fastscript 0.1.0 → 1.0.0

package/app/api/auth.js

@@ -1,10 +0,0 @@
-export async function POST(ctx) {
-  const user = { id: "u_1", name: "Dev" };
-  ctx.auth.login(user);
-  return ctx.helpers.json({ ok: true, user });
-}
-
-export async function DELETE(ctx) {
-  ctx.auth.logout();
-  return ctx.helpers.json({ ok: true });
-}

package/app/api/hello.js

@@ -1,3 +0,0 @@
-export async function GET() {
-  return { status: 200, json: { ok: true, message: "Hello from FastScript API" } };
-}

package/app/api/upload.js

@@ -1,9 +0,0 @@
-export const schemas = {
-  POST: { key: "string", content: "string" }
-};
-
-export async function POST(ctx) {
-  const body = await ctx.input.validateBody(schemas.POST);
-  const put = ctx.storage.put(body.key, Buffer.from(body.content, "utf8"));
-  return ctx.helpers.json({ ok: true, ...put, url: ctx.storage.url(body.key) });
-}

package/app/api/webhook.js

@@ -1,10 +0,0 @@
-import { verifyWebhookRequest } from "../../src/webhook.mjs";
-
-export async function POST(ctx) {
-  const result = await verifyWebhookRequest(ctx.req, {
-    secret: process.env.WEBHOOK_SECRET || "dev-secret",
-    replayDir: ".fastscript"
-  });
-  if (!result.ok) return ctx.helpers.json({ ok: false, reason: result.reason }, 401);
-  return ctx.helpers.json({ ok: true });
-}

package/app/db/migrations/001_init.js

@@ -1,6 +0,0 @@
-export async function up(db) {
-  const users = db.collection("users");
-  if (!users.get("u_1")) {
-    users.set("u_1", { id: "u_1", name: "Dev" });
-  }
-}

package/app/db/seed.js

@@ -1,5 +0,0 @@
-export async function seed(db) {
-  db.transaction((tx) => {
-    tx.collection("posts").set("hello", { id: "hello", title: "First Post", published: true });
-  });
-}

package/app/env.schema.js

@@ -1,6 +0,0 @@
-export const schema = {
-  SESSION_SECRET: "string?",
-  DATABASE_URL: "string?",
-  REDIS_URL: "string?",
-  NODE_ENV: "string?",
-};

package/app/middleware.fs

@@ -1,7 +0,0 @@
-export async function middleware(ctx, next) {
-  const protectedRoute = ctx.pathname.startsWith("/private");
-  if (protectedRoute && !ctx.user) {
-    return ctx.helpers.redirect("/");
-  }
-  return next();
-}

package/app/pages/404.fs

@@ -1,3 +0,0 @@
-export default function NotFound() {
-  return `<section><h1>404</h1><p>Page not found.</p></section>`;
-}

package/app/pages/_layout.fs

@@ -1,17 +0,0 @@
-export default function Layout({ content, pathname, user }) {
-  return `
-    <header class="nav">
-      <a href="/">FastScript</a>
-      <nav>
-        <a href="/">Home</a>
-        <a href="/docs">Docs</a>
-        <a href="/benchmarks">Benchmarks</a>
-        <a href="/showcase">Showcase</a>
-        <a href="/private">Private</a>
-      </nav>
-      <small>${user ? "Signed in" : "Guest"}</small>
-    </header>
-    <main class="page">${content}</main>
-    <footer class="footer">Built with FastScript • JS-first • .fs-native</footer>
-  `;
-}

