brustjs 0.1.24-alpha → 0.1.25-alpha

package/example/pokedex/actions.ts

@@ -6,7 +6,7 @@
 //   api.team({ id }).delete()      → DELETE /_brust/action/team/{id}
 
 import { z } from 'zod'
-import { defineActions, ActionError } from 'brustjs'
+import { cookies, defineActions, ActionError } from 'brustjs'
 import { MAX_TEAM, teamStore } from './lib/team-store'
 
 const TeamMemberInput = z.object({
@@ -28,11 +28,19 @@ export const actions = defineActions()
       }
       return { team: teamStore.list(), max: MAX_TEAM }
     },
-    { body: TeamMemberInput },
+    { body: TeamMemberInput, errors: { TEAM_FULL: z.object({ max: z.number() }) } },
   )
   .delete('/team/{id}', ({ params }) => {
     teamStore.remove(Number(params.id))
     return { team: teamStore.list(), max: MAX_TEAM }
   })
+  .post(
+    '/theme',
+    ({ body }) => {
+      cookies.set('mode', body.mode, { path: '/', maxAge: 31536000, sameSite: 'Lax' })
+      return { mode: body.mode }
+    },
+    { body: z.object({ mode: z.enum(['dark', 'light']) }) },
+  )
 
 export type Actions = typeof actions

package/example/pokedex/app.css

@@ -2,9 +2,9 @@
    PokéDex app.css — AssetsArt Design System (tokens + components) +
    a PokéDex (.dex-*) layer that replaces the prototype's inline styles.
    ---------------------------------------------------------------------
-   NOTE: dark-mode only. The design's [data-mode="dark"] selectors are
-   rewritten to .dark, set via <BrustPage className="dark"> (BrustPage
-   only sets <html class>, not arbitrary data-* attrs — see GAPS S8).
+   NOTE: light + dark. :root holds the LIGHT defaults; [data-mode="dark"]
+   remaps them. The mode is set on <html data-mode={mode}> via BrustPage's
+   data-* support, driven by the `mode` cookie + the native ThemeToggle.
    Remote @import of Google Fonts is dropped (the css pipeline runs through
    @tailwindcss/node); we rely on the system-font fallbacks in the stacks.
    ===================================================================== */
@@ -328,7 +328,7 @@
    The product (Cloud Server Portal) defaults to DARK; marketing + first-run
    default to LIGHT.
    ===================================================================== */
-.dark {
+[data-mode="dark"] {
   --ink-0:    #14171F;
   --ink-25:   #181B25;
   --ink-50:   #1C2030;   /* card surface */
@@ -445,7 +445,7 @@ a:hover { text-decoration: underline; }
 code, pre { font-family: var(--font-mono); }
 
 ::selection { background: var(--primary-200); color: var(--primary-900); }
-.dark ::selection { background: rgba(127,63,151,0.45); color: #fff; }
+[data-mode="dark"] ::selection { background: rgba(127,63,151,0.45); color: #fff; }
 
 /* =====================================================================
    TYPE UTILITIES — opt-in semantic typography classes
@@ -642,7 +642,7 @@ code, pre { font-family: var(--font-mono); }
   --_fg: var(--primary-500);
   --_border: var(--primary-500);
 }
-.dark .aa-btn--outline { --_fg: var(--purple-300); --_border: var(--purple-400); }
+[data-mode="dark"] .aa-btn--outline { --_fg: var(--purple-300); --_border: var(--purple-400); }
 .aa-btn--danger {
   --_bg: var(--danger-600);
   --_bg-hover: var(--danger-700);
@@ -815,11 +815,11 @@ code, pre { font-family: var(--font-mono); }
 }
 
 /* dark-mode pill foreground gets lifted */
-.dark .aa-badge--success { color: #6BD9A4; }
-.dark .aa-badge--warning { color: #F0C76A; }
-.dark .aa-badge--danger  { color: #F195B2; }
-.dark .aa-badge--info    { color: #7BB6E2; }
-.dark .aa-badge--soft    { color: #C9A4D8; }
+[data-mode="dark"] .aa-badge--success { color: #6BD9A4; }
+[data-mode="dark"] .aa-badge--warning { color: #F0C76A; }
+[data-mode="dark"] .aa-badge--danger  { color: #F195B2; }
+[data-mode="dark"] .aa-badge--info    { color: #7BB6E2; }
+[data-mode="dark"] .aa-badge--soft    { color: #C9A4D8; }
 
