npm - @voyant-travel/hono - Versions diffs - 0.109.1 - Mend

@voyant-travel/hono 0.109.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (105) hide show

package/LICENSE +201 -0
package/README.md +58 -0
package/dist/app-workflows.d.ts +31 -0
package/dist/app-workflows.d.ts.map +1 -0
package/dist/app-workflows.js +110 -0
package/dist/app.d.ts +45 -0
package/dist/app.d.ts.map +1 -0
package/dist/app.js +403 -0
package/dist/auth/crypto.d.ts +16 -0
package/dist/auth/crypto.d.ts.map +1 -0
package/dist/auth/crypto.js +66 -0
package/dist/auth/index.d.ts +5 -0
package/dist/auth/index.d.ts.map +1 -0
package/dist/auth/index.js +3 -0
package/dist/auth/require-user.d.ts +3 -0
package/dist/auth/require-user.d.ts.map +1 -0
package/dist/auth/require-user.js +8 -0
package/dist/auth/session-jwt.d.ts +7 -0
package/dist/auth/session-jwt.d.ts.map +1 -0
package/dist/auth/session-jwt.js +23 -0
package/dist/composition.d.ts +67 -0
package/dist/composition.d.ts.map +1 -0
package/dist/composition.js +46 -0
package/dist/document-download.d.ts +30 -0
package/dist/document-download.d.ts.map +1 -0
package/dist/document-download.js +102 -0
package/dist/index.d.ts +17 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +9 -0
package/dist/lib/db-selector.d.ts +24 -0
package/dist/lib/db-selector.d.ts.map +1 -0
package/dist/lib/db-selector.js +28 -0
package/dist/lib/execution-ctx.d.ts +16 -0
package/dist/lib/execution-ctx.d.ts.map +1 -0
package/dist/lib/execution-ctx.js +16 -0
package/dist/lib/public-paths.d.ts +19 -0
package/dist/lib/public-paths.d.ts.map +1 -0
package/dist/lib/public-paths.js +27 -0
package/dist/lib/request-event-bus.d.ts +21 -0
package/dist/lib/request-event-bus.d.ts.map +1 -0
package/dist/lib/request-event-bus.js +43 -0
package/dist/middleware/auth.d.ts +10 -0
package/dist/middleware/auth.d.ts.map +1 -0
package/dist/middleware/auth.js +280 -0
package/dist/middleware/body-size.d.ts +7 -0
package/dist/middleware/body-size.d.ts.map +1 -0
package/dist/middleware/body-size.js +20 -0
package/dist/middleware/cors.d.ts +6 -0
package/dist/middleware/cors.d.ts.map +1 -0
package/dist/middleware/cors.js +94 -0
package/dist/middleware/db.d.ts +43 -0
package/dist/middleware/db.d.ts.map +1 -0
package/dist/middleware/db.js +78 -0
package/dist/middleware/error-boundary.d.ts +5 -0
package/dist/middleware/error-boundary.d.ts.map +1 -0
package/dist/middleware/error-boundary.js +76 -0
package/dist/middleware/idempotency-key.d.ts +97 -0
package/dist/middleware/idempotency-key.d.ts.map +1 -0
package/dist/middleware/idempotency-key.js +235 -0
package/dist/middleware/index.d.ts +14 -0
package/dist/middleware/index.d.ts.map +1 -0
package/dist/middleware/index.js +13 -0
package/dist/middleware/logger.d.ts +5 -0
package/dist/middleware/logger.d.ts.map +1 -0
package/dist/middleware/logger.js +27 -0
package/dist/middleware/metrics.d.ts +55 -0
package/dist/middleware/metrics.d.ts.map +1 -0
package/dist/middleware/metrics.js +94 -0
package/dist/middleware/public-cache.d.ts +44 -0
package/dist/middleware/public-cache.d.ts.map +1 -0
package/dist/middleware/public-cache.js +205 -0
package/dist/middleware/rate-limit.d.ts +214 -0
package/dist/middleware/rate-limit.d.ts.map +1 -0
package/dist/middleware/rate-limit.js +240 -0
package/dist/middleware/request-db.d.ts +42 -0
package/dist/middleware/request-db.d.ts.map +1 -0
package/dist/middleware/request-db.js +62 -0
package/dist/middleware/require-actor.d.ts +28 -0
package/dist/middleware/require-actor.d.ts.map +1 -0
package/dist/middleware/require-actor.js +89 -0
package/dist/middleware/require-permission.d.ts +9 -0
package/dist/middleware/require-permission.d.ts.map +1 -0
package/dist/middleware/require-permission.js +62 -0
package/dist/middleware/security-headers.d.ts +10 -0
package/dist/middleware/security-headers.d.ts.map +1 -0
package/dist/middleware/security-headers.js +19 -0
package/dist/module.d.ts +41 -0
package/dist/module.d.ts.map +1 -0
package/dist/module.js +1 -0
package/dist/plugin.d.ts +66 -0
package/dist/plugin.d.ts.map +1 -0
package/dist/plugin.js +37 -0
package/dist/public-capability.d.ts +46 -0
package/dist/public-capability.d.ts.map +1 -0
package/dist/public-capability.js +140 -0
package/dist/public-document-delivery.d.ts +111 -0
package/dist/public-document-delivery.d.ts.map +1 -0
package/dist/public-document-delivery.js +234 -0
package/dist/types.d.ts +318 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +29 -0
package/dist/validation.d.ts +36 -0
package/dist/validation.d.ts.map +1 -0
package/dist/validation.js +106 -0
package/package.json +156 -0

package/dist/types.d.ts ADDED Viewed

@@ -0,0 +1,318 @@
+import type { Actor, VoyantVariables as CoreVoyantVariables, EventBus, LinkService, ModuleContainer, QueryGraphContext, QueryRunner, VoyantAuthContext, VoyantPermission } from "@voyant-travel/core";
+import type { SelectApikey } from "@voyant-travel/db/schema/iam";
+import type { KVStore } from "@voyant-travel/utils/cache";
+import type { DriverFactory } from "@voyant-travel/workflows/driver";
+import type { NeonHttpDatabase } from "drizzle-orm/neon-http";
+import type { NeonDatabase as NeonWsDatabase } from "drizzle-orm/neon-serverless";
+import type { PostgresJsDatabase } from "drizzle-orm/postgres-js";
+import type { Hono } from "hono";
+import type { HonoExtension, HonoModule } from "./module.js";
+import type { HonoBundle } from "./plugin.js";
+export interface VoyantExecutionContext {
+    waitUntil?: (promise: Promise<unknown>) => void;
+    passThroughOnException?: () => void;
+}
+export interface VoyantBindings {
+    INTERNAL_API_KEY?: string;
+    INTERNAL_API_KEY_SCOPES?: string;
+    SESSION_CLAIMS_SECRET?: string;
+    BETTER_AUTH_SECRET?: string;
+    DATABASE_URL: string;
+    CORS_ALLOWLIST?: string;
+    APP_URL?: string;
+    DASH_BASE_URL?: string;
+    API_BASE_URL?: string;
+    RATE_LIMIT?: KVStore;
+    CACHE?: KVStore;
+    RATE_LIMITER?: import("./middleware/rate-limit.js").CloudflareRateLimiterBinding;
+    /**
+     * Workers Analytics Engine dataset receiving per-request metrics
+     * (see the `metrics` middleware). Optional — without it the
+     * middleware is a no-op.
