@voyant-travel/hono 0.114.0 → 0.116.0

package/dist/anonymous-paths.d.ts

@@ -0,0 +1,15 @@
+import type { HonoExtension, HonoModule } from "./module.js";
+/**
+ * Assemble the anonymous-access allow-list (ADR-0008) from module/extension
+ * `anonymous` declarations, unioned with any explicit `publicPaths` the
+ * deployment still passes (the escape hatch — e.g. plugin/webhook routes that
+ * aren't owned by a module, like a payment-processor callback).
+ *
+ * For each declaring unit the public mount is `resolveSurfaceMountPath` of its
+ * `publicPath`/name under `/v1/public`. `anonymous: true` opens the whole mount;
+ * a string array opens specific sub-paths relative to it. Pure and sorted for a
+ * deterministic, snapshot-auditable result; the global list is what `requireAuth`
+ * matches to skip auth (and stamp `actor: "customer"`).
+ */
+export declare function assembleAnonymousPaths(modules: readonly HonoModule[], extensions: readonly HonoExtension[], explicit?: readonly string[]): string[];
+//# sourceMappingURL=anonymous-paths.d.ts.map

package/dist/anonymous-paths.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"anonymous-paths.d.ts","sourceRoot":"","sources":["../src/anonymous-paths.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAG5D;;;;;;;;;;;GAWG;AACH,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,SAAS,UAAU,EAAE,EAC9B,UAAU,EAAE,SAAS,aAAa,EAAE,EACpC,QAAQ,GAAE,SAAS,MAAM,EAAO,GAC/B,MAAM,EAAE,CAuBV"}

package/dist/anonymous-paths.js

@@ -0,0 +1,35 @@
+import { resolveSurfaceMountPath } from "./mount-paths.js";
+/**
+ * Assemble the anonymous-access allow-list (ADR-0008) from module/extension
+ * `anonymous` declarations, unioned with any explicit `publicPaths` the
+ * deployment still passes (the escape hatch — e.g. plugin/webhook routes that
+ * aren't owned by a module, like a payment-processor callback).
+ *
+ * For each declaring unit the public mount is `resolveSurfaceMountPath` of its
+ * `publicPath`/name under `/v1/public`. `anonymous: true` opens the whole mount;
+ * a string array opens specific sub-paths relative to it. Pure and sorted for a
+ * deterministic, snapshot-auditable result; the global list is what `requireAuth`
+ * matches to skip auth (and stamp `actor: "customer"`).
+ */
+export function assembleAnonymousPaths(modules, extensions, explicit = []) {
+    const paths = new Set(explicit);
+    const add = (mount, anonymous) => {
+        if (!anonymous)
+            return;
+        if (anonymous === true) {
+            paths.add(mount);
+            return;
+        }
+        for (const sub of anonymous) {
+            const trimmed = sub.trim().replace(/^\/+|\/+$/g, "");
+            paths.add(trimmed ? `${mount}/${trimmed}` : mount);
+        }
+    };
+    for (const m of modules) {
+        add(resolveSurfaceMountPath("/v1/public", m.publicPath, m.module.name), m.anonymous);
+    }
+    for (const e of extensions) {
+        add(resolveSurfaceMountPath("/v1/public", e.publicPath, e.extension.module), e.anonymous);
+    }
+    return [...paths].sort();
+}

package/dist/app.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAgC3B,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAY,eAAe,EAAE,MAAM,YAAY,CAAA;AA2C5F;;;;;;;;;;GAUG;AACH,MAAM,WAAW,mBAAmB,CAAC,SAAS,GAAG,OAAO;IACtD;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,QAAQ,CAAC,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC1C;;;;;;;;OAQG;IACH,QAAQ,EAAE,OAAO,qBAAqB,EAAE,QAAQ,CAAA;CACjD;AAED;;;;;;GAMG;AACH,wBAAgB,QAAQ,CAAC,SAAS,SAAS,cAAc,EACvD,MAAM,EAAE,eAAe,CAAC,SAAS,CAAC,GACjC,IAAI,CAAC;IAAE,QAAQ,EAAE,SAAS,CAAC;IAAC,SAAS,EAAE,eAAe,CAAA;CAAE,CAAC,GAAG,mBAAmB,CAAC,SAAS,CAAC,CAqc5F"}
+{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAkC3B,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAY,eAAe,EAAE,MAAM,YAAY,CAAA;AAyB5F;;;;;;;;;;GAUG;AACH,MAAM,WAAW,mBAAmB,CAAC,SAAS,GAAG,OAAO;IACtD;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,QAAQ,CAAC,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;IAC1C;;;;;;;;OAQG;IACH,QAAQ,EAAE,OAAO,qBAAqB,EAAE,QAAQ,CAAA;CACjD;AAED;;;;;;GAMG;AACH,wBAAgB,QAAQ,CAAC,SAAS,SAAS,cAAc,EACvD,MAAM,EAAE,eAAe,CAAC,SAAS,CAAC,GACjC,IAAI,CAAC;IAAE,QAAQ,EAAE,SAAS,CAAC;IAAC,SAAS,EAAE,eAAe,CAAA;CAAE,CAAC,GAAG,mBAAmB,CAAC,SAAS,CAAC,CA0d5F"}

