blaizejs 0.6.0 → 0.7.0

package/dist/index.d.ts

@@ -7,6 +7,546 @@ import { Readable } from 'node:stream';
 import { AsyncLocalStorage } from 'node:async_hooks';
 import { EventEmitter } from 'node:events';
 
+/**
+ * Logger Type Interfaces for BlaizeJS
+ *
+ * Comprehensive type definitions for the structured logging system.
+ * Integrates with the context system via ctx.services.log and supports
+ * request-scoped child loggers with automatic correlation ID propagation.
+ *
+ * @packageDocumentation
+ * @since 0.5.0
+ */
+/**
+ * Log levels supported by the logger system
+ *
+ * Levels in order of severity (lowest to highest):
+ * - `debug`: Detailed diagnostic information for development
+ * - `info`: General informational messages about application flow
+ * - `warn`: Warning messages for potentially harmful situations
+ * - `error`: Error messages for failures that don't stop the application
+ *
+ * @example
+ * ```typescript
+ * const level: LogLevel = 'info';
+ * ```
+ */
+type LogLevel = 'debug' | 'info' | 'warn' | 'error';
+/**
+ * Arbitrary metadata that can be attached to log entries
+ *
+ * Used to add structured context to logs. Keys are strings and values
+ * can be any JSON-serializable data. The logger will handle Error objects
+ * specially by extracting message, stack, and name properties.
+ *
+ * @example
+ * ```typescript
+ * const meta: LogMetadata = {
+ *   userId: '123',
+ *   action: 'login',
+ *   duration: 145,
+ *   tags: ['auth', 'success']
+ * };
+ * ```
+ */
+interface LogMetadata {
+    [key: string]: unknown;
+}
+/**
+ * Core logger interface implemented by the Logger class
+ *
+ * Provides structured logging with automatic metadata enrichment,
+ * child logger creation for request-scoped logging, and graceful
+ * shutdown support via flush().
+ *
+ * The logger is available in all route handlers via `ctx.services.log`
+ * and automatically includes request context (correlationId, method, path).
+ *
+ * @example Basic Usage
+ * ```typescript
+ * // In route handler
+ * export const GET = appRoute.get({
+ *   handler: async (ctx) => {
+ *     ctx.services.log.info('User requested profile', {
+ *       userId: ctx.params.userId
+ *     });
+ *
+ *     try {
+ *       const user = await getUser(ctx.params.userId);
+ *       return user;
+ *     } catch (error) {
+ *       ctx.services.log.error('Failed to fetch user', {
+ *         userId: ctx.params.userId,
+ *         error
+ *       });
+ *       throw error;
+ *     }
+ *   }
+ * });
+ * ```
+ *
+ * @example Child Loggers
+ * ```typescript
+ * // Create a child logger with additional context
+ * const dbLogger = ctx.services.log.child({
+ *   component: 'database',
+ *   operation: 'user-lookup'
+ * });
+ *
+ * dbLogger.debug('Executing query', { query: 'SELECT * FROM users' });
+ * // Output includes: { component: 'database', operation: 'user-lookup', ... }
+ * ```
+ */
+interface BlaizeLogger {
+    /**
+     * Log a debug message
+     *
+     * Use for detailed diagnostic information during development.
+     * These logs are typically disabled in production environments.
+     *
+     * @param message - The log message
+     * @param meta - Optional metadata to attach
+     *
+     * @example
+     * ```typescript
+     * ctx.services.log.debug('Cache lookup', {
+     *   key: 'user:123',
+     *   hit: true,
+     *   ttl: 3600
+     * });
+     * ```
+     */
+    debug(message: string, meta?: LogMetadata): void;
+    /**
+     * Log an info message
+     *
+     * Use for general informational messages about application flow.
+     * This is the default log level for production environments.
+     *
+     * @param message - The log message
+     * @param meta - Optional metadata to attach
+     *
+     * @example
+     * ```typescript
+     * ctx.services.log.info('User login successful', {
+     *   userId: '123',
+     *   method: 'oauth',
+     *   provider: 'google'
+     * });
+     * ```
+     */
+    info(message: string, meta?: LogMetadata): void;
+    /**
+     * Log a warning message
+     *
+     * Use for potentially harmful situations that don't prevent
+     * the application from functioning.
+     *
+     * @param message - The log message
+     * @param meta - Optional metadata to attach
+     *
+     * @example
+     * ```typescript
+     * ctx.services.log.warn('Rate limit approaching threshold', {
+     *   userId: '123',
+     *   currentCount: 95,
+     *   limit: 100
+     * });
+     * ```
+     */
+    warn(message: string, meta?: LogMetadata): void;
+    /**
+     * Log an error message
+     *
+     * Use for error conditions that don't stop the application.
+     * The logger automatically extracts stack traces from Error objects.
+     *
+     * @param message - The log message
+     * @param meta - Optional metadata to attach
+     *
+     * @example
+     * ```typescript
+     * ctx.services.log.error('Database query failed', {
+     *   query: 'SELECT * FROM users',
+     *   error: err,  // Error object - stack trace will be extracted
+     *   retryCount: 3
+     * });
+     * ```
+     */
+    error(message: string, meta?: LogMetadata): void;
+    /**
+     * Create a child logger with inherited metadata
+     *
+     * Child loggers inherit all metadata from their parent and add
+     * their own. This is useful for adding component-specific context
+     * without polluting the parent logger.
+     *
+     * Child metadata overrides parent metadata for the same keys.
+     *
+     * @param meta - Metadata to add to all logs from this child
+     * @returns A new logger instance with merged metadata
+     *
+     * @example Component-Scoped Logging
+     * ```typescript
+     * // Create a child logger for a specific component
+     * const authLogger = ctx.services.log.child({
+     *   component: 'auth',
+     *   action: 'verify-token'
+     * });
+     *
+     * authLogger.debug('Verifying JWT token');
+     * // Output includes: { correlationId, method, path, component: 'auth', ... }
+     *
+     * authLogger.info('Token verified', { userId: '123' });
+     * // Output includes all parent + child metadata
+     * ```
+     *
+     * @example Nested Child Loggers
+     * ```typescript
+     * const dbLogger = ctx.services.log.child({ component: 'database' });
+     * const queryLogger = dbLogger.child({ operation: 'select' });
+     *
+     * queryLogger.debug('Executing query');
+     * // Output includes: { correlationId, component: 'database', operation: 'select', ... }
+     * ```
+     */
+    child(meta: LogMetadata): BlaizeLogger;
+    /**
+     * Flush any buffered logs and wait for completion
+     *
+     * Call this during graceful shutdown to ensure all logs are written
+     * before the process exits. This is especially important for transports
+     * that batch writes (e.g., sending logs to external services).
+     *
+     * If the transport doesn't implement flush(), this is a no-op.
+     *
+     * @returns Promise that resolves when all logs are flushed
+     *
+     * @example Graceful Shutdown
+     * ```typescript
+     * // In server shutdown handler
+     * process.on('SIGTERM', async () => {
+     *   console.log('Shutting down gracefully...');
+     *
+     *   // Flush logs before exit
+     *   await server._logger.flush();
+     *
+     *   await server.close();
+     *   process.exit(0);
+     * });
+     * ```
+     */
+    flush(): Promise<void>;
+}
+/**
+ * Transport adapter interface for log output destinations
+ *
+ * Transports are responsible for writing log entries to a destination
+ * (console, file, external service, etc.). Multiple transports can be
+ * used simultaneously.
+ *
+ * Transports must be stateless to support concurrent logging.
+ *
+ * @example Console Transport
+ * ```typescript
+ * class ConsoleTransport implements BlaizeLogTransport {
+ *   write(level: LogLevel, message: string, meta: LogMetadata): void {
+ *     const timestamp = new Date().toISOString();
+ *     const levelUpper = level.toUpperCase();
+ *     const metaStr = JSON.stringify(meta);
+ *
+ *     console.log(`[${timestamp}] ${levelUpper}: ${message} ${metaStr}`);
+ *   }
+ * }
+ * ```
+ *
+ * @example Custom HTTP Transport
+ * ```typescript
+ * class HTTPTransport implements BlaizeLogTransport {
+ *   constructor(private endpoint: string) {}
+ *
+ *   write(level: LogLevel, message: string, meta: LogMetadata): void {
+ *     // Non-blocking fire-and-forget
+ *     fetch(this.endpoint, {
+ *       method: 'POST',
+ *       headers: { 'Content-Type': 'application/json' },
+ *       body: JSON.stringify({ level, message, meta, timestamp: Date.now() })
+ *     }).catch(err => console.error('Failed to send log', err));
+ *   }
+ *
+ *   async flush(): Promise<void> {
+ *     // Optional: wait for pending requests
+ *   }
+ * }
+ * ```
+ */
+interface BlaizeLogTransport {
+    /**
+     * Write a log entry to the transport destination
+     *
+     * This method must be synchronous and non-blocking. For transports
+     * that need to perform async I/O (network, disk), use fire-and-forget
+     * pattern or internal buffering.
+     *
+     * @param level - The log level
+     * @param message - The log message
+     * @param meta - Structured metadata (already redacted)
+     */
+    write(level: LogLevel, message: string, meta: LogMetadata): void;
+    /**
+     * Flush any buffered logs (optional)
+     *
+     * Implement this if your transport batches writes or has pending
+     * async operations. Called during graceful shutdown via logger.flush().
+     *
+     * @returns Promise that resolves when all logs are written
+     */
+    flush?(): Promise<void>;
+}
+/**
+ * Configuration for the logger system
+ *
+ * Controls logging behavior including log levels, output destinations,
+ * sensitive data redaction, and request lifecycle logging.
+ *
+ * @example Development Configuration
+ * ```typescript
+ * import { createServer } from 'blaizejs';
+ *
+ * const server = createServer({
+ *   port: 3000,
+ *   logging: {
+ *     level: 'debug',
+ *     // Uses ConsoleTransport by default in development
+ *     includeTimestamp: true,
+ *     requestLogging: true,
+ *     requestLoggerOptions: {
+ *       includeHeaders: true,
+ *       includeQuery: true
+ *     }
+ *   }
+ * });
+ * ```
+ *
+ * @example Production Configuration
+ * ```typescript
+ * import { JSONTransport } from 'blaizejs';
+ *
+ * const server = createServer({
+ *   port: 3000,
+ *   logging: {
+ *     level: 'info',
+ *     transport: new JSONTransport(),  // Single-line JSON for log aggregators
+ *     redactKeys: ['password', 'apiKey', 'secret', 'token'],
+ *     includeTimestamp: true,
+ *     requestLogging: true,
+ *     requestLoggerOptions: {
+ *       includeHeaders: true,
+ *       headerWhitelist: ['content-type', 'user-agent']
+ *     }
+ *   }
+ * });
+ * ```
+ */
+interface LoggerConfig {
+    /**
+     * Minimum log level to output
+     *
+     * Logs below this level are filtered out (zero overhead).
+     *
+     * @default 'debug' in development, 'info' in production
+     *
+     * @example
+     * ```typescript
+     * logging: {
+     *   level: 'warn'  // Only log warnings and errors
+     * }
+     * ```
+     */
+    level?: LogLevel;
+    /**
+     * Transport adapter for log output
+     *
+     * Determines where and how logs are written.
+     *
+     * @default ConsoleTransport in development, JSONTransport in production
+     *
+     * @example Multiple Transports
+     * ```typescript
+     * import { ConsoleTransport, JSONTransport } from 'blaizejs';
+     *
+     * class MultiTransport implements BlaizeLogTransport {
+     *   private transports = [
+     *     new ConsoleTransport(),
+     *     new JSONTransport()
+     *   ];
+     *
+     *   write(level: LogLevel, message: string, meta: LogMetadata): void {
+     *     this.transports.forEach(t => t.write(level, message, meta));
+     *   }
+     * }
+     *
+     * logging: {
+     *   transport: new MultiTransport()
+     * }
+     * ```
+     */
+    transport?: BlaizeLogTransport;
+    /**
+     * Keys to redact from log metadata (case-insensitive)
+     *
+     * Matching keys are replaced with '[REDACTED]' in the output.
+     * Redaction is shallow (only top-level keys are checked).
+     *
+     * @default []
+     *
+     * @example
+     * ```typescript
+     * logging: {
+     *   redactKeys: ['password', 'apiKey', 'creditCard', 'ssn']
+     * }
+     *
+     * // Usage
+     * ctx.services.log.info('User created', {
+     *   email: 'user@example.com',
+     *   password: 'secret123'  // Will be '[REDACTED]' in output
+     * });
+     * ```
+     */
+    redactKeys?: string[];
+    /**
+     * Whether to include ISO 8601 timestamps in log metadata
+     *
+     * @default true
+     *
+     * @example
+     * ```typescript
+     * logging: {
+     *   includeTimestamp: true
+     * }
+     *
+     * // Output includes: { timestamp: '2025-10-20T15:30:45.123Z', ... }
+     * ```
+     */
+    includeTimestamp?: boolean;
+}
+/**
+ * Resolved logger configuration with all defaults applied
+ *
+ */
+interface ResolvedLoggerConfig {
+    /** Minimum log level to output */
+    level: LogLevel;
+    /** Transport adapter for log output */
+    transport: BlaizeLogTransport;
+    /** Keys to redact from metadata (case-insensitive) */
+    redactKeys: string[];
+    /** Whether to include ISO 8601 timestamps */
+    includeTimestamp: boolean;
+}
+/**
+ * Serialized error structure
+ */
+interface SerializedError {
+    message: string;
+    name: string;
+    stack?: string;
+}
+/**
+ * Options for request logger middleware
+ *
+ * Controls what request data is automatically included in log metadata
+ * for the child logger created for each request.
+ *
+ * @example Basic Configuration
+ * ```typescript
+ * requestLoggerOptions: {
+ *   includeHeaders: true,  // Include safe headers
+ *   includeQuery: true     // Include query parameters
+ * }
+ * ```
+ *
+ * @example Custom Header Whitelist
+ * ```typescript
+ * requestLoggerOptions: {
+ *   includeHeaders: true,
+ *   headerWhitelist: [
+ *     'content-type',
+ *     'user-agent',
+ *     'accept',
+ *     'x-custom-header'
+ *   ]
+ * }
+ * ```
+ */
+interface RequestLoggerOptions {
+    /**
+     * Include request headers in log metadata
+     *
+     * Only safe headers are included by default. Sensitive headers
+     * (authorization, cookie, x-api-key, proxy-authorization) are
+     * ALWAYS redacted even if included in the whitelist.
+     *
+     * @default false
+     *
+     * @example
+     * ```typescript
+     * requestLoggerOptions: {
+     *   includeHeaders: true
+     * }
+     *
+     * // Default safe headers included:
+     * // - accept
+     * // - content-type
+     * // - user-agent
+     * // - x-correlation-id
+     * ```
+     */
+    includeHeaders?: boolean;
+    /**
+     * Whitelist of header names to include (case-insensitive)
+     *
+     * Only used when includeHeaders is true. If not specified,
+     * default safe headers are used. Sensitive headers are ALWAYS
+     * redacted regardless of this whitelist.
+     *
+     * @default ['accept', 'content-type', 'user-agent', 'x-correlation-id']
+     *
+     * @example
+     * ```typescript
+     * requestLoggerOptions: {
+     *   includeHeaders: true,
+     *   headerWhitelist: [
+     *     'content-type',
+     *     'user-agent',
+     *     'x-request-id',
+     *     'x-custom-header'
+     *   ]
+     * }
+     * ```
+     */
+    headerWhitelist?: string[];
+    /**
+     * Include query parameters in log metadata
+     *
+     * Query parameters are included as a `query` object in metadata.
+     * Be careful with sensitive data in query strings.
+     *
+     * @default false
+     *
+     * @example
+     * ```typescript
+     * requestLoggerOptions: {
+     *   includeQuery: true
+     * }
+     *
+     * // Request: GET /users?page=1&limit=10
+     * // Log includes: { query: { page: '1', limit: '10' }, ... }
+     * ```
+     */
+    includeQuery?: boolean;
+}
+
 /**
  * Represents an uploaded file in a multipart/form-data request
  */
@@ -354,8 +894,19 @@ type UnknownFunction = (...args: unknown[]) => unknown;
 type NextFunction = () => Promise<void> | void;
 /**
  * Middleware function signature
+ *
+ *  @param ctx - The Blaize context object
+ *  @param next - Function to invoke the next middleware in the chain
+ *  @param logger - Logger instance for logging within the middleware
+ *
+ *  @example
+ *  const myMiddleware: MiddlewareFunction = async (ctx, next, logger) => {
+ *    logger.info('Executing my middleware');
+ *    // Middleware logic here
+ *    await next();
+ *  };
  */
-type MiddlewareFunction = (ctx: Context, next: NextFunction) => Promise<void> | void;
+type MiddlewareFunction = (ctx: Context, next: NextFunction, logger: BlaizeLogger) => Promise<void> | void;
 /**
  * Named middleware options
  */
@@ -411,9 +962,22 @@ ED extends z.ZodType = z.ZodType<any>> {
 }
 /**
  * Route handler function with strongly typed params and response
+ *
+ *  @param ctx - The Blaize context object
+ *  @param params - Extracted route parameters
+ *  @param logger - Logger instance for logging within the handler
+ *
+ *  @returns The response data of type TResponse
+ *
+ *  @example
+ *  const myRouteHandler: RouteHandler = async (ctx, params, logger) => {
+ *    logger.info('Handling route with params:', params);
+ *   // Handler logic here
+ *    return { message: 'Success' }
+ *  };
  */
 type RouteHandler<TParams = Record<string, string>, TQuery = Record<string, string | string[] | undefined>, TBody = unknown, TResponse = unknown, TState extends State = State, // NEW in v0.4.0
-TServices extends Services = Services> = (ctx: Context<TState, TServices, TBody, TQuery>, params: TParams) => Promise<TResponse> | TResponse;
+TServices extends Services = Services> = (ctx: Context<TState, TServices, TBody, TQuery>, params: TParams, logger: BlaizeLogger) => Promise<TResponse> | TResponse;
 /**
  * Options for a route method with schema-based type inference
  */
@@ -485,7 +1049,7 @@ interface RouterOptions {
  */
 interface Router {
     /** Handle an incoming request */
-    handleRequest: (ctx: Context) => Promise<void>;
+    handleRequest: (ctx: Context, logger: BlaizeLogger) => Promise<void>;
     /** Get all registered routes */
     getRoutes: () => Route[];
     /** Add a route programmatically */
@@ -762,441 +1326,122 @@ type CreateOptionsRoute = <TState extends State = State, TServices extends Servi
 };
 
 /**
- * Compose multiple middleware functions into a single middleware function
- */
-declare function compose(middlewareStack: Middleware[]): MiddlewareFunction;
-
-/**
- * CORS Types for BlaizeJS Framework
+ * Error type definitions and interfaces for the BlaizeJS framework
  *
- * Comprehensive type definitions for W3C-compliant CORS middleware
- * with support for string, regex, and async function origin validation.
- *
- * @module @blaizejs/types/cors
+ * This module contains all the type definitions used for error handling
+ * across the BlaizeJS framework, including server-side errors, client-side
+ * errors, and HTTP response formats.
