npm - alepha - Versions diffs - 0.15.3 → 0.15.5 - Mend

alepha 0.15.3 → 0.15.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (318) hide show

package/README.md +26 -11
package/dist/api/audits/index.d.ts +335 -335
package/dist/api/audits/index.d.ts.map +1 -1
package/dist/api/audits/index.js +11 -3
package/dist/api/audits/index.js.map +1 -1
package/dist/api/files/index.d.ts +3 -3
package/dist/api/files/index.js +4 -3
package/dist/api/files/index.js.map +1 -1
package/dist/api/jobs/index.d.ts +198 -155
package/dist/api/jobs/index.d.ts.map +1 -1
package/dist/api/jobs/index.js +103 -5
package/dist/api/jobs/index.js.map +1 -1
package/dist/api/keys/index.d.ts +198 -198
package/dist/api/keys/index.d.ts.map +1 -1
package/dist/api/keys/index.js +3 -3
package/dist/api/keys/index.js.map +1 -1
package/dist/api/notifications/index.browser.js +1 -0
package/dist/api/notifications/index.browser.js.map +1 -1
package/dist/api/notifications/index.d.ts +3 -3
package/dist/api/notifications/index.js +4 -3
package/dist/api/notifications/index.js.map +1 -1
package/dist/api/parameters/index.d.ts +263 -263
package/dist/api/parameters/index.d.ts.map +1 -1
package/dist/api/parameters/index.js +41 -30
package/dist/api/parameters/index.js.map +1 -1
package/dist/api/users/index.d.ts +383 -77
package/dist/api/users/index.d.ts.map +1 -1
package/dist/api/users/index.js +284 -72
package/dist/api/users/index.js.map +1 -1
package/dist/api/verifications/index.d.ts +131 -131
package/dist/api/verifications/index.d.ts.map +1 -1
package/dist/api/verifications/index.js +3 -3
package/dist/api/verifications/index.js.map +1 -1
package/dist/batch/index.d.ts +3 -3
package/dist/batch/index.js +3 -3
package/dist/batch/index.js.map +1 -1
package/dist/bucket/index.d.ts +3 -3
package/dist/bucket/index.js +6 -6
package/dist/bucket/index.js.map +1 -1
package/dist/cache/core/index.d.ts +3 -3
package/dist/cache/core/index.js +3 -3
package/dist/cache/core/index.js.map +1 -1
package/dist/cli/index.d.ts +5612 -20
package/dist/cli/index.d.ts.map +1 -1
package/dist/cli/index.js +122 -91
package/dist/cli/index.js.map +1 -1
package/dist/command/index.d.ts +11 -4
package/dist/command/index.d.ts.map +1 -1
package/dist/command/index.js +8 -6
package/dist/command/index.js.map +1 -1
package/dist/core/index.browser.js.map +1 -1
package/dist/core/index.d.ts +4 -8
package/dist/core/index.d.ts.map +1 -1
package/dist/core/index.js +3 -3
package/dist/core/index.js.map +1 -1
package/dist/core/index.native.js.map +1 -1
package/dist/datetime/index.d.ts +3 -3
package/dist/datetime/index.js +3 -3
package/dist/datetime/index.js.map +1 -1
package/dist/email/index.d.ts +16 -16
package/dist/email/index.d.ts.map +1 -1
package/dist/email/index.js +10562 -10
package/dist/email/index.js.map +1 -1
package/dist/fake/index.d.ts +3 -3
package/dist/fake/index.js +3 -3
package/dist/fake/index.js.map +1 -1
package/dist/lock/core/index.d.ts +9 -4
package/dist/lock/core/index.d.ts.map +1 -1
package/dist/lock/core/index.js +12 -4
package/dist/lock/core/index.js.map +1 -1
package/dist/logger/index.d.ts +3 -3
package/dist/logger/index.js +6 -3
package/dist/logger/index.js.map +1 -1
package/dist/mcp/index.d.ts +3 -3
package/dist/mcp/index.js +3 -3
package/dist/mcp/index.js.map +1 -1
package/dist/orm/index.d.ts +12 -12
package/dist/orm/index.js +4 -4
package/dist/orm/index.js.map +1 -1
package/dist/queue/core/index.d.ts +3 -3
package/dist/queue/core/index.js +3 -3
package/dist/queue/core/index.js.map +1 -1
package/dist/react/auth/index.browser.js +2 -1
package/dist/react/auth/index.browser.js.map +1 -1