+     */
+    METRICS?: import("./middleware/metrics.js").AnalyticsEngineDatasetLike;
+}
+export type VoyantDb = PostgresJsDatabase | NeonHttpDatabase | NeonWsDatabase;
+export type VoyantQueryRuntime = QueryRunner;
+export type VoyantVariables = CoreVoyantVariables & {
+    db: VoyantDb;
+    /** Shared app/runtime container for explicit service resolution. */
+    container: ModuleContainer;
+    eventBus: EventBus;
+    /** Shared cross-module link runtime, when the app wires one in. */
+    link?: LinkService;
+    /** Shared cross-module query runtime, when the app wires one in. */
+    query?: VoyantQueryRuntime;
+    /** Optional workflow driver surfaced to HTTP routes after lazy app bootstrap. */
+    workflowDriver?: import("@voyant-travel/workflows/driver").WorkflowDriver;
+    /** Per-request db metrics counter populated by the metrics middleware. */
+    __voyantDbMetrics?: import("./middleware/metrics.js").RequestDbMetrics;
+};
+/**
+ * Per-request handle returned by a {@link DbFactory} that owns its own
+ * Pool / connection: a drizzle client plus a `dispose()` the db
+ * middleware schedules via `c.executionCtx.waitUntil` after the
+ * response is sent. Used by templates that build a Neon WebSocket
+ * Pool per request (see e.g. `dbFromEnvForApp` in template
+ * `src/api/lib/db.ts`) — without `dispose()`, the Pool stays open
+ * until the Workers isolate is reclaimed.
+ */
+export interface DisposableDb {
+    db: VoyantDb;
+    dispose: () => Promise<void>;
+}
+export type DbFactory<TBindings extends VoyantBindings = VoyantBindings> = (env: TBindings) => VoyantDb | DisposableDb;
+/**
+ * Result of routing a request path to a db factory (see
+ * {@link DbFactorySelector}).
+ */
+export interface DbSurfaceSelection<TBindings extends VoyantBindings = VoyantBindings> {
+    factory: DbFactory<TBindings>;
+    /**
+     * Whether this surface must receive an interactive-transaction-capable
+     * client. The db middleware asserts the resolved client's capability
+     * tag when `true` and skips the assertion when `false` (the default
+     * http-backed client is deliberately transaction-incapable).
+     */
+    mustSupportTransactions: boolean;
+}
+/**
+ * Routes a request path to the db factory that should serve it. Built by
+ * `createApp` when the deployment supplies both a default (http-backed)
+ * and a transactional (WebSocket-backed) factory: surfaces owned by
+ * modules that declare `requiresTransactionalDb` get the transactional
+ * factory; everything else gets the cheap default. The selector MUST
+ * return stable factory references — per-request client sharing
+ * (`acquireRequestDb`) keys on factory identity.
+ */
+export interface DbFactorySelector<TBindings extends VoyantBindings = VoyantBindings> {
+    select(path: string): DbSurfaceSelection<TBindings>;
+}
+/** Either a single factory for all requests, or a per-path selector. */
+export type DbSource<TBindings extends VoyantBindings = VoyantBindings> = DbFactory<TBindings> | DbFactorySelector<TBindings>;
+export declare function isDbFactorySelector<TBindings extends VoyantBindings>(source: DbSource<TBindings>): source is DbFactorySelector<TBindings>;
+/** Normalize a {@link DbSource} to the factory serving `path`. */
+export declare function selectDbFactory<TBindings extends VoyantBindings>(source: DbSource<TBindings>, path: string): DbFactory<TBindings>;
+export declare function isDisposableDb(value: VoyantDb | DisposableDb): value is DisposableDb;
+/**
+ * Normalize a {@link DbFactory} return value to `{ db, dispose? }` so
+ * call sites don't repeat the `isDisposableDb` shape check. `dispose`
+ * is `undefined` for plain `VoyantDb` factories.
+ */
+export declare function resolveDbFactoryResult(value: VoyantDb | DisposableDb): {
+    db: VoyantDb;
+    dispose?: () => Promise<void>;
+};
+/**
+ * The shape returned by a custom `auth.resolve` integration. Both `userId`
+ * and `actor` are required: `requireActor` is fail-closed, so a resolver
+ * that omits `actor` would 401 every protected request. Make the omission a
+ * compile-time error instead of a runtime mystery.
