npm - alepha - Versions diffs - 0.13.0 → 0.13.1 - Mend

alepha 0.13.0 → 0.13.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (195) hide show

package/dist/api-jobs/index.d.ts +26 -26
package/dist/api-users/index.d.ts +1 -1
package/dist/cli/{dist-Sz2EXvQX.cjs → dist-Dl9Vl7Ur.js} +17 -13
package/dist/cli/{dist-BBPjuQ56.js.map → dist-Dl9Vl7Ur.js.map} +1 -1
package/dist/cli/index.d.ts +3 -11
package/dist/cli/index.js +106 -74
package/dist/cli/index.js.map +1 -1
package/dist/email/index.js +71 -73
package/dist/email/index.js.map +1 -1
package/dist/orm/index.d.ts +1 -1
package/dist/orm/index.js.map +1 -1
package/dist/queue/index.d.ts +4 -4
package/dist/retry/index.d.ts +1 -1
package/dist/retry/index.js +2 -2
package/dist/retry/index.js.map +1 -1
package/dist/scheduler/index.d.ts +6 -6
package/dist/security/index.d.ts +28 -28
package/dist/server/index.js +1 -1
package/dist/server/index.js.map +1 -1
package/dist/server-health/index.d.ts +17 -17
package/dist/server-metrics/index.js +170 -174
package/dist/server-metrics/index.js.map +1 -1
package/dist/server-security/index.d.ts +9 -9
package/dist/vite/index.js +4 -5
package/dist/vite/index.js.map +1 -1
package/dist/websocket/index.d.ts +7 -7
package/package.json +52 -103
package/src/cli/apps/AlephaPackageBuilderCli.ts +7 -2
package/src/cli/assets/appRouterTs.ts +9 -0
package/src/cli/assets/indexHtml.ts +2 -1
package/src/cli/assets/mainBrowserTs.ts +10 -0
package/src/cli/commands/CoreCommands.ts +6 -5
package/src/cli/commands/DrizzleCommands.ts +65 -57
package/src/cli/commands/VerifyCommands.ts +1 -1
package/src/cli/services/ProjectUtils.ts +44 -38
package/src/orm/providers/DrizzleKitProvider.ts +1 -1
package/src/retry/descriptors/$retry.ts +5 -3
package/src/server/providers/NodeHttpServerProvider.ts +1 -1
package/src/vite/helpers/boot.ts +3 -3
package/dist/api-files/index.cjs +0 -1293
package/dist/api-files/index.cjs.map +0 -1
package/dist/api-files/index.d.cts +0 -829
package/dist/api-jobs/index.cjs +0 -274
package/dist/api-jobs/index.cjs.map +0 -1
package/dist/api-jobs/index.d.cts +0 -654
package/dist/api-notifications/index.cjs +0 -380
package/dist/api-notifications/index.cjs.map +0 -1
package/dist/api-notifications/index.d.cts +0 -289
package/dist/api-parameters/index.cjs +0 -66
package/dist/api-parameters/index.cjs.map +0 -1
package/dist/api-parameters/index.d.cts +0 -84
package/dist/api-users/index.cjs +0 -6009
package/dist/api-users/index.cjs.map +0 -1
package/dist/api-users/index.d.cts +0 -4740
package/dist/api-verifications/index.cjs +0 -407
package/dist/api-verifications/index.cjs.map +0 -1
package/dist/api-verifications/index.d.cts +0 -207
package/dist/batch/index.cjs +0 -408
package/dist/batch/index.cjs.map +0 -1
package/dist/batch/index.d.cts +0 -330
package/dist/bin/index.cjs +0 -17
package/dist/bin/index.cjs.map +0 -1
package/dist/bin/index.d.cts +0 -1
package/dist/bucket/index.cjs +0 -303
package/dist/bucket/index.cjs.map +0 -1
package/dist/bucket/index.d.cts +0 -355
package/dist/cache/index.cjs +0 -241
package/dist/cache/index.cjs.map +0 -1
package/dist/cache/index.d.cts +0 -202
package/dist/cache-redis/index.cjs +0 -84
package/dist/cache-redis/index.cjs.map +0 -1
package/dist/cache-redis/index.d.cts +0 -40
package/dist/cli/chunk-DSlc6foC.cjs +0 -43
package/dist/cli/dist-BBPjuQ56.js +0 -2778
package/dist/cli/dist-Sz2EXvQX.cjs.map +0 -1
package/dist/cli/index.cjs +0 -1241
package/dist/cli/index.cjs.map +0 -1
package/dist/cli/index.d.cts +0 -422
package/dist/command/index.cjs +0 -693
package/dist/command/index.cjs.map +0 -1
package/dist/command/index.d.cts +0 -340
package/dist/core/index.cjs +0 -2264
package/dist/core/index.cjs.map +0 -1
package/dist/core/index.d.cts +0 -1927
package/dist/datetime/index.cjs +0 -318
package/dist/datetime/index.cjs.map +0 -1
package/dist/datetime/index.d.cts +0 -145
package/dist/email/index.cjs +0 -10874
package/dist/email/index.cjs.map +0 -1
package/dist/email/index.d.cts +0 -186
package/dist/fake/index.cjs +0 -34641
package/dist/fake/index.cjs.map +0 -1
package/dist/fake/index.d.cts +0 -74
package/dist/file/index.cjs +0 -1212
package/dist/file/index.cjs.map +0 -1
package/dist/file/index.d.cts +0 -698
package/dist/lock/index.cjs +0 -226
package/dist/lock/index.cjs.map +0 -1
package/dist/lock/index.d.cts +0 -361
package/dist/lock-redis/index.cjs +0 -113
package/dist/lock-redis/index.cjs.map +0 -1
package/dist/lock-redis/index.d.cts +0 -24
package/dist/logger/index.cjs +0 -521
