gorsee 0.2.3 → 0.2.5

package/dist-pkg/dev/request-handler.js

@@ -0,0 +1,67 @@
+import { log } from "../log/index.js";
+import {
+  createClientScriptPath
+} from "../server/page-render.js";
+import { handleRouteRequest } from "../server/route-request.js";
+import {
+  renderRouteErrorBoundaryResponse,
+  renderRoutePageResponse,
+  renderRoutePartialResponse
+} from "../server/route-response.js";
+async function renderPageRoute(opts) {
+  const { match, request, nonce, start, clientBuild, ctx, resolved } = opts, clientScript = createClientScriptPath(clientBuild.entryMap.get(match.route.path)), response = await renderRoutePageResponse({
+    match,
+    ctx,
+    resolved,
+    clientScript,
+    nonce,
+    secHeaders: opts.secHeaders,
+    wrapHTML: opts.wrapHTML
+  }), elapsed = (performance.now() - start).toFixed(1);
+  log.info("request", {
+    method: request.method,
+    path: match.route.path,
+    status: response.status,
+    ms: elapsed,
+    mode: resolved.renderMode === "stream" ? "stream" : "async"
+  });
+  return response;
+}
+async function renderPartialRoute(opts) {
+  const { match, clientBuild, ctx, resolved } = opts, clientScript = createClientScriptPath(clientBuild.entryMap.get(match.route.path));
+  return renderRoutePartialResponse({
+    match,
+    ctx,
+    resolved,
+    clientScript,
+    secHeaders: opts.secHeaders
+  });
+}
+export async function handlePageRequest(opts) {
+  const { match, request } = opts;
+  return handleRouteRequest({
+    match,
+    request,
+    trace: opts.trace,
+    trustedOrigin: opts.trustedOrigin,
+    trustForwardedHeaders: opts.trustForwardedHeaders,
+    securityPolicy: opts.securityPolicy,
+    onPartialRequest: async ({ ctx, resolved }) => renderPartialRoute({ ...opts, ctx, resolved }),
+    onPageRequest: async ({ ctx, resolved }) => renderPageRoute({ ...opts, ctx, resolved }),
+    onRouteError: async (err) => {
+      if (match.route.errorPath) {
+        const errObj = err instanceof Error ? err : Error(String(err));
+        return renderErrorBoundary(match.route.errorPath, errObj, opts);
+      }
+      throw err;
+    }
+  });
+}
+async function renderErrorBoundary(errorPath, error, opts) {
+  return renderRouteErrorBoundaryResponse(errorPath, error, {
+    match: opts.match,
+    nonce: opts.nonce,
+    secHeaders: opts.secHeaders,
+    wrapHTML: opts.wrapHTML
+  });
+}

package/dist-pkg/dev/watcher.d.ts

@@ -0,0 +1,6 @@
+export interface WatcherOptions {
+    dirs: string[];
+    onChange: (path: string) => void;
+    debounceMs?: number;
+}
+export declare function startWatcher(options: WatcherOptions): () => void;

package/dist-pkg/dev/watcher.js

@@ -0,0 +1,34 @@
+import { watch } from "node:fs";
+import { join } from "node:path";
+import { log } from "../log/index.js";
+export function startWatcher(options) {
+  const { dirs, onChange, debounceMs = 100 } = options, watchers = [];
+  let timer = null, pendingPath = "";
+  function handle(filename, dir) {
+    if (!filename)
+      return;
+    if (!filename.match(/\.(tsx?|jsx?|css)$/))
+      return;
+    pendingPath = join(dir, filename);
+    if (timer)
+      clearTimeout(timer);
+    timer = setTimeout(() => {
+      log.info("file changed", { file: pendingPath });
+      onChange(pendingPath);
+      timer = null;
+    }, debounceMs);
+  }
+  for (const dir of dirs)
+    try {
+      const w = watch(dir, { recursive: !0 }, (_event, filename) => {
+        handle(filename, dir);
+      });
+      watchers.push(w);
+    } catch {}
+  return () => {
+    for (const w of watchers)
+      w.close();
+    if (timer)
+      clearTimeout(timer);
+  };
+}

