npm - alepha - Versions diffs - 0.14.2 → 0.14.4 - Mend

alepha 0.14.2 → 0.14.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (405) hide show

package/README.md +1 -1
package/dist/api/audits/index.browser.js +5 -5
package/dist/api/audits/index.browser.js.map +1 -1
package/dist/api/audits/index.d.ts +706 -785
package/dist/api/audits/index.d.ts.map +1 -1
package/dist/api/audits/index.js +13 -13
package/dist/api/audits/index.js.map +1 -1
package/dist/api/files/index.browser.js +5 -5
package/dist/api/files/index.browser.js.map +1 -1
package/dist/api/files/index.d.ts +58 -137
package/dist/api/files/index.d.ts.map +1 -1
package/dist/api/files/index.js +71 -71
package/dist/api/files/index.js.map +1 -1
package/dist/api/jobs/index.browser.js +5 -5
package/dist/api/jobs/index.browser.js.map +1 -1
package/dist/api/jobs/index.d.ts +29 -108
package/dist/api/jobs/index.d.ts.map +1 -1
package/dist/api/jobs/index.js +10 -10
package/dist/api/jobs/index.js.map +1 -1
package/dist/api/notifications/index.browser.js +10 -10
package/dist/api/notifications/index.browser.js.map +1 -1
package/dist/api/notifications/index.d.ts +504 -171
package/dist/api/notifications/index.d.ts.map +1 -1
package/dist/api/notifications/index.js +12 -12
package/dist/api/notifications/index.js.map +1 -1
package/dist/api/parameters/index.browser.js +163 -10
package/dist/api/parameters/index.browser.js.map +1 -1
package/dist/api/parameters/index.d.ts +277 -351
package/dist/api/parameters/index.d.ts.map +1 -1
package/dist/api/parameters/index.js +196 -91
package/dist/api/parameters/index.js.map +1 -1
package/dist/api/users/index.browser.js +19 -19
package/dist/api/users/index.browser.js.map +1 -1
package/dist/api/users/index.d.ts +787 -852
package/dist/api/users/index.d.ts.map +1 -1
package/dist/api/users/index.js +827 -596
package/dist/api/users/index.js.map +1 -1
package/dist/api/verifications/index.browser.js +6 -6
package/dist/api/verifications/index.browser.js.map +1 -1
package/dist/api/verifications/index.d.ts +128 -128
package/dist/api/verifications/index.d.ts.map +1 -1
package/dist/api/verifications/index.js +6 -6
package/dist/api/verifications/index.js.map +1 -1
package/dist/bin/index.d.ts +1 -2
package/dist/bin/index.js +0 -1
package/dist/bin/index.js.map +1 -1
package/dist/cli/index.d.ts +252 -131
package/dist/cli/index.d.ts.map +1 -1
package/dist/cli/index.js +595 -395
package/dist/cli/index.js.map +1 -1
package/dist/command/index.d.ts +46 -11
package/dist/command/index.d.ts.map +1 -1
package/dist/command/index.js +99 -19
package/dist/command/index.js.map +1 -1
package/dist/core/index.browser.js +40 -22
package/dist/core/index.browser.js.map +1 -1
package/dist/core/index.d.ts +45 -1
package/dist/core/index.d.ts.map +1 -1
package/dist/core/index.js +40 -22
package/dist/core/index.js.map +1 -1
package/dist/core/index.native.js +40 -22
package/dist/core/index.native.js.map +1 -1
package/dist/fake/index.js +195 -168
package/dist/fake/index.js.map +1 -1
package/dist/file/index.d.ts +8 -0
package/dist/file/index.d.ts.map +1 -1
package/dist/file/index.js +3 -0
package/dist/file/index.js.map +1 -1
package/dist/logger/index.d.ts +1 -1
package/dist/logger/index.d.ts.map +1 -1
package/dist/logger/index.js +12 -2
package/dist/logger/index.js.map +1 -1
package/dist/mcp/index.js +1 -1
package/dist/mcp/index.js.map +1 -1
package/dist/orm/index.d.ts +59 -195
package/dist/orm/index.d.ts.map +1 -1
package/dist/orm/index.js +201 -430
package/dist/orm/index.js.map +1 -1
package/dist/security/index.d.ts +1 -1
package/dist/security/index.d.ts.map +1 -1
package/dist/security/index.js +1 -1
package/dist/security/index.js.map +1 -1
package/dist/server/auth/index.d.ts +171 -155
package/dist/server/auth/index.d.ts.map +1 -1
package/dist/server/auth/index.js +0 -1
package/dist/server/auth/index.js.map +1 -1
package/dist/server/cache/index.d.ts +12 -0
package/dist/server/cache/index.d.ts.map +1 -1
package/dist/server/cache/index.js +55 -2
package/dist/server/cache/index.js.map +1 -1
package/dist/server/compress/index.d.ts +6 -0
package/dist/server/compress/index.d.ts.map +1 -1
package/dist/server/compress/index.js +38 -1
package/dist/server/compress/index.js.map +1 -1
package/dist/server/core/index.browser.js +2 -2
package/dist/server/core/index.browser.js.map +1 -1
package/dist/server/core/index.d.ts +10 -10
package/dist/server/core/index.d.ts.map +1 -1
package/dist/server/core/index.js +7 -4
package/dist/server/core/index.js.map +1 -1
package/dist/server/links/index.browser.js +22 -6
package/dist/server/links/index.browser.js.map +1 -1
package/dist/server/links/index.d.ts +46 -44
package/dist/server/links/index.d.ts.map +1 -1
package/dist/server/links/index.js +24 -41
package/dist/server/links/index.js.map +1 -1
package/dist/server/static/index.d.ts.map +1 -1
package/dist/server/static/index.js +4 -0
package/dist/server/static/index.js.map +1 -1
package/dist/server/swagger/index.d.ts +2 -1
package/dist/server/swagger/index.d.ts.map +1 -1
package/dist/server/swagger/index.js +9 -5