package/dist/logger/index.cjs.map +0 -1
package/dist/logger/index.d.cts +0 -281
package/dist/orm/index.cjs +0 -2986
package/dist/orm/index.cjs.map +0 -1
package/dist/orm/index.d.cts +0 -2213
package/dist/queue/index.cjs +0 -1044
package/dist/queue/index.cjs.map +0 -1
package/dist/queue/index.d.cts +0 -1265
package/dist/queue-redis/index.cjs +0 -873
package/dist/queue-redis/index.cjs.map +0 -1
package/dist/queue-redis/index.d.cts +0 -82
package/dist/redis/index.cjs +0 -153
package/dist/redis/index.cjs.map +0 -1
package/dist/redis/index.d.cts +0 -82
package/dist/retry/index.cjs +0 -146
package/dist/retry/index.cjs.map +0 -1
package/dist/retry/index.d.cts +0 -172
package/dist/router/index.cjs +0 -111
package/dist/router/index.cjs.map +0 -1
package/dist/router/index.d.cts +0 -46
package/dist/scheduler/index.cjs +0 -576
package/dist/scheduler/index.cjs.map +0 -1
package/dist/scheduler/index.d.cts +0 -145
package/dist/security/index.cjs +0 -2402
package/dist/security/index.cjs.map +0 -1
package/dist/security/index.d.cts +0 -598
package/dist/server/index.cjs +0 -1680
package/dist/server/index.cjs.map +0 -1
package/dist/server/index.d.cts +0 -810
package/dist/server-auth/index.cjs +0 -3146
package/dist/server-auth/index.cjs.map +0 -1
package/dist/server-auth/index.d.cts +0 -1164
package/dist/server-cache/index.cjs +0 -252
package/dist/server-cache/index.cjs.map +0 -1
package/dist/server-cache/index.d.cts +0 -164
package/dist/server-compress/index.cjs +0 -141
package/dist/server-compress/index.cjs.map +0 -1
package/dist/server-compress/index.d.cts +0 -38
package/dist/server-cookies/index.cjs +0 -234
package/dist/server-cookies/index.cjs.map +0 -1
package/dist/server-cookies/index.d.cts +0 -144
package/dist/server-cors/index.cjs +0 -201
package/dist/server-cors/index.cjs.map +0 -1
package/dist/server-cors/index.d.cts +0 -140
package/dist/server-health/index.cjs +0 -62
package/dist/server-health/index.cjs.map +0 -1
package/dist/server-health/index.d.cts +0 -58
package/dist/server-helmet/index.cjs +0 -131
package/dist/server-helmet/index.cjs.map +0 -1
package/dist/server-helmet/index.d.cts +0 -97
package/dist/server-links/index.cjs +0 -992
package/dist/server-links/index.cjs.map +0 -1
package/dist/server-links/index.d.cts +0 -513
package/dist/server-metrics/index.cjs +0 -4535
package/dist/server-metrics/index.cjs.map +0 -1
package/dist/server-metrics/index.d.cts +0 -35
package/dist/server-multipart/index.cjs +0 -237
package/dist/server-multipart/index.cjs.map +0 -1
package/dist/server-multipart/index.d.cts +0 -50
package/dist/server-proxy/index.cjs +0 -186
package/dist/server-proxy/index.cjs.map +0 -1
package/dist/server-proxy/index.d.cts +0 -234
package/dist/server-rate-limit/index.cjs +0 -241
package/dist/server-rate-limit/index.cjs.map +0 -1
package/dist/server-rate-limit/index.d.cts +0 -183
package/dist/server-security/index.cjs +0 -316
package/dist/server-security/index.cjs.map +0 -1
package/dist/server-security/index.d.cts +0 -173
package/dist/server-static/index.cjs +0 -170
package/dist/server-static/index.cjs.map +0 -1
package/dist/server-static/index.d.cts +0 -121
package/dist/server-swagger/index.cjs +0 -1021
package/dist/server-swagger/index.cjs.map +0 -1
package/dist/server-swagger/index.d.cts +0 -382
package/dist/sms/index.cjs +0 -221
package/dist/sms/index.cjs.map +0 -1
package/dist/sms/index.d.cts +0 -130
package/dist/thread/index.cjs +0 -350
package/dist/thread/index.cjs.map +0 -1
package/dist/thread/index.d.cts +0 -260
package/dist/topic/index.cjs +0 -282
package/dist/topic/index.cjs.map +0 -1
package/dist/topic/index.d.cts +0 -523
package/dist/topic-redis/index.cjs +0 -71
package/dist/topic-redis/index.cjs.map +0 -1
package/dist/topic-redis/index.d.cts +0 -42
package/dist/vite/index.cjs +0 -1077
package/dist/vite/index.cjs.map +0 -1
package/dist/vite/index.d.cts +0 -542
package/dist/websocket/index.cjs +0 -1117
package/dist/websocket/index.cjs.map +0 -1
package/dist/websocket/index.d.cts +0 -861

package/dist/server-cors/index.d.cts DELETED Viewed

@@ -1,140 +0,0 @@
-import * as alepha1 from "alepha";
-import { Descriptor, KIND, Static } from "alepha";
-import * as alepha_logger0 from "alepha/logger";
-import { ServerRouterProvider } from "alepha/server";
-//#region src/server-cors/descriptors/$cors.d.ts
-/**
- * Declares CORS configuration for specific server routes.
- * This descriptor provides path-based CORS configuration.