package/dist/react/auth/index.d.ts +3 -3
package/dist/react/auth/index.js +5 -4
package/dist/react/auth/index.js.map +1 -1
package/dist/react/core/index.d.ts +6 -6
package/dist/react/core/index.js +3 -3
package/dist/react/core/index.js.map +1 -1
package/dist/react/form/index.d.ts +3 -3
package/dist/react/form/index.js +3 -3
package/dist/react/form/index.js.map +1 -1
package/dist/react/head/index.d.ts +3 -3
package/dist/react/head/index.js +3 -3
package/dist/react/head/index.js.map +1 -1
package/dist/react/i18n/index.d.ts +3 -3
package/dist/react/i18n/index.js +3 -3
package/dist/react/i18n/index.js.map +1 -1
package/dist/react/intro/index.css +337 -0
package/dist/react/intro/index.css.map +1 -0
package/dist/react/intro/index.d.ts +10 -0
package/dist/react/intro/index.d.ts.map +1 -0
package/dist/react/intro/index.js +222 -0
package/dist/react/intro/index.js.map +1 -0
package/dist/react/router/index.browser.js +2 -2
package/dist/react/router/index.browser.js.map +1 -1
package/dist/react/router/index.d.ts +11 -1
package/dist/react/router/index.d.ts.map +1 -1
package/dist/react/router/index.js +21 -11
package/dist/react/router/index.js.map +1 -1
package/dist/redis/index.d.ts +22 -22
package/dist/redis/index.js +3 -3
package/dist/redis/index.js.map +1 -1
package/dist/retry/index.d.ts +3 -3
package/dist/retry/index.js +3 -3
package/dist/retry/index.js.map +1 -1
package/dist/scheduler/index.d.ts +16 -4
package/dist/scheduler/index.d.ts.map +1 -1
package/dist/scheduler/index.js +45 -7
package/dist/scheduler/index.js.map +1 -1
package/dist/security/index.d.ts +3 -3
package/dist/security/index.js +5 -5
package/dist/security/index.js.map +1 -1
package/dist/server/auth/index.d.ts +3 -3
package/dist/server/auth/index.js +3 -3
package/dist/server/auth/index.js.map +1 -1
package/dist/server/cache/index.d.ts +3 -3
package/dist/server/cache/index.js +3 -3
package/dist/server/cache/index.js.map +1 -1
package/dist/server/compress/index.d.ts +3 -3
package/dist/server/compress/index.d.ts.map +1 -1
package/dist/server/compress/index.js +4 -3
package/dist/server/compress/index.js.map +1 -1
package/dist/server/cookies/index.d.ts +3 -3
package/dist/server/cookies/index.js +3 -3
package/dist/server/cookies/index.js.map +1 -1
package/dist/server/core/index.d.ts +14 -25
package/dist/server/core/index.d.ts.map +1 -1
package/dist/server/core/index.js +13 -29
package/dist/server/core/index.js.map +1 -1
package/dist/server/cors/index.d.ts +3 -3
package/dist/server/cors/index.js +3 -3
package/dist/server/cors/index.js.map +1 -1
package/dist/server/health/index.d.ts +20 -20
package/dist/server/health/index.js +3 -3
package/dist/server/health/index.js.map +1 -1
package/dist/server/helmet/index.d.ts +3 -3
package/dist/server/helmet/index.js +3 -3
package/dist/server/helmet/index.js.map +1 -1
package/dist/server/links/index.d.ts +42 -42
package/dist/server/links/index.d.ts.map +1 -1
package/dist/server/links/index.js +4 -4
package/dist/server/links/index.js.map +1 -1
package/dist/server/metrics/index.d.ts +3 -3
package/dist/server/metrics/index.js +3 -3
package/dist/server/metrics/index.js.map +1 -1
package/dist/server/multipart/index.d.ts +3 -3
package/dist/server/multipart/index.js +3 -3
package/dist/server/multipart/index.js.map +1 -1
package/dist/server/proxy/index.d.ts +3 -3
package/dist/server/proxy/index.js +3 -3
package/dist/server/proxy/index.js.map +1 -1
package/dist/server/rate-limit/index.d.ts +3 -3
package/dist/server/rate-limit/index.js +3 -3
package/dist/server/rate-limit/index.js.map +1 -1
package/dist/server/static/index.d.ts +3 -3