package/app/pages/benchmarks.fs

@@ -1,15 +0,0 @@
-export default function Benchmarks() {
-  return `
-    <section>
-      <p class="eyebrow">Benchmarks</p>
-      <h1>Real budgets for 3G-first apps</h1>
-      <div class="grid">
-        <article><h3>JS first load</h3><p><strong>1.43KB</strong> gzip (budget 30KB)</p></article>
-        <article><h3>CSS first load</h3><p><strong>0.38KB</strong> gzip (budget 10KB)</p></article>
-        <article><h3>Build speed</h3><p>Sub-second warm build target</p></article>
-        <article><h3>Quality</h3><p>validate + smoke + tests</p></article>
-      </div>
-      <p>Report generated by <code>npm run bench:report</code>.</p>
-    </section>
-  `;
-}

package/app/pages/docs/index.fs

@@ -1,16 +0,0 @@
-export default function DocsIndex() {
-  return `
-    <section>
-      <p class="eyebrow">Docs</p>
-      <h1>FastScript Documentation</h1>
-      <ul>
-        <li><code>pages/</code> for file-based routing</li>
-        <li><code>api/</code> for server endpoints</li>
-        <li><code>middleware.fs</code> for guards/security</li>
-        <li><code>db/</code> for migrations and seeds</li>
-        <li><code>jobs/</code> for worker handlers</li>
-      </ul>
-      <p>Quality gate: <code>npm run qa:all</code></p>
-    </section>
-  `;
-}

package/app/pages/index.fs

@@ -1,22 +0,0 @@
-export default function Home() {
-  return `
-    <section class="hero">
-      <p class="eyebrow">FastScript v0.1</p>
-      <h1>Full-stack speed with readable .fs syntax.</h1>
-      <p>SSR, API routes, auth, DB, jobs, storage, and deploy adapters in one stack.</p>
-      <div class="hero-links">
-        <a href="/docs">Read docs</a>
-        <a href="/benchmarks">See benchmarks</a>
-        <a href="/showcase">View showcase</a>
-      </div>
-    </section>
-  `;
-}
-
-export function hydrate({ root }) {
-  for (const a of root.querySelectorAll('.hero-links a')) {
-    a.style.transition = 'opacity .2s ease';
-    a.addEventListener('mouseenter', () => (a.style.opacity = '0.8'));
-    a.addEventListener('mouseleave', () => (a.style.opacity = '1'));
-  }
-}

package/app/pages/private.fs

@@ -1,12 +0,0 @@
-export default function PrivatePage({ user }) {
-  return `<section><h1>Private</h1><p>Hello ${user?.name ?? "anonymous"}</p></section>`;
-}
-
-export async function GET(ctx) {
-  try {
-    const user = ctx.auth.requireUser();
-    return ctx.helpers.json({ ok: true, user });
-  } catch {
-    return ctx.helpers.redirect("/");
-  }
-}

package/app/pages/showcase.fs

@@ -1,14 +0,0 @@
-export default function Showcase() {
-  return `
-    <section>
-      <p class="eyebrow">Showcase</p>
-      <h1>What you can build with FastScript</h1>
-      <div class="grid">
-        <article><h3>Starter app</h3><p>SSR + hydration + actions.</p></article>
-        <article><h3>Commerce API</h3><p>Orders endpoint + queue job email.</p></article>
-        <article><h3>Secure webhook</h3><p>Signature verify + replay protection.</p></article>
-        <article><h3>Portable exports</h3><p>.fs -> .js/.ts with one command.</p></article>
-      </div>
-    </section>
-  `;
-}