- *
- * @example
- * ```ts
- * class ApiService {
- *   // Apply specific CORS to API routes
- *   cors = $cors({
- *     paths: ["/api/*"],
- *     origin: "https://app.example.com",
- *     credentials: true,
- *   });
- * }
- * ```
- */
-declare const $cors: {
-  (options: CorsDescriptorConfig): AbstractCorsDescriptor;
-  [KIND]: typeof CorsDescriptor;
-};
-interface CorsDescriptorConfig extends Partial<CorsOptions> {
-  /** Name identifier for this CORS config (default: property key) */
-  name?: string;
-  /** Path patterns to match (supports wildcards like /api/*) */
-  paths?: string[];
-}
-interface AbstractCorsDescriptor {
-  readonly name: string;
-  readonly options: CorsDescriptorConfig;
-}
-declare class CorsDescriptor extends Descriptor<CorsDescriptorConfig> implements AbstractCorsDescriptor {
-  protected readonly serverCorsProvider: ServerCorsProvider;
-  get name(): string;
-  protected onInit(): void;
-}
-//#endregion
-//#region src/server-cors/providers/ServerCorsProvider.d.ts
-/**
- * CORS configuration atom (global defaults)
- */
-declare const corsOptions: alepha1.Atom<alepha1.TObject<{
-  origin: alepha1.TOptional<alepha1.TString>;
-  methods: alepha1.TArray<alepha1.TString>;
-  headers: alepha1.TArray<alepha1.TString>;
-  credentials: alepha1.TOptional<alepha1.TBoolean>;
-  maxAge: alepha1.TOptional<alepha1.TNumber>;
-}>, "alepha.server.cors.options">;
-type CorsOptions = Static<typeof corsOptions.schema>;
-declare module "alepha" {
-  interface State {
-    [corsOptions.key]: CorsOptions;
-  }
-}
-declare class ServerCorsProvider {
-  protected readonly log: alepha_logger0.Logger;
-  protected readonly serverRouterProvider: ServerRouterProvider;
-  protected readonly globalOptions: Readonly<{
-    origin?: string | undefined;
-    credentials?: boolean | undefined;
-    maxAge?: number | undefined;
-    methods: string[];
-    headers: string[];
-  }>;
-  /**
-   * Registered CORS configurations with their path patterns
-   */
-  readonly registeredConfigs: CorsDescriptorConfig[];
-  /**
-   * Register a CORS configuration (called by descriptors)
-   */
-  registerCors(config: CorsDescriptorConfig): void;
-  protected readonly onStart: alepha1.HookDescriptor<"start">;
-  protected readonly configure: alepha1.HookDescriptor<"configure">;
-  protected readonly onRequest: alepha1.HookDescriptor<"server:onRequest">;
-  /**
-   * Build complete CORS options by merging with global defaults
-   */
-  protected buildCorsOptions(config: CorsDescriptorConfig): CorsOptions;
-  /**
-   * Apply CORS headers to the response
-   */
-  protected applyCorsHeaders(request: {
-    headers: {
-      origin?: string;
-    };
-    reply: {
-      setHeader: (name: string, value: string) => void;
-    };
-  }, options: CorsOptions): void;
-  isOriginAllowed(origin: string | undefined, allowed: CorsOptions["origin"]): boolean;
-}
-type ServerCorsProviderOptions = CorsOptions;
-//#endregion
-//#region src/server-cors/index.d.ts
-declare module "alepha/server" {
-  interface ServerRoute {
-    /**
-     * Route-specific CORS configuration.
-     * If set, overrides the global CORS options for this route.
-     */
-    cors?: CorsOptions;
-  }
-}
-/**
- * Plugin for configuring CORS on the Alepha server.
- *
- * @example
- * ```ts
- * import { Alepha, $route } from "alepha";
- * import { AlephaServerCors, $cors } from "alepha/server-cors";
- *
- * class ApiService {
- *   // Global CORS is applied via corsOptions atom
- *
- *   // Path-specific CORS for API routes
- *   apiCors = $cors({
- *     paths: ["/api/*"],
- *     origin: "https://app.example.com",
- *     credentials: true,
- *   });
- *
- *   route = $route({
- *     path: "/api/data",
- *     method: "POST",
- *     handler: () => ({ data: "hello" }),
- *   });
- * }
- * ```
- */
-declare const AlephaServerCors: alepha1.Service<alepha1.Module>;
-//#endregion
-export { $cors, AbstractCorsDescriptor, AlephaServerCors, CorsDescriptor, CorsDescriptorConfig, CorsOptions, ServerCorsProvider, ServerCorsProviderOptions, corsOptions };
-//# sourceMappingURL=index.d.cts.map

package/dist/server-health/index.cjs DELETED Viewed

@@ -1,62 +0,0 @@
-let alepha = require("alepha");
-let alepha_server = require("alepha/server");
-let alepha_datetime = require("alepha/datetime");
-//#region src/server-health/schemas/healthSchema.ts
-const healthSchema = alepha.t.object({
-	message: alepha.t.text(),
-	uptime: alepha.t.number(),
-	date: alepha.t.datetime(),
-	ready: alepha.t.boolean()
-});
-//#endregion
-//#region src/server-health/providers/ServerHealthProvider.ts
-/**
-* Register `/health` & `/healthz` endpoint.
-*
-* - Provides basic health information about the server.
-*/
-var ServerHealthProvider = class {
-	time = (0, alepha.$inject)(alepha_datetime.DateTimeProvider);
-	alepha = (0, alepha.$inject)(alepha.Alepha);
-	health = (0, alepha_server.$route)({
-		path: "/health",
-		schema: { response: healthSchema },
-		silent: true,
-		handler: () => this.healthCheck()
-	});
-	healthz = (0, alepha_server.$route)({
-		path: "/healthz",
-		schema: { response: healthSchema },
-		silent: true,
-		handler: () => this.healthCheck()
-	});
-	healthCheck() {
-		return {
-			message: "OK",
-			uptime: Math.floor(process.uptime()),
-			date: this.time.nowISOString(),
-			ready: this.alepha.isReady()
-		};
-	}
-};
-//#endregion
-//#region src/server-health/index.ts
-/**
-* Plugin for Alepha Server that provides health-check endpoints.
