@zintrust/core 0.4.80 → 0.4.81

package/bin/zintrust-main.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"zintrust-main.d.ts","sourceRoot":"","sources":["../../bin/zintrust-main.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAQH,KAAK,qBAAqB,GAAG;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AAuVF,wBAAsB,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,CAMzC;AAED,eAAO,MAAM,mBAAmB;;qCArUQ,MAAM,KAAG,qBAAqB,GAAG,SAAS;mCA6C5C,MAAM,GAAG,IAAI,UAAU,MAAM,CAAC,OAAO,GAAG,IAAI,KAAG,MAAM;iCAnEzD,MAAM;8BAIP,MAAM,KAAG,MAAM;uCAsEtC,qBAAqB,WACpB,MAAM,EAAE,KAChB,OAAO,CAAC,KAAK,CAAC;oCAhEsB,MAAM,sBAAsB,MAAM,KAAG,OAAO;6CA2G7B,MAAM,EAAE,KAAG,OAAO,CAAC,OAAO,CAAC;yCAtE1E,MAAM,sBACS,MAAM,QACrB,MAAM,CAAC,UAAU,KACrB,qBAAqB,GAAG,SAAS;EAiTlC,CAAC;AAEH,OAAO,EAAE,CAAC"}
+{"version":3,"file":"zintrust-main.d.ts","sourceRoot":"","sources":["../../bin/zintrust-main.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAOH,KAAK,qBAAqB,GAAG;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB,CAAC;AA0WF,wBAAsB,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,CAMzC;AAED,eAAO,MAAM,mBAAmB;;qCAzUQ,MAAM,KAAG,qBAAqB,GAAG,SAAS;mCA6C5C,MAAM,GAAG,IAAI,UAAU,MAAM,CAAC,OAAO,GAAG,IAAI,KAAG,MAAM;iCAnEzD,MAAM;8BAIP,MAAM,KAAG,MAAM;uCAsEtC,qBAAqB,WACpB,MAAM,EAAE,KAChB,OAAO,CAAC,KAAK,CAAC;oCAhEsB,MAAM,sBAAsB,MAAM,KAAG,OAAO;6CA2G7B,MAAM,EAAE,KAAG,OAAO,CAAC,OAAO,CAAC;yCAtE1E,MAAM,sBACS,MAAM,QACrB,MAAM,CAAC,UAAU,KACrB,qBAAqB,GAAG,SAAS;EAqTlC,CAAC;AAEH,OAAO,EAAE,CAAC"}

package/bin/zintrust-main.js

@@ -4,12 +4,20 @@
  * This module contains the CLI implementation without a hashbang so that it can
  * be imported by other bin shortcuts (zin/z/zt) without parse errors.
  */
-import { Logger } from '../src/config/logger.js';
 import { spawn } from 'node:child_process';
 import fs from 'node:fs';
 import path from 'node:path';
 import { fileURLToPath } from 'node:url';
 const CLI_HANDOFF_ENV_KEY = 'ZINTRUST_CLI_HANDOFF';
+const loadLogger = async () => {
+    try {
+        const { Logger } = await import('../src/config/logger.js');
+        return Logger;
+    }
+    catch {
+        return undefined;
+    }
+};
 const getCurrentPackageRoot = () => {
     return path.resolve(path.dirname(fileURLToPath(import.meta.url)), '..');
 };
@@ -199,18 +207,22 @@ const shouldDeferPluginAutoImportWarnings = (args) => {
     const command = getPrimaryCommand(args);
     return command === 'start' || command === 's';
 };
-const logPluginAutoImportFailure = (args, scope, details) => {
+const logPluginAutoImportFailure = async (args, scope, details) => {
+    const logger = await loadLogger();
+    if (logger === undefined)
+        return;
     if (shouldDeferPluginAutoImportWarnings(args)) {
-        Logger.debug(`${scope} plugin auto-import advisory deferred to runtime bootstrap`, {
+        logger.debug(`${scope} plugin auto-import advisory deferred to runtime bootstrap`, {
             details,
         });
         return;
     }
-    Logger.warn(`${scope} plugin auto-imports failed:`, details);
+    logger.warn(`${scope} plugin auto-imports failed:`, details);
 };
 const handleCliFatal = async (error, context) => {
     try {
-        Logger.error(context, error);
+        const logger = await loadLogger();
+        logger?.error(context, error);
     }
     catch {
         // best-effort logging
@@ -259,11 +271,11 @@ const runCliInternal = async () => {
         const runtimeImportMode = process.env['DOCKER_WORKER'] === 'true' ? 'worker' : 'base';
         const officialImports = await PluginAutoImports.tryImportRuntimeAutoImports(runtimeImportMode);
         if (!officialImports.ok) {
-            logPluginAutoImportFailure(args0, 'Official', officialImports.errorMessage);
+            await logPluginAutoImportFailure(args0, 'Official', officialImports.errorMessage);
         }
         const projectImports = await PluginAutoImports.tryImportProjectAutoImports();
         if (!projectImports.ok && projectImports.reason !== 'not-found') {
-            logPluginAutoImportFailure(args0, 'Project', projectImports.errorMessage);
+            await logPluginAutoImportFailure(args0, 'Project', projectImports.errorMessage);
         }
     }
     catch {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zintrust/core",
-  "version": "0.4.80",
+  "version": "0.4.81",
   "description": "Production-grade TypeScript backend framework for JavaScript",
   "homepage": "https://zintrust.com",
   "repository": {