package/dist/server/swagger/index.js.map +1 -1
package/dist/vite/index.d.ts +101 -106
package/dist/vite/index.d.ts.map +1 -1
package/dist/vite/index.js +574 -503
package/dist/vite/index.js.map +1 -1
package/dist/websocket/index.d.ts +7 -7
package/package.json +7 -7
package/src/api/audits/controllers/{AuditController.ts → AdminAuditController.ts} +5 -6
package/src/api/audits/entities/audits.ts +5 -5
package/src/api/audits/index.browser.ts +1 -1
package/src/api/audits/index.ts +3 -3
package/src/api/audits/primitives/$audit.spec.ts +276 -0
package/src/api/audits/services/AuditService.spec.ts +495 -0
package/src/api/files/__tests__/$bucket.spec.ts +91 -0
package/src/api/files/controllers/AdminFileStatsController.spec.ts +166 -0
package/src/api/files/controllers/{StorageStatsController.ts → AdminFileStatsController.ts} +2 -2
package/src/api/files/controllers/FileController.spec.ts +558 -0
package/src/api/files/controllers/FileController.ts +4 -5
package/src/api/files/entities/files.ts +5 -5
package/src/api/files/index.browser.ts +1 -1
package/src/api/files/index.ts +4 -4
package/src/api/files/jobs/FileJobs.spec.ts +52 -0
package/src/api/files/services/FileService.spec.ts +109 -0
package/src/api/jobs/__tests__/JobController.spec.ts +343 -0
package/src/api/jobs/controllers/{JobController.ts → AdminJobController.ts} +2 -2
package/src/api/jobs/entities/jobExecutions.ts +5 -5
package/src/api/jobs/index.ts +3 -3
package/src/api/jobs/primitives/$job.spec.ts +476 -0
package/src/api/notifications/controllers/{NotificationController.ts → AdminNotificationController.ts} +4 -5
package/src/api/notifications/entities/notifications.ts +5 -5
package/src/api/notifications/index.browser.ts +1 -1
package/src/api/notifications/index.ts +4 -4
package/src/api/parameters/controllers/{ConfigController.ts → AdminConfigController.ts} +46 -107
package/src/api/parameters/entities/parameters.ts +7 -17
package/src/api/parameters/index.ts +3 -3
package/src/api/parameters/primitives/$config.spec.ts +356 -0
package/src/api/parameters/schemas/activateConfigBodySchema.ts +12 -0
package/src/api/parameters/schemas/checkScheduledResponseSchema.ts +8 -0
package/src/api/parameters/schemas/configCurrentResponseSchema.ts +13 -0
package/src/api/parameters/schemas/configHistoryResponseSchema.ts +9 -0
package/src/api/parameters/schemas/configNameParamSchema.ts +10 -0
package/src/api/parameters/schemas/configNamesResponseSchema.ts +8 -0
package/src/api/parameters/schemas/configTreeNodeSchema.ts +13 -0
package/src/api/parameters/schemas/configVersionParamSchema.ts +9 -0
package/src/api/parameters/schemas/configVersionResponseSchema.ts +9 -0
package/src/api/parameters/schemas/configsByStatusResponseSchema.ts +9 -0
package/src/api/parameters/schemas/createConfigVersionBodySchema.ts +24 -0
package/src/api/parameters/schemas/index.ts +15 -0
package/src/api/parameters/schemas/parameterResponseSchema.ts +26 -0
package/src/api/parameters/schemas/parameterStatusSchema.ts +13 -0
package/src/api/parameters/schemas/rollbackConfigBodySchema.ts +15 -0
package/src/api/parameters/schemas/statusParamSchema.ts +9 -0
package/src/api/users/__tests__/EmailVerification.spec.ts +369 -0
package/src/api/users/__tests__/PasswordReset.spec.ts +550 -0
package/src/api/users/controllers/AdminIdentityController.spec.ts +365 -0
package/src/api/users/controllers/{IdentityController.ts → AdminIdentityController.ts} +3 -4
package/src/api/users/controllers/AdminSessionController.spec.ts +274 -0
package/src/api/users/controllers/{SessionController.ts → AdminSessionController.ts} +3 -4
package/src/api/users/controllers/AdminUserController.spec.ts +372 -0
package/src/api/users/controllers/AdminUserController.ts +116 -0
package/src/api/users/controllers/UserController.ts +4 -107
package/src/api/users/controllers/UserRealmController.ts +3 -0
package/src/api/users/entities/identities.ts +6 -6
package/src/api/users/entities/sessions.ts +6 -6
package/src/api/users/entities/users.ts +9 -9
package/src/api/users/index.ts +9 -6
package/src/api/users/primitives/$userRealm.ts +13 -8
package/src/api/users/services/CredentialService.spec.ts +509 -0
package/src/api/users/services/CredentialService.ts +46 -0
package/src/api/users/services/IdentityService.ts +15 -0
package/src/api/users/services/RegistrationService.spec.ts +630 -0
package/src/api/users/services/RegistrationService.ts +18 -0
package/src/api/users/services/SessionService.spec.ts +301 -0
package/src/api/users/services/SessionService.ts +110 -1
package/src/api/users/services/UserService.ts +67 -2
package/src/api/verifications/__tests__/CodeVerification.spec.ts +318 -0
package/src/api/verifications/__tests__/LinkVerification.spec.ts +279 -0
package/src/api/verifications/entities/verifications.ts +6 -6
package/src/api/verifications/jobs/VerificationJobs.spec.ts +50 -0
package/src/batch/__tests__/startup-buffering.spec.ts +458 -0
package/src/batch/primitives/$batch.spec.ts +766 -0
package/src/batch/providers/BatchProvider.spec.ts +786 -0
