hono-idempotency 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Ryota Ikezawa
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,128 @@
+# hono-idempotency
+
+Stripe-style Idempotency-Key middleware for [Hono](https://hono.dev). IETF [draft-ietf-httpapi-idempotency-key-header](https://datatracker.ietf.org/doc/draft-ietf-httpapi-idempotency-key-header/) compliant.
+
+## Features
+
+- Idempotency-Key header support for POST/PATCH (configurable)
+- Request fingerprinting (SHA-256) prevents key reuse with different payloads
+- Concurrent request protection with optimistic locking
+- RFC 9457 Problem Details error responses
+- Replayed responses include `Idempotency-Replayed: true` header
+- Non-2xx responses are not cached (Stripe pattern — allows client retry)
+- Pluggable store interface (memory, Cloudflare KV, Cloudflare D1)
+- Works on Cloudflare Workers, Node.js, Deno, Bun, and any Web Standards runtime
+
+## Install
+
+```bash
+npm install hono-idempotency
+```
+
+## Quick Start
+
+```ts
+import { Hono } from "hono";
+import { idempotency } from "hono-idempotency";
+import { memoryStore } from "hono-idempotency/stores/memory";
+
+const app = new Hono();
+
+app.use("/api/*", idempotency({ store: memoryStore() }));
+
+app.post("/api/payments", (c) => {
+  // This handler only runs once per unique Idempotency-Key.
+  // Retries with the same key return the cached response.
+  return c.json({ id: "pay_123", status: "succeeded" }, 201);
+});
+```
+
+Client usage:
+
+```bash
+curl -X POST http://localhost:3000/api/payments \
+  -H "Idempotency-Key: unique-request-id-123" \
+  -H "Content-Type: application/json" \
+  -d '{"amount": 1000}'
+```
+
+## Options
+
+```ts
+idempotency({
+  // Required: storage backend
+  store: memoryStore(),
+
+  // Header name (default: "Idempotency-Key")
+  headerName: "Idempotency-Key",
+
+  // Return 400 if header is missing (default: false)
+  required: false,
+
+  // HTTP methods to apply idempotency (default: ["POST", "PATCH"])
+  methods: ["POST", "PATCH"],
+
+  // Maximum key length (default: 256)
+  maxKeyLength: 256,
+
+  // Custom fingerprint function (default: SHA-256 of method + path + body)
+  fingerprint: (c) => `${c.req.method}:${c.req.path}`,
+});
+```
+
+## Stores
+
+### Memory Store
+
+Built-in, suitable for single-instance deployments and development.
+
+```ts
+import { memoryStore } from "hono-idempotency/stores/memory";
+
+const store = memoryStore({
+  ttl: 24 * 60 * 60 * 1000, // 24 hours (default)
+});
+```
+
+### Custom Store
+
+Implement the `IdempotencyStore` interface:
+
+```ts
+import type { IdempotencyStore } from "hono-idempotency";
+
+const customStore: IdempotencyStore = {
+  async get(key) { /* ... */ },
+  async lock(key, record) { /* return false if already locked */ },
+  async complete(key, response) { /* ... */ },
+  async delete(key) { /* ... */ },
+};
+```
+
+## Error Responses
+
+All errors follow [RFC 9457 Problem Details](https://www.rfc-editor.org/rfc/rfc9457) with `Content-Type: application/problem+json`.
+
+| Status | Type | When |
+|--------|------|------|
+| 400 | `/errors/missing-key` | `required: true` and no header |
+| 400 | `/errors/key-too-long` | Key exceeds `maxKeyLength` |
+| 409 | `/errors/conflict` | Concurrent request with same key |
+| 422 | `/errors/fingerprint-mismatch` | Same key, different request body |
+
+## Accessing the Key in Handlers
+
+The middleware sets `idempotencyKey` on the Hono context:
+
+```ts
+import type { IdempotencyEnv } from "hono-idempotency";
+
+app.post("/api/payments", (c: Context<IdempotencyEnv>) => {
+  const key = c.get("idempotencyKey");
+  return c.json({ idempotencyKey: key });
+});
+```
+
+## License
+
+MIT

