@zintrust/core 0.9.6 → 1.5.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zintrust/core",
-  "version": "0.9.6",
+  "version": "1.5.0",
   "description": "Production-grade TypeScript backend framework for JavaScript",
   "homepage": "https://zintrust.com",
   "repository": {
@@ -73,9 +73,9 @@
     "axios": "^1.15.0",
     "@eslint/plugin-kit": "^0.7.1",
     "follow-redirects": "^1.16.0",
-    "@tootallnate/once": "^3.0.1",
+    "@tootallnate/once": "3.0.1",
     "node-forge": "^1.4.0",
-    "fast-xml-parser": "^5.7.1",
+    "fast-xml-parser": "5.7.1",
     "brace-expansion": "^5.0.5",
     "picomatch": "^4.0.4",
     "cross-spawn": "^7.0.5",
@@ -84,7 +84,7 @@
     "rollup": "^4.59.0",
     "vite": "^8.0.5",
     "flatted": "^3.4.2",
-    "uuid": "^14.0.0",
+    "uuid": "14.0.0",
     "@actions/github": {
       "undici": "^6.24.0"
     },
@@ -94,24 +94,10 @@
     "miniflare": {
       "undici": "^7.24.4"
     },
-    "@aws-sdk/xml-builder": {
-      "fast-xml-parser": "^5.7.1"
-    },
-    "@aws-sdk/xml-builder@3.972.18": {
-      "fast-xml-parser": "^5.7.1"
-    },
-    "@google-cloud/storage": {
-      "uuid": "^14.0.0"
-    },
-    "@google-cloud/storage@7.19.0": {
-      "uuid": "^14.0.0"
-    },
-    "gaxios": {
-      "uuid": "^14.0.0"
-    },
-    "teeny-request": {
-      "uuid": "^14.0.0"
-    }
+    "http-proxy-agent": "7.0.2",
+    "retry-request": "8.0.2",
+    "gaxios": "7.1.4",
+    "teeny-request": "10.1.2"
   },
   "bin": {
     "zintrust": "bin/zintrust.js",

package/src/cli/commands/EnvKeyGenerateCommand.js

@@ -78,7 +78,7 @@ export const EnvKeyGenerateCommand = Object.freeze({
                     }
                     envContent = upsertEnvValue(envContent, envKey, key);
                     await fs.writeFile(envPath, envContent);
-                    Logger.info(`${envKey} set successfully. [${key}]`);
+                    Logger.info(`${envKey} set successfully.`);
                 }
                 catch (error) {
                     Logger.error(`Failed to update ${envKey} in .env`, error);

package/src/cli/scaffolding/GovernanceScaffolder.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"GovernanceScaffolder.d.ts","sourceRoot":"","sources":["../../../../src/cli/scaffolding/GovernanceScaffolder.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAwBH,MAAM,MAAM,yBAAyB,GAAG,QAAQ,CAAC;IAC/C,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,CAAC,CAAC;AAEH,MAAM,MAAM,wBAAwB,GAAG,QAAQ,CAAC;IAC9C,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC,CAAC;AAiUH,eAAO,MAAM,oBAAoB;0BAEhB,MAAM,YACV,yBAAyB,GACjC,OAAO,CAAC,wBAAwB,CAAC;EA+DpC,CAAC;AAEH,eAAe,oBAAoB,CAAC"}
+{"version":3,"file":"GovernanceScaffolder.d.ts","sourceRoot":"","sources":["../../../../src/cli/scaffolding/GovernanceScaffolder.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAoBH,MAAM,MAAM,yBAAyB,GAAG,QAAQ,CAAC;IAC/C,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,CAAC,CAAC;AAEH,MAAM,MAAM,wBAAwB,GAAG,QAAQ,CAAC;IAC9C,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC,CAAC;AAkSH,eAAO,MAAM,oBAAoB;0BAEhB,MAAM,YACV,yBAAyB,GACjC,OAAO,CAAC,wBAAwB,CAAC;EA+DpC,CAAC;AAEH,eAAe,oBAAoB,CAAC"}