 /* Status dot pill (used in tables) */
 .aa-pill {
@@ -843,10 +843,10 @@ code, pre { font-family: var(--font-mono); }
 .aa-pill--muted { background: var(--ink-100);    color: var(--text-tertiary); }
 .aa-pill--no-dot::before { display: none; }
 
-.dark .aa-pill--ok   { color: #6BD9A4; }
-.dark .aa-pill--warn { color: #F0C76A; }
-.dark .aa-pill--err  { color: #F195B2; }
-.dark .aa-pill--info { color: #7BB6E2; }
+[data-mode="dark"] .aa-pill--ok   { color: #6BD9A4; }
+[data-mode="dark"] .aa-pill--warn { color: #F0C76A; }
+[data-mode="dark"] .aa-pill--err  { color: #F195B2; }
+[data-mode="dark"] .aa-pill--info { color: #7BB6E2; }
 
 /* =====================================================================
    TABLE
@@ -903,8 +903,8 @@ code, pre { font-family: var(--font-mono); }
 .aa-tab[aria-selected="true"], .aa-tab.is-active {
   color: var(--primary-600); border-color: var(--primary-600); font-weight: var(--fw-semibold);
 }
-.dark .aa-tab[aria-selected="true"],
-.dark .aa-tab.is-active { color: var(--purple-300); border-color: var(--purple-400); }
+[data-mode="dark"] .aa-tab[aria-selected="true"],
+[data-mode="dark"] .aa-tab.is-active { color: var(--purple-300); border-color: var(--purple-400); }
 
 .aa-segmented {
   display: inline-flex; padding: 3px;
@@ -947,10 +947,10 @@ code, pre { font-family: var(--font-mono); }
 .aa-alert--danger  .aa-alert__icon { color: var(--danger-600); }
 
 /* dark-mode alert text */
-.dark .aa-alert--info    { color: #9DC4E6; }
-.dark .aa-alert--success { color: #93D6B0; }
-.dark .aa-alert--warning { color: #EFCC74; }
-.dark .aa-alert--danger  { color: #F195B2; }
+[data-mode="dark"] .aa-alert--info    { color: #9DC4E6; }
+[data-mode="dark"] .aa-alert--success { color: #93D6B0; }
+[data-mode="dark"] .aa-alert--warning { color: #EFCC74; }
+[data-mode="dark"] .aa-alert--danger  { color: #F195B2; }
 
 /* =====================================================================
    AVATAR
@@ -972,7 +972,7 @@ code, pre { font-family: var(--font-mono); }
 .aa-avatar--sm { width: 28px; height: 28px; font-size: var(--text-3xs); }
 .aa-avatar--lg { width: 44px; height: 44px; font-size: var(--text-md); }
 .aa-avatar--xl { width: 64px; height: 64px; font-size: var(--text-lg); }
-.dark .aa-avatar { color: var(--purple-200); }
+[data-mode="dark"] .aa-avatar { color: var(--purple-200); }
 
 /* =====================================================================
    PROGRESS
@@ -1027,8 +1027,8 @@ code, pre { font-family: var(--font-mono); }
 .aa-kpi__delta--up   { color: var(--success-600); }
 .aa-kpi__delta--down { color: var(--danger-600); }
 .aa-kpi__delta--neutral { color: var(--text-tertiary); }
-.dark .aa-kpi__delta--up   { color: #6BD9A4; }
-.dark .aa-kpi__delta--down { color: #F195B2; }
+[data-mode="dark"] .aa-kpi__delta--up   { color: #6BD9A4; }
+[data-mode="dark"] .aa-kpi__delta--down { color: #F195B2; }
 .aa-kpi__meta {
   display: inline-flex; align-items: center; gap: 6px;
   font-size: var(--text-xs);
@@ -1092,7 +1092,7 @@ code, pre { font-family: var(--font-mono); }
   letter-spacing: 0.08em;
   margin-left: auto;
 }
-.dark .aa-sidebar__env { color: #93D6B0; }
+[data-mode="dark"] .aa-sidebar__env { color: #93D6B0; }
 