-*
-* @see {@link ServerHealthProvider}
-* @module alepha.server.health
-*/
-const AlephaServerHealth = (0, alepha.$module)({
-	name: "alepha.server.health",
-	services: [alepha_server.AlephaServer, ServerHealthProvider]
-});
-//#endregion
-exports.AlephaServerHealth = AlephaServerHealth;
-exports.ServerHealthProvider = ServerHealthProvider;
-exports.healthSchema = healthSchema;
-//# sourceMappingURL=index.cjs.map

package/dist/server-health/index.cjs.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"index.cjs","names":["t","DateTimeProvider","Alepha","AlephaServer"],"sources":["../../src/server-health/schemas/healthSchema.ts","../../src/server-health/providers/ServerHealthProvider.ts","../../src/server-health/index.ts"],"sourcesContent":["import { t } from \"alepha\";\n\nexport const healthSchema = t.object({\n message: t.text(),\n uptime: t.number(),\n date: t.datetime(),\n ready: t.boolean(),\n});\n","import { $inject, Alepha } from \"alepha\";\nimport { DateTimeProvider } from \"alepha/datetime\";\nimport { $route } from \"alepha/server\";\nimport { healthSchema } from \"../schemas/healthSchema.ts\";\n\n/**\n * Register `/health` & `/healthz` endpoint.\n *\n * - Provides basic health information about the server.\n */\nexport class ServerHealthProvider {\n protected readonly time: DateTimeProvider = $inject(DateTimeProvider);\n protected readonly alepha = $inject(Alepha);\n\n public readonly health = $route({\n path: \"/health\",\n schema: {\n response: healthSchema,\n },\n silent: true,\n handler: () => this.healthCheck(),\n });\n\n public readonly healthz = $route({\n path: \"/healthz\",\n schema: {\n response: healthSchema,\n },\n silent: true,\n handler: () => this.healthCheck(),\n });\n\n protected healthCheck() {\n return {\n message: \"OK\",\n uptime: Math.floor(process.uptime()),\n date: this.time.nowISOString(),\n ready: this.alepha.isReady(),\n };\n }\n}\n","import { $module } from \"alepha\";\nimport { AlephaServer } from \"alepha/server\";\nimport { ServerHealthProvider } from \"./providers/ServerHealthProvider.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./providers/ServerHealthProvider.ts\";\nexport * from \"./schemas/healthSchema.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\n/**\n * Plugin for Alepha Server that provides health-check endpoints.\n *\n * @see {@link ServerHealthProvider}\n * @module alepha.server.health\n */\nexport const AlephaServerHealth = $module({\n name: \"alepha.server.health\",\n services: [AlephaServer, ServerHealthProvider],\n});\n"],"mappings":";;;;;AAEA,MAAa,eAAeA,SAAE,OAAO;CACnC,SAASA,SAAE,MAAM;CACjB,QAAQA,SAAE,QAAQ;CAClB,MAAMA,SAAE,UAAU;CAClB,OAAOA,SAAE,SAAS;CACnB,CAAC;;;;;;;;;ACGF,IAAa,uBAAb,MAAkC;CAChC,AAAmB,2BAAiCC,iCAAiB;CACrE,AAAmB,6BAAiBC,cAAO;CAE3C,AAAgB,mCAAgB;EAC9B,MAAM;EACN,QAAQ,EACN,UAAU,cACX;EACD,QAAQ;EACR,eAAe,KAAK,aAAa;EAClC,CAAC;CAEF,AAAgB,oCAAiB;EAC/B,MAAM;EACN,QAAQ,EACN,UAAU,cACX;EACD,QAAQ;EACR,eAAe,KAAK,aAAa;EAClC,CAAC;CAEF,AAAU,cAAc;AACtB,SAAO;GACL,SAAS;GACT,QAAQ,KAAK,MAAM,QAAQ,QAAQ,CAAC;GACpC,MAAM,KAAK,KAAK,cAAc;GAC9B,OAAO,KAAK,OAAO,SAAS;GAC7B;;;;;;;;;;;;ACrBL,MAAa,yCAA6B;CACxC,MAAM;CACN,UAAU,CAACC,4BAAc,qBAAqB;CAC/C,CAAC"}

package/dist/server-health/index.d.cts DELETED Viewed

@@ -1,58 +0,0 @@
-import * as alepha6 from "alepha";
-import { Alepha } from "alepha";
-import * as alepha_server0 from "alepha/server";
-import { DateTimeProvider } from "alepha/datetime";
-//#region src/server-health/providers/ServerHealthProvider.d.ts
-/**
- * Register `/health` & `/healthz` endpoint.
- *
- * - Provides basic health information about the server.
- */
-declare class ServerHealthProvider {
-  protected readonly time: DateTimeProvider;
-  protected readonly alepha: Alepha;
-  readonly health: alepha_server0.RouteDescriptor<{
-    response: alepha6.TObject<{
-      message: alepha6.TString;
-      uptime: alepha6.TNumber;
-      date: alepha6.TString;
-      ready: alepha6.TBoolean;
-    }>;
-  }>;
-  readonly healthz: alepha_server0.RouteDescriptor<{
-    response: alepha6.TObject<{
-      message: alepha6.TString;
-      uptime: alepha6.TNumber;
-      date: alepha6.TString;
-      ready: alepha6.TBoolean;
-    }>;
-  }>;
-  protected healthCheck(): {
-    message: string;
-    uptime: number;
-    date: string;
-    ready: boolean;
-  };
-}
-//#endregion
-//#region src/server-health/schemas/healthSchema.d.ts
-declare const healthSchema: alepha6.TObject<{
-  message: alepha6.TString;
-  uptime: alepha6.TNumber;
-  date: alepha6.TString;
-  ready: alepha6.TBoolean;
-}>;
-//#endregion
-//#region src/server-health/index.d.ts
-/**
- * Plugin for Alepha Server that provides health-check endpoints.