package/dist/index.cjs

@@ -0,0 +1,190 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var src_exports = {};
+__export(src_exports, {
+  idempotency: () => idempotency
+});
+module.exports = __toCommonJS(src_exports);
+
+// src/middleware.ts
+var import_factory = require("hono/factory");
+
+// src/errors.ts
+function problemResponse(problem, extraHeaders) {
+  return new Response(JSON.stringify(problem), {
+    status: problem.status,
+    headers: {
+      "Content-Type": "application/problem+json",
+      ...extraHeaders
+    }
+  });
+}
+var BASE_URL = "https://hono-idempotency.dev/errors";
+var IdempotencyErrors = {
+  missingKey() {
+    return {
+      type: `${BASE_URL}/missing-key`,
+      title: "Idempotency-Key header is required",
+      status: 400,
+      detail: "This endpoint requires an Idempotency-Key header"
+    };
+  },
+  keyTooLong(maxLength) {
+    return {
+      type: `${BASE_URL}/key-too-long`,
+      title: "Idempotency-Key is too long",
+      status: 400,
+      detail: `Idempotency-Key must be at most ${maxLength} characters`
+    };
+  },
+  fingerprintMismatch() {
+    return {
+      type: `${BASE_URL}/fingerprint-mismatch`,
+      title: "Idempotency-Key is already used with a different request",
+      status: 422,
+      detail: "A request with the same idempotency key but different parameters was already processed"
+    };
+  },
+  conflict() {
+    return {
+      type: `${BASE_URL}/conflict`,
+      title: "A request is outstanding for this idempotency key",
+      status: 409,
+      detail: "A request with the same idempotency key is currently being processed"
+    };
+  }
+};
+
+// src/fingerprint.ts
+async function generateFingerprint(method, path, body) {
+  const data = `${method}:${path}:${body}`;
+  const encoded = new TextEncoder().encode(data);
+  const hashBuffer = await crypto.subtle.digest("SHA-256", encoded);
+  const hashArray = new Uint8Array(hashBuffer);
+  return Array.from(hashArray).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+
+// src/middleware.ts
+var DEFAULT_METHODS = ["POST", "PATCH"];
+var DEFAULT_MAX_KEY_LENGTH = 256;
+var EXCLUDED_STORE_HEADERS = /* @__PURE__ */ new Set(["set-cookie"]);
+function idempotency(options) {
+  const {
+    store,
+    headerName = "Idempotency-Key",
+    fingerprint: customFingerprint,
+    required = false,
+    methods = DEFAULT_METHODS,
+    maxKeyLength = DEFAULT_MAX_KEY_LENGTH,
+    skipRequest,
+    onError,
+    cacheKeyPrefix
+  } = options;
+  return (0, import_factory.createMiddleware)(async (c, next) => {
+    if (!methods.includes(c.req.method)) {
+      return next();
+    }
+    if (skipRequest && await skipRequest(c)) {
+      return next();
+    }
+    const errorResponse = (problem, extraHeaders) => onError ? onError(problem, c) : problemResponse(problem, extraHeaders);
+    const key = c.req.header(headerName);
+    if (!key) {
+      if (required) {
+        return errorResponse(IdempotencyErrors.missingKey());
+      }
+      return next();
+    }
+    if (key.length > maxKeyLength) {
+      return errorResponse(IdempotencyErrors.keyTooLong(maxKeyLength));
+    }
+    const body = await c.req.text();
+    const fp = customFingerprint ? await customFingerprint(c) : await generateFingerprint(c.req.method, c.req.path, body);
+    const rawPrefix = typeof cacheKeyPrefix === "function" ? await cacheKeyPrefix(c) : cacheKeyPrefix;
+    const encodedKey = encodeURIComponent(key);
+    const baseKey = `${c.req.method}:${c.req.path}:${encodedKey}`;
+    const storeKey = rawPrefix ? `${encodeURIComponent(rawPrefix)}:${baseKey}` : baseKey;
+    const existing = await store.get(storeKey);
+    if (existing) {
+      if (existing.status === "processing") {
+        return errorResponse(IdempotencyErrors.conflict(), { "Retry-After": "1" });
+      }
+      if (existing.fingerprint !== fp) {
+        return errorResponse(IdempotencyErrors.fingerprintMismatch());
+      }
+      if (existing.response) {
+        return replayResponse(existing.response);
+      }
+    }
+    const record = {
+      key,
+      fingerprint: fp,
+      status: "processing",
+      createdAt: Date.now()
+    };
+    const locked = await store.lock(storeKey, record);
+    if (!locked) {
+      return errorResponse(IdempotencyErrors.conflict(), { "Retry-After": "1" });
+    }
+    c.set("idempotencyKey", key);
+    try {
+      await next();
+    } catch (err) {
+      await store.delete(storeKey);
+      throw err;
+    }
+    const res = c.res;
+    if (!res.ok) {
+      await store.delete(storeKey);
+      return;
+    }
+    const resBody = await res.text();
+    const resHeaders = {};
+    res.headers.forEach((v, k) => {
+      if (!EXCLUDED_STORE_HEADERS.has(k.toLowerCase())) {
+        resHeaders[k] = v;
+      }
+    });
+    const storedResponse = {
+      status: res.status,
+      headers: resHeaders,
+      body: resBody
+    };
+    await store.complete(storeKey, storedResponse);
+    c.res = new Response(resBody, {
+      status: res.status,
+      headers: res.headers
+    });
+  });
+}
+function replayResponse(stored) {
+  const headers = new Headers(stored.headers);
+  headers.set("Idempotency-Replayed", "true");
+  return new Response(stored.body, {
+    status: stored.status,
+    headers
+  });
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  idempotency
+});
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/index.ts","../src/middleware.ts","../src/errors.ts","../src/fingerprint.ts"],"sourcesContent":["export { idempotency } from \"./middleware.js\";\nexport type {\n\tIdempotencyEnv,\n\tIdempotencyOptions,\n\tIdempotencyRecord,\n\tStoredResponse,\n} from \"./types.js\";\nexport type { IdempotencyStore } from \"./stores/types.js\";\nexport type { ProblemDetail } from \"./errors.js\";\n","import { createMiddleware } from \"hono/factory\";\nimport { IdempotencyErrors, type ProblemDetail, problemResponse } from \"./errors.js\";\nimport { generateFingerprint } from \"./fingerprint.js\";\nimport type { IdempotencyEnv, IdempotencyOptions, StoredResponse } from \"./types.js\";\n\nconst DEFAULT_METHODS = [\"POST\", \"PATCH\"];\nconst DEFAULT_MAX_KEY_LENGTH = 256;\n// Headers unsafe to replay — session cookies could leak across users\nconst EXCLUDED_STORE_HEADERS = new Set([\"set-cookie\"]);\n\nexport function idempotency(options: IdempotencyOptions) {\n\tconst {\n\t\tstore,\n\t\theaderName = \"Idempotency-Key\",\n\t\tfingerprint: customFingerprint,\n\t\trequired = false,\n\t\tmethods = DEFAULT_METHODS,\n\t\tmaxKeyLength = DEFAULT_MAX_KEY_LENGTH,\n\t\tskipRequest,\n\t\tonError,\n\t\tcacheKeyPrefix,\n\t} = options;\n\n\treturn createMiddleware<IdempotencyEnv>(async (c, next) => {\n\t\tif (!methods.includes(c.req.method)) {\n\t\t\treturn next();\n\t\t}\n\n\t\tif (skipRequest && (await skipRequest(c))) {\n\t\t\treturn next();\n\t\t}\n\n\t\tconst errorResponse = (problem: ProblemDetail, extraHeaders?: Record<string, string>) =>\n\t\t\tonError ? onError(problem, c) : problemResponse(problem, extraHeaders);\n\n\t\tconst key = c.req.header(headerName);\n\n\t\tif (!key) {\n\t\t\tif (required) {\n\t\t\t\treturn errorResponse(IdempotencyErrors.missingKey());\n\t\t\t}\n\t\t\treturn next();\n\t\t}\n\n\t\tif (key.length > maxKeyLength) {\n\t\t\treturn errorResponse(IdempotencyErrors.keyTooLong(maxKeyLength));\n\t\t}\n\n\t\tconst body = await c.req.text();\n\t\tconst fp = customFingerprint\n\t\t\t? await customFingerprint(c)\n\t\t\t: await generateFingerprint(c.req.method, c.req.path, body);\n\n\t\tconst rawPrefix =\n\t\t\ttypeof cacheKeyPrefix === \"function\" ? await cacheKeyPrefix(c) : cacheKeyPrefix;\n\t\t// Encode user-controlled components to prevent delimiter injection\n\t\tconst encodedKey = encodeURIComponent(key);\n\t\tconst baseKey = `${c.req.method}:${c.req.path}:${encodedKey}`;\n\t\tconst storeKey = rawPrefix ? `${encodeURIComponent(rawPrefix)}:${baseKey}` : baseKey;\n\n\t\tconst existing = await store.get(storeKey);\n\n\t\tif (existing) {\n\t\t\tif (existing.status === \"processing\") {\n\t\t\t\treturn errorResponse(IdempotencyErrors.conflict(), { \"Retry-After\": \"1\" });\n\t\t\t}\n\n\t\t\tif (existing.fingerprint !