package/dist/server/static/index.js +6 -6
package/dist/server/static/index.js.map +1 -1
package/dist/server/swagger/index.d.ts +3 -3
package/dist/server/swagger/index.js +6 -6
package/dist/server/swagger/index.js.map +1 -1
package/dist/sms/index.d.ts +3 -3
package/dist/sms/index.js +6 -6
package/dist/sms/index.js.map +1 -1
package/dist/system/index.d.ts +3 -3
package/dist/system/index.js +3 -3
package/dist/system/index.js.map +1 -1
package/dist/thread/index.d.ts +3 -3
package/dist/thread/index.js +3 -3
package/dist/thread/index.js.map +1 -1
package/dist/topic/core/index.d.ts +3 -3
package/dist/topic/core/index.js +3 -3
package/dist/topic/core/index.js.map +1 -1
package/dist/vite/index.d.ts +6286 -4
package/dist/vite/index.d.ts.map +1 -1
package/dist/vite/index.js +28 -2
package/dist/vite/index.js.map +1 -1
package/dist/websocket/index.d.ts +37 -37
package/dist/websocket/index.d.ts.map +1 -1
package/dist/websocket/index.js +3 -3
package/dist/websocket/index.js.map +1 -1
package/package.json +12 -4
package/src/api/audits/controllers/AdminAuditController.ts +8 -0
package/src/api/audits/index.ts +3 -3
package/src/api/files/controllers/AdminFileStatsController.ts +1 -0
package/src/api/files/index.ts +3 -3
package/src/api/jobs/controllers/AdminJobController.ts +18 -2
package/src/api/jobs/index.ts +4 -3
package/src/api/jobs/services/JobAudits.spec.ts +89 -0
package/src/api/jobs/services/JobAudits.ts +101 -0
package/src/api/keys/index.ts +3 -3
package/src/api/notifications/controllers/AdminNotificationController.ts +1 -0
package/src/api/notifications/index.ts +3 -3
package/src/api/parameters/controllers/AdminConfigController.ts +10 -0
package/src/api/parameters/index.ts +5 -3
package/src/api/users/__tests__/ApiKeys-integration.spec.ts +1 -1
package/src/api/users/__tests__/ApiKeys.spec.ts +1 -1
package/src/api/users/__tests__/EmailVerification.spec.ts +16 -1
package/src/api/users/__tests__/PasswordReset.spec.ts +11 -0
package/src/api/users/atoms/realmAuthSettingsAtom.ts +10 -0
package/src/api/users/controllers/AdminIdentityController.ts +3 -0
package/src/api/users/controllers/AdminSessionController.ts +3 -0
package/src/api/users/controllers/AdminUserController.ts +5 -0
package/src/api/users/index.ts +8 -9
package/src/api/users/primitives/$realm.ts +117 -19
package/src/api/users/providers/RealmProvider.ts +15 -7
package/src/api/users/services/CredentialService.spec.ts +11 -0
package/src/api/users/services/CredentialService.ts +47 -24
package/src/api/users/services/IdentityService.ts +12 -4
package/src/api/users/services/RegistrationService.spec.ts +11 -0
package/src/api/users/services/RegistrationService.ts +33 -12
package/src/api/users/services/SessionService.ts +83 -12
package/src/api/users/services/UserAudits.ts +47 -0
package/src/api/users/services/UserFiles.ts +19 -0
package/src/api/users/services/UserJobs.spec.ts +107 -0
package/src/api/users/services/UserJobs.ts +62 -0
package/src/api/users/services/UserParameters.ts +23 -0
package/src/api/users/services/UserService.ts +34 -17
package/src/api/verifications/index.ts +3 -3
package/src/batch/index.ts +3 -3
package/src/bucket/index.ts +3 -3
package/src/cache/core/index.ts +3 -3
package/src/cli/commands/build.ts +1 -0
package/src/cli/commands/db.ts +9 -0
package/src/cli/commands/init.spec.ts +2 -17
package/src/cli/commands/init.ts +37 -1
package/src/cli/providers/ViteDevServerProvider.ts +36 -2
package/src/cli/services/AlephaCliUtils.ts +17 -0
package/src/cli/services/PackageManagerUtils.ts +15 -1
package/src/cli/services/ProjectScaffolder.ts +8 -13