 .aa-sidebar__nav {
   flex: 1;
@@ -1131,7 +1131,7 @@ code, pre { font-family: var(--font-mono); }
   color: var(--primary-700);
   font-weight: var(--fw-semibold);
 }
-.dark .aa-nav-item.is-active { color: #C9A4D8; }
+[data-mode="dark"] .aa-nav-item.is-active { color: #C9A4D8; }
 .aa-nav-item svg { width: 16px; height: 16px; flex: none; stroke-width: 1.75; }
 .aa-nav-item__count {
   margin-left: auto;
@@ -1146,7 +1146,7 @@ code, pre { font-family: var(--font-mono); }
 }
 .aa-nav-item.is-active .aa-nav-item__count { background: var(--primary-100); color: var(--primary-700); }
 .aa-nav-item__count--alert { background: var(--danger-50); color: var(--danger-700); }
-.dark .aa-nav-item__count--alert { color: #F195B2; }
+[data-mode="dark"] .aa-nav-item__count--alert { color: #F195B2; }
 
 .aa-sidebar__user {
   padding: 12px;
@@ -1302,7 +1302,7 @@ code, pre { font-family: var(--font-mono); }
 }
 .aa-toolbar__filter:hover { border-color: var(--ink-300); }
 .aa-toolbar__filter.is-active { border-color: var(--primary-500); background: var(--primary-50); color: var(--primary-700); }
-.dark .aa-toolbar__filter.is-active { color: #C9A4D8; }
+[data-mode="dark"] .aa-toolbar__filter.is-active { color: #C9A4D8; }
 .aa-toolbar__filter svg { width: 12px; height: 12px; stroke: currentColor; fill: none; stroke-width: 2; }
 
 /* Service / category chip */
@@ -1656,8 +1656,8 @@ code, pre { font-family: var(--font-mono); }
 .dex-tc__cell--weak  { background: var(--danger-50);  color: var(--danger-700); }
 .dex-tc__cell--none  { background: var(--ink-100);    color: var(--text-muted); }
 .dex-tc__swatch { min-height: auto; width: 22px; height: 22px; border-radius: 4px; border: none; }
-.dark .dex-tc__cell--super { color: #6BD9A4; }
-.dark .dex-tc__cell--weak  { color: #F195B2; }
+[data-mode="dark"] .dex-tc__cell--super { color: #6BD9A4; }
+[data-mode="dark"] .dex-tc__cell--weak  { color: #F195B2; }
 
 /* not found */
 .dex-notfound { display: grid; place-items: center; padding: 80px 20px; text-align: center; }

package/example/pokedex/components/AddToTeamButton.tsx

@@ -8,7 +8,6 @@
 // The behavior is react-free: `signal`/`computed` from brustjs/store (the window
 // singleton on the client), `client` from brustjs/client (the treaty action
 // client — also react-free), and the shared teamStore. NO react imports.
-import type { ActionErrorBody } from 'brustjs'
 import { client } from 'brustjs/client'
 import { computed, signal } from 'brustjs/store'
 import type { Actions } from '../actions'
@@ -57,7 +56,7 @@ export const behavior = ({ props }: { props: AddToTeamProps }) => {
         if (data) {
           full.set(false)
           teamStore.members.set(data.team)
-        } else if ((error?.value as ActionErrorBody)?.code === 'TEAM_FULL') {
+        } else if (error?.value.code === 'TEAM_FULL') {
           full.set(true) // server rejected — team full; surface instead of silent no-op
         }
       }

package/example/pokedex/components/AppLayout.tsx

@@ -17,22 +17,25 @@
 import { BrustPage, Island, Outlet } from 'brustjs'
 import type { TeamMember } from '../lib/types'
 import TeamBuilder from './TeamBuilder'
+import ThemeToggle from './ThemeToggle'
 
 export default function AppLayout({
   title,
   active,
   crumb,
   teamProps,
+  mode,
 }: {
   title: string
   active: 'list' | 'typechart'
   crumb: string
   teamProps: { teamInitial: TeamMember[] }
+  mode: 'dark' | 'light'
 }) {
   return (
     <BrustPage
       lang="en"
-      className="dark"
+      data-mode={mode}
       title={title}
       head={[{ tag: 'link', rel: 'icon', href: '/favicon.svg' }]}
     >
@@ -87,6 +90,7 @@ export default function AppLayout({
               <span className="dex-crumb__sep">›</span>
               <b>{crumb}</b>
             </div>
+            <ThemeToggle native />
           </header>
 