package/dist-pkg/dev.d.ts

@@ -0,0 +1,11 @@
+import { type RuntimeOptions } from "./runtime/project.js";
+import type { MiddlewareFn } from "./server/middleware.js";
+import { type AIObservabilityConfig } from "./ai/index.js";
+interface StartDevServerOptions extends RuntimeOptions {
+    port?: number;
+    rpcMiddlewares?: MiddlewareFn[];
+    ai?: AIObservabilityConfig;
+}
+export declare function startDevServer(options?: StartDevServerOptions): Promise<Bun.Server<undefined>>;
+export declare function isAllowedHMROrigin(request: Request, trustedOrigin?: string): boolean;
+export {};

package/dist-pkg/dev.js

@@ -0,0 +1,268 @@
+import { createRouter, matchRoute, buildStaticMap } from "./router/index.js";
+import { __resetRPCState } from "./server/rpc.js";
+import { securityHeaders } from "./security/headers.js";
+import { createRateLimiter } from "./security/rate-limit.js";
+import { EVENT_REPLAY_SCRIPT } from "./runtime/event-replay.js";
+import { log, setLogLevel } from "./log/index.js";
+import { buildClientBundles } from "./build/client.js";
+import { HMR_CLIENT_SCRIPT, addHMRClient, createHMRUpdate, removeHMRClient, notifyHMRUpdate } from "./dev/hmr.js";
+import { startWatcher } from "./dev/watcher.js";
+import { renderErrorOverlay } from "./dev/error-overlay.js";
+import { handlePageRequest } from "./dev/request-handler.js";
+import { loadEnv } from "./env/index.js";
+import { generateNonce, wrapHTML } from "./server/html-shell.js";
+import { renderNotFoundPage } from "./server/not-found.js";
+import { createRateLimitResponse, handleRPCWithHeaders } from "./server/request-preflight.js";
+import { createRequestSecurityPolicy, validateRequestSecurityPolicy } from "./server/request-security-policy.js";
+import { dispatchRuntimeRequestPlan } from "./server/runtime-dispatch.js";
+import { createRuntimeRequestPlan } from "./server/request-surface.js";
+import { servePrefixedStaticFile, serveStaticFile } from "./server/static-file.js";
+import { resolveRequestExecutionPolicy, resolveRequestMetadata } from "./server/request-policy.js";
+import { join } from "node:path";
+import { createProjectContext, resolveRuntimeEnv } from "./runtime/project.js";
+import {
+  loadAppConfig,
+  resolveAIConfig,
+  resolveRPCMiddlewares,
+  resolveTrustedHosts,
+  resolveTrustedForwardedHops,
+  resolveTrustedOrigin,
+  resolveTrustForwardedHeaders
+} from "./runtime/app-config.js";
+import {
+  configureAIObservability,
+  createTraceIds,
+  emitAIEvent
+} from "./ai/index.js";
+async function tryServeStatic(publicDir, pathname) {
+  if (pathname === "/")
+    return null;
+  return serveStaticFile(publicDir, pathname.slice(1));
+}
+async function tryServeClientBundle(clientDir, pathname) {
+  return servePrefixedStaticFile(pathname, "/_gorsee/", clientDir, {
+    contentType: "application/javascript"
+  });
+}
+async function render404Page(routesDir, nonce) {
+  return renderNotFoundPage(routesDir, nonce, {
+    bodyPrefix: [EVENT_REPLAY_SCRIPT.replace("<script", `<script nonce="${nonce}"`)],
+    bodySuffix: [HMR_CLIENT_SCRIPT.replace("<script", `<script nonce="${nonce}"`)]
+  });
+}
+function createDevHTMLWrapper(body, nonce, options) {
+  const eventReplay = EVENT_REPLAY_SCRIPT.replace("<script", `<script nonce="${nonce}"`), hmrScript = HMR_CLIENT_SCRIPT.replace("<script", `<script nonce="${nonce}"`);
+  return wrapHTML(body, nonce, {
+    ...options,
+    bodyPrefix: [...options?.bodyPrefix ?? [], eventReplay],
+    bodySuffix: [...options?.bodySuffix ?? [], hmrScript]
+  });
+}
+async function createDevRuntimeState(cwd) {
+  const { paths } = createProjectContext({ cwd });
+  return {
+    cwd,
+    routesDir: paths.routesDir,
+    publicDir: paths.publicDir,
+    clientDir: join(paths.gorseeDir, "client"),
+    rateLimiter: createRateLimiter(200, "1m"),
+    routes: [],
+    staticMap: new Map,
+    clientBuild: { entryMap: new Map }
+  };
+}
+async function rebuildClient(state, buildState) {
+  if (buildState.inProgress) {