package/src/cli/templates/agentMd.ts +2 -25
package/src/cli/templates/apiAppSecurityTs.ts +37 -2
package/src/cli/templates/mainCss.ts +2 -32
package/src/cli/templates/webAppRouterTs.ts +5 -5
package/src/cli/templates/webHomeComponentTsx.ts +10 -0
package/src/command/helpers/Runner.ts +14 -1
package/src/command/index.ts +3 -3
package/src/core/helpers/primitive.ts +0 -5
package/src/core/index.ts +3 -3
package/src/datetime/index.ts +3 -3
package/src/email/index.ts +3 -3
package/src/email/index.workerd.ts +36 -0
package/src/email/providers/LocalEmailProvider.ts +2 -2
package/src/email/providers/WorkermailerEmailProvider.ts +221 -0
package/src/fake/index.ts +3 -3
package/src/lock/core/index.ts +3 -3
package/src/lock/core/primitives/$lock.ts +13 -1
package/src/logger/index.ts +3 -3
package/src/logger/providers/PrettyFormatterProvider.ts +7 -0
package/src/mcp/index.ts +3 -3
package/src/orm/index.ts +3 -3
package/src/orm/providers/drivers/NodeSqliteProvider.ts +1 -1
package/src/queue/core/index.ts +3 -3
package/src/react/auth/index.ts +3 -3
package/src/react/auth/services/ReactAuth.ts +3 -1
package/src/react/core/index.ts +3 -3
package/src/react/form/index.ts +3 -3
package/src/react/head/index.ts +3 -3
package/src/react/i18n/index.ts +3 -3
package/src/react/intro/components/GettingStarted.css +334 -0
package/src/react/intro/components/GettingStarted.tsx +276 -0
package/src/react/intro/index.ts +1 -0
package/src/react/router/atoms/ssrManifestAtom.ts +7 -0
package/src/react/router/index.browser.ts +2 -0
package/src/react/router/index.ts +2 -0
package/src/react/router/providers/ReactServerProvider.ts +14 -4
package/src/react/router/providers/SSRManifestProvider.ts +7 -0
package/src/redis/index.ts +3 -3
package/src/retry/index.ts +3 -3
package/src/router/index.ts +3 -3
package/src/scheduler/index.ts +3 -3
package/src/scheduler/index.workerd.ts +43 -0
package/src/scheduler/providers/CronProvider.ts +53 -6
package/src/scheduler/providers/WorkerdCronProvider.ts +102 -0
package/src/security/index.ts +3 -3
package/src/security/providers/JwtProvider.ts +2 -2
package/src/server/auth/index.ts +3 -3
package/src/server/cache/index.ts +3 -3
package/src/server/compress/index.ts +3 -3
package/src/server/compress/providers/ServerCompressProvider.ts +6 -0
package/src/server/cookies/index.ts +3 -3
package/src/server/core/index.ts +3 -3
package/src/server/core/primitives/$action.spec.ts +3 -2
package/src/server/core/primitives/$action.ts +6 -2
package/src/server/core/providers/NodeHttpServerProvider.ts +2 -15
package/src/server/core/providers/ServerProvider.ts +4 -2
package/src/server/core/providers/ServerRouterProvider.ts +5 -27
package/src/server/cors/index.ts +3 -3
package/src/server/health/index.ts +3 -3
package/src/server/helmet/index.ts +3 -3
package/src/server/links/index.ts +3 -3
package/src/server/links/providers/ServerLinksProvider.spec.ts +332 -0
package/src/server/links/providers/ServerLinksProvider.ts +1 -1
package/src/server/metrics/index.ts +3 -3
package/src/server/multipart/index.ts +3 -3
package/src/server/proxy/index.ts +3 -3
package/src/server/rate-limit/index.ts +3 -3
package/src/server/static/index.ts +3 -3
package/src/server/swagger/index.ts +3 -3
package/src/sms/index.ts +3 -3
package/src/system/index.ts +3 -3
package/src/thread/index.ts +3 -3
package/src/topic/core/index.ts +3 -3
package/src/vite/tasks/generateCloudflare.ts +38 -2
package/src/websocket/index.ts +3 -3
package/src/cli/templates/webHelloComponentTsx.ts +0 -30
/package/src/api/users/{notifications → services}/UserNotifications.ts +0 -0