package/src/cli/scaffolding/GovernanceScaffolder.js

@@ -6,8 +6,7 @@
  * - Architecture tests (Vitest)
  */
 import { FileGenerator } from '../scaffolding/FileGenerator.js';
-import { extractMajorMinorVersion, toCompatibleGovernanceVersion, } from '../scaffolding/ScaffoldingVersionUtils.js';
-import { VersionChecker } from '../services/VersionChecker.js';
+import { PINNED_GOVERNANCE_SCAFFOLDER_VERSION } from '../scaffolding/ScaffoldingVersionUtils.js';
 import { SpawnUtil } from '../utils/spawn.js';
 import { resolvePackageManager } from '../../common/index.js';
 import { Logger } from '../../config/logger.js';
@@ -51,41 +50,13 @@ const ensureDevDependency = (devDependencies, name, version) => {
         devDependencies[name] = version;
     }
 };
-const getBundledGovernanceVersion = () => {
-    try {
-        const pkgUrl = new URL('../../../packages/governance/package.json', import.meta.url);
-        const raw = FileGenerator.readFile(pkgUrl.toString());
-        const parsed = JSON.parse(raw);
-        return typeof parsed.version === 'string' && parsed.version.trim() !== ''
-            ? toCompatibleGovernanceVersion(parsed.version)
-            : undefined;
-    }
-    catch {
-        return undefined;
-    }
-};
 const inferGovernanceVersion = (pkg) => {
     const devDeps = getStringRecord(pkg.devDependencies);
     const existingGovernance = devDeps?.['@zintrust/governance'];
     if (typeof existingGovernance === 'string' && existingGovernance.trim() !== '') {
         return existingGovernance;
     }
-    const deps = getStringRecord(pkg.dependencies);
-    const core = deps?.['@zintrust/core'];
-    const bundledGovernanceVersion = getBundledGovernanceVersion();
-    if (typeof core === 'string' && core.trim() !== '') {
-        if (bundledGovernanceVersion !== undefined) {
-            return bundledGovernanceVersion;
-        }
-        if (extractMajorMinorVersion(core) !== undefined) {
-            return toCompatibleGovernanceVersion(core);
-        }
-    }
-    const currentVersion = VersionChecker.getCurrentVersion().trim();
-    if (currentVersion !== '' && currentVersion !== '0.0.0') {
-        return bundledGovernanceVersion ?? toCompatibleGovernanceVersion(currentVersion);
-    }
-    return bundledGovernanceVersion ?? '^0.4.0';
+    return PINNED_GOVERNANCE_SCAFFOLDER_VERSION;
 };
 const writeEslintConfig = (projectRoot) => {
     const eslintConfigPath = path.join(projectRoot, 'eslint.config.mjs');
@@ -159,7 +130,7 @@ const extractImportSpecifiers = (source: string, filePath: string): ImportHit[]
   const visit = (node: ts.Node) => {
     if (ts.isImportDeclaration(node) || ts.isExportDeclaration(node)) {
       const moduleSpecifier = node.moduleSpecifier;
-      if (moduleSpecifier && ts.isStringLiteral(moduleSpecifier)) {
+      // extractMajorMinorVersion,
         addHit(moduleSpecifier.text, moduleSpecifier.getStart(sourceFile));
       }
     }

