npm - balda-js - Versions diffs - 0.0.1 → 0.0.3 - Mend

balda-js 0.0.1 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (65) hide show

package/package.json +1 -6
package/.husky/pre-commit +0 -19
package/.nvmrc +0 -1
package/docs/README.md +0 -135
package/docs/blog/authors.yml +0 -6
package/docs/blog/tags.yml +0 -4
package/docs/cli.md +0 -109
package/docs/docs/core-concepts/controllers.md +0 -393
package/docs/docs/core-concepts/middleware.md +0 -302
package/docs/docs/core-concepts/request-response.md +0 -486
package/docs/docs/core-concepts/routing.md +0 -388
package/docs/docs/core-concepts/server.md +0 -332
package/docs/docs/cron/overview.md +0 -70
package/docs/docs/examples/rest-api.md +0 -595
package/docs/docs/getting-started/configuration.md +0 -168
package/docs/docs/getting-started/installation.md +0 -125
package/docs/docs/getting-started/quick-start.md +0 -273
package/docs/docs/intro.md +0 -46
package/docs/docs/plugins/cookie.md +0 -424
package/docs/docs/plugins/cors.md +0 -295
package/docs/docs/plugins/file.md +0 -382
package/docs/docs/plugins/helmet.md +0 -388
package/docs/docs/plugins/json.md +0 -338
package/docs/docs/plugins/log.md +0 -592
package/docs/docs/plugins/overview.md +0 -390
package/docs/docs/plugins/rate-limiter.md +0 -347
package/docs/docs/plugins/static.md +0 -352
package/docs/docs/plugins/swagger.md +0 -411
package/docs/docs/plugins/urlencoded.md +0 -76
package/docs/docs/testing/examples.md +0 -384
package/docs/docs/testing/mock-server.md +0 -311
package/docs/docs/testing/overview.md +0 -76
package/docs/docusaurus.config.ts +0 -144
package/docs/intro.md +0 -78
package/docs/package.json +0 -46
package/docs/sidebars.ts +0 -72
package/docs/static/.nojekyll +0 -0
package/docs/static/img/docusaurus-social-card.jpg +0 -0
package/docs/static/img/docusaurus.png +0 -0
package/docs/static/img/favicon.ico +0 -0
package/docs/static/img/logo.svg +0 -1
package/docs/static/img/undraw_docusaurus_mountain.svg +0 -37
package/docs/static/img/undraw_docusaurus_react.svg +0 -170
package/docs/static/img/undraw_docusaurus_tree.svg +0 -40
package/docs/tsconfig.json +0 -8
package/speed_test.sh +0 -3
package/test/benchmark/index.ts +0 -17
package/test/cli/cli.ts +0 -7
package/test/commands/test.ts +0 -42
package/test/controllers/file_upload.ts +0 -29
package/test/controllers/urlencoded.ts +0 -13
package/test/controllers/users.ts +0 -111
package/test/cron/index.ts +0 -6
package/test/cron/test_cron.ts +0 -8
package/test/cron/test_cron_imported.ts +0 -8
package/test/native_env.ts +0 -16
package/test/resources/test.txt +0 -1
package/test/server/index.ts +0 -3
package/test/server/instance.ts +0 -63
package/test/suite/upload.test.ts +0 -23
package/test/suite/urlencoded.test.ts +0 -23
package/test/suite/users.test.ts +0 -76
package/todo.md +0 -9
package/tsconfig.json +0 -24
package/vitest.config.ts +0 -17

package/docs/docs/plugins/helmet.md DELETED Viewed

@@ -1,388 +0,0 @@
----
-sidebar_position: 6
----
-# Helmet Plugin
-The Helmet plugin sets various HTTP headers to help protect your Balda.js application from well-known web vulnerabilities. It's a security middleware that helps secure your app by setting several HTTP headers.
