kaelum 1.4.3 → 1.4.5

package/.prettierignore

@@ -0,0 +1,5 @@
+node_modules
+docs
+coverage
+package-lock.json
+*.md

package/.prettierrc

@@ -0,0 +1,7 @@
+{
+  "semi": true,
+  "singleQuote": false,
+  "trailingComma": "es5",
+  "printWidth": 90,
+  "tabWidth": 2
+}

package/.versionrc.js

@@ -0,0 +1,20 @@
+module.exports = {
+  infile: 'docs/misc/changelog.md',
+  types: [
+    { type: 'feat', section: 'Features' },
+    { type: 'fix', section: 'Bug Fixes' },
+    { type: 'perf', section: 'Performance Improvements' },
+    { type: 'revert', section: 'Reverts' },
+    { type: 'docs', section: 'Documentation', hidden: false },
+    { type: 'style', section: 'Styles', hidden: true },
+    { type: 'chore', section: 'Miscellaneous', hidden: false },
+    { type: 'refactor', section: 'Code Refactoring', hidden: false },
+    { type: 'test', section: 'Tests', hidden: true },
+    { type: 'build', section: 'Build System', hidden: true },
+    { type: 'ci', section: 'CI/CD', hidden: true },
+  ],
+  commitUrlFormat: '{{host}}/{{owner}}/{{repository}}/commit/{{hash}}',
+  compareUrlFormat: '{{host}}/{{owner}}/{{repository}}/compare/{{previousTag}}...{{currentTag}}',
+  issueUrlFormat: '{{host}}/{{owner}}/{{repository}}/issues/{{id}}',
+  userUrlFormat: '{{host}}/{{user}}'
+};

package/CODE_OF_CONDUCT.md

@@ -0,0 +1,57 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, caste, color, religion, or sexual
+identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy toward other community members
+
+Examples of unacceptable behavior:
+
+* The use of sexualized language or imagery, and sexual attention or advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+**campagno.matheus@gmail.com**.
+
+All complaints will be reviewed and investigated promptly and fairly.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant](https://www.contributor-covenant.org/),
+version 2.1, available at
+[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html](https://www.contributor-covenant.org/version/2/1/code_of_conduct.html).

package/CONTRIBUTING.md

@@ -0,0 +1,79 @@
+# Contributing to Kaelum
+
+Thank you for your interest in contributing to Kaelum! Every contribution helps make the framework better.
+
+## Getting Started
+
+1. **Fork** the repository on GitHub
+2. **Clone** your fork locally:
+   ```bash
+   git clone https://github.com/YOUR_USERNAME/kaelum.git
+   cd kaelum
+   ```
+3. **Install** dependencies:
+   ```bash
+   npm install
+   ```
+4. **Run tests** to make sure everything works:
+   ```bash
+   npm test
+   ```
+
+## Development Workflow
+
+1. Create a new branch from `main`:
+   ```bash
+   git checkout -b feat/your-feature
+   ```
+2. Make your changes
+3. Write or update tests as needed
+4. Run `npm test` to verify
+5. Commit using [Conventional Commits](https://www.conventionalcommits.org/):
+   ```bash
+   git commit -m "feat(core): add new feature"
+   ```
+6. Push and open a Pull Request
+
+## Commit Convention
+
+We follow **Conventional Commits**:
+
+| Prefix | Usage |
+|--------|-------|
+| `feat` | New feature |
+| `fix` | Bug fix |
+| `docs` | Documentation only |
+| `refactor` | Code change that neither fixes a bug nor adds a feature |
+| `test` | Adding or updating tests |
+| `chore` | Maintenance tasks |
+| `perf` | Performance improvements |
+
+## Pull Request Guidelines
+
+- Describe **what** changed and **why**
+- Reference related issues (e.g., `Closes #42`)
+- Keep PRs focused — one feature or fix per PR
+- Ensure all tests pass
+- Update documentation if applicable
+
+## Reporting Bugs
+
+Use the [Bug Report](https://github.com/kaelumjs/kaelum/issues/new?template=bug_report.md) issue template. Include:
+
+- Steps to reproduce
+- Expected vs actual behavior
+- Node.js and Kaelum versions
+- Relevant logs or error messages
+
+## Suggesting Features
+
+Use the [Feature Request](https://github.com/kaelumjs/kaelum/issues/new?template=feature_request.md) issue template. Describe:
+
+- The problem you're trying to solve
+- Your proposed solution
+- Any alternatives you considered
+
+## Code of Conduct
+
+This project follows the [Contributor Covenant Code of Conduct](./CODE_OF_CONDUCT.md).
+By participating, you agree to abide by its terms.

