valModule.id}'`);
         } else if (encodeURIComponent(valModule.id).replace(/%2F/g, "/") !== valModule.id) {
           fatalErrors.push(`Invalid c.define id! Must be a web-safe path without escape characters, found: '${valModule.id}', which was encoded as: '${encodeURIComponent(valModule.id).replace("%2F", "/")}'`);
-        } else if ((valModule === null || valModule === void 0 ? void 0 : valModule.schema) === undefined) {
+        } else if ((valModule === null || valModule === void 0 ? void 0 : valModule.schema) === undefined && options.schema) {
           fatalErrors.push(`Expected val id: '${id}' to have a schema`);
-        } else if ((valModule === null || valModule === void 0 ? void 0 : valModule.source) === undefined) {
+        } else if ((valModule === null || valModule === void 0 ? void 0 : valModule.source) === undefined && options.source) {
           fatalErrors.push(`Expected val id: '${id}' to have a source`);
         }
       }
@@ -998,7 +1013,10 @@ async function newValQuickJSRuntime(quickJSModule, moduleLoader, {
       }
       if (modulePath === "@valbuild/react/internal") {
         return {
-          value: "export const useVal = () => { throw Error(`Cannot use 'useVal' in this type of file`) }; export function ValProvider() { throw Error(`Cannot use 'ValProvider' in this type of file`) }; export function ValRichText() { throw Error(`Cannot use 'ValRichText' in this type of file`)};"
+          value: `
+const useVal = () => { throw Error('Cannot use \\'useVal\\' in this type of file') };
+export function ValProvider() { throw Error('Cannot use \\'ValProvider\\' in this type of file') }; 
+export function ValRichText() { throw Error('Cannot use \\'ValRichText\\' in this type of file')};`
         };
       }
       if (modulePath === "@valbuild/ui") {
@@ -1007,10 +1025,10 @@ async function newValQuickJSRuntime(quickJSModule, moduleLoader, {
 export const ValOverlay = () => {
   throw Error("Cannot use 'ValOverlay' in this type of file")
 };
-export const VAL_CSS_PATH = "/spa/index.css";
-export const VAL_APP_PATH = "/app";
-export const VAL_APP_ID = "val-app";
-export const VAL_OVERLAY_ID = "val-overlay";
+export const VAL_CSS_PATH = "${ui.VAL_CSS_PATH}";
+export const VAL_APP_PATH = "${ui.VAL_CSS_PATH}";
+export const VAL_APP_ID = "${ui.VAL_APP_ID}";
+export const VAL_OVERLAY_ID = "${ui.VAL_OVERLAY_ID}";
 export const IS_DEV = false;
 `
         };
@@ -1037,7 +1055,21 @@ export const IS_DEV = false;
       }
       if (modulePath.startsWith("react")) {
         return {
-          value: "export const createContext = () => new Proxy({}, { get() { return () => { throw new Error(`Cannot use 'createContext' in this file`) } } } ); export const useTransition = () => { throw Error(`Cannot use 'useTransition' in this type of file`) }; export default new Proxy({}, { get() { return () => { throw new Error(`Cannot import 'react' in this file`) } } } )"
+          value: `
+export const createContext = () => new Proxy({}, { get() { return () => { throw new Error('Cannot use \\'createContext\\' in this file') } } } );
+export const useTransition = () => { throw Error('Cannot use \\'useTransition\\' in this type of file') }; 
+
+export default new Proxy({}, { 
+  get(target, props) { 
+    // React.createContext might be called on top-level
+    if (props === 'createContext') {
+      return createContext;
+    }
+    return () => {
+      throw new Error('Cannot import \\'react\\' in this file');
+    }
+  }
+})`
         };
       }
       if (modulePath.includes("/ValNextProvider")) {
@@ -1168,8 +1200,12 @@ class Service {
     this.runtime = runtime;
     this.valConfigPath = valConfigPath || "./val.config";
   }
-  async get(moduleId, modulePath = "") {
-    const valModule = await readValFile(moduleId, this.valConfigPath, this.runtime);
+  async get(moduleId, modulePath, options) {
+    const valModule = await readValFile(moduleId, this.valConfigPath, this.runtime, options ?? {
+      validate: true,
+      source: true,
+      schema: true
+    });
     if (valModule.source && valModule.schema) {
       const resolved = core.Internal.resolvePath(modulePath, valModule.source, valModule.schema);
       const sourcePath = resolved.path ? [moduleId, resolved.path].join(".") : moduleId;
@@ -1434,8 +1470,11 @@ class ValServer {
     if (fp.result.isErr(ensureRes)) {
       return ensureRes.error;
     }
-    const moduleIds = this.getAllModules(treePath);
     const applyPatches = query.patch === "true";
+    const execValidations = query.validate === "true";
+    const includeSource = query.source === "true";
+    const includeSchema = query.schema === "true";
+    const moduleIds = this.getAllModules(treePath);
     let {
       patchIdsByModuleId,
       patchesById,
@@ -1455,7 +1494,7 @@ class ValServer {
       fileUpdates = res.value.fileUpdates;
     }
     const possiblyPatchedContent = await Promise.all(moduleIds.map(async moduleId => {
-      return this.applyAllPatchesThenValidate(moduleId, patchIdsByModuleId, patchesById, fileUpdates, applyPatches, cookies, requestHeaders);
+      return this.applyAllPatchesThenValidate(moduleId, patchIdsByModuleId, patchesById, fileUpdates, cookies, requestHeaders, applyPatches, execValidations, includeSource, includeSchema);
     }));
     const modules = Object.fromEntries(possiblyPatchedContent.map(serializedModuleContent => {
       const module = {
@@ -1509,13 +1548,17 @@ class ValServer {
 