+    buildState.queued = !0;
+    return;
+  }
+  buildState.inProgress = !0;
+  try {
+    __resetRPCState();
+    state.routes = await createRouter(state.routesDir);
+    state.staticMap = buildStaticMap(state.routes);
+    state.clientBuild = await buildClientBundles(state.routes, state.cwd);
+    log.info("client build complete", { routes: state.clientBuild.entryMap.size });
+  } catch (err) {
+    log.error("client build failed", { error: String(err) });
+  } finally {
+    buildState.inProgress = !1;
+    if (buildState.queued) {
+      buildState.queued = !1;
+      await rebuildClient(state, buildState);
+    }
+  }
+}
+export async function startDevServer(options = {}) {
+  const runtime = createProjectContext(options), cwd = runtime.cwd, state = await createDevRuntimeState(cwd), buildState = { inProgress: !1, queued: !1 };
+  await loadEnv(cwd);
+  const appConfig = await loadAppConfig(cwd), rpcMiddlewares = resolveRPCMiddlewares(appConfig, options.rpcMiddlewares), trustForwardedHeaders = resolveTrustForwardedHeaders(appConfig), trustedForwardedHops = resolveTrustedForwardedHops(appConfig);
+  configureAIObservability(resolveAIConfig(cwd, appConfig, options.ai));
+  const envConfig = resolveRuntimeEnv(process.env), port = options.port ?? envConfig.port, trustedOrigin = resolveTrustedOrigin(appConfig, process.env) ?? `http://localhost:${port}`, requestSecurityPolicy = createRequestSecurityPolicy({
+    trustedOrigin,
+    trustForwardedHeaders,
+    trustedForwardedHops,
+    trustedHosts: resolveTrustedHosts(appConfig)
+  });
+  setLogLevel(envConfig.logLevel);
+  log.info("scanning routes", { dir: state.routesDir });
+  state.routes = await createRouter(state.routesDir);
+  state.staticMap = buildStaticMap(state.routes);
+  for (const route of state.routes)
+    log.info("route registered", { path: route.path, file: route.filePath });
+  await rebuildClient(state, buildState);
+  startWatcher({
+    dirs: [state.routesDir, runtime.paths.sharedDir, runtime.paths.middlewareDir],
+    onChange: async (changedPath) => {
+      await rebuildClient(state, buildState);
+      notifyHMRUpdate(createHMRUpdate({
+        changedPath,
+        routesDir: state.routesDir,
+        sharedDir: runtime.paths.sharedDir,
+        middlewareDir: runtime.paths.middlewareDir,
+        routes: state.routes,
+        clientBuild: state.clientBuild
+      }));
+    }
+  });
+  const server = Bun.serve({
+    port,
+    async fetch(request, server) {
+      const pathname = new URL(request.url).pathname, trace = createTraceIds(), startTs = performance.now();
+      await emitAIEvent({
+        kind: "request.start",
+        severity: "info",
+        source: "dev",
+        message: "incoming dev request",
+        requestId: trace.requestId,
+        traceId: trace.traceId,
+        spanId: trace.spanId,
+        data: { method: request.method, pathname }
+      });
+      const ip = server.requestIP(request)?.address ?? "unknown", rateLimitResponse = await createRateLimitResponse(state.rateLimiter, ip);
+      if (rateLimitResponse)
+        return rateLimitResponse;
+      const start = performance.now(), nonce = generateNonce(), secHeaders = securityHeaders({}, nonce), match = matchRoute(state.routes, pathname, state.staticMap), requestPlan = createRuntimeRequestPlan({
+        pathname,
+        hasRouteMatch: Boolean(match),
+        allowHMR: !0
+      });
+      if (requestPlan[0] === "hmr") {
+        const hmrPolicy = resolveRequestExecutionPolicy("rpc"), hmrMetadata = resolveRequestMetadata(request, {
+          trustedOrigin: requestSecurityPolicy.trustedOrigin,
+          trustForwardedHeaders: requestSecurityPolicy.trustForwardedHeaders,
+          kind: "rpc",
+          visibility: "internal"
+        }), violation = validateRequestSecurityPolicy(hmrMetadata, hmrPolicy, requestSecurityPolicy);
+        if (violation)
+          return violation;
+        if (server.upgrade(request))
+          return new Response(null, { status: 101 });