package/src/cli/commands/D1ProxyCommand.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"D1ProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/D1ProxyCommand.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAmHrD,eAAO,MAAM,cAAc;cACf,YAAY;EAkBtB,CAAC;AAEH,eAAe,cAAc,CAAC"}
+{"version":3,"file":"D1ProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/D1ProxyCommand.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAkIrD,eAAO,MAAM,cAAc;cACf,YAAY;EAkBtB,CAAC;AAEH,eAAe,cAAc,CAAC"}

package/src/cli/commands/D1ProxyCommand.js

@@ -66,6 +66,17 @@ const warnOnPlaceholderDatabaseId = (values) => {
         return;
     Logger.warn('Could not resolve a D1 database id automatically. Update wrangler.jsonc or pass --database-id before relying on the generated d1-proxy environment.');
 };
+const warnOnMissingSigningSecret = () => {
+    const directSecret = trimNonEmptyOption(Env.get('D1_REMOTE_SECRET', ''));
+    const fallbackSecret = trimNonEmptyOption(Env.get('APP_KEY', ''));
+    if (directSecret !== undefined || fallbackSecret !== undefined)
+        return;
+    Logger.warn('D1 proxy signing will fail: the resolved project env does not expose D1_REMOTE_SECRET or APP_KEY to the Worker runtime. Signed requests will be rejected with 401 CONFIG_ERROR until one of those keys is set.');
+};
+const runD1ProxyDiagnostics = (values) => {
+    warnOnPlaceholderDatabaseId(values);
+    warnOnMissingSigningSecret();
+};
 const addOptions = (command) => {
     addWranglerProxyBaseOptions(command, DEFAULT_CONFIG);
     command.option('--binding <name>', 'D1 binding name', DEFAULT_BINDING);
@@ -88,7 +99,7 @@ export const D1ProxyCommand = Object.freeze({
             addOptions,
             resolveValues: resolveConfigValues,
             renderEnvBlock: renderD1ProxyEnvBlock,
-            afterConfigResolved: warnOnPlaceholderDatabaseId,
+            afterConfigResolved: runD1ProxyDiagnostics,
         });
     },
 });

package/src/cli/commands/MongoDBProxyCommand.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"MongoDBProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/MongoDBProxyCommand.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AA4DpC,eAAO,MAAM,mBAAmB;cACpB,OAAO;EAoEjB,CAAC"}
+{"version":3,"file":"MongoDBProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/MongoDBProxyCommand.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AA4DpC,eAAO,MAAM,mBAAmB;cACpB,OAAO;EA0EjB,CAAC"}