== fp) {\n\t\t\t\treturn errorResponse(IdempotencyErrors.fingerprintMismatch());\n\t\t\t}\n\n\t\t\tif (existing.response) {\n\t\t\t\treturn replayResponse(existing.response);\n\t\t\t}\n\t\t}\n\n\t\tconst record = {\n\t\t\tkey,\n\t\t\tfingerprint: fp,\n\t\t\tstatus: \"processing\" as const,\n\t\t\tcreatedAt: Date.now(),\n\t\t};\n\n\t\tconst locked = await store.lock(storeKey, record);\n\t\tif (!locked) {\n\t\t\treturn errorResponse(IdempotencyErrors.conflict(), { \"Retry-After\": \"1\" });\n\t\t}\n\n\t\tc.set(\"idempotencyKey\", key);\n\n\t\ttry {\n\t\t\tawait next();\n\t\t} catch (err) {\n\t\t\tawait store.delete(storeKey);\n\t\t\tthrow err;\n\t\t}\n\n\t\tconst res = c.res;\n\t\tif (!res.ok) {\n\t\t\t// Non-2xx: delete key (Stripe pattern) so client can retry\n\t\t\tawait store.delete(storeKey);\n\t\t\treturn;\n\t\t}\n\n\t\tconst resBody = await res.text();\n\t\tconst resHeaders: Record<string, string> = {};\n\t\tres.headers.forEach((v, k) => {\n\t\t\tif (!EXCLUDED_STORE_HEADERS.has(k.toLowerCase())) {\n\t\t\t\tresHeaders[k] = v;\n\t\t\t}\n\t\t});\n\n\t\tconst storedResponse: StoredResponse = {\n\t\t\tstatus: res.status,\n\t\t\theaders: resHeaders,\n\t\t\tbody: resBody,\n\t\t};\n\n\t\tawait store.complete(storeKey, storedResponse);\n\n\t\t// Rebuild response since we consumed body\n\t\tc.res = new Response(resBody, {\n\t\t\tstatus: res.status,\n\t\t\theaders: res.headers,\n\t\t});\n\t});\n}\n\nfunction replayResponse(stored: StoredResponse) {\n\tconst headers = new Headers(stored.headers);\n\theaders.set(\"Idempotency-Replayed\", \"true\");\n\n\treturn new Response(stored.body, {\n\t\tstatus: stored.status,\n\t\theaders,\n\t});\n}\n","export interface ProblemDetail {\n\ttype: string;\n\ttitle: string;\n\tstatus: number;\n\tdetail: string;\n}\n\nexport function problemResponse(\n\tproblem: ProblemDetail,\n\textraHeaders?: Record<string, string>,\n): Response {\n\treturn new Response(JSON.stringify(problem), {\n\t\tstatus: problem.status,\n\t\theaders: {\n\t\t\t\"Content-Type\": \"application/problem+json\",\n\t\t\t...extraHeaders,\n\t\t},\n\t});\n}\n\nconst BASE_URL = \"https://hono-idempotency.dev/errors\";\n\nexport const IdempotencyErrors = {\n\tmissingKey(): ProblemDetail {\n\t\treturn {\n\t\t\ttype: `${BASE_URL}/missing-key`,\n\t\t\ttitle: \"Idempotency-Key header is required\",\n\t\t\tstatus: 400,\n\t\t\tdetail: \"This endpoint requires an Idempotency-Key header\",\n\t\t};\n\t},\n\n\tkeyTooLong(maxLength: number): ProblemDetail {\n\t\treturn {\n\t\t\ttype: `${BASE_URL}/key-too-long`,\n\t\t\ttitle: \"Idempotency-Key is too long\",\n\t\t\tstatus: 400,\n\t\t\tdetail: `Idempotency-Key must be at most ${maxLength} characters`,\n\t\t};\n\t},\n\n\tfingerprintMismatch(): ProblemDetail {\n\t\treturn {\n\t\t\ttype: `${BASE_URL}/fingerprint-mismatch`,\n\t\t\ttitle: \"Idempotency-Key is already used with a different request\",\n\t\t\tstatus: 422,\n\t\t\tdetail:\n\t\t\t\t\"A request with the same idempotency key but different parameters was already processed\",\n\t\t};\n\t},\n\n\tconflict(): ProblemDetail {\n\t\treturn {\n\t\t\ttype: `${BASE_URL}/conflict`,\n\t\t\ttitle: \"A request is outstanding for this idempotency key\",\n\t\t\tstatus: 409,\n\t\t\tdetail: \"A request with the same idempotency key is currently being processed\",\n\t\t};\n\t},\n} as const;\n","export async function generateFingerprint(\n\tmethod: string,\n\tpath: string,\n\tbody: string,\n): Promise<string> {\n\tconst data = `${method}:${path}:${body}`;\n\tconst encoded = new TextEncoder().encode(data);\n\tconst hashBuffer = await crypto.subtle.digest(\"SHA-256\", encoded);\n\tconst hashArray = new Uint8Array(hashBuffer);\n\treturn Array.from(hashArray)\n\t\t.map((b) => b.toString(16).padStart(2, \"0\"))\n\t\t.join(\"\");\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,qBAAiC;;;ACO1B,SAAS,gBACf,SACA,cACW;AACX,SAAO,IAAI,SAAS,KAAK,UAAU,OAAO,GAAG;AAAA,IAC5C,QAAQ,QAAQ;AAAA,IAChB,SAAS;AAAA,MACR,gBAAgB;AAAA,MAChB,GAAG;AAAA,IACJ;AAAA,EACD,CAAC;AACF;AAEA,IAAM,WAAW;AAEV,IAAM,oBAAoB;AAAA,EAChC,aAA4B;AAC3B,WAAO;AAAA,MACN,MAAM,GAAG,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,QAAQ;AAAA,MACR,QAAQ;AAAA,IACT;AAAA,EACD;AAAA,EAEA,WAAW,WAAkC;AAC5C,WAAO;AAAA,MACN,MAAM,GAAG,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,QAAQ;AAAA,MACR,QAAQ,mCAAmC,SAAS;AAAA,IACrD;AAAA,EACD;AAAA,EAEA,sBAAqC;AACpC,WAAO;AAAA,MACN,MAAM,GAAG,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,QAAQ;AAAA,MACR,QACC;AAAA,IACF;AAAA,EACD;AAAA,EAEA,WAA0B;AACzB,WAAO;AAAA,MACN,MAAM,GAAG,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,QAAQ;AAAA,MACR,QAAQ;AAAA,IACT;AAAA,EACD;AACD;;;AC3DA,eAAsB,oBACrB,QACA,MACA,MACkB;AAClB,QAAM,OAAO,GAAG,MAAM,IAAI,IAAI,IAAI,IAAI;AACtC,QAAM,UAAU,IAAI,YAAY,EAAE,OAAO,IAAI;AAC7C,QAAM,aAAa,MAAM,OAAO,OAAO,OAAO,WAAW,OAAO;AAChE,QAAM,YAAY,IAAI,WAAW,UAAU;AAC3C,SAAO,MAAM,KAAK,SAAS,EACzB,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAC1C,KAAK,EAAE;AACV;;;AFPA,IAAM,kBAAkB,CAAC,QAAQ,OAAO;AACxC,IAAM,yBAAyB;AAE/B,IAAM,yBAAyB,oBAAI,IAAI,CAAC,YAAY,CAAC;AAE9C,SAAS,YAAY,SAA6B;AACxD,QAAM;AAAA,IACL;AAAA,IACA,aAAa;AAAA,IACb,aAAa;AAAA,IACb,WAAW;AAAA,IACX,UAAU;AAAA,IACV,eAAe;AAAA,IACf;AAAA,IACA;AAAA,IACA;AAAA,EACD,IAAI;AAEJ,aAAO,iCAAiC,OAAO,GAAG,SAAS;AAC1D,QAAI,CAAC,QAAQ,SAAS,EAAE,IAAI,MAAM,GAAG;AACpC,aAAO,KAAK;AAAA,IACb;AAEA,QAAI,eAAgB,MAAM,YAAY,CAAC,GAAI;AAC1C,aAAO,KAAK;AAAA,IACb;AAEA,UAAM,gBAAgB,CAAC,SAAwB,iBAC9C,UAAU,QAAQ,SAAS,CAAC,IAAI,gBAAgB,SAAS,YAAY;AAEtE,UAAM,MAAM,EAAE,IAAI,OAAO,UAAU;AAEnC,QAAI,CAAC,KAAK;AACT,UAAI,UAAU;AACb,eAAO,cAAc,kBAAkB,WAAW,CAAC;AAAA,MACpD;AACA,aAAO,KAAK;AAAA,IACb;AAEA,QAAI,IAAI,SAAS,cAAc;AAC9B,aAAO,cAAc,kBAAkB,WAAW,YAAY,CAAC;AAAA,IAChE;AAEA,UAAM,OAAO,MAAM,EAAE,IAAI,KAAK;AAC9B,UAAM,KAAK,oBACR,MAAM,kBAAkB,CAAC,IACzB,MAAM,oBAAoB,EAAE,IAAI,QAAQ,EAAE,IAAI,MAAM,IAAI;AAE3D,UAAM,YACL,OAAO,mBAAmB,aAAa,MAAM,eAAe,CAAC,IAAI;AAElE,UAAM,aAAa,mBAAmB,GAAG;AACzC,UAAM,UAAU,GAAG,EAAE,IAAI,MAAM,IAAI,EAAE,IAAI,IAAI,IAAI,UAAU;AAC3D,UAAM,WAAW,YAAY,GAAG,mBAAmB,SAAS,CAAC,IAAI,OAAO,KAAK;AAE7E,UAAM,WAAW,MAAM,MAAM,IAAI,QAAQ;AAEzC,QAAI,UAAU;AACb,UAAI,SAAS,WAAW,cAAc;AACrC,eAAO,cAAc,kBAAkB,SAAS,GAAG,EAAE,eAAe,IAAI,CAAC;AAAA,MAC1E;AAEA,UAAI,SAAS,gBAAgB,IAAI;AAChC,eAAO,cAAc,kBAAkB,oBAAoB,CAAC;AAAA,MAC7D;AAEA,UAAI,SAAS,UAAU;AACtB,eAAO,eAAe,SAAS,QAAQ;AAAA,MACxC;AAAA,IACD;AAEA,UAAM,SAAS;AAAA,MACd;AAAA,MACA,aAAa;AAAA,MACb,QAAQ;AAAA,MACR,WAAW,KAAK,IAAI;AAAA,IACrB;AAEA,UAAM,SAAS,MAAM,MAAM,KAAK,UAAU,MAAM;AAChD,QAAI,CAAC,QAAQ;AACZ,aAAO,cAAc,kBAAkB,SAAS,GAAG,EAAE,eAAe,IAAI,CAAC;AAAA,IAC1E;AAEA,MAAE,IAAI,kBAAkB,GAAG;AAE3B,QAAI;AACH,YAAM,KAAK;AAAA,IACZ,SAAS,KAAK;AACb,YAAM,MAAM,OAAO,QAAQ;AAC3B,YAAM;AAAA,IACP;AAEA,UAAM,MAAM,EAAE;AACd,QAAI,CAAC,IAAI,IAAI;AAEZ,YAAM,MAAM,OAAO,QAAQ;AAC3B;AAAA,IACD;AAEA,UAAM,UAAU,MAAM,IAAI,KAAK;AAC/B,UAAM,aAAqC,CAAC;AAC5C,QAAI,QAAQ,QAAQ,CAAC,GAAG,MAAM;AAC7B,UAAI,CAAC,uBAAuB,IAAI,EAAE,YAAY,CAAC,GAAG;AACjD,mBAAW,CAAC,IAAI;AAAA,MACjB;AAAA,IACD,CAAC;AAED,UAAM,iBAAiC;AAAA,MACtC,QAAQ,IAAI;AAAA,MACZ,SAAS;AAAA,MACT,MAAM;AAAA,IACP;AAEA,UAAM,MAAM,SAAS,UAAU,cAAc;AAG7C,MAAE,MAAM,IAAI,SAAS,SAAS;AAAA,MAC7B,QAAQ,IAAI;AAAA,MACZ,SAAS,IAAI;AAAA,IACd,CAAC;AAAA,EACF,CAAC;AACF;AAEA,SAAS,eAAe,QAAwB;AAC/C,QAAM,UAAU,IAAI,QAAQ,OAAO,OAAO;AAC1C,UAAQ,IAAI,wBAAwB,MAAM;AAE1C,SAAO,IAAI,SAAS,OAAO,MAAM;AAAA,IAChC,QAAQ,OAAO;AAAA,IACf;AAAA,EACD,CAAC;AACF;","names":[]}