package/src/bin/index.ts +0 -1
package/src/bucket/__tests__/shared.ts +194 -0
package/src/bucket/primitives/$bucket.spec.ts +104 -0
package/src/bucket/providers/FileStorageProvider.spec.ts +13 -0
package/src/bucket/providers/LocalFileStorageProvider.spec.ts +77 -0
package/src/bucket/providers/MemoryFileStorageProvider.spec.ts +82 -0
package/src/cache/core/__tests__/shared.ts +377 -0
package/src/cache/core/primitives/$cache.spec.ts +111 -0
package/src/cache/redis/__tests__/cache-redis.spec.ts +70 -0
package/src/cli/apps/AlephaCli.ts +25 -6
package/src/cli/atoms/buildOptions.ts +88 -0
package/src/cli/commands/build.ts +32 -69
package/src/cli/commands/db.ts +0 -4
package/src/cli/commands/dev.ts +34 -10
package/src/cli/commands/gen/changelog.spec.ts +315 -0
package/src/cli/commands/{changelog.ts → gen/changelog.ts} +9 -9
package/src/cli/commands/gen/env.ts +53 -0
package/src/cli/commands/gen/openapi.ts +71 -0
package/src/cli/commands/gen/resource.ts +15 -0
package/src/cli/commands/gen.ts +24 -0
package/src/cli/commands/init.ts +2 -1
package/src/cli/commands/root.ts +12 -3
package/src/cli/commands/test.ts +0 -1
package/src/cli/commands/typecheck.ts +5 -0
package/src/cli/commands/verify.ts +1 -1
package/src/cli/defineConfig.ts +49 -7
package/src/cli/index.ts +2 -2
package/src/cli/services/AlephaCliUtils.ts +105 -55
package/src/cli/services/GitMessageParser.ts +1 -1
package/src/command/helpers/Asker.spec.ts +127 -0
package/src/command/helpers/Runner.spec.ts +126 -0
package/src/command/helpers/Runner.ts +1 -1
package/src/command/primitives/$command.spec.ts +1588 -0
package/src/command/primitives/$command.ts +0 -6
package/src/command/providers/CliProvider.ts +75 -27
package/src/core/Alepha.ts +87 -0
package/src/core/__tests__/Alepha-emit.spec.ts +22 -0
package/src/core/__tests__/Alepha-graph.spec.ts +93 -0
package/src/core/__tests__/Alepha-has.spec.ts +41 -0
package/src/core/__tests__/Alepha-inject.spec.ts +93 -0
package/src/core/__tests__/Alepha-register.spec.ts +81 -0
package/src/core/__tests__/Alepha-start.spec.ts +176 -0
package/src/core/__tests__/Alepha-with.spec.ts +14 -0
package/src/core/__tests__/TypeBox-usecases.spec.ts +35 -0
package/src/core/__tests__/TypeBoxLocale.spec.ts +15 -0
package/src/core/__tests__/descriptor.spec.ts +34 -0
package/src/core/__tests__/fixtures/A.ts +5 -0
package/src/core/__tests__/pagination.spec.ts +77 -0
package/src/core/helpers/jsonSchemaToTypeBox.ts +2 -2
package/src/core/primitives/$atom.spec.ts +43 -0
package/src/core/primitives/$hook.spec.ts +130 -0
package/src/core/primitives/$inject.spec.ts +175 -0
package/src/core/primitives/$module.spec.ts +115 -0
package/src/core/providers/CodecManager.spec.ts +740 -0
package/src/core/providers/EventManager.spec.ts +762 -0
package/src/core/providers/EventManager.ts +4 -0
package/src/core/providers/StateManager.spec.ts +365 -0
package/src/core/providers/TypeProvider.spec.ts +1607 -0
package/src/core/providers/TypeProvider.ts +20 -26
package/src/datetime/primitives/$interval.spec.ts +103 -0
package/src/datetime/providers/DateTimeProvider.spec.ts +86 -0
package/src/email/primitives/$email.spec.ts +175 -0
package/src/email/providers/LocalEmailProvider.spec.ts +341 -0
package/src/fake/__tests__/keyName.example.ts +40 -0
package/src/fake/__tests__/keyName.spec.ts +152 -0
package/src/fake/__tests__/module.example.ts +32 -0
package/src/fake/providers/FakeProvider.spec.ts +438 -0
package/src/file/providers/FileSystemProvider.ts +8 -0
package/src/file/providers/NodeFileSystemProvider.spec.ts +418 -0
package/src/file/providers/NodeFileSystemProvider.ts +5 -0
package/src/file/services/FileDetector.spec.ts +591 -0
package/src/lock/core/__tests__/shared.ts +190 -0
package/src/lock/core/providers/MemoryLockProvider.spec.ts +25 -0
package/src/lock/redis/providers/RedisLockProvider.spec.ts +25 -0
package/src/logger/__tests__/SimpleFormatterProvider.spec.ts +109 -0
package/src/logger/index.ts +15 -3
package/src/logger/primitives/$logger.spec.ts +108 -0
package/src/logger/services/Logger.spec.ts +295 -0
package/src/mcp/__tests__/errors.spec.ts +175 -0
package/src/mcp/__tests__/integration.spec.ts +450 -0
package/src/mcp/helpers/jsonrpc.spec.ts +380 -0
package/src/mcp/primitives/$prompt.spec.ts +468 -0
package/src/mcp/primitives/$resource.spec.ts +390 -0
package/src/mcp/primitives/$tool.spec.ts +406 -0
package/src/mcp/providers/McpServerProvider.spec.ts +797 -0
package/src/mcp/transports/StdioMcpTransport.ts +1 -1
package/src/orm/__tests__/$repository-crud.spec.ts +276 -0
package/src/orm/__tests__/$repository-hooks.spec.ts +325 -0
package/src/orm/__tests__/$repository-orderBy.spec.ts +128 -0
package/src/orm/__tests__/$repository-pagination-sort.spec.ts +149 -0
package/src/orm/__tests__/$repository-save.spec.ts +37 -0
package/src/orm/__tests__/ModelBuilder-integration.spec.ts +490 -0
package/src/orm/__tests__/ModelBuilder-types.spec.ts +186 -0
package/src/orm/__tests__/PostgresProvider.spec.ts +46 -0
package/src/orm/__tests__/delete-returning.spec.ts +256 -0