package/src/cli/commands/MongoDBProxyCommand.js

@@ -1,6 +1,7 @@
 import { Env } from '../../config/env.js';
 import { Logger } from '../../config/logger.js';
 import { ErrorFactory } from '../../exceptions/ZintrustError.js';
+import { ensureProxyEnvLoadedForCwd } from '../commands/ProxyCommandUtils.js';
 import { Command } from 'commander';
 const startWatchMode = async (options) => {
     Logger.info('Starting MongoDB proxy in watch mode...');
@@ -57,13 +58,14 @@ export const MongoDBProxyCommand = Object.freeze({
         const cmd = new Command('proxy:mongodb');
         cmd.description('Start MongoDB HTTP proxy server');
         const configureOptions = () => {
+            ensureProxyEnvLoadedForCwd();
             cmd.option('--host <host>', 'Proxy host', Env.get('MONGODB_PROXY_HOST', '127.0.0.1'));
             cmd.option('--port <port>', 'Proxy port', String(Env.getInt('MONGODB_PROXY_PORT', 8792)));
             cmd.option('--mongo-uri <uri>', 'MongoDB connection URI', Env.get('MONGO_URI', ''));
             cmd.option('--mongo-db <database>', 'MongoDB database name', Env.get('MONGO_DB', ''));
             cmd.option('--key-id <keyId>', 'Signing key ID', Env.get('MONGODB_PROXY_KEY_ID', 'default'));
             cmd.option('--secret <secret>', 'Signing secret', Env.get('MONGODB_PROXY_SECRET', ''));
-            cmd.option('--require-signing', 'Require request signing', Env.MONGODB_PROXY_REQUIRE_SIGNING);
+            cmd.option('--require-signing', 'Require request signing', Env.getBool('MONGODB_PROXY_REQUIRE_SIGNING', true));
             cmd.option('--signing-window-ms <ms>', 'Signing window in milliseconds', String(Env.getInt('MONGODB_PROXY_SIGNING_WINDOW_MS', 60000)));
             cmd.option('--watch', 'Watch mode: restart on file changes');
         };

package/src/cli/commands/MySqlProxyCommand.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"MySqlProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/MySqlProxyCommand.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAkB,YAAY,EAAE,MAAM,kBAAkB,CAAC;AA0BrE,eAAO,MAAM,iBAAiB;cAClB,YAAY;EAatB,CAAC;AAEH,eAAe,iBAAiB,CAAC"}
+{"version":3,"file":"MySqlProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/MySqlProxyCommand.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAkB,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAgCrE,eAAO,MAAM,iBAAiB;cAClB,YAAY;EAatB,CAAC;AAEH,eAAe,iBAAiB,CAAC"}

package/src/cli/commands/MySqlProxyCommand.js

@@ -1,17 +1,19 @@
 import { BaseCommand } from '../BaseCommand.js';
+import { ensureProxyEnvLoadedForCwd } from '../commands/ProxyCommandUtils.js';
 import { addSqlProxyOptions, runSqlProxyCommand, } from '../commands/SqlProxyCommandUtils.js';
 import { Env } from '../../config/env.js';
 import { MySqlProxyServer } from '../../proxy/mysql/MySqlProxyServer.js';
 const addOptions = (command) => {
+    ensureProxyEnvLoadedForCwd();
     addSqlProxyOptions(command, {
-        hostDefault: Env.MYSQL_PROXY_HOST,
-        portDefault: Env.MYSQL_PROXY_PORT,
-        maxBodyBytesDefault: Env.MYSQL_PROXY_MAX_BODY_BYTES,
+        hostDefault: Env.get('MYSQL_PROXY_HOST', '127.0.0.1'),
+        portDefault: Env.getInt('MYSQL_PROXY_PORT', 8789),
+        maxBodyBytesDefault: Env.getInt('MYSQL_PROXY_MAX_BODY_BYTES', 131072),
         dbVendorLabel: 'MySQL',
-        requireSigningDefault: Env.MYSQL_PROXY_REQUIRE_SIGNING,
-        keyIdDefault: Env.MYSQL_PROXY_KEY_ID,
-        secretDefault: Env.MYSQL_PROXY_SECRET,
-        signingWindowMsDefault: Env.MYSQL_PROXY_SIGNING_WINDOW_MS,
+        requireSigningDefault: Env.getBool('MYSQL_PROXY_REQUIRE_SIGNING', true),
+        keyIdDefault: Env.get('MYSQL_PROXY_KEY_ID', Env.get('APP_NAME', 'ZinTrust')),
+        secretDefault: Env.get('MYSQL_PROXY_SECRET', Env.get('APP_KEY', '')),
+        signingWindowMsDefault: Env.getInt('MYSQL_PROXY_SIGNING_WINDOW_MS', Env.getInt('ZT_PROXY_SIGNING_WINDOW_MS', 60000)),
     });
 };
 export const MySqlProxyCommand = Object.freeze({

package/src/cli/commands/PostgresProxyCommand.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"PostgresProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/PostgresProxyCommand.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAkB,YAAY,EAAE,MAAM,kBAAkB,CAAC;AA0BrE,eAAO,MAAM,oBAAoB;cACrB,YAAY;EAatB,CAAC;AAEH,eAAe,oBAAoB,CAAC"}
+{"version":3,"file":"PostgresProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/PostgresProxyCommand.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAkB,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAgCrE,eAAO,MAAM,oBAAoB;cACrB,YAAY;EAatB,CAAC;AAEH,eAAe,oBAAoB,CAAC"}