+ */
+export type VoyantRequestAuthContext = Omit<VoyantAuthContext, "actor"> & {
+    userId: string;
+    actor: Actor;
+};
+export interface LogEntry {
+    method: string;
+    path: string;
+    status: number;
+    durationMs: number;
+}
+export interface LoggerProvider {
+    log(entry: LogEntry): void;
+}
+export interface VoyantAuthResolveArgs<TBindings extends VoyantBindings = VoyantBindings> {
+    request: Request;
+    env: TBindings;
+    db: VoyantDb;
+    ctx?: VoyantExecutionContext;
+}
+export interface VoyantAuthPermissionArgs<TBindings extends VoyantBindings = VoyantBindings> extends VoyantAuthResolveArgs<TBindings> {
+    permission: VoyantPermission;
+    auth: VoyantRequestAuthContext;
+}
+export interface VoyantAuthApiKeyValidationArgs<TBindings extends VoyantBindings = VoyantBindings> extends VoyantAuthResolveArgs<TBindings> {
+    apiKey: SelectApikey;
+}
+export interface VoyantAuthIntegration<TBindings extends VoyantBindings = VoyantBindings> {
+    handler?: (env: TBindings) => {
+        fetch: (req: Request, env: TBindings, ctx?: VoyantExecutionContext) => Response | Promise<Response>;
+    };
+    /**
+     * Resolve the request to an auth context, or return `null` for anonymous.
+     *
+     * The returned object MUST include `actor` — `requireActor` is fail-closed,
+     * so omitting it 401s every protected route. For single-tenant admin apps
+     * where every authenticated session is staff, return `actor: "staff"`.
+     * Customer/partner/supplier sessions should return the corresponding actor
+     * so `/v1/public/*` route guards work.
+     */
+    resolve?: (args: VoyantAuthResolveArgs<TBindings>) => Promise<VoyantRequestAuthContext | null> | VoyantRequestAuthContext | null;
+    hasPermission?: (args: VoyantAuthPermissionArgs<TBindings>) => Promise<boolean> | boolean;
+    validateApiKey?: (args: VoyantAuthApiKeyValidationArgs<TBindings>) => Promise<boolean> | boolean;
+}
+export interface VoyantAppConfig<TBindings extends VoyantBindings = VoyantBindings> {
+    db: DbFactory<TBindings>;
+    /**
+     * Optional transaction-capable db factory (e.g. a per-request Neon
+     * WebSocket Pool). When provided, `createApp` routes requests by
+     * surface: routes of modules declaring `requiresTransactionalDb` (plus
+     * any `dbTransactionalPaths`) get this factory; every other request is
+     * served by the cheap `db` factory (typically neon-http — zero
+     * connection handshake). When omitted, `db` serves everything
+     * (previous behavior).
+     */
+    dbTransactional?: DbFactory<TBindings>;
+    /**
+     * Extra path prefixes that must receive the transactional client —
+     * for starter-owned routes mounted via `additionalRoutes` that run
+     * interactive transactions (e.g. `"/api/checkout"`). Only meaningful
+     * together with `dbTransactional`.
+     */
+    dbTransactionalPaths?: string[];
+    modules?: HonoModule[];
+    extensions?: HonoExtension[];
+    plugins?: HonoBundle[];
+    eventBus?: EventBus;
+    link?: LinkService;
+    query?: QueryGraphContext | VoyantQueryRuntime;
+    auth?: VoyantAuthIntegration<TBindings>;
+    publicPaths?: string[];
+    logger?: LoggerProvider;
+    /**
+     * Shared response cache for the public surface (`/v1/public/*` by
+     * default). Enabled by default but inert until a route marks its
+     * response `Cache-Control: public, s-maxage=…` — personalized routes
+     * are never cached. Set `false` to disable, or pass options to tune
+     * prefixes/limits. Uses the Cache API where the runtime provides it
+     * and falls back to the `env.CACHE` KV binding (Voyant Cloud
+     * namespaced workers have no `caches.default`).
+     */
+    /**
+     * Transactional outbox (RFC #1687 Phase 2.1). When `true`, request
+     * emits persist the envelope to the `event_outbox` table BEFORE any
+     * subscriber runs (durable, at-least-once with retry/dead-letter via
+     * `drainOutbox` from `@voyant-travel/db/outbox`). Requires the
+     * `event_outbox` migration. Deployments should run a periodic drain
+     * (cron) for redelivery of failed/interrupted deliveries:
+     * `drainOutbox(db, app.eventBus)`. Services needing write atomicity
+     * insert rows inside their own transaction via
+     * `insertOutboxEvents(tx, ...)`. Default off.
+     */
+    outbox?: boolean;
+    /**
+     * Per-request metrics to the `env.METRICS` Analytics Engine dataset
+     * (method, route pattern, surface, cache status, duration, status,
+     * db query count). Enabled by default and inert without the binding;
+     * set `false` to disable entirely.
+     */
+    metrics?: boolean;
+    /**
+     * Default request body limit enforced by `Content-Length` before route
+     * handlers parse JSON/form data. Enabled by default at 10 MiB. Set
+     * `false` to disable or pass `{ maxBytes }` to override.
+     */
+    requestBodyLimit?: false | {
+        maxBytes: number;
+    };
+    /**
+     * Default app-wide security headers. Enabled by default. Set `false`
+     * to disable, or override CSP/HSTS via the option object.
+     */
+    securityHeaders?: false | import("./middleware/security-headers.js").SecurityHeadersOptions;
+    /**
+     * Default app-wide rate limits. Enabled by default for `/auth/*` POSTs
+     * and unauthenticated public writes. Set `false` to disable or tune
+     * individual policies.