- *
- * @see {@link ServerHealthProvider}
- * @module alepha.server.health
- */
-declare const AlephaServerHealth: alepha6.Service<alepha6.Module>;
-//#endregion
-export { AlephaServerHealth, ServerHealthProvider, healthSchema };
-//# sourceMappingURL=index.d.cts.map

package/dist/server-helmet/index.cjs DELETED Viewed

@@ -1,131 +0,0 @@
-let alepha = require("alepha");
-let alepha_server = require("alepha/server");
-//#region src/server-helmet/providers/ServerHelmetProvider.ts
-/**
-* Helmet security headers configuration atom
-*/
-const helmetOptions = (0, alepha.$atom)({
-	name: "alepha.server.helmet.options",
-	schema: alepha.t.object({
-		isSecure: alepha.t.optional(alepha.t.boolean()),
-		strictTransportSecurity: alepha.t.optional(alepha.t.object({
-			maxAge: alepha.t.optional(alepha.t.number()),
-			includeSubDomains: alepha.t.optional(alepha.t.boolean()),
-			preload: alepha.t.optional(alepha.t.boolean())
-		})),
-		xContentTypeOptions: alepha.t.optional(alepha.t.boolean()),
-		xFrameOptions: alepha.t.optional(alepha.t.enum(["DENY", "SAMEORIGIN"])),
-		xXssProtection: alepha.t.optional(alepha.t.boolean()),
-		contentSecurityPolicy: alepha.t.optional(alepha.t.object({ directives: alepha.t.record(alepha.t.string(), alepha.t.any()) })),
-		referrerPolicy: alepha.t.optional(alepha.t.enum([
-			"no-referrer",
-			"no-referrer-when-downgrade",
-			"origin",
-			"origin-when-cross-origin",
-			"same-origin",
-			"strict-origin",
-			"strict-origin-when-cross-origin",
-			"unsafe-url"
-		]))
-	}),
-	default: {
-		strictTransportSecurity: {
-			maxAge: 15552e3,
-			includeSubDomains: true
-		},
-		xFrameOptions: "SAMEORIGIN",
-		xXssProtection: false,
-		referrerPolicy: "strict-origin-when-cross-origin"
-	}
-});
-/**
-* Provides a configurable way to apply essential HTTP security headers
-* to every server response, without external dependencies.
-*/
-var ServerHelmetProvider = class {
-	alepha = (0, alepha.$inject)(alepha.Alepha);
-	/**
-	* The configuration options loaded from the atom.
-	*/
-	options = (0, alepha.$use)(helmetOptions);
-	defaultCspDirectives() {
-		return {
-			"default-src": ["'self'"],
-			"base-uri": ["'self'"],
-			"font-src": [
-				"'self'",
-				"https:",
-				"data:"
-			],
-			"form-action": ["'self'"],
-			"frame-ancestors": ["'self'"],
-			"img-src": ["'self'", "data:"],
-			"object-src": ["'none'"],
-			"script-src": ["'self'"],
-			"script-src-attr": ["'none'"],
-			"style-src": [
-				"'self'",
-				"https:",
-				"'unsafe-inline'"
-			],
-			"upgrade-insecure-requests": []
-		};
-	}
-	buildHeaders() {
-		const headers = {};
-		const { strictTransportSecurity: hsts, xContentTypeOptions, xFrameOptions, xXssProtection, contentSecurityPolicy: csp, referrerPolicy } = this.options;
-		if (hsts) {
-			let value = `max-age=${hsts.maxAge ?? 15552e3}`;
-			if (hsts.includeSubDomains) value += "; includeSubDomains";
-			if (hsts.preload) value += "; preload";
-			headers["strict-transport-security"] = value;
-		}
-		if (xContentTypeOptions !== false) headers["x-content-type-options"] = "nosniff";
-		if (xFrameOptions) headers["x-frame-options"] = xFrameOptions;
-		if (xXssProtection !== false) headers["x-xss-protection"] = "1; mode=block";
-		if (referrerPolicy) headers["referrer-policy"] = referrerPolicy;
-		if (csp) {
-			const directives = Object.keys(csp).length === 0 ? this.defaultCspDirectives() : csp.directives;
-			headers["content-security-policy"] = Object.entries(directives).map(([key, value]) => {
-				const kebabKey = key.replace(/[A-Z]/g, (letter) => `-${letter.toLowerCase()}`);
-				if (Array.isArray(value)) return `${kebabKey} ${value.join(" ")}`;
-				if (typeof value === "boolean" && value) return kebabKey;
-				return `${kebabKey} ${value}`;
-			}).join("; ");
-		}
-		return headers;
-	}
-	onResponse = (0, alepha.$hook)({
-		on: "server:onResponse",
-		priority: "first",
-		handler: ({ response }) => {
-			const isSecure = response.headers["x-forwarded-proto"] === "https" || this.options.isSecure || this.alepha.isProduction();
-			const headersToSet = this.buildHeaders();
-			for (const [key, value] of Object.entries(headersToSet)) {
-				if (key === "strict-transport-security" && !isSecure) continue;
-				if (!response.headers[key]) response.headers[key] = value;
-			}
-		}
-	});
-};
-//#endregion
-//#region src/server-helmet/index.ts
-/**
-* Automatically adds important HTTP security headers to every response
-* to help protect your application from common web vulnerabilities.