-## Features
-- **Security Headers**: Sets various security-related HTTP headers
-- **Configurable Options**: Customize which headers to enable/disable
-- **Production Ready**: Optimized security settings for production
-- **Easy Integration**: Simple configuration with sensible defaults
-- **Comprehensive Protection**: Covers multiple attack vectors
-## Basic Configuration
-### Simple Setup
-```typescript
-import { Server } from 'balda-js';
-const server = new Server({
-  port: 3000,
-  plugins: {
-    helmet: {}
-  }
-});
-```
-### Disable Helmet
-```typescript
-const server = new Server({
-  port: 3000,
-  plugins: {
-    helmet: false
-  }
-});
-```
-## Configuration Options
-### Default Configuration
-```typescript
-helmet: {
-  dnsPrefetchControl: true,
-  frameguard: { action: "SAMEORIGIN" },
-  hsts: { maxAge: 15552000, includeSubDomains: true, preload: false },
-  contentTypeOptions: true,
-  ieNoOpen: true,
-  xssFilter: true,
-  referrerPolicy: "no-referrer",
-  crossOriginResourcePolicy: "same-origin",
-  crossOriginOpenerPolicy: "same-origin",
-  crossOriginEmbedderPolicy: "require-corp",
-  contentSecurityPolicy: false
-}
-```
-### Custom Configuration
-```typescript
-const server = new Server({
-  port: 3000,
-  plugins: {
-    helmet: {
-      contentSecurityPolicy: {
-        directives: {
-          defaultSrc: ["'self'"],
-          styleSrc: ["'self'", "'unsafe-inline'"],
-          scriptSrc: ["'self'"],
-          imgSrc: ["'self'", "data:", "https:"]
-        }
-      },
-      hsts: {
-        maxAge: 31536000, // 1 year
-        includeSubDomains: true,
-        preload: true
-      }
-    }
-  }
-});
-```
-## Security Headers Explained
-### Content Security Policy (CSP)
-```typescript
-helmet: {
-  contentSecurityPolicy: {
-    directives: {
-      defaultSrc: ["'self'"],
-      styleSrc: ["'self'", "'unsafe-inline'", "https://fonts.googleapis.com"],
-      scriptSrc: ["'self'", "https://cdn.jsdelivr.net"],
-      imgSrc: ["'self'", "data:", "https:"],
-      fontSrc: ["'self'", "https://fonts.gstatic.com"],
-      connectSrc: ["'self'", "https://api.example.com"],
-      frameSrc: ["'none'"],
-      objectSrc: ["'none'"],
-      mediaSrc: ["'self'"],
-      manifestSrc: ["'self'"]
-    }
-  }
-}
-```
-### HTTP Strict Transport Security (HSTS)
-```typescript
-helmet: {
-  hsts: {
-    maxAge: 31536000,        // 1 year
-    includeSubDomains: true, // Apply to subdomains
-    preload: true            // Include in browser preload lists
-  }
-}
-```
-### Frame Options
-```typescript
-helmet: {
-  frameguard: {
-    action: "DENY" // Prevent embedding in frames
-  }
-}
-// Or use string values
-helmet: {
-  frameguard: "DENY" // Same as above
-}
-```
-### XSS Protection
-```typescript
-helmet: {
-  xssFilter: true // Enable XSS protection
-}
-```
-### Content Type Options
-```typescript
-helmet: {
-  contentTypeOptions: true // Prevent MIME type sniffing
-}
-```
-## Usage Examples
-### Basic Security Setup
-```typescript
-const server = new Server({
-  port: 3000,
-  plugins: {
-    helmet: {
-      contentSecurityPolicy: false, // Disable CSP for development
-      hsts: false // Disable HSTS for HTTP
-    }
-  }
-});
-```
-### Production Security Configuration
-```typescript
-const isProduction = process.env.NODE_ENV === 'production';
-const server = new Server({
-  port: 3000,
-  plugins: {
-    helmet: {
-      contentSecurityPolicy: isProduction ? {
-        directives: {
-          defaultSrc: ["'self'"],
-          styleSrc: ["'self'", "'unsafe-inline'"],
-          scriptSrc: ["'self'"],
-          imgSrc: ["'self'", "data:", "https:"],
-          fontSrc: ["'self'", "https://fonts.gstatic.com"],
-          connectSrc: ["'self'"],
-          frameSrc: ["'none'"],
-          objectSrc: ["'none'"]
-        }
-      } : false,
-      hsts: isProduction ? {
-        maxAge: 31536000,
-        includeSubDomains: true,
-        preload: true
-      } : false,
-      frameguard: { action: "DENY" },
-      xssFilter: true,
-      contentTypeOptions: true,