package/README.md

@@ -1,281 +1,260 @@
 <div align="center">
 
+<img src="docs/public/logo-black.svg" alt="Kaelum" width="120" />
+
 <h1>Kaelum</h1>
 
-[![npm version](https://img.shields.io/npm/v/kaelum)](https://www.npmjs.com/package/kaelum)
-[![Build Status](https://github.com/MatheusCampagnolo/kaelum/actions/workflows/deploy-docs.yml/badge.svg)](https://github.com/MatheusCampagnolo/kaelum/actions)
-[![License](https://img.shields.io/badge/license-MIT-green)](LICENSE)
-[![Docs](https://img.shields.io/badge/docs-online-blue)](https://matheuscampagnolo.github.io/kaelum/)
+<p><strong>Fast, minimalist Node.js framework for web apps & REST APIs</strong></p>
 
-**Kaelum.js** — Minimalist Node.js framework to simplify creation of web pages and REST APIs.  
-Designed for students and developers who want a fast, opinionated project scaffold and a small, friendly API that encapsulates common Express.js boilerplate.
+[![npm version](https://img.shields.io/npm/v/kaelum?color=blue)](https://www.npmjs.com/package/kaelum)
+[![npm downloads](https://img.shields.io/npm/dm/kaelum?color=green)](https://www.npmjs.com/package/kaelum)
+[![CI](https://github.com/kaelumjs/kaelum/actions/workflows/test.yml/badge.svg)](https://github.com/kaelumjs/kaelum/actions)
+[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
 
-👉 [**Read the full documentation here**](https://matheuscampagnolo.github.io/kaelum/)
+[📚 Documentation](https://kaelumjs.vercel.app) · [🐛 Report Bug](https://github.com/kaelumjs/kaelum/issues/new?template=bug_report.md) · [💡 Request Feature](https://github.com/kaelumjs/kaelum/issues/new?template=feature_request.md)
 
-**If Kaelum helps you, consider supporting its development:**
+</div>
 
-<a href='https://ko-fi.com/Z8Z51NK4KT' target='_blank'><img height='36' style='border:0px;height:36px;' src='https://storage.ko-fi.com/cdn/kofi6.png?v=6' border='0' alt='Buy Me a Coffee at ko-fi.com' /></a>
+---
 
-</div>
+## Why Kaelum?
 
-## 🚀 Quick start
+<table>
+<tr>
+<td width="50%">
 
-Create a new project (interactive):
+**Without Kaelum (raw Express)**
 
-```bash
-npx kaelum create
+```js
+const express = require("express");
+const cors = require("cors");
+const helmet = require("helmet");
+const morgan = require("morgan");
+const path = require("path");
+
+const app = express();
+app.use(express.json());
+app.use(express.urlencoded({ extended: true }));
+app.use(cors());
+app.use(helmet());
+app.use(morgan("dev"));
+app.use(express.static(path.join(__dirname, "public")));
+app.set("view engine", "ejs");
+
+app.get("/users", listUsers);
+app.post("/users", createUser);
+app.get("/users/:id", getUser);
+
+app.listen(3000);
 ```
 
-Or create non-interactively (project name + template):
+</td>
+<td width="50%">
 
-```bash
-npx kaelum create my-app --template web
-# or
-npx kaelum create my-api --template api
-```
+**With Kaelum** ✨
 
-Then:
+```js
+const kaelum = require("kaelum");
+const app = kaelum();
 
-```bash
-cd my-app
-npm install
-npm start
+app.setConfig({
+  cors: true,
+  helmet: true,
+  logs: "dev",
+  port: 3000,
+});
+
+app.apiRoute("users", {
+  get: listUsers,
+  post: createUser,
+  "/:id": { get: getUser },
+});
+
+app.start();
 ```
 
