@wooksjs/event-http 0.6.2 → 0.6.4

package/dist/index.mjs

@@ -9,6 +9,7 @@ import { WooksAdapterBase } from "wooks";
 import { Readable as Readable$1 } from "stream";
 
 //#region packages/event-http/src/event-http.ts
+/** Creates an async event context for an incoming HTTP request/response pair. */
 function createHttpContext(data, options) {
 	return createAsyncEventContext({
 		event: {
@@ -34,7 +35,7 @@ function escapeRegex(s) {
 function safeDecode(f, v) {
 	try {
 		return f(v);
-	} catch (error) {
+	} catch {
 		return v;
 	}
 }
@@ -66,7 +67,12 @@ const units = {
 
 //#endregion
 //#region packages/event-http/src/utils/set-cookie.ts
+const COOKIE_NAME_RE = /^[\w!#$%&'*+\-.^`|~]+$/;
+function sanitizeCookieAttrValue(v) {
+	return v.replace(/[;\r\n]/g, "");
+}
 function renderCookie(key, data) {
+	if (!COOKIE_NAME_RE.test(key)) throw new TypeError(`Invalid cookie name "${key}"`);
 	let attrs = "";
 	for (const [a, v] of Object.entries(data.attrs)) {
 		const func = cookieAttrFunc[a];
@@ -80,8 +86,8 @@ function renderCookie(key, data) {
 const cookieAttrFunc = {
 	expires: (v) => `Expires=${typeof v === "string" || typeof v === "number" ? new Date(v).toUTCString() : v.toUTCString()}`,
 	maxAge: (v) => `Max-Age=${convertTime(v, "s").toString()}`,
-	domain: (v) => `Domain=${v}`,
-	path: (v) => `Path=${v}`,
+	domain: (v) => `Domain=${sanitizeCookieAttrValue(String(v))}`,
+	path: (v) => `Path=${sanitizeCookieAttrValue(String(v))}`,
 	secure: (v) => v ? "Secure" : "",
 	httpOnly: (v) => v ? "HttpOnly" : "",
 	sameSite: (v) => v ? `SameSite=${typeof v === "string" ? v : "Strict"}` : ""
@@ -102,7 +108,7 @@ function encodingSupportsStream(encodings) {
 }
 async function uncompressBody(encodings, compressed) {
 	let buf = compressed;
-	for (const enc of encodings.slice().reverse()) {
+	for (const enc of encodings.slice().toReversed()) {
 		const c = compressors[enc];
 		if (!c) throw new Error(`Unsupported compression type "${enc}".`);
 		buf = await c.uncompress(buf);
@@ -112,7 +118,7 @@ async function uncompressBody(encodings, compressed) {
 async function uncompressBodyStream(encodings, src) {
 	if (!encodingSupportsStream(encodings)) throw new Error("Some encodings lack a streaming decompressor");
 	let out = src;
-	for (const enc of Array.from(encodings).reverse()) out = await compressors[enc].stream.uncompress(out);
+	for (const enc of Array.from(encodings).toReversed()) out = await compressors[enc].stream.uncompress(out);
 	return out;
 }
 
@@ -432,8 +438,9 @@ function error_tl_default(ctx) {
     <title>${statusCode} ${statusMessage}</title>
     <style>
       body {
-        font-family: -apple-system, BlinkMacMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu,
-          Cantarell, 'Open Sans', 'Helvetica Neue', sans-serif;
+        font-family:
+          -apple-system, BlinkMacMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell,
+          'Open Sans', 'Helvetica Neue', sans-serif;
         display: flex;
         justify-content: center;
         align-items: flex-start;
@@ -667,11 +674,12 @@ function error_tl_default(ctx) {
 //#endregion
 //#region packages/event-http/src/errors/error-renderer.ts
 let framework = {
-	version: "0.6.1",
+	version: "0.6.3",
 	poweredBy: `wooksjs`,
 	link: `https://wooks.moost.org/`,
 	image: `https://wooks.moost.org/wooks-full-logo.png`
 };
+/** Renders HTTP error responses in HTML, JSON, or plain text based on the Accept header. */
 var HttpErrorRenderer = class extends BaseHttpResponseRenderer {
 	constructor(opts) {
 		super();
@@ -743,6 +751,7 @@ function escapeQuotes(s) {
 
