cooper-stack 0.1.0

package/dist/ssr.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ssr.d.ts","sourceRoot":"","sources":["../src/ssr.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,UAAU;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/B,GAAG,CAAC,EAAE,GAAG,CAAC;IACV,IAAI,CAAC,EAAE,GAAG,CAAC;CACZ;AAED;;;;;;;;;GASG;AACH,wBAAgB,IAAI,CAAC,CAAC,GAAG,GAAG,EAC1B,MAAM,EAAE,CAAC,GAAG,EAAE,WAAW,KAAK,OAAO,CAAC,CAAC,CAAC,GACvC;IAAE,YAAY,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,OAAO,MAAM,CAAA;CAAE,CAEjD;AAED;;;;;;;;GAQG;AACH,wBAAgB,MAAM,CAAC,CAAC,GAAG,GAAG,EAC5B,MAAM,EAAE,CAAC,KAAK,EAAE;IAAE,QAAQ,EAAE,GAAG,CAAA;CAAE,KAAK,CAAC,GACtC;IAAE,YAAY,EAAE,QAAQ,CAAC;IAAC,MAAM,EAAE,OAAO,MAAM,CAAA;CAAE,CAEnD;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,CAAC,EAC1B,MAAM,EAAE,CAAC,GAAG,EAAE,WAAW,KAAK,OAAO,CAAC,CAAC,CAAC,GACvC;IAAE,YAAY,EAAE,QAAQ,CAAC;IAAC,MAAM,EAAE,OAAO,MAAM,CAAA;CAAE,CAEnD;AAED;;GAEG;AACH,wBAAgB,QAAQ,CAAC,MAAM,EAAE;IAAE,QAAQ,EAAE,GAAG,CAAC;IAAC,QAAQ,EAAE,GAAG,CAAA;CAAE,QAGhE"}

package/dist/ssr.js

@@ -0,0 +1,39 @@
+/**
+ * Define a server-rendered page.
+ *
+ * ```ts
+ * export default page(async ({ params }) => {
+ *   const { user } = await UsersService.getUser({ id: params.id });
+ *   return <div><h1>{user.name}</h1></div>;
+ * });
+ * ```
+ */
+export function page(render) {
+    return { _cooper_type: "page", render };
+}
+/**
+ * Define a layout that wraps pages.
+ *
+ * ```ts
+ * export default layout(({ children }) => (
+ *   <div><Nav /><main>{children}</main><Footer /></div>
+ * ));
+ * ```
+ */
+export function layout(render) {
+    return { _cooper_type: "layout", render };
+}
+/**
+ * Define a page data loader — runs on the server, data passed to the page.
+ */
+export function pageLoader(loader) {
+    return { _cooper_type: "loader", loader };
+}
+/**
+ * Suspense boundary for streaming SSR.
+ */
+export function Suspense(_props) {
+    // Handled by the SSR renderer — this is a marker component
+    return null;
+}
+//# sourceMappingURL=ssr.js.map

package/dist/ssr.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ssr.js","sourceRoot":"","sources":["../src/ssr.ts"],"names":[],"mappings":"AAWA;;;;;;;;;GASG;AACH,MAAM,UAAU,IAAI,CAClB,MAAwC;IAExC,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAC1C,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,MAAM,CACpB,MAAuC;IAEvC,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;AAC5C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CACxB,MAAwC;IAExC,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;AAC5C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,QAAQ,CAAC,MAAwC;IAC/D,2DAA2D;IAC3D,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/storage.d.ts

@@ -0,0 +1,28 @@
+export interface BucketConfig {
+    public?: boolean;
+}
+export interface BucketClient {
+    upload(key: string, data: Buffer | Uint8Array, opts?: {
+        contentType?: string;
+    }): Promise<void>;
+    download(key: string): Promise<Buffer>;
+    signedUrl(key: string, opts?: {
+        ttl?: string;
+    }): Promise<string>;
+    delete(key: string): Promise<void>;
+    list(prefix?: string): Promise<{
+        key: string;
+        size: number;
+        lastModified: Date;
+    }[]>;
+}
+/**
+ * Declare an object storage bucket.
+ *
+ * ```ts
+ * export const avatars = bucket("avatars", { public: true });
+ * await avatars.upload("user-123/avatar.png", buffer, { contentType: "image/png" });
+ * ```
+ */
+export declare function bucket(name: string, config?: BucketConfig): BucketClient;
+//# sourceMappingURL=storage.d.ts.map