package/dist/index.d.cts

@@ -0,0 +1,7 @@
+import * as hono from 'hono';
+import { I as IdempotencyOptions, a as IdempotencyEnv } from './types-YeEt4qLu.cjs';
+export { b as IdempotencyRecord, c as IdempotencyStore, P as ProblemDetail, S as StoredResponse } from './types-YeEt4qLu.cjs';
+
+declare function idempotency(options: IdempotencyOptions): hono.MiddlewareHandler<IdempotencyEnv, string, {}, Response>;
+
+export { IdempotencyEnv, IdempotencyOptions, idempotency };

package/dist/index.d.ts

@@ -0,0 +1,7 @@
+import * as hono from 'hono';
+import { I as IdempotencyOptions, a as IdempotencyEnv } from './types-YeEt4qLu.js';
+export { b as IdempotencyRecord, c as IdempotencyStore, P as ProblemDetail, S as StoredResponse } from './types-YeEt4qLu.js';
+
+declare function idempotency(options: IdempotencyOptions): hono.MiddlewareHandler<IdempotencyEnv, string, {}, Response>;
+
+export { IdempotencyEnv, IdempotencyOptions, idempotency };

package/dist/index.js

@@ -0,0 +1,163 @@
+// src/middleware.ts
+import { createMiddleware } from "hono/factory";
+
+// src/errors.ts
+function problemResponse(problem, extraHeaders) {
+  return new Response(JSON.stringify(problem), {
+    status: problem.status,
+    headers: {
+      "Content-Type": "application/problem+json",
+      ...extraHeaders
+    }
+  });
+}
+var BASE_URL = "https://hono-idempotency.dev/errors";
+var IdempotencyErrors = {
+  missingKey() {
+    return {
+      type: `${BASE_URL}/missing-key`,
+      title: "Idempotency-Key header is required",
+      status: 400,
+      detail: "This endpoint requires an Idempotency-Key header"
+    };
+  },
+  keyTooLong(maxLength) {
+    return {
+      type: `${BASE_URL}/key-too-long`,
+      title: "Idempotency-Key is too long",
+      status: 400,
+      detail: `Idempotency-Key must be at most ${maxLength} characters`
+    };
+  },
+  fingerprintMismatch() {
+    return {
+      type: `${BASE_URL}/fingerprint-mismatch`,
+      title: "Idempotency-Key is already used with a different request",
+      status: 422,
+      detail: "A request with the same idempotency key but different parameters was already processed"
+    };
+  },
+  conflict() {
+    return {
+      type: `${BASE_URL}/conflict`,
+      title: "A request is outstanding for this idempotency key",
+      status: 409,
+      detail: "A request with the same idempotency key is currently being processed"
+    };
+  }
+};
+
+// src/fingerprint.ts
+async function generateFingerprint(method, path, body) {
+  const data = `${method}:${path}:${body}`;
+  const encoded = new TextEncoder().encode(data);
+  const hashBuffer = await crypto.subtle.digest("SHA-256", encoded);
+  const hashArray = new Uint8Array(hashBuffer);
+  return Array.from(hashArray).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+
+// src/middleware.ts
+var DEFAULT_METHODS = ["POST", "PATCH"];
+var DEFAULT_MAX_KEY_LENGTH = 256;
+var EXCLUDED_STORE_HEADERS = /* @__PURE__ */ new Set(["set-cookie"]);
+function idempotency(options) {
+  const {
+    store,
+    headerName = "Idempotency-Key",
+    fingerprint: customFingerprint,
+    required = false,
+    methods = DEFAULT_METHODS,
+    maxKeyLength = DEFAULT_MAX_KEY_LENGTH,
+    skipRequest,
+    onError,
+    cacheKeyPrefix
+  } = options;
+  return createMiddleware(async (c, next) => {
+    if (!methods.includes(c.req.method)) {
+      return next();
+    }
+    if (skipRequest && await skipRequest(c)) {
+      return next();
+    }
+    const errorResponse = (problem, extraHeaders) => onError ? onError(problem, c) : problemResponse(problem, extraHeaders);
+    const key = c.req.header(headerName);
+    if (!key) {
+      if (required) {
+        return errorResponse(IdempotencyErrors.missingKey());
+      }
+      return next();
+    }
+    if (key.length > maxKeyLength) {
+      return errorResponse(IdempotencyErrors.keyTooLong(maxKeyLength));
+    }
+    const body = await c.req.text();
+    const fp = customFingerprint ? await customFingerprint(c) : await generateFingerprint(c.req.method, c.req.path, body);
+    const rawPrefix = typeof cacheKeyPrefix === "function" ? await cacheKeyPrefix(c) : cacheKeyPrefix;
+    const encodedKey = encodeURIComponent(key);
+    const baseKey = `${c.req.method}:${c.req.path}:${encodedKey}`;
+    const storeKey = rawPrefix ? `${encodeURIComponent(rawPrefix)}:${baseKey}` : baseKey;
+    const existing = await store.get(storeKey);
+    if (existing) {
+      if (existing.status === "processing") {
+        return errorResponse(IdempotencyErrors.conflict(), { "Retry-After": "1" });
+      }
+      if (existing.fingerprint !== fp) {
+        return errorResponse(IdempotencyErrors.fingerprintMismatch());
+      }
+      if (existing.response) {
+        return replayResponse(existing.response);
+      }
+    }
+    const record = {
+      key,
+      fingerprint: fp,
+      status: "processing",
+      createdAt: Date.now()
+    };
+    const locked = await store.lock(storeKey, record);
+    if (!locked) {
+      return errorResponse(IdempotencyErrors.conflict(), { "Retry-After": "1" });
+    }
+    c.set("idempotencyKey", key);
+    try {
+      await next();
+    } catch (err) {
+      await store.delete(storeKey);
+      throw err;
+    }
+    const res = c.res;
+    if (!res.ok) {
+      await store.delete(storeKey);
+      return;
+    }
+    const resBody = await res.text();
+    const resHeaders = {};
+    res.headers.forEach((v, k) => {
+      if (!EXCLUDED_STORE_HEADERS.has(k.toLowerCase())) {
+        resHeaders[k] = v;
+      }
+    });
+    const storedResponse = {
+      status: res.status,
+      headers: resHeaders,
+      body: resBody
+    };
+    await store.complete(storeKey, storedResponse);
+    c.res = new Response(resBody, {
+      status: res.status,
+      headers: res.headers
+    });
+  });
+}
+function replayResponse(stored) {
+  const headers = new Headers(stored.headers);
+  headers.set("Idempotency-Replayed", "true");
+  return new Response(stored.body, {
+    status: stored.status,
+    headers
+  });
+}
+export {
+  idempotency
+};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/middleware.ts","../src/errors.ts","../src/fingerprint.ts"],"sourcesContent":["import { createMiddleware } from \"hono/factory\";\nimport { IdempotencyErrors, type ProblemDetail, problemResponse } from \"./errors.js\";\nimport { generateFingerprint } from \"./fingerprint.js\";\nimport type { IdempotencyEnv, IdempotencyOptions, StoredResponse } from \"./types.js\";\n\nconst DEFAULT_METHODS = [\"POST\", \"PATCH\"];\nconst DEFAULT_MAX_KEY_LENGTH = 256;\n// Headers unsafe to replay — session cookies could leak across users\nconst EXCLUDED_STORE_HEADERS = new Set([\"set-cookie\"]);\n\nexport function idempotency(options: IdempotencyOptions) {\n\tconst {\n\t\tstore,\n\t\theaderName = \"Idempotency-Key\",\n\t\tfingerprint: customFingerprint,\n\t\trequired = false,\n\t\tmethods = DEFAULT_METHODS,\n\t\tmaxKeyLength = DEFAULT_MAX_KEY_LENGTH,\n\t\tskipRequest,\n\t\tonError,\n\t\tcacheKeyPrefix,\n\t} = options;\n\n\treturn createMiddleware<IdempotencyEnv>(async (c, next) => {\n\t\tif (!methods.includes(c.req.method)) {\n\t\t\treturn next();\n\t\t}\n\n\t\tif (skipRequest && (await skipRequest(c))) {\n\t\t\treturn next();\n\t\t}\n\n\t\tconst errorResponse = (problem: ProblemDetail, extraHeaders?: Record<string, string>) =>\n\t\t\tonError ? onError(problem, c) : problemResponse(problem, extraHeaders);\n\n\t\tconst key = c.req.header(headerName);\n\n\t\tif (!key) {\n\t\t\tif (required) {\n\t\t\t\treturn errorResponse(IdempotencyErrors.missingKey());\n\t\t\t}\n\t\t\treturn next();\n\t\t}\n\n\t\tif (key.length > maxKeyLength) {\n\t\t\treturn errorResponse(IdempotencyErrors.keyTooLong(maxKeyLength));\n\t\t}\n\n\t\tconst body = await c.req.text();\n\t\tconst fp = customFingerprint\n\t\t\t? await customFingerprint(c)\n\t\t\t: await generateFingerprint(c.req.method, c.req.path, body);\n\n\t\tconst rawPrefix =\n\t\t\ttypeof cacheKeyPrefix === \"function\" ? await cacheKeyPrefix(c) : cacheKeyPrefix;\n\t\t// Encode user-controlled components to prevent delimiter injection\n\t\tconst encodedKey = encodeURIComponent(key);\n\t\tconst baseKey = `${c.req.method}:${c.req.path}:${encodedKey}`;\n\t\tconst storeKey = rawPrefix ? `${encodeURIComponent(rawPrefix)}:${baseKey}` : baseKey;\n\n\t\tconst existing = await store.get(storeKey);\n\n\t\tif (existing) {\n\t\t\tif (existing.status === \"processing\") {\n\t\t\t\treturn errorResponse(IdempotencyErrors.conflict(), { \"Retry-After\": \"1\" });\n\t\t\t}\n\n\t\t\tif (existing.fingerprint !