 //#endregion
 //#region packages/event-http/src/errors/http-error.ts
+/** Represents an HTTP error with a status code and optional structured body. */
 var HttpError = class extends Error {
 	name = "HttpError";
 	constructor(code = 500, _body = "") {
@@ -774,15 +783,24 @@ var HttpError = class extends Error {
 //#endregion
 //#region packages/event-http/src/composables/request.ts
 const xForwardedFor = "x-forwarded-for";
+/** Default safety limits for request body reading (size, ratio, timeout). */
 const DEFAULT_LIMITS = {
 	maxCompressed: 1 * 1024 * 1024,
 	maxInflated: 10 * 1024 * 1024,
 	maxRatio: 100,
 	readTimeoutMs: 1e4
 };
+/**
+* Provides access to the incoming HTTP request (method, url, headers, body, IP).
+* @example
+* ```ts
+* const { method, url, rawBody, getIp } = useRequest()
+* const body = await rawBody()
+* ```
+*/
 function useRequest() {
 	const { store } = useHttpContext();
-	const { init, get, set } = store("request");
+	const { init } = store("request");
 	const event = store("event");
 	const req = event.get("req");
 	const contentEncoding = req.headers["content-encoding"];
@@ -796,18 +814,33 @@ function useRequest() {
 		].includes(p)) return true;
 		return false;
 	});
-	const getMaxCompressed = () => get("maxCompressed") ?? DEFAULT_LIMITS.maxCompressed;
-	const setMaxCompressed = (limit) => set("maxCompressed", limit);
-	const getReadTimeoutMs = () => get("readTimeoutMs") ?? DEFAULT_LIMITS.readTimeoutMs;
-	const setReadTimeoutMs = (limit) => set("readTimeoutMs", limit);
-	const getMaxInflated = () => get("maxInflated") ?? DEFAULT_LIMITS.maxInflated;
-	const setMaxInflated = (limit) => set("maxInflated", limit);
+	const limits = () => event.get("requestLimits");
+	const setLimit = (key, value) => {
+		let obj = limits();
+		if (!obj?.perRequest) {
+			obj = {
+				...obj,
+				perRequest: true
+			};
+			event.set("requestLimits", obj);
+		}
+		obj[key] = value;
+	};
+	const getMaxCompressed = () => limits()?.maxCompressed ?? DEFAULT_LIMITS.maxCompressed;
+	const setMaxCompressed = (limit) => setLimit("maxCompressed", limit);
+	const getMaxInflated = () => limits()?.maxInflated ?? DEFAULT_LIMITS.maxInflated;
+	const setMaxInflated = (limit) => setLimit("maxInflated", limit);
+	const getMaxRatio = () => limits()?.maxRatio ?? DEFAULT_LIMITS.maxRatio;
+	const setMaxRatio = (limit) => setLimit("maxRatio", limit);
+	const getReadTimeoutMs = () => limits()?.readTimeoutMs ?? DEFAULT_LIMITS.readTimeoutMs;
+	const setReadTimeoutMs = (limit) => setLimit("readTimeoutMs", limit);
 	const rawBody = () => init("rawBody", async () => {
 		const encs = contentEncodings();
 		const isZip = isCompressed();
 		const streamable = isZip && encodingSupportsStream(encs);
 		const maxCompressed = getMaxCompressed();
 		const maxInflated = getMaxInflated();
+		const maxRatio = getMaxRatio();
 		const timeoutMs = getReadTimeoutMs();
 		const cl = Number(req.headers["content-length"] ?? 0);
 		const upfrontLimit = isZip ? maxCompressed : maxInflated;
@@ -865,6 +898,7 @@ function useRequest() {
 			inflatedBytes = body.byteLength;
 			if (inflatedBytes > maxInflated) throw new HttpError(413, "Inflated body too large");
 		}
+		if (isZip && rawBytes > 0 && inflatedBytes / rawBytes > maxRatio) throw new HttpError(413, "Compression ratio too high");
 		return body;
 	});
 	const reqId = useEventId().getId;
@@ -896,15 +930,32 @@ function useRequest() {
 		getReadTimeoutMs,
 		setReadTimeoutMs,
 		getMaxInflated,
-		setMaxInflated
+		setMaxInflated,
+		getMaxRatio,
+		setMaxRatio
 	};
 }
 