package/dist/app.js

@@ -1,6 +1,7 @@
 import { createContainer, createEventBus, createQueryRunner, } from "@voyant-travel/core";
 import { createOutboxEventStore } from "@voyant-travel/db/outbox";
 import { Hono } from "hono";
+import { assembleAnonymousPaths } from "./anonymous-paths.js";
 import { containerToServiceResolver, makeFrameworkLogger, wireWorkflowRuntime, } from "./app-workflows.js";
 import { mountLazyRoutePaths, mountLazyRoutesAt } from "./lazy-routes.js";
 import { mountAuthForwarding } from "./lib/auth-forward.js";
@@ -19,19 +20,10 @@ import { publicResponseCache } from "./middleware/public-cache.js";
 import { rateLimit, resolveRateLimitStore, } from "./middleware/rate-limit.js";
 import { requireActor } from "./middleware/require-actor.js";
 import { securityHeaders } from "./middleware/security-headers.js";
+import { resolveSurfaceMountPath } from "./mount-paths.js";
 import { noopReporter, safeCaptureException } from "./observability/reporter.js";
 import { getRequestId } from "./observability/request-context.js";
 import { expandHonoPlugins } from "./plugin.js";
-function resolveSurfaceMountPath(prefix, path, fallback) {
-    const normalized = path?.trim();
-    if (!normalized) {
-        return `${prefix}/${fallback}`;
-    }
-    if (normalized === "/") {
-        return prefix;
-    }
-    return `${prefix}/${normalized.replace(/^\/+|\/+$/g, "")}`;
-}
 const WRITE_METHODS = new Set(["POST", "PUT", "PATCH", "DELETE"]);
 function resolveConfiguredRateLimitStore(config, env) {
     if (!config?.store)
@@ -63,6 +55,15 @@ export function mountApp(config) {
     const expanded = config.plugins ? expandHonoPlugins(config.plugins) : null;
     const allModules = [...(config.modules ?? []), ...(expanded?.modules ?? [])];
     const allExtensions = [...(config.extensions ?? []), ...(expanded?.extensions ?? [])];
+    // Anonymous-access allow-list (ADR-0008): assembled from module/extension
+    // `anonymous` declarations + bundle-declared absolute anonymous paths (e.g. a
+    // payment-processor webhook) + any explicit `publicPaths` escape-hatch entries.
+    // Used by both the auth middleware (skip auth / stamp customer actor) and the
+    // public-write rate-limit matcher below, so the two never diverge.
+    const anonymousPaths = assembleAnonymousPaths(allModules, allExtensions, [
+        ...(config.publicPaths ?? []),
+        ...(expanded?.anonymousPaths ?? []),
+    ]);
     // When the framework owns the bus, route subscriber-dispatch failures
     // (including the workflow forwarder) to the reporter — they're otherwise
     // only console-logged per the fire-and-forget EventBus contract (RFC #1553).
@@ -235,8 +236,7 @@ export function mountApp(config) {
                 if (!WRITE_METHODS.has(c.req.method))
                     return next();
                 const pathname = normalizePathname(new URL(c.req.url).pathname);
-                const isPublicWrite = pathname.startsWith("/v1/public/") ||
-                    matchesPublicPath(pathname, config.publicPaths ?? []);
+                const isPublicWrite = pathname.startsWith("/v1/public/") || matchesPublicPath(pathname, anonymousPaths);
                 if (!isPublicWrite)
                     return next();
                 return rateLimit(buildRateLimitPolicy(rateLimitConfig, c.env, "public-write", publicWriteRule))(c, next);
@@ -338,11 +338,18 @@ export function mountApp(config) {
         if (txModuleNames.has(mod.module.name) && mod.publicRoutes) {
             txPrefixes.push(resolveSurfaceMountPath("/v1/public", mod.publicPath, mod.module.name));
         }
+        // Absolute transactional prefixes for routes mounted outside the name-based
+        // surface (e.g. a lazy family at `/v1/admin/catalog/quote`), so the
+        // deployment doesn't hand-maintain them in `dbTransactionalPaths` (ADR-0008).
+        if (mod.transactionalPaths)
+            txPrefixes.push(...mod.transactionalPaths);
     }
     for (const ext of allExtensions) {
         if (txModuleNames.has(ext.extension.module) && ext.publicRoutes) {
             txPrefixes.push(resolveSurfaceMountPath("/v1/public", ext.publicPath, ext.extension.module));
         }
+        if (ext.transactionalPaths)
+            txPrefixes.push(...ext.transactionalPaths);
     }
     // With a `dbTransactional` factory, requests are routed per surface:
     // transactional prefixes get it, everything else gets the cheap
@@ -356,7 +363,7 @@ export function mountApp(config) {
         })
         : config.db;
     // Auth middleware for all other routes
-    app.use("*", requireAuth(dbSource, { publicPaths: config.publicPaths, auth: config.auth }));
+    app.use("*", requireAuth(dbSource, { publicPaths: anonymousPaths, auth: config.auth }));
     // DB middleware — sets c.var.db for all downstream handlers.
     // Pass the list of modules that need interactive transactions so the
     // middleware can throw a clear startup-style error on first request if
@@ -371,6 +378,14 @@ export function mountApp(config) {
         if (pathname.startsWith("/v1/admin/") || pathname.startsWith("/v1/public/")) {
             return next();
         }
+        // Anonymous legacy/webhook routes (ADR-0008) — e.g. a bundle-declared
+        // payment-processor callback at `/v1/finance/...`. `requireAuth` already
+        // skipped credential resolution for these, but it only stamps an actor on
+        // `/v1/public/*`, so without this skip the fail-closed staff guard would 401
+        // a route that is meant to be reachable without a session.
+        if (matchesPublicPath(pathname, anonymousPaths)) {
+            return next();
+        }
         return requireLegacyActor(c, next);
     });
     // Admin capability discovery — GET /v1/admin/_meta/capabilities. A built-in