+     */
+    rateLimit?: false | import("./middleware/rate-limit.js").RateLimitConfig;
+    publicCache?: false | import("./middleware/public-cache.js").PublicCacheOptions;
+    /**
+     * Workflow runtime configuration. When set, `createApp()` collects
+     * `module.workflows` + `module.eventFilters` (plus the same fields
+     * from plugins), invokes `workflows.driver` with framework deps, and
+     * — inside the lazy bootstrap path — registers the manifest with the
+     * driver and installs an EventBus forwarder that routes emitted
+     * events to `driver.ingestEvent(...)`.
+     *
+     * See `docs/architecture/workflows-runtime-architecture.md` §6, §18.
+     */
+    workflows?: VoyantWorkflowsConfig;
+    /**
+     * Admin API capability metadata, served at `GET /v1/admin/_meta/capabilities`
+     * so clients (the admin SDK) can discover what this deployment supports —
+     * enabled modules, available operations, contract/deployment version, and the
+     * caller's resolved actor + scopes. Provide it from `@voyant-travel/admin-contracts`:
+     * `{ contractVersion: ADMIN_CONTRACT_VERSION, operations: operationCapabilities() }`.
+     * When omitted, the route is not mounted. Typed structurally so `@voyant-travel/hono`
+     * stays decoupled from `@voyant-travel/admin-contracts`.
+     */
+    adminMeta?: {
+        contractVersion: string;
+        deploymentVersion?: string;
+        operations: ReadonlyArray<{
+            id: string;
+            method: string;
+            pathTemplate: string;
+            classification: string;
+            scopes: string[];
+            capabilityKey?: string;
+        }>;
+    };
+    additionalRoutes?: (app: Hono<any>) => void;
+}
+/**
+ * Workflow runtime configuration block. The driver is resolved at boot
+ * time (inside the lazy bootstrap path), after framework deps and —
+ * crucially — after runtime bindings are available.
+ *
+ * `driver` is **always** a function-of-bindings: `(env) => DriverFactory`.
+ * This unambiguous shape works for all deployment modes:
+ *
+ * **Mode 2 / InMemory** — wrap your direct factory:
+ *
+ *     workflows: {
+ *       driver: () => createNodeStandaloneDriver({ db }),
+ *     }
+ *
+ * **Mode 1 (CF edge)** — pull options off `env`:
+ *
+ *     workflows: {
+ *       driver: (env) => createCloudflareEdgeDriver({
+ *         orchestratorNamespace: env.WORKFLOW_RUN_DO,
+ *         manifestKv: env.WORKFLOW_MANIFESTS,
+ *         tenantScript: "tenant-bundle",
+ *       }),
+ *     }
+ *
+ * The single shape avoids ambiguous "is this a factory or a
+ * factory-of-factories?" heuristics. See architecture doc §6.3 +
+ * reviewer feedback P2.1.
+ */
+export interface VoyantWorkflowsConfig<TBindings = unknown> {
+    /**
+     * Function-of-bindings that returns a `DriverFactory`. Resolved
+     * lazily with `c.env` once bindings are available, then invoked
+     * with `{ services, logger }` to produce the driver.
+     */
+    driver: (bindings: TBindings) => DriverFactory;
+    /**
+     * Environment the manifest registers under. Defaults to `"development"`.
+     * Workflow filters are environment-scoped (production manifests don't
+     * see preview events and vice versa) per architecture doc §21.10.
+     */
+    environment?: "production" | "preview" | "development";
+    /**
+     * Project / tenant identifier baked into the manifest. Single-tenant
+     * runtimes leave this unset (defaults to `"default"`). Multi-tenant
+     * deployments override per-app via voyant-cloud's wrapper layer.
+     */
+    projectId?: string;
+}
+/**
+ * Structural shape of a `DriverFactory` from `@voyant-travel/workflows/driver`.
+ * The SDK package's concrete `DriverFactory` satisfies this via TS