package/src/cli/scaffolding/ProjectScaffolder.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ProjectScaffolder.d.ts","sourceRoot":"","sources":["../../../../src/cli/scaffolding/ProjectScaffolder.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAiBH,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,MAAM,cAAc,GAAG,sBAAsB,CAAC;AAEpD,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC/B;AAED,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,KAAK,CAAC;CACf;AAED,MAAM,WAAW,kBAAkB;IACjC,cAAc,CAAC,OAAO,EAAE,sBAAsB,GAAG,IAAI,CAAC;IACtD,YAAY,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACxC,eAAe,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS,CAAC;IACpE,cAAc,IAAI,MAAM,CAAC;IACzB,sBAAsB,IAAI,OAAO,CAAC;IAClC,iBAAiB,IAAI,MAAM,CAAC;IAC5B,WAAW,CAAC,OAAO,CAAC,EAAE,sBAAsB,GAAG,MAAM,CAAC;IACtD,gBAAgB,IAAI,OAAO,CAAC;IAC5B,aAAa,IAAI,OAAO,CAAC;IACzB,QAAQ,CAAC,OAAO,EAAE,sBAAsB,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAC;CAC3E;AA+lBD,wBAAgB,qBAAqB,IAAI,MAAM,EAAE,CAEhD;AAED,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS,CAsBrE;AAED,wBAAgB,eAAe,CAAC,OAAO,EAAE,sBAAsB,GAAG;IAChE,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB,CAsBA;AAwJD;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,WAAW,GAAE,MAAsB,GAAG,kBAAkB,CAsB/F;AAED,wBAAsB,eAAe,CACnC,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,sBAAsB,GAC9B,OAAO,CAAC,qBAAqB,CAAC,CAEhC;AAED;;GAEG;AACH,eAAO,MAAM,iBAAiB;;;;;;EAM5B,CAAC"}
+{"version":3,"file":"ProjectScaffolder.d.ts","sourceRoot":"","sources":["../../../../src/cli/scaffolding/ProjectScaffolder.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAcH,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,MAAM,cAAc,GAAG,sBAAsB,CAAC;AAEpD,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC/B;AAED,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,KAAK,CAAC;CACf;AAED,MAAM,WAAW,kBAAkB;IACjC,cAAc,CAAC,OAAO,EAAE,sBAAsB,GAAG,IAAI,CAAC;IACtD,YAAY,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACxC,eAAe,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS,CAAC;IACpE,cAAc,IAAI,MAAM,CAAC;IACzB,sBAAsB,IAAI,OAAO,CAAC;IAClC,iBAAiB,IAAI,MAAM,CAAC;IAC5B,WAAW,CAAC,OAAO,CAAC,EAAE,sBAAsB,GAAG,MAAM,CAAC;IACtD,gBAAgB,IAAI,OAAO,CAAC;IAC5B,aAAa,IAAI,OAAO,CAAC;IACzB,QAAQ,CAAC,OAAO,EAAE,sBAAsB,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAC;CAC3E;AA8iBD,wBAAgB,qBAAqB,IAAI,MAAM,EAAE,CAEhD;AAED,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS,CAsBrE;AAED,wBAAgB,eAAe,CAAC,OAAO,EAAE,sBAAsB,GAAG;IAChE,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB,CAsBA;AAwJD;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,WAAW,GAAE,MAAsB,GAAG,kBAAkB,CAsB/F;AAED,wBAAsB,eAAe,CACnC,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,sBAAsB,GAC9B,OAAO,CAAC,qBAAqB,CAAC,CAEhC;AAED;;GAEG;AACH,eAAO,MAAM,iBAAiB;;;;;;EAM5B,CAAC"}

