@vltpkg/vsr 0.0.0-26 → 0.0.0-27

package/src/utils/response.ts

@@ -1,125 +0,0 @@
-import type { HonoContext, ApiError } from '../../types.ts'
-
-/**
- * JSON response handler middleware that formats JSON based on Accept headers
- * @returns {Function} Hono middleware function
- */
-export function jsonResponseHandler() {
-  return async (c: any, next: any) => {
-    // Override the json method to handle formatting
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-member-access
-    const originalJson = c.json.bind(c)
-
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
-    c.json = (data: any, status?: number) => {
-      // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-member-access
-      const acceptHeader = c.req.header('accept') || ''
-
-      // If the client accepts the npm install format, return minimal JSON
-
-      if (
-        // eslint-disable-next-line @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-member-access
-        acceptHeader.includes('application/vnd.npm.install-v1+json')
-      ) {
-        // Use original json method for minimal output
-        // eslint-disable-next-line @typescript-eslint/no-unsafe-return, @typescript-eslint/no-unsafe-call
-        return originalJson(data, status)
-      }
-
-      // For other requests, return pretty-printed JSON
-      // Preserve existing headers that were set via c.header()
-      // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-argument
-      const existingHeaders = new Headers(c.res?.headers || {})
-      existingHeaders.set(
-        'Content-Type',
-        'application/json; charset=UTF-8',
-      )
-
-      // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
-      c.res = new Response(JSON.stringify(data, null, 2), {
-        status: status || 200,
-        headers: existingHeaders,
-      })
-      // eslint-disable-next-line @typescript-eslint/no-unsafe-return, @typescript-eslint/no-unsafe-member-access
-      return c.res
-    }
-
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-call
-    await next()
-  }
-}
-
-/**
- * Creates a standardized JSON error response
- * @param {HonoContext} c - The Hono context
- * @param {string | ApiError} error - Error message or object
- * @param {number} [status] - HTTP status code
- * @returns {any} JSON error response
- */
-export function jsonError(
-  c: HonoContext,
-  error: string | ApiError,
-  status = 400,
-) {
-  const errorObj: ApiError =
-    typeof error === 'string' ? { error } : error
-
-  return c.json(errorObj, status as any)
-}
-
-/**
- * Creates a standardized JSON success response
- * @param {HonoContext} c - The Hono context
- * @param {any} data - Response data
- * @param {number} [status] - HTTP status code
- * @returns {any} JSON success response
- */
-export function jsonSuccess(c: HonoContext, data: any, status = 200) {
-  return c.json(data, status as any)
-}
-
-/**
- * Creates a 404 Not Found response
- * @param {HonoContext} c - The Hono context
- * @param {string} [message] - Optional custom message
- * @returns {any} 404 JSON response
- */
-export function notFound(c: HonoContext, message = 'Not Found') {
-  return jsonError(c, { error: message }, 404)
-}
-
-/**
- * Creates a 401 Unauthorized response
- * @param {HonoContext} c - The Hono context
- * @param {string} [message] - Optional custom message
- * @returns {any} 401 JSON response
- */
-export function unauthorized(
-  c: HonoContext,
-  message = 'Unauthorized',
-) {
-  return jsonError(c, { error: message }, 401)
-}
-
-/**
- * Creates a 403 Forbidden response
- * @param {HonoContext} c - The Hono context
- * @param {string} [message] - Optional custom message
- * @returns {any} 403 JSON response
- */
-export function forbidden(c: HonoContext, message = 'Forbidden') {
-  return jsonError(c, { error: message }, 403)
-}
-
-/**
- * Creates a 500 Internal Server Error response
- * @param {HonoContext} c - The Hono context
- * @param {string} [message] - Optional custom message
- * @returns {any} 500 JSON response
- */
-export function internalServerError(
-  c: HonoContext,
-  message = 'Internal Server Error',
-) {
-  return jsonError(c, { error: message }, 500)
-}

package/src/utils/routes.ts

@@ -1,64 +0,0 @@
-import type { HonoContext } from '../../types.ts'
-
-// Public / Static Assets
-export function requiresToken(c: HonoContext): boolean {
-  const { path } = c.req
-  const publicRoutes = [
-    '/images',
-    '/styles',
-    '/-/auth/*',
-    '/-/ping',
-    '/-/docs',
-    '/',
-  ]
-
-  // Check for upstream utility routes that are public (ping and docs only)
-  const upstreamPublicPattern = /^\/[^/]+\/-\/(ping|docs)$/
-  if (upstreamPublicPattern.test(path)) {
-    return false // These are public, no token required
-  }
-
-  // Check standard public routes
-  const isStandardPublicRoute = publicRoutes.some(route => {
-    if (route.endsWith('/*')) {
-      return path.startsWith(route.slice(0, -2))
-    }
-    return path === route || path.startsWith(route)
-  })
-
-  if (isStandardPublicRoute) {
-    return false // No token required
-  }
-
-  // Package routes should be public for downloads
-  // This includes hash-based routes, upstream routes, and legacy redirects
-  const isPackageRoute =
-    path.startsWith('/*/') || // Hash-based routes (literal asterisk)
-    /^\/[^-/][^/]*\/[^/]/.test(path) || // Upstream or package routes
-    /^\/[^-/][^/]*$/.test(path) || // Root package routes
-    /^\/@[^/]+\/[^/]+/.test(path) // Scoped packages
-
-  // Exclude PUT requests (publishing) from being public
-  const isPutRequest = c.req.method === 'PUT'
-  const isPublicPackageRoute = isPackageRoute && !isPutRequest
-
-  if (isPublicPackageRoute) {
-    return false // No token required
-  }
-
-  // All other routes require authentication
-  return true
-}
-
-// Catch-all for non-GET methods
-export function catchAll(c: HonoContext) {
-  return c.json({ error: 'Method not allowed' }, 405)
-}
-
-export function notFound(c: HonoContext) {
-  return c.json({ error: 'Not found' }, 404)
-}
-
-export function isOK(c: HonoContext) {
-  return c.json({}, 200)
-}