package/src/cli/commands/PostgresProxyCommand.js

@@ -1,17 +1,19 @@
 import { BaseCommand } from '../BaseCommand.js';
+import { ensureProxyEnvLoadedForCwd } from '../commands/ProxyCommandUtils.js';
 import { addSqlProxyOptions, runSqlProxyCommand, } from '../commands/SqlProxyCommandUtils.js';
 import { Env } from '../../config/env.js';
 import { PostgresProxyServer } from '../../proxy/postgres/PostgresProxyServer.js';
 const addOptions = (command) => {
+    ensureProxyEnvLoadedForCwd();
     addSqlProxyOptions(command, {
-        hostDefault: Env.POSTGRES_PROXY_HOST,
-        portDefault: Env.POSTGRES_PROXY_PORT,
-        maxBodyBytesDefault: Env.POSTGRES_PROXY_MAX_BODY_BYTES,
+        hostDefault: Env.get('POSTGRES_PROXY_HOST', '127.0.0.1'),
+        portDefault: Env.getInt('POSTGRES_PROXY_PORT', 8790),
+        maxBodyBytesDefault: Env.getInt('POSTGRES_PROXY_MAX_BODY_BYTES', 131072),
         dbVendorLabel: 'PostgreSQL',
-        requireSigningDefault: Env.POSTGRES_PROXY_REQUIRE_SIGNING,
-        keyIdDefault: Env.POSTGRES_PROXY_KEY_ID,
-        secretDefault: Env.POSTGRES_PROXY_SECRET,
-        signingWindowMsDefault: Env.POSTGRES_PROXY_SIGNING_WINDOW_MS,
+        requireSigningDefault: Env.getBool('POSTGRES_PROXY_REQUIRE_SIGNING', true),
+        keyIdDefault: Env.get('POSTGRES_PROXY_KEY_ID', Env.get('APP_NAME', 'ZinTrust')),
+        secretDefault: Env.get('POSTGRES_PROXY_SECRET', Env.get('APP_KEY', '')),
+        signingWindowMsDefault: Env.getInt('POSTGRES_PROXY_SIGNING_WINDOW_MS', Env.getInt('ZT_PROXY_SIGNING_WINDOW_MS', 60000)),
     });
 };
 export const PostgresProxyCommand = Object.freeze({

package/src/cli/commands/ProxyCommandUtils.d.ts

@@ -1,6 +1,8 @@
 type NumberExpectation = 'positive' | 'non-negative';
 export declare const parseIntOption: (raw: string | undefined, name: string, expectation?: NumberExpectation) => number | undefined;
 export declare const trimOption: (value: string | undefined) => string | undefined;
+export declare const resolveProxyProjectRoot: (cwd: string) => string;
+export declare const ensureProxyEnvLoadedForCwd: (cwd?: string) => string;
 export declare const maybeRunProxyWatchMode: (watch: boolean | undefined) => Promise<void>;
 export {};
 //# sourceMappingURL=ProxyCommandUtils.d.ts.map

package/src/cli/commands/ProxyCommandUtils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ProxyCommandUtils.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/ProxyCommandUtils.ts"],"names":[],"mappings":"AAIA,KAAK,iBAAiB,GAAG,UAAU,GAAG,cAAc,CAAC;AAErD,eAAO,MAAM,cAAc,GACzB,KAAK,MAAM,GAAG,SAAS,EACvB,MAAM,MAAM,EACZ,cAAa,iBAA8B,KAC1C,MAAM,GAAG,SAeX,CAAC;AAEF,eAAO,MAAM,UAAU,GAAI,OAAO,MAAM,GAAG,SAAS,KAAG,MAAM,GAAG,SAA0B,CAAC;AAU3F,eAAO,MAAM,sBAAsB,GAAU,OAAO,OAAO,GAAG,SAAS,KAAG,OAAO,CAAC,IAAI,CAerF,CAAC"}
+{"version":3,"file":"ProxyCommandUtils.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/ProxyCommandUtils.ts"],"names":[],"mappings":"AAMA,KAAK,iBAAiB,GAAG,UAAU,GAAG,cAAc,CAAC;AAErD,eAAO,MAAM,cAAc,GACzB,KAAK,MAAM,GAAG,SAAS,EACvB,MAAM,MAAM,EACZ,cAAa,iBAA8B,KAC1C,MAAM,GAAG,SAeX,CAAC;AAEF,eAAO,MAAM,UAAU,GAAI,OAAO,MAAM,GAAG,SAAS,KAAG,MAAM,GAAG,SAA0B,CAAC;AAc3F,eAAO,MAAM,uBAAuB,GAAI,KAAK,MAAM,KAAG,MAErD,CAAC;AAEF,eAAO,MAAM,0BAA0B,GAAI,MAAK,MAAsB,KAAG,MAUxE,CAAC;AAUF,eAAO,MAAM,sBAAsB,GAAU,OAAO,OAAO,GAAG,SAAS,KAAG,OAAO,CAAC,IAAI,CAerF,CAAC"}