== fp) {\n\t\t\t\treturn errorResponse(IdempotencyErrors.fingerprintMismatch());\n\t\t\t}\n\n\t\t\tif (existing.response) {\n\t\t\t\treturn replayResponse(existing.response);\n\t\t\t}\n\t\t}\n\n\t\tconst record = {\n\t\t\tkey,\n\t\t\tfingerprint: fp,\n\t\t\tstatus: \"processing\" as const,\n\t\t\tcreatedAt: Date.now(),\n\t\t};\n\n\t\tconst locked = await store.lock(storeKey, record);\n\t\tif (!locked) {\n\t\t\treturn errorResponse(IdempotencyErrors.conflict(), { \"Retry-After\": \"1\" });\n\t\t}\n\n\t\tc.set(\"idempotencyKey\", key);\n\n\t\ttry {\n\t\t\tawait next();\n\t\t} catch (err) {\n\t\t\tawait store.delete(storeKey);\n\t\t\tthrow err;\n\t\t}\n\n\t\tconst res = c.res;\n\t\tif (!res.ok) {\n\t\t\t// Non-2xx: delete key (Stripe pattern) so client can retry\n\t\t\tawait store.delete(storeKey);\n\t\t\treturn;\n\t\t}\n\n\t\tconst resBody = await res.text();\n\t\tconst resHeaders: Record<string, string> = {};\n\t\tres.headers.forEach((v, k) => {\n\t\t\tif (!EXCLUDED_STORE_HEADERS.has(k.toLowerCase())) {\n\t\t\t\tresHeaders[k] = v;\n\t\t\t}\n\t\t});\n\n\t\tconst storedResponse: StoredResponse = {\n\t\t\tstatus: res.status,\n\t\t\theaders: resHeaders,\n\t\t\tbody: resBody,\n\t\t};\n\n\t\tawait store.complete(storeKey, storedResponse);\n\n\t\t// Rebuild response since we consumed body\n\t\tc.res = new Response(resBody, {\n\t\t\tstatus: res.status,\n\t\t\theaders: res.headers,\n\t\t});\n\t});\n}\n\nfunction replayResponse(stored: StoredResponse) {\n\tconst headers = new Headers(stored.headers);\n\theaders.set(\"Idempotency-Replayed\", \"true\");\n\n\treturn new Response(stored.body, {\n\t\tstatus: stored.status,\n\t\theaders,\n\t});\n}\n","export interface ProblemDetail {\n\ttype: string;\n\ttitle: string;\n\tstatus: number;\n\tdetail: string;\n}\n\nexport function problemResponse(\n\tproblem: ProblemDetail,\n\textraHeaders?: Record<string, string>,\n): Response {\n\treturn new Response(JSON.stringify(problem), {\n\t\tstatus: problem.status,\n\t\theaders: {\n\t\t\t\"Content-Type\": \"application/problem+json\",\n\t\t\t...extraHeaders,\n\t\t},\n\t});\n}\n\nconst BASE_URL = \"https://hono-idempotency.dev/errors\";\n\nexport const IdempotencyErrors = {\n\tmissingKey(): ProblemDetail {\n\t\treturn {\n\t\t\ttype: `${BASE_URL}/missing-key`,\n\t\t\ttitle: \"Idempotency-Key header is required\",\n\t\t\tstatus: 400,\n\t\t\tdetail: \"This endpoint requires an Idempotency-Key header\",\n\t\t};\n\t},\n\n\tkeyTooLong(maxLength: number): ProblemDetail {\n\t\treturn {\n\t\t\ttype: `${BASE_URL}/key-too-long`,\n\t\t\ttitle: \"Idempotency-Key is too long\",\n\t\t\tstatus: 400,\n\t\t\tdetail: `Idempotency-Key must be at most ${maxLength} characters`,\n\t\t};\n\t},\n\n\tfingerprintMismatch(): ProblemDetail {\n\t\treturn {\n\t\t\ttype: `${BASE_URL}/fingerprint-mismatch`,\n\t\t\ttitle: \"Idempotency-Key is already used with a different request\",\n\t\t\tstatus: 422,\n\t\t\tdetail:\n\t\t\t\t\"A request with the same idempotency key but different parameters was already processed\",\n\t\t};\n\t},\n\n\tconflict(): ProblemDetail {\n\t\treturn {\n\t\t\ttype: `${BASE_URL}/conflict`,\n\t\t\ttitle: \"A request is outstanding for this idempotency key\",\n\t\t\tstatus: 409,\n\t\t\tdetail: \"A request with the same idempotency key is currently being processed\",\n\t\t};\n\t},\n} as const;\n","export async function generateFingerprint(\n\tmethod: string,\n\tpath: string,\n\tbody: string,\n): Promise<string> {\n\tconst data = `${method}:${path}:${body}`;\n\tconst encoded = new TextEncoder().encode(data);\n\tconst hashBuffer = await crypto.subtle.digest(\"SHA-256\", encoded);\n\tconst hashArray = new Uint8Array(hashBuffer);\n\treturn Array.from(hashArray)\n\t\t.map((b) => b.toString(16).padStart(2, \"0\"))\n\t\t.join(\"\");\n}\n"],"mappings":";AAAA,SAAS,wBAAwB;;;ACO1B,SAAS,gBACf,SACA,cACW;AACX,SAAO,IAAI,SAAS,KAAK,UAAU,OAAO,GAAG;AAAA,IAC5C,QAAQ,QAAQ;AAAA,IAChB,SAAS;AAAA,MACR,gBAAgB;AAAA,MAChB,GAAG;AAAA,IACJ;AAAA,EACD,CAAC;AACF;AAEA,IAAM,WAAW;AAEV,IAAM,oBAAoB;AAAA,EAChC,aAA4B;AAC3B,WAAO;AAAA,MACN,MAAM,GAAG,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,QAAQ;AAAA,MACR,QAAQ;AAAA,IACT;AAAA,EACD;AAAA,EAEA,WAAW,WAAkC;AAC5C,WAAO;AAAA,MACN,MAAM,GAAG,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,QAAQ;AAAA,MACR,QAAQ,mCAAmC,SAAS;AAAA,IACrD;AAAA,EACD;AAAA,EAEA,sBAAqC;AACpC,WAAO;AAAA,MACN,MAAM,GAAG,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,QAAQ;AAAA,MACR,QACC;AAAA,IACF;AAAA,EACD;AAAA,EAEA,WAA0B;AACzB,WAAO;AAAA,MACN,MAAM,GAAG,QAAQ;AAAA,MACjB,OAAO;AAAA,MACP,QAAQ;AAAA,MACR,QAAQ;AAAA,IACT;AAAA,EACD;AACD;;;AC3DA,eAAsB,oBACrB,QACA,MACA,MACkB;AAClB,QAAM,OAAO,GAAG,MAAM,IAAI,IAAI,IAAI,IAAI;AACtC,QAAM,UAAU,IAAI,YAAY,EAAE,OAAO,IAAI;AAC7C,QAAM,aAAa,MAAM,OAAO,OAAO,OAAO,WAAW,OAAO;AAChE,QAAM,YAAY,IAAI,WAAW,UAAU;AAC3C,SAAO,MAAM,KAAK,SAAS,EACzB,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,EAC1C,KAAK,EAAE;AACV;;;AFPA,IAAM,kBAAkB,CAAC,QAAQ,OAAO;AACxC,IAAM,yBAAyB;AAE/B,IAAM,yBAAyB,oBAAI,IAAI,CAAC,YAAY,CAAC;AAE9C,SAAS,YAAY,SAA6B;AACxD,QAAM;AAAA,IACL;AAAA,IACA,aAAa;AAAA,IACb,aAAa;AAAA,IACb,WAAW;AAAA,IACX,UAAU;AAAA,IACV,eAAe;AAAA,IACf;AAAA,IACA;AAAA,IACA;AAAA,EACD,IAAI;AAEJ,SAAO,iBAAiC,OAAO,GAAG,SAAS;AAC1D,QAAI,CAAC,QAAQ,SAAS,EAAE,IAAI,MAAM,GAAG;AACpC,aAAO,KAAK;AAAA,IACb;AAEA,QAAI,eAAgB,MAAM,YAAY,CAAC,GAAI;AAC1C,aAAO,KAAK;AAAA,IACb;AAEA,UAAM,gBAAgB,CAAC,SAAwB,iBAC9C,UAAU,QAAQ,SAAS,CAAC,IAAI,gBAAgB,SAAS,YAAY;AAEtE,UAAM,MAAM,EAAE,IAAI,OAAO,UAAU;AAEnC,QAAI,CAAC,KAAK;AACT,UAAI,UAAU;AACb,eAAO,cAAc,kBAAkB,WAAW,CAAC;AAAA,MACpD;AACA,aAAO,KAAK;AAAA,IACb;AAEA,QAAI,IAAI,SAAS,cAAc;AAC9B,aAAO,cAAc,kBAAkB,WAAW,YAAY,CAAC;AAAA,IAChE;AAEA,UAAM,OAAO,MAAM,EAAE,IAAI,KAAK;AAC9B,UAAM,KAAK,oBACR,MAAM,kBAAkB,CAAC,IACzB,MAAM,oBAAoB,EAAE,IAAI,QAAQ,EAAE,IAAI,MAAM,IAAI;AAE3D,UAAM,YACL,OAAO,mBAAmB,aAAa,MAAM,eAAe,CAAC,IAAI;AAElE,UAAM,aAAa,mBAAmB,GAAG;AACzC,UAAM,UAAU,GAAG,EAAE,IAAI,MAAM,IAAI,EAAE,IAAI,IAAI,IAAI,UAAU;AAC3D,UAAM,WAAW,YAAY,GAAG,mBAAmB,SAAS,CAAC,IAAI,OAAO,KAAK;AAE7E,UAAM,WAAW,MAAM,MAAM,IAAI,QAAQ;AAEzC,QAAI,UAAU;AACb,UAAI,SAAS,WAAW,cAAc;AACrC,eAAO,cAAc,kBAAkB,SAAS,GAAG,EAAE,eAAe,IAAI,CAAC;AAAA,MAC1E;AAEA,UAAI,SAAS,gBAAgB,IAAI;AAChC,eAAO,cAAc,kBAAkB,oBAAoB,CAAC;AAAA,MAC7D;AAEA,UAAI,SAAS,UAAU;AACtB,eAAO,eAAe,SAAS,QAAQ;AAAA,MACxC;AAAA,IACD;AAEA,UAAM,SAAS;AAAA,MACd;AAAA,MACA,aAAa;AAAA,MACb,QAAQ;AAAA,MACR,WAAW,KAAK,IAAI;AAAA,IACrB;AAEA,UAAM,SAAS,MAAM,MAAM,KAAK,UAAU,MAAM;AAChD,QAAI,CAAC,QAAQ;AACZ,aAAO,cAAc,kBAAkB,SAAS,GAAG,EAAE,eAAe,IAAI,CAAC;AAAA,IAC1E;AAEA,MAAE,IAAI,kBAAkB,GAAG;AAE3B,QAAI;AACH,YAAM,KAAK;AAAA,IACZ,SAAS,KAAK;AACb,YAAM,MAAM,OAAO,QAAQ;AAC3B,YAAM;AAAA,IACP;AAEA,UAAM,MAAM,EAAE;AACd,QAAI,CAAC,IAAI,IAAI;AAEZ,YAAM,MAAM,OAAO,QAAQ;AAC3B;AAAA,IACD;AAEA,UAAM,UAAU,MAAM,IAAI,KAAK;AAC/B,UAAM,aAAqC,CAAC;AAC5C,QAAI,QAAQ,QAAQ,CAAC,GAAG,MAAM;AAC7B,UAAI,CAAC,uBAAuB,IAAI,EAAE,YAAY,CAAC,GAAG;AACjD,mBAAW,CAAC,IAAI;AAAA,MACjB;AAAA,IACD,CAAC;AAED,UAAM,iBAAiC;AAAA,MACtC,QAAQ,IAAI;AAAA,MACZ,SAAS;AAAA,MACT,MAAM;AAAA,IACP;AAEA,UAAM,MAAM,SAAS,UAAU,cAAc;AAG7C,MAAE,MAAM,IAAI,SAAS,SAAS;AAAA,MAC7B,QAAQ,IAAI;AAAA,MACZ,SAAS,IAAI;AAAA,IACd,CAAC;AAAA,EACF,CAAC;AACF;AAEA,SAAS,eAAe,QAAwB;AAC/C,QAAM,UAAU,IAAI,QAAQ,OAAO,OAAO;AAC1C,UAAQ,IAAI,wBAAwB,MAAM;AAE1C,SAAO,IAAI,SAAS,OAAO,MAAM;AAAA,IAChC,QAAQ,OAAO;AAAA,IACf;AAAA,EACD,CAAC;AACF;","names":[]}