package/src/server/links/providers/ServerLinksProvider.spec.ts ADDED Viewed

@@ -0,0 +1,332 @@
+import { randomUUID } from "node:crypto";
+import { Alepha, t } from "alepha";
+import { $issuer, AlephaSecurity } from "alepha/security";
+import { $action, ServerProvider } from "alepha/server";
+import { describe, it } from "vitest";
+import { LinkProvider, ServerLinksProvider } from "../index.ts";
+describe("ServerLinksProvider", () => {
+  describe("secured field in links", () => {
+    it("should set secured=undefined for public actions (no secure option)", async ({
+      expect,
+    }) => {
+      class App {
+        publicAction = $action({
+          handler: () => "PUBLIC",
+        });
+      }
+      const alepha = Alepha.create().with(App).with(ServerLinksProvider);
+      await alepha.start();
+      const links = alepha.inject(LinkProvider).getServerLinks();
+      const link = links.find((l) => l.name === "publicAction");
+      expect(link).toBeDefined();
+      expect(link?.secured).toBeUndefined();
+    });
+    it("should set secured=false for explicitly public actions", async ({
+      expect,
+    }) => {
+      class App {
+        publicAction = $action({
+          secure: false,
+          handler: () => "PUBLIC",
+        });
+      }
+      const alepha = Alepha.create().with(App).with(ServerLinksProvider);
+      await alepha.start();
+      const links = alepha.inject(LinkProvider).getServerLinks();
+      const link = links.find((l) => l.name === "publicAction");
+      expect(link).toBeDefined();
+      expect(link?.secured).toBe(false);
+    });
+    it("should set secured=true for secured actions", async ({ expect }) => {
+      class App {
+        securedAction = $action({
+          secure: true,
+          handler: () => "SECURED",
+        });
+      }
+      const alepha = Alepha.create().with(App).with(ServerLinksProvider);
+      await alepha.start();
+      const links = alepha.inject(LinkProvider).getServerLinks();
+      const link = links.find((l) => l.name === "securedAction");
+      expect(link).toBeDefined();
+      expect(link?.secured).toBe(true);
+    });
+    it("should set secured to object for realm-secured actions", async ({
+      expect,
+    }) => {
+      class App {
+        realmAction = $action({
+          secure: { realm: "admin" },
+          handler: () => "REALM",
+        });
+      }
+      const alepha = Alepha.create().with(App).with(ServerLinksProvider);
+      await alepha.start();
+      const links = alepha.inject(LinkProvider).getServerLinks();
+      const link = links.find((l) => l.name === "realmAction");
+      expect(link).toBeDefined();
+      expect(link?.secured).toEqual({ realm: "admin" });
+    });
+  });
+  describe("/_links endpoint with security", () => {
+    it("should return public actions to unauthenticated users", async ({
+      expect,
+    }) => {
+      class App {
+        publicAction = $action({
+          schema: { response: t.text() },
+          handler: () => "PUBLIC",
+        });
+        issuer = $issuer({
+          secret: "test",
+          roles: [{ name: "user", permissions: [{ name: "*" }] }],
+        });
+      }
+      const alepha = Alepha.create()
+        .with(App)
+        .with(ServerLinksProvider)
+        .with(AlephaSecurity);
+      await alepha.start();
+      const res = await fetch(
+        `${alepha.inject(ServerProvider).hostname}/api/_links`,
+      );
+      const data = await res.json();
+      expect(data.links).toContainEqual(
+        expect.objectContaining({
+          name: "publicAction",
+          path: "/publicAction",
+        }),
+      );
+    });
+    it("should NOT return secured actions to unauthenticated users", async ({
+      expect,
+    }) => {
+      class App {
+        securedAction = $action({
+          secure: true,
+          schema: { response: t.text() },
+          handler: () => "SECURED",
+        });
+        issuer = $issuer({
+          secret: "test",
+          roles: [{ name: "user", permissions: [{ name: "*" }] }],
+        });
+      }
+      const alepha = Alepha.create()
+        .with(App)
+        .with(ServerLinksProvider)
+        .with(AlephaSecurity);
+      await alepha.start();
+      const res = await fetch(
+        `${alepha.inject(ServerProvider).hostname}/api/_links`,
+      );
+      const data = await res.json();
+      expect(data.links).not.toContainEqual(
+        expect.objectContaining({
+          name: "securedAction",
+        }),
+      );
+    });
+    it("should return secured actions to authenticated users with permissions", async ({
+      expect,
+    }) => {
+      class App {
+        securedAction = $action({
+          secure: true,
+          schema: { response: t.text() },
+          handler: () => "SECURED",
+        });
+        issuer = $issuer({
+          secret: "test",
+          roles: [{ name: "user", permissions: [{ name: "*" }] }],