package/src/cli/scaffolding/ProjectScaffolder.js

@@ -4,7 +4,7 @@
  */
 import { EnvFileBackfill } from '../env/EnvFileBackfill.js';
 import { EnvData } from '../scaffolding/env.js';
-import { extractMajorMinorVersion, toCompatibleGovernanceVersion, } from '../scaffolding/ScaffoldingVersionUtils.js';
+import { PINNED_GOVERNANCE_SCAFFOLDER_VERSION } from '../scaffolding/ScaffoldingVersionUtils.js';
 import { Logger } from '../../config/logger.js';
 import { ErrorFactory } from '../../exceptions/ZintrustError.js';
 import { isNonEmptyString } from '../../helper/index.js';
@@ -13,15 +13,6 @@ import fs from '../../node-singletons/fs.js';
 import * as path from '../../node-singletons/path.js';
 import { fileURLToPath } from '../../node-singletons/url.js';
 import { execFileSync } from 'node:child_process';
-const readBundledGovernancePackage = () => {
-    try {
-        const packageUrl = new URL('../../../packages/governance/package.json', import.meta.url);
-        return JSON.parse(fs.readFileSync(packageUrl, 'utf-8'));
-    }
-    catch {
-        return undefined;
-    }
-};
 const SAFE_PATH = '/usr/local/bin:/usr/bin:/bin';
 const NPM_VIEW_TIMEOUT_MS = 1500;
 const publishedVersionCache = new Map();
@@ -78,22 +69,6 @@ const loadPublishedNpmVersion = (packageName) => {
         return undefined;
     }
 };
-const loadBundledPublishedCoreVersion = () => {
-    const bundledGovernancePackage = readBundledGovernancePackage();
-    const peerDependencies = bundledGovernancePackage?.peerDependencies;
-    if (typeof peerDependencies !== 'object' || peerDependencies === null) {
-        return undefined;
-    }
-    const corePeerRange = peerDependencies['@zintrust/core'];
-    if (typeof corePeerRange !== 'string' || corePeerRange.trim() === '') {
-        return undefined;
-    }
-    const publishedLineVersion = extractMajorMinorVersion(corePeerRange);
-    if (publishedLineVersion === undefined) {
-        return '0.9.2';
-    }
-    return `${publishedLineVersion.major}.${publishedLineVersion.minor}.2`;
-};
 const toCompatibleCoreDependencyRange = (version) => `^${version}`;
 const loadScaffoldCoreVersion = () => {
     const publishedVersion = loadPublishedNpmVersion('@zintrust/core');
@@ -102,17 +77,6 @@ const loadScaffoldCoreVersion = () => {
     }
     return '*';
 };
-const loadGovernanceVersion = () => {
-    const publishedVersion = loadPublishedNpmVersion('@zintrust/governance');
-    if (typeof publishedVersion === 'string') {
-        return publishedVersion;
-    }
-    const bundledPublishedCoreVersion = loadBundledPublishedCoreVersion();
-    if (typeof bundledPublishedCoreVersion === 'string') {
-        return bundledPublishedCoreVersion;
-    }
-    return '0.9.2';
-};
 const createDirectories = (projectPath, directories) => {
     let count = 0;
     if (!fs.existsSync(projectPath)) {
@@ -569,7 +533,7 @@ const prepareContext = (state, options) => {
         .slice(0, 14);
     state.variables = {
         coreVersion: loadScaffoldCoreVersion(),
-        governanceVersion: toCompatibleGovernanceVersion(loadGovernanceVersion()),
+        governanceVersion: PINNED_GOVERNANCE_SCAFFOLDER_VERSION,
         projectName: options.name,
         projectSlug: options.name,
         author: options.author ?? 'Your Name',

package/src/cli/scaffolding/ScaffoldingVersionUtils.d.ts

@@ -2,5 +2,6 @@ export declare const extractMajorMinorVersion: (value: string) => {
     major: string;
     minor: string;
 } | undefined;
+export declare const PINNED_GOVERNANCE_SCAFFOLDER_VERSION = "^1.2.0";
 export declare const toCompatibleGovernanceVersion: (value: string, fallback?: string) => string;
 //# sourceMappingURL=ScaffoldingVersionUtils.d.ts.map

package/src/cli/scaffolding/ScaffoldingVersionUtils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ScaffoldingVersionUtils.d.ts","sourceRoot":"","sources":["../../../../src/cli/scaffolding/ScaffoldingVersionUtils.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,wBAAwB,GACnC,OAAO,MAAM,KACZ;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,SA6BrC,CAAC;AAEF,eAAO,MAAM,6BAA6B,GAAI,OAAO,MAAM,EAAE,iBAAmB,KAAG,MAKlF,CAAC"}
+{"version":3,"file":"ScaffoldingVersionUtils.d.ts","sourceRoot":"","sources":["../../../../src/cli/scaffolding/ScaffoldingVersionUtils.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,wBAAwB,GACnC,OAAO,MAAM,KACZ;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,SA6BrC,CAAC;AAEF,eAAO,MAAM,oCAAoC,WAAW,CAAC;AAE7D,eAAO,MAAM,6BAA6B,GAAI,OAAO,MAAM,EAAE,iBAAmB,KAAG,MAKlF,CAAC"}

package/src/cli/scaffolding/ScaffoldingVersionUtils.js

@@ -26,6 +26,7 @@ export const extractMajorMinorVersion = (value) => {
         return undefined;
     return { major, minor };
 };
+export const PINNED_GOVERNANCE_SCAFFOLDER_VERSION = '^1.2.0';
 export const toCompatibleGovernanceVersion = (value, fallback = '^1.0.0') => {
     const parsed = extractMajorMinorVersion(value);
     if (parsed === undefined)