package/src/cli/commands/ProxyCommandUtils.js

@@ -1,5 +1,7 @@
+import { EnvFileLoader } from '../utils/EnvFileLoader.js';
 import { SpawnUtil } from '../utils/spawn.js';
 import { ErrorFactory } from '../../exceptions/ZintrustError.js';
+import { existsSync } from '../../node-singletons/fs.js';
 import * as path from '../../node-singletons/path.js';
 export const parseIntOption = (raw, name, expectation = 'positive') => {
     if (raw === undefined)
@@ -15,6 +17,29 @@ export const parseIntOption = (raw, name, expectation = 'positive') => {
     return parsed;
 };
 export const trimOption = (value) => value?.trim();
+const findNearestPackageJsonDir = (cwd) => {
+    let current = cwd;
+    while (true) {
+        if (existsSync(path.join(current, 'package.json')))
+            return current;
+        const parent = path.dirname(current);
+        if (parent === current)
+            return undefined;
+        current = parent;
+    }
+};
+export const resolveProxyProjectRoot = (cwd) => {
+    return findNearestPackageJsonDir(cwd) ?? cwd;
+};
+export const ensureProxyEnvLoadedForCwd = (cwd = process.cwd()) => {
+    const projectRoot = resolveProxyProjectRoot(cwd);
+    EnvFileLoader.ensureLoaded({
+        cwd: projectRoot,
+        includeCwd: true,
+        ...(cwd === projectRoot ? {} : { extraCwds: [cwd] }),
+    });
+    return projectRoot;
+};
 const isWatchChild = () => process.env['ZINTRUST_PROXY_WATCH_CHILD'] === '1';
 const buildWatchArgs = () => {
     const rawArgs = process.argv.slice(2);

package/src/cli/commands/RedisProxyCommand.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"RedisProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/RedisProxyCommand.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAkB,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAmDrE,eAAO,MAAM,iBAAiB;cAClB,YAAY;EAoCtB,CAAC;AAEH,eAAe,iBAAiB,CAAC"}
+{"version":3,"file":"RedisProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/RedisProxyCommand.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAkB,YAAY,EAAE,MAAM,kBAAkB,CAAC;AA0DrE,eAAO,MAAM,iBAAiB;cAClB,YAAY;EAoCtB,CAAC;AAEH,eAAe,iBAAiB,CAAC"}

package/src/cli/commands/RedisProxyCommand.js

@@ -1,8 +1,9 @@
 import { BaseCommand } from '../BaseCommand.js';
-import { maybeRunProxyWatchMode, parseIntOption, trimOption, } from '../commands/ProxyCommandUtils.js';
+import { ensureProxyEnvLoadedForCwd, maybeRunProxyWatchMode, parseIntOption, trimOption, } from '../commands/ProxyCommandUtils.js';
 import { Env } from '../../config/env.js';
 import { RedisProxyServer } from '../../proxy/redis/RedisProxyServer.js';
 const addOptions = (command) => {
+    ensureProxyEnvLoadedForCwd();
     command.option('--host <host>', 'Host to bind', Env.get('REDIS_PROXY_HOST', '127.0.0.1'));
     command.option('--port <port>', 'Port to bind', String(Env.getInt('REDIS_PROXY_PORT', 8791)));
     command.option('--max-body-bytes <bytes>', 'Max request size in bytes', String(Env.getInt('REDIS_PROXY_MAX_BODY_BYTES', 131072)));
@@ -11,7 +12,7 @@ const addOptions = (command) => {
     command.option('--redis-port <port>', 'Redis port');
     command.option('--redis-password <password>', 'Redis password');
     command.option('--redis-db <db>', 'Redis database');
-    command.option('--require-signing', 'Require signed requests', Env.REDIS_PROXY_REQUIRE_SIGNING);
+    command.option('--require-signing', 'Require signed requests', Env.getBool('REDIS_PROXY_REQUIRE_SIGNING', true));
     command.option('--key-id <id>', 'Signing key id', Env.get('REDIS_PROXY_KEY_ID', ''));
     command.option('--secret <secret>', 'Signing secret', Env.get('REDIS_PROXY_SECRET', ''));
     command.option('--signing-window-ms <ms>', 'Signing time window in ms', String(Env.getInt('REDIS_PROXY_SIGNING_WINDOW_MS', 60000)));