  */
-
 /**
- * Origin configuration type supporting multiple validation methods
- *
- * @example
- * ```typescript
- * // String origin (exact match)
- * const origin: CorsOrigin = 'https://example.com';
- *
- * // RegExp pattern
- * const origin: CorsOrigin = /^https:\/\/.*\.example\.com$/;
+ * Structure of error responses sent over HTTP
  *
- * // Dynamic validation function
- * const origin: CorsOrigin = async (origin, ctx) => {
- *   return await checkOriginAllowed(origin, ctx?.state.user);
- * };
+ * This interface defines the JSON format used for all error responses
+ * from BlaizeJS servers. It matches the structure returned by BlaizeError.toJSON()
  *
- * // Array of mixed types
- * const origin: CorsOrigin = [
- *   'https://localhost:3000',
- *   /^https:\/\/.*\.example\.com$/,
- *   (origin) => origin.endsWith('.trusted.com')
- * ];
+ * @example
+ * ```json
+ * {
+ *   "type": "VALIDATION_ERROR",
+ *   "title": "Request validation failed",
+ *   "status": 400,
+ *   "correlationId": "req_abc123",
+ *   "timestamp": "2024-01-15T10:30:00.000Z",
+ *   "details": {
+ *     "fields": ["email", "password"]
+ *   }
+ * }
  * ```
  */
-type CorsOrigin = string | RegExp | ((origin: string, ctx?: Context<any, any>) => boolean | Promise<boolean>) | Array<string | RegExp | ((origin: string, ctx?: Context<any, any>) => boolean | Promise<boolean>)>;
-/**
- * HTTP methods that can be allowed in CORS
- * Based on W3C CORS specification
- */
-type CorsHttpMethod = HttpMethod | 'CONNECT' | 'TRACE';
+interface BlaizeErrorResponse {
+    /** Error type from the ErrorType enum */
+    type: ErrorType;
+    /** Human-readable error message */
+    title: string;
+    /** HTTP status code */
+    status: number;
+    /** Correlation ID for request tracing */
+    correlationId: string;
+    /** ISO timestamp when error occurred */
+    timestamp: string;
+    /** Optional error-specific details */
+    details?: unknown;
+}
 /**
- * Main CORS configuration options
+ * Context information for network-related errors
  *
- * @example
- * ```typescript
- * const corsOptions: CorsOptions = {
- *   origin: 'https://example.com',
- *   methods: ['GET', 'POST'],
- *   credentials: true,
- *   maxAge: 86400
- * };
- * ```
+ * Used by client-side error classes to provide additional context
+ * about network failures, timeouts, and connection issues.
  */
-interface CorsOptions {
-    /**
-     * Configures the Access-Control-Allow-Origin header
-     *
-     * Possible values:
-     * - `true`: Allow all origins (sets to '*' unless credentials is true, then reflects origin)
-     * - `false`: Disable CORS (no headers set)
-     * - `string`: Specific origin to allow
-     * - `RegExp`: Pattern to match origins
-     * - `function`: Custom validation logic
-     * - `array`: Multiple origin configurations
-     *
-     * @default false
-     */
-    origin?: boolean | CorsOrigin;
-    /**
-     * Configures the Access-Control-Allow-Methods header
-     *
-     * @default ['GET', 'HEAD', 'PUT', 'PATCH', 'POST', 'DELETE']
-     * @example ['GET', 'POST']
-     */
-    methods?: CorsHttpMethod[] | string;
-    /**
-     * Configures the Access-Control-Allow-Headers header
-     *
-     * Pass an array of allowed headers or a comma-delimited string.
-     *
-     * @default Request's Access-Control-Request-Headers header value
-     * @example ['Content-Type', 'Authorization']
-     */
-    allowedHeaders?: string[] | string;
-    /**
-     * Configures the Access-Control-Expose-Headers header
-     *
-     * Headers that the browser is allowed to access.
-     *
-     * @default []
-     * @example ['Content-Range', 'X-Content-Range']
-     */
-    exposedHeaders?: string[] | string;
-    /**
-     * Configures the Access-Control-Allow-Credentials header
-     *
-     * Set to true to allow credentials (cookies, authorization headers, TLS client certificates).
-     * Note: Cannot be used with origin: '*' for security reasons.
-     *
-     * @default false
-     */
-    credentials?: boolean;
-    /**
-     * Configures the Access-Control-Max-Age header in seconds
-     *
-     * Indicates how long browsers can cache preflight response.
-     * Set to -1 to disable caching.
-     *
-     * @default undefined (browser decides)
-     * @example 86400 // 24 hours
-     */
-    maxAge?: number;
-    /**
-     * Whether to pass the CORS preflight response to the next handler
-     *
-     * When false, the preflight response is sent immediately.
-     * When true, control passes to the next middleware/handler.
-     *
-     * @default false
-     */
-    preflightContinue?: boolean;
-    /**
-     * HTTP status code for successful OPTIONS requests
-     *
-     * Some legacy browsers require 200, while 204 is more correct.
-     *
-     * @default 204
-     */
-    optionsSuccessStatus?: number;
+interface NetworkErrorContext {
+    /** The URL that failed */
+    url: string;
+    /** HTTP method being attempted */
+    method: string;
+    /** Correlation ID for tracing */
+    correlationId: string;
+    /** Timeout value if applicable */
+    timeout?: number;
+    /** The original error that caused the network failure */
+    originalError: Error;
+    /** Additional network-specific details */
+    networkDetails?: {
+        /** Whether this was a connection timeout */
+        isTimeout?: boolean;
+        /** Whether this was a DNS resolution failure */
+        isDnsFailure?: boolean;
+        /** Whether this was a connection refused error */
+        isConnectionRefused?: boolean;
+        /** HTTP status code if received before failure */
+        statusCode?: number;
+    };
 }
 /**
- * Internal CORS validation result
- * Used by middleware implementation
+ * Context information for request timeout errors
+ *
+ * Specialized context for timeout-specific errors with timing information.
  */
-interface CorsValidationResult {
-    /**
-     * Whether the origin is allowed
-     */
-    allowed: boolean;
-    /**
-     * The origin value to set in the header
-     * Can be '*', specific origin, or 'null'
-     */
-    origin?: string;
-    /**
-     * Whether to add Vary: Origin header
-     */
-    vary?: boolean;
+interface TimeoutErrorContext {
+    /** The URL that timed out */
+    url: string;
+    /** HTTP method being attempted */
+    method: string;
+    /** Correlation ID for tracing */
+    correlationId: string;
+    /** Configured timeout value in milliseconds */
+    timeoutMs: number;
+    /** Actual duration before timeout in milliseconds */
+    elapsedMs: number;
+    /** Type of timeout (request, connection, etc.) */
+    timeoutType: 'request' | 'connection' | 'response' | 'idle';
 }
 /**
- * CORS preflight request information
- * Extracted from OPTIONS request headers
+ * Context information for response parsing errors
+ *
+ * Used when the client receives a response but cannot parse it properly.
  */
-interface CorsPreflightInfo {
-    /**
-     * The origin making the request
-     */
-    origin?: string;
-    /**
-     * The method that will be used in the actual request
-     * From Access-Control-Request-Method header
-     */
-    requestedMethod?: string;
-    /**
-     * The headers that will be sent in the actual request
-     * From Access-Control-Request-Headers header
-     */
-    requestedHeaders?: string[];
+interface ParseErrorContext {
+    /** The URL that returned unparseable content */
+    url: string;
+    /** HTTP method used */
+    method: string;
+    /** Correlation ID for tracing */
+    correlationId: string;
+    /** HTTP status code received */
+    statusCode: number;
+    /** Content-Type header if available */
+    contentType?: string;
+    /** Expected response format */
+    expectedFormat: 'json' | 'text' | 'binary';
+    /** Sample of the actual response content (truncated for safety) */
+    responseSample?: string;
+    /** The original parsing error */
+    originalError: Error;
 }
 /**
- * Cache entry for origin validation results
- * Used for performance optimization
- */
-interface CorsOriginCacheEntry {
-    /**
-     * Whether the origin is allowed
-     */
-    allowed: boolean;
-    /**
-     * When this cache entry expires (timestamp)
-     */
-    expiresAt: number;
-    /**
-     * Optional user identifier for cache key
-     */
-    userId?: string;
-}
-/**
- * Configuration for CORS origin validation cache
- */
-interface CorsOriginCacheConfig {
-    /**
-     * Time-to-live for cache entries in milliseconds
-     * @default 60000 (1 minute)
-     */
-    ttl?: number;
-    /**
-     * Maximum number of entries in the cache
-     * @default 1000
-     */
-    maxSize?: number;
-    /**
-     * Whether to include user ID in cache key
-     * @default true
-     */
-    includeUserId?: boolean;
-}
-/**
- * Statistics for CORS middleware performance monitoring
- */
-interface CorsStats {
-    /**
-     * Total number of CORS requests processed
-     */
-    totalRequests: number;
-    /**
-     * Number of preflight requests handled
-     */
-    preflightRequests: number;
-    /**
-     * Number of allowed origins
-     */
-    allowedOrigins: number;
-    /**
-     * Number of denied origins
-     */
-    deniedOrigins: number;
-    /**
-     * Cache hit rate for origin validation
-     */
-    cacheHitRate: number;
-    /**
-     * Average origin validation time in milliseconds
-     */
-    avgValidationTime: number;
-}
-/**
- * Cache entry type
- */
-interface CacheEntry {
-    allowed: boolean;
-    expiresAt: number;
-    lastAccessed: number;
-}
-/**
- * Cache configuration
- */
-interface CacheConfig {
-    ttl: number;
-    maxSize: number;
-}
-
-/**
- * Create CORS middleware with the specified options
- *
- * @param userOptions - CORS configuration options or boolean
- * @returns Middleware function that handles CORS
- *
- * @example
- * ```typescript
- * import { cors } from '@blaize-core/middleware/cors';
- *
- * // Development mode - allow all origins
- * server.use(cors(true));
- *
- * // Production - specific origin
- * server.use(cors({
- *   origin: 'https://app.example.com',
- *   credentials: true,
- *   maxAge: 86400
- * }));
- *
- * // Multiple origins with regex
- * server.use(cors({
- *   origin: [
- *     'https://app.example.com',
- *     /^https:\/\/.*\.example\.com$/
- *   ]
- * }));
- *
- * // Dynamic origin validation
- * server.use(cors({
- *   origin: async (origin, ctx) => {
- *     return await checkOriginAllowed(origin, ctx.state.user);
- *   }
- * }));
- * ```
- */
-declare function cors(userOptions?: CorsOptions | boolean): Middleware;
-
-/**
- * Create a middleware
- */
-declare function create$1<TState = {}, TServices = {}>(handlerOrOptions: MiddlewareFunction | MiddlewareOptions): Middleware<TState, TServices>;
-/**
- * Create a middleware that only contributes state (no services)
- * Convenience helper for state-only middleware
- *
- * @template T - Type of state to contribute
- * @param handler - Middleware function that adds state
- * @returns Middleware that contributes state only
- *
- */
-declare function stateMiddleware<T = {}>(handler: MiddlewareFunction): Middleware<T, {}>;
-/**
- * Create a middleware that only contributes services (no state)
- * Convenience helper for service-only middleware
- *
- * @template T - Type of services to contribute
- * @param handler - Middleware function that adds services
- * @returns Middleware that contributes services only
- *
- */
-declare function serviceMiddleware<T = {}>(handler: MiddlewareFunction): Middleware<{}, T>;
-
-/**
- * Error type definitions and interfaces for the BlaizeJS framework
- *
- * This module contains all the type definitions used for error handling
- * across the BlaizeJS framework, including server-side errors, client-side
- * errors, and HTTP response formats.
- */
-/**
- * Structure of error responses sent over HTTP
- *
- * This interface defines the JSON format used for all error responses
- * from BlaizeJS servers. It matches the structure returned by BlaizeError.toJSON()
- *
- * @example
- * ```json
- * {
- *   "type": "VALIDATION_ERROR",
- *   "title": "Request validation failed",
- *   "status": 400,
- *   "correlationId": "req_abc123",
- *   "timestamp": "2024-01-15T10:30:00.000Z",
- *   "details": {
- *     "fields": ["email", "password"]
- *   }
- * }
- * ```
- */
-interface BlaizeErrorResponse {
-    /** Error type from the ErrorType enum */
-    type: ErrorType;
-    /** Human-readable error message */
-    title: string;
-    /** HTTP status code */
-    status: number;
-    /** Correlation ID for request tracing */
-    correlationId: string;
-    /** ISO timestamp when error occurred */
-    timestamp: string;
-    /** Optional error-specific details */
-    details?: unknown;
-}
-/**
- * Context information for network-related errors
- *
- * Used by client-side error classes to provide additional context
- * about network failures, timeouts, and connection issues.
- */
-interface NetworkErrorContext {
-    /** The URL that failed */
-    url: string;
-    /** HTTP method being attempted */
-    method: string;
-    /** Correlation ID for tracing */
-    correlationId: string;
-    /** Timeout value if applicable */
-    timeout?: number;
-    /** The original error that caused the network failure */
-    originalError: Error;
-    /** Additional network-specific details */
-    networkDetails?: {
-        /** Whether this was a connection timeout */
-        isTimeout?: boolean;
-        /** Whether this was a DNS resolution failure */
-        isDnsFailure?: boolean;
-        /** Whether this was a connection refused error */
-        isConnectionRefused?: boolean;
-        /** HTTP status code if received before failure */
-        statusCode?: number;
-    };
-}
-/**
- * Context information for request timeout errors
- *
- * Specialized context for timeout-specific errors with timing information.
- */
-interface TimeoutErrorContext {
-    /** The URL that timed out */
-    url: string;
-    /** HTTP method being attempted */
-    method: string;
-    /** Correlation ID for tracing */
-    correlationId: string;
-    /** Configured timeout value in milliseconds */
-    timeoutMs: number;
-    /** Actual duration before timeout in milliseconds */
-    elapsedMs: number;
-    /** Type of timeout (request, connection, etc.) */
-    timeoutType: 'request' | 'connection' | 'response' | 'idle';
-}
-/**
- * Context information for response parsing errors
- *
- * Used when the client receives a response but cannot parse it properly.
- */
-interface ParseErrorContext {
-    /** The URL that returned unparseable content */
-    url: string;
-    /** HTTP method used */
-    method: string;
-    /** Correlation ID for tracing */
-    correlationId: string;
-    /** HTTP status code received */
-    statusCode: number;
-    /** Content-Type header if available */
-    contentType?: string;
-    /** Expected response format */
-    expectedFormat: 'json' | 'text' | 'binary';
-    /** Sample of the actual response content (truncated for safety) */
-    responseSample?: string;
-    /** The original parsing error */
-    originalError: Error;
-}
-/**
- * Validation error field details
- *
- * Structure for field-level validation errors with multiple error messages
- * per field.
+ * Validation error field details
+ *
+ * Structure for field-level validation errors with multiple error messages
+ * per field.