-> No need to install Kaelum globally — `npx` handles execution.
+</td>
+</tr>
+</table>
+
+> **Less boilerplate. Same Express power. Better DX.**
 
 ---
 
-## 📦 What Kaelum provides
+## ⚡ Quick Start
 
-- CLI that scaffolds a ready-to-run project (Web or API template) using an opinionated **MVC** structure.
-- Thin abstraction layer over **Express.js** that:
+```bash
+# Scaffold a new project
+npx kaelum create my-app --template web
 
-  - automates JSON / URL-encoded parsing by default,
-  - automatically loads environment variables from `.env`,
-  - automatically configures common security middlewares via `setConfig` (CORS, Helmet),
-  - simplifies view engine setup via `setConfig`,
-  - exposes a small, easy-to-learn API for routes, middleware and configuration.
+# Or an API project
+npx kaelum create my-api --template api
 
-- Small set of helpers for common tasks: `start`, `addRoute`, `apiRoute`, `setConfig`, `static`, `redirect`, `healthCheck`, `useErrorHandler`, and more.
+# Run it
+cd my-app && npm install && npm start
+```
 
-Kaelum aims to reduce the initial setup burden while keeping flexibility for advanced users.
+> No global install needed — `npx` handles everything.
 
 ---
 
-## 📁 Template structures
+## ✨ Features
 
-### Web template (`--template web`)
+| Feature | Description |
+|---------|-------------|
+| 🚀 **Zero-Config Start** | JSON parsing, static files, EJS views — all pre-configured |
+| 🌳 **Tree Routing** | Recursive nested routes with `addRoute` and `apiRoute` |
+| 🔒 **Security Built-in** | One-toggle CORS, Helmet, and XSS protection |
+| 🛠️ **CLI Scaffolding** | `npx kaelum create` with Web and API templates |
+| 📦 **Dual Module** | Works with both `require()` and `import` |
+| 🏥 **Health Checks** | Built-in `/health` endpoint with readiness probes |
+| ⚡ **Middleware Manager** | Track, add, and remove middleware programmatically |
+| 🔄 **Redirects** | Declarative redirect maps with single, array, or object syntax |
+| 🛡️ **Error Handler** | Standardized JSON/HTML error responses with hooks |
 
-```
-my-web-app/
-├── public/          # Static files (CSS, JS)
-│   └── style.css
-├── views/           # HTML templates
-│   └── index.html
-├── controllers/     # Controller logic (MVC)
-│   └── pagesController.js
-├── middlewares/     # Custom middlewares
-│   └── logger.js
-├── routes.js        # Route definitions (example uses Kaelum helpers)
-├── app.js           # Server initialization (uses Kaelum API)
-└── package.json
-```
+---
 
-### API template (`--template api`)
+## 📦 Installation
 
+```bash
+npm install kaelum
 ```
-my-api-app/
-├── controllers/
-│   └── usersController.js
-├── middlewares/
-│   └── authMock.js
-├── routes.js
-├── app.js
-└── package.json
+
+```js
+// CommonJS
+const kaelum = require("kaelum");
+const app = kaelum();
+
+// ESM
+import kaelum from "kaelum";
+const app = kaelum();
 ```
 
 ---
 
-## 🧩 Core API
-
-> Kaelum exposes a factory — use `require` (CommonJS) or `import` (ESM) to get an app instance:
- 
- ```js
- // CommonJS
- const kaelum = require("kaelum");
- const app = kaelum();
- 
- // ESM
- import kaelum from "kaelum";
- const app = kaelum();
- ```
+## 🧩 API Overview
 