 //#endregion
 //#region packages/event-http/src/composables/headers.ts
+/**
+* Returns the incoming request headers.
+* @example
+* ```ts
+* const { host, authorization } = useHeaders()
+* ```
+*/
 function useHeaders() {
 	return useRequest().headers;
 }
+/**
+* Provides methods to set, get, and remove outgoing response headers.
+* @example
+* ```ts
+* const { setHeader, setContentType, enableCors } = useSetHeaders()
+* setHeader('x-request-id', '123')
+* ```
+*/
 function useSetHeaders() {
 	const { store } = useHttpContext();
 	const setHeaderStore = store("setHeader");
@@ -926,6 +977,7 @@ function useSetHeaders() {
 		enableCors
 	};
 }
+/** Returns a hookable accessor for a single outgoing response header by name. */
 function useSetHeader(name) {
 	const { store } = useHttpContext();
 	const { hook } = store("setHeader");
@@ -934,6 +986,14 @@ function useSetHeader(name) {
 
 //#endregion
 //#region packages/event-http/src/composables/cookies.ts
+/**
+* Provides access to parsed request cookies.
+* @example
+* ```ts
+* const { getCookie, rawCookies } = useCookies()
+* const sessionId = getCookie('session_id')
+* ```
+*/
 function useCookies() {
 	const { store } = useHttpContext();
 	const { cookie } = useHeaders();
@@ -949,6 +1009,7 @@ function useCookies() {
 		getCookie
 	};
 }
+/** Provides methods to set, get, remove, and clear outgoing response cookies. */
 function useSetCookies() {
 	const { store } = useHttpContext();
 	const cookiesStore = store("setCookies");
@@ -969,6 +1030,7 @@ function useSetCookies() {
 		cookies
 	};
 }
+/** Returns a hookable accessor for a single outgoing cookie by name. */
 function useSetCookie(name) {
 	const { setCookie, getCookie } = useSetCookies();
 	const valueHook = attachHook({
@@ -990,6 +1052,7 @@ function useSetCookie(name) {
 
 //#endregion
 //#region packages/event-http/src/composables/header-accept.ts
+/** Provides helpers to check the request's Accept header for supported MIME types. */
 function useAccept() {
 	const { store } = useHttpContext();
 	const { accept } = useHeaders();
@@ -1010,6 +1073,14 @@ function useAccept() {
 
 //#endregion
 //#region packages/event-http/src/composables/header-authorization.ts
+/**
+* Provides parsed access to the Authorization header (type, credentials, Basic decoding).
+* @example
+* ```ts
+* const { isBearer, authRawCredentials, basicCredentials } = useAuthorization()
+* if (isBearer()) { const token = authRawCredentials() }
+* ```
+*/
 function useAuthorization() {
 	const { store } = useHttpContext();
 	const { authorization } = useHeaders();
@@ -1082,6 +1153,7 @@ const cacheControlFunc = {
 const renderAge = (v) => convertTime(v, "s").toString();
 const renderExpires = (v) => typeof v === "string" || typeof v === "number" ? new Date(v).toUTCString() : v.toUTCString();
 const renderPragmaNoCache = (v) => v ? "no-cache" : "";
+/** Provides helpers to set cache-related response headers (Cache-Control, Expires, Age, Pragma). */
 function useSetCacheControl() {
 	const { setHeader } = useSetHeaders();
 	const setAge = (value) => {
@@ -1106,6 +1178,14 @@ function useSetCacheControl() {
 