-      referrerPolicy: "strict-origin-when-cross-origin"
-    }
-  }
-});
-```
-### API-Focused Configuration
-```typescript
-const server = new Server({
-  port: 3000,
-  plugins: {
-    helmet: {
-      contentSecurityPolicy: false, // APIs don't need CSP
-      hsts: {
-        maxAge: 31536000,
-        includeSubDomains: true
-      },
-      frameguard: { action: "DENY" },
-      xssFilter: true,
-      contentTypeOptions: true,
-      referrerPolicy: "no-referrer"
-    }
-  }
-});
-```
-### Web Application Configuration
-```typescript
-const server = new Server({
-  port: 3000,
-  plugins: {
-    helmet: {
-      contentSecurityPolicy: {
-        directives: {
-          defaultSrc: ["'self'"],
-          styleSrc: ["'self'", "'unsafe-inline'", "https://fonts.googleapis.com"],
-          scriptSrc: ["'self'", "https://cdn.jsdelivr.net"],
-          imgSrc: ["'self'", "data:", "https:"],
-          fontSrc: ["'self'", "https://fonts.gstatic.com"],
-          connectSrc: ["'self'", "wss:"],
-          frameSrc: ["'self'"],
-          objectSrc: ["'none'"],
-          mediaSrc: ["'self'"],
-          manifestSrc: ["'self'"]
-        }
-      },
-      hsts: {
-        maxAge: 31536000,
-        includeSubDomains: true,
-        preload: true
-      },
-      frameguard: { action: "SAMEORIGIN" },
-      xssFilter: true,
-      contentTypeOptions: true,
-      referrerPolicy: "strict-origin-when-cross-origin"
-    }
-  }
-});
-```
-## Individual Header Configuration
-### DNS Prefetch Control
-```typescript
-helmet: {
-  dnsPrefetchControl: true // Disable DNS prefetching
-}
-```
-### Frame Guard
-```typescript
-helmet: {
-  frameguard: {
-    action: "DENY" // Prevent all framing
-  }
-}
-// Available actions:
-// "DENY" - Prevent all framing
-// "SAMEORIGIN" - Allow same-origin framing
-// "ALLOW-FROM uri" - Allow framing from specific URI
-```
-### HSTS Configuration
-```typescript
-helmet: {
-  hsts: {
-    maxAge: 31536000,        // Time in seconds
-    includeSubDomains: true, // Apply to subdomains
-    preload: true            // Include in preload lists
-  }
-}
-```
-### Content Type Options
-```typescript
-helmet: {
-  contentTypeOptions: true // Prevent MIME type sniffing
-}
-```
-### IE No Open
-```typescript
-helmet: {
-  ieNoOpen: true // Prevent IE from executing downloads
-}
-```
-### XSS Filter
-```typescript
-helmet: {
-  xssFilter: true // Enable XSS protection
-}
-```
-### Referrer Policy
-```typescript
-helmet: {
-  referrerPolicy: "strict-origin-when-cross-origin"
-}
-// Available policies:
-// "no-referrer"
-// "no-referrer-when-downgrade"
-// "origin"
-// "origin-when-cross-origin"
-// "same-origin"
-// "strict-origin"
-// "strict-origin-when-cross-origin"
-// "unsafe-url"
-```
-### Cross-Origin Policies
-```typescript
-helmet: {
-  crossOriginResourcePolicy: "same-origin",
-  crossOriginOpenerPolicy: "same-origin",
-  crossOriginEmbedderPolicy: "require-corp"
-}
-```
-## Environment-Based Configuration
-### Development vs Production
-```typescript
-const isProduction = process.env.NODE_ENV === 'production';
-const helmetConfig = isProduction ? {
-  contentSecurityPolicy: {
-    directives: {
-      defaultSrc: ["'self'"],
-      styleSrc: ["'self'", "'unsafe-inline'"],
-      scriptSrc: ["'self'"],
-      imgSrc: ["'self'", "data:", "https:"]
-    }
-  },
-  hsts: {
-    maxAge: 31536000,
-    includeSubDomains: true,
-    preload: true
-  },
-  frameguard: { action: "DENY" },
-  xssFilter: true,
-  contentTypeOptions: true
-} : {
-  contentSecurityPolicy: false,
-  hsts: false,
-  frameguard: { action: "SAMEORIGIN" },
-  xssFilter: true,
-  contentTypeOptions: true
-};
-const server = new Server({
-  port: 3000,
-  plugins: {
-    helmet: helmetConfig
-  }
-});
-```

package/docs/docs/plugins/json.md DELETED Viewed

@@ -1,338 +0,0 @@
----
-sidebar_position: 3
----
-# JSON Plugin
-The JSON plugin parses incoming JSON request bodies and populates `req.body` with the parsed data. It automatically handles content-type detection and provides configurable size limits and error handling.