package/src/index.js

@@ -1,11 +1,11 @@
 /**
- * @zintrust/core v0.9.6
+ * @zintrust/core v1.5.0
  *
  * ZinTrust Framework - Production-Grade TypeScript Backend
  * Built for performance, type safety, and exceptional developer experience
  *
  * Build Information:
- *   Built: 2026-04-23T13:47:55.338Z
+ *   Built: 2026-04-24T13:03:41.812Z
  *   Node: >=20.0.0
  *   License: MIT
  *
@@ -21,7 +21,7 @@
  * Available at runtime for debugging and health checks
  */
 export const ZINTRUST_VERSION = '0.1.41';
-export const ZINTRUST_BUILD_DATE = '2026-04-23T13:47:55.277Z'; // Replaced during build
+export const ZINTRUST_BUILD_DATE = '2026-04-24T13:03:41.779Z'; // Replaced during build
 export { Application } from './boot/Application.js';
 export { AwsSigV4 } from './common/index.js';
 export { SignedRequest } from './security/SignedRequest.js';

package/src/templates/project/basic/routes/storage.ts.tpl

@@ -8,6 +8,31 @@ import {
 } from '@zintrust/core';
 
 export function registerStorageRoutes(router: IRouter): void {
+  // Public file serving: /storage/<path>
+  Router.get(router, '/storage/:path*', async (req, res) => {
+    const raw = req.getParam('path') ?? '';
+    const key = typeof raw === 'string' ? decodeURIComponent(raw).replaceAll('\\\u005C', '/') : '';
+
+    if (key.trim() === '') {
+      res.setStatus(400).json({ message: 'Missing path' });
+      return;
+    }
+
+    // Respect private folder convention: do not expose keys under `private/`
+    if (key.startsWith('private/') || key === 'private') {
+      res.setStatus(404).json({ message: 'Not Found' });
+      return;
+    }
+
+    try {
+      const contents = await Storage.get('local', key);
+      res.setHeader(HTTP_HEADERS.CONTENT_TYPE, 'application/octet-stream');
+      res.setStatus(200).send(contents);
+    } catch {
+      res.setStatus(404).json({ message: 'Not Found' });
+    }
+  });
+
   Router.get(router, '/storage/download', async (req, res) => {
     const tokenRaw = req.getQueryParam('token');
     const token = typeof tokenRaw === 'string' ? tokenRaw : '';