 //#endregion
 //#region packages/event-http/src/composables/response.ts
+/**
+* Provides access to the raw HTTP response and status code management.
+* @example
+* ```ts
+* const { status, rawResponse, hasResponded } = useResponse()
+* status(200)
+* ```
+*/
 function useResponse() {
 	const { store } = useHttpContext();
 	const event = store("event");
@@ -1128,6 +1208,7 @@ function useResponse() {
 		})
 	};
 }
+/** Returns a hookable accessor for the response status code. */
 function useStatus() {
 	const { store } = useHttpContext();
 	return store("status").hook("code");
@@ -1135,6 +1216,11 @@ function useStatus() {
 
 //#endregion
 //#region packages/event-http/src/utils/url-search-params.ts
+const ILLEGAL_KEYS = new Set([
+	"__proto__",
+	"constructor",
+	"prototype"
+]);
 var WooksURLSearchParams = class extends URLSearchParams {
 	toJson() {
 		const json = Object.create(null);
@@ -1142,7 +1228,7 @@ var WooksURLSearchParams = class extends URLSearchParams {
 			const a = json[key] = json[key] || [];
 			a.push(value);
 		} else {
-			if (key === "__proto__") throw new HttpError(400, `Illegal key name "${key}"`);
+			if (ILLEGAL_KEYS.has(key)) throw new HttpError(400, `Illegal key name "${key}"`);
 			if (key in json) throw new HttpError(400, `Duplicate key "${key}"`);
 			json[key] = value;
 		}
@@ -1155,6 +1241,14 @@ function isArrayParam(name) {
 
 //#endregion
 //#region packages/event-http/src/composables/search-params.ts
+/**
+* Provides access to URL search (query) parameters from the request.
+* @example
+* ```ts
+* const { urlSearchParams, jsonSearchParams } = useSearchParams()
+* const page = urlSearchParams().get('page')
+* ```
+*/
 function useSearchParams() {
 	const { store } = useHttpContext();
 	const url = useRequest().url || "";
@@ -1329,7 +1423,7 @@ var BaseHttpResponse = class {
 async function respondWithFetch(fetchBody, res) {
 	if (fetchBody) try {
 		for await (const chunk of fetchBody) res.write(chunk);
-	} catch (error) {}
+	} catch {}
 	res.end();
 }
 
@@ -1357,6 +1451,7 @@ function createWooksResponder(renderer = new BaseHttpResponseRenderer(), errorRe
 