package/app/styles.css

@@ -1,14 +0,0 @@
-:root { color-scheme: dark; }
-* { box-sizing: border-box; }
-body { margin: 0; font: 16px/1.7 ui-sans-serif, system-ui; background: #050505; color: #fff; }
-.nav { display: flex; justify-content: space-between; align-items: center; gap: 12px; padding: 14px 24px; border-bottom: 1px solid #1f1f1f; position: sticky; top: 0; background: rgba(5,5,5,.9); backdrop-filter: blur(6px); }
-.nav nav a { color: #d3d3ff; text-decoration: none; margin-right: 12px; }
-.page { max-width: 1080px; margin: 0 auto; padding: 44px 24px; }
-.hero h1, h1 { font-size: clamp(2rem, 5vw, 3.6rem); line-height: 1.07; margin: 0 0 12px; }
-.eyebrow { color: #9f92ff; font-size: 12px; text-transform: uppercase; letter-spacing: .12em; }
-.hero-links { display: flex; gap: 12px; margin-top: 16px; }
-.hero-links a { color: #fff; border: 1px solid #353535; padding: 8px 12px; border-radius: 10px; text-decoration: none; }
-.grid { display: grid; grid-template-columns: repeat(2, minmax(0,1fr)); gap: 14px; }
-.grid article { border: 1px solid #202020; border-radius: 12px; padding: 14px; background: #090909; }
-.footer { border-top: 1px solid #1f1f1f; padding: 24px; color: #8a8a8a; }
-@media (max-width: 800px) { .grid { grid-template-columns: 1fr; } .nav { flex-wrap: wrap; } }

package/docs/AI_CONTEXT_PACK_V1.md

@@ -1,25 +0,0 @@
-# FastScript AI Context Pack v1
-
-## Core Contracts
-- `.fs` primary, `.js` compatible.
-- Route pages live in `app/pages`.
-- API routes live in `app/api`.
-- Optional `app/middleware.fs` for global middleware.
-- Optional `load(ctx)` and HTTP methods (`GET/POST/PUT/PATCH/DELETE`).
-
-## Validation
-- Use `ctx.input.validateBody(schema)` and `ctx.input.validateQuery(schema)`.
-- Use `schemas` export in route modules to auto-enforce request shape.
-
-## Runtime
-- SSR + hydration (`export function hydrate({ root })`).
-- Queue available via `ctx.queue`.
-- DB available via `ctx.db`.
-- Auth available via `ctx.auth`.
-
-## Quality Gates
-- `npm run validate`
-- `npm run test:core`
-- `npm run smoke:dev`
-- `npm run smoke:start`
-- `npm run qa:all`

package/docs/DEPLOY_GUIDE.md

@@ -1,14 +0,0 @@
-# FastScript Deploy Guide
-
-## Node/PM2
-- `npm run build`
-- `npm run deploy:node`
-- `pm2 start ecosystem.config.cjs`
-
-## Vercel
-- `npm run deploy:vercel`
-- import project in Vercel
-
-## Cloudflare
-- `npm run deploy:cloudflare`
-- `wrangler deploy`

package/docs/INCIDENT_PLAYBOOK.md

@@ -1,18 +0,0 @@
-# FastScript Incident Playbook
-
-## Rollback
-1. Keep previous `dist/` artifact.
-2. Stop current process.
-3. Start previous artifact with `fastscript start`.
-
-## Session Key Rotation
-1. Set new `SESSION_SECRET`.
-2. Restart app.
-3. Existing sessions are invalidated.
-
-## Backup
-- Back up `.fastscript/` database and job files every hour.
-
-## Verification
-- Run `npm run smoke:start`.
-- Check logs for `request_error` and high 5xx rate.

package/docs/INTEROP_RULES.md

@@ -1,7 +0,0 @@
-# FastScript Interop Rules
-
-1. Prefer ESM imports.
-2. CJS is supported via esbuild bundling.
-3. `.fs` can import `.js/.mjs/.cjs/.json`.
-4. `importAny()` handles default-only modules.
-5. Use `resolveExport(mod, ["named", "default"])` for unknown module shapes.

package/docs/PLUGIN_API_CONTRACT.md

@@ -1,22 +0,0 @@
-# FastScript Plugin API Contract
-
-## Hook Surface
-- `middleware(ctx, next)`
-- `onBuildStart(ctx)`
-- `onBuildEnd(ctx)`
-- `onRequestStart(ctx)`
-- `onRequestEnd(ctx)`
-
-## Plugin Shape
-```js
-export default {
-  name: "my-plugin",
-  setup(api) {
-    api.hooks.middleware(async (ctx, next) => next());
-  }
-}
-```
-
-## Stability
-- Contract version: `1`.
-- Breaking changes require major version bump.