  */
 interface ValidationFieldError {
     /** Field name or path (e.g., "email", "user.profile.name") */
@@ -1731,1186 +1976,2039 @@ interface SSEOptions {
     bufferStrategy?: SSEBufferStrategy;
 }
 /**
- * Connection states for SSE streams
+ * Connection states for SSE streams
+ */
+type SSEConnectionState = 'connecting' | 'connected' | 'disconnected' | 'closed';
+/**
+ * SSE stream interface for managing server-sent events
+ *
+ * @example
+ * ```typescript
+ * const stream: SSEStream = createSSEStream(response);
+ *
+ * // Send typed event
+ * stream.send('notification', { type: 'info', message: 'Update available' });
+ *
+ * // Send error event
+ * stream.sendError(new Error('Processing failed'));
+ *
+ * // Clean up on close
+ * stream.onClose(() => {
+ *   console.log('Client disconnected');
+ * });
+ *
+ * // Close stream
+ * stream.close();
+ * ```
+ */
+interface SSEStream {
+    /**
+     * Send an event with typed data to the client
+     * @template T - Type of the data payload
+     * @param event - Event name/type
+     * @param data - Event data payload
+     */
+    send<T>(event: string, data: T): void;
+    /**
+     * Send an error event to the client
+     * @param error - Error object to send
+     */
+    sendError(error: Error): void;
+    /**
+     * Close the SSE stream connection
+     */
+    close(): void;
+    /**
+     * Register a callback for stream closure
+     * @param cb - Callback function to execute on close
+     */
+    onClose(cb: () => void): void;
+}
+/**
+ * Extended SSE stream with additional control methods
+ */
+interface SSEStreamExtended extends SSEStream {
+    readonly id: string;
+    [Symbol.asyncIterator](): AsyncGenerator<BufferedEvent, void, unknown>;
+    /** Current connection state */
+    readonly state: SSEConnectionState;
+    /** Number of events in the buffer */
+    readonly bufferSize: number;
+    /** Check if stream is writable */
+    readonly isWritable: boolean;
+    /**
+     * Ping the client to keep connection alive
+     * @param comment - Optional comment to include in ping
+     */
+    ping(comment?: string): void;
+    /**
+     * Set retry interval for client reconnection
+     * @param milliseconds - Retry interval in milliseconds
+     */
+    setRetry(milliseconds: number): void;
+    /**
+     * Flush any buffered events immediately
+     */
+    flush(): void;
+    getMetrics(): StreamMetrics;
+}
+/**
+ * SSE event serialization format
+ */
+interface SSESerializedEvent {
+    /** Event ID field */
+    id?: string;
+    /** Event type field */
+    event?: string;
+    /** Data field (can be multi-line) */
+    data: string;
+    /** Retry field */
+    retry?: number;
+    /** Comment field for keep-alive */
+    comment?: string;
+}
+/**
+ * SSE event handler function type
+ * @template T - Type of the event data
+ */
+type SSEEventHandler<T = unknown> = (event: SSEEvent<T>) => void | Promise<void>;
+/**
+ * SSE event listener registration
+ */
+interface SSEEventListener {
+    /** Event type to listen for (use '*' for all events) */
+    event: string;
+    /** Handler function for the event */
+    handler: SSEEventHandler;
+    /** Optional listener identifier for removal */
+    id?: string;
+}
+/**
+ * SSE metrics for monitoring stream performance
+ */
+interface SSEMetrics {
+    /** Total number of events sent */
+    eventsSent: number;
+    /** Total number of events dropped */
+    eventsDropped: number;
+    /** Current number of connected clients */
+    activeConnections: number;
+    /** Total bytes sent */
+    bytesSent: number;
+    /** Average event send latency in milliseconds */
+    averageLatency: number;
+    /** Connection duration in milliseconds */
+    connectionDuration: number;
+}
+/**
+ * SSE stream manager for handling multiple clients
+ */
+interface SSEStreamManager {
+    /**
+     * Create a new SSE stream for a client
+     * @param clientId - Unique identifier for the client
+     * @param options - Stream configuration options
+     */
+    createStream(clientId: string, options?: SSEOptions): SSEStream;
+    /**
+     * Get an existing stream by client ID
+     * @param clientId - Client identifier
+     */
+    getStream(clientId: string): SSEStream | undefined;
+    /**
+     * Broadcast an event to all connected clients
+     * @template T - Type of the event data
+     * @param event - Event name
+     * @param data - Event data
+     */
+    broadcast<T>(event: string, data: T): void;
+    /**
+     * Broadcast to specific clients
+     * @template T - Type of the event data
+     * @param clientIds - Array of client IDs
+     * @param event - Event name
+     * @param data - Event data
+     */
+    multicast<T>(clientIds: string[], event: string, data: T): void;
+    /**
+     * Close a specific client stream
+     * @param clientId - Client identifier
+     */
+    closeStream(clientId: string): void;
+    /**
+     * Close all active streams
+     */
+    closeAll(): void;
+    /**
+     * Get metrics for all streams
+     */
+    getMetrics(): SSEMetrics;
+}
+/**
+ * Result type for operations that can fail
+ */
+type RegistryResult<T> = {
+    success: true;
+    value: T;
+} | {
+    success: false;
+    error: string;
+};
+/**
+ * Connection metadata stored in the registry
+ */
+interface ConnectionEntry {
+    stream: SSEStream;
+    connectedAt: number;
+    lastActivity: number;
+    clientIp?: string;
+    userAgent?: string;
+}
+/**
+ * Internal connection registry interface
+ */
+interface ConnectionRegistry {
+    /** Add a new connection to the registry */
+    add: (id: string, stream: SSEStream, metadata?: {
+        clientIp?: string;
+        userAgent?: string;
+    }) => void;
+    /** Remove a connection from the registry */
+    remove: (id: string) => void;
+    /** Get current connection count */
+    count: () => number;
+    /** Clean up inactive or closed connections */
+    cleanup: () => void;
+    /** Get connection by ID (for internal use) */
+    get: (id: string) => SSEStream | undefined;
+    /** Check if a connection exists */
+    has: (id: string) => boolean;
+    /** Get all connection IDs */
+    getIds: () => string[];
+    /** Shutdown the registry and close all connections */
+    shutdown: () => void;
+}
+/**
+ * Extended stream interface for typed events
+ */
+interface TypedSSEStream<TEvents extends Record<string, z.ZodType>> extends SSEStreamExtended {
+    send<K extends keyof TEvents>(event: K & string, data: z.infer<TEvents[K]>): void;
+}
+/**
+ * Schema for SSE route validation with generic type parameters
+ */
+interface SSERouteSchema<P extends z.ZodType = z.ZodType<any>, Q extends z.ZodType = z.ZodType<any>, E = any> {
+    /** Parameter schema for validation */
+    params?: P;
+    /** Query schema for validation */
+    query?: Q;
+    /** Events schema for validation (SSE-specific, replaces response) */
+    events?: E;
+}
+/**
+ * SSE route handler function with stream as first parameter
+ * This is the user-facing API - they write handlers with this signature
+ */
+type SSERouteHandler<TStream extends SSEStreamExtended = SSEStreamExtended, TParams = Record<string, string>, TQuery = Record<string, string | string[] | undefined>, TState extends State = State, TServices extends Services = Services> = (stream: TStream, ctx: Context<TState, TServices, never, TQuery>, // SSE never has body
+params: TParams) => Promise<void> | void;
+/**
+ * SSE route creator with state and services support
+ * Returns a higher-order function to handle generics properly
+ *
+ * The return type matches what the implementation actually returns:
+ * - A route object with a GET property
+ * - The GET property contains the wrapped handler and schemas
+ * - The wrapped handler has the standard (ctx, params) signature expected by the router
+ */
+type CreateSSERoute = <TState extends State = State, TServices extends Services = Services>() => <P = never, Q = never, E = never>(config: {
+    schema?: {
+        params?: P extends never ? never : P;
+        query?: Q extends never ? never : Q;
+        events?: E extends never ? never : E;
+    };
+    handler: SSERouteHandler<E extends Record<string, z.ZodType> ? TypedSSEStream<E> : SSEStreamExtended, P extends z.ZodType ? Infer<P> : Record<string, string>, Q extends z.ZodType ? Infer<Q> : QueryParams, TState, TServices>;
+    middleware?: Middleware[];
+    options?: Record<string, unknown>;
+}) => {
+    GET: {
+        handler: (ctx: any, params: any) => Promise<void>;
+        schema?: {
+            params?: P extends never ? undefined : P;
+            query?: Q extends never ? undefined : Q;
+        };
+        middleware?: Middleware[];
+        options?: Record<string, unknown>;
+    };
+    path: string;
+};
+/**
+ * Buffered event with metadata
+ */
+interface BufferedEvent {
+    id: string;
+    event: string;
+    data: unknown;
+    size: number;
+    timestamp: number;
+    correlationId: string;
+}
+/**
+ * Stream metrics for monitoring
+ */
+interface StreamMetrics {
+    eventsSent: number;
+    eventsDropped: number;
+    bytesWritten: number;
+    bufferHighWatermark: number;
+    lastEventTime: number;
+}
+
+/**
+ * SSE Client Types for BlaizeJS
+ * Location: packages/blaize-client/src/sse/types.ts
+ */
+
+/**
+ * Event handlers map
+ */
+interface EventHandlers {
+    [event: string]: Set<(data: any) => void>;
+}
+/**
+ * SSE connection configuration options
+ */
+interface SSEClientOptions {
+    headers?: Record<string, string>;
+    withCredentials?: boolean;
+    reconnect?: {
+        enabled: boolean;
+        maxAttempts?: number;
+        strategy?: ReconnectStrategy;
+        initialDelay?: number;
+    };
+    bufferMissedEvents?: boolean;
+    maxMissedEvents?: number;
+    heartbeatTimeout?: number;
+    parseJSON?: boolean;
+    /**
+     * Whether to wait for connection before resolving the promise.
+     * If false, returns the client immediately without waiting.
+     * Default: true
+     */
+    waitForConnection?: boolean;
+    /**
+     * Optional timeout for initial connection in milliseconds.
+     * If not set, no timeout is applied (relies on EventSource native timeout).
+     * Only applies if waitForConnection is true.
+     */
+    connectionTimeout?: number;
+}
+/**
+ * Metrics for SSE connection monitoring
+ */
+interface SSEClientMetrics {
+    eventsReceived: number;
+    bytesReceived: number;
+    connectionDuration: number;
+    reconnectAttempts: number;
+    lastEventId?: string;
+}
+/**
+ * Reconnection delay calculation strategy
+ */
+type ReconnectStrategy = (attempt: number) => number;
+/**
+ * SSE Client interface with type-safe event handling
+ */
+interface SSEClient<TEvents extends Record<string, unknown> = Record<string, unknown>> {
+    on<K extends keyof TEvents>(event: K & string, handler: (data: TEvents[K]) => void): void;
+    on(event: 'error', handler: (error: BlaizeError) => void): void;
+    on(event: 'open', handler: () => void): void;
+    on(event: 'close', handler: (event: CloseEvent) => void): void;
+    off<K extends keyof TEvents>(event: K & string, handler?: (data: TEvents[K]) => void): void;
+    off(event: 'error', handler?: (error: BlaizeError) => void): void;
+    off(event: 'open', handler?: () => void): void;
+    off(event: 'close', handler?: (event: CloseEvent) => void): void;
+    once<K extends keyof TEvents>(event: K & string, handler: (data: TEvents[K]) => void): void;
+    once(event: 'error', handler: (error: BlaizeError) => void): void;
+    once(event: 'open', handler: () => void): void;
+    once(event: 'close', handler: (event: CloseEvent) => void): void;
+    close(): void;
+    readonly state: SSEConnectionState;
+    readonly metrics: SSEClientMetrics;
+    readonly lastEventId?: string;
+}
+/**
+ * Close event for SSE connections
+ */
+interface CloseEvent {
+    reconnect: boolean;
+    reason?: string;
+}
+/**
+ * Internal SSE connection factory
+ * Returns a Promise that resolves to an SSEClient instance
+ */
+type SSEConnectionFactory<TEvents extends Record<string, unknown> = Record<string, unknown>> = (options?: SSEClientOptions) => Promise<SSEClient<TEvents>>;
+
+type ExtractMethod<T> = T extends {
+    GET: any;
+} ? 'GET' : T extends {
+    POST: any;
+} ? 'POST' : T extends {
+    PUT: any;
+} ? 'PUT' : T extends {
+    DELETE: any;
+} ? 'DELETE' : T extends {
+    PATCH: any;
+} ? 'PATCH' : T extends {
+    HEAD: any;
+} ? 'HEAD' : T extends {
+    OPTIONS: any;
+} ? 'OPTIONS' : never;
+type BuildRoutesRegistry<TRoutes extends Record<string, any>> = {
+    [Method in ExtractMethod<TRoutes[keyof TRoutes]> as `$${Lowercase<Method>}`]: {
+        [K in keyof TRoutes as ExtractMethod<TRoutes[K]> extends Method ? K : never]: TRoutes[K];
+    };
+};
+type GetRouteMethodOptions<TRoute> = TRoute extends {
+    GET: infer M;
+} ? M : TRoute extends {
+    POST: infer M;
+} ? M : TRoute extends {
+    PUT: infer M;
+} ? M : TRoute extends {
+    DELETE: infer M;
+} ? M : TRoute extends {
+    PATCH: infer M;
+} ? M : TRoute extends {
+    HEAD: infer M;
+} ? M : TRoute extends {
+    OPTIONS: infer M;
+} ? M : never;
+type IsNever$1<T> = [T] extends [never] ? true : false;
+type BuildArgsObject<P, Q, B> = (IsNever$1<P> extends true ? {} : {
+    params: Infer<P>;
+}) & (IsNever$1<Q> extends true ? {} : {
+    query: Infer<Q>;
+}) & (IsNever$1<B> extends true ? {} : {
+    body: Infer<B>;
+});
+type IsEmptyObject<T> = keyof T extends never ? true : false;
+type BuildArgs<P, Q, B> = IsEmptyObject<BuildArgsObject<P, Q, B>> extends true ? void : BuildArgsObject<P, Q, B>;
+type CreateClientMethod<TRoute> = GetRouteMethodOptions<TRoute> extends RouteMethodOptions<infer P, infer Q, infer B, infer R> ? BuildArgs<P, Q, B> extends void ? () => Promise<R extends z.ZodType ? Infer<R> : unknown> : (args: BuildArgs<P, Q, B>) => Promise<R extends z.ZodType ? Infer<R> : unknown> : never;
+type CreateClient<TRoutes extends Record<string, Record<string, any>>> = {
+    [Method in keyof TRoutes]: {
+        [RouteName in keyof TRoutes[Method]]: CreateClientMethod<TRoutes[Method][RouteName]>;
+    };
+};
+interface ClientConfig {
+    baseUrl: string;
+    defaultHeaders?: Record<string, string>;
+    timeout?: number;
+    sse?: SSEClientOptions;
+}
+interface InternalRequestArgs {
+    params?: Record<string, any>;
+    query?: Record<string, any>;
+    body?: any;
+}
+interface RequestOptions {
+    method: string;
+    url: string;
+    headers: Record<string, string>;
+    body?: string;
+    timeout: number;
+}
+/**
+ * Detect if a route has SSE support
+ * SSE routes have a special 'SSE' method key
+ */
+type HasSSEMethod<TRoute> = TRoute extends {
+    SSE: any;
+} ? true : false;
+/**
+ * Extract SSE event types from route schema
+ */
+type ExtractSSEEvents<TRoute> = TRoute extends {
+    SSE: {
+        events?: infer E;
+    };
+} ? E extends z.ZodType ? z.infer<E> : Record<string, unknown> : Record<string, unknown>;
+/**
+ * Extract SSE query parameters from route
+ */
+type ExtractSSEQuery<TRoute> = TRoute extends {
+    SSE: {
+        schema?: {
+            query?: infer Q;
+        };
+    };
+} ? Q extends z.ZodType ? z.infer<Q> : Record<string, unknown> : never;
+/**
+ * Extract SSE params from route
+ */
+type ExtractSSEParams<TRoute> = TRoute extends {
+    SSE: {
+        schema?: {
+            params?: infer P;
+        };
+    };
+} ? P extends z.ZodType ? z.infer<P> : Record<string, string> : never;
+/**
+ * Build SSE method arguments
+ */
+type BuildSSEArgs<TRoute> = ExtractSSEParams<TRoute> extends never ? ExtractSSEQuery<TRoute> extends never ? {
+    options?: SSEClientOptions;
+} : {
+    query: ExtractSSEQuery<TRoute>;
+    options?: SSEClientOptions;
+} : ExtractSSEQuery<TRoute> extends never ? {
+    params: ExtractSSEParams<TRoute>;
+    options?: SSEClientOptions;
+} : {
+    params: ExtractSSEParams<TRoute>;
+    query: ExtractSSEQuery<TRoute>;
+    options?: SSEClientOptions;
+};
+/**
+ * Create SSE client method
+ */
+type CreateSSEMethod<TRoute> = HasSSEMethod<TRoute> extends true ? BuildSSEArgs<TRoute> extends {
+    options?: SSEClientOptions;
+} ? (args?: BuildSSEArgs<TRoute>) => Promise<SSEClient<ExtractSSEEvents<TRoute>>> : (args: BuildSSEArgs<TRoute>) => Promise<SSEClient<ExtractSSEEvents<TRoute>>> : never;
+/**
+ * Extract SSE routes from registry
+ */
+type ExtractSSERoutes<TRoutes extends Record<string, any>> = {
+    [K in keyof TRoutes as HasSSEMethod<TRoutes[K]> extends true ? K : never]: TRoutes[K];
+};
+/**
+ * Enhanced client with SSE support
+ */
+type CreateEnhancedClient<TRoutes extends Record<string, any>, TRegistry> = TRegistry & {
+    $sse: {
+        [K in keyof ExtractSSERoutes<TRoutes>]: CreateSSEMethod<TRoutes[K]>;
+    };
+};
+
+/**
+ * CORS Types for BlaizeJS Framework
+ *
+ * Comprehensive type definitions for W3C-compliant CORS middleware
+ * with support for string, regex, and async function origin validation.
+ *
+ * @module @blaizejs/types/cors
+ */
+
+/**
+ * Origin configuration type supporting multiple validation methods
+ *
+ * @example
+ * ```typescript
+ * // String origin (exact match)
+ * const origin: CorsOrigin = 'https://example.com';
+ *
+ * // RegExp pattern
+ * const origin: CorsOrigin = /^https:\/\/.*\.example\.com$/;
+ *
+ * // Dynamic validation function
+ * const origin: CorsOrigin = async (origin, ctx) => {
+ *   return await checkOriginAllowed(origin, ctx?.state.user);
+ * };
+ *
+ * // Array of mixed types
+ * const origin: CorsOrigin = [
+ *   'https://localhost:3000',
+ *   /^https:\/\/.*\.example\.com$/,
+ *   (origin) => origin.endsWith('.trusted.com')
+ * ];
+ * ```
+ */
+type CorsOrigin = string | RegExp | ((origin: string, ctx?: Context<any, any>) => boolean | Promise<boolean>) | Array<string | RegExp | ((origin: string, ctx?: Context<any, any>) => boolean | Promise<boolean>)>;
+/**
+ * HTTP methods that can be allowed in CORS
+ * Based on W3C CORS specification
+ */
+type CorsHttpMethod = HttpMethod | 'CONNECT' | 'TRACE';
+/**
+ * Main CORS configuration options
+ *
+ * @example
+ * ```typescript
+ * const corsOptions: CorsOptions = {
+ *   origin: 'https://example.com',
+ *   methods: ['GET', 'POST'],
+ *   credentials: true,
+ *   maxAge: 86400
+ * };
+ * ```
+ */
+interface CorsOptions {
+    /**
+     * Configures the Access-Control-Allow-Origin header
+     *
+     * Possible values:
+     * - `true`: Allow all origins (sets to '*' unless credentials is true, then reflects origin)
+     * - `false`: Disable CORS (no headers set)
+     * - `string`: Specific origin to allow
+     * - `RegExp`: Pattern to match origins
+     * - `function`: Custom validation logic
+     * - `array`: Multiple origin configurations
+     *
+     * @default false
+     */
+    origin?: boolean | CorsOrigin;
+    /**
+     * Configures the Access-Control-Allow-Methods header
+     *
+     * @default ['GET', 'HEAD', 'PUT', 'PATCH', 'POST', 'DELETE']
+     * @example ['GET', 'POST']
+     */
+    methods?: CorsHttpMethod[] | string;
+    /**
+     * Configures the Access-Control-Allow-Headers header
+     *
+     * Pass an array of allowed headers or a comma-delimited string.
+     *
+     * @default Request's Access-Control-Request-Headers header value
+     * @example ['Content-Type', 'Authorization']
+     */
+    allowedHeaders?: string[] | string;
+    /**
+     * Configures the Access-Control-Expose-Headers header
+     *
+     * Headers that the browser is allowed to access.
+     *
+     * @default []
+     * @example ['Content-Range', 'X-Content-Range']
+     */
+    exposedHeaders?: string[] | string;
+    /**
+     * Configures the Access-Control-Allow-Credentials header
+     *
+     * Set to true to allow credentials (cookies, authorization headers, TLS client certificates).
+     * Note: Cannot be used with origin: '*' for security reasons.
+     *
+     * @default false
+     */
+    credentials?: boolean;
+    /**
+     * Configures the Access-Control-Max-Age header in seconds
+     *
+     * Indicates how long browsers can cache preflight response.
+     * Set to -1 to disable caching.
+     *
+     * @default undefined (browser decides)
+     * @example 86400 // 24 hours
+     */
+    maxAge?: number;
+    /**
+     * Whether to pass the CORS preflight response to the next handler
+     *
+     * When false, the preflight response is sent immediately.
+     * When true, control passes to the next middleware/handler.
+     *
+     * @default false
+     */
+    preflightContinue?: boolean;
+    /**
+     * HTTP status code for successful OPTIONS requests
+     *
+     * Some legacy browsers require 200, while 204 is more correct.