package/src/cli/commands/SmtpProxyCommand.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SmtpProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/SmtpProxyCommand.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAkB,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAyDrE,eAAO,MAAM,gBAAgB;cACjB,YAAY;EAsCtB,CAAC;AAEH,eAAe,gBAAgB,CAAC"}
+{"version":3,"file":"SmtpProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/SmtpProxyCommand.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAkB,YAAY,EAAE,MAAM,kBAAkB,CAAC;AA4DrE,eAAO,MAAM,gBAAgB;cACjB,YAAY;EAsCtB,CAAC;AAEH,eAAe,gBAAgB,CAAC"}

package/src/cli/commands/SmtpProxyCommand.js

@@ -1,8 +1,9 @@
 import { BaseCommand } from '../BaseCommand.js';
-import { maybeRunProxyWatchMode, parseIntOption, trimOption, } from '../commands/ProxyCommandUtils.js';
+import { ensureProxyEnvLoadedForCwd, maybeRunProxyWatchMode, parseIntOption, trimOption, } from '../commands/ProxyCommandUtils.js';
 import { Env } from '../../config/env.js';
 import { SmtpProxyServer } from '../../proxy/smtp/SmtpProxyServer.js';
 const addOptions = (command) => {
+    ensureProxyEnvLoadedForCwd();
     command.option('--host <host>', 'Host to bind', Env.get('SMTP_PROXY_HOST', '127.0.0.1'));
     command.option('--port <port>', 'Port to bind', String(Env.getInt('SMTP_PROXY_PORT', 8794)));
     command.option('--max-body-bytes <bytes>', 'Max request size in bytes', String(Env.getInt('SMTP_PROXY_MAX_BODY_BYTES', 131072)));

package/src/cli/commands/SqlServerProxyCommand.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SqlServerProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/SqlServerProxyCommand.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AA2DpC,eAAO,MAAM,qBAAqB;cACtB,OAAO;EAsEjB,CAAC"}
+{"version":3,"file":"SqlServerProxyCommand.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/SqlServerProxyCommand.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AA2DpC,eAAO,MAAM,qBAAqB;cACtB,OAAO;EAwEjB,CAAC"}

package/src/cli/commands/SqlServerProxyCommand.js

@@ -1,4 +1,5 @@
 import { Env } from '../../config/env.js';
+import { ensureProxyEnvLoadedForCwd } from '../commands/ProxyCommandUtils.js';
 import { Logger } from '../../config/logger.js';
 import { Command } from 'commander';
 const startWatchMode = async (options) => {
@@ -39,6 +40,7 @@ export const SqlServerProxyCommand = Object.freeze({
         const cmd = new Command('proxy:sqlserver');
         cmd.description('Start SQL Server HTTP proxy server');
         const configureOptions = () => {
+            ensureProxyEnvLoadedForCwd();
             cmd.option('--host <host>', 'Proxy host', Env.get('SQLSERVER_PROXY_HOST', '127.0.0.1'));
             cmd.option('--port <port>', 'Proxy port', String(Env.getInt('SQLSERVER_PROXY_PORT', 8793)));
             cmd.option('--db-host <host>', 'SQL Server host', Env.get('DB_HOST_MSSQL', '127.0.0.1'));
@@ -49,7 +51,7 @@ export const SqlServerProxyCommand = Object.freeze({
             cmd.option('--connection-limit <limit>', 'Connection pool limit', String(Env.getInt('SQLSERVER_PROXY_POOL_LIMIT', 10)));
             cmd.option('--key-id <keyId>', 'Signing key ID', Env.get('SQLSERVER_PROXY_KEY_ID', 'default'));
             cmd.option('--secret <secret>', 'Signing secret', Env.get('SQLSERVER_PROXY_SECRET', ''));
-            cmd.option('--require-signing', 'Require request signing', Env.SQLSERVER_PROXY_REQUIRE_SIGNING);
+            cmd.option('--require-signing', 'Require request signing', Env.getBool('SQLSERVER_PROXY_REQUIRE_SIGNING', true));
             cmd.option('--signing-window-ms <ms>', 'Signing window in milliseconds', String(Env.getInt('SQLSERVER_PROXY_SIGNING_WINDOW_MS', 60000)));
             cmd.option('--watch', 'Watch mode: restart on file changes');
         };