package/dist/stores/cloudflare-d1.cjs

@@ -0,0 +1,33 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/stores/cloudflare-d1.ts
+var cloudflare_d1_exports = {};
+__export(cloudflare_d1_exports, {
+  d1Store: () => d1Store
+});
+module.exports = __toCommonJS(cloudflare_d1_exports);
+function d1Store(_options) {
+  throw new Error("cloudflare-d1 store is not yet implemented. Coming in Phase 2.");
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  d1Store
+});
+//# sourceMappingURL=cloudflare-d1.cjs.map

package/dist/stores/cloudflare-d1.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/stores/cloudflare-d1.ts"],"sourcesContent":["import type { IdempotencyStore } from \"./types.js\";\n\ninterface D1StoreOptions {\n\tbinding: string;\n\ttableName?: string;\n}\n\n// Phase 2: Cloudflare D1 store implementation\nexport function d1Store(_options: D1StoreOptions): IdempotencyStore {\n\tthrow new Error(\"cloudflare-d1 store is not yet implemented. Coming in Phase 2.\");\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAQO,SAAS,QAAQ,UAA4C;AACnE,QAAM,IAAI,MAAM,gEAAgE;AACjF;","names":[]}

package/dist/stores/cloudflare-d1.d.cts

@@ -0,0 +1,10 @@
+import { c as IdempotencyStore } from '../types-YeEt4qLu.cjs';
+import 'hono';
+
+interface D1StoreOptions {
+    binding: string;
+    tableName?: string;
+}
+declare function d1Store(_options: D1StoreOptions): IdempotencyStore;
+
+export { d1Store };

package/dist/stores/cloudflare-d1.d.ts

@@ -0,0 +1,10 @@
+import { c as IdempotencyStore } from '../types-YeEt4qLu.js';
+import 'hono';
+
+interface D1StoreOptions {
+    binding: string;
+    tableName?: string;
+}
+declare function d1Store(_options: D1StoreOptions): IdempotencyStore;
+
+export { d1Store };

package/dist/stores/cloudflare-d1.js

@@ -0,0 +1,8 @@
+// src/stores/cloudflare-d1.ts
+function d1Store(_options) {
+  throw new Error("cloudflare-d1 store is not yet implemented. Coming in Phase 2.");
+}
+export {
+  d1Store
+};
+//# sourceMappingURL=cloudflare-d1.js.map

package/dist/stores/cloudflare-d1.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/stores/cloudflare-d1.ts"],"sourcesContent":["import type { IdempotencyStore } from \"./types.js\";\n\ninterface D1StoreOptions {\n\tbinding: string;\n\ttableName?: string;\n}\n\n// Phase 2: Cloudflare D1 store implementation\nexport function d1Store(_options: D1StoreOptions): IdempotencyStore {\n\tthrow new Error(\"cloudflare-d1 store is not yet implemented. Coming in Phase 2.\");\n}\n"],"mappings":";AAQO,SAAS,QAAQ,UAA4C;AACnE,QAAM,IAAI,MAAM,gEAAgE;AACjF;","names":[]}

package/dist/stores/cloudflare-kv.cjs

@@ -0,0 +1,33 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/stores/cloudflare-kv.ts
+var cloudflare_kv_exports = {};
+__export(cloudflare_kv_exports, {
+  kvStore: () => kvStore
+});
+module.exports = __toCommonJS(cloudflare_kv_exports);
+function kvStore(_options) {
+  throw new Error("cloudflare-kv store is not yet implemented. Coming in Phase 2.");
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  kvStore
+});
+//# sourceMappingURL=cloudflare-kv.cjs.map

package/dist/stores/cloudflare-kv.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/stores/cloudflare-kv.ts"],"sourcesContent":["import type { IdempotencyStore } from \"./types.js\";\n\ninterface KVStoreOptions {\n\tbinding: string;\n\tttl?: number;\n}\n\n// Phase 2: Cloudflare KV store implementation\nexport function kvStore(_options: KVStoreOptions): IdempotencyStore {\n\tthrow new Error(\"cloudflare-kv store is not yet implemented. Coming in Phase 2.\");\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAQO,SAAS,QAAQ,UAA4C;AACnE,QAAM,IAAI,MAAM,gEAAgE;AACjF;","names":[]}

package/dist/stores/cloudflare-kv.d.cts

@@ -0,0 +1,10 @@
+import { c as IdempotencyStore } from '../types-YeEt4qLu.cjs';
+import 'hono';
+
+interface KVStoreOptions {
+    binding: string;
+    ttl?: number;
+}
+declare function kvStore(_options: KVStoreOptions): IdempotencyStore;
+
+export { kvStore };

package/dist/stores/cloudflare-kv.d.ts

@@ -0,0 +1,10 @@
+import { c as IdempotencyStore } from '../types-YeEt4qLu.js';
+import 'hono';
+
+interface KVStoreOptions {
+    binding: string;
+    ttl?: number;
+}
+declare function kvStore(_options: KVStoreOptions): IdempotencyStore;
+
+export { kvStore };

