accessio 1.3.0 → 1.4.0

package/src/core/fetchAdapter.ts

@@ -25,7 +25,7 @@ async function readResponseData(
         } catch (err) {
           throw new AccessioError(
             `Failed to parse JSON response: ${(err as Error).message}. Raw body: ${
-              text.length > 500 ? text.slice(0, 500) + '…' : text
+              text.length > 500 ? `${text.slice(0, 500)}…` : text
             }`,
             AccessioError.ERR_BAD_RESPONSE,
             config,
@@ -39,17 +39,27 @@ async function readResponseData(
   }
 }
 
-export default async function fetchAdapter(
-  config: AccessioRequestConfig,
-  fullURL: string,
-  fetchOptions: RequestInit,
-  requestStartTime: number,
-): Promise<AccessioResponse> {
-  let abortController: AbortController | null = null;
-  let timeoutId: ReturnType<typeof setTimeout> | null = null;
-  let isTimedOut = false;
-  let onUserAbort: (() => void) | null = null;
+function assertValidURL(fullURL: string, config: AccessioRequestConfig): void {
+  if (!fullURL || !/^[a-z][a-z\d+\-.]*:/i.test(fullURL)) return;
+  try {
+    new URL(fullURL);
+  } catch {
+    throw new AccessioError(
+      `Invalid URL: ${fullURL}`,
+      AccessioError.ERR_INVALID_URL,
+      config,
+      null,
+      null,
+    );
+  }
+}
 
+interface AbortWiring {
+  isTimedOut: () => boolean;
+  cleanup: () => void;
+}
+
+function setupAbort(config: AccessioRequestConfig, fetchOptions: RequestInit): AbortWiring {
   if (
     config.timeout !== undefined &&
     (typeof config.timeout !== 'number' || isNaN(config.timeout) || config.timeout < 0)
@@ -64,84 +74,141 @@ export default async function fetchAdapter(
   }
 
   const timeoutValue = Number(config.timeout);
-  if (!isNaN(timeoutValue) && timeoutValue > 0) {
-    abortController = new AbortController();
-
-    timeoutId = setTimeout(() => {
-      isTimedOut = true;
-      abortController!.abort(
-        new AccessioError(
-          `timeout of ${timeoutValue}ms exceeded`,
-          AccessioError.ETIMEDOUT,
-          config,
-          null,
-          null,
-        ),
-      );
-    }, timeoutValue);
+  const hasTimeout = !isNaN(timeoutValue) && timeoutValue > 0;
 
-    if (config.signal) {
-      if (typeof AbortSignal.any === 'function') {
-        fetchOptions.signal = AbortSignal.any([config.signal, abortController.signal]);
+  if (!hasTimeout) {
+    if (config.signal) fetchOptions.signal = config.signal;
+    return { isTimedOut: () => false, cleanup: () => {} };
+  }
+
+  let timedOut = false;
+  const abortController = new AbortController();
+  const timeoutId = setTimeout(() => {
+    timedOut = true;
+    abortController.abort(
+      new AccessioError(
+        `timeout of ${timeoutValue}ms exceeded`,
+        AccessioError.ETIMEDOUT,
+        config,
+        null,
+        null,
+      ),
+    );
+  }, timeoutValue);
+
+  let onUserAbort: (() => void) | null = null;
+
+  if (config.signal) {
+    if (typeof AbortSignal.any === 'function') {
+      fetchOptions.signal = AbortSignal.any([config.signal, abortController.signal]);
+    } else {
+      if (config.signal.aborted) {
+        abortController.abort(config.signal.reason);
       } else {
-        if (config.signal.aborted) {
-          abortController.abort(config.signal.reason);
-        } else {
-          onUserAbort = () => {
-            if (!isTimedOut && abortController) {
-              abortController.abort(config.signal!.reason);
-            }
-          };
-          config.signal.addEventListener('abort', onUserAbort, {
-            once: true,
-          });
-        }
-        fetchOptions.signal = abortController.signal;
+        onUserAbort = () => {
+          if (!timedOut) abortController.abort(config.signal!.reason);
+        };
+        config.signal.addEventListener('abort', onUserAbort, { once: true });
       }
-    } else {
       fetchOptions.signal = abortController.signal;
     }
-  } else if (config.signal) {
-    fetchOptions.signal = config.signal;
+  } else {
+    fetchOptions.signal = abortController.signal;
   }
 