package/src/cli/commands/WranglerProxyCommandUtils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"WranglerProxyCommandUtils.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/WranglerProxyCommandUtils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAerE,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEzC,MAAM,MAAM,2BAA2B,GAAG,cAAc,GAAG;IACzD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,KAAK,+BAA+B,CAAC,OAAO,EAAE,QAAQ,SAAS,2BAA2B,IAAI;IAC5F,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,IAAI,CAAC;IACvC,aAAa,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,EAAE,OAAO,EAAE,QAAQ,KAAK,OAAO,CAAC;IAC3E,cAAc,EAAE,CAAC,MAAM,EAAE,OAAO,KAAK,MAAM,CAAC;IAC5C,mBAAmB,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,KAAK,IAAI,CAAC;CACjD,CAAC;AAEF,eAAO,MAAM,2BAA2B,GAAI,SAAS,OAAO,EAAE,eAAe,MAAM,KAAG,IAIrF,CAAC;AA0BF,eAAO,MAAM,0BAA0B,GAAI,OAAO,EAAE,QAAQ,SAAS,2BAA2B,EAC9F,OAAO,+BAA+B,CAAC,OAAO,EAAE,QAAQ,CAAC,KACxD,YAsFF,CAAC"}
+{"version":3,"file":"WranglerProxyCommandUtils.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/WranglerProxyCommandUtils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAkBrE,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEzC,MAAM,MAAM,2BAA2B,GAAG,cAAc,GAAG;IACzD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,KAAK,+BAA+B,CAAC,OAAO,EAAE,QAAQ,SAAS,2BAA2B,IAAI;IAC5F,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,IAAI,CAAC;IACvC,aAAa,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,EAAE,OAAO,EAAE,QAAQ,KAAK,OAAO,CAAC;IAC3E,cAAc,EAAE,CAAC,MAAM,EAAE,OAAO,KAAK,MAAM,CAAC;IAC5C,mBAAmB,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,KAAK,IAAI,CAAC;CACjD,CAAC;AAEF,eAAO,MAAM,2BAA2B,GAAI,SAAS,OAAO,EAAE,eAAe,MAAM,KAAG,IAIrF,CAAC;AAMF,eAAO,MAAM,0BAA0B,GAAI,OAAO,EAAE,QAAQ,SAAS,2BAA2B,EAC9F,OAAO,+BAA+B,CAAC,OAAO,EAAE,QAAQ,CAAC,KACxD,YAoFF,CAAC"}