package/ecosystem.config.cjs

@@ -1 +0,0 @@
-module.exports = { apps: [{ name: "fastscript-app", script: "node", args: "./src/cli.mjs start", env: { NODE_ENV: "production", PORT: 4173 } }] };

package/examples/fullstack/README.md

@@ -1,10 +0,0 @@
-# FastScript Fullstack Example
-
-Features:
-- SSR pages + hydrate
-- API actions with schema validation
-- Middleware route guards
-- Session auth
-- DB migration + seed
-- Queue + worker
-- Webhook signature verification helper

package/examples/fullstack/app/api/orders.js

@@ -1,8 +0,0 @@
-export const schemas = { POST: { sku: "string", qty: "int" } };
-export async function POST(ctx) {
-  const body = await ctx.input.validateBody(schemas.POST);
-  const order = { id: Date.now().toString(36), ...body };
-  ctx.db.collection("orders").set(order.id, order);
-  ctx.queue.enqueue("send-order-email", { orderId: order.id });
-  return ctx.helpers.json({ ok: true, order });
-}

package/examples/fullstack/app/db/migrations/001_init.js

@@ -1,3 +0,0 @@
-export async function up(db) {
-  db.collection("orders");
-}

package/examples/fullstack/app/db/seed.js

@@ -1,3 +0,0 @@
-export async function seed(db) {
-  db.collection("orders").set("demo", { id: "demo", sku: "starter", qty: 1 });
-}

package/examples/fullstack/app/jobs/send-order-email.js

@@ -1,4 +0,0 @@
-export const name = "send-order-email";
-export async function handle(payload) {
-  console.log("email job", payload.orderId);
-}

package/examples/fullstack/app/pages/_layout.fs

@@ -1 +0,0 @@
-export default function Layout({ content }) { return `<main>${content}</main>`; }

package/examples/fullstack/app/pages/index.fs

@@ -1,3 +0,0 @@
-export default function Home() {
-  return `<section><h1>FastScript Fullstack</h1><p>Production-style starter.</p></section>`;
-}

package/examples/startup-mvp/README.md

@@ -1,8 +0,0 @@
-# Startup MVP (FastScript)
-
-- Product catalog page
-- Cart + checkout APIs
-- Queue-backed receipt job
-- Dashboard orders page
-
-Use this folder as your startup baseline.

package/examples/startup-mvp/app/api/cart.js

@@ -1,9 +0,0 @@
-export const schemas = { POST: { productId: "string", qty: "int" } };
-
-export async function POST(ctx) {
-  const body = await ctx.input.validateBody(schemas.POST);
-  const cart = ctx.db.collection("carts");
-  const id = `c_${Date.now()}`;
-  cart.set(id, { id, ...body });
-  return ctx.helpers.json({ ok: true, id });
-}

package/examples/startup-mvp/app/api/checkout.js

@@ -1,8 +0,0 @@
-export async function POST(ctx) {
-  const items = ctx.db.collection("carts").all();
-  const total = items.reduce((s, i) => s + i.qty * 10, 0);
-  const id = `o_${Date.now()}`;
-  ctx.db.collection("orders").set(id, { id, total, status: "paid" });
-  ctx.queue.enqueue("send-receipt", { orderId: id });
-  return ctx.helpers.json({ ok: true, orderId: id, total });
-}

package/examples/startup-mvp/app/db/migrations/001_products.js

@@ -1,6 +0,0 @@
-export async function up(db) {
-  const products = db.collection("products");
-  if (!products.get("p1")) products.set("p1", { id: "p1", name: "Starter Plan", price: 19 });
-  if (!products.get("p2")) products.set("p2", { id: "p2", name: "Growth Plan", price: 49 });
-  if (!products.get("p3")) products.set("p3", { id: "p3", name: "Scale Plan", price: 99 });
-}