package/src/utils/spa.ts

@@ -1,52 +0,0 @@
-// This function now takes the ASSETS environment binding as a parameter
-// to avoid the circular dependency issue
-export const getApp = async (
-  assetsBinding?: any,
-): Promise<string> => {
-  if (assetsBinding) {
-    try {
-      // Use the ASSETS binding to fetch the index.html file
-      // eslint-disable-next-line @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-member-access
-      const response = (await assetsBinding.fetch(
-        new Request('http://localhost/public/index.html'),
-      )) as Response
-      if (response.ok) {
-        const html = await response.text()
-        return changeSourceReferences(html)
-      }
-    } catch (error) {
-      // eslint-disable-next-line no-console
-      console.error('Failed to load index.html from assets:', error)
-    }
-  }
-
-  // Fallback: provide a simple HTML page
-  return `<!DOCTYPE html>
-<html lang="en">
-<head>
-  <meta charset="utf-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1">
-  <title>vlt | Explorer</title>
-  <style>
-    body { font-family: system-ui, sans-serif; padding: 2rem; text-align: center; }
-    .error { color: #dc2626; margin: 1rem 0; }
-  </style>
-</head>
-<body>
-  <h1>vlt | Explorer</h1>
-  <div class="error">Unable to load the application assets.</div>
-  <p>Please check that the server is running correctly and assets are available.</p>
-</body>
-</html>`
-}
-
-export const changeSourceReferences = (html: string): string => {
-  html = html.replace('href="/main.css', 'href="/public/main.css')
-  html = html.replace(
-    'href="/favicon.ico"',
-    'href="/public/favicon.ico"',
-  )
-  html = html.replace('href="/fonts/', 'href="/public/fonts/')
-  html = html.replace('src="/index.js"', 'src="/public/index.js"')
-  return html
-}

package/src/utils/tracing.ts

@@ -1,52 +0,0 @@
-/**
- * Simple tracing utility for debugging and monitoring
- */
-
-/**
- * Logs a trace message with timestamp
- * @param {string} _message - The message to log
- * @param {any} _data - Optional additional data to log
- */
-export function trace(_message: string, _data?: any): void {
-  // Tracing disabled for production
-}
-
-/**
- * Measures execution time of a function
- * @param {string} name - Name of the operation being measured
- * @param {() => Promise<any>} fn - Function to measure
- * @returns {Promise<any>} Result of the function
- */
-export async function measureTime<T>(
-  name: string,
-  fn: () => Promise<T>,
-): Promise<T> {
-  const start = performance.now()
-  try {
-    const result = await fn()
-    const duration = performance.now() - start
-    trace(`${name} completed in ${duration.toFixed(2)}ms`)
-    return result
-  } catch (error) {
-    const duration = performance.now() - start
-    trace(`${name} failed after ${duration.toFixed(2)}ms`, error)
-    throw error
-  }
-}
-
-/**
- * Session monitoring middleware for tracking requests
- * @param {any} _c - The Hono context
- * @param {() => Promise<void>} next - The next middleware function
- * @returns {Promise<void>} Result of next middleware
- */
-export function sessionMonitor(
-  _c: any,
-  next: () => Promise<void>,
-): Promise<void> {
-  // Session monitoring is currently disabled
-  // This middleware can be extended to add session tracking functionality
-  trace('Session monitoring middleware called')
-
-  return next()
-}