-*
-* @see {@link ServerHelmetProvider}
-* @module alepha.server.helmet
-*/
-const AlephaServerHelmet = (0, alepha.$module)({
-	name: "alepha.server.helmet",
-	services: [alepha_server.AlephaServer, ServerHelmetProvider]
-});
-//#endregion
-exports.AlephaServerHelmet = AlephaServerHelmet;
-exports.ServerHelmetProvider = ServerHelmetProvider;
-exports.helmetOptions = helmetOptions;
-//# sourceMappingURL=index.cjs.map

package/dist/server-helmet/index.cjs.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"index.cjs","names":["t","Alepha","headers: Record<string, string>","AlephaServer"],"sources":["../../src/server-helmet/providers/ServerHelmetProvider.ts","../../src/server-helmet/index.ts"],"sourcesContent":["import { $atom, $hook, $inject, $use, Alepha, type Static, t } from \"alepha\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\n/**\n * Helmet security headers configuration atom\n */\nexport const helmetOptions = $atom({\n name: \"alepha.server.helmet.options\",\n schema: t.object({\n isSecure: t.optional(t.boolean()),\n strictTransportSecurity: t.optional(\n t.object({\n maxAge: t.optional(t.number()),\n includeSubDomains: t.optional(t.boolean()),\n preload: t.optional(t.boolean()),\n }),\n ),\n xContentTypeOptions: t.optional(t.boolean()),\n xFrameOptions: t.optional(t.enum([\"DENY\", \"SAMEORIGIN\"])),\n xXssProtection: t.optional(t.boolean()),\n contentSecurityPolicy: t.optional(\n t.object({\n directives: t.record(t.string(), t.any()),\n }),\n ),\n referrerPolicy: t.optional(\n t.enum([\n \"no-referrer\",\n \"no-referrer-when-downgrade\",\n \"origin\",\n \"origin-when-cross-origin\",\n \"same-origin\",\n \"strict-origin\",\n \"strict-origin-when-cross-origin\",\n \"unsafe-url\",\n ]),\n ),\n }),\n default: {\n strictTransportSecurity: { maxAge: 15552000, includeSubDomains: true },\n xFrameOptions: \"SAMEORIGIN\",\n xXssProtection: false,\n referrerPolicy: \"strict-origin-when-cross-origin\",\n },\n});\n\nexport type HelmetOptions = Static<typeof helmetOptions.schema>;\n\ndeclare module \"alepha\" {\n interface State {\n [helmetOptions.key]: HelmetOptions;\n }\n}\n\n// ---------------------------------------------------------------------------------------------------------------------\n\ntype CspDirective = string | string[];\n\nexport interface CspDirectives {\n \"default-src\"?: CspDirective;\n \"script-src\"?: CspDirective;\n \"style-src\"?: CspDirective;\n \"img-src\"?: CspDirective;\n \"connect-src\"?: CspDirective;\n \"font-src\"?: CspDirective;\n \"object-src\"?: CspDirective;\n \"media-src\"?: CspDirective;\n \"frame-src\"?: CspDirective;\n sandbox?: CspDirective | boolean;\n \"report-uri\"?: string;\n \"child-src\"?: CspDirective;\n \"form-action\"?: CspDirective;\n \"frame-ancestors\"?: CspDirective;\n \"plugin-types\"?: CspDirective;\n \"base-uri\"?: CspDirective;\n [key: string]: CspDirective | undefined | boolean;\n}\n\nexport interface CspOptions {\n directives: CspDirectives;\n}\n\nexport interface HstsOptions {\n maxAge?: number;\n includeSubDomains?: boolean;\n preload?: boolean;\n}\n\n/**\n * Provides a configurable way to apply essential HTTP security headers\n * to every server response, without external dependencies.\n */\nexport class ServerHelmetProvider {\n protected readonly alepha = $inject(Alepha);\n\n /**\n * The configuration options loaded from the atom.\n */\n protected readonly options = $use(helmetOptions);\n\n protected defaultCspDirectives(): CspDirectives {\n return {\n \"default-src\": [\"'self'\"],\n \"base-uri\": [\"'self'\"],\n \"font-src\": [\"'self'\", \"https:\", \"data:\"],\n \"form-action\": [\"'self'\"],\n \"frame-ancestors\": [\"'self'\"],\n \"img-src\": [\"'self'\", \"data:\"],\n \"object-src\": [\"'none'\"],\n \"script-src\": [\"'self'\"],\n \"script-src-attr\": [\"'none'\"],\n \"style-src\": [\"'self'\", \"https:\", \"'unsafe-inline'\"],\n \"upgrade-insecure-requests\": [],\n };\n }\n\n protected buildHeaders(): Record<string, string> {\n const headers: Record<string, string> = {};\n const {\n strictTransportSecurity: hsts,\n xContentTypeOptions,\n xFrameOptions,\n xXssProtection,\n contentSecurityPolicy: csp,\n referrerPolicy,\n } = this.options;\n\n // Strict-Transport-Security\n if (hsts) {\n let value = `max-age=${hsts.maxAge ?? 