package/dist/composition.d.ts

@@ -52,6 +52,38 @@ export interface ComposedApp {
  * wired" fails loudly at boot rather than silently dropping a module.
  */
 export declare function composeFromManifest<TCapabilities>(manifest: CompositionManifest, registry: CompositionRegistry<TCapabilities>, capabilities: TCapabilities): ComposedApp;
+/**
+ * A module's place in the capability dependency graph (ADR-0007). `provides`
+ * are capability tokens the module supplies (e.g. `"people-directory"`);
+ * `requires` are tokens it depends on another mounted module — or an injected
+ * substitute — to supply. Tokens are opaque strings; the graph is the contract
+ * between modules, decoupled from concrete service shapes.
+ *
+ * `isRequired` marks a module the platform cannot run without: it can be
+ * *overridden* by a substitute (a future capability) but never `exclude`d.
+ */
+export interface CapabilityDeclaration {
+    provides?: readonly string[];
+    requires?: readonly string[];
+    isRequired?: boolean;
+}
+/** Maps a module specifier to its capability declaration. */
+export type CapabilityGraph = Record<string, CapabilityDeclaration>;
+/** An unmet `requires`: a capability no mounted module (nor a substitute) provides. */
+export interface CapabilityGap {
+    capability: string;
+    /** Specifiers of the still-mounted modules that require the missing capability. */
+    requiredBy: string[];
+}
+/**
+ * Pure dependency-graph check for module subsetting (ADR-0007). Given the
+ * specifiers that will actually mount (after any `exclude`) and the capability
+ * graph, return the gaps: required capabilities that nothing still-mounted
+ * provides. An empty array means the subset is safe to compose. Callers turn a
+ * non-empty result into a build/boot error so dropping a depended-on module
+ * fails loudly here rather than as a runtime 500.
+ */
+export declare function findCapabilityGaps(mountedSpecifiers: readonly string[], graph: CapabilityGraph): CapabilityGap[];
 export interface ManifestRegistryDiff {
     /** In the manifest but with no registered factory. */
     missingFactories: string[];

package/dist/composition.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"composition.d.ts","sourceRoot":"","sources":["../src/composition.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAE5D;;;;;;;;;;;;;;;GAeG;AAEH,oEAAoE;AACpE,MAAM,MAAM,gBAAgB,GAAG,MAAM,GAAG;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAAE,CAAA;AAE9F,wDAAwD;AACxD,MAAM,WAAW,mBAAmB;IAClC,OAAO,CAAC,EAAE,gBAAgB,EAAE,CAAA;IAC5B,UAAU,CAAC,EAAE,gBAAgB,EAAE,CAAA;CAChC;AAED,qFAAqF;AACrF,MAAM,WAAW,kBAAkB,CAAC,aAAa;IAC/C,YAAY,EAAE,aAAa,CAAA;IAC3B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CACjC;AAED,MAAM,MAAM,aAAa,CAAC,aAAa,IAAI,CACzC,GAAG,EAAE,kBAAkB,CAAC,aAAa,CAAC,KACnC,UAAU,GAAG,UAAU,EAAE,CAAA;AAC9B,MAAM,MAAM,gBAAgB,CAAC,aAAa,IAAI,CAC5C,GAAG,EAAE,kBAAkB,CAAC,aAAa,CAAC,KACnC,aAAa,CAAA;AAElB;;;GAGG;AACH,MAAM,WAAW,mBAAmB,CAAC,aAAa;IAChD,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,aAAa,CAAC,CAAC,CAAA;IACrD,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;CAC7D;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,UAAU,EAAE,CAAA;IACrB,UAAU,EAAE,aAAa,EAAE,CAAA;CAC5B;AAUD;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,aAAa,EAC/C,QAAQ,EAAE,mBAAmB,EAC7B,QAAQ,EAAE,mBAAmB,CAAC,aAAa,CAAC,EAC5C,YAAY,EAAE,aAAa,GAC1B,WAAW,CA0Bb;AAED,MAAM,WAAW,oBAAoB;IACnC,sDAAsD;IACtD,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,2DAA2D;IAC3D,eAAe,EAAE,MAAM,EAAE,CAAA;CAC1B;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAClC,eAAe,EAAE,gBAAgB,EAAE,EACnC,YAAY,EAAE,MAAM,EAAE,GACrB,oBAAoB,CAOtB"}
+{"version":3,"file":"composition.d.ts","sourceRoot":"","sources":["../src/composition.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAE5D;;;;;;;;;;;;;;;GAeG;AAEH,oEAAoE;AACpE,MAAM,MAAM,gBAAgB,GAAG,MAAM,GAAG;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAAE,CAAA;AAE9F,wDAAwD;AACxD,MAAM,WAAW,mBAAmB;IAClC,OAAO,CAAC,EAAE,gBAAgB,EAAE,CAAA;IAC5B,UAAU,CAAC,EAAE,gBAAgB,EAAE,CAAA;CAChC;AAED,qFAAqF;AACrF,MAAM,WAAW,kBAAkB,CAAC,aAAa;IAC/C,YAAY,EAAE,aAAa,CAAA;IAC3B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CACjC;AAED,MAAM,MAAM,aAAa,CAAC,aAAa,IAAI,CACzC,GAAG,EAAE,kBAAkB,CAAC,aAAa,CAAC,KACnC,UAAU,GAAG,UAAU,EAAE,CAAA;AAC9B,MAAM,MAAM,gBAAgB,CAAC,aAAa,IAAI,CAC5C,GAAG,EAAE,kBAAkB,CAAC,aAAa,CAAC,KACnC,aAAa,CAAA;AAElB;;;GAGG;AACH,MAAM,WAAW,mBAAmB,CAAC,aAAa;IAChD,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,aAAa,CAAC,CAAC,CAAA;IACrD,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;CAC7D;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,UAAU,EAAE,CAAA;IACrB,UAAU,EAAE,aAAa,EAAE,CAAA;CAC5B;AAUD;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,aAAa,EAC/C,QAAQ,EAAE,mBAAmB,EAC7B,QAAQ,EAAE,mBAAmB,CAAC,aAAa,CAAC,EAC5C,YAAY,EAAE,aAAa,GAC1B,WAAW,CA0Bb;AAED;;;;;;;;;GASG;AACH,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,EAAE,SAAS,MAAM,EAAE,CAAA;IAC5B,QAAQ,CAAC,EAAE,SAAS,MAAM,EAAE,CAAA;IAC5B,UAAU,CAAC,EAAE,OAAO,CAAA;CACrB;AAED,6DAA6D;AAC7D,MAAM,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,EAAE,qBAAqB,CAAC,CAAA;AAEnE,uFAAuF;AACvF,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAA;IAClB,mFAAmF;IACnF,UAAU,EAAE,MAAM,EAAE,CAAA;CACrB;AAED;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAChC,iBAAiB,EAAE,SAAS,MAAM,EAAE,EACpC,KAAK,EAAE,eAAe,GACrB,aAAa,EAAE,CAmBjB;AAED,MAAM,WAAW,oBAAoB;IACnC,sDAAsD;IACtD,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAC1B,2DAA2D;IAC3D,eAAe,EAAE,MAAM,EAAE,CAAA;CAC1B;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAClC,eAAe,EAAE,gBAAgB,EAAE,EACnC,YAAY,EAAE,MAAM,EAAE,GACrB,oBAAoB,CAOtB"}