+ * structural compat (architecture doc §21.19).
+ */
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,KAAK,EACL,eAAe,IAAI,mBAAmB,EACtC,QAAQ,EACR,WAAW,EACX,eAAe,EACf,iBAAiB,EACjB,WAAW,EACX,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,qBAAqB,CAAA;AAC5B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAA;AAEhE,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,4BAA4B,CAAA;AACzD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAA;AACpE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AAC7D,OAAO,KAAK,EAAE,YAAY,IAAI,cAAc,EAAE,MAAM,6BAA6B,CAAA;AACjF,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAA;AACjE,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAEhC,OAAO,KAAK,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAC5D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAE7C,MAAM,WAAW,sBAAsB;IACrC,SAAS,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,IAAI,CAAA;IAC/C,sBAAsB,CAAC,EAAE,MAAM,IAAI,CAAA;CACpC;AAED,MAAM,WAAW,cAAc;IAC7B,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,uBAAuB,CAAC,EAAE,MAAM,CAAA;IAChC,qBAAqB,CAAC,EAAE,MAAM,CAAA;IAC9B,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAC3B,YAAY,EAAE,MAAM,CAAA;IACpB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,UAAU,CAAC,EAAE,OAAO,CAAA;IACpB,KAAK,CAAC,EAAE,OAAO,CAAA;IACf,YAAY,CAAC,EAAE,OAAO,4BAA4B,EAAE,4BAA4B,CAAA;IAChF;;;;OAIG;IACH,OAAO,CAAC,EAAE,OAAO,yBAAyB,EAAE,0BAA0B,CAAA;CACvE;AAED,MAAM,MAAM,QAAQ,GAAG,kBAAkB,GAAG,gBAAgB,GAAG,cAAc,CAAA;AAC7E,MAAM,MAAM,kBAAkB,GAAG,WAAW,CAAA;AAE5C,MAAM,MAAM,eAAe,GAAG,mBAAmB,GAAG;IAClD,EAAE,EAAE,QAAQ,CAAA;IACZ,oEAAoE;IACpE,SAAS,EAAE,eAAe,CAAA;IAC1B,QAAQ,EAAE,QAAQ,CAAA;IAClB,mEAAmE;IACnE,IAAI,CAAC,EAAE,WAAW,CAAA;IAClB,oEAAoE;IACpE,KAAK,CAAC,EAAE,kBAAkB,CAAA;IAC1B,iFAAiF;IACjF,cAAc,CAAC,EAAE,OAAO,iCAAiC,EAAE,cAAc,CAAA;IACzE,0EAA0E;IAC1E,iBAAiB,CAAC,EAAE,OAAO,yBAAyB,EAAE,gBAAgB,CAAA;CACvE,CAAA;AAED;;;;;;;;GAQG;AACH,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,QAAQ,CAAA;IACZ,OAAO,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;CAC7B;AAED,MAAM,MAAM,SAAS,CAAC,SAAS,SAAS,cAAc,GAAG,cAAc,IAAI,CACzE,GAAG,EAAE,SAAS,KACX,QAAQ,GAAG,YAAY,CAAA;AAE5B;;;GAGG;AACH,MAAM,WAAW,kBAAkB,CAAC,SAAS,SAAS,cAAc,GAAG,cAAc;IACnF,OAAO,EAAE,SAAS,CAAC,SAAS,CAAC,CAAA;IAC7B;;;;;OAKG;IACH,uBAAuB,EAAE,OAAO,CAAA;CACjC;AAED;;;;;;;;GAQG;AACH,MAAM,WAAW,iBAAiB,CAAC,SAAS,SAAS,cAAc,GAAG,cAAc;IAClF,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAA;CACpD;AAED,wEAAwE;AACxE,MAAM,MAAM,QAAQ,CAAC,SAAS,SAAS,cAAc,GAAG,cAAc,IAClE,SAAS,CAAC,SAAS,CAAC,GACpB,iBAAiB,CAAC,SAAS,CAAC,CAAA;AAEhC,wBAAgB,mBAAmB,CAAC,SAAS,SAAS,cAAc,EAClE,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC,GAC1B,MAAM,IAAI,iBAAiB,CAAC,SAAS,CAAC,CAExC;AAED,kEAAkE;AAClE,wBAAgB,eAAe,CAAC,SAAS,SAAS,cAAc,EAC9D,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC,EAC3B,IAAI,EAAE,MAAM,GACX,SAAS,CAAC,SAAS,CAAC,CAEtB;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,QAAQ,GAAG,YAAY,GAAG,KAAK,IAAI,YAAY,CAKpF;AAED;;;;GAIG;AACH,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,QAAQ,GAAG,YAAY,GAAG;IACtE,EAAE,EAAE,QAAQ,CAAA;IACZ,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAA;CAC9B,CAOA;AAED;;;;;GAKG;AACH,MAAM,MAAM,wBAAwB,GAAG,IAAI,CAAC,iBAAiB,EAAE,OAAO,CAAC,GAAG;IACxE,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,EAAE,KAAK,CAAA;CACb,CAAA;AAED,MAAM,WAAW,QAAQ;IACvB,MAAM,EAAE,MAAM,CAAA;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,MAAM,EAAE,MAAM,CAAA;IACd,UAAU,EAAE,MAAM,CAAA;CACnB;AAED,MAAM,WAAW,cAAc;IAC7B,GAAG,CAAC,KAAK,EAAE,QAAQ,GAAG,IAAI,CAAA;CAC3B;AAED,MAAM,WAAW,qBAAqB,CAAC,SAAS,SAAS,cAAc,GAAG,cAAc;IACtF,OAAO,EAAE,OAAO,CAAA;IAChB,GAAG,EAAE,SAAS,CAAA;IACd,EAAE,EAAE,QAAQ,CAAA;IACZ,GAAG,CAAC,EAAE,sBAAsB,CAAA;CAC7B;AAED,MAAM,WAAW,wBAAwB,CAAC,SAAS,SAAS,cAAc,GAAG,cAAc,CACzF,SAAQ,qBAAqB,CAAC,SAAS,CAAC;IACxC,UAAU,EAAE,gBAAgB,CAAA;IAC5B,IAAI,EAAE,wBAAwB,CAAA;CAC/B;AAED,MAAM,WAAW,8BAA8B,CAAC,SAAS,SAAS,cAAc,GAAG,cAAc,CAC/F,SAAQ,qBAAqB,CAAC,SAAS,CAAC;IACxC,MAAM,EAAE,YAAY,CAAA;CACrB;AAED,MAAM,WAAW,qBAAqB,CAAC,SAAS,SAAS,cAAc,GAAG,cAAc;IACtF,OAAO,CAAC,EAAE,CAAC,GAAG,EAAE,SAAS,KAAK;QAC5B,KAAK,EAAE,CACL,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,SAAS,EACd,GAAG,CAAC,EAAE,sBAAsB,KACzB,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAA;KAClC,CAAA;IACD;;;;;;;;OAQG;IACH,OAAO,CAAC,EAAE,CACR,IAAI,EAAE,qBAAqB,CAAC,SAAS,CAAC,KACnC,OAAO,CAAC,wBAAwB,GAAG,IAAI,CAAC,GAAG,wBAAwB,GAAG,IAAI,CAAA;IAC/E,aAAa,CAAC,EAAE,CAAC,IAAI,EAAE,wBAAwB,CAAC,SAAS,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAA;IACzF,cAAc,CAAC,EAAE,CAAC,IAAI,EAAE,8BAA8B,CAAC,SAAS,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAA;CACjG;AAED,MAAM,WAAW,eAAe,CAAC,SAAS,SAAS,cAAc,GAAG,cAAc;IAChF,EAAE,EAAE,SAAS,CAAC,SAAS,CAAC,CAAA;IACxB;;;;;;;;OAQG;IACH,eAAe,CAAC,EAAE,SAAS,CAAC,SAAS,CAAC,CAAA;IACtC;;;;;OAKG;IACH,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC/B,OAAO,CAAC,EAAE,UAAU,EAAE,CAAA;IACtB,UAAU,CAAC,EAAE,aAAa,EAAE,CAAA;IAC5B,OAAO,CAAC,EAAE,UAAU,EAAE,CAAA;IACtB,QAAQ,CAAC,EAAE,QAAQ,CAAA;IACnB,IAAI,CAAC,EAAE,WAAW,CAAA;IAClB,KAAK,CAAC,EAAE,iBAAiB,GAAG,kBAAkB,CAAA;IAC9C,IAAI,CAAC,EAAE,qBAAqB,CAAC,SAAS,CAAC,CAAA;IACvC,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;IACtB,MAAM,CAAC,EAAE,cAAc,CAAA;IACvB;;;;;;;;OAQG;IACH;;;;;;;;;;OAUG;IACH,MAAM,CAAC,EAAE,OAAO,CAAA;IAChB;;;;;OAKG;IACH,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,KAAK,GAAG;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAA;IAC/C;;;OAGG;IACH,eAAe,CAAC,EAAE,KAAK,GAAG,OAAO,kCAAkC,EAAE,sBAAsB,CAAA;IAC3F;;;;OAIG;IACH,SAAS,CAAC,EAAE,KAAK,GAAG,OAAO,4BAA4B,EAAE,eAAe,CAAA;IACxE,WAAW,CAAC,EAAE,KAAK,GAAG,OAAO,8BAA8B,EAAE,kBAAkB,CAAA;IAC/E;;;;;;;;;OASG;IACH,SAAS,CAAC,EAAE,qBAAqB,CAAA;IACjC;;;;;;;;OAQG;IACH,SAAS,CAAC,EAAE;QACV,eAAe,EAAE,MAAM,CAAA;QACvB,iBAAiB,CAAC,EAAE,MAAM,CAAA;QAC1B,UAAU,EAAE,aAAa,CAAC;YACxB,EAAE,EAAE,MAAM,CAAA;YACV,MAAM,EAAE,MAAM,CAAA;YACd,YAAY,EAAE,MAAM,CAAA;YACpB,cAAc,EAAE,MAAM,CAAA;YACtB,MAAM,EAAE,MAAM,EAAE,CAAA;YAChB,aAAa,CAAC,EAAE,MAAM,CAAA;SACvB,CAAC,CAAA;KACH,CAAA;IAED,gBAAgB,CAAC,EAAE,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,IAAI,CAAA;CAC5C;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,MAAM,WAAW,qBAAqB,CAAC,SAAS,GAAG,OAAO;IACxD;;;;OAIG;IACH,MAAM,EAAE,CAAC,QAAQ,EAAE,SAAS,KAAK,aAAa,CAAA;IAC9C;;;;OAIG;IACH,WAAW,CAAC,EAAE,YAAY,GAAG,SAAS,GAAG,aAAa,CAAA;IACtD;;;;OAIG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB;AAED;;;;GAIG"}

package/dist/types.js ADDED Viewed

@@ -0,0 +1,29 @@
+import { dbClientDispose } from "@voyant-travel/db/transaction-capability";
+export function isDbFactorySelector(source) {
+    return typeof source !== "function" && typeof source.select === "function";
+}
+/** Normalize a {@link DbSource} to the factory serving `path`. */
+export function selectDbFactory(source, path) {
+    return isDbFactorySelector(source) ? source.select(path).factory : source;
+}
+export function isDisposableDb(value) {
+    return (typeof value.dispose === "function" &&
+        value.db !== undefined);
+}
+/**
+ * Normalize a {@link DbFactory} return value to `{ db, dispose? }` so
+ * call sites don't repeat the `isDisposableDb` shape check. `dispose`
+ * is `undefined` for plain `VoyantDb` factories.
+ */
+export function resolveDbFactoryResult(value) {
+    if (isDisposableDb(value)) {
+        return value;
+    }
+    const dispose = dbClientDispose(value);
+    return dispose ? { db: value, dispose } : { db: value };
+}
+/**
+ * Structural shape of a `DriverFactory` from `@voyant-travel/workflows/driver`.
+ * The SDK package's concrete `DriverFactory` satisfies this via TS
+ * structural compat (architecture doc §21.19).