+        });
+      }
+      const alepha = Alepha.create()
+        .with(App)
+        .with(ServerLinksProvider)
+        .with(AlephaSecurity);
+      await alepha.start();
+      // Use HttpClient to get a token automatically in test mode
+      const app = alepha.inject(App);
+      const { data } = await app.securedAction.fetch(
+        {},
+        {
+          user: { id: randomUUID(), roles: ["user"] },
+        },
+      );
+      expect(data).toBe("SECURED");
+    });
+    it("should return both public and secured actions when user is authenticated", async ({
+      expect,
+    }) => {
+      class App {
+        publicAction = $action({
+          schema: { response: t.text() },
+          handler: () => "PUBLIC",
+        });
+        securedAction = $action({
+          secure: true,
+          schema: { response: t.text() },
+          handler: () => "SECURED",
+        });
+        issuer = $issuer({
+          secret: "test",
+          roles: [{ name: "user", permissions: [{ name: "*" }] }],
+        });
+      }
+      const alepha = Alepha.create()
+        .with(App)
+        .with(ServerLinksProvider)
+        .with(AlephaSecurity);
+      await alepha.start();
+      const linksProvider = alepha.inject(ServerLinksProvider);
+      const user = { id: randomUUID(), roles: ["user"] };
+      const { links } = await linksProvider.getUserApiLinks({ user });
+      expect(links).toContainEqual(
+        expect.objectContaining({ name: "publicAction" }),
+      );
+      expect(links).toContainEqual(
+        expect.objectContaining({ name: "securedAction" }),
+      );
+    });
+    it("should filter secured actions based on user permissions", async ({
+      expect,
+    }) => {
+      class App {
+        adminOnly = $action({
+          secure: true,
+          group: "admin",
+          schema: { response: t.text() },
+          handler: () => "ADMIN",
+        });
+        userAction = $action({
+          secure: true,
+          group: "user",
+          schema: { response: t.text() },
+          handler: () => "USER",
+        });
+        issuer = $issuer({
+          secret: "test",
+          roles: [
+            { name: "admin", permissions: [{ name: "*" }] },
+            { name: "user", permissions: [{ name: "user:*" }] },
+          ],
+        });
+      }
+      const alepha = Alepha.create()
+        .with(App)
+        .with(ServerLinksProvider)
+        .with(AlephaSecurity);
+      await alepha.start();
+      const linksProvider = alepha.inject(ServerLinksProvider);
+      // User with "user" role should only see userAction
+      const userLinks = await linksProvider.getUserApiLinks({
+        user: { id: randomUUID(), roles: ["user"] },
+      });
+      expect(userLinks.links).toContainEqual(
+        expect.objectContaining({ name: "userAction" }),
+      );
+      expect(userLinks.links).not.toContainEqual(
+        expect.objectContaining({ name: "adminOnly" }),
+      );
+      // User with "admin" role should see both
+      const adminLinks = await linksProvider.getUserApiLinks({
+        user: { id: randomUUID(), roles: ["admin"] },
+      });
+      expect(adminLinks.links).toContainEqual(
+        expect.objectContaining({ name: "userAction" }),
+      );
+      expect(adminLinks.links).toContainEqual(
+        expect.objectContaining({ name: "adminOnly" }),
+      );
+    });
+  });
+  describe("mixed public and secured actions", () => {
+    it("should correctly differentiate public from secured in server links", async ({
+      expect,
+    }) => {
+      class App {
+        getUsers = $action({
+          path: "/users",
+          schema: { response: t.array(t.text()) },
+          handler: () => ["user1", "user2"],
+        });
+        createUser = $action({
+          path: "/users",
+          secure: true,
+          schema: {
+            body: t.object({ name: t.text() }),
+            response: t.text(),
+          },
+          handler: ({ body }) => body.name,
+        });
+        deleteUser = $action({
+          method: "DELETE",
+          path: "/users/:id",
+          secure: true,
+          schema: {
+            params: t.object({ id: t.text() }),
+            response: t.void(),
+          },
+          handler: () => {},
+        });
+      }
+      const alepha = Alepha.create().with(App).with(ServerLinksProvider);
+      await alepha.start();
+      const links = alepha.inject(LinkProvider).getServerLinks();
+      const getUsers = links.find((l) => l.name === "getUsers");
+      const createUser = links.find((l) => l.name === "createUser");
+      const deleteUser = links.find((l) => l.name === "deleteUser");
+      // getUsers is public (no secure option)
+      expect(getUsers?.secured).toBeUndefined();
+      // createUser and deleteUser are secured
+      expect(createUser?.secured).toBe(true);
+      expect(deleteUser?.secured).toBe(true);
+    });
+  });
+});