package/dist/composition.js

@@ -31,6 +31,34 @@ export function composeFromManifest(manifest, registry, capabilities) {
     });
     return { modules, extensions };
 }
+/**
+ * Pure dependency-graph check for module subsetting (ADR-0007). Given the
+ * specifiers that will actually mount (after any `exclude`) and the capability
+ * graph, return the gaps: required capabilities that nothing still-mounted
+ * provides. An empty array means the subset is safe to compose. Callers turn a
+ * non-empty result into a build/boot error so dropping a depended-on module
+ * fails loudly here rather than as a runtime 500.
+ */
+export function findCapabilityGaps(mountedSpecifiers, graph) {
+    const provided = new Set();
+    for (const spec of mountedSpecifiers) {
+        for (const cap of graph[spec]?.provides ?? [])
+            provided.add(cap);
+    }
+    const gaps = new Map();
+    for (const spec of mountedSpecifiers) {
+        for (const cap of graph[spec]?.requires ?? []) {
+            if (provided.has(cap))
+                continue;
+            const by = gaps.get(cap) ?? new Set();
+            by.add(spec);
+            gaps.set(cap, by);
+        }
+    }
+    return [...gaps.entries()]
+        .map(([capability, by]) => ({ capability, requiredBy: [...by].sort() }))
+        .sort((a, b) => a.capability.localeCompare(b.capability));
+}
 /**
  * Pure parity check between a manifest's entries and a registry's keys, for
  * tooling (`voyant db doctor`). Reports manifest entries with no factory and

package/dist/index.d.ts

@@ -1,4 +1,5 @@
 export type { VoyantPermission } from "@voyant-travel/core";
+export { assembleAnonymousPaths } from "./anonymous-paths.js";
 export { mountApp } from "./app.js";
 export type { SessionAuthContext } from "./auth/index.js";
 export { constantTimeEqual, extractBearerToken, generateNumericCode, randomBytesHex, requireUserId, sha256Base64Url, sha256Hex, unsignCookie, verifySession, } from "./auth/index.js";