           <div className="aa-content">

package/example/pokedex/components/ThemeToggle.tsx

@@ -0,0 +1,51 @@
+// NATIVE INTERACTIVE COMPONENT (B4 dogfood) — the dark/light theme toggle in
+// the topbar. Single-file native directive component: a co-located
+// `export const behavior` (client logic, react-free) + a JSX `default` export
+// (the native template the compiler lowers to minijinja). The build bundles
+// ONLY `behavior` into _directives.js, registered as "themeToggle" (camelCase
+// filename); the JSX default is tree-shaken out so react never leaks client-side.
+//
+// react-free: `signal`/`computed` from brustjs/store (the window singleton on
+// the client), `client` from brustjs/client (the treaty action client). The
+// toggle flips <html data-mode> immediately (no reload) AND persists via the
+// /theme action which sets the `mode` cookie — so SSR matches on the next load.
+import { client } from 'brustjs/client'
+import { computed, signal } from 'brustjs/store'
+import type { Actions } from '../actions'
+
+const api = client<Actions>()
+
+// behavior → client bundle, registered as "themeToggle". Reads the initial mode
+// straight off <html data-mode> (server already set it from the cookie).
+export const behavior = () => {
+  const mode = signal(
+    typeof document !== 'undefined' ? (document.documentElement.dataset.mode ?? 'dark') : 'dark',
+  )
+  const label = computed(() => (mode() === 'dark' ? '☀ Light' : '🌙 Dark'))
+
+  async function toggle() {
+    const next = mode() === 'dark' ? 'light' : 'dark'
+    document.documentElement.dataset.mode = next // flip the theme immediately
+    mode.set(next)
+    await api.theme.post({ mode: next }) // persist via cookie for the next SSR
+  }
+
+  return { toggle, label }
+}
+
+// default → jinja (server). The x-* directives are static string attributes the
+// native compiler passes straight through; the directive runtime binds them to
+// the behavior instance on the client.
+export default function ThemeToggle() {
+  return (
+    <button
+      type="button"
+      x-data="themeToggle"
+      x-text="label"
+      x-on-click="toggle"
+      className="aa-btn aa-btn--outline aa-btn--sm"
+    >
+      🌙 Dark
+    </button>
+  )
+}

package/example/pokedex/lib/loaders.ts

@@ -87,12 +87,17 @@ export async function listLoader({ req }: LoaderCtx): Promise<ListData> {
     active: 'list',
     crumb: 'All Pokémon',
     teamProps: { teamInitial: teamStore.list() },
+    mode: req.cookies.mode === 'light' ? 'light' : 'dark',
   }
 }
 
-export async function detailLoader({ params }: LoaderCtx): Promise<DetailData | NativeVerdict> {
+export async function detailLoader({
+  params,
+  req,
+}: LoaderCtx): Promise<DetailData | NativeVerdict> {
   const name = params?.name ?? ''
-  const empty = emptyDetail(name)
+  const mode = req.cookies.mode === 'light' ? 'light' : 'dark'
+  const empty = emptyDetail(name, mode)
 
   const p = await fetchPokemon(name)
   // GAP S9 (FIXED): native loaders can now `return notFound(data)` to render the
@@ -153,6 +158,7 @@ export async function detailLoader({ params }: LoaderCtx): Promise<DetailData |
     title: `${cap(p.name)} · PokéDex`,
     active: 'list',
     crumb: cap(p.name),
+    mode,
     name: p.name,
     id: p.id,
     displayName: cap(p.name),
@@ -186,13 +192,14 @@ export async function detailLoader({ params }: LoaderCtx): Promise<DetailData |
   }
 }
 
-function emptyDetail(name: string): DetailData {
+function emptyDetail(name: string, mode: 'dark' | 'light'): DetailData {
   return {
     notFound: true,
     // Chrome fields (ChromeData) read by AppLayout from the merged context.
     title: `${cap(name)} · PokéDex`,
     active: 'list',
     crumb: cap(name),
+    mode,
     name,
     id: 0,
     displayName: cap(name),
@@ -244,9 +251,9 @@ const SHORT: Record<string, string> = {
   fairy: 'FAI',
 }
 
-export async function typeChartLoader(): Promise<TypeChartData> {
-  // GAP S2: no loader-level batch/parallel helper or request-scoped cache — we
-  // fan out 18 fetches by hand with Promise.all (and there is no dedupe).
+export async function typeChartLoader({ req }: LoaderCtx): Promise<TypeChartData> {
+  // Fan out 18 distinct type fetches with Promise.all; each goes through
+  // cachedFetch (S2), so duplicate in-flight GETs within the request dedupe.
   const relations = await Promise.all(ALL_TYPES.map((t) => fetchTypeRelations(t)))
 