package/examples/startup-mvp/app/jobs/send-receipt.js

@@ -1,4 +0,0 @@
-export const name = "send-receipt";
-export async function handle(payload) {
-  console.log("send receipt", payload.orderId);
-}

package/examples/startup-mvp/app/pages/_layout.fs

@@ -1,3 +0,0 @@
-export default function Layout({ content }) {
-  return `<main style="max-width:1100px;margin:0 auto;padding:24px;font-family:ui-sans-serif,system-ui">${content}</main>`;
-}

package/examples/startup-mvp/app/pages/dashboard/index.fs

@@ -1,9 +0,0 @@
-export async function load(ctx) {
-  const orders = ctx.db.collection("orders").all();
-  return { orders };
-}
-
-export default function Dashboard({ orders }) {
-  const rows = (orders || []).map((o) => `<li>${o.id} • ${o.total} • ${o.status}</li>`).join("");
-  return `<section><h1>Dashboard</h1><ul>${rows}</ul></section>`;
-}

package/examples/startup-mvp/app/pages/index.fs

@@ -1,18 +0,0 @@
-export async function load(ctx) {
-  const products = ctx.db.collection("products").all();
-  return { products };
-}
-
-export default function Home({ products }) {
-  const cards = (products || []).map((p) => `<article style="border:1px solid #ddd;padding:12px;border-radius:10px"><h3>${p.name}</h3><p>$${p.price}</p><button data-add="${p.id}">Add to cart</button></article>`).join("");
-  return `<section><h1>Startup MVP Store</h1><div style="display:grid;grid-template-columns:repeat(3,minmax(0,1fr));gap:12px">${cards}</div><p><a href="/dashboard">Dashboard</a></p></section>`;
-}
-
-export function hydrate({ root }) {
-  for (const b of root.querySelectorAll('[data-add]')) {
-    b.addEventListener('click', async () => {
-      await fetch('/api/cart', { method:'POST', headers:{'content-type':'application/json'}, body: JSON.stringify({ productId: b.getAttribute('data-add'), qty: 1 })});
-      alert('Added to cart');
-    });
-  }
-}

package/scripts/bench-report.mjs

@@ -1,36 +0,0 @@
-import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
-import { join, resolve } from "node:path";
-import { gzipSync } from "node:zlib";
-import { performance } from "node:perf_hooks";
-import { runBuild } from "../src/build.mjs";
-
-function gzipSize(path) {
-  if (!existsSync(path)) return 0;
-  return gzipSync(readFileSync(path), { level: 9 }).byteLength;
-}
-
-function kb(n) {
-  return (n / 1024).toFixed(2);
-}
-
-const t0 = performance.now();
-await runBuild();
-const t1 = performance.now();
-
-const dist = resolve('dist');
-const manifest = JSON.parse(readFileSync(join(dist, 'fastscript-manifest.json'), 'utf8'));
-const jsAssets = [join(dist, 'router.js')];
-if (manifest.layout) jsAssets.push(join(dist, manifest.layout.replace(/^\.\//, '')));
-const home = manifest.routes.find((r) => r.path === '/');
-if (home?.module) jsAssets.push(join(dist, home.module.replace(/^\.\//, '')));
-const cssAssets = [join(dist, 'styles.css')];
-
-const js = jsAssets.reduce((s, p) => s + gzipSize(p), 0);
-const css = cssAssets.reduce((s, p) => s + gzipSize(p), 0);
-
-const md = `# FastScript Benchmark Report\n\n- Build time: ${(t1 - t0).toFixed(2)}ms\n- Routes: ${manifest.routes.length}\n- API routes: ${manifest.apiRoutes?.length ?? 0}\n- JS first-load gzip: ${kb(js)}KB\n- CSS first-load gzip: ${kb(css)}KB\n\n## Budgets\n- JS budget (30KB): ${js <= 30 * 1024 ? 'PASS' : 'FAIL'}\n- CSS budget (10KB): ${css <= 10 * 1024 ? 'PASS' : 'FAIL'}\n`;
-
-const outDir = resolve('benchmarks');
-mkdirSync(outDir, { recursive: true });
-writeFileSync(join(outDir, 'latest-report.md'), md, 'utf8');
-console.log('bench report written: benchmarks/latest-report.md');