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAC3D,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAA;AACnC,YAAY,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAA;AACzD,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,EACd,aAAa,EACb,eAAe,EACf,SAAS,EACT,YAAY,EACZ,aAAa,GACd,MAAM,iBAAiB,CAAA;AACxB,OAAO,EAAE,KAAK,eAAe,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AACjE,YAAY,EACV,wBAAwB,EACxB,0BAA0B,EAC1B,wBAAwB,EACxB,8BAA8B,EAC9B,uBAAuB,GACxB,MAAM,wBAAwB,CAAA;AAC/B,OAAO,EAAE,6BAA6B,EAAE,MAAM,wBAAwB,CAAA;AACtE,OAAO,EACL,sBAAsB,EACtB,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACrB,mBAAmB,EACnB,iBAAiB,GAClB,MAAM,kBAAkB,CAAA;AACzB,OAAO,EAAE,oBAAoB,EAAE,KAAK,qBAAqB,EAAE,MAAM,sBAAsB,CAAA;AACvF,OAAO,EACL,WAAW,EACX,qBAAqB,EACrB,IAAI,EACJ,0BAA0B,EAC1B,EAAE,EACF,gBAAgB,EAChB,aAAa,EACb,cAAc,EACd,KAAK,qBAAqB,EAC1B,cAAc,EACd,mBAAmB,EACnB,WAAW,EACX,MAAM,EACN,2BAA2B,EAC3B,SAAS,EACT,SAAS,EACT,YAAY,EACZ,WAAW,EACX,iBAAiB,GAClB,MAAM,uBAAuB,CAAA;AAC9B,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAC5D,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAA;AACpE,OAAO,EACL,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,gBAAgB,EAChB,oBAAoB,GACrB,MAAM,0BAA0B,CAAA;AACjC,YAAY,EACV,mBAAmB,EACnB,mBAAmB,EACnB,UAAU,EACV,UAAU,GACX,MAAM,aAAa,CAAA;AACpB,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,aAAa,CAAA;AACpB,YAAY,EACV,6BAA6B,EAC7B,6BAA6B,EAC7B,uBAAuB,EACvB,6BAA6B,GAC9B,MAAM,wBAAwB,CAAA;AAC/B,OAAO,EACL,2BAA2B,EAC3B,4BAA4B,EAC5B,+BAA+B,EAC/B,2BAA2B,GAC5B,MAAM,wBAAwB,CAAA;AAC/B,OAAO,EACL,KAAK,iCAAiC,EACtC,6CAA6C,EAC7C,iCAAiC,EACjC,sCAAsC,EACtC,kCAAkC,EAClC,KAAK,mCAAmC,EACxC,KAAK,8BAA8B,EACnC,KAAK,2BAA2B,EAChC,KAAK,gCAAgC,EACrC,KAAK,gCAAgC,EACrC,KAAK,kCAAkC,EACvC,KAAK,4BAA4B,EACjC,KAAK,sCAAsC,EAC3C,kCAAkC,EAClC,iCAAiC,GAClC,MAAM,+BAA+B,CAAA;AACtC,YAAY,EACV,SAAS,EACT,iBAAiB,EACjB,QAAQ,EACR,kBAAkB,EAClB,QAAQ,EACR,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,wBAAwB,EACxB,qBAAqB,EACrB,cAAc,EACd,QAAQ,EACR,sBAAsB,EACtB,kBAAkB,EAClB,wBAAwB,EACxB,eAAe,GAChB,MAAM,YAAY,CAAA;AACnB,OAAO,EACL,YAAY,EACZ,iBAAiB,EACjB,wBAAwB,EACxB,aAAa,EACb,qBAAqB,EACrB,UAAU,EACV,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,iBAAiB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAC3D,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAA;AAC7D,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAA;AACnC,YAAY,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAA;AACzD,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,EACd,aAAa,EACb,eAAe,EACf,SAAS,EACT,YAAY,EACZ,aAAa,GACd,MAAM,iBAAiB,CAAA;AACxB,OAAO,EAAE,KAAK,eAAe,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AACjE,YAAY,EACV,wBAAwB,EACxB,0BAA0B,EAC1B,wBAAwB,EACxB,8BAA8B,EAC9B,uBAAuB,GACxB,MAAM,wBAAwB,CAAA;AAC/B,OAAO,EAAE,6BAA6B,EAAE,MAAM,wBAAwB,CAAA;AACtE,OAAO,EACL,sBAAsB,EACtB,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACrB,mBAAmB,EACnB,iBAAiB,GAClB,MAAM,kBAAkB,CAAA;AACzB,OAAO,EAAE,oBAAoB,EAAE,KAAK,qBAAqB,EAAE,MAAM,sBAAsB,CAAA;AACvF,OAAO,EACL,WAAW,EACX,qBAAqB,EACrB,IAAI,EACJ,0BAA0B,EAC1B,EAAE,EACF,gBAAgB,EAChB,aAAa,EACb,cAAc,EACd,KAAK,qBAAqB,EAC1B,cAAc,EACd,mBAAmB,EACnB,WAAW,EACX,MAAM,EACN,2BAA2B,EAC3B,SAAS,EACT,SAAS,EACT,YAAY,EACZ,WAAW,EACX,iBAAiB,GAClB,MAAM,uBAAuB,CAAA;AAC9B,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAC5D,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAA;AACpE,OAAO,EACL,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,gBAAgB,EAChB,oBAAoB,GACrB,MAAM,0BAA0B,CAAA;AACjC,YAAY,EACV,mBAAmB,EACnB,mBAAmB,EACnB,UAAU,EACV,UAAU,GACX,MAAM,aAAa,CAAA;AACpB,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,aAAa,CAAA;AACpB,YAAY,EACV,6BAA6B,EAC7B,6BAA6B,EAC7B,uBAAuB,EACvB,6BAA6B,GAC9B,MAAM,wBAAwB,CAAA;AAC/B,OAAO,EACL,2BAA2B,EAC3B,4BAA4B,EAC5B,+BAA+B,EAC/B,2BAA2B,GAC5B,MAAM,wBAAwB,CAAA;AAC/B,OAAO,EACL,KAAK,iCAAiC,EACtC,6CAA6C,EAC7C,iCAAiC,EACjC,sCAAsC,EACtC,kCAAkC,EAClC,KAAK,mCAAmC,EACxC,KAAK,8BAA8B,EACnC,KAAK,2BAA2B,EAChC,KAAK,gCAAgC,EACrC,KAAK,gCAAgC,EACrC,KAAK,kCAAkC,EACvC,KAAK,4BAA4B,EACjC,KAAK,sCAAsC,EAC3C,kCAAkC,EAClC,iCAAiC,GAClC,MAAM,+BAA+B,CAAA;AACtC,YAAY,EACV,SAAS,EACT,iBAAiB,EACjB,QAAQ,EACR,kBAAkB,EAClB,QAAQ,EACR,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,wBAAwB,EACxB,qBAAqB,EACrB,cAAc,EACd,QAAQ,EACR,sBAAsB,EACtB,kBAAkB,EAClB,wBAAwB,EACxB,eAAe,GAChB,MAAM,YAAY,CAAA;AACnB,OAAO,EACL,YAAY,EACZ,iBAAiB,EACjB,wBAAwB,EACxB,aAAa,EACb,qBAAqB,EACrB,UAAU,EACV,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,iBAAiB,CAAA"}