   // Build the 19×19 grid as nested rows (header row + one row per attacking
@@ -327,5 +334,6 @@ export async function typeChartLoader(): Promise<TypeChartData> {
     active: 'typechart',
     crumb: 'Type chart',
     teamProps: { teamInitial: teamStore.list() },
+    mode: req.cookies.mode === 'light' ? 'light' : 'dark',
   }
 }

package/example/pokedex/lib/pokeapi.ts

@@ -4,6 +4,8 @@
 // constraint). Their job is to fetch from PokeAPI and return fully render-ready
 // view-models so the native (jinja) page templates only interpolate fields.
 
+import { cachedFetch } from 'brustjs'
+
 export const API = 'https://pokeapi.co/api/v2'
 
 export const idFromUrl = (url: string): number => Number((url.match(/\/pokemon\/(\d+)\//) || [])[1])
@@ -79,7 +81,7 @@ export interface RawEvolutionStage {
 }
 
 export async function fetchList(offset: number, limit: number) {
-  const res = await fetch(`${API}/pokemon?limit=${limit}&offset=${offset}`)
+  const res = await cachedFetch(`${API}/pokemon?limit=${limit}&offset=${offset}`)
   if (!res.ok) throw new Error(`PokeAPI list ${res.status}`)
   const page = (await res.json()) as {
     count: number
@@ -92,7 +94,7 @@ export async function fetchList(offset: number, limit: number) {
 }
 
 export async function fetchPokemon(name: string): Promise<RawPokemon | null> {
-  const res = await fetch(`${API}/pokemon/${name}`)
+  const res = await cachedFetch(`${API}/pokemon/${name}`)
   if (!res.ok) return null
   const p = (await res.json()) as any
   return {
@@ -108,7 +110,7 @@ export async function fetchPokemon(name: string): Promise<RawPokemon | null> {
 }
 
 export async function fetchSpecies(id: number): Promise<RawSpecies> {
-  const res = await fetch(`${API}/pokemon-species/${id}`)
+  const res = await cachedFetch(`${API}/pokemon-species/${id}`)
   const s = (await res.json()) as any
   const flavor = s.flavor_text_entries?.find((e: any) => e.language.name === 'en')?.flavor_text as
     | string
@@ -124,7 +126,7 @@ export async function fetchSpecies(id: number): Promise<RawSpecies> {
  *  flattened to the first branch — noted as an open question in the design. */
 export async function fetchEvolution(url: string): Promise<RawEvolutionStage[]> {
   if (!url) return []
-  const res = await fetch(url)
+  const res = await cachedFetch(url)
   if (!res.ok) return []
   const data = (await res.json()) as any
   const stages: RawEvolutionStage[] = []
@@ -162,7 +164,7 @@ export const ALL_TYPES = [
 
 /** Fetch one type's damage relations → a map of defendingType → multiplier. */
 export async function fetchTypeRelations(type: string): Promise<Record<string, number>> {
-  const res = await fetch(`${API}/type/${type}`)
+  const res = await cachedFetch(`${API}/type/${type}`)
   if (!res.ok) return {}
   const d = (await res.json()) as any
   const rel = d.damage_relations

package/example/pokedex/lib/types.ts

@@ -18,6 +18,7 @@ export interface ChromeData {
   active: 'list' | 'typechart' // which sidebar nav item gets is-active (S11 conditional)
   crumb: string // topbar breadcrumb leaf label
   teamProps: { teamInitial: TeamMember[] } // floating team-dock island initial state
+  mode: 'dark' | 'light' // theme, read from the `mode` cookie → <html data-mode={mode}>
 }
 