package/src/server/links/providers/ServerLinksProvider.ts CHANGED Viewed

@@ -48,7 +48,7 @@ export class ServerLinksProvider {
           group: action.group,
           schema: action.options.schema,
           requestBodyType: action.getBodyContentType(),
-          secured: action.options.secure ?? true,
+          secured: action.options.secure,
           method: action.method === "GET" ? undefined : action.method,
           prefix: action.prefix,
           path: action.path,

package/src/server/metrics/index.ts CHANGED Viewed

@@ -9,9 +9,9 @@ export * from "./providers/ServerMetricsProvider.ts";
 // ---------------------------------------------------------------------------------------------------------------------
 /**
- * | type | quality | stability |
- * |------|---------|-----------|
- * | devops | standard | stable |
+ * | Stability | Since | Runtime |
+ * |-----------|-------|---------|
+ * | 2 - beta | 0.14.0 | node, bun|
  *
  * Prometheus-style metrics collection.
  *

package/src/server/multipart/index.ts CHANGED Viewed

@@ -9,9 +9,9 @@ export * from "./providers/ServerMultipartProvider.ts";
 // ---------------------------------------------------------------------------------------------------------------------
 /**
- * | type | quality | stability |
- * |------|---------|-----------|
- * | backend | standard | stable |
+ * | Stability | Since | Runtime |
+ * |-----------|-------|---------|
+ * | 3 - stable | 0.5.0 | node, bun|
  *
  * Multipart form data handling for file uploads.
  *

package/src/server/proxy/index.ts CHANGED Viewed

@@ -11,9 +11,9 @@ export * from "./providers/ServerProxyProvider.ts";
 // ---------------------------------------------------------------------------------------------------------------------
 /**
- * | type | quality | stability |
- * |------|---------|-----------|
- * | backend | standard | stable |
+ * | Stability | Since | Runtime |
+ * |-----------|-------|---------|
+ * | 2 - beta | 0.12.0 | node, bun|
  *
  * Reverse proxy routing.
  *

package/src/server/rate-limit/index.ts CHANGED Viewed

@@ -54,9 +54,9 @@ export interface RateLimitOptions {
 }
 /**
- * | type | quality | stability |
- * |------|---------|-----------|
- * | backend | standard | stable |
+ * | Stability | Since | Runtime |
+ * |-----------|-------|---------|
+ * | 3 - stable | 0.16.0 | node, bun, workerd|
  *
  * Request rate limiting on actions.
  *

package/src/server/static/index.ts CHANGED Viewed

@@ -11,9 +11,9 @@ export * from "./providers/ServerStaticProvider.ts";
 // ---------------------------------------------------------------------------------------------------------------------
 /**
- * | type | quality | stability |
- * |------|---------|-----------|
- * | backend | standard | stable |
+ * | Stability | Since | Runtime |
+ * |-----------|-------|---------|
+ * | 3 - stable | 0.3.0 | node, bun|
  *
  * Static file serving.
  *

package/src/server/swagger/index.ts CHANGED Viewed

@@ -30,9 +30,9 @@ declare module "alepha/server" {
 // ---------------------------------------------------------------------------------------------------------------------
 /**
- * | type | quality | stability |
- * |------|---------|-----------|
- * | backend | standard | stable |
+ * | Stability | Since | Runtime |
+ * |-----------|-------|---------|
+ * | 3 - stable | 0.9.0 | node, bun|
  *
  * Automatic API documentation generation.
  *

package/src/sms/index.ts CHANGED Viewed

@@ -34,9 +34,9 @@ declare module "alepha" {
 // ---------------------------------------------------------------------------------------------------------------------
 /**
- * | type | quality | stability |
- * |------|---------|-----------|
- * | backend | rare | stable |
+ * | Stability | Since | Runtime |
+ * |-----------|-------|---------|
+ * | 3 - stable | 0.15.0 | node, bun|
  *
  * SMS delivery with multiple provider support.
  *

package/src/system/index.ts CHANGED Viewed

@@ -21,9 +21,9 @@ export * from "./services/FileDetector.ts";
 // ---------------------------------------------------------------------------------------------------------------------
 /**
- * | type | quality | stability |
- * |------|---------|-----------|
- * | tooling | standard | stable |
+ * | Stability | Since | Runtime |
+ * |-----------|-------|---------|
+ * | 3 - stable | 0.14.0 | node, bun, browser|
  *
  * System-level abstractions for portable code across runtimes.
  *

package/src/thread/index.ts CHANGED Viewed

@@ -22,9 +22,9 @@ Alepha.prototype.isWorkerThread = function (this: Alepha): boolean {
 // ---------------------------------------------------------------------------------------------------------------------
 /**
- * | type | quality | stability |
- * |------|---------|-----------|
- * | backend | standard | experimental |
+ * | Stability | Since | Runtime |
+ * |-----------|-------|---------|
+ * | 1 - experimental | 0.16.0 | node|
  *
  * Multi-threading support.
  *

package/src/topic/core/index.ts CHANGED Viewed

@@ -15,9 +15,9 @@ export * from "./providers/TopicProvider.ts";
 // ---------------------------------------------------------------------------------------------------------------------
 /**
- * | type | quality | stability |
- * |------|---------|-----------|
- * | backend | rare | stable |
+ * | Stability | Since | Runtime |
+ * |-----------|-------|---------|
+ * | 3 - stable | 0.7.0 | node, bun|
  *
  * Publish/subscribe messaging for event-driven architectures.
  *