+     *
+     * @default 204
+     */
+    optionsSuccessStatus?: number;
+}
+/**
+ * Internal CORS validation result
+ * Used by middleware implementation
+ */
+interface CorsValidationResult {
+    /**
+     * Whether the origin is allowed
+     */
+    allowed: boolean;
+    /**
+     * The origin value to set in the header
+     * Can be '*', specific origin, or 'null'
+     */
+    origin?: string;
+    /**
+     * Whether to add Vary: Origin header
+     */
+    vary?: boolean;
+}
+/**
+ * CORS preflight request information
+ * Extracted from OPTIONS request headers
+ */
+interface CorsPreflightInfo {
+    /**
+     * The origin making the request
+     */
+    origin?: string;
+    /**
+     * The method that will be used in the actual request
+     * From Access-Control-Request-Method header
+     */
+    requestedMethod?: string;
+    /**
+     * The headers that will be sent in the actual request
+     * From Access-Control-Request-Headers header
+     */
+    requestedHeaders?: string[];
+}
+/**
+ * Cache entry for origin validation results
+ * Used for performance optimization
+ */
+interface CorsOriginCacheEntry {
+    /**
+     * Whether the origin is allowed
+     */
+    allowed: boolean;
+    /**
+     * When this cache entry expires (timestamp)
+     */
+    expiresAt: number;
+    /**
+     * Optional user identifier for cache key
+     */
+    userId?: string;
+}
+/**
+ * Configuration for CORS origin validation cache
+ */
+interface CorsOriginCacheConfig {
+    /**
+     * Time-to-live for cache entries in milliseconds
+     * @default 60000 (1 minute)
+     */
+    ttl?: number;
+    /**
+     * Maximum number of entries in the cache
+     * @default 1000
+     */
+    maxSize?: number;
+    /**
+     * Whether to include user ID in cache key
+     * @default true
+     */
+    includeUserId?: boolean;
+}
+/**
+ * Statistics for CORS middleware performance monitoring
+ */
+interface CorsStats {
+    /**
+     * Total number of CORS requests processed
+     */
+    totalRequests: number;
+    /**
+     * Number of preflight requests handled
+     */
+    preflightRequests: number;
+    /**
+     * Number of allowed origins
+     */
+    allowedOrigins: number;
+    /**
+     * Number of denied origins
+     */
+    deniedOrigins: number;
+    /**
+     * Cache hit rate for origin validation
+     */
+    cacheHitRate: number;
+    /**
+     * Average origin validation time in milliseconds
+     */
+    avgValidationTime: number;
+}
+/**
+ * Cache entry type
+ */
+interface CacheEntry {
+    allowed: boolean;
+    expiresAt: number;
+    lastAccessed: number;
+}
+/**
+ * Cache configuration
+ */
+interface CacheConfig {
+    ttl: number;
+    maxSize: number;
+}
+
+/**
+ * BlaizeJS Server Module - Enhanced with Correlation Configuration
+ *
+ * Provides the core HTTP/2 server implementation with HTTP/1.1 fallback
+ * and correlation ID tracking configuration.
+ */
+
+type UnknownServer = Server<Record<string, unknown>, Record<string, unknown>>;
+interface Http2Options {
+    enabled?: boolean | undefined;
+    keyFile?: string | undefined;
+    certFile?: string | undefined;
+}
+interface StartOptions {
+    port?: number;
+    host?: string;
+}
+interface StopOptions {
+    timeout?: number;
+    plugins?: Plugin[];
+    onStopping?: () => Promise<void> | void;
+    onStopped?: () => Promise<void> | void;
+}
+/**
+ * Correlation ID configuration options
+ */
+interface CorrelationOptions {
+    /**
+     * The HTTP header name to use for correlation IDs
+     * @default 'x-correlation-id'
+     */
+    headerName?: string;
+    /**
+     * Custom correlation ID generator function
+     * @default () => `req_${timestamp}_${random}`
+     */
+    generator?: () => string;
+}
+/**
+ * Server options for configuring the BlaizeJS server
+ */
+interface ServerOptionsInput {
+    /** Port to listen on (default: 3000) */
+    port?: number;
+    /** Host to bind to (default: localhost) */
+    host?: string;
+    /** Directory containing route files (default: ./routes) */
+    routesDir?: string;
+    /** HTTP/2 options */
+    http2?: {
+        /** Enable HTTP/2 (default: true) */
+        enabled?: boolean | undefined;
+        /** Path to key file for HTTPS/HTTP2 */
+        keyFile?: string | undefined;
+        /** Path to certificate file for HTTPS/HTTP2 */
+        certFile?: string | undefined;
+    };
+    /** Global middleware to apply to all routes */
+    middleware?: Middleware[];
+    /** Plugins to register */
+    plugins?: Plugin[];
+    /**
+     * Correlation ID configuration
+     * @since 0.4.0
+     */
+    correlation?: CorrelationOptions;
+    /**
+     * CORS configuration
+     *
+     * - `true`: Enable CORS with development defaults (allow all origins)
+     * - `false`: Disable CORS (no headers set)
+     * - `CorsOptions`: Custom CORS configuration
+     *
+     * @default false (CORS disabled)
+     * @since 0.5.0
+     *
+     * @example
+     * ```typescript
+     * // Enable with dev defaults
+     * const server = createServer({ cors: true });
+     *
+     * // Custom configuration
+     * const server = createServer({
+     *   cors: {
+     *     origin: 'https://example.com',
+     *     credentials: true,
+     *     maxAge: 86400
+     *   }
+     * });
+     *
+     * // Disable CORS
+     * const server = createServer({ cors: false });
+     * ```
+     */
+    cors?: CorsOptions | boolean;
+    bodyLimits?: Partial<BodyLimits>;
+    /**
+     * Logger configuration
+     *
+     * Controls logging behavior including log levels, transports,
+     * redaction, and request lifecycle logging.
+     *
+     * @default Development: ConsoleTransport with debug level
+     * @default Production: JSONTransport with info level
+     * @since 0.4.0
+     *
+     * @example Development Configuration
+     * ```typescript
+     * import { createServer } from 'blaizejs';
+     *
+     * const server = createServer({
+     *   port: 3000,
+     *   logging: {
+     *     level: 'debug',
+     *     includeTimestamp: true,
+     *     requestLogging: true
+     *   }
+     * });
+     * ```
+     *
+     * @example Production Configuration
+     * ```typescript
+     * import { createServer, JSONTransport } from 'blaizejs';
+     *
+     * const server = createServer({
+     *   port: 3000,
+     *   logging: {
+     *     level: 'info',
+     *     transport: new JSONTransport(),
+     *     redactKeys: ['password', 'apiKey', 'secret'],
+     *     requestLogging: true
+     *   }
+     * });
+     * ```
+     */
+    logging?: LoggerConfig;
+}
+/**
+ * Configuration for a BlaizeJS server
+ */
+interface ServerOptions {
+    /** Port to listen on (default: 3000) */
+    port: number;
+    /** Host to bind to (default: localhost) */
+    host: string;
+    /** Directory containing route files (default: ./routes) */
+    routesDir: string;
+    /** HTTP/2 options */
+    http2?: {
+        /** Enable HTTP/2 (default: true) */
+        enabled?: boolean | undefined;
+        /** Path to key file for HTTPS/HTTP2 */
+        keyFile?: string | undefined;
+        /** Path to certificate file for HTTPS/HTTP2 */
+        certFile?: string | undefined;
+    };
+    /** Global middleware to apply to all routes */
+    middleware?: Middleware[];
+    /** Plugins to register */
+    plugins?: Plugin[];
+    /**
+     * Correlation ID configuration
+     * @since 0.4.0
+     */
+    correlation?: CorrelationOptions;
+    /**
+     * CORS configuration
+     * @since 0.5.0
+     */
+    cors?: CorsOptions | boolean;
+    /** Body size limits for incoming requests */
+    bodyLimits: BodyLimits;
+    /** Logger configuration */
+    logging?: LoggerConfig;
+}
+/**
+ * BlaizeJS Server instance with generic type accumulation
+ *
+ * @template TState - The accumulated state type from middleware
+ * @template TServices - The accumulated services type from middleware and plugins
+ *
+ */
+interface Server<TState, TServices> {
+    /** The underlying HTTP or HTTP/2 server */
+    server: http.Server | http2.Http2Server | undefined;
+    /** The port the server is configured to listen on */
+    port: number;
+    /** CORS configuration for this server */
+    corsOptions?: CorsOptions | boolean;
+    /** Body size limits for incoming requests */
+    bodyLimits: BodyLimits;
+    /** The host the server is bound to */
+    host: string;
+    events: EventEmitter;
+    /** Direct access to registered plugins */
+    plugins: Plugin[];
+    /** Direct access to registered plugins */
+    middleware: Middleware[];
+    /** Internal property for signal handlers */
+    _signalHandlers?: {
+        unregister: () => void;
+    };
+    /** Internal logger instance (for server use only) */
+    _logger: BlaizeLogger;
+    /** Start the server and listen for connections */
+    listen: (port?: number, host?: string) => Promise<Server<TState, TServices>>;
+    /** Stop the server */
+    close: (stopOptions?: StopOptions) => Promise<void>;
+    /**
+     * Add global middleware to the server
+     *
+     * @param middleware - Single middleware or array of middleware to add
+     * @returns New Server instance with accumulated types from the middleware
+     *
+     * @example
+     * ```typescript
+     * // Single middleware
+     * const serverWithAuth = server.use(authMiddleware);
+     * // serverWithAuth has type Server<{user: User}, {auth: AuthService}>
+     *
+     * // Array of middleware
+     * const serverWithMiddleware = server.use([authMiddleware, loggerMiddleware]);
+     * // serverWithMiddleware has type Server<{user, requestId}, {auth, logger}>
+     * ```
+     */
+    use<MS, MSvc>(middleware: Middleware<MS, MSvc>): Server<TState & MS, TServices & MSvc>;
+    use<MW extends readonly Middleware<any, any>[]>(middleware: MW): Server<TState & UnionToIntersection<ExtractMiddlewareState<MW[number]>>, TServices & UnionToIntersection<ExtractMiddlewareServices<MW[number]>>>;
+    /**
+     * Register a plugin with the server
+     *
+     * @param plugin - Single plugin or array of plugins to register
+     * @returns Promise resolving to new Server instance with accumulated types
+     *
+     * @example
+     * ```typescript
+     * // Single plugin
+     * const serverWithDb = await server.register(databasePlugin);
+     * // serverWithDb has type Server<{}, {db: DatabaseService}>
+     *
+     * // Array of plugins
+     * const serverWithPlugins = await server.register([dbPlugin, cachePlugin]);
+     * // serverWithPlugins has type Server<{}, {db, cache}>
+     * ```
+     */
+    register<PS, PSvc>(plugin: Plugin<PS, PSvc>): Promise<Server<TState & PS, TServices & PSvc>>;
+    register<P extends readonly Plugin<any, any>[]>(plugin: P): Promise<Server<TState & UnionToIntersection<ExtractPluginState<P[number]>>, TServices & UnionToIntersection<ExtractPluginServices<P[number]>>>>;
+    /** Access to the routing system */
+    router: Router;
+    /** Context storage system */
+    context: AsyncLocalStorage<Context>;
+    pluginManager: PluginLifecycleManager;
+}
+type RequestHandler = (req: http.IncomingMessage | http2.Http2ServerRequest, res: http.ServerResponse | http2.Http2ServerResponse) => Promise<void>;
+
+/**
+ * BlaizeJS Plugin Module
+ *
+ * Provides the plugin system for extending framework functionality.
  */
-type SSEConnectionState = 'connecting' | 'connected' | 'disconnected' | 'closed';
+
 /**
- * SSE stream interface for managing server-sent events
- *
- * @example
- * ```typescript
- * const stream: SSEStream = createSSEStream(response);
- *
- * // Send typed event
- * stream.send('notification', { type: 'info', message: 'Update available' });
- *
- * // Send error event
- * stream.sendError(new Error('Processing failed'));
- *
- * // Clean up on close
- * stream.onClose(() => {
- *   console.log('Client disconnected');
- * });
+ * Plugin options
+ */
+interface PluginOptions<_T = any> {
+    /** Plugin configuration */
+    [key: string]: any;
+}
+/**
+ * Plugin lifecycle hooks with full type safety
  *
- * // Close stream
- * stream.close();
- * ```
+ * Plugins execute in this order:
+ * 1. register() - Add middleware, routes
+ * 2. initialize() - Create resources
+ * 3. onServerStart() - Start background work
+ * 4. onServerStop() - Stop background work
+ * 5. terminate() - Cleanup resources
  */
-interface SSEStream {
-    /**
-     * Send an event with typed data to the client
-     * @template T - Type of the data payload
-     * @param event - Event name/type
-     * @param data - Event data payload
-     */
-    send<T>(event: string, data: T): void;
-    /**
-     * Send an error event to the client
-     * @param error - Error object to send
-     */
-    sendError(error: Error): void;
+interface PluginHooks<TState = {}, TServices = {}> {
     /**
-     * Close the SSE stream connection
+     * Called when plugin is registered to server
+     *
+     * Use this hook to:
+     * - Add middleware via server.use()
+     * - Add routes via server.router.addRoute()
+     * - Subscribe to server events
+     *
+     * @param server - BlaizeJS server instance
+     * @example
+     * ```typescript
+     * register: async (server) => {
+     *   server.use(createMiddleware({
+     *     handler: async (ctx, next) => {
+     *       ctx.services.db = db;
+     *       await next();
+     *     },
+     *   }));
+     * }
+     * ```
      */
-    close(): void;
+    register?: (server: Server<TState, TServices>) => void | Promise<void>;
     /**
-     * Register a callback for stream closure
-     * @param cb - Callback function to execute on close
+     * Called during server initialization
+     *
+     * Use this hook to:
+     * - Create database connections
+     * - Initialize services
+     * - Allocate resources
+     *
+     * @example
+     * ```typescript
+     * initialize: async () => {
+     *   db = await Database.connect(config);
+     * }
+     * ```
      */
-    onClose(cb: () => void): void;
-}
-/**
- * Extended SSE stream with additional control methods
- */
-interface SSEStreamExtended extends SSEStream {
-    readonly id: string;
-    [Symbol.asyncIterator](): AsyncGenerator<BufferedEvent, void, unknown>;
-    /** Current connection state */
-    readonly state: SSEConnectionState;
-    /** Number of events in the buffer */
-    readonly bufferSize: number;
-    /** Check if stream is writable */
-    readonly isWritable: boolean;
+    initialize?: (server: Server<TState, TServices>) => void | Promise<void>;
     /**
-     * Ping the client to keep connection alive
-     * @param comment - Optional comment to include in ping
+     * Called when server starts listening
+     *
+     * Use this hook to:
+     * - Start background workers
+     * - Start cron jobs
+     * - Begin health checks
+     *
+     * @example
+     * ```typescript
+     * onServerStart: async () => {
+     *   worker = new BackgroundWorker();
+     *   await worker.start();
+     * }
+     * ```
      */
-    ping(comment?: string): void;
+    onServerStart?: (server: Http2Server | Server$1) => void | Promise<void>;
     /**
-     * Set retry interval for client reconnection
-     * @param milliseconds - Retry interval in milliseconds
+     * Called when server stops listening
+     *
+     * Use this hook to:
+     * - Stop background workers
+     * - Flush buffers
+     * - Complete in-flight work
+     *
+     * @example
+     * ```typescript
+     * onServerStop: async () => {
+     *   await worker.stop({ graceful: true });
+     * }
+     * ```
      */
-    setRetry(milliseconds: number): void;
+    onServerStop?: (server: Http2Server | Server$1) => void | Promise<void>;
     /**
-     * Flush any buffered events immediately
+     * Called during server termination
+     *
+     * Use this hook to:
+     * - Close database connections
+     * - Release file handles
+     * - Free memory
+     *
+     * @example
+     * ```typescript
+     * terminate: async () => {
+     *   await db?.close();
+     * }
+     * ```
      */
-    flush(): void;
-    getMetrics(): StreamMetrics;
-}
-/**
- * SSE event serialization format
- */
-interface SSESerializedEvent {
-    /** Event ID field */
-    id?: string;
-    /** Event type field */
-    event?: string;
-    /** Data field (can be multi-line) */
-    data: string;
-    /** Retry field */
-    retry?: number;
-    /** Comment field for keep-alive */
-    comment?: string;
-}
-/**
- * SSE event handler function type
- * @template T - Type of the event data
- */
-type SSEEventHandler<T = unknown> = (event: SSEEvent<T>) => void | Promise<void>;
-/**
- * SSE event listener registration
- */
-interface SSEEventListener {
-    /** Event type to listen for (use '*' for all events) */
-    event: string;
-    /** Handler function for the event */
-    handler: SSEEventHandler;
-    /** Optional listener identifier for removal */
-    id?: string;
-}
-/**
- * SSE metrics for monitoring stream performance
- */
-interface SSEMetrics {
-    /** Total number of events sent */
-    eventsSent: number;
-    /** Total number of events dropped */
-    eventsDropped: number;
-    /** Current number of connected clients */
-    activeConnections: number;
-    /** Total bytes sent */
-    bytesSent: number;
-    /** Average event send latency in milliseconds */
-    averageLatency: number;
-    /** Connection duration in milliseconds */
-    connectionDuration: number;
+    terminate?: (server: Server<TState, TServices>) => void | Promise<void>;
 }
 /**
- * SSE stream manager for handling multiple clients
+ * Options for creating a plugin with createPlugin()
+ *
+ * @template TConfig - Plugin configuration shape
+ * @template TState - State added to context
+ * @template TServices - Services added to context
  */
-interface SSEStreamManager {
-    /**
-     * Create a new SSE stream for a client
-     * @param clientId - Unique identifier for the client
-     * @param options - Stream configuration options
-     */
-    createStream(clientId: string, options?: SSEOptions): SSEStream;
+interface CreatePluginOptions<TConfig, TState = {}, TServices = {}> {
     /**
-     * Get an existing stream by client ID
-     * @param clientId - Client identifier
+     * Plugin name (e.g., '@blaizejs/metrics')
+     * Must be unique within a server instance
      */
-    getStream(clientId: string): SSEStream | undefined;
+    name: string;
     /**
-     * Broadcast an event to all connected clients
-     * @template T - Type of the event data
-     * @param event - Event name
-     * @param data - Event data
+     * Semantic version (e.g., '1.0.0')
+     * Used for compatibility checks
      */
-    broadcast<T>(event: string, data: T): void;
+    version: string;
     /**
-     * Broadcast to specific clients
-     * @template T - Type of the event data
-     * @param clientIds - Array of client IDs
-     * @param event - Event name
-     * @param data - Event data
+     * Default configuration values
+     * Merged with user config when plugin is created
+     *
+     * @example
+     * ```typescript
+     * defaultConfig: {
+     *   enabled: true,
+     *   timeout: 30000,
+     * }
+     * ```
      */
-    multicast<T>(clientIds: string[], event: string, data: T): void;
+    defaultConfig?: TConfig;
     /**
-     * Close a specific client stream
-     * @param clientId - Client identifier
+     * Setup function that returns lifecycle hooks
+     *
+     * Receives merged config (defaultConfig + userConfig).
+     * Returns partial hook object - all hooks optional.
+     *
+     * @param config - Merged configuration
+     * @returns Partial plugin hooks
+     *
+     * @example
+     * ```typescript
+     * setup: (config) => {
+     *   let db: Database;
+     *
+     *   return {
+     *     initialize: async () => {
+     *       db = await Database.connect(config);
+     *     },
+     *     terminate: async () => {
+     *       await db?.close();
+     *     },
+     *   };
+     * }
+     * ```
      */
-    closeStream(clientId: string): void;
+    setup: (config: TConfig, logger: BlaizeLogger) => Partial<PluginHooks<TState, TServices>>;
+}
+/**
+ * Plugin interface
+ */
+interface Plugin<TState = {}, TServices = {}> extends PluginHooks<TState, TServices> {
+    /** Plugin name */
+    name: string;
+    /** Plugin version */
+    version: string;
     /**
-     * Close all active streams
+     * Called when plugin is registered to server
+     *
+     * This hook is always present - createPlugin provides a default empty async function
+     * if not specified by the plugin author.