   /* */
 
-  async applyAllPatchesThenValidate(moduleId, patchIdsByModuleId, patchesById, fileUpdates, applyPatches, cookies, requestHeaders) {
-    const serializedModuleContent = await this.getModule(moduleId);
-    const schema = serializedModuleContent.schema;
-    const maybeSource = serializedModuleContent.source;
+  async applyAllPatchesThenValidate(moduleId, patchIdsByModuleId, patchesById, fileUpdates, cookies, requestHeaders, applyPatches, validate, includeSource, includeSchema) {
+    const serializedModuleContent = await this.getModule(moduleId, {
+      validate: validate,
+      source: includeSource,
+      schema: includeSchema
+    });
     if (!applyPatches) {
       return serializedModuleContent;
     }
+    const schema = serializedModuleContent.schema;
+    const maybeSource = serializedModuleContent.source;
     if (serializedModuleContent.errors && (serializedModuleContent.errors.fatal || serializedModuleContent.errors.invalidModuleId)) {
       return serializedModuleContent;
     }
@@ -1551,17 +1594,19 @@ class ValServer {
         };
       }
     }
-    const validationErrors = core.deserializeSchema(schema).validate(moduleId, source);
-    if (validationErrors) {
-      const revalidated = await this.revalidateImageAndFileValidation(validationErrors, fileUpdates, cookies, requestHeaders);
-      return {
-        path: moduleId,
-        schema,
-        source,
-        errors: revalidated && {
-          validation: revalidated
-        }
-      };
+    if (validate) {
+      const validationErrors = core.deserializeSchema(schema).validate(moduleId, source);
+      if (validationErrors) {
+        const revalidated = await this.revalidateImageAndFileValidation(validationErrors, fileUpdates, cookies, requestHeaders);
+        return {
+          path: moduleId,
+          schema,
+          source,
+          errors: revalidated && {
+            validation: revalidated
+          }
+        };
+      }
     }
     return {
       path: moduleId,
@@ -1576,7 +1621,7 @@ class ValServer {
   // The reason is that validate will be called inside QuickJS (in the future, hopefully),
   // which does not have access to the filesystem, at least not at the time of writing this comment.
   // If you are reading this, and we still are not using QuickJS to validate, this assumption might be wrong.
-  async revalidateImageAndFileValidation(validationErrors, fileUpdates, cookies, requestHeaders) {
+  async revalidateImageAndFileValidation(validationErrors, fileUpdates, cookies, reqHeaders) {
     const revalidatedValidationErrors = {};
     for (const pathStr in validationErrors) {
       const errorSourcePath = pathStr;
@@ -1598,7 +1643,7 @@ class ValServer {
               if (updatedFileMetadata) {
                 const fileRes = await this.getFiles(fileRef, {
                   sha256: updatedFileMetadata.sha256
-                }, cookies, requestHeaders);
+                }, cookies, reqHeaders);
                 if (fileRes.status === 200 && fileRes.body) {
                   const res = new Response(fileRes.body);
                   fileBuffer = Buffer.from(await res.arrayBuffer());
@@ -1608,14 +1653,23 @@ class ValServer {
                   });
                 }
               }
-              if (!fileBuffer) {
-                try {
-                  fileBuffer = await this.readStaticBinaryFile(filePath);
-                } catch (err) {
-                  console.error("Val: unexpected error while reading image / file:", filePath, {
-                    error: err
+              // try fetch file directly via http
+              if (fileRef.startsWith("/public")) {
+                const host = `${reqHeaders["x-forwarded-proto"]}://${reqHeaders["host"]}`;
+                const fileUrl = fileRef.slice("/public".length);
+                const fetchRes = await fetch(new URL(fileUrl, host));
+                if (fetchRes.status === 200) {
+                  fileBuffer = Buffer.from(await fetchRes.arrayBuffer());
+                } else {
+                  console.error("Val: unexpected error while fetching image / file:", fileRef, {
+                    error: {
+                      status: fetchRes.status,
+                      url: fetchRes.url
+                    }
                   });
                 }
+              } else {
+                console.error("Val: unexpected while getting public image / file (file reference did not start with /public)", fileRef);
               }
               if (!fileBuffer) {
                 revalidatedValidationErrors[errorSourcePath].push({
@@ -1762,7 +1816,7 @@ class ValServer {
       const moduleId = moduleIdStr;
       const serializedModuleContent = await this.applyAllPatchesThenValidate(moduleId, filterPatchesByModuleIdRes.data.patches ||
       // TODO: refine to ModuleId and PatchId when parsing
-      patchIdsByModuleId, patchesById, fileUpdates, true, cookies, requestHeaders);
+      patchIdsByModuleId, patchesById, fileUpdates, cookies, requestHeaders, true, true, true, true);
       if (serializedModuleContent.errors) {
         validationErrorsByModuleId[moduleId] = serializedModuleContent;
       }
@@ -2266,8 +2320,8 @@ class LocalValServer extends ValServer {
     // No RemoteFS so nothing to ensure
     return fp.result.ok(undefined);
   }
-  getModule(moduleId) {
-    return this.options.service.get(moduleId);
+  getModule(moduleId, options) {
+    return this.options.service.get(moduleId, "", options);
   }
   async execCommit(patches) {
     for (const [patchId, moduleId, patch] of patches) {
@@ -2555,11 +2609,11 @@ class ProxyValServer extends ValServer {
 
   /** Remote FS dependent methods: */
 
-  async getModule(moduleId) {
+  async getModule(moduleId, options) {
     if (!this.lazyService) {
       this.lazyService = await createService(this.cwd, this.apiOptions, this.remoteFS);
     }
-    return this.lazyService.get(moduleId);
+    return this.lazyService.get(moduleId, "", options);
   }
   execCommit(patches, cookies) {
     return withAuth(this.options.valSecret, cookies, "execCommit", async ({
@@ -3421,7 +3475,8 @@ function createValApiRouter(route, valServerPromise, convert) {
       return withTreePath(path, TREE_PATH_PREFIX)(async treePath => convert(await valServer.getTree(treePath, {
         patch: url.searchParams.get("patch") || undefined,
         schema: url.searchParams.get("schema") || undefined,
-        source: url.searchParams.get("source") || undefined
+        source: url.searchParams.get("source") || undefined,
+        validate: url.searchParams.get("validate") || undefined
       }, getCookies(req, [VAL_SESSION_COOKIE]), requestHeaders)));
     } else if (method === "GET" && path.startsWith(PATCHES_PATH_PREFIX)) {
       return withTreePath(path, PATCHES_PATH_PREFIX)(async () => convert(await valServer.getPatches({