package/dist/storage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"storage.d.ts","sourceRoot":"","sources":["../src/storage.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,YAAY;IAC3B,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,YAAY;IAC3B,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,UAAU,EAAE,IAAI,CAAC,EAAE;QAAE,WAAW,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/F,QAAQ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACvC,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QAAE,GAAG,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACjE,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACnC,IAAI,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,IAAI,CAAA;KAAE,EAAE,CAAC,CAAC;CACrF;AAED;;;;;;;GAOG;AACH,wBAAgB,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,YAAY,GAAG,YAAY,CA0DxE"}

package/dist/storage.js

@@ -0,0 +1,61 @@
+/**
+ * Declare an object storage bucket.
+ *
+ * ```ts
+ * export const avatars = bucket("avatars", { public: true });
+ * await avatars.upload("user-123/avatar.png", buffer, { contentType: "image/png" });
+ * ```
+ */
+export function bucket(name, config) {
+    const fs = require("node:fs");
+    const path = require("node:path");
+    // Local storage directory — in production this maps to S3/GCS/Azure Blob
+    const localDir = path.join(process.env.COOPER_STORAGE_DIR ?? ".cooper/storage", name);
+    return {
+        async upload(key, data, opts) {
+            const fullPath = path.join(localDir, key);
+            fs.mkdirSync(path.dirname(fullPath), { recursive: true });
+            fs.writeFileSync(fullPath, data);
+        },
+        async download(key) {
+            const fullPath = path.join(localDir, key);
+            return fs.readFileSync(fullPath);
+        },
+        async signedUrl(key, opts) {
+            // In local dev, return a direct file path
+            // In production, generate a presigned S3/GCS URL
+            return `http://localhost:9400/storage/${name}/${key}`;
+        },
+        async delete(key) {
+            const fullPath = path.join(localDir, key);
+            if (fs.existsSync(fullPath))
+                fs.unlinkSync(fullPath);
+        },
+        async list(prefix) {
+            const dir = prefix ? path.join(localDir, prefix) : localDir;
+            if (!fs.existsSync(dir))
+                return [];
+            const entries = [];
+            const walk = (d, rel) => {
+                for (const entry of fs.readdirSync(d, { withFileTypes: true })) {
+                    const fullPath = path.join(d, entry.name);
+                    const relPath = rel ? `${rel}/${entry.name}` : entry.name;
+                    if (entry.isDirectory()) {
+                        walk(fullPath, relPath);
+                    }
+                    else {
+                        const stat = fs.statSync(fullPath);
+                        entries.push({
+                            key: relPath,
+                            size: stat.size,
+                            lastModified: stat.mtime,
+                        });
+                    }
+                }
+            };
+            walk(dir, "");
+            return entries;
+        },
+    };
+}
+//# sourceMappingURL=storage.js.map

package/dist/storage.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"storage.js","sourceRoot":"","sources":["../src/storage.ts"],"names":[],"mappings":"AAYA;;;;;;;GAOG;AACH,MAAM,UAAU,MAAM,CAAC,IAAY,EAAE,MAAqB;IACxD,MAAM,EAAE,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IAC9B,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAElC,yEAAyE;IACzE,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CACxB,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,iBAAiB,EACnD,IAAI,CACL,CAAC;IAEF,OAAO;QACL,KAAK,CAAC,MAAM,CAAC,GAAW,EAAE,IAAyB,EAAE,IAA+B;YAClF,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YAC1C,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC1D,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QACnC,CAAC;QAED,KAAK,CAAC,QAAQ,CAAC,GAAW;YACxB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YAC1C,OAAO,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;QACnC,CAAC;QAED,KAAK,CAAC,SAAS,CAAC,GAAW,EAAE,IAAuB;YAClD,0CAA0C;YAC1C,iDAAiD;YACjD,OAAO,iCAAiC,IAAI,IAAI,GAAG,EAAE,CAAC;QACxD,CAAC;QAED,KAAK,CAAC,MAAM,CAAC,GAAW;YACtB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YAC1C,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;gBAAE,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QACvD,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,MAAe;YACxB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;YAC5D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC;gBAAE,OAAO,EAAE,CAAC;YAEnC,MAAM,OAAO,GAAwD,EAAE,CAAC;YACxE,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,GAAW,EAAE,EAAE;gBACtC,KAAK,MAAM,KAAK,IAAI,EAAE,CAAC,WAAW,CAAC,CAAC,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;oBAC/D,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;oBAC1C,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC;oBAC1D,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;wBACxB,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;oBAC1B,CAAC;yBAAM,CAAC;wBACN,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;wBACnC,OAAO,CAAC,IAAI,CAAC;4BACX,GAAG,EAAE,OAAO;4BACZ,IAAI,EAAE,IAAI,CAAC,IAAI;4BACf,YAAY,EAAE,IAAI,CAAC,KAAK;yBACzB,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC,CAAC;YACF,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACd,OAAO,OAAO,CAAC;QACjB,CAAC;KACF,CAAC;AACJ,CAAC"}