-  try {
-    const fetchImpl = config.fetch || fetch;
-    let fetchResponse = await fetchImpl(fullURL, fetchOptions);
-
-    if (config.onDownloadProgress && fetchResponse.body && config.responseType !== 'stream') {
-      const contentLength = fetchResponse.headers.get('content-length');
-      const total = contentLength ? parseInt(contentLength, 10) : 0;
-      let loaded = 0;
-
-      const reader = fetchResponse.body.getReader();
-      const stream = new ReadableStream({
-        async start(controller) {
-          try {
-            while (true) {
-              const { done, value } = await reader.read();
-              if (done) {
-                controller.close();
-                break;
-              }
-              loaded += value.byteLength;
-              config.onDownloadProgress!({ loaded, total });
-              controller.enqueue(value);
-            }
-          } catch (e) {
-            controller.error(e);
+  return {
+    isTimedOut: () => timedOut,
+    cleanup: () => {
+      clearTimeout(timeoutId);
+      if (onUserAbort && config.signal) {
+        config.signal.removeEventListener('abort', onUserAbort);
+      }
+    },
+  };
+}
+
+function wrapDownloadProgress(fetchResponse: Response, config: AccessioRequestConfig): Response {
+  if (!config.onDownloadProgress || !fetchResponse.body || config.responseType === 'stream') {
+    return fetchResponse;
+  }
+
+  const contentLength = fetchResponse.headers.get('content-length');
+  const total = contentLength ? parseInt(contentLength, 10) : 0;
+  let loaded = 0;
+
+  const reader = fetchResponse.body.getReader();
+  const stream = new ReadableStream({
+    async start(controller) {
+      try {
+        while (true) {
+          const { done, value } = await reader.read();
+          if (done) {
+            controller.close();
+            break;
           }
-        },
-      });
-
-      fetchResponse = new Response(stream, {
-        headers: fetchResponse.headers,
-        status: fetchResponse.status,
-        statusText: fetchResponse.statusText,
-      });
-    }
+          loaded += value.byteLength;
+          config.onDownloadProgress!({ loaded, total });
+          controller.enqueue(value);
+        }
+      } catch (e) {
+        controller.error(e);
+      }
+    },
+  });
 
-    let responseData: unknown;
+  return new Response(stream, {
+    headers: fetchResponse.headers,
+    status: fetchResponse.status,
+    statusText: fetchResponse.statusText,
+  });
+}
+
+function classifyFetchError(
+  error: unknown,
+  config: AccessioRequestConfig,
+  isTimedOut: boolean,
+): AccessioError {
+  if (error instanceof AccessioError) return error;
+
+  if (isTimedOut) {
+    return new AccessioError(
+      `timeout of ${config.timeout}ms exceeded`,
+      AccessioError.ETIMEDOUT,
+      config,
+      null,
+      null,
+    );
+  }
+
+  const isAbort =
+    (error instanceof Error && error.name === 'AbortError') || !!config.signal?.aborted;
+  if (isAbort) {
+    return new AccessioError('Request aborted', AccessioError.ERR_CANCELED, config, null, null);
+  }
+
+  return AccessioError.from(
+    error instanceof Error ? error : new Error(String(error)),
+    AccessioError.ERR_NETWORK,
+    config,
+    null,
+    null,
+  );
+}
+
+export default async function fetchAdapter(
+  config: AccessioRequestConfig,
+  fullURL: string,
+  fetchOptions: RequestInit,
+  requestStartTime: number,
+): Promise<AccessioResponse> {
+  assertValidURL(fullURL, config);
+
+  const abort = setupAbort(config, fetchOptions);
+
+  try {
+    const fetchImpl = config.fetch || fetch;
+    const rawResponse = await fetchImpl(fullURL, fetchOptions);
+    const fetchResponse = wrapDownloadProgress(rawResponse, config);
 
     const contentLength = fetchResponse.headers.get('content-length');
     if (
@@ -158,6 +225,7 @@ export default async function fetchAdapter(
       );
     }
 
+    let responseData: unknown;
     try {
       responseData = await readResponseData(fetchResponse, config);
       if (config.schema) {
@@ -178,59 +246,18 @@ export default async function fetchAdapter(
       );
     }
 