+        return new Response("WebSocket upgrade failed", { status: 400 });
+      }
+      const dispatch = await dispatchRuntimeRequestPlan({
+        plan: requestPlan.filter((surface) => surface !== "hmr"),
+        pathname,
+        request,
+        trace,
+        startTs,
+        source: "dev",
+        route: match?.route.path,
+        handlers: {
+          rpc: async () => handleRPCWithHeaders(request, secHeaders, {
+            middlewares: rpcMiddlewares,
+            securityPolicy: requestSecurityPolicy
+          }),
+          bundle: async () => tryServeClientBundle(state.clientDir, pathname),
+          static: async () => tryServeStatic(state.publicDir, pathname),
+          route: async () => {
+            if (!match)
+              return null;
+            await emitAIEvent({
+              kind: "route.match",
+              severity: "info",
+              source: "dev",
+              message: "route matched",
+              requestId: trace.requestId,
+              traceId: trace.traceId,
+              spanId: trace.spanId,
+              route: match.route.path,
+              data: { pathname, file: match.route.filePath }
+            });
+            try {
+              return await handlePageRequest({
+                match,
+                request,
+                nonce,
+                start,
+                trace,
+                trustedOrigin,
+                clientBuild: state.clientBuild,
+                secHeaders,
+                wrapHTML: createDevHTMLWrapper,
+                trustForwardedHeaders,
+                securityPolicy: requestSecurityPolicy
+              });
+            } catch (err) {
+              const errObj = err instanceof Error ? err : Error(String(err));
+              log.error("request error", { path: pathname, error: errObj.message });
+              await emitAIEvent({
+                kind: "request.error",
+                severity: "error",
+                source: "dev",
+                message: errObj.message,
+                requestId: trace.requestId,
+                traceId: trace.traceId,
+                spanId: trace.spanId,
+                route: match.route.path,
+                durationMs: Number((performance.now() - startTs).toFixed(2)),
+                data: { method: request.method, pathname, error: errObj.message }
+              });
+              return new Response(renderErrorOverlay(errObj, nonce), {
+                status: 500,
+                headers: { "Content-Type": "text/html", ...secHeaders }
+              });
+            }
+          },
+          "not-found": async () => {
+            if (match)
+              return null;
+            const notFoundHtml = await render404Page(state.routesDir, nonce);
+            return new Response(notFoundHtml, {
+              status: 404,
+              headers: { "Content-Type": "text/html", ...secHeaders }
+            });
+          }
+        }
+      });
+      if (dispatch)
+        return dispatch.response;
+      throw Error(`Unhandled request plan for ${pathname}`);
+    },
+    websocket: {
+      open(ws) {
+        addHMRClient(ws);
+      },
+      close(ws) {
+        removeHMRClient(ws);
+      },
+      message() {}
+    }
+  });
+  log.info("dev server started", { url: `http://localhost:${server.port}` });
+  return server;
+}
+export function isAllowedHMROrigin(request, trustedOrigin) {
+  const securityPolicy = createRequestSecurityPolicy({ trustedOrigin }), metadata = resolveRequestMetadata(request, {
+    trustedOrigin: securityPolicy.trustedOrigin,
+    kind: "rpc",
+    visibility: "internal",
+    trustForwardedHeaders: securityPolicy.trustForwardedHeaders
+  });
+  return validateRequestSecurityPolicy(metadata, resolveRequestExecutionPolicy("rpc"), securityPolicy) === null;
+}
+if (import.meta.main)
+  startDevServer().catch((err) => {
+    console.error("Failed to start dev server:", err);
+    process.exit(1);
+  });