package/src/orm/__tests__/deletedAt.spec.ts +80 -0
package/src/orm/__tests__/enums.spec.ts +315 -0
package/src/orm/__tests__/execute.spec.ts +72 -0
package/src/orm/__tests__/fixtures/bigEntitySchema.ts +65 -0
package/src/orm/__tests__/fixtures/userEntitySchema.ts +27 -0
package/src/orm/__tests__/joins.spec.ts +1114 -0
package/src/orm/__tests__/page.spec.ts +287 -0
package/src/orm/__tests__/primaryKey.spec.ts +87 -0
package/src/orm/__tests__/query-date-encoding.spec.ts +402 -0
package/src/orm/__tests__/ref-auto-onDelete.spec.ts +156 -0
package/src/orm/__tests__/references.spec.ts +102 -0
package/src/orm/__tests__/security.spec.ts +710 -0
package/src/orm/__tests__/sqlite.spec.ts +111 -0
package/src/orm/__tests__/string-operators.spec.ts +429 -0
package/src/orm/__tests__/timestamps.spec.ts +388 -0
package/src/orm/__tests__/validation.spec.ts +183 -0
package/src/orm/__tests__/version.spec.ts +64 -0
package/src/orm/helpers/parseQueryString.spec.ts +196 -0
package/src/orm/index.ts +2 -8
package/src/orm/primitives/$repository.spec.ts +137 -0
package/src/orm/primitives/$sequence.spec.ts +29 -0
package/src/orm/primitives/$transaction.spec.ts +82 -0
package/src/orm/providers/drivers/BunPostgresProvider.ts +3 -3
package/src/orm/providers/drivers/BunSqliteProvider.ts +1 -1
package/src/orm/providers/drivers/CloudflareD1Provider.ts +1 -1
package/src/orm/providers/drivers/DatabaseProvider.ts +1 -1
package/src/orm/providers/drivers/NodePostgresProvider.ts +3 -3
package/src/orm/providers/drivers/NodeSqliteProvider.ts +1 -1
package/src/orm/providers/drivers/PglitePostgresProvider.ts +2 -2
package/src/orm/services/ModelBuilder.spec.ts +575 -0
package/src/orm/services/Repository.spec.ts +137 -0
package/src/queue/core/__tests__/shared.ts +143 -0
package/src/queue/core/providers/MemoryQueueProvider.spec.ts +23 -0
package/src/queue/core/providers/WorkerProvider.spec.ts +394 -0
package/src/queue/redis/providers/RedisQueueProvider.spec.ts +23 -0
package/src/redis/__tests__/redis.spec.ts +58 -0
package/src/retry/primitives/$retry.spec.ts +234 -0
package/src/retry/providers/RetryProvider.spec.ts +438 -0
package/src/router/__tests__/match.spec.ts +252 -0
package/src/router/providers/RouterProvider.spec.ts +197 -0
package/src/scheduler/__tests__/$scheduler-cron.spec.ts +25 -0
package/src/scheduler/__tests__/$scheduler-interval.spec.ts +25 -0
package/src/scheduler/__tests__/shared.ts +77 -0
package/src/security/__tests__/bug-1-wildcard-after-start.spec.ts +229 -0
package/src/security/__tests__/bug-2-password-validation.spec.ts +245 -0
package/src/security/__tests__/bug-3-regex-vulnerability.spec.ts +407 -0
package/src/security/__tests__/bug-4-oauth2-validation.spec.ts +439 -0
package/src/security/__tests__/multi-layer-permissions.spec.ts +522 -0
package/src/security/primitives/$permission.spec.ts +30 -0
package/src/security/primitives/$permission.ts +2 -2
package/src/security/primitives/$realm.spec.ts +101 -0
package/src/security/primitives/$role.spec.ts +52 -0
package/src/security/primitives/$serviceAccount.spec.ts +61 -0
package/src/security/providers/SecurityProvider.spec.ts +350 -0
package/src/server/auth/providers/ServerAuthProvider.ts +0 -2
package/src/server/cache/providers/ServerCacheProvider.spec.ts +1125 -0
package/src/server/cache/providers/ServerCacheProvider.ts +94 -9
package/src/server/compress/providers/ServerCompressProvider.spec.ts +31 -0
package/src/server/compress/providers/ServerCompressProvider.ts +63 -2
package/src/server/cookies/providers/ServerCookiesProvider.spec.ts +253 -0
package/src/server/core/__tests__/ServerRouterProvider-getRoutes.spec.ts +334 -0
package/src/server/core/__tests__/ServerRouterProvider-requestId.spec.ts +129 -0
package/src/server/core/helpers/ServerReply.ts +2 -2
package/src/server/core/primitives/$action.spec.ts +191 -0
package/src/server/core/primitives/$route.spec.ts +65 -0
package/src/server/core/providers/ServerBodyParserProvider.spec.ts +93 -0
package/src/server/core/providers/ServerLoggerProvider.spec.ts +100 -0
package/src/server/core/providers/ServerProvider.ts +14 -2
package/src/server/core/services/HttpClient.spec.ts +123 -0
package/src/server/core/services/UserAgentParser.spec.ts +111 -0
package/src/server/cors/providers/ServerCorsProvider.spec.ts +481 -0
package/src/server/health/providers/ServerHealthProvider.spec.ts +22 -0
package/src/server/helmet/providers/ServerHelmetProvider.spec.ts +105 -0
package/src/server/links/__tests__/$action.spec.ts +238 -0
package/src/server/links/__tests__/fixtures/CrudApp.ts +122 -0
package/src/server/links/__tests__/requestId.spec.ts +120 -0
package/src/server/links/primitives/$remote.spec.ts +228 -0
package/src/server/links/providers/LinkProvider.spec.ts +54 -0
package/src/server/links/providers/LinkProvider.ts +49 -3
package/src/server/links/providers/ServerLinksProvider.ts +1 -53
package/src/server/links/schemas/apiLinksResponseSchema.ts +7 -0
package/src/server/metrics/providers/ServerMetricsProvider.spec.ts +25 -0
package/src/server/multipart/providers/ServerMultipartProvider.spec.ts +528 -0