-    const responseHeaders = parseHeaders(fetchResponse.headers);
-
     return {
       data: responseData,
       status: fetchResponse.status,
       statusText: fetchResponse.statusText,
-      headers: responseHeaders,
-      config: config,
+      headers: parseHeaders(fetchResponse.headers),
+      config,
       request: fetchResponse,
       duration: Date.now() - requestStartTime,
     };
   } catch (error) {
-    if (error instanceof AccessioError) {
-      throw error;
-    }
-
-    if (error instanceof Error && error.name === 'AbortError') {
-      if (isTimedOut) {
-        throw new AccessioError(
-          `timeout of ${config.timeout}ms exceeded`,
-          AccessioError.ETIMEDOUT,
-          config,
-          null,
-          null,
-        );
-      }
-      throw new AccessioError('Request aborted', AccessioError.ERR_CANCELED, config, null, null);
-    }
-
-    if (
-      error instanceof TypeError &&
-      (error.message.toLowerCase().includes('url') || error.message.toLowerCase().includes('fetch'))
-    ) {
-      throw new AccessioError(
-        `Invalid URL: ${fullURL}`,
-        AccessioError.ERR_INVALID_URL,
-        config,
-        null,
-        null,
-      );
-    }
-
-    throw AccessioError.from(
-      error instanceof Error ? error : new Error(String(error)),
-      AccessioError.ERR_NETWORK,
-      config,
-      null,
-      null,
-    );
+    throw classifyFetchError(error, config, abort.isTimedOut());
   } finally {
-    if (timeoutId) clearTimeout(timeoutId);
-    if (config.signal && onUserAbort) {
-      config.signal.removeEventListener('abort', onUserAbort);
-    }
+    abort.cleanup();
   }
 }

package/src/core/request.ts

@@ -10,6 +10,31 @@ import { defaultMemoryCache } from '../helpers/memoryCache';
 import type { AccessioRequestConfig, AccessioResponse, TransformFunction } from '../types';
 
 type HeadersConfig = Record<string, Record<string, string | string[]>>;
+type FlatHeaders = Record<string, string | string[]>;
+
+function lookupHeader(headers: FlatHeaders, name: string): string {
+  const target = name.toLowerCase();
+  for (const k of Object.keys(headers)) {
+    if (k.toLowerCase() === target) {
+      const v = headers[k];
+      return Array.isArray(v) ? v.join(',') : (v ?? '');
+    }
+  }
+  return '';
+}
+
+function buildCacheKey(
+  config: AccessioRequestConfig,
+  fullURL: string,
+  flatHeaders: FlatHeaders,
+): string {
+  const method = (config.method || 'GET').toUpperCase();
+  const auth = lookupHeader(flatHeaders, 'authorization');
+  const accept = lookupHeader(flatHeaders, 'accept');
+  const withCreds = config.withCredentials ? '1' : '0';
+  const respType = config.responseType || 'json';
+  return `${method}:${fullURL}|a=${auth}|x=${accept}|c=${withCreds}|t=${respType}`;
+}
 
 function buildTransformArray(
   transform: TransformFunction | TransformFunction[] | undefined,
@@ -27,7 +52,7 @@ function assertAllowedProtocol(fullURL: string, config: AccessioRequestConfig):
 
   let scheme: string | null = null;
   const match = /^([a-z][a-z\d+\-.]*):/i.exec(fullURL);
-  if (match) scheme = match[1].toLowerCase() + ':';
+  if (match) scheme = `${match[1].toLowerCase()}:`;
   if (!scheme) return;
 
   if (!allowed.includes(scheme)) {
@@ -43,6 +68,21 @@ function assertAllowedProtocol(fullURL: string, config: AccessioRequestConfig):
 }
 
 const activeRequests = new Map<string, Promise<AccessioResponse>>();
+const MAX_ACTIVE_REQUESTS = 1024;
+
+export function __activeRequestsSize(): number {
+  return activeRequests.size;
+}
+
+function trackActiveRequest(key: string, promise: Promise<AccessioResponse>): void {
+  activeRequests.set(key, promise);
+  // Evict the oldest entry if we've grown past the cap. Map preserves insertion order.
+  while (activeRequests.size > MAX_ACTIVE_REQUESTS) {
+    const oldest = activeRequests.keys().next().value;
+    if (oldest === undefined || oldest === key) break;
+    activeRequests.delete(oldest);
+  }
+}
 
 export default async function dispatchRequest(
   config: AccessioRequestConfig,
@@ -62,28 +102,36 @@ export default async function dispatchRequest(
     await config.hooks.onBeforeRequest(config);
   }
 