+     *
+     * @override Makes register required (not optional like in PluginHooks)
      */
-    closeAll(): void;
+    register: (server: Server<TState, TServices>) => void | Promise<void>;
     /**
-     * Get metrics for all streams
+     * Type carriers for compile-time type information
+     * These are never used at runtime but allow TypeScript to track types
      */
-    getMetrics(): SSEMetrics;
+    _state?: TState;
+    _services?: TServices;
 }
 /**
- * Result type for operations that can fail
+ * Plugin factory function
  */
-type RegistryResult<T> = {
-    success: true;
-    value: T;
-} | {
-    success: false;
-    error: string;
-};
+type PluginFactory<TConfig = any, TState = {}, TServices = {}> = (options?: Partial<TConfig>) => Plugin<TState, TServices>;
+interface PluginLifecycleManager {
+    initializePlugins(server: Server<any, any>): Promise<void>;
+    terminatePlugins(server: Server<any, any>): Promise<void>;
+    onServerStart(server: Server<any, any>, httpServer: any): Promise<void>;
+    onServerStop(server: Server<any, any>, httpServer: any): Promise<void>;
+}
+interface PluginLifecycleOptions {
+    /** Continue initialization even if a plugin fails */
+    continueOnError?: boolean;
+    /** Custom error handler for plugin failures */
+    onError?: (plugin: Plugin, phase: string, error: Error) => void;
+}
+
 /**
- * Connection metadata stored in the registry
+ * Type composition utilities for extracting and composing middleware type contributions
+ * @module composition
+ * @since v0.4.0
  */
-interface ConnectionEntry {
-    stream: SSEStream;
-    connectedAt: number;
-    lastActivity: number;
-    clientIp?: string;
-    userAgent?: string;
-}
+
 /**
- * Internal connection registry interface
+ * Extracts the State type contribution from a middleware
+ * @template T - The middleware type to extract from
+ * @returns The state type if present, empty object otherwise
  */
-interface ConnectionRegistry {
-    /** Add a new connection to the registry */
-    add: (id: string, stream: SSEStream, metadata?: {
-        clientIp?: string;
-        userAgent?: string;
-    }) => void;
-    /** Remove a connection from the registry */
-    remove: (id: string) => void;
-    /** Get current connection count */
-    count: () => number;
-    /** Clean up inactive or closed connections */
-    cleanup: () => void;
-    /** Get connection by ID (for internal use) */
-    get: (id: string) => SSEStream | undefined;
-    /** Check if a connection exists */
-    has: (id: string) => boolean;
-    /** Get all connection IDs */
-    getIds: () => string[];
-    /** Shutdown the registry and close all connections */
-    shutdown: () => void;
-}
+type ExtractMiddlewareState<T> = T extends Middleware<infer S, any> ? S : {};
 /**
- * Extended stream interface for typed events
+ * Extracts the State type contribution from a plugin
+ * @template T - The plugin type to extract from
+ * @returns The state type if present, empty object otherwise
  */
-interface TypedSSEStream<TEvents extends Record<string, z.ZodType>> extends SSEStreamExtended {
-    send<K extends keyof TEvents>(event: K & string, data: z.infer<TEvents[K]>): void;
-}
+type ExtractPluginState<T> = T extends Plugin<infer S, any> ? S : {};
 /**
- * Schema for SSE route validation with generic type parameters
+ * Extracts the Services type contribution from a middleware
+ * @template T - The middleware type to extract from
+ * @returns The services type if present, empty object otherwise
  */
-interface SSERouteSchema<P extends z.ZodType = z.ZodType<any>, Q extends z.ZodType = z.ZodType<any>, E = any> {
-    /** Parameter schema for validation */
-    params?: P;
-    /** Query schema for validation */
-    query?: Q;
-    /** Events schema for validation (SSE-specific, replaces response) */
-    events?: E;
-}
+type ExtractMiddlewareServices<T> = T extends Middleware<any, infer S> ? S : {};
 /**
- * SSE route handler function with stream as first parameter
- * This is the user-facing API - they write handlers with this signature
+ * Extracts the Services type contribution from a plugin
+ * @template T - The plugin type to extract from
+ * @returns The services type if present, empty object otherwise
  */
-type SSERouteHandler<TStream extends SSEStreamExtended = SSEStreamExtended, TParams = Record<string, string>, TQuery = Record<string, string | string[] | undefined>, TState extends State = State, TServices extends Services = Services> = (stream: TStream, ctx: Context<TState, TServices, never, TQuery>, // SSE never has body
-params: TParams) => Promise<void> | void;
+type ExtractPluginServices<T> = T extends Plugin<any, infer S> ? S : {};
 /**
- * SSE route creator with state and services support
- * Returns a higher-order function to handle generics properly
+ * Utility type to convert a union type to an intersection type
+ * This is the magic that allows us to compose multiple middleware contributions
+ *
+ * @example
+ * type U = { a: string } | { b: number }
+ * type I = UnionToIntersection<U> // { a: string } & { b: number }
  *
- * The return type matches what the implementation actually returns:
- * - A route object with a GET property
- * - The GET property contains the wrapped handler and schemas
- * - The wrapped handler has the standard (ctx, params) signature expected by the router
  */
-type CreateSSERoute = <TState extends State = State, TServices extends Services = Services>() => <P = never, Q = never, E = never>(config: {
-    schema?: {
-        params?: P extends never ? never : P;
-        query?: Q extends never ? never : Q;
-        events?: E extends never ? never : E;
-    };
-    handler: SSERouteHandler<E extends Record<string, z.ZodType> ? TypedSSEStream<E> : SSEStreamExtended, P extends z.ZodType ? Infer<P> : Record<string, string>, Q extends z.ZodType ? Infer<Q> : QueryParams, TState, TServices>;
-    middleware?: Middleware[];
-    options?: Record<string, unknown>;
-}) => {
-    GET: {
-        handler: (ctx: any, params: any) => Promise<void>;
-        schema?: {
-            params?: P extends never ? undefined : P;
-            query?: Q extends never ? undefined : Q;
-        };
-        middleware?: Middleware[];
-        options?: Record<string, unknown>;
-    };
-    path: string;
-};
+type UnionToIntersection<U> = (U extends any ? (k: U) => void : never) extends (k: infer I) => void ? I : never;
 /**
- * Buffered event with metadata
+ * Composes state contributions from an array of middleware
+ * Merges all state types into a single intersection type
+ *
+ * @template T - ReadonlyArray of Middleware
+ * @returns Intersection of all state contributions
+ *
+ * @example
+ * const middlewares = [authMiddleware, loggerMiddleware] as const;
+ * type ComposedState = ComposeStates<typeof middlewares>;
+ * // Result: { user: User } & { requestId: string }
  */
-interface BufferedEvent {
-    id: string;
-    event: string;
-    data: unknown;
-    size: number;
-    timestamp: number;
-    correlationId: string;
-}
+type ComposeMiddlewareStates<T extends ReadonlyArray<Middleware>> = T extends readonly [] ? {} : UnionToIntersection<ExtractMiddlewareState<T[number]>>;
 /**
- * Stream metrics for monitoring
+ * Composes state contributions from an array of plugins
+ * Merges all state types into a single intersection type
+ *
+ * @template T - ReadonlyArray of Plugin
+ * @returns Intersection of all state contributions
+ *
+ * @example
+ * const plugins = [authPlugin, dbPlugin] as const;
+ * type ComposedState = ComposePluginStates<typeof plugins>;
+ * // Result: { config: AuthConfig } & { dbConnected: boolean }
  */
-interface StreamMetrics {
-    eventsSent: number;
-    eventsDropped: number;
-    bytesWritten: number;
-    bufferHighWatermark: number;
-    lastEventTime: number;
-}
-
+type ComposePluginStates<T extends ReadonlyArray<Plugin<any, any>>> = T extends readonly [] ? {} : UnionToIntersection<ExtractPluginState<T[number]>>;
 /**
- * SSE Client Types for BlaizeJS
- * Location: packages/blaize-client/src/sse/types.ts
+ * Composes service contributions from an array of middleware
+ * Merges all service types into a single intersection type
+ *
+ * @template T - ReadonlyArray of Middleware
+ * @returns Intersection of all service contributions
+ *
+ * @example
+ * const middlewares = [dbMiddleware, cacheMiddleware] as const;
+ * type ComposedServices = ComposeServices<typeof middlewares>;
+ * // Result: { db: Database } & { cache: Cache }
+ */
+type ComposeMiddlewareServices<T extends ReadonlyArray<Middleware>> = T extends readonly [] ? {} : UnionToIntersection<ExtractMiddlewareServices<T[number]>>;
+/**
+ * Composes service contributions from an array of plugins
+ * Merges all service types into a single intersection type
+ *
+ * @template T - ReadonlyArray of Plugin
+ * @returns Intersection of all service contributions
+ *
+ * @example
+ * const plugins = [dbPlugin, cachePlugin] as const;
+ * type ComposedServices = ComposePluginServices<typeof plugins>;
+ * // Result: { db: Database } & { cache: Cache }
+ */
+type ComposePluginServices<T extends ReadonlyArray<Plugin<any, any>>> = T extends readonly [] ? {} : UnionToIntersection<ExtractPluginServices<T[number]>>;
+/**
+ * Safe version of ExtractState that handles edge cases
+ * @template T - The middleware type to extract from
+ * @returns The state type, handling never/any/unknown gracefully
+ */
+type SafeExtractMiddlewareState<T> = IsNever<T> extends true ? {} : IsAny<T> extends true ? {} : T extends Middleware<infer S, any> ? unknown extends S ? {} : S : {};
+/**
+ * Safe version of ExtractPluginState that handles edge cases
+ * @template T - The plugin type to extract from
+ * @returns The state type, handling never/any/unknown gracefully
  */
-
+type SafeExtractPluginState<T> = IsNever<T> extends true ? {} : IsAny<T> extends true ? {} : T extends Plugin<infer S, any> ? unknown extends S ? {} : S : {};
 /**
- * Event handlers map
+ * Safe version of ExtractServices that handles edge cases
+ * @template T - The middleware type to extract from
+ * @returns The services type, handling never/any/unknown gracefully
  */
-interface EventHandlers {
-    [event: string]: Set<(data: any) => void>;
-}
+type SafeExtractMiddlewareServices<T> = IsNever<T> extends true ? {} : IsAny<T> extends true ? {} : T extends Middleware<any, infer S> ? unknown extends S ? {} : S : {};
 /**
- * SSE connection configuration options
+ * Safe version of ExtractPluginServices that handles edge cases
+ * @template T - The plugin type to extract from
+ * @returns The services type, handling never/any/unknown gracefully
  */
-interface SSEClientOptions {
-    headers?: Record<string, string>;
-    withCredentials?: boolean;
-    reconnect?: {
-        enabled: boolean;
-        maxAttempts?: number;
-        strategy?: ReconnectStrategy;
-        initialDelay?: number;
-    };
-    bufferMissedEvents?: boolean;
-    maxMissedEvents?: number;
-    heartbeatTimeout?: number;
-    parseJSON?: boolean;
-    /**
-     * Whether to wait for connection before resolving the promise.
-     * If false, returns the client immediately without waiting.
-     * Default: true
-     */
-    waitForConnection?: boolean;
-    /**
-     * Optional timeout for initial connection in milliseconds.
-     * If not set, no timeout is applied (relies on EventSource native timeout).
-     * Only applies if waitForConnection is true.
-     */
-    connectionTimeout?: number;
-}
+type SafeExtractPluginServices<T> = IsNever<T> extends true ? {} : IsAny<T> extends true ? {} : T extends Plugin<any, infer S> ? unknown extends S ? {} : S : {};
 /**
- * Metrics for SSE connection monitoring
+ * Composes state with better edge case handling
+ * @template T - ReadonlyArray of Middleware
+ * @returns Safely composed state types
  */
-interface SSEClientMetrics {
-    eventsReceived: number;
-    bytesReceived: number;
-    connectionDuration: number;
-    reconnectAttempts: number;
-    lastEventId?: string;
-}
+type SafeComposeMiddlewareStates<T extends ReadonlyArray<Middleware>> = T extends readonly [] ? {} : T extends readonly [infer First, ...infer Rest] ? First extends Middleware ? Rest extends ReadonlyArray<Middleware> ? SafeExtractMiddlewareState<First> & SafeComposeMiddlewareStates<Rest> : SafeExtractMiddlewareState<First> : {} : UnionToIntersection<SafeExtractMiddlewareState<T[number]>>;
 /**
- * Reconnection delay calculation strategy
+ * Composes plugin state with better edge case handling
+ * @template T - ReadonlyArray of Plugin
+ * @returns Safely composed state types
  */
-type ReconnectStrategy = (attempt: number) => number;
+type SafeComposePluginStates<T extends ReadonlyArray<Plugin<any, any>>> = T extends readonly [] ? {} : T extends readonly [infer First, ...infer Rest] ? First extends Plugin<any, any> ? Rest extends ReadonlyArray<Plugin<any, any>> ? SafeExtractPluginState<First> & SafeComposePluginStates<Rest> : SafeExtractPluginState<First> : {} : UnionToIntersection<SafeExtractPluginState<T[number]>>;
 /**
- * SSE Client interface with type-safe event handling
+ * Composes services with better edge case handling
+ * @template T - ReadonlyArray of Middleware
+ * @returns Safely composed service types
  */
-interface SSEClient<TEvents extends Record<string, unknown> = Record<string, unknown>> {
-    on<K extends keyof TEvents>(event: K & string, handler: (data: TEvents[K]) => void): void;
-    on(event: 'error', handler: (error: BlaizeError) => void): void;
-    on(event: 'open', handler: () => void): void;
-    on(event: 'close', handler: (event: CloseEvent) => void): void;
-    off<K extends keyof TEvents>(event: K & string, handler?: (data: TEvents[K]) => void): void;
-    off(event: 'error', handler?: (error: BlaizeError) => void): void;
-    off(event: 'open', handler?: () => void): void;
-    off(event: 'close', handler?: (event: CloseEvent) => void): void;
-    once<K extends keyof TEvents>(event: K & string, handler: (data: TEvents[K]) => void): void;
-    once(event: 'error', handler: (error: BlaizeError) => void): void;
-    once(event: 'open', handler: () => void): void;
-    once(event: 'close', handler: (event: CloseEvent) => void): void;
-    close(): void;
-    readonly state: SSEConnectionState;
-    readonly metrics: SSEClientMetrics;
-    readonly lastEventId?: string;
-}
+type SafeComposeMiddlewareServices<T extends ReadonlyArray<Middleware>> = T extends readonly [] ? {} : T extends readonly [infer First, ...infer Rest] ? First extends Middleware ? Rest extends ReadonlyArray<Middleware> ? SafeExtractMiddlewareServices<First> & SafeComposeMiddlewareServices<Rest> : SafeExtractMiddlewareServices<First> : {} : UnionToIntersection<SafeExtractMiddlewareServices<T[number]>>;
 /**
- * Close event for SSE connections
+ * Composes plugin services with better edge case handling
+ * @template T - ReadonlyArray of Plugin
+ * @returns Safely composed service types
  */
-interface CloseEvent {
-    reconnect: boolean;
-    reason?: string;
-}
+type SafeComposePluginServices<T extends ReadonlyArray<Plugin<any, any>>> = T extends readonly [] ? {} : T extends readonly [infer First, ...infer Rest] ? First extends Plugin<any, any> ? Rest extends ReadonlyArray<Plugin<any, any>> ? SafeExtractPluginServices<First> & SafeComposePluginServices<Rest> : SafeExtractPluginServices<First> : {} : UnionToIntersection<SafeExtractPluginServices<T[number]>>;
 /**
- * Internal SSE connection factory
- * Returns a Promise that resolves to an SSEClient instance
+ * Utility to merge two state types
+ * Handles conflicts by using the rightmost (latest) type
+ *
+ * @template A - First state type
+ * @template B - Second state type
+ * @returns Merged state with B taking precedence
  */
-type SSEConnectionFactory<TEvents extends Record<string, unknown> = Record<string, unknown>> = (options?: SSEClientOptions) => Promise<SSEClient<TEvents>>;
-
-type ExtractMethod<T> = T extends {
-    GET: any;
-} ? 'GET' : T extends {
-    POST: any;
-} ? 'POST' : T extends {
-    PUT: any;
-} ? 'PUT' : T extends {
-    DELETE: any;
-} ? 'DELETE' : T extends {
-    PATCH: any;
-} ? 'PATCH' : T extends {
-    HEAD: any;
-} ? 'HEAD' : T extends {
-    OPTIONS: any;
-} ? 'OPTIONS' : never;
-type BuildRoutesRegistry<TRoutes extends Record<string, any>> = {
-    [Method in ExtractMethod<TRoutes[keyof TRoutes]> as `$${Lowercase<Method>}`]: {
-        [K in keyof TRoutes as ExtractMethod<TRoutes[K]> extends Method ? K : never]: TRoutes[K];
-    };
-};
-type GetRouteMethodOptions<TRoute> = TRoute extends {
-    GET: infer M;
-} ? M : TRoute extends {
-    POST: infer M;
-} ? M : TRoute extends {
-    PUT: infer M;
-} ? M : TRoute extends {
-    DELETE: infer M;
-} ? M : TRoute extends {
-    PATCH: infer M;
-} ? M : TRoute extends {
-    HEAD: infer M;
-} ? M : TRoute extends {
-    OPTIONS: infer M;
-} ? M : never;
-type IsNever$1<T> = [T] extends [never] ? true : false;
-type BuildArgsObject<P, Q, B> = (IsNever$1<P> extends true ? {} : {
-    params: Infer<P>;
-}) & (IsNever$1<Q> extends true ? {} : {
-    query: Infer<Q>;
-}) & (IsNever$1<B> extends true ? {} : {
-    body: Infer<B>;
-});
-type IsEmptyObject<T> = keyof T extends never ? true : false;
-type BuildArgs<P, Q, B> = IsEmptyObject<BuildArgsObject<P, Q, B>> extends true ? void : BuildArgsObject<P, Q, B>;
-type CreateClientMethod<TRoute> = GetRouteMethodOptions<TRoute> extends RouteMethodOptions<infer P, infer Q, infer B, infer R> ? BuildArgs<P, Q, B> extends void ? () => Promise<R extends z.ZodType ? Infer<R> : unknown> : (args: BuildArgs<P, Q, B>) => Promise<R extends z.ZodType ? Infer<R> : unknown> : never;
-type CreateClient<TRoutes extends Record<string, Record<string, any>>> = {
-    [Method in keyof TRoutes]: {
-        [RouteName in keyof TRoutes[Method]]: CreateClientMethod<TRoutes[Method][RouteName]>;
-    };
-};
-interface ClientConfig {
-    baseUrl: string;
-    defaultHeaders?: Record<string, string>;
-    timeout?: number;
-    sse?: SSEClientOptions;
-}
-interface InternalRequestArgs {
-    params?: Record<string, any>;
-    query?: Record<string, any>;
-    body?: any;
-}
-interface RequestOptions {
-    method: string;
-    url: string;
-    headers: Record<string, string>;
-    body?: string;
-    timeout: number;
-}
+type MergeStates<A, B> = Omit<A, keyof B> & B;
 /**
- * Detect if a route has SSE support
- * SSE routes have a special 'SSE' method key
+ * Utility to merge two service types
+ * Handles conflicts by using the rightmost (latest) type
+ *
+ * @template A - First services type
+ * @template B - Second services type
+ * @returns Merged services with B taking precedence
  */
-type HasSSEMethod<TRoute> = TRoute extends {
-    SSE: any;
-} ? true : false;
+type MergeServices<A, B> = Omit<A, keyof B> & B;
 /**
- * Extract SSE event types from route schema
+ * Extract both state and services from a middleware at once
+ * @template T - The middleware type
+ * @returns Object with state and services types
  */
-type ExtractSSEEvents<TRoute> = TRoute extends {
-    SSE: {
-        events?: infer E;
-    };
-} ? E extends z.ZodType ? z.infer<E> : Record<string, unknown> : Record<string, unknown>;
+type ExtractMiddlewareTypes<T> = {
+    state: ExtractMiddlewareState<T>;
+    services: ExtractMiddlewareServices<T>;
+};
 /**
- * Extract SSE query parameters from route
+ * Extract both state and services from a plugin at once
+ * @template T - The plugin type
+ * @returns Object with state and services types
  */
-type ExtractSSEQuery<TRoute> = TRoute extends {
-    SSE: {
-        schema?: {
-            query?: infer Q;
-        };
-    };
-} ? Q extends z.ZodType ? z.infer<Q> : Record<string, unknown> : never;
+type ExtractPluginTypes<T> = {
+    state: ExtractPluginState<T>;
+    services: ExtractPluginServices<T>;
+};
 /**
- * Extract SSE params from route
+ * Compose both state and services from middleware array at once
+ * @template T - ReadonlyArray of Middleware
+ * @returns Object with composed state and services
  */
-type ExtractSSEParams<TRoute> = TRoute extends {
-    SSE: {
-        schema?: {
-            params?: infer P;
-        };
-    };
-} ? P extends z.ZodType ? z.infer<P> : Record<string, string> : never;
+type ComposeMiddlewareTypes<T extends ReadonlyArray<Middleware>> = {
+    state: ComposeMiddlewareStates<T>;
+    services: ComposeMiddlewareServices<T>;
+};
 /**
- * Build SSE method arguments
+ * Compose both state and services from plugin array at once
+ * @template T - ReadonlyArray of Plugin
+ * @returns Object with composed state and services
  */
-type BuildSSEArgs<TRoute> = ExtractSSEParams<TRoute> extends never ? ExtractSSEQuery<TRoute> extends never ? {
-    options?: SSEClientOptions;
-} : {
-    query: ExtractSSEQuery<TRoute>;
-    options?: SSEClientOptions;
-} : ExtractSSEQuery<TRoute> extends never ? {
-    params: ExtractSSEParams<TRoute>;
-    options?: SSEClientOptions;
-} : {
-    params: ExtractSSEParams<TRoute>;
-    query: ExtractSSEQuery<TRoute>;
-    options?: SSEClientOptions;
+type ComposePluginTypes<T extends ReadonlyArray<Plugin<any, any>>> = {
+    state: ComposePluginStates<T>;
+    services: ComposePluginServices<T>;
 };
 /**
- * Create SSE client method
+ * Type guard to check if a value is a Middleware
+ * @param value - Value to check
+ * @returns True if value is a Middleware
+ */
+declare function isMiddleware(value: unknown): value is Middleware;
+/**
+ * Type guard to check if a value is a Plugin
+ * @param value - Value to check
+ * @returns True if value is a Plugin
+ */
+declare function isPlugin(value: unknown): value is Plugin;
+/**
+ * Type helper for middleware arrays
+ * Ensures proper readonly array typing for composition
+ *
+ * @example
+ * const middlewares = asMiddlewareArray([auth, logger, cache]);
+ * type State = ComposeStates<typeof middlewares>;
  */
-type CreateSSEMethod<TRoute> = HasSSEMethod<TRoute> extends true ? BuildSSEArgs<TRoute> extends {
-    options?: SSEClientOptions;
-} ? (args?: BuildSSEArgs<TRoute>) => Promise<SSEClient<ExtractSSEEvents<TRoute>>> : (args: BuildSSEArgs<TRoute>) => Promise<SSEClient<ExtractSSEEvents<TRoute>>> : never;
+declare function asMiddlewareArray<T extends ReadonlyArray<Middleware>>(middlewares: T): T;
 /**
- * Extract SSE routes from registry
+ * Type helper for plugin arrays
+ * Ensures proper readonly array typing for composition
+ *
+ * @example
+ * const plugins = asPluginArray([dbPlugin, cachePlugin]);
+ * type Services = ComposePluginServices<typeof plugins>;
  */
-type ExtractSSERoutes<TRoutes extends Record<string, any>> = {
-    [K in keyof TRoutes as HasSSEMethod<TRoutes[K]> extends true ? K : never]: TRoutes[K];
-};
+declare function asPluginArray<T extends ReadonlyArray<Plugin<any, any>>>(plugins: T): T;
 /**
- * Enhanced client with SSE support
+ * Create a typed middleware array with inferred types
+ * Useful for getting proper const assertions
+ *
+ * @example
+ * const middlewares = createMiddlewareArray(auth, logger, cache);
+ * type State = ComposeStates<typeof middlewares>;
  */
-type CreateEnhancedClient<TRoutes extends Record<string, any>, TRegistry> = TRegistry & {
-    $sse: {
-        [K in keyof ExtractSSERoutes<TRoutes>]: CreateSSEMethod<TRoutes[K]>;
-    };
-};
-
+declare function createMiddlewareArray<T extends ReadonlyArray<Middleware>>(...middlewares: T): T;
 /**
- * BlaizeJS Server Module - Enhanced with Correlation Configuration
+ * Create a typed plugin array with inferred types
+ * Useful for getting proper const assertions
  *
- * Provides the core HTTP/2 server implementation with HTTP/1.1 fallback
- * and correlation ID tracking configuration.