 //#endregion
 //#region packages/event-http/src/http-adapter.ts
+/** HTTP adapter for Wooks that provides route registration, server lifecycle, and request handling. */
 var WooksHttp = class extends WooksAdapterBase {
 	logger;
 	constructor(opts, wooks) {
@@ -1364,27 +1459,35 @@ var WooksHttp = class extends WooksAdapterBase {
 		this.opts = opts;
 		this.logger = opts?.logger || this.getLogger(`[wooks-http]`);
 	}
+	/** Registers a handler for all HTTP methods on the given path. */
 	all(path, handler) {
 		return this.on("*", path, handler);
 	}
+	/** Registers a GET route handler. */
 	get(path, handler) {
 		return this.on("GET", path, handler);
 	}
+	/** Registers a POST route handler. */
 	post(path, handler) {
 		return this.on("POST", path, handler);
 	}
+	/** Registers a PUT route handler. */
 	put(path, handler) {
 		return this.on("PUT", path, handler);
 	}
+	/** Registers a PATCH route handler. */
 	patch(path, handler) {
 		return this.on("PATCH", path, handler);
 	}
+	/** Registers a DELETE route handler. */
 	delete(path, handler) {
 		return this.on("DELETE", path, handler);
 	}
+	/** Registers a HEAD route handler. */
 	head(path, handler) {
 		return this.on("HEAD", path, handler);
 	}
+	/** Registers an OPTIONS route handler. */
 	options(path, handler) {
 		return this.on("OPTIONS", path, handler);
 	}
@@ -1442,8 +1545,8 @@ var WooksHttp = class extends WooksAdapterBase {
 	}
 	responder = createWooksResponder();
 	respond(data) {
-		this.responder.respond(data)?.catch((e) => {
-			this.logger.error("Uncaught response exception", e);
+		this.responder.respond(data)?.catch((error) => {
+			this.logger.error("Uncaught response exception", error);
 		});
 	}
 	/**
@@ -1462,7 +1565,8 @@ var WooksHttp = class extends WooksAdapterBase {
 		return (req, res) => {
 			const runInContext = createHttpContext({
 				req,
-				res
+				res,
+				requestLimits: this.opts?.requestLimits
 			}, this.mergeEventOptions(this.opts?.eventOptions));
 			runInContext(async () => {
 				const { handlers } = this.wooks.lookup(req.method, req.url);
@@ -1502,10 +1606,13 @@ var WooksHttp = class extends WooksAdapterBase {
 	}
 };
 /**
-* Factory for WooksHttp App
-* @param opts TWooksHttpOptions
-* @param wooks Wooks | WooksAdapterBase
-* @returns WooksHttp
+* Creates a new WooksHttp application instance.
+* @example
+* ```ts
+* const app = createHttpApp()
+* app.get('/hello', () => 'Hello World!')
+* app.listen(3000)
+* ```
 */
 function createHttpApp(opts, wooks) {
 	return new WooksHttp(opts, wooks);

package/package.json

@@ -1,56 +1,64 @@
 {
   "name": "@wooksjs/event-http",
-  "version": "0.6.2",
+  "version": "0.6.4",
   "description": "@wooksjs/event-http",
+  "keywords": [
+    "api",
+    "app",
+    "composables",
+    "framework",
+    "http",
+    "prostojs",
+    "rest",
+    "restful",
+    "web",
+    "wooks"
+  ],
+  "homepage": "https://github.com/wooksjs/wooksjs/tree/main/packages/event-http#readme",
+  "bugs": {
+    "url": "https://github.com/wooksjs/wooksjs/issues"
+  },
+  "license": "MIT",
+  "author": "Artem Maltsev",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/wooksjs/wooksjs.git",
+    "directory": "packages/event-http"
+  },
+  "bin": {
+    "setup-skills": "scripts/setup-skills.js"
+  },
+  "files": [
+    "dist",
+    "skills",
+    "scripts"
+  ],
   "main": "dist/index.cjs",
   "module": "dist/index.mjs",
   "types": "dist/index.d.ts",
-  "files": [
-    "dist"
-  ],
   "exports": {
     "./package.json": "./package.json",
     ".": {
+      "types": "./dist/index.d.ts",
       "require": "./dist/index.cjs",
-      "import": "./dist/index.mjs",
-      "types": "./dist/index.d.ts"
+      "import": "./dist/index.mjs"
     }
   },
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/wooksjs/wooksjs.git",
-    "directory": "packages/event-http"
-  },
-  "keywords": [
-    "http",
-    "wooks",
-    "composables",
-    "web",
-    "framework",
-    "app",
-    "api",
-    "rest",
-    "restful",
-    "prostojs"
-  ],
-  "author": "Artem Maltsev",
-  "license": "MIT",
-  "bugs": {
-    "url": "https://github.com/wooksjs/wooksjs/issues"
+  "devDependencies": {
+    "typescript": "^5.9.3",
+    "vitest": "^3.2.4",
+    "@wooksjs/event-core": "^0.6.4",
+    "wooks": "^0.6.4"
   },
   "peerDependencies": {
-    "@prostojs/router": "^0.2.1",
     "@prostojs/logger": "^0.4.3",
-    "@wooksjs/event-core": "^0.6.2",
-    "wooks": "^0.6.2"
-  },
-  "dependencies": {},
-  "homepage": "https://github.com/wooksjs/wooksjs/tree/main/packages/event-http#readme",
-  "devDependencies": {
-    "typescript": "^5.8.3",
-    "vitest": "^3.2.4"
+    "@prostojs/router": "^0.2.1",
+    "@wooksjs/event-core": "^0.6.4",
+    "wooks": "^0.6.4"
   },
   "scripts": {
-    "build": "rolldown -c ../../rolldown.config.mjs"
+    "build": "rolldown -c ../../rolldown.config.mjs",
+    "postinstall": "node scripts/setup-skills.js",
+    "setup-skills": "node scripts/setup-skills.js"
   }
 }