package/dist-pkg/env/index.d.ts

@@ -0,0 +1,3 @@
+export declare function loadEnv(cwd: string): Promise<void>;
+export declare function getPublicEnv(): Record<string, string>;
+export declare function env(key: string, defaultValue?: string): string;

package/dist-pkg/env/index.js

@@ -0,0 +1,57 @@
+import { readFile } from "node:fs/promises";
+import { join } from "node:path";
+function parseEnvFile(content) {
+  const result = {};
+  for (const line of content.split(`
+`)) {
+    const trimmed = line.trim();
+    if (!trimmed || trimmed.startsWith("#"))
+      continue;
+    const eqIndex = trimmed.indexOf("=");
+    if (eqIndex < 0)
+      continue;
+    const key = trimmed.slice(0, eqIndex).trim();
+    let value = trimmed.slice(eqIndex + 1).trim();
+    if (value.startsWith('"') && value.endsWith('"') || value.startsWith("'") && value.endsWith("'"))
+      value = value.slice(1, -1);
+    result[key] = value;
+  }
+  return result;
+}
+async function loadFile(path) {
+  try {
+    const content = await readFile(path, "utf-8");
+    return parseEnvFile(content);
+  } catch {
+    return {};
+  }
+}
+export async function loadEnv(cwd) {
+  const mode = "development", files = [
+    join(cwd, ".env"),
+    join(cwd, `.env.${mode}`),
+    join(cwd, ".env.local")
+  ];
+  for (const file of files) {
+    const vars = await loadFile(file);
+    for (const [key, value] of Object.entries(vars))
+      if (process.env[key] === void 0)
+        process.env[key] = value;
+  }
+}
+export function getPublicEnv() {
+  const result = {};
+  for (const [key, value] of Object.entries(process.env))
+    if (key.startsWith("PUBLIC_") && value !== void 0)
+      result[key] = value;
+  return result;
+}
+export function env(key, defaultValue) {
+  const value = process.env[key];
+  if (value === void 0) {
+    if (defaultValue !== void 0)
+      return defaultValue;
+    throw Error(`[GORSEE] Missing required environment variable: ${key}`);
+  }
+  return value;
+}

package/dist-pkg/errors/catalog.d.ts

@@ -0,0 +1,9 @@
+export type ErrorCode = "E001" | "E002" | "E003" | "E004" | "E005" | "E101" | "E102" | "E103" | "E201" | "E202" | "E301" | "E302" | "E401" | "E402" | "E501" | "E502" | "E901" | "E902";
+interface ErrorEntry {
+    code: ErrorCode;
+    title: string;
+    description: string;
+    fix: string;
+}
+export declare const ERROR_CATALOG: Record<string, ErrorEntry>;
+export {};