+ * @example
+ * const plugins = createPluginArray(dbPlugin, cachePlugin);
+ * type Services = ComposePluginServices<typeof plugins>;
  */
+declare function createPluginArray<T extends ReadonlyArray<Plugin<any, any>>>(...plugins: T): T;
 
-type UnknownServer = Server<Record<string, unknown>, Record<string, unknown>>;
-interface Http2Options {
-    enabled?: boolean | undefined;
-    keyFile?: string | undefined;
-    certFile?: string | undefined;
-}
-interface StartOptions {
-    port?: number;
-    host?: string;
-}
-interface StopOptions {
-    timeout?: number;
-    plugins?: Plugin[];
-    onStopping?: () => Promise<void> | void;
-    onStopped?: () => Promise<void> | void;
-}
 /**
- * Correlation ID configuration options
+ * Console Transport for Development
+ *
+ * Pretty-prints logs with colors for human-readable development output.
+ * Uses Node.js built-in util.inspect for metadata formatting.
+ *
+ * @packageDocumentation
  */
-interface CorrelationOptions {
-    /**
-     * The HTTP header name to use for correlation IDs
-     * @default 'x-correlation-id'
-     */
-    headerName?: string;
-    /**
-     * Custom correlation ID generator function
-     * @default () => `req_${timestamp}_${random}`
-     */
-    generator?: () => string;
-}
+
 /**
- * Server options for configuring the BlaizeJS server
+ * Console transport for development logging
+ *
+ * Outputs colorized, human-readable logs to the console.
+ * Uses console.log/warn/error appropriately based on log level.
+ *
+ * Features:
+ * - Colorized log levels (debug=gray, info=blue, warn=yellow, error=red)
+ * - Pretty-printed metadata with util.inspect
+ * - Error objects automatically serialized with stack traces
+ * - Stateless - safe for concurrent logging
+ *
+ * @example
+ * ```typescript
+ * import { ConsoleTransport } from './transports';
+ *
+ * const transport = new ConsoleTransport();
+ *
+ * transport.write('info', 'User login', {
+ *   userId: '123',
+ *   method: 'oauth',
+ *   timestamp: '2025-10-20T15:30:00Z'
+ * });
+ *
+ * // Output:
+ * // [INFO] User login
+ * // {
+ * //   userId: '123',
+ * //   method: 'oauth',
+ * //   timestamp: '2025-10-20T15:30:00Z'
+ * // }
+ * ```
  */
-interface ServerOptionsInput {
-    /** Port to listen on (default: 3000) */
-    port?: number;
-    /** Host to bind to (default: localhost) */
-    host?: string;
-    /** Directory containing route files (default: ./routes) */
-    routesDir?: string;
-    /** HTTP/2 options */
-    http2?: {
-        /** Enable HTTP/2 (default: true) */
-        enabled?: boolean | undefined;
-        /** Path to key file for HTTPS/HTTP2 */
-        keyFile?: string | undefined;
-        /** Path to certificate file for HTTPS/HTTP2 */
-        certFile?: string | undefined;
-    };
-    /** Global middleware to apply to all routes */
-    middleware?: Middleware[];
-    /** Plugins to register */
-    plugins?: Plugin[];
-    /**
-     * Correlation ID configuration
-     * @since 0.4.0
-     */
-    correlation?: CorrelationOptions;
+declare class ConsoleTransport implements BlaizeLogTransport {
     /**
-     * CORS configuration
-     *
-     * - `true`: Enable CORS with development defaults (allow all origins)
-     * - `false`: Disable CORS (no headers set)
-     * - `CorsOptions`: Custom CORS configuration
-     *
-     * @default false (CORS disabled)
-     * @since 0.5.0
-     *
-     * @example
-     * ```typescript
-     * // Enable with dev defaults
-     * const server = createServer({ cors: true });
+     * Write a log entry to the console
      *
-     * // Custom configuration
-     * const server = createServer({
-     *   cors: {
-     *     origin: 'https://example.com',
-     *     credentials: true,
-     *     maxAge: 86400
-     *   }
-     * });
-     *
-     * // Disable CORS
-     * const server = createServer({ cors: false });
-     * ```
+     * @param level - Log level
+     * @param message - Log message
+     * @param meta - Structured metadata
      */
-    cors?: CorsOptions | boolean;
-    bodyLimits?: Partial<BodyLimits>;
+    write(level: LogLevel, message: string, meta: LogMetadata): void;
 }
+
 /**
- * Configuration for a BlaizeJS server
+ * JSON Transport for Production
+ *
+ * Outputs single-line JSON logs for log aggregators and monitoring systems.
+ * Handles circular references and serializes Error objects.
+ *
+ * @packageDocumentation
  */
-interface ServerOptions {
-    /** Port to listen on (default: 3000) */
-    port: number;
-    /** Host to bind to (default: localhost) */
-    host: string;
-    /** Directory containing route files (default: ./routes) */
-    routesDir: string;
-    /** HTTP/2 options */
-    http2?: {
-        /** Enable HTTP/2 (default: true) */
-        enabled?: boolean | undefined;
-        /** Path to key file for HTTPS/HTTP2 */
-        keyFile?: string | undefined;
-        /** Path to certificate file for HTTPS/HTTP2 */
-        certFile?: string | undefined;
-    };
-    /** Global middleware to apply to all routes */
-    middleware?: Middleware[];
-    /** Plugins to register */
-    plugins?: Plugin[];
-    /**
-     * Correlation ID configuration
-     * @since 0.4.0
-     */
-    correlation?: CorrelationOptions;
-    /**
-     * CORS configuration
-     * @since 0.5.0
-     */
-    cors?: CorsOptions | boolean;
-    bodyLimits: BodyLimits;
-}
+
 /**
- * BlaizeJS Server instance with generic type accumulation
+ * JSON transport for production logging
  *
- * @template TState - The accumulated state type from middleware
- * @template TServices - The accumulated services type from middleware and plugins
+ * Outputs single-line JSON to stdout for log aggregators (CloudWatch,
+ * Datadog, Splunk, etc.). Handles circular references safely and
+ * serializes Error objects with stack traces.
+ *
+ * Features:
+ * - Single-line JSON output (no pretty-printing)
+ * - Circular reference handling via replacer function
+ * - Error objects serialized with message, name, and stack
+ * - Stateless - safe for concurrent logging
+ * - All metadata flattened into top-level JSON object
+ *
+ * @example
+ * ```typescript
+ * import { JSONTransport } from './transports';
+ *
+ * const transport = new JSONTransport();
+ *
+ * transport.write('info', 'User login', {
+ *   userId: '123',
+ *   method: 'oauth',
+ *   timestamp: '2025-10-20T15:30:00Z',
+ *   correlationId: 'req_abc123'
+ * });
+ *
+ * // Output (single line):
+ * // {"level":"info","message":"User login","userId":"123","method":"oauth","timestamp":"2025-10-20T15:30:00Z","correlationId":"req_abc123"}
+ * ```
+ *
+ * @example With Error Object
+ * ```typescript
+ * const error = new Error('Database connection failed');
+ *
+ * transport.write('error', 'Operation failed', {
+ *   error,
+ *   retryCount: 3
+ * });
  *
+ * // Output:
+ * // {"level":"error","message":"Operation failed","error":{"message":"Database connection failed","name":"Error","stack":"Error: Database..."},"retryCount":3}
+ * ```
  */
-interface Server<TState, TServices> {
-    /** The underlying HTTP or HTTP/2 server */
-    server: http.Server | http2.Http2Server | undefined;
-    /** The port the server is configured to listen on */
-    port: number;
-    /** CORS configuration for this server */
-    corsOptions?: CorsOptions | boolean;
-    /** Body size limits for incoming requests */
-    bodyLimits: BodyLimits;
-    /** The host the server is bound to */
-    host: string;
-    events: EventEmitter;
-    /** Direct access to registered plugins */
-    plugins: Plugin[];
-    /** Direct access to registered plugins */
-    middleware: Middleware[];
-    /** Internal property for signal hanlders */
-    _signalHandlers?: {
-        unregister: () => void;
-    };
-    /** Start the server and listen for connections */
-    listen: (port?: number, host?: string) => Promise<Server<TState, TServices>>;
-    /** Stop the server */
-    close: (stopOptions?: StopOptions) => Promise<void>;
+declare class JSONTransport implements BlaizeLogTransport {
     /**
-     * Add global middleware to the server
-     *
-     * @param middleware - Single middleware or array of middleware to add
-     * @returns New Server instance with accumulated types from the middleware
-     *
-     * @example
-     * ```typescript
-     * // Single middleware
-     * const serverWithAuth = server.use(authMiddleware);
-     * // serverWithAuth has type Server<{user: User}, {auth: AuthService}>
+     * Write a log entry as single-line JSON to stdout
      *
-     * // Array of middleware
-     * const serverWithMiddleware = server.use([authMiddleware, loggerMiddleware]);
-     * // serverWithMiddleware has type Server<{user, requestId}, {auth, logger}>
-     * ```
+     * @param level - Log level
+     * @param message - Log message
+     * @param meta - Structured metadata
      */
-    use<MS, MSvc>(middleware: Middleware<MS, MSvc>): Server<TState & MS, TServices & MSvc>;
-    use<MW extends readonly Middleware<any, any>[]>(middleware: MW): Server<TState & UnionToIntersection<ExtractMiddlewareState<MW[number]>>, TServices & UnionToIntersection<ExtractMiddlewareServices<MW[number]>>>;
+    write(level: LogLevel, message: string, meta: LogMetadata): void;
     /**
-     * Register a plugin with the server
+     * Flush any buffered logs (optional)
      *
-     * @param plugin - Single plugin or array of plugins to register
-     * @returns Promise resolving to new Server instance with accumulated types
-     *
-     * @example
-     * ```typescript
-     * // Single plugin
-     * const serverWithDb = await server.register(databasePlugin);
-     * // serverWithDb has type Server<{}, {db: DatabaseService}>
+     * Currently a no-op since we write directly to stdout.
+     * Can be implemented for batching in the future if needed.
      *
-     * // Array of plugins
-     * const serverWithPlugins = await server.register([dbPlugin, cachePlugin]);
-     * // serverWithPlugins has type Server<{}, {db, cache}>
-     * ```
+     * @returns Promise that resolves immediately
      */
-    register<PS, PSvc>(plugin: Plugin<PS, PSvc>): Promise<Server<TState & PS, TServices & PSvc>>;
-    register<P extends readonly Plugin<any, any>[]>(plugin: P): Promise<Server<TState & UnionToIntersection<ExtractPluginState<P[number]>>, TServices & UnionToIntersection<ExtractPluginServices<P[number]>>>>;
-    /** Access to the routing system */
-    router: Router;
-    /** Context storage system */
-    context: AsyncLocalStorage<Context>;
-    pluginManager: PluginLifecycleManager;
+    flush(): Promise<void>;
 }
-type RequestHandler = (req: http.IncomingMessage | http2.Http2ServerRequest, res: http.ServerResponse | http2.Http2ServerResponse) => Promise<void>;
 
 /**
- * BlaizeJS Plugin Module
+ * Null Transport for Testing
  *
- * Provides the plugin system for extending framework functionality.
+ * Silent transport that discards all logs. Used in tests to suppress output.
+ *
+ * @packageDocumentation
  */
 
 /**
- * Plugin options
- */
-interface PluginOptions<_T = any> {
-    /** Plugin configuration */
-    [key: string]: any;
-}
-/**
- * Plugin lifecycle hooks with full type safety
+ * Null transport for testing and silent logging
  *
- * Plugins execute in this order:
- * 1. register() - Add middleware, routes
- * 2. initialize() - Create resources
- * 3. onServerStart() - Start background work
- * 4. onServerStop() - Stop background work
- * 5. terminate() - Cleanup resources
+ * Discards all log entries without producing any output. Useful for:
+ * - Unit tests that don't care about log output
+ * - Benchmarks where logging overhead should be minimal
+ * - Temporarily disabling logging without changing code
+ *
+ * Features:
+ * - Zero overhead - no processing or I/O
+ * - Stateless - safe for concurrent logging
+ * - No output to stdout, stderr, or files
+ *
+ * @example In Tests
+ * ```typescript
+ * import { NullTransport } from './transports';
+ * import { createLogger } from './Logger';
+ *
+ * describe('MyService', () => {
+ *   const logger = createLogger({
+ *     transport: new NullTransport() // Suppress logs in tests
+ *   });
+ *
+ *   test('performs operation', () => {
+ *     const service = new MyService(logger);
+ *     service.doWork(); // No log output
+ *   });
+ * });
+ * ```
+ *
+ * @example Temporary Disable
+ * ```typescript
+ * // Temporarily disable logging without changing business logic
+ * const logger = createLogger({
+ *   transport: new NullTransport()
+ * });
+ *
+ * logger.info('This message is discarded');
+ * logger.error('This error is discarded');
+ * ```
  */
-interface PluginHooks<TState = {}, TServices = {}> {
+declare class NullTransport implements BlaizeLogTransport {
     /**
-     * Called when plugin is registered to server
-     *
-     * Use this hook to:
-     * - Add middleware via server.use()
-     * - Add routes via server.router.addRoute()
-     * - Subscribe to server events
+     * Discard a log entry (no-op)
      *
-     * @param server - BlaizeJS server instance
-     * @example
-     * ```typescript
-     * register: async (server) => {
-     *   server.use(createMiddleware({
-     *     handler: async (ctx, next) => {
-     *       ctx.services.db = db;
-     *       await next();
-     *     },
-     *   }));
-     * }
-     * ```
+     * @param _level - Log level (unused)
+     * @param _message - Log message (unused)
+     * @param _meta - Structured metadata (unused)
      */
-    register?: (server: Server<TState, TServices>) => void | Promise<void>;
+    write(_level: LogLevel, _message: string, _meta: LogMetadata): void;
     /**
-     * Called during server initialization
+     * Flush any buffered logs (no-op)
      *
-     * Use this hook to:
-     * - Create database connections
-     * - Initialize services
-     * - Allocate resources
+     * Since no logs are written, there's nothing to flush.