package/src/server/proxy/primitives/$proxy.spec.ts +87 -0
package/src/server/rate-limit/__tests__/ActionRateLimit.spec.ts +211 -0
package/src/server/rate-limit/providers/ServerRateLimitProvider.spec.ts +344 -0
package/src/server/security/__tests__/BasicAuth.spec.ts +684 -0
package/src/server/security/__tests__/ServerSecurityProvider-realm.spec.ts +388 -0
package/src/server/security/providers/ServerSecurityProvider.spec.ts +123 -0
package/src/server/static/primitives/$serve.spec.ts +193 -0
package/src/server/static/providers/ServerStaticProvider.ts +10 -0
package/src/server/swagger/__tests__/ui.spec.ts +52 -0
package/src/server/swagger/primitives/$swagger.spec.ts +193 -0
package/src/server/swagger/providers/ServerSwaggerProvider.ts +19 -12
package/src/sms/primitives/$sms.spec.ts +165 -0
package/src/sms/providers/LocalSmsProvider.spec.ts +224 -0
package/src/sms/providers/MemorySmsProvider.spec.ts +193 -0
package/src/thread/primitives/$thread.spec.ts +186 -0
package/src/topic/core/__tests__/shared.ts +144 -0
package/src/topic/core/providers/MemoryTopicProvider.spec.ts +23 -0
package/src/topic/redis/providers/RedisTopicProvider.spec.ts +23 -0
package/src/vite/helpers/importViteReact.ts +13 -0
package/src/vite/index.ts +1 -21
package/src/vite/plugins/viteAlephaDev.ts +32 -5
package/src/vite/plugins/viteAlephaSsrPreload.ts +222 -0
package/src/vite/tasks/buildClient.ts +11 -0
package/src/vite/tasks/buildServer.ts +47 -3
package/src/vite/tasks/devServer.ts +69 -0
package/src/vite/tasks/index.ts +2 -1
package/src/vite/tasks/runAlepha.ts +7 -1
package/src/websocket/__tests__/$websocket-new.spec.ts +195 -0
package/src/websocket/primitives/$channel.spec.ts +30 -0
package/src/cli/assets/viteConfigTs.ts +0 -14
package/src/cli/commands/run.ts +0 -24
package/src/vite/plugins/viteAlepha.ts +0 -37
package/src/vite/plugins/viteAlephaBuild.ts +0 -281

package/src/server/cors/providers/ServerCorsProvider.spec.ts ADDED Viewed

@@ -0,0 +1,481 @@
+import { Alepha } from "alepha";
+import { $action, AlephaServer, ServerProvider } from "alepha/server";
+import { afterEach, describe, expect, test } from "vitest";
+import {
+  $cors,
+  AlephaServerCors,
+  corsOptions,
+  ServerCorsProvider,
+  type ServerCorsProviderOptions,
+} from "../index.ts";
+// A simple test action to hit
+class TestApp {
+  hello = $action({
+    method: "POST",
+    handler: () => "world",
+  });
+}
+describe("ServerCorsProvider", () => {
+  let alepha: Alepha;
+  let server: ServerProvider;
+  const setupServer = async (options?: Partial<ServerCorsProviderOptions>) => {
+    alepha = Alepha.create()
+      .with(AlephaServer)
+      .with(AlephaServerCors)
+      .with(TestApp);
+    if (options) {
+      alepha.store.mut(corsOptions, (old) => ({
+        ...old,
+        ...options,
+      }));
+    }
+    server = alepha.inject(ServerProvider);
+    await alepha.start();
+  };
+  afterEach(async () => {
+    if (alepha) {
+      await alepha.stop();
+    }
+  });
+  test("should return correct CORS headers for a simple request from an allowed origin", async () => {
+    await setupServer({
+      origin: "https://allowed.example.com",
+    });
+    const response = await fetch(`${server.hostname}/api/hello`, {
+      method: "POST",
+      headers: {
+        Origin: "https://allowed.example.com",
+      },
+    });
+    expect(response.status).toBe(200);
+    expect(response.headers.get("access-control-allow-origin")).toBe(
+      "https://allowed.example.com",
+    );
+    expect(response.headers.get("access-control-allow-credentials")).toBe(
+      "true",
+    );
+  });
+  test("should handle wildcard origin correctly", async () => {
+    await setupServer({
+      origin: "*",
+    });
+    const response = await fetch(`${server.hostname}/api/hello`, {
+      method: "POST",
+      headers: {
+        origin: "https://any.origin.com",
+      },
+    });
+    expect(response.status).toBe(200);
+    // Note: Wildcard returns the specific origin, not '*' when credentials are not sent by browser
+    expect(response.headers.get("access-control-allow-origin")).toBe(
+      "https://any.origin.com",
+    );
+  });
+  test("should handle preflight OPTIONS request correctly", async () => {
+    await setupServer({
+      origin: "https://preflight.example.com",
+      methods: ["GET", "POST", "OPTIONS"],
+      headers: ["Content-Type", "X-Custom-Header"],
+      maxAge: 86400,
+    });
+    const response = await fetch(`${server.hostname}/api/hello`, {
+      method: "OPTIONS",
+      headers: {
+        Origin: "https://preflight.example.com",
+        "Access-Control-Request-Method": "POST",
+        "Access-Control-Request-Headers": "X-Custom-Header",
+      },
+    });
+    expect(response.status).toBe(204); // Preflight should return 204 No Content
+    expect(response.headers.get("access-control-allow-origin")).toBe(
+      "https://preflight.example.com",
+    );
+    expect(response.headers.get("access-control-allow-methods")).toBe(