package/dist/valbuild-server.esm.js

@@ -7,6 +7,7 @@ import * as path from 'path';
 import path__default from 'path';
 import fs, { promises } from 'fs';
 import { transform } from 'sucrase';
+import { VAL_CSS_PATH, VAL_APP_ID, VAL_OVERLAY_ID } from '@valbuild/ui';
 import z, { z as z$1 } from 'zod';
 import { MIME_TYPES_TO_EXT, filenameToMimeType, VAL_ENABLE_COOKIE_NAME, VAL_STATE_COOKIE as VAL_STATE_COOKIE$1, VAL_SESSION_COOKIE as VAL_SESSION_COOKIE$1 } from '@valbuild/shared/internal';
 import sizeOf from 'image-size';
@@ -661,7 +662,7 @@ const patchSourceFile = (sourceFile, patch) => {
   return applyPatch(sourceFile, ops$1, patch);
 };
 
-const readValFile = async (id, valConfigPath, runtime) => {
+const readValFile = async (id, valConfigPath, runtime, options) => {
   const context = runtime.newContext();
 
   // avoid failures when console.log is called
@@ -679,8 +680,22 @@ const readValFile = async (id, valConfigPath, runtime) => {
   const processHandle = context.newObject();
   context.setProp(processHandle, "env", envHandle);
   context.setProp(context.global, "process", processHandle);
+  const optionsHandle = context.newObject();
+  if (options) {
+    if (options.validate !== undefined) {
+      context.setProp(optionsHandle, "validate", context.newNumber(+options.validate));
+    }
+    if (options.source !== undefined) {
+      context.setProp(optionsHandle, "source", context.newNumber(+options.source));
+    }
+    if (options.schema !== undefined) {
+      context.setProp(optionsHandle, "schema", context.newNumber(+options.schema));
+    }
+  }
+  context.setProp(context.global, "__VAL_OPTIONS__", optionsHandle);
   envHandle.dispose();
   processHandle.dispose();
+  optionsHandle.dispose();
   try {
     const modulePath = `.${id}.val`;
     const code = `import * as valModule from ${JSON.stringify(modulePath)};
@@ -688,12 +703,12 @@ import { Internal } from "@valbuild/core";
 