+  const flatHeaders = flattenHeaders(config.headers as HeadersConfig | undefined, config.method);
+  setBasicAuth(config, flatHeaders);
+
   const isGet = (config.method || 'GET').toUpperCase() === 'GET';
-  const cacheKey = isGet ? `GET:${fullURL}` : '';
+  const cacheKey = isGet ? buildCacheKey(config, fullURL, flatHeaders) : '';
 
   if (isGet && config.cache) {
     const cacheProvider = typeof config.cache === 'object' ? config.cache : defaultMemoryCache;
     const cached = await cacheProvider.get(cacheKey);
     if (cached) {
+      const cachedView: AccessioResponse = {
+        ...cached,
+        config: redactConfig(config) as typeof cached.config,
+      };
       if (config.hooks?.onRequestResponse) {
-        await config.hooks.onRequestResponse(cached);
+        await config.hooks.onRequestResponse(cachedView);
       }
-      return cached;
+      return cachedView;
     }
   }
 
   if (isGet && config.dedupe) {
-    if (activeRequests.has(cacheKey)) {
-      return activeRequests.get(cacheKey)!;
+    const inflight = activeRequests.get(cacheKey);
+    if (inflight) {
+      const shared = await inflight;
+      return finalizeResponse(shared, config);
     }
   }
 
-  const performRequest = async () => {
-    const flatHeaders = flattenHeaders(config.headers as HeadersConfig | undefined, config.method);
+  const performRequest = async (): Promise<AccessioResponse> => {
     const requestTransforms = buildTransformArray(config.transformRequest);
     const requestData = await transformData(requestTransforms, config.data, flatHeaders, config);
 
@@ -95,8 +143,6 @@ export default async function dispatchRequest(
       removeContentType(flatHeaders);
     }
 
-    setBasicAuth(config, flatHeaders);
-
     const fetchOptions: RequestInit = {
       method: (config.method || 'GET').toUpperCase(),
       headers: buildFetchHeaders(flatHeaders),
@@ -123,12 +169,9 @@ export default async function dispatchRequest(
     }
 
     const requestStartTime = Date.now();
-
     const response = await fetchAdapter(config, fullURL, fetchOptions, requestStartTime);
-    response.config = redactConfig(response.config) as typeof response.config;
 
     const responseTransforms = buildTransformArray(config.transformResponse);
-
     response.data = await transformData(
       responseTransforms,
       response.data,
@@ -137,39 +180,44 @@ export default async function dispatchRequest(
       'response',
     );
 
-    return new Promise<AccessioResponse>((resolve, reject) => {
-      settle(
-        resolve as (value: AccessioResponse) => void,
-        reject as (reason: AccessioError) => void,
-        response,
-        config,
-      );
-    });
+    return response;
   };
 
   const promise = performRequest();
 
   if (isGet && config.dedupe) {
-    activeRequests.set(cacheKey, promise);
+    trackActiveRequest(cacheKey, promise);
     const cleanup = () => {
-      activeRequests.delete(cacheKey);
+      if (activeRequests.get(cacheKey) === promise) {
+        activeRequests.delete(cacheKey);
+      }
     };
     promise.then(cleanup, cleanup);
   }
 
   try {
-    const response = await promise;
+    const shared = await promise;
+    const response = finalizeResponse(shared, config);
 
     if (isGet && config.cache) {
       const cacheProvider = typeof config.cache === 'object' ? config.cache : defaultMemoryCache;
-      await cacheProvider.set(cacheKey, response, config.cacheTTL);
+      await cacheProvider.set(cacheKey, shared, config.cacheTTL);
     }
 