package/src/tools/http/Http.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"Http.d.ts","sourceRoot":"","sources":["../../../../src/tools/http/Http.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAQH,OAAO,EAAsB,KAAK,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAElF,YAAY,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAE9D,MAAM,MAAM,eAAe,GACvB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACvB,MAAM,GACN,WAAW,GACX,eAAe,GACf,IAAI,GACJ,QAAQ,GACR,eAAe,CAAC;AAEpB,MAAM,MAAM,qBAAqB,GAAG,QAAQ,CAAC;IAC3C,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,CAAC,IAAI,EAAE,eAAe,GAAG,IAAI,GAAG,SAAS,KAAK,aAAa,GAAG,IAAI,GAAG,SAAS,CAAC;CAChG,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,YAAY,CAAC;IACtD,WAAW,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,YAAY,CAAC;IAC3D,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,QAAQ,GAAG,OAAO,GAAG,YAAY,CAAC;IACnE,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,YAAY,CAAC;IAChE,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,YAAY,CAAC;IACtC,MAAM,IAAI,YAAY,CAAC;IACvB,MAAM,IAAI,YAAY,CAAC;IACvB,QAAQ,CAAC,IAAI,EAAE,qBAAqB,GAAG,YAAY,CAAC;IACpD,IAAI,IAAI,OAAO,CAAC,aAAa,CAAC,CAAC;IAC/B,OAAO,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC7B,UAAU,IAAI,OAAO,CAAC;QAAE,QAAQ,EAAE,QAAQ,CAAC;QAAC,MAAM,EAAE,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAA;KAAE,CAAC,CAAC;CAC1F;AAED;;GAEG;AACH,KAAK,aAAa,GAAG,WAAW,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC;AAuXtD;;GAEG;AACH,eAAO,MAAM,UAAU;IACrB;;OAEG;aACM,MAAM,GAAG,YAAY;IAI9B;;OAEG;cACO,MAAM,SAAS,eAAe,GAAG,IAAI,GAAG,YAAY;IAQ9D;;OAEG;aACM,MAAM,SAAS,eAAe,GAAG,IAAI,GAAG,YAAY;IAQ7D;;OAEG;eACQ,MAAM,SAAS,eAAe,GAAG,IAAI,GAAG,YAAY;IAQ/D;;OAEG;gBACS,MAAM,SAAS,eAAe,GAAG,IAAI,GAAG,YAAY;EAOhE,CAAC;AAEH,eAAe,UAAU,CAAC"}
+{"version":3,"file":"Http.d.ts","sourceRoot":"","sources":["../../../../src/tools/http/Http.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAQH,OAAO,EAAsB,KAAK,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAElF,YAAY,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAE9D,MAAM,MAAM,eAAe,GACvB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACvB,MAAM,GACN,WAAW,GACX,eAAe,GACf,IAAI,GACJ,QAAQ,GACR,eAAe,CAAC;AAEpB,MAAM,MAAM,qBAAqB,GAAG,QAAQ,CAAC;IAC3C,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,CAAC,IAAI,EAAE,eAAe,GAAG,IAAI,GAAG,SAAS,KAAK,aAAa,GAAG,IAAI,GAAG,SAAS,CAAC;CAChG,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,YAAY,CAAC;IACtD,WAAW,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,YAAY,CAAC;IAC3D,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,QAAQ,GAAG,OAAO,GAAG,YAAY,CAAC;IACnE,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,YAAY,CAAC;IAChE,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,YAAY,CAAC;IACtC,MAAM,IAAI,YAAY,CAAC;IACvB,MAAM,IAAI,YAAY,CAAC;IACvB,QAAQ,CAAC,IAAI,EAAE,qBAAqB,GAAG,YAAY,CAAC;IACpD,IAAI,IAAI,OAAO,CAAC,aAAa,CAAC,CAAC;IAC/B,OAAO,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC7B,UAAU,IAAI,OAAO,CAAC;QAAE,QAAQ,EAAE,QAAQ,CAAC;QAAC,MAAM,EAAE,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAA;KAAE,CAAC,CAAC;CAC1F;AAED;;GAEG;AACH,KAAK,aAAa,GAAG,WAAW,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC;AA8dtD;;GAEG;AACH,eAAO,MAAM,UAAU;IACrB;;OAEG;aACM,MAAM,GAAG,YAAY;IAI9B;;OAEG;cACO,MAAM,SAAS,eAAe,GAAG,IAAI,GAAG,YAAY;IAQ9D;;OAEG;aACM,MAAM,SAAS,eAAe,GAAG,IAAI,GAAG,YAAY;IAQ7D;;OAEG;eACQ,MAAM,SAAS,eAAe,GAAG,IAAI,GAAG,YAAY;IAQ/D;;OAEG;gBACS,MAAM,SAAS,eAAe,GAAG,IAAI,GAAG,YAAY;EAOhE,CAAC;AAEH,eAAe,UAAU,CAAC"}