package/package.json

@@ -0,0 +1,40 @@
+{
+  "name": "cooper-stack",
+  "version": "0.1.0",
+  "description": "The backend framework for TypeScript",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": "./dist/index.js",
+    "./api": "./dist/api.js",
+    "./db": "./dist/db.js",
+    "./middleware": "./dist/middleware.js",
+    "./auth": "./dist/auth.js",
+    "./pubsub": "./dist/pubsub.js",
+    "./cron": "./dist/cron.js",
+    "./cache": "./dist/cache.js",
+    "./storage": "./dist/storage.js",
+    "./secrets": "./dist/secrets.js",
+    "./queue": "./dist/queue.js",
+    "./ssr": "./dist/ssr.js",
+    "./islands": "./dist/islands.js",
+    "./ai": "./dist/ai.js",
+    "./rateLimit": "./dist/rateLimit.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch"
+  },
+  "dependencies": {
+    "pg": "^8.13.0",
+    "mysql2": "^3.11.0",
+    "ioredis": "^5.4.0",
+    "nats": "^2.29.0"
+  },
+  "devDependencies": {
+    "typescript": "^5.7.0",
+    "@types/node": "^22.0.0",
+    "@types/pg": "^8.11.0"
+  }
+}

package/src/ai.ts

@@ -0,0 +1,99 @@
+export interface VectorStoreConfig {
+  dimensions: number;
+  similarity?: "cosine" | "euclidean" | "dot";
+}
+
+export interface VectorStoreClient {
+  upsert(id: string, vector: number[], metadata?: Record<string, any>): Promise<void>;
+  search(vector: number[], opts?: { topK?: number; filter?: Record<string, any> }): Promise<{ id: string; score: number; metadata?: any }[]>;
+  delete(id: string): Promise<void>;
+}
+
+export interface LLMGatewayConfig {
+  primary: { provider: string; model: string };
+  fallback?: { provider: string; model: string };
+  budget?: { dailyLimit: string };
+}
+
+export interface LLMGatewayClient {
+  chat(messages: { role: string; content: string }[]): Promise<string>;
+  embed(text: string): Promise<number[]>;
+}
+
+/**
+ * Declare a vector store.
+ *
+ * ```ts
+ * export const embeddings = vectorStore("product-embeddings", {
+ *   dimensions: 1536,
+ *   similarity: "cosine",
+ * });
+ * ```
+ */
+export function vectorStore(name: string, config: VectorStoreConfig): VectorStoreClient {
+  // Local dev: pgvector extension on embedded Postgres
+  // Production: Pinecone, Weaviate, or pgvector on managed Postgres
+  const store = new Map<string, { vector: number[]; metadata?: any }>();
+
+  const cosineSimilarity = (a: number[], b: number[]): number => {
+    let dot = 0, magA = 0, magB = 0;
+    for (let i = 0; i < a.length; i++) {
+      dot += a[i] * b[i];
+      magA += a[i] * a[i];
+      magB += b[i] * b[i];
+    }
+    return dot / (Math.sqrt(magA) * Math.sqrt(magB));
+  };
+
+  return {
+    async upsert(id, vector, metadata) {
+      store.set(id, { vector, metadata });
+    },
+
+    async search(vector, opts) {
+      const topK = opts?.topK ?? 10;
+      const results: { id: string; score: number; metadata?: any }[] = [];
+
+      for (const [id, entry] of store) {
+        const score = cosineSimilarity(vector, entry.vector);
+        results.push({ id, score, metadata: entry.metadata });
+      }
+
+      results.sort((a, b) => b.score - a.score);
+      return results.slice(0, topK);
+    },
+
+    async delete(id) {
+      store.delete(id);
+    },
+  };
+}
+
+/**
+ * Declare an LLM gateway with cost tracking and fallbacks.
+ *
+ * ```ts
+ * export const llm = llmGateway({
+ *   primary: { provider: "openai", model: "gpt-4o" },
+ *   fallback: { provider: "anthropic", model: "claude-sonnet-4-20250514" },
+ *   budget: { dailyLimit: "$50" },
+ * });
+ * ```
+ */
+export function llmGateway(config: LLMGatewayConfig): LLMGatewayClient {
+  return {
+    async chat(messages) {
+      // Route to the configured provider
+      // Track cost, apply rate limits, handle fallback
+      throw new Error(
+        `LLM gateway not yet connected. Configure API keys via: cooper secrets set ${config.primary.provider}-api-key --env local`
+      );
+    },
+
+    async embed(text) {
+      throw new Error(
+        `LLM gateway not yet connected. Configure API keys via: cooper secrets set ${config.primary.provider}-api-key --env local`
+      );
+    },
+  };
+}