+    const settled = await new Promise<AccessioResponse>((resolve, reject) => {
+      settle(
+        resolve as (value: AccessioResponse) => void,
+        reject as (reason: AccessioError) => void,
+        response,
+        config,
+      );
+    });
+
     if (config.hooks?.onRequestResponse) {
-      await config.hooks.onRequestResponse(response);
+      await config.hooks.onRequestResponse(settled);
     }
 
-    return response;
+    return settled;
   } catch (error) {
     if (config.hooks?.onRequestError && error instanceof AccessioError) {
       await config.hooks.onRequestError(error);
@@ -177,3 +225,13 @@ export default async function dispatchRequest(
     throw error;
   }
 }
+
+function finalizeResponse(
+  shared: AccessioResponse,
+  config: AccessioRequestConfig,
+): AccessioResponse {
+  return {
+    ...shared,
+    config: redactConfig(config) as typeof shared.config,
+  };
+}

package/src/helpers/debug.ts

@@ -1,5 +1,5 @@
 import type { AccessioRequestConfig, AccessioResponse } from '../types';
-import AccessioError from '../core/accessioError';
+import AccessioError, { redactBody } from '../core/accessioError';
 
 function formatBytes(bytes: number): string {
   if (bytes === 0) return '0 B';
@@ -35,7 +35,12 @@ export function logRequest(config: AccessioRequestConfig, fullUrl: string): void
   }
 
   if (config.data && typeof config.data === 'object') {
-    const preview = JSON.stringify(config.data);
+    let preview: string;
+    try {
+      preview = JSON.stringify(redactBody(config.data));
+    } catch {
+      preview = '[unserializable body]';
+    }
     const truncated = preview.length > 200 ? `${preview.substring(0, 200)}...` : preview;
     parts.push(`   Body: ${truncated}`);
   }

package/src/helpers/settle.ts

@@ -9,7 +9,7 @@ export default function settle(
 ): void {
   const validateStatus = config.validateStatus;
 
-  if (!response.status || !validateStatus || validateStatus(response.status)) {
+  if (!validateStatus || validateStatus(response.status)) {
     resolve(response);
   } else {
     const error = new AccessioError(

package/src/interceptors/interceptorManager.ts

@@ -1,12 +1,12 @@
 import type { TransformFunction, InterceptorHandler, InterceptorOptions } from '../types';
 
 export class InterceptorManager {
-  handlers: Array<InterceptorHandler | null>;
-  private _activeCount: number;
+  private _handlers: Map<number, InterceptorHandler>;
+  private _nextId: number;
 
   constructor() {
-    this.handlers = [];
-    this._activeCount = 0;
+    this._handlers = new Map();
+    this._nextId = 0;
   }
 
   use(
@@ -14,39 +14,46 @@ export class InterceptorManager {
     rejected?: ((error: unknown) => unknown) | null,
     options: InterceptorOptions = {},
   ): number {
-    this.handlers.push({
+    const id = this._nextId++;
+    this._handlers.set(id, {
       fulfilled: fulfilled || null,
       rejected: rejected || null,
       synchronous: options.synchronous || false,
       runWhen: options.runWhen || null,
     });
-
-    this._activeCount++;
-    return this.handlers.length - 1;
+    return id;
   }
 
   eject(id: number): void {
-    if (this.handlers[id]) {
-      this.handlers[id] = null;
-      this._activeCount--;
-    }
+    this._handlers.delete(id);
   }
 
   clear(): void {
-    this.handlers = [];
-    this._activeCount = 0;
+    this._handlers.clear();
   }
 
   forEach(fn: (handler: InterceptorHandler) => void): void {
-    for (const handler of this.handlers) {
-      if (handler !== null) {
-        fn(handler);
-      }
+    for (const handler of this._handlers.values()) {
+      fn(handler);
     }
   }
 
   get size(): number {
-    return this._activeCount;
+    return this._handlers.size;
+  }
+
+  /**
+   * Snapshot view for backward-compat introspection. Slot index = interceptor ID;
+   * ejected IDs appear as `null`. Reading this builds a fresh array each time —
+   * prefer `forEach`/`size` in hot paths.
+   */
+  get handlers(): Array<InterceptorHandler | null> {
+    const max = this._nextId;
+    const out: Array<InterceptorHandler | null> = new Array(max);
+    for (let i = 0; i < max; i++) {
+      out[i] = this._handlers.get(i) ?? null;
+    }
+    return out;
   }
 }