package/dist/index.js

@@ -1,3 +1,4 @@
+export { assembleAnonymousPaths } from "./anonymous-paths.js";
 export { mountApp } from "./app.js";
 export { constantTimeEqual, extractBearerToken, generateNumericCode, randomBytesHex, requireUserId, sha256Base64Url, sha256Hex, unsignCookie, verifySession, } from "./auth/index.js";
 export { createApp } from "./create-app.js";

package/dist/module.d.ts

@@ -38,6 +38,31 @@ export interface HonoModule {
      * public root and omit the extra module segment.
      */
     publicPath?: string;
+    /**
+     * Declares which of this module's PUBLIC routes are reachable without a
+     * session (ADR-0008). `true` = the whole public mount is anonymous; a string
+     * array = specific sub-paths relative to the public mount (e.g.
+     * `["/contact-exists"]` on a module mounted at `/v1/public/customer-portal`
+     * opens `/v1/public/customer-portal/contact-exists`). The framework assembles
+     * the global anonymous allow-list from these declarations, so the
+     * "reachable-without-auth" decision lives next to the route rather than in a
+     * hand-maintained `publicPaths` list. Anonymous public requests are stamped
+     * `actor: "customer"`. Only affects the public surface — admin routes always
+     * require a `staff` actor.
+     */
+    anonymous?: boolean | readonly string[];
+    /**
+     * Absolute API path prefixes whose requests must be served by the
+     * transaction-capable db client (ADR-0008). For modules whose
+     * transaction-needing routes are NOT under the name-based surface — e.g. a
+     * lazy family mounted at `/v1/admin/catalog/quote` rather than
+     * `/v1/admin/{name}` — and where only a SUBSET of the family's routes
+     * transact (so the boolean `module.requiresTransactionalDb` would be too
+     * broad). For the common case (all of a module's routes transact) prefer
+     * `module.requiresTransactionalDb`. Folded into the transactional-prefix map
+     * so the deployment doesn't hand-maintain `dbTransactionalPaths`.
+     */
+    transactionalPaths?: readonly string[];
 }
 export interface HonoExtension {
     extension: Extension;
@@ -60,5 +85,16 @@ export interface HonoExtension {
      * at the public root and omit the extra module segment.
      */
     publicPath?: string;
+    /**
+     * Declares which of this extension's PUBLIC routes are reachable without a
+     * session (ADR-0008). Same semantics as {@link HonoModule.anonymous}, relative
+     * to the extension's public mount.
+     */
+    anonymous?: boolean | readonly string[];
+    /**
+     * Absolute transactional path prefixes — same semantics as
+     * {@link HonoModule.transactionalPaths}.
+     */
+    transactionalPaths?: readonly string[];
 }
 //# sourceMappingURL=module.d.ts.map

package/dist/module.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"module.d.ts","sourceRoot":"","sources":["../src/module.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAC5D,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAEhC,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAA;AAExE,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAA;IACd;;;;;;OAMG;IAEH,MAAM,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IAClB,kEAAkE;IAElE,WAAW,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACvB,uFAAuF;IAEvF,YAAY,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACxB;;;;;OAKG;IACH,eAAe,CAAC,EAAE,gBAAgB,CAAA;IAClC,4FAA4F;IAC5F,gBAAgB,CAAC,EAAE,gBAAgB,CAAA;IACnC;;;;;OAKG;IACH,UAAU,CAAC,EAAE,cAAc,CAAA;IAC3B;;;;;OAKG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB;AAED,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,SAAS,CAAA;IACpB,0DAA0D;IAE1D,MAAM,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IAClB,uEAAuE;IAEvE,WAAW,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACvB,4FAA4F;IAE5F,YAAY,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACxB,kGAAkG;IAClG,eAAe,CAAC,EAAE,gBAAgB,CAAA;IAClC,iGAAiG;IACjG,gBAAgB,CAAC,EAAE,gBAAgB,CAAA;IACnC,gFAAgF;IAChF,UAAU,CAAC,EAAE,cAAc,CAAA;IAC3B;;;;;OAKG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB"}
+{"version":3,"file":"module.d.ts","sourceRoot":"","sources":["../src/module.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAA;AAC5D,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAEhC,OAAO,KAAK,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAA;AAExE,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAA;IACd;;;;;;OAMG;IAEH,MAAM,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IAClB,kEAAkE;IAElE,WAAW,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACvB,uFAAuF;IAEvF,YAAY,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACxB;;;;;OAKG;IACH,eAAe,CAAC,EAAE,gBAAgB,CAAA;IAClC,4FAA4F;IAC5F,gBAAgB,CAAC,EAAE,gBAAgB,CAAA;IACnC;;;;;OAKG;IACH,UAAU,CAAC,EAAE,cAAc,CAAA;IAC3B;;;;;OAKG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB;;;;;;;;;;;OAWG;IACH,SAAS,CAAC,EAAE,OAAO,GAAG,SAAS,MAAM,EAAE,CAAA;IACvC;;;;;;;;;;OAUG;IACH,kBAAkB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAA;CACvC;AAED,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,SAAS,CAAA;IACpB,0DAA0D;IAE1D,MAAM,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IAClB,uEAAuE;IAEvE,WAAW,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACvB,4FAA4F;IAE5F,YAAY,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACxB,kGAAkG;IAClG,eAAe,CAAC,EAAE,gBAAgB,CAAA;IAClC,iGAAiG;IACjG,gBAAgB,CAAC,EAAE,gBAAgB,CAAA;IACnC,gFAAgF;IAChF,UAAU,CAAC,EAAE,cAAc,CAAA;IAC3B;;;;;OAKG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB;;;;OAIG;IACH,SAAS,CAAC,EAAE,OAAO,GAAG,SAAS,MAAM,EAAE,CAAA;IACvC;;;OAGG;IACH,kBAAkB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAA;CACvC"}