15552000}`;\n if (hsts.includeSubDomains) value += \"; includeSubDomains\";\n if (hsts.preload) value += \"; preload\";\n headers[\"strict-transport-security\"] = value;\n }\n\n // X-Content-Type-Options\n if (xContentTypeOptions !== false) {\n headers[\"x-content-type-options\"] = \"nosniff\";\n }\n\n // X-Frame-Options\n if (xFrameOptions) {\n headers[\"x-frame-options\"] = xFrameOptions;\n }\n\n // X-XSS-Protection\n if (xXssProtection !== false) {\n headers[\"x-xss-protection\"] = \"1; mode=block\";\n }\n\n // Referrer-Policy\n if (referrerPolicy) {\n headers[\"referrer-policy\"] = referrerPolicy;\n }\n\n // Content-Security-Policy\n if (csp) {\n const directives =\n Object.keys(csp).length === 0\n ? this.defaultCspDirectives()\n : csp.directives;\n headers[\"content-security-policy\"] = Object.entries(directives)\n .map(([key, value]) => {\n const kebabKey = key.replace(\n /[A-Z]/g,\n (letter) => `-${letter.toLowerCase()}`,\n );\n if (Array.isArray(value)) {\n return `${kebabKey} ${value.join(\" \")}`;\n }\n if (typeof value === \"boolean\" && value) {\n return kebabKey;\n }\n return `${kebabKey} ${value}`;\n })\n .join(\"; \");\n }\n\n return headers;\n }\n\n protected readonly onResponse = $hook({\n on: \"server:onResponse\",\n priority: \"first\",\n handler: ({ response }) => {\n // this check is important. Only add HSTS on HTTPS requests.\n const isSecure =\n response.headers[\"x-forwarded-proto\"] === \"https\" ||\n this.options.isSecure ||\n this.alepha.isProduction();\n\n const headersToSet = this.buildHeaders();\n\n for (const [key, value] of Object.entries(headersToSet)) {\n if (key === \"strict-transport-security\" && !isSecure) {\n continue;\n }\n // don't overwrite headers if they are already set\n if (!response.headers[key]) {\n response.headers[key] = value;\n }\n }\n },\n });\n}\n","import { $module } from \"alepha\";\nimport { AlephaServer } from \"alepha/server\";\nimport { ServerHelmetProvider } from \"./providers/ServerHelmetProvider.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./providers/ServerHelmetProvider.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\n/**\n * Automatically adds important HTTP security headers to every response\n * to help protect your application from common web vulnerabilities.\n *\n * @see {@link ServerHelmetProvider}\n * @module alepha.server.helmet\n */\nexport const AlephaServerHelmet = $module({\n name: \"alepha.server.helmet\",\n services: [AlephaServer, ServerHelmetProvider],\n});\n"],"mappings":";;;;;;;AAOA,MAAa,kCAAsB;CACjC,MAAM;CACN,QAAQA,SAAE,OAAO;EACf,UAAUA,SAAE,SAASA,SAAE,SAAS,CAAC;EACjC,yBAAyBA,SAAE,SACzBA,SAAE,OAAO;GACP,QAAQA,SAAE,SAASA,SAAE,QAAQ,CAAC;GAC9B,mBAAmBA,SAAE,SAASA,SAAE,SAAS,CAAC;GAC1C,SAASA,SAAE,SAASA,SAAE,SAAS,CAAC;GACjC,CAAC,CACH;EACD,qBAAqBA,SAAE,SAASA,SAAE,SAAS,CAAC;EAC5C,eAAeA,SAAE,SAASA,SAAE,KAAK,CAAC,QAAQ,aAAa,CAAC,CAAC;EACzD,gBAAgBA,SAAE,SAASA,SAAE,SAAS,CAAC;EACvC,uBAAuBA,SAAE,SACvBA,SAAE,OAAO,EACP,YAAYA,SAAE,OAAOA,SAAE,QAAQ,EAAEA,SAAE,KAAK,CAAC,EAC1C,CAAC,CACH;EACD,gBAAgBA,SAAE,SAChBA,SAAE,KAAK;GACL;GACA;GACA;GACA;GACA;GACA;GACA;GACA;GACD,CAAC,CACH;EACF,CAAC;CACF,SAAS;EACP,yBAAyB;GAAE,QAAQ;GAAU,mBAAmB;GAAM;EACtE,eAAe;EACf,gBAAgB;EAChB,gBAAgB;EACjB;CACF,CAAC;;;;;AAgDF,IAAa,uBAAb,MAAkC;CAChC,AAAmB,6BAAiBC,cAAO;;;;CAK3C,AAAmB,2BAAe,cAAc;CAEhD,AAAU,uBAAsC;AAC9C,SAAO;GACL,eAAe,CAAC,SAAS;GACzB,YAAY,CAAC,SAAS;GACtB,YAAY;IAAC;IAAU;IAAU;IAAQ;GACzC,eAAe,CAAC,SAAS;GACzB,mBAAmB,CAAC,SAAS;GAC7B,WAAW,CAAC,UAAU,QAAQ;GAC9B,cAAc,CAAC,SAAS;GACxB,cAAc,CAAC,SAAS;GACxB,mBAAmB,CAAC,SAAS;GAC7B,aAAa;IAAC;IAAU;IAAU;IAAkB;GACpD,6BAA6B,EAAE;GAChC;;CAGH,AAAU,eAAuC;EAC/C,MAAMC,UAAkC,EAAE;EAC1C,MAAM,EACJ,yBAAyB,MACzB,qBACA,eACA,gBACA,uBAAuB,KACvB,mBACE,KAAK;AAGT,MAAI,MAAM;GACR,IAAI,QAAQ,WAAW,KAAK,UAAU;AACtC,OAAI,KAAK,kBAAmB,UAAS;AACrC,OAAI,KAAK,QAAS,UAAS;AAC3B,WAAQ,+BAA+B;;AAIzC,MAAI,wBAAwB,MAC1B,SAAQ,4BAA4B;AAItC,MAAI,cACF,SAAQ,qBAAqB;AAI/B,MAAI,mBAAmB,MACrB,SAAQ,sBAAsB;AAIhC,MAAI,eACF,SAAQ,qBAAqB;AAI/B,MAAI,KAAK;GACP,MAAM,aACJ,OAAO,KAAK,IAAI,CAAC,WAAW,IACxB,KAAK,sBAAsB,GAC3B,IAAI;AACV,WAAQ,6BAA6B,OAAO,QAAQ,WAAW,CAC5D,KAAK,CAAC,KAAK,WAAW;IACrB,MAAM,WAAW,IAAI,QACnB,WACC,WAAW,IAAI,OAAO,aAAa,GACrC;AACD,QAAI,MAAM,QAAQ,MAAM,CACtB,QAAO,GAAG,SAAS,GAAG,MAAM,KAAK,IAAI;AAEvC,QAAI,OAAO,UAAU,aAAa,MAChC,QAAO;AAET,WAAO,GAAG,SAAS,GAAG;KACtB,CACD,KAAK,KAAK;;AAGf,SAAO;;CAGT,AAAmB,+BAAmB;EACpC,IAAI;EACJ,UAAU;EACV,UAAU,EAAE,eAAe;GAEzB,MAAM,WACJ,SAAS,QAAQ,yBAAyB,WAC1C,KAAK,QAAQ,YACb,KAAK,OAAO,cAAc;GAE5B,MAAM,eAAe,KAAK,cAAc;AAExC,QAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,aAAa,EAAE;AACvD,QAAI,QAAQ,+BAA+B,CAAC,SAC1C;AAGF,QAAI,CAAC,SAAS,QAAQ,KACpB,UAAS,QAAQ,OAAO;;;EAI/B,CAAC;;;;;;;;;;;;AC3LJ,MAAa,yCAA6B;CACxC,MAAM;CACN,UAAU,CAACC,4BAAc,qBAAqB;CAC/C,CAAC"}