 globalThis.valModule = { 
   id: valModule?.default && Internal.getValPath(valModule?.default),
-  schema: valModule?.default && Internal.getSchema(valModule?.default)?.serialize(),
-  source: valModule?.default && Internal.getSource(valModule?.default),
-  validation: valModule?.default && Internal.getSchema(valModule?.default)?.validate(
+  schema: !!globalThis['__VAL_OPTIONS__'].schema ? valModule?.default && Internal.getSchema(valModule?.default)?.serialize() : undefined,
+  source: !!globalThis['__VAL_OPTIONS__'].source ? valModule?.default && Internal.getSource(valModule?.default) : undefined,
+  validation: !!globalThis['__VAL_OPTIONS__'].validate ? valModule?.default && Internal.getSchema(valModule?.default)?.validate(
     valModule?.default && Internal.getValPath(valModule?.default) || "/",
     valModule?.default && Internal.getSource(valModule?.default)
-  ),
+  ) : undefined,
   defaultExport: !!valModule?.default,
 };
 `;
@@ -724,9 +739,9 @@ globalThis.valModule = {
           fatalErrors.push(`Wrong c.define id! Expected: '${id}', found: '${valModule.id}'`);
         } else if (encodeURIComponent(valModule.id).replace(/%2F/g, "/") !== valModule.id) {
           fatalErrors.push(`Invalid c.define id! Must be a web-safe path without escape characters, found: '${valModule.id}', which was encoded as: '${encodeURIComponent(valModule.id).replace("%2F", "/")}'`);
-        } else if ((valModule === null || valModule === void 0 ? void 0 : valModule.schema) === undefined) {
+        } else if ((valModule === null || valModule === void 0 ? void 0 : valModule.schema) === undefined && options.schema) {
           fatalErrors.push(`Expected val id: '${id}' to have a schema`);
-        } else if ((valModule === null || valModule === void 0 ? void 0 : valModule.source) === undefined) {
+        } else if ((valModule === null || valModule === void 0 ? void 0 : valModule.source) === undefined && options.source) {
           fatalErrors.push(`Expected val id: '${id}' to have a source`);
         }
       }
@@ -967,7 +982,10 @@ async function newValQuickJSRuntime(quickJSModule, moduleLoader, {
       }
       if (modulePath === "@valbuild/react/internal") {
         return {
-          value: "export const useVal = () => { throw Error(`Cannot use 'useVal' in this type of file`) }; export function ValProvider() { throw Error(`Cannot use 'ValProvider' in this type of file`) }; export function ValRichText() { throw Error(`Cannot use 'ValRichText' in this type of file`)};"
+          value: `
+const useVal = () => { throw Error('Cannot use \\'useVal\\' in this type of file') };
+export function ValProvider() { throw Error('Cannot use \\'ValProvider\\' in this type of file') }; 
+export function ValRichText() { throw Error('Cannot use \\'ValRichText\\' in this type of file')};`
         };
       }
       if (modulePath === "@valbuild/ui") {
@@ -976,10 +994,10 @@ async function newValQuickJSRuntime(quickJSModule, moduleLoader, {
 export const ValOverlay = () => {
   throw Error("Cannot use 'ValOverlay' in this type of file")
 };
-export const VAL_CSS_PATH = "/spa/index.css";
-export const VAL_APP_PATH = "/app";
-export const VAL_APP_ID = "val-app";
-export const VAL_OVERLAY_ID = "val-overlay";