      *
-     * @example
-     * ```typescript
-     * initialize: async () => {
-     *   db = await Database.connect(config);
-     * }
-     * ```
+     * @returns Promise that resolves immediately
      */
-    initialize?: (server: Server<TState, TServices>) => void | Promise<void>;
+    flush(): Promise<void>;
+}
+
+/**
+ * Core Logger Implementation
+ *
+ * Production-ready structured logger with level filtering, metadata redaction,
+ * child loggers, and zero-overhead filtering for disabled log levels.
+ *
+ * @packageDocumentation
+ */
+
+/**
+ * Core Logger class implementing ILogger interface
+ *
+ * Thread-safe via immutable inherited metadata. Supports zero-overhead
+ * filtering - logs below the configured level return immediately with
+ * no processing overhead.
+ *
+ * @example Basic Usage
+ * ```typescript
+ * const logger = new Logger({
+ *   level: 'info',
+ *   transport: new ConsoleTransport(),
+ *   redactKeys: ['password', 'apiKey'],
+ *   includeTimestamp: true
+ * });
+ *
+ * logger.info('User login', { userId: '123', method: 'oauth' });
+ * ```
+ *
+ * @example Child Logger
+ * ```typescript
+ * const parentLogger = createLogger({ level: 'info' });
+ * const childLogger = parentLogger.child({ component: 'auth' });
+ *
+ * childLogger.info('Token verified');
+ * // Output includes inherited metadata: { component: 'auth', ... }
+ * ```
+ */
+declare class Logger implements BlaizeLogger {
+    private readonly config;
+    private readonly inheritedMeta;
+    private readonly minLevelPriority;
     /**
-     * Called when server starts listening
-     *
-     * Use this hook to:
-     * - Start background workers
-     * - Start cron jobs
-     * - Begin health checks
+     * Create a new Logger instance
      *
-     * @example
-     * ```typescript
-     * onServerStart: async () => {
-     *   worker = new BackgroundWorker();
-     *   await worker.start();
-     * }
-     * ```
+     * @param config - Resolved logger configuration
+     * @param inheritedMeta - Metadata inherited from parent logger (optional)
      */
-    onServerStart?: (server: Http2Server | Server$1) => void | Promise<void>;
+    constructor(config: ResolvedLoggerConfig, inheritedMeta?: LogMetadata);
     /**
-     * Called when server stops listening
-     *
-     * Use this hook to:
-     * - Stop background workers
-     * - Flush buffers
-     * - Complete in-flight work
+     * Log a debug message
      *
-     * @example
-     * ```typescript
-     * onServerStop: async () => {
-     *   await worker.stop({ graceful: true });
-     * }
-     * ```
+     * @param message - The log message
+     * @param meta - Optional metadata to attach
      */
-    onServerStop?: (server: Http2Server | Server$1) => void | Promise<void>;
+    debug(message: string, meta?: LogMetadata): void;
     /**
-     * Called during server termination
-     *
-     * Use this hook to:
-     * - Close database connections
-     * - Release file handles
-     * - Free memory
+     * Log an info message
      *
-     * @example
-     * ```typescript
-     * terminate: async () => {
-     *   await db?.close();
-     * }
-     * ```
+     * @param message - The log message
+     * @param meta - Optional metadata to attach
      */
-    terminate?: (server: Server<TState, TServices>) => void | Promise<void>;
-}
-/**
- * Options for creating a plugin with createPlugin()
- *
- * @template TConfig - Plugin configuration shape
- * @template TState - State added to context
- * @template TServices - Services added to context
- */
-interface CreatePluginOptions<TConfig, TState = {}, TServices = {}> {
+    info(message: string, meta?: LogMetadata): void;
     /**
-     * Plugin name (e.g., '@blaizejs/metrics')
-     * Must be unique within a server instance
+     * Log a warning message
+     *
+     * @param message - The log message
+     * @param meta - Optional metadata to attach
      */
-    name: string;
+    warn(message: string, meta?: LogMetadata): void;
     /**
-     * Semantic version (e.g., '1.0.0')
-     * Used for compatibility checks
+     * Log an error message
+     *
+     * @param message - The log message
+     * @param meta - Optional metadata to attach
      */
-    version: string;
+    error(message: string, meta?: LogMetadata): void;
     /**
-     * Default configuration values
-     * Merged with user config when plugin is created
+     * Create a child logger with additional metadata
+     *
+     * Child loggers inherit all parent metadata and add their own.
+     * Child metadata overrides parent metadata for the same keys.
+     *
+     * @param meta - Additional metadata for the child logger
+     * @returns A new logger instance with merged metadata
      *
      * @example
      * ```typescript
-     * defaultConfig: {
-     *   enabled: true,
-     *   timeout: 30000,
-     * }
+     * const parent = createLogger({ level: 'info' });
+     * const child = parent.child({ component: 'database' });
+     *
+     * child.info('Query executed');
+     * // Output includes: { component: 'database', ...parent metadata }
      * ```
      */
-    defaultConfig?: TConfig;
+    child(meta: LogMetadata): BlaizeLogger;
     /**
-     * Setup function that returns lifecycle hooks
+     * Flush any buffered logs and wait for completion
      *
-     * Receives merged config (defaultConfig + userConfig).
-     * Returns partial hook object - all hooks optional.
+     * Delegates to the transport's flush method if it exists.
+     * Use this during graceful shutdown to ensure all logs are written.
      *
-     * @param config - Merged configuration
-     * @returns Partial plugin hooks
+     * @returns Promise that resolves when all logs are flushed
      *
      * @example
      * ```typescript
-     * setup: (config) => {
-     *   let db: Database;
-     *
-     *   return {
-     *     initialize: async () => {
-     *       db = await Database.connect(config);
-     *     },
-     *     terminate: async () => {
-     *       await db?.close();
-     *     },
-     *   };
-     * }
+     * process.on('SIGTERM', async () => {
+     *   await logger.flush();
+     *   process.exit(0);
+     * });
      * ```
      */
-    setup: (config: TConfig) => Partial<PluginHooks<TState, TServices>>;
-}
-/**
- * Plugin interface
- */
-interface Plugin<TState = {}, TServices = {}> extends PluginHooks<TState, TServices> {
-    /** Plugin name */
-    name: string;
-    /** Plugin version */
-    version: string;
+    flush(): Promise<void>;
     /**
-     * Called when plugin is registered to server
+     * Internal log method that handles all log levels
      *
-     * This hook is always present - createPlugin provides a default empty async function
-     * if not specified by the plugin author.
+     * Fast-path: Returns immediately if log level is filtered.
+     * This ensures zero overhead for disabled log levels.
      *
-     * @override Makes register required (not optional like in PluginHooks)
+     * @param level - The log level
+     * @param message - The log message
+     * @param meta - Optional metadata to attach
      */
-    register: (server: Server<TState, TServices>) => void | Promise<void>;
+    private log;
     /**
-     * Type carriers for compile-time type information
-     * These are never used at runtime but allow TypeScript to track types
+     * Check if a log level should be output
+     *
+     * @param level - The log level to check
+     * @returns true if the level should be logged
      */
-    _state?: TState;
-    _services?: TServices;
-}
-/**
- * Plugin factory function
- */
-type PluginFactory<TConfig = any, TState = {}, TServices = {}> = (options?: Partial<TConfig>) => Plugin<TState, TServices>;
-interface PluginLifecycleManager {
-    initializePlugins(server: Server<any, any>): Promise<void>;
-    terminatePlugins(server: Server<any, any>): Promise<void>;
-    onServerStart(server: Server<any, any>, httpServer: any): Promise<void>;
-    onServerStop(server: Server<any, any>, httpServer: any): Promise<void>;
-}
-interface PluginLifecycleOptions {
-    /** Continue initialization even if a plugin fails */
-    continueOnError?: boolean;
-    /** Log plugin lifecycle events */
-    debug?: boolean;
-    /** Custom error handler for plugin failures */
-    onError?: (plugin: Plugin, phase: string, error: Error) => void;
+    private shouldLog;
+    /**
+     * Redact sensitive keys from metadata
+     *
+     * Performs case-insensitive shallow redaction. Only top-level keys
+     * are checked and redacted - nested objects are not traversed.
+     *
+     * Matching keys are replaced with the string '[REDACTED]'.
+     *
+     * @param meta - The metadata to redact
+     * @returns New metadata object with sensitive values redacted
+     */
+    private redact;
 }
-
-/**
- * Type composition utilities for extracting and composing middleware type contributions
- * @module composition
- * @since v0.4.0
- */
-
-/**
- * Extracts the State type contribution from a middleware
- * @template T - The middleware type to extract from
- * @returns The state type if present, empty object otherwise
- */
-type ExtractMiddlewareState<T> = T extends Middleware<infer S, any> ? S : {};
-/**
- * Extracts the State type contribution from a plugin
- * @template T - The plugin type to extract from
- * @returns The state type if present, empty object otherwise
- */
-type ExtractPluginState<T> = T extends Plugin<infer S, any> ? S : {};
-/**
- * Extracts the Services type contribution from a middleware
- * @template T - The middleware type to extract from
- * @returns The services type if present, empty object otherwise
- */
-type ExtractMiddlewareServices<T> = T extends Middleware<any, infer S> ? S : {};
-/**
- * Extracts the Services type contribution from a plugin
- * @template T - The plugin type to extract from
- * @returns The services type if present, empty object otherwise
- */
-type ExtractPluginServices<T> = T extends Plugin<any, infer S> ? S : {};
 /**
- * Utility type to convert a union type to an intersection type
- * This is the magic that allows us to compose multiple middleware contributions
+ * Create a logger with default configuration
  *
- * @example
- * type U = { a: string } | { b: number }
- * type I = UnionToIntersection<U> // { a: string } & { b: number }
+ * Resolves defaults based on environment:
+ * - Development: debug level, ConsoleTransport
+ * - Production: info level, JSONTransport
  *
- */
-type UnionToIntersection<U> = (U extends any ? (k: U) => void : never) extends (k: infer I) => void ? I : never;
-/**
- * Composes state contributions from an array of middleware
- * Merges all state types into a single intersection type
+ * Core transports (ConsoleTransport, JSONTransport) are lazy-loaded by
+ * the logger itself. Custom transports should be provided by application code.
  *
- * @template T - ReadonlyArray of Middleware
- * @returns Intersection of all state contributions
+ * @param config - Partial logger configuration (all fields optional)
+ * @returns A new Logger instance
+ *
+ * @example Development Logger (Default)
+ * ```typescript
+ * const logger = createLogger();
+ * // Uses: level='debug', ConsoleTransport, timestamp=true, no redaction
+ *
+ * logger.debug('Starting application');
+ * ```
+ *
+ * @example Production Logger (Default)
+ * ```typescript
+ * process.env.NODE_ENV = 'production';
  *
- * @example
- * const middlewares = [authMiddleware, loggerMiddleware] as const;
- * type ComposedState = ComposeStates<typeof middlewares>;
- * // Result: { user: User } & { requestId: string }
- */
-type ComposeMiddlewareStates<T extends ReadonlyArray<Middleware>> = T extends readonly [] ? {} : UnionToIntersection<ExtractMiddlewareState<T[number]>>;
-/**
- * Composes state contributions from an array of plugins
- * Merges all state types into a single intersection type
+ * const logger = createLogger({
+ *   redactKeys: ['password', 'apiKey', 'secret']
+ * });
+ * // Uses: level='info', JSONTransport, timestamp=true, redaction enabled
+ * ```
  *
- * @template T - ReadonlyArray of Plugin
- * @returns Intersection of all state contributions
+ * @example Custom Transport (Application Code)
+ * ```typescript
+ * import { CustomTransport } from './my-transports';
  *
- * @example
- * const plugins = [authPlugin, dbPlugin] as const;
- * type ComposedState = ComposePluginStates<typeof plugins>;
- * // Result: { config: AuthConfig } & { dbConnected: boolean }
+ * const logger = createLogger({
+ *   level: 'warn',
+ *   transport: new CustomTransport(), // Application provides custom transport
+ *   redactKeys: ['ssn', 'creditCard'],
+ *   includeTimestamp: false
+ * });
+ * ```
  */
-type ComposePluginStates<T extends ReadonlyArray<Plugin<any, any>>> = T extends readonly [] ? {} : UnionToIntersection<ExtractPluginState<T[number]>>;
+declare function createLogger(config?: Partial<ResolvedLoggerConfig>): Logger;
+
 /**
- * Composes service contributions from an array of middleware
- * Merges all service types into a single intersection type
+ * Global logger singleton instance
  *
- * @template T - ReadonlyArray of Middleware
- * @returns Intersection of all service contributions
+ * This instance is available before server creation and can be used
+ * anywhere in your application. When the server starts, it will be
+ * configured with the server's logging options.
  *
  * @example
- * const middlewares = [dbMiddleware, cacheMiddleware] as const;
- * type ComposedServices = ComposeServices<typeof middlewares>;
- * // Result: { db: Database } & { cache: Cache }
+ * ```typescript
+ * import { logger } from '@blaizejs/logger';
+ *
+ * logger.info('Application starting');
+ * ```
  */
-type ComposeMiddlewareServices<T extends ReadonlyArray<Middleware>> = T extends readonly [] ? {} : UnionToIntersection<ExtractMiddlewareServices<T[number]>>;
+declare const logger: BlaizeLogger;
 /**
- * Composes service contributions from an array of plugins
- * Merges all service types into a single intersection type
+ * Configure the global logger instance
  *
- * @template T - ReadonlyArray of Plugin
- * @returns Intersection of all service contributions
+ * This function updates the global logger in-place so that all existing
+ * imports automatically receive the new configuration. Called internally
+ * by the server during creation.
+ *
+ * @param config - Partial logger configuration
  *
  * @example
- * const plugins = [dbPlugin, cachePlugin] as const;
- * type ComposedServices = ComposePluginServices<typeof plugins>;
- * // Result: { db: Database } & { cache: Cache }
- */
-type ComposePluginServices<T extends ReadonlyArray<Plugin<any, any>>> = T extends readonly [] ? {} : UnionToIntersection<ExtractPluginServices<T[number]>>;
-/**
- * Safe version of ExtractState that handles edge cases
- * @template T - The middleware type to extract from
- * @returns The state type, handling never/any/unknown gracefully
- */
-type SafeExtractMiddlewareState<T> = IsNever<T> extends true ? {} : IsAny<T> extends true ? {} : T extends Middleware<infer S, any> ? unknown extends S ? {} : S : {};
-/**
- * Safe version of ExtractPluginState that handles edge cases
- * @template T - The plugin type to extract from
- * @returns The state type, handling never/any/unknown gracefully
- */
-type SafeExtractPluginState<T> = IsNever<T> extends true ? {} : IsAny<T> extends true ? {} : T extends Plugin<infer S, any> ? unknown extends S ? {} : S : {};
-/**
- * Safe version of ExtractServices that handles edge cases
- * @template T - The middleware type to extract from
- * @returns The services type, handling never/any/unknown gracefully
- */
-type SafeExtractMiddlewareServices<T> = IsNever<T> extends true ? {} : IsAny<T> extends true ? {} : T extends Middleware<any, infer S> ? unknown extends S ? {} : S : {};
-/**
- * Safe version of ExtractPluginServices that handles edge cases
- * @template T - The plugin type to extract from
- * @returns The services type, handling never/any/unknown gracefully
- */
-type SafeExtractPluginServices<T> = IsNever<T> extends true ? {} : IsAny<T> extends true ? {} : T extends Plugin<any, infer S> ? unknown extends S ? {} : S : {};
-/**
- * Composes state with better edge case handling
- * @template T - ReadonlyArray of Middleware
- * @returns Safely composed state types
- */
-type SafeComposeMiddlewareStates<T extends ReadonlyArray<Middleware>> = T extends readonly [] ? {} : T extends readonly [infer First, ...infer Rest] ? First extends Middleware ? Rest extends ReadonlyArray<Middleware> ? SafeExtractMiddlewareState<First> & SafeComposeMiddlewareStates<Rest> : SafeExtractMiddlewareState<First> : {} : UnionToIntersection<SafeExtractMiddlewareState<T[number]>>;
-/**
- * Composes plugin state with better edge case handling
- * @template T - ReadonlyArray of Plugin
- * @returns Safely composed state types
- */
-type SafeComposePluginStates<T extends ReadonlyArray<Plugin<any, any>>> = T extends readonly [] ? {} : T extends readonly [infer First, ...infer Rest] ? First extends Plugin<any, any> ? Rest extends ReadonlyArray<Plugin<any, any>> ? SafeExtractPluginState<First> & SafeComposePluginStates<Rest> : SafeExtractPluginState<First> : {} : UnionToIntersection<SafeExtractPluginState<T[number]>>;
-/**
- * Composes services with better edge case handling
- * @template T - ReadonlyArray of Middleware
- * @returns Safely composed service types
+ * ```typescript
+ * import { configureGlobalLogger } from '@blaizejs/logger';
+ *
+ * configureGlobalLogger({
+ *   level: 'warn',
+ *   redactKeys: ['password', 'apiKey']
+ * });
+ * ```
  */
-type SafeComposeMiddlewareServices<T extends ReadonlyArray<Middleware>> = T extends readonly [] ? {} : T extends readonly [infer First, ...infer Rest] ? First extends Middleware ? Rest extends ReadonlyArray<Middleware> ? SafeExtractMiddlewareServices<First> & SafeComposeMiddlewareServices<Rest> : SafeExtractMiddlewareServices<First> : {} : UnionToIntersection<SafeExtractMiddlewareServices<T[number]>>;
+declare function configureGlobalLogger(config: Partial<LoggerConfig>): void;
+
 /**
- * Composes plugin services with better edge case handling
- * @template T - ReadonlyArray of Plugin
- * @returns Safely composed service types
+ * Compose multiple middleware functions into a single middleware function
  */
-type SafeComposePluginServices<T extends ReadonlyArray<Plugin<any, any>>> = T extends readonly [] ? {} : T extends readonly [infer First, ...infer Rest] ? First extends Plugin<any, any> ? Rest extends ReadonlyArray<Plugin<any, any>> ? SafeExtractPluginServices<First> & SafeComposePluginServices<Rest> : SafeExtractPluginServices<First> : {} : UnionToIntersection<SafeExtractPluginServices<T[number]>>;
+declare function compose(middlewareStack: Middleware[]): MiddlewareFunction;
+
 /**
- * Utility to merge two state types
- * Handles conflicts by using the rightmost (latest) type
+ * Create CORS middleware with the specified options
  *
- * @template A - First state type
- * @template B - Second state type
- * @returns Merged state with B taking precedence
- */
-type MergeStates<A, B> = Omit<A, keyof B> & B;
-/**
- * Utility to merge two service types
- * Handles conflicts by using the rightmost (latest) type
+ * @param userOptions - CORS configuration options or boolean
+ * @returns Middleware function that handles CORS
  *
- * @template A - First services type
- * @template B - Second services type
- * @returns Merged services with B taking precedence
- */
-type MergeServices<A, B> = Omit<A, keyof B> & B;
-/**
- * Extract both state and services from a middleware at once
- * @template T - The middleware type
- * @returns Object with state and services types
- */
-type ExtractMiddlewareTypes<T> = {
-    state: ExtractMiddlewareState<T>;
-    services: ExtractMiddlewareServices<T>;
-};
-/**
- * Extract both state and services from a plugin at once
- * @template T - The plugin type
- * @returns Object with state and services types
- */
-type ExtractPluginTypes<T> = {
-    state: ExtractPluginState<T>;
-    services: ExtractPluginServices<T>;
-};
-/**
- * Compose both state and services from middleware array at once
- * @template T - ReadonlyArray of Middleware
- * @returns Object with composed state and services
- */
-type ComposeMiddlewareTypes<T extends ReadonlyArray<Middleware>> = {
-    state: ComposeMiddlewareStates<T>;
-    services: ComposeMiddlewareServices<T>;
-};
-/**
- * Compose both state and services from plugin array at once
- * @template T - ReadonlyArray of Plugin
- * @returns Object with composed state and services
- */
-type ComposePluginTypes<T extends ReadonlyArray<Plugin<any, any>>> = {
-    state: ComposePluginStates<T>;
-    services: ComposePluginServices<T>;
-};
-/**
- * Type guard to check if a value is a Middleware
- * @param value - Value to check
- * @returns True if value is a Middleware
+ * @example
+ * ```typescript
+ * import { cors } from '@blaize-core/middleware/cors';
+ *
+ * // Development mode - allow all origins
+ * server.use(cors(true));
+ *
+ * // Production - specific origin
+ * server.use(cors({
+ *   origin: 'https://app.example.com',
+ *   credentials: true,
+ *   maxAge: 86400
+ * }));
+ *
+ * // Multiple origins with regex
+ * server.use(cors({
+ *   origin: [
+ *     'https://app.example.com',
+ *     /^https:\/\/.*\.example\.com$/
+ *   ]
+ * }));
+ *
+ * // Dynamic origin validation
+ * server.use(cors({
+ *   origin: async (origin, ctx) => {
+ *     return await checkOriginAllowed(origin, ctx.state.user);
+ *   }
+ * }));
+ * ```
  */
-declare function isMiddleware(value: unknown): value is Middleware;
+declare function cors(userOptions?: CorsOptions | boolean): Middleware;
+
 /**
- * Type guard to check if a value is a Plugin
- * @param value - Value to check
- * @returns True if value is a Plugin
+ * Create a middleware
  */
-declare function isPlugin(value: unknown): value is Plugin;
+declare function create$1<TState = {}, TServices = {}>(handlerOrOptions: MiddlewareFunction | MiddlewareOptions): Middleware<TState, TServices>;
 /**
- * Type helper for middleware arrays
- * Ensures proper readonly array typing for composition
+ * Create a middleware that only contributes state (no services)
+ * Convenience helper for state-only middleware
+ *
+ * @template T - Type of state to contribute
+ * @param handler - Middleware function that adds state
+ * @returns Middleware that contributes state only
  *
- * @example
- * const middlewares = asMiddlewareArray([auth, logger, cache]);
- * type State = ComposeStates<typeof middlewares>;
  */
-declare function asMiddlewareArray<T extends ReadonlyArray<Middleware>>(middlewares: T): T;
+declare function stateMiddleware<T = {}>(handler: MiddlewareFunction): Middleware<T, {}>;
 /**
- * Type helper for plugin arrays
- * Ensures proper readonly array typing for composition
+ * Create a middleware that only contributes services (no state)
+ * Convenience helper for service-only middleware
+ *
+ * @template T - Type of services to contribute
+ * @param handler - Middleware function that adds services
+ * @returns Middleware that contributes services only
  *
- * @example
- * const plugins = asPluginArray([dbPlugin, cachePlugin]);
- * type Services = ComposePluginServices<typeof plugins>;
  */
-declare function asPluginArray<T extends ReadonlyArray<Plugin<any, any>>>(plugins: T): T;
+declare function serviceMiddleware<T = {}>(handler: MiddlewareFunction): Middleware<{}, T>;
+
 /**
- * Create a typed middleware array with inferred types
- * Useful for getting proper const assertions
+ * Request Logger Middleware
  *
- * @example
- * const middlewares = createMiddlewareArray(auth, logger, cache);
- * type State = ComposeStates<typeof middlewares>;
+ * Creates a child logger with request context and optionally logs request lifecycle events.