package/dist/mount-paths.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Resolve a route family's mount path under a surface prefix (`/v1/admin`,
+ * `/v1/public`). `path` is the optional `publicPath` override: empty →
+ * `{prefix}/{fallback}` (the module/extension name); `"/"` → the surface root
+ * (`prefix`); otherwise `{prefix}/{trimmed path}`.
+ *
+ * Shared by the route mounting in `app.ts` and the anonymous-path assembly in
+ * `anonymous-paths.ts` so both compute the same mount.
+ */
+export declare function resolveSurfaceMountPath(prefix: string, path: string | undefined, fallback: string): string;
+//# sourceMappingURL=mount-paths.d.ts.map

package/dist/mount-paths.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mount-paths.d.ts","sourceRoot":"","sources":["../src/mount-paths.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,wBAAgB,uBAAuB,CACrC,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,GAAG,SAAS,EACxB,QAAQ,EAAE,MAAM,GACf,MAAM,CAYR"}

package/dist/mount-paths.js

@@ -0,0 +1,19 @@
+/**
+ * Resolve a route family's mount path under a surface prefix (`/v1/admin`,
+ * `/v1/public`). `path` is the optional `publicPath` override: empty →
+ * `{prefix}/{fallback}` (the module/extension name); `"/"` → the surface root
+ * (`prefix`); otherwise `{prefix}/{trimmed path}`.
+ *
+ * Shared by the route mounting in `app.ts` and the anonymous-path assembly in
+ * `anonymous-paths.ts` so both compute the same mount.
+ */
+export function resolveSurfaceMountPath(prefix, path, fallback) {
+    const normalized = path?.trim();
+    if (!normalized) {
+        return `${prefix}/${fallback}`;
+    }
+    if (normalized === "/") {
+        return prefix;
+    }
+    return `${prefix}/${normalized.replace(/^\/+|\/+$/g, "")}`;
+}

package/dist/plugin.d.ts

@@ -27,6 +27,17 @@ export interface HonoBundle {
     subscribers?: Subscriber[];
     /** Link definitions contributed by the plugin. */
     links?: LinkDefinition[];
+    /**
+     * Absolute API paths this bundle exposes that are reachable WITHOUT a session
+     * (ADR-0008). Unlike a module/extension's `anonymous` (relative to its
+     * `/v1/public` mount), bundle routes can mount anywhere — e.g. a payment
+     * processor's webhook at `/v1/finance/providers/netopia/callback`, which the
+     * processor's servers POST to without a cookie or bearer. Declaring it here
+     * keeps the "reachable-without-auth" decision with the plugin that owns the
+     * route, instead of in every deployment's `publicPaths`. The framework folds
+     * these into the assembled anonymous allow-list.
+     */
+    anonymous?: string[];
     /**
      * Workflows contributed by the plugin. Mirrors the `Plugin.workflows`
      * field in `@voyant-travel/core` — collected at `createApp()` boot and
@@ -52,6 +63,8 @@ export interface ExpandedHonoBundles {
     extensions: HonoExtension[];
     subscribers: Subscriber[];
     links: LinkDefinition[];
+    /** Absolute anonymous-access paths declared by bundles (ADR-0008). */
+    anonymousPaths: string[];
 }
 /** @deprecated Prefer {@link ExpandedHonoBundles}. */
 export type ExpandedHonoPlugins = ExpandedHonoBundles;