package/dist/stores/cloudflare-kv.js

@@ -0,0 +1,8 @@
+// src/stores/cloudflare-kv.ts
+function kvStore(_options) {
+  throw new Error("cloudflare-kv store is not yet implemented. Coming in Phase 2.");
+}
+export {
+  kvStore
+};
+//# sourceMappingURL=cloudflare-kv.js.map

package/dist/stores/cloudflare-kv.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/stores/cloudflare-kv.ts"],"sourcesContent":["import type { IdempotencyStore } from \"./types.js\";\n\ninterface KVStoreOptions {\n\tbinding: string;\n\tttl?: number;\n}\n\n// Phase 2: Cloudflare KV store implementation\nexport function kvStore(_options: KVStoreOptions): IdempotencyStore {\n\tthrow new Error(\"cloudflare-kv store is not yet implemented. Coming in Phase 2.\");\n}\n"],"mappings":";AAQO,SAAS,QAAQ,UAA4C;AACnE,QAAM,IAAI,MAAM,gEAAgE;AACjF;","names":[]}

package/dist/stores/memory.cjs

@@ -0,0 +1,67 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/stores/memory.ts
+var memory_exports = {};
+__export(memory_exports, {
+  memoryStore: () => memoryStore
+});
+module.exports = __toCommonJS(memory_exports);
+var DEFAULT_TTL = 24 * 60 * 60 * 1e3;
+function memoryStore(options = {}) {
+  const ttl = options.ttl ?? DEFAULT_TTL;
+  const map = /* @__PURE__ */ new Map();
+  const isExpired = (record) => {
+    return Date.now() - record.createdAt >= ttl;
+  };
+  return {
+    async get(key) {
+      const record = map.get(key);
+      if (!record) return void 0;
+      if (isExpired(record)) {
+        map.delete(key);
+        return void 0;
+      }
+      return record;
+    },
+    async lock(key, record) {
+      const existing = map.get(key);
+      if (existing && !isExpired(existing)) {
+        return false;
+      }
+      map.set(key, record);
+      return true;
+    },
+    async complete(key, response) {
+      const record = map.get(key);
+      if (record) {
+        record.status = "completed";
+        record.response = response;
+      }
+    },
+    async delete(key) {
+      map.delete(key);
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  memoryStore
+});
+//# sourceMappingURL=memory.cjs.map

package/dist/stores/memory.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/stores/memory.ts"],"sourcesContent":["import type { IdempotencyRecord, StoredResponse } from \"../types.js\";\nimport type { IdempotencyStore } from \"./types.js\";\n\nconst DEFAULT_TTL = 24 * 60 * 60 * 1000; // 24 hours\n\ninterface MemoryStoreOptions {\n\tttl?: number;\n}\n\nexport function memoryStore(options: MemoryStoreOptions = {}): IdempotencyStore {\n\tconst ttl = options.ttl ?? DEFAULT_TTL;\n\tconst map = new Map<string, IdempotencyRecord>();\n\n\tconst isExpired = (record: IdempotencyRecord): boolean => {\n\t\treturn Date.now() - record.createdAt >= ttl;\n\t};\n\n\treturn {\n\t\tasync get(key) {\n\t\t\tconst record = map.get(key);\n\t\t\tif (!record) return undefined;\n\t\t\tif (isExpired(record)) {\n\t\t\t\tmap.delete(key);\n\t\t\t\treturn undefined;\n\t\t\t}\n\t\t\treturn record;\n\t\t},\n\n\t\tasync lock(key, record) {\n\t\t\tconst existing = map.get(key);\n\t\t\tif (existing && !isExpired(existing)) {\n\t\t\t\treturn false;\n\t\t\t}\n\t\t\tmap.set(key, record);\n\t\t\treturn true;\n\t\t},\n\n\t\tasync complete(key, response) {\n\t\t\tconst record = map.get(key);\n\t\t\tif (record) {\n\t\t\t\trecord.status = \"completed\";\n\t\t\t\trecord.response = response;\n\t\t\t}\n\t\t},\n\n\t\tasync delete(key) {\n\t\t\tmap.delete(key);\n\t\t},\n\t};\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAGA,IAAM,cAAc,KAAK,KAAK,KAAK;AAM5B,SAAS,YAAY,UAA8B,CAAC,GAAqB;AAC/E,QAAM,MAAM,QAAQ,OAAO;AAC3B,QAAM,MAAM,oBAAI,IAA+B;AAE/C,QAAM,YAAY,CAAC,WAAuC;AACzD,WAAO,KAAK,IAAI,IAAI,OAAO,aAAa;AAAA,EACzC;AAEA,SAAO;AAAA,IACN,MAAM,IAAI,KAAK;AACd,YAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,UAAI,CAAC,OAAQ,QAAO;AACpB,UAAI,UAAU,MAAM,GAAG;AACtB,YAAI,OAAO,GAAG;AACd,eAAO;AAAA,MACR;AACA,aAAO;AAAA,IACR;AAAA,IAEA,MAAM,KAAK,KAAK,QAAQ;AACvB,YAAM,WAAW,IAAI,IAAI,GAAG;AAC5B,UAAI,YAAY,CAAC,UAAU,QAAQ,GAAG;AACrC,eAAO;AAAA,MACR;AACA,UAAI,IAAI,KAAK,MAAM;AACnB,aAAO;AAAA,IACR;AAAA,IAEA,MAAM,SAAS,KAAK,UAAU;AAC7B,YAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,UAAI,QAAQ;AACX,eAAO,SAAS;AAChB,eAAO,WAAW;AAAA,MACnB;AAAA,IACD;AAAA,IAEA,MAAM,OAAO,KAAK;AACjB,UAAI,OAAO,GAAG;AAAA,IACf;AAAA,EACD;AACD;","names":[]}

package/dist/stores/memory.d.cts

@@ -0,0 +1,9 @@
+import { c as IdempotencyStore } from '../types-YeEt4qLu.cjs';
+import 'hono';
+
+interface MemoryStoreOptions {
+    ttl?: number;
+}
+declare function memoryStore(options?: MemoryStoreOptions): IdempotencyStore;
+
+export { memoryStore };

package/dist/stores/memory.d.ts

@@ -0,0 +1,9 @@
+import { c as IdempotencyStore } from '../types-YeEt4qLu.js';
+import 'hono';
+
+interface MemoryStoreOptions {
+    ttl?: number;
+}
+declare function memoryStore(options?: MemoryStoreOptions): IdempotencyStore;
+
+export { memoryStore };

package/dist/stores/memory.js

@@ -0,0 +1,42 @@
+// src/stores/memory.ts
+var DEFAULT_TTL = 24 * 60 * 60 * 1e3;
+function memoryStore(options = {}) {
+  const ttl = options.ttl ?? DEFAULT_TTL;
+  const map = /* @__PURE__ */ new Map();
+  const isExpired = (record) => {
+    return Date.now() - record.createdAt >= ttl;
+  };
+  return {
+    async get(key) {
+      const record = map.get(key);
+      if (!record) return void 0;
+      if (isExpired(record)) {
+        map.delete(key);
+        return void 0;
+      }
+      return record;
+    },
+    async lock(key, record) {
+      const existing = map.get(key);
+      if (existing && !isExpired(existing)) {
+        return false;
+      }
+      map.set(key, record);
+      return true;
+    },
+    async complete(key, response) {
+      const record = map.get(key);
+      if (record) {
+        record.status = "completed";
+        record.response = response;
+      }
+    },
+    async delete(key) {
+      map.delete(key);
+    }
+  };
+}
+export {
+  memoryStore
+};
+//# sourceMappingURL=memory.js.map