+export const VAL_CSS_PATH = "${VAL_CSS_PATH}";
+export const VAL_APP_PATH = "${VAL_CSS_PATH}";
+export const VAL_APP_ID = "${VAL_APP_ID}";
+export const VAL_OVERLAY_ID = "${VAL_OVERLAY_ID}";
 export const IS_DEV = false;
 `
         };
@@ -1006,7 +1024,21 @@ export const IS_DEV = false;
       }
       if (modulePath.startsWith("react")) {
         return {
-          value: "export const createContext = () => new Proxy({}, { get() { return () => { throw new Error(`Cannot use 'createContext' in this file`) } } } ); export const useTransition = () => { throw Error(`Cannot use 'useTransition' in this type of file`) }; export default new Proxy({}, { get() { return () => { throw new Error(`Cannot import 'react' in this file`) } } } )"
+          value: `
+export const createContext = () => new Proxy({}, { get() { return () => { throw new Error('Cannot use \\'createContext\\' in this file') } } } );
+export const useTransition = () => { throw Error('Cannot use \\'useTransition\\' in this type of file') }; 
+
+export default new Proxy({}, { 
+  get(target, props) { 
+    // React.createContext might be called on top-level
+    if (props === 'createContext') {
+      return createContext;
+    }
+    return () => {
+      throw new Error('Cannot import \\'react\\' in this file');
+    }
+  }
+})`
         };
       }
       if (modulePath.includes("/ValNextProvider")) {
@@ -1137,8 +1169,12 @@ class Service {
     this.runtime = runtime;
     this.valConfigPath = valConfigPath || "./val.config";
   }
-  async get(moduleId, modulePath = "") {
-    const valModule = await readValFile(moduleId, this.valConfigPath, this.runtime);
+  async get(moduleId, modulePath, options) {
+    const valModule = await readValFile(moduleId, this.valConfigPath, this.runtime, options ?? {
+      validate: true,
+      source: true,
+      schema: true
+    });
     if (valModule.source && valModule.schema) {
       const resolved = Internal.resolvePath(modulePath, valModule.source, valModule.schema);
       const sourcePath = resolved.path ? [moduleId, resolved.path].join(".") : moduleId;
@@ -1403,8 +1439,11 @@ class ValServer {
     if (result.isErr(ensureRes)) {
       return ensureRes.error;
     }
-    const moduleIds = this.getAllModules(treePath);
     const applyPatches = query.patch === "true";
+    const execValidations = query.validate === "true";
+    const includeSource = query.source === "true";
+    const includeSchema = query.schema === "true";
+    const moduleIds = this.getAllModules(treePath);
     let {
       patchIdsByModuleId,
       patchesById,
@@ -1424,7 +1463,7 @@ class ValServer {
       fileUpdates = res.value.fileUpdates;
     }
     const possiblyPatchedContent = await Promise.all(moduleIds.map(async moduleId => {
-      return this.applyAllPatchesThenValidate(moduleId, patchIdsByModuleId, patchesById, fileUpdates, applyPatches, cookies, requestHeaders);
+      return this.applyAllPatchesThenValidate(moduleId, patchIdsByModuleId, patchesById, fileUpdates, cookies, requestHeaders, applyPatches, execValidations, includeSource, includeSchema);
     }));
     const modules = Object.fromEntries(possiblyPatchedContent.map(serializedModuleContent => {
       const module = {
@@ -1478,13 +1517,17 @@ class ValServer {
 