 /** A single list cell — derived from the list endpoint alone (no detail fetch,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "brustjs",
-  "version": "0.1.24-alpha",
+  "version": "0.1.25-alpha",
   "description": "Bun + Rust SSR framework — React on the server, Rust everywhere else (napi cdylib + per-worker SharedArrayBuffer).",
   "license": "MIT",
   "repository": {
@@ -40,12 +40,12 @@
     "typescript": "^6.0.3"
   },
   "optionalDependencies": {
-    "brustjs-darwin-x64": "0.1.24-alpha",
-    "brustjs-darwin-arm64": "0.1.24-alpha",
-    "brustjs-linux-x64-gnu": "0.1.24-alpha",
-    "brustjs-linux-arm64-gnu": "0.1.24-alpha",
-    "brustjs-linux-x64-musl": "0.1.24-alpha",
-    "brustjs-linux-arm64-musl": "0.1.24-alpha"
+    "brustjs-darwin-x64": "0.1.25-alpha",
+    "brustjs-darwin-arm64": "0.1.25-alpha",
+    "brustjs-linux-x64-gnu": "0.1.25-alpha",
+    "brustjs-linux-arm64-gnu": "0.1.25-alpha",
+    "brustjs-linux-x64-musl": "0.1.25-alpha",
+    "brustjs-linux-arm64-musl": "0.1.25-alpha"
   },
   "peerDependencies": {
     "react": "^19.2.6",
@@ -98,6 +98,7 @@
     "lint": "biome lint .",
     "check": "biome check .",
     "check:fix": "biome check --write .",
-    "ci": "biome ci ."
+    "ci": "biome ci .",
+    "typecheck:treaty": "cd runtime && bunx tsc -p tsconfig.typecheck.json --noEmit"
   }
 }

package/runtime/cookies.ts

@@ -0,0 +1,61 @@
+import { __scope } from './request-context.ts'
+
+export interface CookieOptions {
+  maxAge?: number
+  expires?: Date
+  path?: string
+  domain?: string
+  secure?: boolean
+  httpOnly?: boolean
+  sameSite?: 'Strict' | 'Lax' | 'None'
+}
+
+// RFC 6265 cookie-name is a token: no control chars, whitespace, or separators.
+const COOKIE_NAME = /^[!#$%&'*+\-.^_`|~0-9A-Za-z]+$/
+
+/** Serialize a single Set-Cookie value. The value is URL-encoded; attributes
+ * are appended in a stable order. Mirrors the standard cookie attribute names.
+ *
+ * Hardening: the name is validated as an RFC 6265 token, and the final line is
+ * asserted CRLF-free — so a stray `\r\n` in a name/path/domain (which are NOT
+ * URL-encoded, unlike the value) can't smuggle an extra response header. */
+export function serializeCookie(name: string, value: string, opts: CookieOptions = {}): string {
+  if (!COOKIE_NAME.test(name)) {
+    throw new Error(`invalid cookie name ${JSON.stringify(name)} (must be an RFC 6265 token)`)
+  }
+  let out = `${name}=${encodeURIComponent(value)}`
+  if (opts.maxAge !== undefined) out += `; Max-Age=${opts.maxAge}`
+  if (opts.expires !== undefined) out += `; Expires=${opts.expires.toUTCString()}`
+  if (opts.path !== undefined) out += `; Path=${opts.path}`
+  if (opts.domain !== undefined) out += `; Domain=${opts.domain}`
+  if (opts.secure) out += '; Secure'
+  if (opts.httpOnly) out += '; HttpOnly'
+  if (opts.sameSite !== undefined) out += `; SameSite=${opts.sameSite}`
+  if (/[\r\n]/.test(out)) {
+    throw new Error('cookie contains CR/LF — refusing to emit (header-injection guard)')
+  }
+  return out
+}
+
+/** Per-request cookie helper. `get` reads the incoming request cookies; `set`
+ * and `delete` stage a Set-Cookie onto the active request scope, flushed onto
+ * the response by routes.ts. Outside a request scope, `set`/`delete` are no-ops
+ * (dev-warn under BRUST_DEV). */
+export const cookies = {
+  get(name: string): string | undefined {
+    return __scope()?.reqCookies[name]
+  },
+  set(name: string, value: string, opts?: CookieOptions): void {
+    const s = __scope()
+    if (!s) {
+      if (process.env.BRUST_DEV === '1') {
+        console.warn(`[brust] cookies.set('${name}') outside a request scope — no-op`)
+      }
+      return
+    }
+    s.setCookies.push(serializeCookie(name, value, opts))
+  },
+  delete(name: string, opts?: Pick<CookieOptions, 'path' | 'domain'>): void {
+    cookies.set(name, '', { ...opts, maxAge: 0 })
+  },
+}