package/src/api.ts

@@ -0,0 +1,56 @@
+import { registry, type MiddlewareFn } from "./registry.js";
+import { CooperError } from "./error.js";
+
+export interface ApiConfig {
+  method?: "GET" | "POST" | "PUT" | "PATCH" | "DELETE";
+  path: string;
+  auth?: boolean;
+  stream?: "sse" | "websocket";
+  validate?: any; // Zod schema
+  middleware?: MiddlewareFn[];
+}
+
+/**
+ * Define an API endpoint.
+ *
+ * ```ts
+ * export const getUser = api(
+ *   { method: "GET", path: "/users/:id", auth: true },
+ *   async ({ id }, principal) => {
+ *     const user = await db.queryRow("SELECT * FROM users WHERE id = $1", [id]);
+ *     if (!user) throw new CooperError("NOT_FOUND", "User not found");
+ *     return { user };
+ *   }
+ * );
+ * ```
+ */
+export function api<TInput = any, TOutput = any>(
+  config: ApiConfig,
+  handler: (input: TInput, principal?: any) => Promise<TOutput>
+): { _cooper_type: "api"; config: ApiConfig; handler: typeof handler } {
+  const method = config.method ?? "GET";
+  const key = `${method}:${config.path}`;
+
+  const descriptor = {
+    _cooper_type: "api" as const,
+    config,
+    handler,
+  };
+
+  // Register for the bridge to find at runtime
+  registry.registerRoute(key, {
+    method,
+    path: config.path,
+    auth: config.auth ?? false,
+    stream: config.stream,
+    validate: config.validate,
+    middleware: config.middleware ?? [],
+    handler,
+    exportName: "", // filled in by bridge during module scan
+    sourceFile: "",
+  });
+
+  return descriptor;
+}
+
+export { CooperError };

package/src/auth.ts

@@ -0,0 +1,16 @@
+import { registry, type AuthHandlerFn } from "./registry.js";
+
+/**
+ * Register an auth handler that verifies tokens and returns a principal.
+ *
+ * ```ts
+ * export const auth = authHandler(async (token) => {
+ *   const payload = await verifyJWT(token);
+ *   return { userId: payload.sub, role: payload.role };
+ * });
+ * ```
+ */
+export function authHandler(handler: AuthHandlerFn) {
+  registry.setAuthHandler(handler);
+  return handler;
+}