package/scripts/setup-skills.js

@@ -0,0 +1,77 @@
+#!/usr/bin/env node
+/* prettier-ignore */
+'use strict'
+
+const fs = require('fs')
+const path = require('path')
+const os = require('os')
+
+const SKILL_NAME = 'wooksjs-event-http'
+const SKILL_SRC = path.join(__dirname, '..', 'skills', SKILL_NAME)
+
+if (!fs.existsSync(SKILL_SRC)) {
+  console.error(`No skills found at ${SKILL_SRC}`)
+  console.error('Add your SKILL.md files to the skills/' + SKILL_NAME + '/ directory first.')
+  process.exit(1)
+}
+
+const AGENTS = {
+  'Claude Code': { dir: '.claude/skills',   global: path.join(os.homedir(), '.claude', 'skills') },
+  'Cursor':      { dir: '.cursor/skills',   global: path.join(os.homedir(), '.cursor', 'skills') },
+  'Windsurf':    { dir: '.windsurf/skills', global: path.join(os.homedir(), '.windsurf', 'skills') },
+  'Codex':       { dir: '.codex/skills',    global: path.join(os.homedir(), '.codex', 'skills') },
+  'OpenCode':    { dir: '.opencode/skills', global: path.join(os.homedir(), '.opencode', 'skills') },
+}
+
+const args = process.argv.slice(2)
+const isGlobal = args.includes('--global') || args.includes('-g')
+const isPostinstall = args.includes('--postinstall')
+let installed = 0, skipped = 0
+const installedDirs = []
+
+for (const [agentName, cfg] of Object.entries(AGENTS)) {
+  const targetBase = isGlobal ? cfg.global : path.join(process.cwd(), cfg.dir)
+  const agentRootDir = path.dirname(cfg.global) // Check if the agent has ever been installed globally
+
+  // In postinstall mode: silently skip agents that aren't set up globally
+  if (isPostinstall || isGlobal) {
+    if (!fs.existsSync(agentRootDir)) { skipped++; continue }
+  }
+
+  const dest = path.join(targetBase, SKILL_NAME)
+  try {
+    fs.mkdirSync(dest, { recursive: true })
+    fs.cpSync(SKILL_SRC, dest, { recursive: true })
+    console.log(`[${SKILL_NAME}] installed to ${dest}`)
+    installed++
+    if (!isGlobal) installedDirs.push(cfg.dir + '/' + SKILL_NAME)
+  } catch (err) {
+    console.warn(`[${SKILL_NAME}] failed — ${err.message}`)
+  }
+}
+
+// Add locally-installed skill dirs to .gitignore
+if (!isGlobal && installedDirs.length > 0) {
+  const gitignorePath = path.join(process.cwd(), '.gitignore')
+  let gitignoreContent = ''
+  try { gitignoreContent = fs.readFileSync(gitignorePath, 'utf8') } catch {}
+  const linesToAdd = installedDirs.filter(d => !gitignoreContent.includes(d))
+  if (linesToAdd.length > 0) {
+    const hasHeader = gitignoreContent.includes('# AI agent skills')
+    const block = (gitignoreContent && !gitignoreContent.endsWith('\n') ? '\n' : '')
+      + (hasHeader ? '' : '\n# AI agent skills (auto-generated by setup-skills)\n')
+      + linesToAdd.join('\n') + '\n'
+    fs.appendFileSync(gitignorePath, block)
+    console.log(`[${SKILL_NAME}] added entries to .gitignore`)
+  }
+}
+
+if (installed === 0 && isPostinstall) {
+  // Silence is fine — no agents present, nothing to do
+} else if (installed === 0 && skipped === Object.keys(AGENTS).length) {
+  console.log('No agent directories detected. Try --global or run without it for project-local install.')
+} else if (installed === 0) {
+  console.log('Nothing installed. Run without --global to install project-locally.')
+} else {
+  console.log(`Done! Restart your AI agent to pick up the "${SKILL_NAME}" skill.`)
+}