package/src/tools/http/Http.js

@@ -80,6 +80,56 @@ const normalizeBodyInit = (body) => {
     }
     return body;
 };
+const hasAuthorizationHeader = (headers) => {
+    return Object.keys(headers).some((name) => name.toLowerCase() === 'authorization');
+};
+const decodeCredentialComponent = (value) => {
+    try {
+        return decodeURIComponent(value);
+    }
+    catch {
+        return value;
+    }
+};
+const encodeBase64Utf8 = (value) => {
+    if (typeof Buffer !== 'undefined') {
+        return Buffer.from(value, 'utf8').toString('base64');
+    }
+    if (typeof globalThis.btoa === 'function') {
+        const bytes = new TextEncoder().encode(value);
+        let binary = '';
+        for (const byte of bytes) {
+            binary += String.fromCodePoint(byte);
+        }
+        return globalThis.btoa(binary);
+    }
+    throw ErrorFactory.createTryCatchError('HTTP basic auth encoding is unavailable');
+};
+const normalizeCredentialUrl = (url, headers) => {
+    let parsed;
+    try {
+        parsed = new URL(url);
+    }
+    catch {
+        return { url, headers };
+    }
+    const username = parsed.username;
+    const password = parsed.password;
+    if (username === '' && password === '') {
+        return { url, headers };
+    }
+    const nextHeaders = { ...headers };
+    if (!hasAuthorizationHeader(nextHeaders)) {
+        const credentials = encodeBase64Utf8(`${decodeCredentialComponent(username)}:${decodeCredentialComponent(password)}`);
+        nextHeaders['Authorization'] = `Basic ${credentials}`;
+    }
+    parsed.username = '';
+    parsed.password = '';
+    return {
+        url: parsed.toString(),
+        headers: nextHeaders,
+    };
+};
 const serializeFormBody = (body) => {
     if (body === null || body === undefined)
         return body;
@@ -153,8 +203,8 @@ const captureTraceResponseBody = async (response) => {
  * Perform the actual request for a given state. Separated to keep the builder small
  */
 async function performRequest(state) {
-    const { response, bodyText, durationMs } = await performRequestRaw(state);
-    Logger.debug(`HTTP ${state.method} ${state.url}`, {
+    const { response, bodyText, durationMs, effectiveState } = await performRequestRaw(state);
+    Logger.debug(`HTTP ${effectiveState.method} ${effectiveState.url}`, {
         status: response.status,
         duration: `${durationMs}ms`,
         size: bodyText.length,
@@ -162,31 +212,45 @@ async function performRequest(state) {
     return createHttpResponse(response, bodyText);
 }
 async function performRequestRaw(state) {
-    const { response, durationMs, requestBody } = await performFetch(state);
+    const { response, durationMs, requestBody, effectiveState } = await performFetch(state);
     const bodyText = await response.text();
-    emitHttpClientTrace({ state, requestBody, response, responseBody: bodyText, durationMs });
-    return { response, bodyText, durationMs, requestBody };
+    emitHttpClientTrace({
+        state: effectiveState,
+        requestBody,
+        response,
+        responseBody: bodyText,
+        durationMs,
+    });
+    return { response, bodyText, durationMs, requestBody, effectiveState };
 }
 async function performFetch(state) {
     const timeout = state.timeout ?? Env.getInt('HTTP_TIMEOUT', 30000);
     const controller = new AbortController();
+    const normalizedTarget = normalizeCredentialUrl(state.url, state.headers);
+    const effectiveState = normalizedTarget.url === state.url && normalizedTarget.headers === state.headers
+        ? state
+        : {
+            ...state,
+            url: normalizedTarget.url,
+            headers: normalizedTarget.headers,
+        };
     let timeoutId;
     if (timeout > 0) {
         timeoutId = globalThis.setTimeout(() => controller.abort(), timeout);
     }
     const buildInit = () => {
         if (OpenTelemetry.isEnabled()) {
-            OpenTelemetry.injectTraceHeaders(state.headers);
+            OpenTelemetry.injectTraceHeaders(effectiveState.headers);
         }
-        const requestBody = serializeRequestBody(state);
+        const requestBody = serializeRequestBody(effectiveState);
         const init = {
-            method: state.method,
-            headers: state.headers,
+            method: effectiveState.method,
+            headers: effectiveState.headers,
             signal: controller.signal,
         };
         if (requestBody !== undefined &&
             requestBody !== null &&
-            ['POST', 'PUT', 'PATCH', 'DELETE'].includes(state.method)) {
+            ['POST', 'PUT', 'PATCH', 'DELETE'].includes(effectiveState.method)) {
             init.body = requestBody;
         }
         return { init, requestBody };
@@ -194,28 +258,28 @@ async function performFetch(state) {
     const startTime = Date.now();
     try {
         const { init, requestBody } = buildInit();
-        const response = await globalThis.fetch(state.url, init);
+        const response = await globalThis.fetch(effectiveState.url, init);
         const duration = Date.now() - startTime;
-        return { response, durationMs: duration, requestBody };
+        return { response, durationMs: duration, requestBody, effectiveState };
     }
     catch (error) {
         const duration = Date.now() - startTime;
         emitHttpClientTrace({
-            state,
-            requestBody: serializeRequestBody(state),
+            state: effectiveState,
+            requestBody: serializeRequestBody(effectiveState),
             durationMs: duration,
             error: error instanceof Error ? error.message : String(error),
         });
         if (error instanceof Error && error.name === 'AbortError') {
             throw ErrorFactory.createConnectionError(`HTTP request timeout after ${timeout}ms`, {
-                url: state.url,
-                method: state.method,
+                url: effectiveState.url,
+                method: effectiveState.method,
                 timeout,
             });
         }
         throw ErrorFactory.createTryCatchError(`HTTP request failed: ${error.message}`, {
-            url: state.url,
-            method: state.method,
+            url: effectiveState.url,
+            method: effectiveState.method,
             error: error instanceof Error ? error.message : String(error),
         });
     }
@@ -225,6 +289,18 @@ async function performFetch(state) {
         }
     }
 }
+async function performFetchWithTrace(state) {
+    const result = await performFetch(state);
+    const responseBody = await captureTraceResponseBody(result.response);
+    emitHttpClientTrace({
+        state: result.effectiveState,
+        requestBody: result.requestBody,
+        response: result.response,
+        responseBody,
+        durationMs: result.durationMs,
+    });
+    return result;
+}
 /**
  * Create request builder with fluent API
  */
@@ -251,7 +327,7 @@ function createRequestBuilder(method, url, initialBody) {
             return self;
         },
         withBasicAuth(username, password) {
-            const credentials = Buffer.from(`${username}:${password}`).toString('base64');
+            const credentials = encodeBase64Utf8(`${username}:${password}`);
             state.headers['Authorization'] = `Basic ${credentials}`;
             return self;
         },
@@ -281,15 +357,11 @@ function createRequestBuilder(method, url, initialBody) {
             return performRequest(state);
         },
         async sendRaw() {
-            const { response, durationMs, requestBody } = await performFetch(state);
-            const responseBody = await captureTraceResponseBody(response);
-            emitHttpClientTrace({ state, requestBody, response, responseBody, durationMs });
+            const { response } = await performFetchWithTrace(state);
             return response;
         },
         async sendStream() {
-            const { response, durationMs, requestBody } = await performFetch(state);
-            const responseBody = await captureTraceResponseBody(response);
-            emitHttpClientTrace({ state, requestBody, response, responseBody, durationMs });
+            const { response } = await performFetchWithTrace(state);
             return { response, stream: response.body };
         },
     };