package/dist/plugin.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"plugin.d.ts","sourceRoot":"","sources":["../src/plugin.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gBAAgB,EAChB,qBAAqB,EACrB,cAAc,EACd,UAAU,EACV,kBAAkB,EACnB,MAAM,qBAAqB,CAAA;AAE5B,OAAO,KAAK,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAE5D;;;;;;;;;;;GAWG;AACH,MAAM,WAAW,UAAU;IACzB,8DAA8D;IAC9D,IAAI,EAAE,MAAM,CAAA;IACZ,4CAA4C;IAC5C,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,qEAAqE;IACrE,SAAS,CAAC,EAAE,gBAAgB,CAAA;IAC5B,gEAAgE;IAChE,OAAO,CAAC,EAAE,UAAU,EAAE,CAAA;IACtB,sEAAsE;IACtE,UAAU,CAAC,EAAE,aAAa,EAAE,CAAA;IAC5B,wEAAwE;IACxE,WAAW,CAAC,EAAE,UAAU,EAAE,CAAA;IAC1B,kDAAkD;IAClD,KAAK,CAAC,EAAE,cAAc,EAAE,CAAA;IACxB;;;;OAIG;IACH,SAAS,CAAC,EAAE,SAAS,kBAAkB,EAAE,CAAA;IACzC;;;OAGG;IACH,YAAY,CAAC,EAAE,SAAS,qBAAqB,EAAE,CAAA;CAChD;AAED,6CAA6C;AAC7C,MAAM,MAAM,UAAU,GAAG,UAAU,CAAA;AAEnC;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,CAAC,SAAS,UAAU,EAAE,MAAM,EAAE,CAAC,GAAG,CAAC,CAEnE;AAED,mDAAmD;AACnD,eAAO,MAAM,gBAAgB,yBAAmB,CAAA;AAEhD,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,UAAU,EAAE,CAAA;IACrB,UAAU,EAAE,aAAa,EAAE,CAAA;IAC3B,WAAW,EAAE,UAAU,EAAE,CAAA;IACzB,KAAK,EAAE,cAAc,EAAE,CAAA;CACxB;AAED,sDAAsD;AACtD,MAAM,MAAM,mBAAmB,GAAG,mBAAmB,CAAA;AAErD;;;;GAIG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,aAAa,CAAC,UAAU,CAAC,GAAG,mBAAmB,CAoBzF;AAED,oDAAoD;AACpD,eAAO,MAAM,iBAAiB,0BAAoB,CAAA"}
+{"version":3,"file":"plugin.d.ts","sourceRoot":"","sources":["../src/plugin.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gBAAgB,EAChB,qBAAqB,EACrB,cAAc,EACd,UAAU,EACV,kBAAkB,EACnB,MAAM,qBAAqB,CAAA;AAE5B,OAAO,KAAK,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAE5D;;;;;;;;;;;GAWG;AACH,MAAM,WAAW,UAAU;IACzB,8DAA8D;IAC9D,IAAI,EAAE,MAAM,CAAA;IACZ,4CAA4C;IAC5C,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,qEAAqE;IACrE,SAAS,CAAC,EAAE,gBAAgB,CAAA;IAC5B,gEAAgE;IAChE,OAAO,CAAC,EAAE,UAAU,EAAE,CAAA;IACtB,sEAAsE;IACtE,UAAU,CAAC,EAAE,aAAa,EAAE,CAAA;IAC5B,wEAAwE;IACxE,WAAW,CAAC,EAAE,UAAU,EAAE,CAAA;IAC1B,kDAAkD;IAClD,KAAK,CAAC,EAAE,cAAc,EAAE,CAAA;IACxB;;;;;;;;;OASG;IACH,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;IACpB;;;;OAIG;IACH,SAAS,CAAC,EAAE,SAAS,kBAAkB,EAAE,CAAA;IACzC;;;OAGG;IACH,YAAY,CAAC,EAAE,SAAS,qBAAqB,EAAE,CAAA;CAChD;AAED,6CAA6C;AAC7C,MAAM,MAAM,UAAU,GAAG,UAAU,CAAA;AAEnC;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,CAAC,SAAS,UAAU,EAAE,MAAM,EAAE,CAAC,GAAG,CAAC,CAEnE;AAED,mDAAmD;AACnD,eAAO,MAAM,gBAAgB,yBAAmB,CAAA;AAEhD,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,UAAU,EAAE,CAAA;IACrB,UAAU,EAAE,aAAa,EAAE,CAAA;IAC3B,WAAW,EAAE,UAAU,EAAE,CAAA;IACzB,KAAK,EAAE,cAAc,EAAE,CAAA;IACvB,sEAAsE;IACtE,cAAc,EAAE,MAAM,EAAE,CAAA;CACzB;AAED,sDAAsD;AACtD,MAAM,MAAM,mBAAmB,GAAG,mBAAmB,CAAA;AAErD;;;;GAIG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,aAAa,CAAC,UAAU,CAAC,GAAG,mBAAmB,CAsBzF;AAED,oDAAoD;AACpD,eAAO,MAAM,iBAAiB,0BAAoB,CAAA"}

package/dist/plugin.js

@@ -17,6 +17,7 @@ export function expandHonoBundles(bundles) {
     const extensions = [];
     const subscribers = [];
     const links = [];
+    const anonymousPaths = [];
     for (const bundle of bundles) {
         if (seen.has(bundle.name)) {
             throw new Error(`Duplicate bundle name: "${bundle.name}"`);
@@ -30,8 +31,10 @@ export function expandHonoBundles(bundles) {
             subscribers.push(...bundle.subscribers);
         if (bundle.links)
             links.push(...bundle.links);
+        if (bundle.anonymous)
+            anonymousPaths.push(...bundle.anonymous);
     }
-    return { modules, extensions, subscribers, links };
+    return { modules, extensions, subscribers, links, anonymousPaths };
 }
 /** @deprecated Prefer {@link expandHonoBundles}. */
 export const expandHonoPlugins = expandHonoBundles;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@voyant-travel/hono",
-  "version": "0.114.0",
+  "version": "0.116.0",
   "license": "Apache-2.0",
   "type": "module",
   "exports": {
@@ -127,16 +127,16 @@
     "@voyant-travel/core": "^0.111.0",
     "@voyant-travel/db": "^0.109.0",
     "@voyant-travel/storage": "^0.105.0",
-    "@voyant-travel/types": "^0.105.0",
-    "@voyant-travel/utils": "^0.105.3",
-    "@voyant-travel/workflows": "^0.111.4"
+    "@voyant-travel/types": "^0.106.0",
+    "@voyant-travel/utils": "^0.105.4",
+    "@voyant-travel/workflows": "^0.111.6"
   },
   "devDependencies": {
     "@cloudflare/workers-types": "^4.20260426.1",
     "typescript": "^6.0.2",
     "vitest": "^4.1.2",
     "@voyant-travel/voyant-typescript-config": "^0.1.0",
-    "@voyant-travel/workflows-orchestrator": "^0.111.4"
+    "@voyant-travel/workflows-orchestrator": "^0.111.6"
   },
   "files": [
     "dist"