package/src/vite/tasks/generateCloudflare.ts CHANGED Viewed

@@ -1,5 +1,8 @@
 import { access, writeFile } from "node:fs/promises";
 import { basename, join } from "node:path";
+import type { Alepha } from "alepha";
+import type { CronProvider } from "alepha/scheduler";
+import type { WorkerdCronProvider } from "../../scheduler/providers/WorkerdCronProvider.ts";
 export interface GenerateCloudflareOptions {
   /**
@@ -13,6 +16,8 @@ export interface GenerateCloudflareOptions {
    * Additional Wrangler configuration options to merge into wrangler.jsonc.
    */
   config?: WranglerConfig;
+  alepha: Alepha;
 }
 export interface WranglerConfig {
@@ -31,7 +36,7 @@ const WARNING_COMMENT =
  * - worker.js entry point for Cloudflare Workers
  */
 export async function generateCloudflare(
-  opts: GenerateCloudflareOptions = {},
+  opts: GenerateCloudflareOptions,
 ): Promise<void> {
   const distDir = opts.distDir ?? "dist";
   const root = process.cwd();
@@ -40,6 +45,15 @@ export async function generateCloudflare(
     .then(() => true)
     .catch(() => false);
+  let workerdCronProvider: CronProvider | undefined;
+  try {
+    workerdCronProvider = opts.alepha.inject(
+      "CronProvider",
+    ) as WorkerdCronProvider;
+  } catch {}
+  const crons = workerdCronProvider?.getCronJobs();
   const wrangler: WranglerConfig = {
     name,
     main: "./main.cloudflare.js",
@@ -62,6 +76,12 @@ export async function generateCloudflare(
     };
   }
+  if (crons && crons.length > 0) {
+    const cronExpressions = [...new Set(crons.map((c) => c.expression))];
+    wrangler.triggers ??= {};
+    wrangler.triggers.crons = cronExpressions;
+  }
   const url = process.env.DATABASE_URL;
   if (url?.startsWith("d1:")) {
     const [name, id] = url.replace("d1://", "").replace("d1:", "").split(":");
@@ -102,7 +122,7 @@ export default {
     try {
       await __alepha.start();
     } catch (err) {
-      console.error(err);
+      console.error("Failed to start Alepha for fetch event", err);
       return new Response("Internal Server Error", { status: 500 });
     }
@@ -110,6 +130,22 @@ export default {
     return ctx.res;
   },
+  scheduled: async (event, env, ctx) => {
+    __alepha.set("cloudflare.env", env);
+    try {
+      await __alepha.start();
+    } catch (err) {
+      console.error("Failed to start Alepha for scheduled event", err);
+      throw err;
+    }
+    await __alepha.events.emit("cloudflare:scheduled", {
+      cron: event.cron,
+      scheduledTime: event.scheduledTime,
+    });
+  },
 };
 `.trim();

package/src/websocket/index.ts CHANGED Viewed

@@ -58,9 +58,9 @@ export * from "./providers/NodeWebSocketServerProvider.ts";
 // ---------------------------------------------------------------------------------------------------------------------
 /**
- * | type | quality | stability |
- * |------|---------|-----------|
- * | backend | rare | experimental |
+ * | Stability | Since | Runtime |
+ * |-----------|-------|---------|
+ * | 1 - experimental | 0.19.0 | node, browser|
  *
  * Real-time bidirectional communication.
  *

package/src/cli/templates/webHelloComponentTsx.ts DELETED Viewed

@@ -1,30 +0,0 @@
-export const webHelloComponentTsx = (options: { auth?: boolean } = {}) => {
-  const imports: string[] = [];
-  if (options.auth) {
-    imports.push('import { UserButton } from "@alepha/ui/auth";');
-  }
-  imports.push('import { useState } from "react";');
-  const userButton = options.auth ? "\n      <UserButton />" : "";
-  return `${imports.join("\n")}
-interface Props {
-  message?: string;
-}
-const Hello = (props: Props) => {
-  const [message, setMessage] = useState(props.message ?? "");
-  return (
-    <div>
-      <h1>{message}</h1>
-      <input value={message} onChange={(e) => setMessage(e.target.value)} />
-      <p>Edit this component in src/web/components/Hello.tsx</p>${userButton}
-    </div>
-  );
-};
-export default Hello;
-`;
-};

/package/src/api/users/{notifications → services}/UserNotifications.ts RENAMED Viewed

File without changes