package/src/utils/upstream.ts

@@ -1,172 +0,0 @@
-import { ORIGIN_CONFIG, RESERVED_ROUTES } from '../../config.ts'
-import type {
-  UpstreamConfig,
-  ParsedPackageInfo,
-} from '../../types.ts'
-
-/**
- * Validates if an upstream name is allowed (not reserved)
- * @param {string} upstreamName - The upstream name to validate
- * @returns {boolean} True if valid, false if reserved
- */
-export function isValidUpstreamName(upstreamName: string): boolean {
-  return !RESERVED_ROUTES.includes(upstreamName)
-}
-
-/**
- * Gets the upstream configuration by name
- * @param {string} upstreamName - The upstream name
- * @returns {UpstreamConfig | null} The upstream config or null if not found
- */
-export function getUpstreamConfig(
-  upstreamName: string,
-): UpstreamConfig | null {
-  return ORIGIN_CONFIG.upstreams[upstreamName] ?? null
-}
-
-/**
- * Gets the default upstream name
- * @returns {string} The default upstream name
- */
-export function getDefaultUpstream(): string {
-  return ORIGIN_CONFIG.default
-}
-
-/**
- * Generates a cache key for upstream package data
- * @param {string} upstreamName - The upstream name
- * @param {string} packageName - The package name
- * @param {string} [version] - The package version (optional)
- * @returns {string} A deterministic hash ID
- */
-export function generateCacheKey(
-  upstreamName: string,
-  packageName: string,
-  version?: string,
-): string {
-  const key =
-    version ?
-      `${upstreamName}:${packageName}:${version}`
-    : `${upstreamName}:${packageName}`
-
-  // Use TextEncoder for cross-platform compatibility
-  const encoder = new TextEncoder()
-  const data = encoder.encode(key)
-
-  // Convert to base64 using btoa
-  const base64 = btoa(String.fromCharCode(...data))
-
-  // Convert base64 to base64url format (replace + with -, / with _, remove =)
-  return base64
-    .replace(/\+/g, '-')
-    .replace(/\//g, '_')
-    .replace(/=/g, '')
-}
-
-/**
- * Parses a request path to extract package information
- * @param {string} path - The request path
- * @returns {ParsedPackageInfo} Parsed package info
- */
-export function parsePackageSpec(path: string): ParsedPackageInfo {
-  // Remove leading slash and split by '/'
-  const segments = path.replace(/^\/+/, '').split('/')
-
-  // Handle different path patterns
-  if (segments.length === 0) {
-    return { packageName: '', segments }
-  }
-
-  // Check if first segment is an upstream name
-  const firstSegment = segments[0]
-  if (firstSegment && ORIGIN_CONFIG.upstreams[firstSegment]) {
-    // Path starts with upstream name: /upstream/package/version
-    const upstream = firstSegment
-    const packageSegments = segments.slice(1)
-
-    if (packageSegments.length === 0) {
-      return { upstream, packageName: '', segments: packageSegments }
-    }
-
-    // Handle scoped packages: @scope/package
-    if (
-      packageSegments[0]?.startsWith('@') &&
-      packageSegments.length > 1
-    ) {
-      const packageName = `${packageSegments[0]}/${packageSegments[1]}`
-      const version = packageSegments[2]
-      const remainingSegments = packageSegments.slice(2)
-      return {
-        upstream,
-        packageName,
-        version,
-        segments: remainingSegments,
-      }
-    }
-
-    // Handle regular packages
-    const packageName = packageSegments[0] || ''
-    const version = packageSegments[1]
-    const remainingSegments = packageSegments.slice(1)
-    return {
-      upstream,
-      packageName,
-      version,
-      segments: remainingSegments,
-    }
-  }
-
-  // No upstream in path, treat as package name
-  if (firstSegment?.startsWith('@') && segments.length > 1) {
-    // Scoped package: @scope/package/version
-    const packageName = `${segments[0]}/${segments[1] || ''}`
-    const version = segments[2]
-    const remainingSegments = segments.slice(2)
-    return { packageName, version, segments: remainingSegments }
-  }
-
-  // Regular package: package/version
-  const packageName = segments[0] || ''
-  const version = segments[1]
-  const remainingSegments = segments.slice(1)
-  return { packageName, version, segments: remainingSegments }
-}
-
-/**
- * Constructs the upstream URL for a package request
- * @param {UpstreamConfig} upstreamConfig - The upstream configuration
- * @param {string} packageName - The package name
- * @param {string} [path] - Additional path segments
- * @returns {string} The full upstream URL
- */
-export function buildUpstreamUrl(
-  upstreamConfig: UpstreamConfig,
-  packageName: string,
-  path = '',
-): string {
-  const baseUrl = upstreamConfig.url.replace(/\/$/, '')
-  const encodedPackage = encodeURIComponent(packageName)
-
-  switch (upstreamConfig.type) {
-    case 'npm':
-    case 'vsr':
-      return `${baseUrl}/${encodedPackage}${path ? `/${path}` : ''}`
-    case 'jsr':
-      // JSR has a different URL structure
-      return `${baseUrl}/${encodedPackage}${path ? `/${path}` : ''}`
-    case 'local':
-      return `${baseUrl}/${encodedPackage}${path ? `/${path}` : ''}`
-    default:
-      return `${baseUrl}/${encodedPackage}${path ? `/${path}` : ''}`
-  }
-}
-
-/**
- * Checks if proxying is enabled for an upstream
- * @param {string} upstreamName - The upstream name
- * @returns {boolean} True if proxying is enabled
- */
-export function isProxyEnabled(upstreamName: string): boolean {
-  const config = getUpstreamConfig(upstreamName)
-  return config !== null && config.type !== 'local'
-}