package/{src/errors/catalog.ts → dist-pkg/errors/catalog.js}

@@ -1,48 +1,32 @@
-export type ErrorCode =
-  | "E001" | "E002" | "E003" | "E004" | "E005"  // type safety
-  | "E101" | "E102" | "E103"                      // server functions
-  | "E201" | "E202"                                // routing
-  | "E301" | "E302"                                // reactivity
-  | "E401" | "E402"                                // SSR/hydration
-  | "E501" | "E502"                                // security
-  | "E901" | "E902"                                // project structure
-
-interface ErrorEntry {
-  code: ErrorCode
-  title: string
-  description: string
-  fix: string
-}
-
-export const ERROR_CATALOG: Record<string, ErrorEntry> = {
+export const ERROR_CATALOG = {
   E001: {
     code: "E001",
     title: "SafeSQL violation",
     description: "Raw string passed to database query instead of SafeSQL tagged template",
-    fix: "Use SafeSQL`...` tagged template literal with parameterized values",
+    fix: "Use SafeSQL`...` tagged template literal with parameterized values"
   },
   E002: {
     code: "E002",
     title: "SafeHTML violation",
     description: "Unsanitized string used in HTML context",
-    fix: "Use sanitize() or SafeHTML`...` tagged template literal",
+    fix: "Use sanitize() or SafeHTML`...` tagged template literal"
   },
   E003: {
     code: "E003",
     title: "Server function closure capture",
     description: "server() function captures a client-side variable",
-    fix: "Pass the value as a function argument instead of capturing it from outer scope",
+    fix: "Pass the value as a function argument instead of capturing it from outer scope"
   },
   E004: {
     code: "E004",
     title: "Invalid URL",
     description: "String is not a valid URL",
-    fix: "Provide a valid URL with http:, https:, or mailto: protocol",
+    fix: "Provide a valid URL with http:, https:, or mailto: protocol"
   },
   E005: {
     code: "E005",
     title: "Disallowed URL protocol",
     description: "URL uses a protocol that is not allowed (potential open redirect)",
-    fix: "Use http:, https:, or mailto: protocol",
-  },
-}
+    fix: "Use http:, https:, or mailto: protocol"
+  }
+};

package/dist-pkg/errors/formatter.d.ts

@@ -0,0 +1,22 @@
+import { type ErrorCode } from "./catalog.js";
+export declare class GorseeError extends Error {
+    readonly code: ErrorCode;
+    readonly filePath?: string;
+    readonly line?: number;
+    constructor(code: ErrorCode, details?: {
+        filePath?: string;
+        line?: number;
+        extra?: string;
+    });
+}
+export interface FormattedError {
+    human: string;
+    json: {
+        code: ErrorCode;
+        title: string;
+        file?: string;
+        line?: number;
+        fix: string;
+    };
+}
+export declare function formatError(err: GorseeError): FormattedError;

package/dist-pkg/errors/formatter.js

@@ -0,0 +1,43 @@
+import { ERROR_CATALOG } from "./catalog.js";
+
+export class GorseeError extends Error {
+  code;
+  filePath;
+  line;
+  constructor(code, details) {
+    const title = ERROR_CATALOG[code]?.title ?? "Unknown error";
+    super(`[GORSEE ${code}] ${title}${details?.extra ? `: ${details.extra}` : ""}`);
+    this.code = code;
+    this.filePath = details?.filePath;
+    this.line = details?.line;
+  }
+}
+export function formatError(err) {
+  const entry = ERROR_CATALOG[err.code], location = err.filePath ? `
+  ${err.filePath}${err.line ? `:${err.line}` : ""}` : "";
+  return {
+    human: [
+      `GORSEE ${err.code}: ${entry?.title ?? "Unknown"}`,
+      location,
+      `
+  What: ${entry?.description ?? err.message}`,
+      `  Fix: ${entry?.fix ?? "See documentation"}`,
+      `
+  AI context (copy entire block):`,
+      `  +${"\u2500".repeat(45)}`,
+      "  | Framework: Gorsee.js",
+      `  | Error: ${err.code} - ${entry?.title}`,
+      err.filePath ? `  | File: ${err.filePath}${err.line ? `:${err.line}` : ""}` : null,
+      `  | Fix: ${entry?.fix}`,
+      `  +${"\u2500".repeat(45)}`
+    ].filter(Boolean).join(`
+`),
+    json: {
+      code: err.code,
+      title: entry?.title ?? "Unknown",
+      file: err.filePath,
+      line: err.line,
+      fix: entry?.fix ?? "See documentation"
+    }
+  };
+}