+      "GET, POST, OPTIONS",
+    );
+    expect(response.headers.get("access-control-allow-headers")).toBe(
+      "Content-Type, X-Custom-Header",
+    );
+    expect(response.headers.get("access-control-max-age")).toBe("86400");
+  });
+  test("should NOT return CORS headers for a request from a disallowed origin", async () => {
+    await setupServer({
+      origin: "https://allowed.example.com",
+    });
+    const response = await fetch(`${server.hostname}/api/hello`, {
+      headers: {
+        Origin: "https://disallowed.example.com",
+      },
+    });
+    // The header should not be set because the origin is not in the allow list.
+    // Some servers might omit it, others might return null. Checking for not-allowed is key.
+    expect(response.headers.get("access-control-allow-origin")).not.toBe(
+      "https://disallowed.example.com",
+    );
+  });
+  test("should handle an array of allowed origins", async () => {
+    const allowedOrigins = [
+      "https://app1.example.com",
+      "https://app2.example.com",
+    ];
+    await setupServer({
+      origin: allowedOrigins.join(","),
+    });
+    // First allowed origin
+    const res1 = await fetch(`${server.hostname}/api/hello`, {
+      method: "POST",
+      headers: { Origin: allowedOrigins[0] },
+    });
+    expect(res1.headers.get("access-control-allow-origin")).toBe(
+      allowedOrigins[0],
+    );
+    // Second allowed origin
+    const res2 = await fetch(`${server.hostname}/api/hello`, {
+      method: "POST",
+      headers: { Origin: allowedOrigins[1] },
+    });
+    expect(res2.headers.get("access-control-allow-origin")).toBe(
+      allowedOrigins[1],
+    );
+    // Disallowed origin
+    const res3 = await fetch(`${server.hostname}/api/hello`, {
+      method: "POST",
+      headers: { Origin: "https://disallowed.com" },
+    });
+    expect(res3.headers.get("access-control-allow-origin")).toBeNull();
+  });
+  test("should not return CORS headers if Origin header is not present", async () => {
+    await setupServer();
+    const response = await fetch(`${server.hostname}/api/hello`); // No Origin header
+    expect(response.headers.get("access-control-allow-origin")).toBeNull();
+  });
+});
+// ---------------------------------------------------------------------------------------------------------------------
+describe("$cors primitive", () => {
+  let alepha: Alepha;
+  let server: ServerProvider;
+  afterEach(async () => {
+    if (alepha) {
+      await alepha.stop();
+    }
+  });
+  test("should apply path-specific CORS config to matching routes", async () => {
+    class AppWithCors {
+      // Path-specific CORS for /api/v1/* routes
+      apiCors = $cors({
+        paths: ["/api/v1/*"],
+        origin: "https://api.example.com",
+        credentials: true,
+      });
+      // $action adds /api prefix, so path "/v1/data" becomes "/api/v1/data"
+      apiAction = $action({
+        path: "/v1/data",
+        method: "POST",
+        handler: () => "api",
+      });
+      // Path "/public/info" becomes "/api/public/info"
+      publicAction = $action({
+        path: "/public/info",
+        method: "POST",
+        handler: () => "public",
+      });
+    }
+    alepha = Alepha.create()
+      .with(AlephaServer)
+      .with(AlephaServerCors)
+      .with(AppWithCors);
+    // Set global CORS to different origin
+    alepha.store.mut(corsOptions, (old) => ({
+      ...old,
+      origin: "https://global.example.com",
+    }));
+    server = alepha.inject(ServerProvider);
+    await alepha.start();
+    // API route should use path-specific CORS (path is /api/v1/data)
+    const apiResponse = await fetch(`${server.hostname}/api/v1/data`, {
+      method: "POST",
+      headers: { Origin: "https://api.example.com" },
+    });
+    expect(apiResponse.headers.get("access-control-allow-origin")).toBe(
+      "https://api.example.com",
+    );
+    // Public route should use global CORS (api origin not allowed)
+    const publicResponse = await fetch(`${server.hostname}/api/public/info`, {
+      method: "POST",
+      headers: { Origin: "https://api.example.com" },
+    });
+    expect(
+      publicResponse.headers.get("access-control-allow-origin"),
+    ).toBeNull();
+    // Public route with global origin should work
+    const publicGlobalResponse = await fetch(
+      `${server.hostname}/api/public/info`,
+      {
+        method: "POST",
+        headers: { Origin: "https://global.example.com" },
+      },
+    );
+    expect(
+      publicGlobalResponse.headers.get("access-control-allow-origin"),
+    ).toBe("https://global.example.com");
+  });
+  test("should apply different CORS configs to different paths", async () => {
+    class MultiCorsApp {
+      // $action adds /api prefix, so patterns need /api/admin/* and /api/public/*
+      adminCors = $cors({
+        paths: ["/api/admin/*"],
+        origin: "https://admin.example.com",
+        methods: ["GET", "POST"],
+      });
+      publicCors = $cors({