package/src/cli/commands/WranglerProxyCommandUtils.js

@@ -1,37 +1,18 @@
 import { BaseCommand } from '../BaseCommand.js';
 import { withWranglerDevVarsSnapshot } from '../cloudflare/CloudflareWranglerDevEnv.js';
-import { maybeRunProxyWatchMode, parseIntOption } from '../commands/ProxyCommandUtils.js';
+import { ensureProxyEnvLoadedForCwd, maybeRunProxyWatchMode, parseIntOption, } from '../commands/ProxyCommandUtils.js';
 import { ensureProxyEntrypoint, ensureWranglerConfig, renderProxyWranglerDevConfig, resolveConfigPath, } from '../commands/ProxyScaffoldUtils.js';
-import { EnvFileLoader } from '../utils/EnvFileLoader.js';
 import { SpawnUtil } from '../utils/spawn.js';
 import { Logger } from '../../config/logger.js';
-import { existsSync, mkdirSync, writeFileSync } from '../../node-singletons/fs.js';
+import { mkdirSync, writeFileSync } from '../../node-singletons/fs.js';
 import { dirname, join } from '../../node-singletons/path.js';
 export const addWranglerProxyBaseOptions = (command, defaultConfig) => {
     command.option('-c, --config <path>', 'Wrangler config file', defaultConfig);
     command.option('--port <port>', 'Local Wrangler dev port');
     command.option('--watch', 'Auto-restart proxy on file changes');
 };
-const findNearestPackageJsonDir = (cwd) => {
-    let current = cwd;
-    while (true) {
-        if (existsSync(join(current, 'package.json')))
-            return current;
-        const parent = dirname(current);
-        if (parent === current)
-            return undefined;
-        current = parent;
-    }
-};
-const resolveProxyProjectRoot = (cwd) => {
-    return findNearestPackageJsonDir(cwd) ?? cwd;
-};
-const ensureProxyEnvLoaded = (cwd, projectRoot) => {
-    EnvFileLoader.ensureLoaded({
-        cwd: projectRoot,
-        includeCwd: true,
-        ...(cwd === projectRoot ? {} : { extraCwds: [cwd] }),
-    });
+const toRootedProxyConfigContent = (content) => {
+    return content.replaceAll('": "../../', '": "./');
 };
 export const createWranglerProxyCommand = (input) => {
     return BaseCommand.create({
@@ -44,8 +25,7 @@ export const createWranglerProxyCommand = (input) => {
             await maybeRunProxyWatchMode(typedOptions.watch);
             const port = parseIntOption(typedOptions.port, 'port');
             const cwd = process.cwd();
-            const projectRoot = resolveProxyProjectRoot(cwd);
-            ensureProxyEnvLoaded(cwd, projectRoot);
+            const projectRoot = ensureProxyEnvLoadedForCwd(cwd);
             const entrypoint = ensureProxyEntrypoint({
                 cwd,
                 entryFile: input.entryFile,
@@ -72,24 +52,23 @@ export const createWranglerProxyCommand = (input) => {
             }
             input.afterConfigResolved?.(result.values);
             const proxyConfigContent = renderProxyWranglerDevConfig(result.content, input.envName);
-            const proxyConfigDir = join(cwd, '.wrangler', 'tmp');
-            const proxyConfigPath = join(proxyConfigDir, `zin.proxy.${input.envName}.jsonc`);
+            const proxyConfigDir = cwd;
+            const proxyConfigPath = join(proxyConfigDir, `.zin.proxy.${input.envName}.jsonc`);
             if (proxyConfigContent !== undefined) {
                 mkdirSync(proxyConfigDir, { recursive: true });
-                writeFileSync(proxyConfigPath, proxyConfigContent, 'utf-8');
+                writeFileSync(proxyConfigPath, toRootedProxyConfigContent(proxyConfigContent), 'utf-8');
             }
-            const args = [
-                'dev',
-                '--config',
-                proxyConfigContent === undefined ? configPath : proxyConfigPath,
-            ];
+            const wranglerRunConfigPath = proxyConfigContent === undefined ? configPath : proxyConfigPath;
+            const wranglerDevVarsCwd = proxyConfigContent === undefined ? cwd : dirname(proxyConfigPath);
+            const wranglerDevVarsEnvName = proxyConfigContent === undefined ? input.envName : '';
+            const args = ['dev', '--config', wranglerRunConfigPath];
             if (port !== undefined) {
                 args.push('--port', String(port));
             }
             const exitCode = await withWranglerDevVarsSnapshot({
-                cwd,
+                cwd: wranglerDevVarsCwd,
                 projectRoot,
-                envName: input.envName,
+                envName: wranglerDevVarsEnvName,
                 configPath,
                 runtimeEnv: process.env,
             }, async () => {

package/src/index.js

@@ -1,11 +1,11 @@
 /**
- * @zintrust/core v0.4.80
+ * @zintrust/core v0.4.81
  *
  * ZinTrust Framework - Production-Grade TypeScript Backend
  * Built for performance, type safety, and exceptional developer experience
  *
  * Build Information:
- *   Built: 2026-04-08T12:38:34.978Z
+ *   Built: 2026-04-08T13:57:15.723Z
  *   Node: >=20.0.0
  *   License: MIT
  *
@@ -21,7 +21,7 @@
  * Available at runtime for debugging and health checks
  */
 export const ZINTRUST_VERSION = '0.1.41';
-export const ZINTRUST_BUILD_DATE = '2026-04-08T12:38:34.943Z'; // Replaced during build
+export const ZINTRUST_BUILD_DATE = '2026-04-08T13:57:15.665Z'; // Replaced during build
 export { Application } from './boot/Application.js';
 export { AwsSigV4 } from './common/index.js';
 export { SignedRequest } from './security/SignedRequest.js';