package/src/bridge.ts

@@ -0,0 +1,267 @@
+#!/usr/bin/env node
+/**
+ * Cooper JS Worker Bridge
+ *
+ * Spawned by the Rust runtime as a subprocess. Communicates via
+ * JSON-RPC over stdin/stdout. Loads user TypeScript modules and
+ * executes handler functions on demand.
+ *
+ * Protocol:
+ *   → { "id": 1, "method": "call", "params": { "source": "services/users/api.ts", "export": "getUser", "input": {...}, "auth": {...} } }
+ *   ← { "id": 1, "result": {...} }
+ *   ← { "id": 1, "error": { "code": "NOT_FOUND", "message": "User not found" } }
+ */
+
+import { registry } from "./registry.js";
+import { CooperError } from "./error.js";
+import { createRequire } from "node:module";
+import { createInterface } from "node:readline";
+import path from "node:path";
+import { pathToFileURL } from "node:url";
+
+const projectRoot = process.env.COOPER_PROJECT_ROOT ?? process.cwd();
+
+// Module cache — avoid re-importing on every request
+const moduleCache = new Map<string, any>();
+
+async function loadModule(sourcePath: string): Promise<any> {
+  if (moduleCache.has(sourcePath)) return moduleCache.get(sourcePath)!;
+
+  const fullPath = path.resolve(projectRoot, sourcePath);
+  const fileUrl = pathToFileURL(fullPath).href;
+
+  try {
+    const mod = await import(fileUrl);
+    moduleCache.set(sourcePath, mod);
+    return mod;
+  } catch (err: any) {
+    throw new Error(`Failed to load module "${sourcePath}": ${err.message}`);
+  }
+}
+
+interface RPCRequest {
+  id: number;
+  method: string;
+  params: any;
+}
+
+interface RPCResponse {
+  id: number;
+  result?: any;
+  error?: { code: string; message: string; statusCode?: number };
+}
+
+async function handleCall(params: {
+  source: string;
+  export: string;
+  input: any;
+  auth?: any;
+  headers?: Record<string, string>;
+}): Promise<any> {
+  const mod = await loadModule(params.source);
+  const exported = mod[params.export];
+
+  if (!exported) {
+    throw new CooperError("NOT_FOUND", `Export "${params.export}" not found in ${params.source}`);
+  }
+
+  // Get the handler function
+  let handler: Function;
+  let routeConfig: any = null;
+
+  if (exported._cooper_type === "api") {
+    handler = exported.handler;
+    routeConfig = exported.config;
+  } else if (typeof exported === "function") {
+    handler = exported;
+  } else {
+    throw new CooperError("INTERNAL", `Export "${params.export}" is not callable`);
+  }
+
+  // Validation — run Zod schema if present.
+  // Use passthrough() to preserve path params that aren't in the schema.
+  let validatedInput = params.input;
+  if (routeConfig?.validate) {
+    const schema = routeConfig.validate;
+    const lenient = typeof schema.passthrough === "function" ? schema.passthrough() : schema;
+    const result = lenient.safeParse(params.input);
+    if (!result.success) {
+      throw new CooperError(
+        "VALIDATION_FAILED",
+        result.error.issues.map((i: any) => `${i.path.join(".")}: ${i.message}`).join("; ")
+      );
+    }
+    validatedInput = result.data;
+  }
+
+  // Auth — verify token and inject principal
+  let principal: any = undefined;
+  if (routeConfig?.auth) {
+    if (!params.auth?.token) {
+      throw new CooperError("UNAUTHORIZED", "Authentication required");
+    }
+    if (registry.authHandler) {
+      principal = await registry.authHandler(params.auth.token);
+    } else {
+      throw new CooperError("INTERNAL", "No auth handler registered");
+    }
+  }
+
+  // Middleware chain
+  const middlewares = [
+    ...registry.globalMiddleware,
+    ...(routeConfig?.middleware ?? []),
+  ];
+
+  const req = {
+    ...validatedInput,
+    headers: params.headers ?? {},
+    ip: params.headers?.["x-forwarded-for"] ?? "127.0.0.1",
+    method: routeConfig?.method ?? "GET",
+    path: routeConfig?.path ?? "/",
+  };
+
+  // Build the middleware chain
+  let idx = 0;
+  const runMiddleware = async (currentReq: any): Promise<any> => {
+    if (idx < middlewares.length) {
+      const mw = middlewares[idx++];
+      return mw(currentReq, runMiddleware);
+    }
+    // End of chain — call the actual handler