+        paths: ["/api/public/*"],
+        origin: "*",
+        methods: ["GET"],
+      });
+      adminAction = $action({
+        path: "/admin/users",
+        method: "POST",
+        handler: () => "users",
+      });
+      publicAction = $action({
+        path: "/public/status",
+        method: "GET",
+        handler: () => "ok",
+      });
+    }
+    alepha = Alepha.create()
+      .with(AlephaServer)
+      .with(AlephaServerCors)
+      .with(MultiCorsApp);
+    server = alepha.inject(ServerProvider);
+    await alepha.start();
+    // Admin route with admin origin (actual path is /api/admin/users)
+    const adminResponse = await fetch(`${server.hostname}/api/admin/users`, {
+      method: "POST",
+      headers: { Origin: "https://admin.example.com" },
+    });
+    expect(adminResponse.headers.get("access-control-allow-origin")).toBe(
+      "https://admin.example.com",
+    );
+    expect(adminResponse.headers.get("access-control-allow-methods")).toBe(
+      "GET, POST",
+    );
+    // Public route with any origin (wildcard) (actual path is /api/public/status)
+    const publicResponse = await fetch(`${server.hostname}/api/public/status`, {
+      headers: { Origin: "https://any.example.com" },
+    });
+    expect(publicResponse.headers.get("access-control-allow-origin")).toBe(
+      "https://any.example.com",
+    );
+    expect(publicResponse.headers.get("access-control-allow-methods")).toBe(
+      "GET",
+    );
+  });
+  test("should register CORS configs with provider", async () => {
+    class RegistrationApp {
+      cors1 = $cors({
+        name: "api-cors",
+        paths: ["/api/*"],
+        origin: "https://api.example.com",
+      });
+      cors2 = $cors({
+        name: "admin-cors",
+        paths: ["/admin/*"],
+        origin: "https://admin.example.com",
+      });
+    }
+    alepha = Alepha.create()
+      .with(AlephaServer)
+      .with(AlephaServerCors)
+      .with(RegistrationApp);
+    const corsProvider = alepha.inject(ServerCorsProvider);
+    await alepha.start();
+    expect(corsProvider.registeredConfigs).toHaveLength(2);
+    expect(corsProvider.registeredConfigs[0].name).toBe("api-cors");
+    expect(corsProvider.registeredConfigs[1].name).toBe("admin-cors");
+  });
+  test("should merge path-specific config with global defaults", async () => {
+    class PartialConfigApp {
+      // Only override origin, use defaults for methods/headers
+      // $action creates route at /api/data, so use /api/* pattern
+      apiCors = $cors({
+        paths: ["/api/*"],
+        origin: "https://api.example.com",
+        // methods, headers, credentials should come from global defaults
+      });
+      // $action with path "/data" creates route at "/api/data"
+      apiAction = $action({
+        path: "/data",
+        method: "POST",
+        handler: () => "test",
+      });
+    }
+    alepha = Alepha.create()
+      .with(AlephaServer)
+      .with(AlephaServerCors)
+      .with(PartialConfigApp);
+    server = alepha.inject(ServerProvider);
+    await alepha.start();
+    const response = await fetch(`${server.hostname}/api/data`, {
+      method: "POST",
+      headers: { Origin: "https://api.example.com" },
+    });
+    // Path-specific origin
+    expect(response.headers.get("access-control-allow-origin")).toBe(
+      "https://api.example.com",
+    );
+    // Default methods
+    expect(response.headers.get("access-control-allow-methods")).toBe(
+      "GET, POST, PUT, PATCH, DELETE, OPTIONS",
+    );
+    // Default headers
+    expect(response.headers.get("access-control-allow-headers")).toBe(
+      "Content-Type, Authorization",
+    );
+    // Default credentials
+    expect(response.headers.get("access-control-allow-credentials")).toBe(
+      "true",
+    );
+  });
+  test("should apply maxAge to path-specific CORS", async () => {
+    class MaxAgeApp {
+      apiCors = $cors({
+        paths: ["/api/*"],
+        origin: "https://api.example.com",
+        maxAge: 3600,
+      });
+      // $action with path "/data" creates route at "/api/data"
+      apiAction = $action({
+        path: "/data",
+        method: "POST",
+        handler: () => "test",
+      });
+    }
+    alepha = Alepha.create()
+      .with(AlephaServer)
+      .with(AlephaServerCors)
+      .with(MaxAgeApp);
+    server = alepha.inject(ServerProvider);
+    await alepha.start();
+    const response = await fetch(`${server.hostname}/api/data`, {
+      method: "OPTIONS",
+      headers: {
+        Origin: "https://api.example.com",
+        "Access-Control-Request-Method": "POST",
+      },
+    });
+    expect(response.headers.get("access-control-max-age")).toBe("3600");
+  });
+  test("should handle multiple paths in single $cors primitive", async () => {
+    class MultiPathApp {
+      // $action creates routes at /api/v1/data and /api/v2/data
+      apiCors = $cors({
+        paths: ["/api/v1/*", "/api/v2/*"],
+        origin: "https://api.example.com",
+      });