package/runtime/define-actions.ts

@@ -46,6 +46,10 @@ export interface EndpointOptions {
   middleware?: Middleware[]
   /** Build-time MCP tool description (read by the manifest extractor). */
   description?: string
+  /** Declared domain errors, keyed by code. Each value is a StandardSchema for
+   * the error's `data` payload. TYPE-ONLY: flows into the treaty client's typed
+   * error union; the runtime ignores it (handlers throw `ActionError`). */
+  errors?: Record<string, StandardSchemaV1>
 }
 export interface EndpointDef {
   method: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE' | 'HEAD'
@@ -72,8 +76,19 @@ type QueryOf<O> = O extends { query: infer S }
     ? InferOutput<S>
     : unknown
   : Record<string, string>
+/** Discriminated error union derived from `opts.errors`. Each declared code maps
+ * to `{ code; message; data }` where `data` is the schema's inferred output. */
+type ErrorOf<O> = O extends { errors: infer E }
+  ? {
+      [K in keyof E & string]: {
+        code: K
+        message: string
+        data: E[K] extends StandardSchemaV1 ? InferOutput<E[K]> : unknown
+      }
+    }[keyof E & string]
+  : never
 
-export type EndpointEntry = { input: unknown; output: unknown }
+export type EndpointEntry = { input: unknown; output: unknown; error: unknown }
 export type EndpointMap = Record<string, Partial<Record<EndpointDef['method'], EndpointEntry>>>
 
 export function isValidEndpointPath(p: string): boolean {
@@ -88,32 +103,44 @@ export interface ActionsBuilder<Acc extends EndpointMap = {}> {
     path: P,
     handler: Handler<BodyOf<O>, Params<P>, QueryOf<O>, R>,
     opts?: O,
-  ): ActionsBuilder<Acc & { [K in P]: { GET: { input: QueryOf<O>; output: Awaited<R> } } }>
+  ): ActionsBuilder<
+    Acc & { [K in P]: { GET: { input: QueryOf<O>; output: Awaited<R>; error: ErrorOf<O> } } }
+  >
   post<P extends string, O extends EndpointOptions, R>(
     path: P,
     handler: Handler<BodyOf<O>, Params<P>, QueryOf<O>, R>,
     opts?: O,
-  ): ActionsBuilder<Acc & { [K in P]: { POST: { input: BodyOf<O>; output: Awaited<R> } } }>
+  ): ActionsBuilder<
+    Acc & { [K in P]: { POST: { input: BodyOf<O>; output: Awaited<R>; error: ErrorOf<O> } } }
+  >
   put<P extends string, O extends EndpointOptions, R>(
     path: P,
     handler: Handler<BodyOf<O>, Params<P>, QueryOf<O>, R>,
     opts?: O,
-  ): ActionsBuilder<Acc & { [K in P]: { PUT: { input: BodyOf<O>; output: Awaited<R> } } }>
+  ): ActionsBuilder<
+    Acc & { [K in P]: { PUT: { input: BodyOf<O>; output: Awaited<R>; error: ErrorOf<O> } } }
+  >
   patch<P extends string, O extends EndpointOptions, R>(
     path: P,
     handler: Handler<BodyOf<O>, Params<P>, QueryOf<O>, R>,
     opts?: O,
-  ): ActionsBuilder<Acc & { [K in P]: { PATCH: { input: BodyOf<O>; output: Awaited<R> } } }>
+  ): ActionsBuilder<
+    Acc & { [K in P]: { PATCH: { input: BodyOf<O>; output: Awaited<R>; error: ErrorOf<O> } } }
+  >
   delete<P extends string, O extends EndpointOptions, R>(
     path: P,
     handler: Handler<BodyOf<O>, Params<P>, QueryOf<O>, R>,
     opts?: O,
-  ): ActionsBuilder<Acc & { [K in P]: { DELETE: { input: BodyOf<O>; output: Awaited<R> } } }>
+  ): ActionsBuilder<
+    Acc & { [K in P]: { DELETE: { input: BodyOf<O>; output: Awaited<R>; error: ErrorOf<O> } } }
+  >
   head<P extends string, O extends EndpointOptions, R>(
     path: P,
     handler: Handler<BodyOf<O>, Params<P>, QueryOf<O>, R>,
     opts?: O,
-  ): ActionsBuilder<Acc & { [K in P]: { HEAD: { input: QueryOf<O>; output: Awaited<R> } } }>
+  ): ActionsBuilder<
+    Acc & { [K in P]: { HEAD: { input: QueryOf<O>; output: Awaited<R>; error: ErrorOf<O> } } }
+  >
 }
 
 export function defineActions(): ActionsBuilder {