package/src/zintrust.plugins.d.ts

@@ -1,10 +1,7 @@
 /**
- * ZinTrust plugin auto-imports
- *
- * In real projects, this file is managed by `zin plugin install` and contains
- * side-effect imports (e.g. `@zintrust/db-sqlite/register`) that register
- * optional adapters/drivers into core registries.
- *
+ * Auto-generated fallback module.
+ * This file is created by scripts/ensure-worker-plugins.mjs when missing.
+ * It allows optional runtime plugin imports to resolve in CI/scaffolded setups.
  */
 export type {};
 export declare const __zintrustGeneratedPluginStub = "zintrust.plugins.ts";

package/src/zintrust.plugins.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"zintrust.plugins.d.ts","sourceRoot":"","sources":["../../src/zintrust.plugins.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,YAAY,EAAE,CAAC;AAgBf,eAAO,MAAM,6BAA6B,wBAAwB,CAAC;;AACnE,wBAAkB"}
+{"version":3,"file":"zintrust.plugins.d.ts","sourceRoot":"","sources":["../../src/zintrust.plugins.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,YAAY,EAAE,CAAC;AAgBf,eAAO,MAAM,6BAA6B,wBAAwB,CAAC;;AACnE,wBAAkB"}

package/src/zintrust.plugins.js

@@ -1,10 +1,7 @@
 /**
- * ZinTrust plugin auto-imports
- *
- * In real projects, this file is managed by `zin plugin install` and contains
- * side-effect imports (e.g. `@zintrust/db-sqlite/register`) that register
- * optional adapters/drivers into core registries.
- *
+ * Auto-generated fallback module.
+ * This file is created by scripts/ensure-worker-plugins.mjs when missing.
+ * It allows optional runtime plugin imports to resolve in CI/scaffolded setups.
  */
 import * as TraceRuntime from './runtime/plugins/trace-runtime.js';
 globalThis.__zintrust_system_trace_plugin_requested__ = true;