package/dist-pkg/errors/index.d.ts

@@ -0,0 +1,2 @@
+export { GorseeError, formatError } from "./formatter.js";
+export { ERROR_CATALOG, type ErrorCode } from "./catalog.js";

package/dist-pkg/errors/index.js

@@ -0,0 +1,2 @@
+export { GorseeError, formatError } from "./formatter.js";
+export { ERROR_CATALOG } from "./catalog.js";

package/dist-pkg/forms/action.d.ts

@@ -0,0 +1,15 @@
+import { type ActionFn, type ActionReturn, type ActionResult } from "../server/action.js";
+import type { Context } from "../server/middleware.js";
+import { type ActionValidationResult, type FormSchema } from "../runtime/validated-form.js";
+export interface FormActionContext<TData extends Record<string, unknown>> {
+    ctx: Context;
+    data: TData;
+    values: Record<string, string>;
+    validation: ActionValidationResult<TData>;
+}
+export interface DefineFormActionOptions {
+    invalidMessage?: string;
+    invalidStatus?: number;
+}
+export declare function defineFormAction<TData extends Record<string, unknown>, TResult = unknown>(schema: FormSchema<TData>, handler: (input: FormActionContext<TData>) => Promise<ActionReturn<TResult>>, options?: DefineFormActionOptions): ActionFn<TResult>;
+export type { ActionResult };

package/dist-pkg/forms/action.js

@@ -0,0 +1,20 @@
+import { actionFailure, defineAction } from "../server/action.js";
+import { validateAction } from "../runtime/validated-form.js";
+export function defineFormAction(schema, handler, options = {}) {
+  return defineAction(async (ctx) => {
+    const validation = await validateAction(ctx.request, schema);
+    if (!validation.valid || !validation.data)
+      return actionFailure(options.invalidMessage ?? "Validation failed", {
+        status: options.invalidStatus ?? 400,
+        fieldErrors: validation.fieldErrors,
+        formErrors: validation.formErrors,
+        values: validation.values
+      });
+    return handler({
+      ctx,
+      data: validation.data,
+      values: validation.values,
+      validation
+    });
+  });
+}

package/dist-pkg/forms/index.d.ts

@@ -0,0 +1,4 @@
+export { useFormAction, type FormActionResult, type FormState, type FormSubmitOptions } from "../runtime/form.js";
+export { actionFailure, actionSuccess, type ActionResult } from "../server/action.js";
+export { defineFormAction, type DefineFormActionOptions, type FormActionContext, } from "./action.js";
+export { defineForm, validateForm, validateAction, toFieldErrors, fieldAttrs, type FormField, type FormSchema, type ValidationResult, type ActionValidationResult, type ValidationError, } from "../runtime/validated-form.js";

package/dist-pkg/forms/index.js

@@ -0,0 +1,12 @@
+export { useFormAction } from "../runtime/form.js";
+export { actionFailure, actionSuccess } from "../server/action.js";
+export {
+  defineFormAction
+} from "./action.js";
+export {
+  defineForm,
+  validateForm,
+  validateAction,
+  toFieldErrors,
+  fieldAttrs
+} from "../runtime/validated-form.js";