package/dist/stores/memory.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/stores/memory.ts"],"sourcesContent":["import type { IdempotencyRecord, StoredResponse } from \"../types.js\";\nimport type { IdempotencyStore } from \"./types.js\";\n\nconst DEFAULT_TTL = 24 * 60 * 60 * 1000; // 24 hours\n\ninterface MemoryStoreOptions {\n\tttl?: number;\n}\n\nexport function memoryStore(options: MemoryStoreOptions = {}): IdempotencyStore {\n\tconst ttl = options.ttl ?? DEFAULT_TTL;\n\tconst map = new Map<string, IdempotencyRecord>();\n\n\tconst isExpired = (record: IdempotencyRecord): boolean => {\n\t\treturn Date.now() - record.createdAt >= ttl;\n\t};\n\n\treturn {\n\t\tasync get(key) {\n\t\t\tconst record = map.get(key);\n\t\t\tif (!record) return undefined;\n\t\t\tif (isExpired(record)) {\n\t\t\t\tmap.delete(key);\n\t\t\t\treturn undefined;\n\t\t\t}\n\t\t\treturn record;\n\t\t},\n\n\t\tasync lock(key, record) {\n\t\t\tconst existing = map.get(key);\n\t\t\tif (existing && !isExpired(existing)) {\n\t\t\t\treturn false;\n\t\t\t}\n\t\t\tmap.set(key, record);\n\t\t\treturn true;\n\t\t},\n\n\t\tasync complete(key, response) {\n\t\t\tconst record = map.get(key);\n\t\t\tif (record) {\n\t\t\t\trecord.status = \"completed\";\n\t\t\t\trecord.response = response;\n\t\t\t}\n\t\t},\n\n\t\tasync delete(key) {\n\t\t\tmap.delete(key);\n\t\t},\n\t};\n}\n"],"mappings":";AAGA,IAAM,cAAc,KAAK,KAAK,KAAK;AAM5B,SAAS,YAAY,UAA8B,CAAC,GAAqB;AAC/E,QAAM,MAAM,QAAQ,OAAO;AAC3B,QAAM,MAAM,oBAAI,IAA+B;AAE/C,QAAM,YAAY,CAAC,WAAuC;AACzD,WAAO,KAAK,IAAI,IAAI,OAAO,aAAa;AAAA,EACzC;AAEA,SAAO;AAAA,IACN,MAAM,IAAI,KAAK;AACd,YAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,UAAI,CAAC,OAAQ,QAAO;AACpB,UAAI,UAAU,MAAM,GAAG;AACtB,YAAI,OAAO,GAAG;AACd,eAAO;AAAA,MACR;AACA,aAAO;AAAA,IACR;AAAA,IAEA,MAAM,KAAK,KAAK,QAAQ;AACvB,YAAM,WAAW,IAAI,IAAI,GAAG;AAC5B,UAAI,YAAY,CAAC,UAAU,QAAQ,GAAG;AACrC,eAAO;AAAA,MACR;AACA,UAAI,IAAI,KAAK,MAAM;AACnB,aAAO;AAAA,IACR;AAAA,IAEA,MAAM,SAAS,KAAK,UAAU;AAC7B,YAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,UAAI,QAAQ;AACX,eAAO,SAAS;AAChB,eAAO,WAAW;AAAA,MACnB;AAAA,IACD;AAAA,IAEA,MAAM,OAAO,KAAK;AACjB,UAAI,OAAO,GAAG;AAAA,IACf;AAAA,EACD;AACD;","names":[]}

package/dist/types-YeEt4qLu.d.cts

@@ -0,0 +1,55 @@
+import { Env, Context } from 'hono';
+
+interface ProblemDetail {
+    type: string;
+    title: string;
+    status: number;
+    detail: string;
+}
+
+interface IdempotencyStore {
+    /** Get a record by key. Returns undefined if not found. */
+    get(key: string): Promise<IdempotencyRecord | undefined>;
+    /**
+     * Attempt to lock a key (save in "processing" state).
+     * Returns false if the key already exists (optimistic lock).
+     */
+    lock(key: string, record: IdempotencyRecord): Promise<boolean>;
+    /** Save the response and mark the record as "completed". */
+    complete(key: string, response: StoredResponse): Promise<void>;
+    /** Delete a key (cleanup on error). */
+    delete(key: string): Promise<void>;
+}
+
+interface IdempotencyEnv extends Env {
+    Variables: {
+        idempotencyKey: string;
+    };
+}
+interface StoredResponse {
+    status: number;
+    headers: Record<string, string>;
+    body: string;
+}
+interface IdempotencyRecord {
+    key: string;
+    fingerprint: string;
+    status: "processing" | "completed";
+    response?: StoredResponse;
+    createdAt: number;
+}
+interface IdempotencyOptions {
+    store: IdempotencyStore;
+    headerName?: string;
+    fingerprint?: (c: Context) => string | Promise<string>;
+    required?: boolean;
+    methods?: string[];
+    maxKeyLength?: number;
+    /** Should be a lightweight, side-effect-free predicate. Avoid reading the request body. */
+    skipRequest?: (c: Context) => boolean | Promise<boolean>;
+    /** Return a Response with an error status (4xx/5xx). Returning 2xx bypasses idempotency guarantees. */
+    onError?: (error: ProblemDetail, c: Context) => Response | Promise<Response>;
+    cacheKeyPrefix?: string | ((c: Context) => string | Promise<string>);
+}
+
+export type { IdempotencyOptions as I, ProblemDetail as P, StoredResponse as S, IdempotencyEnv as a, IdempotencyRecord as b, IdempotencyStore as c };

package/dist/types-YeEt4qLu.d.ts

@@ -0,0 +1,55 @@
+import { Env, Context } from 'hono';
+
+interface ProblemDetail {
+    type: string;
+    title: string;
+    status: number;
+    detail: string;
+}
+
+interface IdempotencyStore {
+    /** Get a record by key. Returns undefined if not found. */
+    get(key: string): Promise<IdempotencyRecord | undefined>;
+    /**
+     * Attempt to lock a key (save in "processing" state).
+     * Returns false if the key already exists (optimistic lock).
+     */
+    lock(key: string, record: IdempotencyRecord): Promise<boolean>;
+    /** Save the response and mark the record as "completed". */
+    complete(key: string, response: StoredResponse): Promise<void>;
+    /** Delete a key (cleanup on error). */
+    delete(key: string): Promise<void>;
+}
+
+interface IdempotencyEnv extends Env {
+    Variables: {
+        idempotencyKey: string;
+    };
+}
+interface StoredResponse {
+    status: number;
+    headers: Record<string, string>;
+    body: string;
+}
+interface IdempotencyRecord {
+    key: string;
+    fingerprint: string;
+    status: "processing" | "completed";
+    response?: StoredResponse;
+    createdAt: number;
+}
+interface IdempotencyOptions {
+    store: IdempotencyStore;
+    headerName?: string;
+    fingerprint?: (c: Context) => string | Promise<string>;
+    required?: boolean;
+    methods?: string[];
+    maxKeyLength?: number;
+    /** Should be a lightweight, side-effect-free predicate. Avoid reading the request body. */
+    skipRequest?: (c: Context) => boolean | Promise<boolean>;
+    /** Return a Response with an error status (4xx/5xx). Returning 2xx bypasses idempotency guarantees. */
+    onError?: (error: ProblemDetail, c: Context) => Response | Promise<Response>;
+    cacheKeyPrefix?: string | ((c: Context) => string | Promise<string>);
+}
+
+export type { IdempotencyOptions as I, ProblemDetail as P, StoredResponse as S, IdempotencyEnv as a, IdempotencyRecord as b, IdempotencyStore as c };

package/package.json

@@ -0,0 +1,103 @@
+{
+  "name": "hono-idempotency",
+  "version": "0.1.0",
+  "description": "Stripe-style Idempotency-Key middleware for Hono. IETF draft-ietf-httpapi-idempotency-key-header compliant.",
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.js"
+      },
+      "require": {
+        "types": "./dist/index.d.cts",
+        "default": "./dist/index.cjs"
+      }
+    },
+    "./stores/memory": {
+      "import": {
+        "types": "./dist/stores/memory.d.ts",
+        "default": "./dist/stores/memory.js"
+      },
+      "require": {
+        "types": "./dist/stores/memory.d.cts",
+        "default": "./dist/stores/memory.cjs"
+      }
+    },
+    "./stores/cloudflare-kv": {
+      "import": {
+        "types": "./dist/stores/cloudflare-kv.d.ts",
+        "default": "./dist/stores/cloudflare-kv.js"
+      },
+      "require": {
+        "types": "./dist/stores/cloudflare-kv.d.cts",
+        "default": "./dist/stores/cloudflare-kv.cjs"
+      }
+    },
+    "./stores/cloudflare-d1": {
+      "import": {
+        "types": "./dist/stores/cloudflare-d1.d.ts",
+        "default": "./dist/stores/cloudflare-d1.js"
+      },
+      "require": {
+        "types": "./dist/stores/cloudflare-d1.d.cts",
+        "default": "./dist/stores/cloudflare-d1.cjs"
+      }
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "keywords": [
+    "hono",
+    "idempotency",
+    "idempotency-key",
+    "middleware",
+    "cloudflare-workers",
+    "edge"
+  ],
+  "author": "Ryota Ikezawa",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/paveg/hono-idempotency.git"
+  },
+  "homepage": "https://github.com/paveg/hono-idempotency#readme",
+  "bugs": {
+    "url": "https://github.com/paveg/hono-idempotency/issues"
+  },
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public",
+    "provenance": true
+  },
+  "engines": {
+    "node": ">=20"
+  },
+  "peerDependencies": {
+    "hono": ">=4.0.0"
+  },
+  "devDependencies": {
+    "@biomejs/biome": "^1.9.0",
+    "@changesets/changelog-github": "0.5.2",
+    "@changesets/cli": "2.29.8",
+    "@vitest/coverage-v8": "3.2.4",
+    "hono": "^4.7.0",
+    "lefthook": "2.1.1",
+    "tsup": "^8.0.0",
+    "typescript": "^5.7.0",
+    "vitest": "^3.0.0"
+  },
+  "scripts": {
+    "build": "tsup",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "lint": "biome check .",
+    "lint:fix": "biome check --write .",
+    "format": "biome format --write .",
+    "typecheck": "tsc --noEmit",
+    "release": "pnpm build && changeset publish"
+  }
+}