package/dist/server-helmet/index.d.cts DELETED Viewed

@@ -1,97 +0,0 @@
-import * as alepha1 from "alepha";
-import { Alepha, Static } from "alepha";
-//#region src/server-helmet/providers/ServerHelmetProvider.d.ts
-/**
- * Helmet security headers configuration atom
- */
-declare const helmetOptions: alepha1.Atom<alepha1.TObject<{
-  isSecure: alepha1.TOptional<alepha1.TBoolean>;
-  strictTransportSecurity: alepha1.TOptional<alepha1.TObject<{
-    maxAge: alepha1.TOptional<alepha1.TNumber>;
-    includeSubDomains: alepha1.TOptional<alepha1.TBoolean>;
-    preload: alepha1.TOptional<alepha1.TBoolean>;
-  }>>;
-  xContentTypeOptions: alepha1.TOptional<alepha1.TBoolean>;
-  xFrameOptions: alepha1.TOptional<alepha1.TUnsafe<"DENY" | "SAMEORIGIN">>;
-  xXssProtection: alepha1.TOptional<alepha1.TBoolean>;
-  contentSecurityPolicy: alepha1.TOptional<alepha1.TObject<{
-    directives: alepha1.TRecord<"^.*$", alepha1.TAny>;
-  }>>;
-  referrerPolicy: alepha1.TOptional<alepha1.TUnsafe<"no-referrer" | "no-referrer-when-downgrade" | "origin" | "origin-when-cross-origin" | "same-origin" | "strict-origin" | "strict-origin-when-cross-origin" | "unsafe-url">>;
-}>, "alepha.server.helmet.options">;
-type HelmetOptions = Static<typeof helmetOptions.schema>;
-declare module "alepha" {
-  interface State {
-    [helmetOptions.key]: HelmetOptions;
-  }
-}
-type CspDirective = string | string[];
-interface CspDirectives {
-  "default-src"?: CspDirective;
-  "script-src"?: CspDirective;
-  "style-src"?: CspDirective;
-  "img-src"?: CspDirective;
-  "connect-src"?: CspDirective;
-  "font-src"?: CspDirective;
-  "object-src"?: CspDirective;
-  "media-src"?: CspDirective;
-  "frame-src"?: CspDirective;
-  sandbox?: CspDirective | boolean;
-  "report-uri"?: string;
-  "child-src"?: CspDirective;
-  "form-action"?: CspDirective;
-  "frame-ancestors"?: CspDirective;
-  "plugin-types"?: CspDirective;
-  "base-uri"?: CspDirective;
-  [key: string]: CspDirective | undefined | boolean;
-}
-interface CspOptions {
-  directives: CspDirectives;
-}
-interface HstsOptions {
-  maxAge?: number;
-  includeSubDomains?: boolean;
-  preload?: boolean;
-}
-/**
- * Provides a configurable way to apply essential HTTP security headers
- * to every server response, without external dependencies.
- */
-declare class ServerHelmetProvider {
-  protected readonly alepha: Alepha;
-  /**
-   * The configuration options loaded from the atom.
-   */
-  protected readonly options: Readonly<{
-    isSecure?: boolean | undefined;
-    strictTransportSecurity?: {
-      maxAge?: number | undefined;
-      includeSubDomains?: boolean | undefined;
-      preload?: boolean | undefined;
-    } | undefined;
-    xContentTypeOptions?: boolean | undefined;
-    xFrameOptions?: "DENY" | "SAMEORIGIN" | undefined;
-    xXssProtection?: boolean | undefined;
-    contentSecurityPolicy?: {
-      directives: Record<string, any>;
-    } | undefined;
-    referrerPolicy?: "no-referrer" | "no-referrer-when-downgrade" | "origin" | "origin-when-cross-origin" | "same-origin" | "strict-origin" | "strict-origin-when-cross-origin" | "unsafe-url" | undefined;
-  }>;
-  protected defaultCspDirectives(): CspDirectives;
-  protected buildHeaders(): Record<string, string>;
-  protected readonly onResponse: alepha1.HookDescriptor<"server:onResponse">;
-}
-//#endregion
-//#region src/server-helmet/index.d.ts
-/**
- * Automatically adds important HTTP security headers to every response
- * to help protect your application from common web vulnerabilities.
- *
- * @see {@link ServerHelmetProvider}
- * @module alepha.server.helmet
- */
-declare const AlephaServerHelmet: alepha1.Service<alepha1.Module>;
-//#endregion
-export { AlephaServerHelmet, CspDirectives, CspOptions, HelmetOptions, HstsOptions, ServerHelmetProvider, helmetOptions };
-//# sourceMappingURL=index.d.cts.map