-## Features
-- **Automatic Content-Type Detection**: Parses requests with `application/json` content type
-- **Configurable Size Limits**: Set maximum body size to prevent memory issues
-- **Encoding Support**: Support for various text encodings
-- **Error Handling**: Graceful handling of malformed JSON
-- **Empty Body Handling**: Configurable behavior for empty request bodies
-## Basic Configuration
-### Simple Setup
-```typescript
-import { Server } from 'balda-js';
-const server = new Server({
-  port: 3000,
-  plugins: {
-    json: {
-      sizeLimit: '10mb'
-    }
-  }
-});
-```
-### Default Configuration
-```typescript
-const server = new Server({
-  port: 3000,
-  plugins: {
-    json: {
-      sizeLimit: 5 * 1024 * 1024, // 5MB
-      parseEmptyBodyAsObject: false,
-      encoding: 'utf-8'
-    }
-  }
-});
-```
-## Configuration Options
-### Size Limit
-```typescript
-// Using bytes
-json: {
-  sizeLimit: 1024 * 1024 // 1MB
-}
-// Using string notation
-json: {
-  sizeLimit: '10mb'
-}
-// Large payloads
-json: {
-  sizeLimit: 50 * 1024 * 1024 // 50MB
-}
-```
-### Empty Body Handling
-```typescript
-// Default behavior - empty body becomes undefined
-json: {
-  parseEmptyBodyAsObject: false
-}
-// Empty body becomes empty object
-json: {
-  parseEmptyBodyAsObject: true
-}
-```
-### Custom Error Messages
-```typescript
-json: {
-  sizeLimit: '10mb',
-  customErrorMessage: {
-    status: 413,
-    message: 'Request body too large'
-  }
-}
-```
-### Encoding Configuration
-```typescript
-// UTF-8 (default)
-json: {
-  encoding: 'utf-8'
-}
-// UTF-16
-json: {
-  encoding: 'utf-16le'
-}
-// Other encodings
-json: {
-  encoding: 'iso-8859-1'
-}
-```
-## Usage Examples
-### Basic JSON Parsing
-```typescript
-@controller('/api')
-export class ApiController {
-  @post('/users')
-  async createUser(req: Request, res: Response) {
-    // req.body is automatically parsed JSON
-    const { name, email, age } = req.body;
-    const user = await createUser({ name, email, age });
-    res.created(user);
-  }
-}
-```
-### Handling Large Payloads
-```typescript
-const server = new Server({
-  port: 3000,
-  plugins: {
-    json: {
-      sizeLimit: '50mb', // Allow large file uploads
-      customErrorMessage: {
-        status: 413,
-        message: 'File too large'
-      }
-    }
-  }
-});
-@controller('/api')
-export class FileController {
-  @post('/upload')
-  async uploadFile(req: Request, res: Response) {
-    // Handle large JSON payloads
-    const fileData = req.body;
-    res.json({ message: 'File uploaded successfully' });
-  }
-}
-```
-### Empty Body Scenarios
-```typescript
-@controller('/api')
-export class HealthController {
-  @post('/health')
-  async healthCheck(req: Request, res: Response) {
-    if (req.body === undefined) {
-      // Empty body with parseEmptyBodyAsObject: false
-      res.json({ status: 'ok', body: 'empty' });
-    } else if (Object.keys(req.body).length === 0) {
-      // Empty body with parseEmptyBodyAsObject: true
-      res.json({ status: 'ok', body: 'empty object' });
-    } else {
-      res.json({ status: 'ok', body: req.body });
-    }
-  }
-}
-```