+      // Route created at /api/v1/data
+      action1 = $action({
+        path: "/v1/data",
+        method: "POST",
+        handler: () => "v1",
+      });
+      // Route created at /api/v2/data
+      action2 = $action({
+        path: "/v2/data",
+        method: "POST",
+        handler: () => "v2",
+      });
+    }
+    alepha = Alepha.create()
+      .with(AlephaServer)
+      .with(AlephaServerCors)
+      .with(MultiPathApp);
+    server = alepha.inject(ServerProvider);
+    await alepha.start();
+    // Both paths should have the same CORS config
+    const v1Response = await fetch(`${server.hostname}/api/v1/data`, {
+      method: "POST",
+      headers: { Origin: "https://api.example.com" },
+    });
+    expect(v1Response.headers.get("access-control-allow-origin")).toBe(
+      "https://api.example.com",
+    );
+    const v2Response = await fetch(`${server.hostname}/api/v2/data`, {
+      method: "POST",
+      headers: { Origin: "https://api.example.com" },
+    });
+    expect(v2Response.headers.get("access-control-allow-origin")).toBe(
+      "https://api.example.com",
+    );
+  });
+});

package/src/server/health/providers/ServerHealthProvider.spec.ts ADDED Viewed

@@ -0,0 +1,22 @@
+import { Alepha } from "alepha";
+import { ServerProvider } from "alepha/server";
+import { describe, expect, it } from "vitest";
+import { AlephaServerHealth } from "../index.ts";
+const alepha = Alepha.create().with(AlephaServerHealth);
+describe("ServerHealthProvider", () => {
+  it("should expose health endpoint with server status", async () => {
+    const srv = alepha.inject(ServerProvider);
+    const hostname = srv.hostname;
+    const ping = await fetch(`${hostname}/health`);
+    expect(await ping.json()).toEqual({
+      message: "OK",
+      uptime: expect.any(Number),
+      date: expect.any(String),
+      ready: true,
+    });
+  });
+});

package/src/server/helmet/providers/ServerHelmetProvider.spec.ts ADDED Viewed

@@ -0,0 +1,105 @@
+import { Alepha } from "alepha";
+import { $action, ServerProvider } from "alepha/server";
+import { describe, expect, test } from "vitest";
+import {
+  AlephaServerHelmet,
+  type HelmetOptions,
+  helmetOptions,
+} from "../index.ts";
+class TestApp {
+  ping = $action({ handler: () => "pong" });
+}
+describe("ServerHelmetProvider", () => {
+  const setupServer = async (options?: HelmetOptions) => {
+    const alepha = Alepha.create({
+      env: { LOG_LEVEL: "error", SERVER_PORT: 0 },
+    })
+      .with(AlephaServerHelmet)
+      .with(TestApp);
+    if (options) {
+      alepha.store.mut(helmetOptions, (old) => ({
+        ...old,
+        ...options,
+      }));
+    }
+    await alepha.start();
+    const server = alepha.inject(ServerProvider);
+    return {
+      hostname: server.hostname,
+      stop: () => alepha.stop(),
+    };
+  };
+  test("should add default security headers to the response", async () => {
+    const { hostname, stop } = await setupServer({
+      isSecure: true, // fake secure context
+    });
+    const response = await fetch(`${hostname}/api/ping`);
+    expect(response.status).toBe(200);
+    expect(response.headers.get("x-content-type-options")).toBe("nosniff");
+    expect(response.headers.get("x-frame-options")).toBe("SAMEORIGIN");
+    expect(response.headers.get("referrer-policy")).toBe(
+      "strict-origin-when-cross-origin",
+    );
+    expect(response.headers.get("strict-transport-security")).toContain(
+      "max-age=15552000",
+    );
+    await stop();
+  });
+  test("should allow disabling a header by setting its option to undefined", async () => {
+    const { hostname, stop } = await setupServer({
+      xFrameOptions: undefined,
+    });
+    const response = await fetch(`${hostname}/api/ping`);
+    expect(response.headers.get("x-frame-options")).toBeNull();
+    expect(response.headers.get("x-content-type-options")).toBe("nosniff");
+    await stop();
+  });
+  test("should allow configuring HSTS", async () => {
+    const { hostname, stop } = await setupServer({
+      isSecure: true, // fake secure context
+      strictTransportSecurity: { maxAge: 31536000, preload: true },
+    });
+    const response = await fetch(`${hostname}/api/ping`);
+    const hstsHeader = response.headers.get("strict-transport-security");
+    expect(hstsHeader).toContain("max-age=31536000");
+    expect(hstsHeader).toContain("preload");
+    await stop();
+  });
+  test("should apply a Content Security Policy when configured", async () => {
+    const { hostname, stop } = await setupServer({
+      contentSecurityPolicy: {
+        directives: {
+          defaultSrc: ["'self'"],
+          scriptSrc: ["'self'", "https://trusted.cdn.com"],
+        },
+      },
+    });
+    const response = await fetch(`${hostname}/api/ping`);
+    const cspHeader = response.headers.get("content-security-policy");
+    expect(cspHeader).toBe(
+      "default-src 'self'; script-src 'self' https://trusted.cdn.com",
+    );
+    await stop();
+  });
+});