+ */

package/dist/validation.d.ts ADDED Viewed

@@ -0,0 +1,36 @@
+import type { Context } from "hono";
+import { type ZodType } from "zod";
+export declare class ApiHttpError extends Error {
+    readonly status: number;
+    readonly code?: string;
+    readonly details?: Record<string, unknown>;
+    constructor(message: string, options: {
+        status: number;
+        code?: string;
+        details?: Record<string, unknown>;
+    });
+}
+export declare class RequestValidationError extends ApiHttpError {
+    constructor(message: string, details?: Record<string, unknown>);
+}
+export declare class UnauthorizedApiError extends ApiHttpError {
+    constructor(message?: string);
+}
+export declare class ForbiddenApiError extends ApiHttpError {
+    constructor(message?: string);
+}
+export declare function parseJsonBody<T>(c: Context, schema: ZodType<T>, options?: {
+    invalidJsonMessage?: string;
+    invalidBodyMessage?: string;
+    maxBytes?: number;
+}): Promise<T>;
+export declare function parseOptionalJsonBody<T>(c: Context, schema: ZodType<T>, options?: {
+    defaultValue?: unknown;
+    invalidBodyMessage?: string;
+    maxBytes?: number;
+}): Promise<T>;
+export declare function parseQuery<T>(c: Context, schema: ZodType<T>, options?: {
+    invalidQueryMessage?: string;
+}): T;
+export declare function normalizeValidationError(error: unknown): ApiHttpError | undefined;
+//# sourceMappingURL=validation.d.ts.map

package/dist/validation.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"validation.d.ts","sourceRoot":"","sources":["../src/validation.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,MAAM,CAAA;AACnC,OAAO,EAAY,KAAK,OAAO,EAAE,MAAM,KAAK,CAAA;AAI5C,qBAAa,YAAa,SAAQ,KAAK;IACrC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;IACvB,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAA;IACtB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;gBAGxC,OAAO,EAAE,MAAM,EACf,OAAO,EAAE;QACP,MAAM,EAAE,MAAM,CAAA;QACd,IAAI,CAAC,EAAE,MAAM,CAAA;QACb,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAClC;CAQJ;AAED,qBAAa,sBAAuB,SAAQ,YAAY;gBAC1C,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;CAQ/D;AAED,qBAAa,oBAAqB,SAAQ,YAAY;gBACxC,OAAO,SAAiB;CAOrC;AAED,qBAAa,iBAAkB,SAAQ,YAAY;gBACrC,OAAO,SAAc;CAOlC;AAqBD,wBAAsB,aAAa,CAAC,CAAC,EACnC,CAAC,EAAE,OAAO,EACV,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,EAClB,OAAO,CAAC,EAAE;IAAE,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAAC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,GACxF,OAAO,CAAC,CAAC,CAAC,CAWZ;AAED,wBAAsB,qBAAqB,CAAC,CAAC,EAC3C,CAAC,EAAE,OAAO,EACV,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,EAClB,OAAO,CAAC,EAAE;IACR,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB,GACA,OAAO,CAAC,CAAC,CAAC,CAcZ;AAkBD,wBAAgB,UAAU,CAAC,CAAC,EAC1B,CAAC,EAAE,OAAO,EACV,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,EAClB,OAAO,CAAC,EAAE;IAAE,mBAAmB,CAAC,EAAE,MAAM,CAAA;CAAE,GACzC,CAAC,CAMH;AAED,wBAAgB,wBAAwB,CAAC,KAAK,EAAE,OAAO,GAAG,YAAY,GAAG,SAAS,CAUjF"}

package/dist/validation.js ADDED Viewed

@@ -0,0 +1,106 @@
+import { ZodError } from "zod";
+import { DEFAULT_REQUEST_BODY_LIMIT_BYTES } from "./middleware/body-size.js";
+export class ApiHttpError extends Error {
+    status;
+    code;
+    details;
+    constructor(message, options) {
+        super(message);
+        this.name = "ApiHttpError";
+        this.status = options.status;
+        this.code = options.code;
+        this.details = options.details;
+    }
+}
+export class RequestValidationError extends ApiHttpError {
+    constructor(message, details) {
+        super(message, {
+            status: 400,
+            code: "invalid_request",
+            details,
+        });
+        this.name = "RequestValidationError";
+    }
+}
+export class UnauthorizedApiError extends ApiHttpError {
+    constructor(message = "Unauthorized") {
+        super(message, {
+            status: 401,
+            code: "unauthorized",
+        });
+        this.name = "UnauthorizedApiError";
+    }
+}
+export class ForbiddenApiError extends ApiHttpError {
+    constructor(message = "Forbidden") {
+        super(message, {
+            status: 403,
+            code: "forbidden",
+        });
+        this.name = "ForbiddenApiError";
+    }
+}
+function toValidationError(error, fallbackMessage = "Invalid request") {
+    return new RequestValidationError(error.issues[0]?.message ?? fallbackMessage, {
+        issues: error.issues,
+        fields: error.flatten(),
+    });
+}
+function validate(schema, input, fallbackMessage) {
+    const parsed = schema.safeParse(input);
+    if (!parsed.success) {
+        throw toValidationError(parsed.error, fallbackMessage);
+    }
+    return parsed.data;
+}
+export async function parseJsonBody(c, schema, options) {
+    let input;
+    const text = await readBoundedRequestText(c, options?.maxBytes);
+    try {
+        input = JSON.parse(text);
+    }
+    catch {
+        throw new RequestValidationError(options?.invalidJsonMessage ?? "Invalid JSON body");
+    }
+    return validate(schema, input, options?.invalidBodyMessage);
+}
+export async function parseOptionalJsonBody(c, schema, options) {
+    let input;
+    const text = await readBoundedRequestText(c, options?.maxBytes);
+    if (text.length === 0) {
+        return validate(schema, options?.defaultValue ?? {}, options?.invalidBodyMessage);
+    }
+    try {
+        input = JSON.parse(text);
+    }
+    catch {
+        input = options?.defaultValue ?? {};
+    }
+    return validate(schema, input, options?.invalidBodyMessage);
+}
+async function readBoundedRequestText(c, maxBytes = DEFAULT_REQUEST_BODY_LIMIT_BYTES) {
+    const contentLength = c.req.header("content-length");
+    if (contentLength) {
+        const size = Number(contentLength);