   /* */
 
-  async applyAllPatchesThenValidate(moduleId, patchIdsByModuleId, patchesById, fileUpdates, applyPatches, cookies, requestHeaders) {
-    const serializedModuleContent = await this.getModule(moduleId);
-    const schema = serializedModuleContent.schema;
-    const maybeSource = serializedModuleContent.source;
+  async applyAllPatchesThenValidate(moduleId, patchIdsByModuleId, patchesById, fileUpdates, cookies, requestHeaders, applyPatches, validate, includeSource, includeSchema) {
+    const serializedModuleContent = await this.getModule(moduleId, {
+      validate: validate,
+      source: includeSource,
+      schema: includeSchema
+    });
     if (!applyPatches) {
       return serializedModuleContent;
     }
+    const schema = serializedModuleContent.schema;
+    const maybeSource = serializedModuleContent.source;
     if (serializedModuleContent.errors && (serializedModuleContent.errors.fatal || serializedModuleContent.errors.invalidModuleId)) {
       return serializedModuleContent;
     }
@@ -1520,17 +1563,19 @@ class ValServer {
         };
       }
     }
-    const validationErrors = deserializeSchema(schema).validate(moduleId, source);
-    if (validationErrors) {
-      const revalidated = await this.revalidateImageAndFileValidation(validationErrors, fileUpdates, cookies, requestHeaders);
-      return {
-        path: moduleId,
-        schema,
-        source,
-        errors: revalidated && {
-          validation: revalidated
-        }
-      };
+    if (validate) {
+      const validationErrors = deserializeSchema(schema).validate(moduleId, source);
+      if (validationErrors) {
+        const revalidated = await this.revalidateImageAndFileValidation(validationErrors, fileUpdates, cookies, requestHeaders);
+        return {
+          path: moduleId,
+          schema,
+          source,
+          errors: revalidated && {
+            validation: revalidated
+          }
+        };
+      }
     }
     return {
       path: moduleId,
@@ -1545,7 +1590,7 @@ class ValServer {
   // The reason is that validate will be called inside QuickJS (in the future, hopefully),
   // which does not have access to the filesystem, at least not at the time of writing this comment.
   // If you are reading this, and we still are not using QuickJS to validate, this assumption might be wrong.
-  async revalidateImageAndFileValidation(validationErrors, fileUpdates, cookies, requestHeaders) {
+  async revalidateImageAndFileValidation(validationErrors, fileUpdates, cookies, reqHeaders) {
     const revalidatedValidationErrors = {};
     for (const pathStr in validationErrors) {
       const errorSourcePath = pathStr;
@@ -1567,7 +1612,7 @@ class ValServer {
               if (updatedFileMetadata) {
                 const fileRes = await this.getFiles(fileRef, {
                   sha256: updatedFileMetadata.sha256
-                }, cookies, requestHeaders);
+                }, cookies, reqHeaders);
                 if (fileRes.status === 200 && fileRes.body) {
                   const res = new Response(fileRes.body);
                   fileBuffer = Buffer.from(await res.arrayBuffer());
@@ -1577,14 +1622,23 @@ class ValServer {
                   });
                 }
               }
-              if (!fileBuffer) {
-                try {
-                  fileBuffer = await this.readStaticBinaryFile(filePath);
-                } catch (err) {
-                  console.error("Val: unexpected error while reading image / file:", filePath, {
-                    error: err
+              // try fetch file directly via http
+              if (fileRef.startsWith("/public")) {
+                const host = `${reqHeaders["x-forwarded-proto"]}://${reqHeaders["host"]}`;
+                const fileUrl = fileRef.slice("/public".length);
+                const fetchRes = await fetch(new URL(fileUrl, host));
+                if (fetchRes.status === 200) {
+                  fileBuffer = Buffer.from(await fetchRes.arrayBuffer());
+                } else {
+                  console.error("Val: unexpected error while fetching image / file:", fileRef, {
+                    error: {
+                      status: fetchRes.status,
+                      url: fetchRes.url
+                    }
                   });
                 }
+              } else {
+                console.error("Val: unexpected while getting public image / file (file reference did not start with /public)", fileRef);
               }
               if (!fileBuffer) {
                 revalidatedValidationErrors[errorSourcePath].push({
@@ -1731,7 +1785,7 @@ class ValServer {
       const moduleId = moduleIdStr;
       const serializedModuleContent = await this.applyAllPatchesThenValidate(moduleId, filterPatchesByModuleIdRes.data.patches ||
       // TODO: refine to ModuleId and PatchId when parsing
-      patchIdsByModuleId, patchesById, fileUpdates, true, cookies, requestHeaders);
+      patchIdsByModuleId, patchesById, fileUpdates, cookies, requestHeaders, true, true, true, true);
       if (serializedModuleContent.errors) {
         validationErrorsByModuleId[moduleId] = serializedModuleContent;
       }
@@ -2235,8 +2289,8 @@ class LocalValServer extends ValServer {
     // No RemoteFS so nothing to ensure
     return result.ok(undefined);
   }
-  getModule(moduleId) {
-    return this.options.service.get(moduleId);
+  getModule(moduleId, options) {
+    return this.options.service.get(moduleId, "", options);
   }
   async execCommit(patches) {
     for (const [patchId, moduleId, patch] of patches) {
@@ -2524,11 +2578,11 @@ class ProxyValServer extends ValServer {
 