package/scripts/release.mjs

@@ -1,21 +0,0 @@
-import { readFileSync, writeFileSync, existsSync } from "node:fs";
-
-const pkgPath = "package.json";
-const changelogPath = "CHANGELOG.md";
-
-const level = process.argv[2] || "patch";
-const pkg = JSON.parse(readFileSync(pkgPath, "utf8"));
-const [maj, min, pat] = pkg.version.split(".").map(Number);
-let next = [maj, min, pat];
-if (level === "major") next = [maj + 1, 0, 0];
-else if (level === "minor") next = [maj, min + 1, 0];
-else next = [maj, min, pat + 1];
-
-pkg.version = next.join(".");
-writeFileSync(pkgPath, JSON.stringify(pkg, null, 2) + "\n", "utf8");
-
-const entry = `## v${pkg.version} - ${new Date().toISOString().slice(0, 10)}\n- release prep\n\n`;
-const prev = existsSync(changelogPath) ? readFileSync(changelogPath, "utf8") : "# Changelog\n\n";
-writeFileSync(changelogPath, prev + entry, "utf8");
-
-console.log(`version bumped to ${pkg.version}`);

package/scripts/smoke-dev.mjs

@@ -1,78 +0,0 @@
-import { spawn } from "node:child_process";
-import { setTimeout as sleep } from "node:timers/promises";
-
-async function waitFor(url, ms = 20000) {
-  const start = Date.now();
-  let lastErr = null;
-  while (Date.now() - start < ms) {
-    try {
-      const r = await fetch(url);
-      if (r.status >= 200 && r.status < 600) return r;
-    } catch (e) {
-      lastErr = e;
-    }
-    await sleep(300);
-  }
-  throw new Error(`Timeout waiting for ${url}${lastErr ? `: ${lastErr.message}` : ""}`);
-}
-
-const proc = spawn(process.execPath, ["./src/cli.mjs", "dev"], {
-  cwd: process.cwd(),
-  stdio: ["ignore", "pipe", "pipe"],
-  env: { ...process.env },
-});
-
-let output = "";
-proc.stdout.on("data", (d) => (output += d.toString()));
-proc.stderr.on("data", (d) => (output += d.toString()));
-
-try {
-  await waitFor("http://localhost:4173/");
-
-  const home = await fetch("http://localhost:4173/");
-  if (home.status !== 200) throw new Error(`Home status ${home.status}`);
-  const html = await home.text();
-  if (!html.includes("FastScript")) throw new Error("Home SSR did not include FastScript text");
-
-  const api = await fetch("http://localhost:4173/api/hello");
-  if (api.status !== 200) throw new Error(`API status ${api.status}`);
-  const apiJson = await api.json();
-  if (!apiJson.ok) throw new Error("API JSON did not return ok=true");
-
-  const privateRes = await fetch("http://localhost:4173/private", { redirect: "manual" });
-  if (!(privateRes.status === 302 || privateRes.status === 307)) {
-    throw new Error(`Expected redirect on /private, got ${privateRes.status}`);
-  }
-
-  const login = await fetch("http://localhost:4173/api/auth", {
-    method: "POST",
-    headers: { "content-type": "application/json" },
-    body: JSON.stringify({}),
-    redirect: "manual",
-  });
-  if (login.status !== 200) throw new Error(`Auth login failed: ${login.status}`);
-  const setCookie = login.headers.get("set-cookie");
-  if (!setCookie || !setCookie.includes("fs_session=")) throw new Error("Missing fs_session cookie on login");
-
-  const bad = await fetch("http://localhost:4173/api/auth", {
-    method: "POST",
-    headers: { "content-type": "application/json", accept: "application/json" },
-    body: "{bad",
-  });
-  if (bad.status !== 400) throw new Error(`Expected 400 on invalid JSON, got ${bad.status}`);
-
-  const upload = await fetch("http://localhost:4173/api/upload", {
-    method: "POST",
-    headers: { "content-type": "application/json", accept: "application/json" },
-    body: JSON.stringify({ key: "smoke/one.txt", content: "hello" }),
-  });
-  if (upload.status !== 200) throw new Error(`Upload failed: ${upload.status}`);
-  const up = await upload.json();
-  const blob = await fetch(`http://localhost:4173${up.url}`);
-  if (blob.status !== 200) throw new Error(`Uploaded blob fetch failed: ${blob.status}`);
-
-  console.log("smoke-dev pass: SSR, API, middleware redirect, auth cookie, validation, upload");
-} finally {
-  proc.kill("SIGTERM");
-  await sleep(400);
-}