+        if (Number.isFinite(size) && size > maxBytes) {
+            throw new RequestValidationError("Request body too large", { maxBytes });
+        }
+    }
+    const text = await c.req.text();
+    if (new TextEncoder().encode(text).byteLength > maxBytes) {
+        throw new RequestValidationError("Request body too large", { maxBytes });
+    }
+    return text;
+}
+export function parseQuery(c, schema, options) {
+    return validate(schema, Object.fromEntries(new URL(c.req.url).searchParams), options?.invalidQueryMessage ?? "Invalid query parameters");
+}
+export function normalizeValidationError(error) {
+    if (error instanceof ApiHttpError) {
+        return error;
+    }
+    if (error instanceof ZodError) {
+        return toValidationError(error);
+    }
+    return undefined;
+}

package/package.json ADDED Viewed

@@ -0,0 +1,156 @@
+{
+  "name": "@voyant-travel/hono",
+  "version": "0.109.1",
+  "license": "Apache-2.0",
+  "type": "module",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "default": "./dist/index.js"
+    },
+    "./app": {
+      "types": "./dist/app.d.ts",
+      "import": "./dist/app.js",
+      "default": "./dist/app.js"
+    },
+    "./module": {
+      "types": "./dist/module.d.ts",
+      "import": "./dist/module.js",
+      "default": "./dist/module.js"
+    },
+    "./composition": {
+      "types": "./dist/composition.d.ts",
+      "import": "./dist/composition.js",
+      "default": "./dist/composition.js"
+    },
+    "./plugin": {
+      "types": "./dist/plugin.d.ts",
+      "import": "./dist/plugin.js",
+      "default": "./dist/plugin.js"
+    },
+    "./document-download": {
+      "types": "./dist/document-download.d.ts",
+      "import": "./dist/document-download.js",
+      "default": "./dist/document-download.js"
+    },
+    "./public-document-delivery": {
+      "types": "./dist/public-document-delivery.d.ts",
+      "import": "./dist/public-document-delivery.js",
+      "default": "./dist/public-document-delivery.js"
+    },
+    "./types": {
+      "types": "./dist/types.d.ts",
+      "import": "./dist/types.js",
+      "default": "./dist/types.js"
+    },
+    "./middleware": {
+      "types": "./dist/middleware/index.d.ts",
+      "import": "./dist/middleware/index.js",
+      "default": "./dist/middleware/index.js"
+    },
+    "./middleware/auth": {
+      "types": "./dist/middleware/auth.d.ts",
+      "import": "./dist/middleware/auth.js",
+      "default": "./dist/middleware/auth.js"
+    },
+    "./middleware/body-size": {
+      "types": "./dist/middleware/body-size.d.ts",
+      "import": "./dist/middleware/body-size.js",
+      "default": "./dist/middleware/body-size.js"
+    },
+    "./middleware/cors": {
+      "types": "./dist/middleware/cors.d.ts",
+      "import": "./dist/middleware/cors.js",
+      "default": "./dist/middleware/cors.js"
+    },
+    "./middleware/error-boundary": {
+      "types": "./dist/middleware/error-boundary.d.ts",
+      "import": "./dist/middleware/error-boundary.js",
+      "default": "./dist/middleware/error-boundary.js"
+    },
+    "./middleware/db": {
+      "types": "./dist/middleware/db.d.ts",
+      "import": "./dist/middleware/db.js",
+      "default": "./dist/middleware/db.js"
+    },
+    "./middleware/rate-limit": {
+      "types": "./dist/middleware/rate-limit.d.ts",
+      "import": "./dist/middleware/rate-limit.js",
+      "default": "./dist/middleware/rate-limit.js"
+    },
+    "./middleware/require-actor": {
+      "types": "./dist/middleware/require-actor.d.ts",
+      "import": "./dist/middleware/require-actor.js",
+      "default": "./dist/middleware/require-actor.js"
+    },
+    "./middleware/require-permission": {
+      "types": "./dist/middleware/require-permission.d.ts",
+      "import": "./dist/middleware/require-permission.js",
+      "default": "./dist/middleware/require-permission.js"
+    },
+    "./middleware/security-headers": {
+      "types": "./dist/middleware/security-headers.d.ts",
+      "import": "./dist/middleware/security-headers.js",
+      "default": "./dist/middleware/security-headers.js"
+    },
+    "./middleware/logger": {
+      "types": "./dist/middleware/logger.d.ts",
+      "import": "./dist/middleware/logger.js",
+      "default": "./dist/middleware/logger.js"
+    },
+    "./auth": {
+      "types": "./dist/auth/index.d.ts",
+      "import": "./dist/auth/index.js",
+      "default": "./dist/auth/index.js"
+    },
+    "./auth/session-jwt": {
+      "types": "./dist/auth/session-jwt.d.ts",
+      "import": "./dist/auth/session-jwt.js",
+      "default": "./dist/auth/session-jwt.js"
+    },
+    "./auth/crypto": {
+      "types": "./dist/auth/crypto.d.ts",
+      "import": "./dist/auth/crypto.js",
+      "default": "./dist/auth/crypto.js"
+    }
+  },
+  "dependencies": {
+    "drizzle-orm": "^0.45.2",
+    "hono": "^4.12.10",
+    "zod": "^4.3.6",
+    "@voyant-travel/core": "^0.109.0",
+    "@voyant-travel/db": "^0.108.0",
+    "@voyant-travel/storage": "^0.104.1",
+    "@voyant-travel/types": "^0.104.5",
+    "@voyant-travel/utils": "^0.105.1",
+    "@voyant-travel/workflows": "^0.107.10"
+  },
+  "devDependencies": {
+    "@cloudflare/workers-types": "^4.20260426.1",
+    "typescript": "^6.0.2",
+    "vitest": "^4.1.2",
+    "@voyant-travel/voyant-typescript-config": "^0.1.0",
+    "@voyant-travel/workflows-orchestrator": "^0.107.10"
+  },
+  "files": [
+    "dist"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/voyant-travel/voyant.git",
+    "directory": "packages/hono"
+  },
+  "scripts": {
+    "typecheck": "tsc --noEmit",
+    "lint": "biome check src/",
+    "test": "vitest run",
+    "build": "tsc -p tsconfig.json",
+    "clean": "rm -rf dist tsconfig.tsbuildinfo"
+  },
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts"
+}