-## Error Handling
-### Size Limit Exceeded
-```typescript
-// Request with body larger than sizeLimit
-// Response: 413 Payload Too Large
-{
-  "error": "ERR_REQUEST_BODY_TOO_LARGE"
-}
-// With custom error message
-{
-  "error": "Request body too large"
-}
-```
-### Invalid JSON
-```typescript
-// Request with malformed JSON
-// POST /api/users
-// Content-Type: application/json
-// Body: { "name": "John", "email": "john@example.com" }
-// Response: 400 Bad Request
-{
-  "error": "Invalid JSON syntax"
-}
-```
-### Invalid Encoding
-```typescript
-// Request with unsupported encoding
-// Response: 400 Bad Request
-{
-  "error": "Invalid request body encoding"
-}
-```
-## Content-Type Detection
-The JSON plugin automatically detects and parses requests with the following content types:
-- `application/json`
-- `application/json; charset=utf-8`
-- `application/json; charset=UTF-8`
-### Non-JSON Requests
-Requests without `application/json` content type are ignored:
-```typescript
-// This request will NOT be parsed by the JSON plugin
-// POST /api/users
-// Content-Type: application/x-www-form-urlencoded
-// Body: name=John&email=john@example.com
-@post('/users')
-async createUser(req: Request, res: Response) {
-  // req.body will be undefined or handled by another parser
-  console.log(req.body); // undefined
-}
-```
-## HTTP Method Restrictions
-The JSON plugin only parses bodies for methods that can have a body:
-- **Parsed**: POST, PUT, PATCH
-- **Ignored**: GET, DELETE, HEAD, OPTIONS
-```typescript
-@controller('/api')
-export class UsersController {
-  @get('/users')
-  async getUsers(req: Request, res: Response) {
-    // req.body will be undefined (GET request)
-    res.json({ users: [] });
-  }
-  @post('/users')
-  async createUser(req: Request, res: Response) {
-    // req.body will be parsed JSON
-    res.created(req.body);
-  }
-}
-```
-## Advanced Configuration
-### Production vs Development
-```typescript
-const isProduction = process.env.NODE_ENV === 'production';
-const server = new Server({
-  port: 3000,
-  plugins: {
-    json: {
-      sizeLimit: isProduction ? '1mb' : '10mb',
-      parseEmptyBodyAsObject: false,
-      encoding: 'utf-8',
-      customErrorMessage: isProduction ? {
-        status: 413,
-        message: 'Request too large'
-      } : undefined
-    }
-  }
-});
-```
-### Multiple Content Types
-```typescript
-// JSON plugin handles application/json
-// URL-encoded plugin handles application/x-www-form-urlencoded
-const server = new Server({
-  port: 3000,
-  plugins: {
-    json: {
-      sizeLimit: '10mb'
-    },
-    urlencoded: {
-      extended: true
-    }
-  }
-});
-```
-## Performance Considerations
-### Memory Usage
-```typescript
-// Be careful with large size limits
-json: {
-  sizeLimit: '100mb' // Could cause memory issues
-}
-// Recommended for most applications
-json: {
-  sizeLimit: '10mb' // Reasonable limit
-}
-```
-### Streaming for Large Files
-For very large files, consider using the file upload plugin instead:
-```typescript
-// For large files, use file upload plugin
-plugins: {
-  file: {
-    maxFileSize: 50 * 1024 * 1024 // 50MB
-  }
-}
-```