+ * This middleware ALWAYS runs FIRST in the middleware chain to ensure all logs have request context.
+ *
+ * @packageDocumentation
  */
-declare function createMiddlewareArray<T extends ReadonlyArray<Middleware>>(...middlewares: T): T;
+
 /**
- * Create a typed plugin array with inferred types
- * Useful for getting proper const assertions
+ * Request logger middleware factory
  *
- * @example
- * const plugins = createPluginArray(dbPlugin, cachePlugin);
- * type Services = ComposePluginServices<typeof plugins>;
+ * Creates middleware that:
+ * 1. ALWAYS creates a child logger with request context (correlationId, method, path, ip)
+ * 2. Replaces ctx.services.log with the child logger
+ * 3. Optionally logs request lifecycle events if requestLogging is true
+ *
+ * The child logger ensures that all logs during the request lifecycle automatically
+ * include request context, even if requestLogging is false.
+ *
+ * @param options - Request logger options (headers, query, etc.)
+ * @returns Middleware function
+ *
+ * @example Basic Usage (with lifecycle logging)
+ * ```typescript
+ * import { createServer } from 'blaizejs';
+ * import { requestLoggerMiddleware } from './logger/middleware';
+ *
+ * const server = createServer({
+ *   port: 3000,
+ *   logging: {
+ *     level: 'info',
+ *     requestLogging: true, // Enable lifecycle logs
+ *     requestLoggerOptions: {
+ *       includeHeaders: true,
+ *       includeQuery: true
+ *     }
+ *   }
+ * });
+ * ```
+ *
+ * @example Without Lifecycle Logging
+ * ```typescript
+ * const server = createServer({
+ *   logging: {
+ *     level: 'info',
+ *     requestLogging: false // No automatic logs, but ctx.services.log still has request context
+ *   }
+ * });
+ *
+ * // In route handler:
+ * export const GET = appRoute.get({
+ *   handler: async (ctx) => {
+ *     // ctx.services.log still includes correlationId, method, path automatically
+ *     ctx.services.log.info('Custom log message');
+ *     return { data: 'response' };
+ *   }
+ * });
+ * ```
+ *
+ * @example With Header Filtering
+ * ```typescript
+ * const middleware = requestLoggerMiddleware({
+ *   includeHeaders: true,
+ *   headerWhitelist: ['content-type', 'user-agent', 'accept']
+ * }, true);
+ *
+ * // Logs will include only whitelisted headers
+ * // Sensitive headers (authorization, cookie) are ALWAYS redacted
+ * ```
  */
-declare function createPluginArray<T extends ReadonlyArray<Plugin<any, any>>>(...plugins: T): T;
+declare function requestLoggerMiddleware(options?: RequestLoggerOptions): Middleware;
 
 /**
  * Create a type-safe plugin with full IntelliSense support
@@ -3582,6 +4680,7 @@ declare const MiddlewareAPI: {
     createStateMiddleware: typeof stateMiddleware;
     compose: typeof compose;
     cors: typeof cors;
+    requestLoggerMiddleware: typeof requestLoggerMiddleware;
 };
 declare const PluginsAPI: {
     createPlugin: typeof createPlugin;
@@ -3594,6 +4693,9 @@ declare const Blaize: {
     createStateMiddleware: typeof stateMiddleware;
     createPlugin: typeof createPlugin;
     getCorrelationId: typeof getCorrelationId;
+    configureGlobalLogger: typeof configureGlobalLogger;
+    createLogger: typeof createLogger;
+    logger: BlaizeLogger;
     Server: {
         createServer: typeof create;
         inferContext: typeof inferContext;
@@ -3619,6 +4721,7 @@ declare const Blaize: {
         createStateMiddleware: typeof stateMiddleware;
         compose: typeof compose;
         cors: typeof cors;
+        requestLoggerMiddleware: typeof requestLoggerMiddleware;
     };
     Plugins: {
         createPlugin: typeof createPlugin;
@@ -3626,4 +4729,4 @@ declare const Blaize: {
     VERSION: string;
 };
 
-export { Blaize, BlaizeError, type BlaizeErrorResponse, type BodyLimits, type BufferedEvent, type BuildRoutesRegistry, type BuildSSEArgs, type CacheConfig, type CacheEntry, type ClientConfig, type CloseEvent, type ComposeMiddlewareServices, type ComposeMiddlewareStates, type ComposeMiddlewareTypes, type ComposePluginServices, type ComposePluginStates, type ComposePluginTypes, ConflictError, type ConflictErrorDetails, type ConnectionEntry, type ConnectionRegistry, type Context, type ContextOptions, type ContextRequest, type ContextResponse, type CorrelationOptions, type CorsHttpMethod, type CorsOptions, type CorsOrigin, type CorsOriginCacheConfig, type CorsOriginCacheEntry, type CorsPreflightInfo, type CorsStats, type CorsValidationResult, type CreateClient, type CreateContextFn, type CreateDeleteRoute, type CreateEnhancedClient, type CreateGetRoute, type CreateHeadRoute, type CreateOptionsRoute, type CreatePatchRoute, type CreatePluginOptions, type CreatePostRoute, type CreatePutRoute, type CreateSSEMethod, type CreateSSERoute, type ErrorHandlerOptions, ErrorSeverity, type ErrorTransformContext, ErrorType, type EventHandlers, type ExtractMethod, type ExtractMiddlewareServices, type ExtractMiddlewareState, type ExtractMiddlewareTypes, type ExtractPluginServices, type ExtractPluginState, type ExtractPluginTypes, type ExtractSSEEvents, type ExtractSSEParams, type ExtractSSEQuery, type ExtractSSERoutes, type FileCache, type FindRouteFilesOptions, ForbiddenError, type ForbiddenErrorDetails, type GetContextFn, type HasSSEMethod, type Http2Options, type HttpMethod, type Infer, type InferContext, type InternalRequestArgs, InternalServerError, type InternalServerErrorDetails, type Matcher, type MergeServices, type MergeStates, type Middleware, MiddlewareAPI, type MiddlewareFunction, type MiddlewareOptions, type MultipartData, type MultipartError, type MultipartLimits, type NetworkErrorContext, type NextFunction, NotFoundError, type NotFoundErrorDetails, type ParseErrorContext, type ParseOptions, type ParseResult, type ParsedRoute, type ParserState, PayloadTooLargeError, type PayloadTooLargeErrorDetails, type Plugin, type PluginFactory, type PluginHooks, type PluginLifecycleManager, type PluginLifecycleOptions, type PluginOptions, PluginsAPI, type ProcessResponseOptions, type ProcessingConfig, type QueryParams, RateLimitError, type RateLimitErrorDetails, type ReconnectStrategy, type RegistryResult, type ReloadMetrics, type RequestHandler, type RequestOptions, type RequestParams, RequestTimeoutError, type Result, type Route, type RouteDefinition, type RouteEntry, type RouteHandler, type RouteMatch, type RouteMethodOptions, type RouteNode, type RouteOptions, type RouteRegistry, type RouteSchema, type Router, RouterAPI, type RouterOptions, type SSEBufferOverflowErrorDetails, type SSEBufferStrategy, type SSEClient, type SSEClientMetrics, type SSEClientOptions, type SSEConnectionErrorContext, type SSEConnectionErrorDetails, type SSEConnectionFactory, type SSEConnectionState, type SSEEvent, type SSEEventHandler, type SSEEventListener, type SSEHeartbeatErrorContext, type SSEMetrics, type SSEOptions, type SSERouteHandler, type SSERouteSchema, type SSESerializedEvent, type SSEStream, type SSEStreamClosedErrorDetails, type SSEStreamErrorContext, type SSEStreamExtended, type SSEStreamManager, type SafeComposeMiddlewareServices, type SafeComposeMiddlewareStates, type SafeComposePluginServices, type SafeComposePluginStates, type SafeExtractMiddlewareServices, type SafeExtractMiddlewareState, type SafeExtractPluginServices, type SafeExtractPluginState, type Server, ServerAPI, type ServerOptions, type ServerOptionsInput, type ServiceNotAvailableDetails, ServiceNotAvailableError, type Services, type StandardErrorResponse, type StartOptions, type State, type StopOptions, type StreamMetrics, type StreamOptions, type TimeoutErrorContext, type TypedSSEStream, UnauthorizedError, type UnauthorizedErrorDetails, type UnifiedRequest, type UnifiedResponse, type UnionToIntersection, type UnknownFunction, type UnknownServer, UnprocessableEntityError, UnsupportedMediaTypeError, type UnsupportedMediaTypeErrorDetails, type UploadProgress, type UploadedFile, VERSION, type ValidationConfig, ValidationError, type ValidationErrorDetails, type ValidationFieldError, type WatchOptions, asMiddlewareArray, asPluginArray, buildUrl, compilePathPattern, compose, cors, createDeleteRoute, createGetRoute, createHeadRoute, createMatcher, create$1 as createMiddleware, createMiddlewareArray, createOptionsRoute, createPatchRoute, createPlugin, createPluginArray, createPostRoute, createPutRoute, createRouteFactory, create as createServer, serviceMiddleware as createServiceMiddleware, stateMiddleware as createStateMiddleware, extractParams, getCorrelationId, inferContext, isMiddleware, isPlugin, paramsToQuery };
+export { Blaize, BlaizeError, type BlaizeErrorResponse, type BlaizeLogTransport, type BlaizeLogger, type BodyLimits, type BufferedEvent, type BuildRoutesRegistry, type BuildSSEArgs, type CacheConfig, type CacheEntry, type ClientConfig, type CloseEvent, type ComposeMiddlewareServices, type ComposeMiddlewareStates, type ComposeMiddlewareTypes, type ComposePluginServices, type ComposePluginStates, type ComposePluginTypes, ConflictError, type ConflictErrorDetails, type ConnectionEntry, type ConnectionRegistry, ConsoleTransport, type Context, type ContextOptions, type ContextRequest, type ContextResponse, type CorrelationOptions, type CorsHttpMethod, type CorsOptions, type CorsOrigin, type CorsOriginCacheConfig, type CorsOriginCacheEntry, type CorsPreflightInfo, type CorsStats, type CorsValidationResult, type CreateClient, type CreateContextFn, type CreateDeleteRoute, type CreateEnhancedClient, type CreateGetRoute, type CreateHeadRoute, type CreateOptionsRoute, type CreatePatchRoute, type CreatePluginOptions, type CreatePostRoute, type CreatePutRoute, type CreateSSEMethod, type CreateSSERoute, type ErrorHandlerOptions, ErrorSeverity, type ErrorTransformContext, ErrorType, type EventHandlers, type ExtractMethod, type ExtractMiddlewareServices, type ExtractMiddlewareState, type ExtractMiddlewareTypes, type ExtractPluginServices, type ExtractPluginState, type ExtractPluginTypes, type ExtractSSEEvents, type ExtractSSEParams, type ExtractSSEQuery, type ExtractSSERoutes, type FileCache, type FindRouteFilesOptions, ForbiddenError, type ForbiddenErrorDetails, type GetContextFn, type HasSSEMethod, type Http2Options, type HttpMethod, type Infer, type InferContext, type InternalRequestArgs, InternalServerError, type InternalServerErrorDetails, JSONTransport, type LogLevel, type LogMetadata, Logger, type LoggerConfig, type Matcher, type MergeServices, type MergeStates, type Middleware, MiddlewareAPI, type MiddlewareFunction, type MiddlewareOptions, type MultipartData, type MultipartError, type MultipartLimits, type NetworkErrorContext, type NextFunction, NotFoundError, type NotFoundErrorDetails, NullTransport, type ParseErrorContext, type ParseOptions, type ParseResult, type ParsedRoute, type ParserState, PayloadTooLargeError, type PayloadTooLargeErrorDetails, type Plugin, type PluginFactory, type PluginHooks, type PluginLifecycleManager, type PluginLifecycleOptions, type PluginOptions, PluginsAPI, type ProcessResponseOptions, type ProcessingConfig, type QueryParams, RateLimitError, type RateLimitErrorDetails, type ReconnectStrategy, type RegistryResult, type ReloadMetrics, type RequestHandler, type RequestLoggerOptions, type RequestOptions, type RequestParams, RequestTimeoutError, type ResolvedLoggerConfig, type Result, type Route, type RouteDefinition, type RouteEntry, type RouteHandler, type RouteMatch, type RouteMethodOptions, type RouteNode, type RouteOptions, type RouteRegistry, type RouteSchema, type Router, RouterAPI, type RouterOptions, type SSEBufferOverflowErrorDetails, type SSEBufferStrategy, type SSEClient, type SSEClientMetrics, type SSEClientOptions, type SSEConnectionErrorContext, type SSEConnectionErrorDetails, type SSEConnectionFactory, type SSEConnectionState, type SSEEvent, type SSEEventHandler, type SSEEventListener, type SSEHeartbeatErrorContext, type SSEMetrics, type SSEOptions, type SSERouteHandler, type SSERouteSchema, type SSESerializedEvent, type SSEStream, type SSEStreamClosedErrorDetails, type SSEStreamErrorContext, type SSEStreamExtended, type SSEStreamManager, type SafeComposeMiddlewareServices, type SafeComposeMiddlewareStates, type SafeComposePluginServices, type SafeComposePluginStates, type SafeExtractMiddlewareServices, type SafeExtractMiddlewareState, type SafeExtractPluginServices, type SafeExtractPluginState, type SerializedError, type Server, ServerAPI, type ServerOptions, type ServerOptionsInput, type ServiceNotAvailableDetails, ServiceNotAvailableError, type Services, type StandardErrorResponse, type StartOptions, type State, type StopOptions, type StreamMetrics, type StreamOptions, type TimeoutErrorContext, type TypedSSEStream, UnauthorizedError, type UnauthorizedErrorDetails, type UnifiedRequest, type UnifiedResponse, type UnionToIntersection, type UnknownFunction, type UnknownServer, UnprocessableEntityError, UnsupportedMediaTypeError, type UnsupportedMediaTypeErrorDetails, type UploadProgress, type UploadedFile, VERSION, type ValidationConfig, ValidationError, type ValidationErrorDetails, type ValidationFieldError, type WatchOptions, asMiddlewareArray, asPluginArray, buildUrl, compilePathPattern, compose, configureGlobalLogger, cors, createDeleteRoute, createGetRoute, createHeadRoute, createLogger, createMatcher, create$1 as createMiddleware, createMiddlewareArray, createOptionsRoute, createPatchRoute, createPlugin, createPluginArray, createPostRoute, createPutRoute, createRouteFactory, create as createServer, serviceMiddleware as createServiceMiddleware, stateMiddleware as createStateMiddleware, extractParams, getCorrelationId, inferContext, isMiddleware, isPlugin, logger, paramsToQuery, requestLoggerMiddleware };