+    if (routeConfig?.auth) {
+      return handler(validatedInput, principal);
+    }
+    return handler(validatedInput);
+  };
+
+  return runMiddleware(req);
+}
+
+async function handleCron(params: { source: string; export: string }): Promise<any> {
+  const mod = await loadModule(params.source);
+  const exported = mod[params.export];
+
+  if (!exported) {
+    throw new CooperError("NOT_FOUND", `Cron "${params.export}" not found in ${params.source}`);
+  }
+
+  if (exported._cooper_type === "cron") {
+    // The cron was registered via the SDK, find it in the registry
+    const cronEntry = registry.crons.get(exported.name);
+    if (cronEntry) {
+      await cronEntry.handler();
+      return { ok: true };
+    }
+  }
+
+  throw new CooperError("INTERNAL", `Cannot execute cron "${params.export}"`);
+}
+
+async function handlePubSub(params: {
+  topic: string;
+  subscriber: string;
+  data: any;
+}): Promise<any> {
+  const topicEntry = registry.topics.get(params.topic);
+  if (!topicEntry) {
+    throw new CooperError("NOT_FOUND", `Topic "${params.topic}" not registered`);
+  }
+
+  const sub = topicEntry.subscribers.get(params.subscriber);
+  if (!sub) {
+    throw new CooperError("NOT_FOUND", `Subscriber "${params.subscriber}" not found on topic "${params.topic}"`);
+  }
+
+  await sub.handler(params.data);
+  return { ok: true };
+}
+
+async function handleRequest(req: RPCRequest): Promise<RPCResponse> {
+  try {
+    let result: any;
+
+    switch (req.method) {
+      case "call":
+        result = await handleCall(req.params);
+        break;
+      case "cron":
+        result = await handleCron(req.params);
+        break;
+      case "pubsub":
+        result = await handlePubSub(req.params);
+        break;
+      case "ping":
+        result = { pong: true, pid: process.pid };
+        break;
+      case "invalidate":
+        // Clear module cache for hot reload
+        moduleCache.clear();
+        result = { ok: true };
+        break;
+      default:
+        throw new CooperError("INVALID_ARGUMENT", `Unknown method: ${req.method}`);
+    }
+
+    return { id: req.id, result };
+  } catch (err: any) {
+    if (err instanceof CooperError) {
+      return {
+        id: req.id,
+        error: { code: err.code, message: err.message, statusCode: err.statusCode },
+      };
+    }
+    return {
+      id: req.id,
+      error: { code: "INTERNAL", message: err.message ?? "Unknown error", statusCode: 500 },
+    };
+  }
+}
+
+// Main loop — read JSON lines from stdin, write responses to stdout
+const rl = createInterface({ input: process.stdin });
+
+rl.on("line", async (line) => {
+  if (!line.trim()) return;
+
+  try {
+    const req: RPCRequest = JSON.parse(line);
+    const res = await handleRequest(req);
+    process.stdout.write(JSON.stringify(res) + "\n");
+  } catch (err: any) {
+    process.stdout.write(
+      JSON.stringify({ id: 0, error: { code: "INTERNAL", message: `Bridge parse error: ${err.message}` } }) + "\n"
+    );
+  }
+});
+
+// Preload auth handlers and middleware — these register via side effects
+async function preloadSideEffects() {
+  const fs = await import("node:fs");
+  const servicesDir = path.join(projectRoot, "services");
+  if (!fs.existsSync(servicesDir)) return;
+
+  const scanDir = (dir: string) => {
+    for (const entry of fs.readdirSync(dir, { withFileTypes: true })) {
+      const fullPath = path.join(dir, entry.name);
+      if (entry.isDirectory()) {
+        scanDir(fullPath);
+      } else if (entry.name.endsWith(".ts") || entry.name.endsWith(".js")) {
+        try {
+          const content = fs.readFileSync(fullPath, "utf-8");
+          if (content.includes("authHandler") || content.includes("middleware(")) {
+            const relative = path.relative(projectRoot, fullPath);
+            loadModule(relative).catch(() => {});
+          }
+        } catch {}
+      }
+    }
+  };
+
+  scanDir(servicesDir);
+}
+
+await preloadSideEffects();
+
+// Signal ready
+process.stdout.write(JSON.stringify({ id: 0, result: { ready: true, pid: process.pid } }) + "\n");