package/scripts/smoke-start.mjs

@@ -1,41 +0,0 @@
-import { spawn } from "node:child_process";
-import { setTimeout as sleep } from "node:timers/promises";
-
-async function waitFor(url, ms = 20000) {
-  const start = Date.now();
-  while (Date.now() - start < ms) {
-    try {
-      const r = await fetch(url);
-      if (r.status >= 200) return;
-    } catch {}
-    await sleep(300);
-  }
-  throw new Error(`Timeout waiting for ${url}`);
-}
-
-const build = spawn(process.execPath, ["./src/cli.mjs", "build"], { cwd: process.cwd(), stdio: "inherit" });
-await new Promise((resolve, reject) => {
-  build.on("exit", (code) => (code === 0 ? resolve() : reject(new Error(`build failed: ${code}`))));
-});
-
-const proc = spawn(process.execPath, ["./src/cli.mjs", "start"], {
-  cwd: process.cwd(),
-  stdio: ["ignore", "pipe", "pipe"],
-  env: { ...process.env, PORT: "4173", NODE_ENV: "production" },
-});
-
-try {
-  await waitFor("http://localhost:4173/");
-  const home = await fetch("http://localhost:4173/");
-  if (home.status !== 200) throw new Error(`start home status ${home.status}`);
-  const reqId = home.headers.get("x-request-id");
-  if (!reqId) throw new Error("missing x-request-id header");
-
-  const api = await fetch("http://localhost:4173/api/hello", { headers: { accept: "application/json" } });
-  if (api.status !== 200) throw new Error(`start api status ${api.status}`);
-
-  console.log("smoke-start pass: production adapter serving SSR/API with request IDs");
-} finally {
-  proc.kill("SIGTERM");
-  await sleep(300);
-}

package/scripts/test-auth.mjs

@@ -1,26 +0,0 @@
-import assert from "node:assert/strict";
-import { rmSync } from "node:fs";
-import { resolve } from "node:path";
-import { createSessionManager, parseCookies, serializeCookie } from "../src/auth.mjs";
-
-const dir = resolve('.tmp-auth-tests');
-rmSync(dir, { recursive: true, force: true });
-
-const sm = createSessionManager({ dir, cookieName: 't' });
-const token = sm.create({ id: 'u1' }, 60);
-assert.ok(token.split('.').length === 3);
-assert.equal(sm.read(token).user.id, 'u1');
-
-const rotated = sm.rotate(token, 60);
-assert.ok(rotated);
-assert.equal(sm.read(token), null);
-assert.equal(sm.read(rotated).user.id, 'u1');
-
-sm.delete(rotated);
-assert.equal(sm.read(rotated), null);
-
-const c = serializeCookie('a', 'b', { path: '/', maxAge: 10, httpOnly: true });
-assert.ok(c.includes('a=b'));
-assert.equal(parseCookies('a=b; x=y').x, 'y');
-
-console.log('test-auth pass');