package/skills/wooksjs-event-http/SKILL.md

@@ -0,0 +1,37 @@
+---
+name: wooksjs-event-http
+description: Wooks HTTP framework — composable, lazy-evaluated HTTP server for Node.js. Load when building HTTP apps or REST APIs with wooks; defining routes or using the wooks router; using use-composables (useRequest, useResponse, useCookies, useHeaders, useBody, useProxy, useSearchParams, useRouteParams, useAuthorization, useSetHeaders, useSetCookies, useStatus, useAccept, useSetCacheControl); creating custom event context composables; working with @wooksjs/event-core context store (init, get, set, hook); serving static files; proxying requests; handling HTTP errors; setting status codes, content types, or cache control.
+---
+
+# @wooksjs/event-http
+
+A composable HTTP framework for Node.js built on async context (AsyncLocalStorage). Instead of middleware chains and mutated `req`/`res` objects, you call composable functions (`useRequest()`, `useCookies()`, etc.) anywhere in your handler — values are computed on demand and cached per request.
+
+## How to use this skill
+
+Read the domain file that matches the task. Do not load all files — only what you need.
+
+| Domain | File | Load when... |
+|--------|------|------------|
+| Event context (core machinery) | [event-core.md](event-core.md) | Understanding the context store API (`init`/`get`/`set`/`hook`), creating custom composables, lazy evaluation and caching, building your own `use*()` functions |
+| HTTP app setup | [core.md](core.md) | Creating an HTTP app, server lifecycle, `createHttpApp`, `getServerCb`, testing with `prepareTestHttpContext`, logging |
+| Routing | [routing.md](routing.md) | Defining routes, route params (`:id`), wildcards (`*`), regex constraints (`:id(\\d+)`), optional params (`:tab?`), repeated params, path builders, HTTP method shortcuts, handler return values, router config |
+| Request utilities | [request.md](request.md) | `useRequest`, `useHeaders`, `useCookies`, `useSearchParams`, `useAuthorization`, `useAccept`, `useEventId`, reading IP, body limits |
+| Response & status | [response.md](response.md) | `useResponse`, `useStatus`, `useSetHeaders`, `useSetHeader`, `useSetCookies`, `useSetCookie`, `useSetCacheControl`, content type, status hooks, cookie hooks |
+| Error handling | [error-handling.md](error-handling.md) | `HttpError`, throwing errors, custom error bodies, error rendering, guard patterns |
+| Addons (body, static, proxy) | [addons.md](addons.md) | `useBody` (body parsing), `serveFile` (static files), `useProxy` (request proxying) |
+
+## Quick reference
+
+```ts
+import { createHttpApp, useRouteParams } from '@wooksjs/event-http'
+
+const app = createHttpApp()
+app.get('/hello/:name', () => {
+  const { get } = useRouteParams<{ name: string }>()
+  return { greeting: `Hello ${get('name')}!` }
+})
+app.listen(3000)
+```
+
+Key composables: `useRequest()`, `useResponse()`, `useRouteParams()`, `useHeaders()`, `useSetHeaders()`, `useCookies()`, `useSetCookies()`, `useSearchParams()`, `useAuthorization()`, `useAccept()`, `useSetCacheControl()`, `useStatus()`, `useBody()`, `useProxy()`.