   /** Remote FS dependent methods: */
 
-  async getModule(moduleId) {
+  async getModule(moduleId, options) {
     if (!this.lazyService) {
       this.lazyService = await createService(this.cwd, this.apiOptions, this.remoteFS);
     }
-    return this.lazyService.get(moduleId);
+    return this.lazyService.get(moduleId, "", options);
   }
   execCommit(patches, cookies) {
     return withAuth(this.options.valSecret, cookies, "execCommit", async ({
@@ -3390,7 +3444,8 @@ function createValApiRouter(route, valServerPromise, convert) {
       return withTreePath(path, TREE_PATH_PREFIX)(async treePath => convert(await valServer.getTree(treePath, {
         patch: url.searchParams.get("patch") || undefined,
         schema: url.searchParams.get("schema") || undefined,
-        source: url.searchParams.get("source") || undefined
+        source: url.searchParams.get("source") || undefined,
+        validate: url.searchParams.get("validate") || undefined
       }, getCookies(req, [VAL_SESSION_COOKIE]), requestHeaders)));
     } else if (method === "GET" && path.startsWith(PATCHES_PATH_PREFIX)) {
       return withTreePath(path, PATCHES_PATH_PREFIX)(async () => convert(await valServer.getPatches({

package/package.json

@@ -12,7 +12,7 @@
     "./package.json": "./package.json"
   },
   "types": "dist/valbuild-server.cjs.d.ts",
-  "version": "0.60.18",
+  "version": "0.60.19",
   "scripts": {
     "typecheck": "tsc --noEmit",
     "test": "jest",
@@ -24,9 +24,9 @@
     "concurrently": "^7.6.0"
   },
   "dependencies": {
-    "@valbuild/core": "~0.60.18",
-    "@valbuild/shared": "~0.60.18",
-    "@valbuild/ui": "~0.60.18",
+    "@valbuild/core": "~0.60.19",
+    "@valbuild/shared": "~0.60.19",
+    "@valbuild/ui": "~0.60.19",
     "express": "^4.18.2",
     "image-size": "^1.0.2",
     "minimatch": "^3.0.4",