 ### `app.setConfig(options)`
 
-Enable/disable common features:
-
 ```js
 app.setConfig({
-  cors: true, // apply CORS (requires cors package in dependencies)
-  helmet: true, // apply Helmet
-  static: "public", // serve static files from "public"
-  bodyParser: true, // default: enabled (JSON + urlencoded)
-  logs: false, // enable request logging via morgan (if installed)
-  port: 3000, // prefered port (used when calling app.start() without port)
-  views: { engine: 'ejs', path: './views' } // configure view engine
+  cors: true,           // enable CORS
+  helmet: true,         // HTTP security headers
+  static: "public",     // serve static files
+  logs: "dev",          // morgan request logging
+  bodyParser: true,     // JSON + urlencoded (default: on)
+  port: 3000,           // preferred port
+  views: { engine: "ejs", path: "./views" },
 });
 ```
 
-- `setConfig` persists settings to the Kaelum config and will install/remove Kaelum-managed middlewares.
-- Kaelum enables JSON/urlencoded parsing by default so beginners won't forget to parse request bodies.
-
----
-
-### `app.start(port, callback)`
-
-Starts the HTTP server. If `port` is omitted, Kaelum reads `port` from `setConfig` or falls back to `3000`.
+### `app.addRoute(path, handlers)`
 
 ```js
-app.start(3000, () => console.log("Running"));
+app.addRoute("/dashboard", {
+  get: (req, res) => res.render("dashboard"),
+  post: handleForm,
+  "/settings": {
+    get: showSettings,
+    put: updateSettings,
+  },
+});
 ```
 
----
-
-### `app.addRoute(path, handlers)` and `app.apiRoute(resource, handlers)`
-
-Register routes easily:
+### `app.apiRoute(resource, handlers)`
 
 ```js
-app.addRoute("/home", {
-  get: (req, res) => res.send("Welcome!"),
-  post: (req, res) => res.send("Posted!"),
-});
-
-// apiRoute builds RESTy resources with recursive nested subpaths:
-app.apiRoute("users", {
-  get: listUsers,
-  post: createUser,
+app.apiRoute("products", {
+  get: listAll,
+  post: create,
   "/:id": {
-    get: getUserById,
-    put: updateUser,
-    delete: deleteUser,
-    "/posts": {
-      get: getUserPosts // GET /users/:id/posts
-    }
+    get: getById,
+    put: update,
+    delete: remove,
+    "/reviews": {
+      get: getReviews,   // GET /products/:id/reviews
+      post: addReview,
+    },
   },
 });
 ```
 
-`addRoute` also accepts a single handler function (assumed `GET`).
-
----
-
-### `app.setMiddleware(...)`
-
-Flexible helper to register middleware(s):
+### Other Helpers
 
 ```js
-// single middleware
-app.setMiddleware(require("helmet")());
-
-// array of middlewares
-app.setMiddleware([mw1, mw2]);
-
-// mount middleware on a path
-app.setMiddleware("/admin", authMiddleware);
+app.start(3000);                              // start server
+app.setMiddleware("/admin", authMiddleware);   // scoped middleware
+app.redirect("/old", "/new", 301);            // redirects
+app.healthCheck("/health");                   // health endpoint
+app.useErrorHandler({ exposeStack: false });  // error handling
 ```
 
 ---
 
-### `app.redirect(from, to, status)`
+## 📁 Project Templates
 
-Register a redirect route:
+### Web Template
 
-```js
-app.redirect("/old-url", "/new-url", 302);
+```
+my-web-app/
+├── public/            # Static assets
+├── views/             # EJS templates
+├── controllers/       # Route logic (MVC)
+├── middlewares/        # Custom middleware
+├── routes.js          # Route definitions
+├── app.js             # Entry point
+└── package.json
 ```
 
----
-
-### `app.healthCheck(path = '/health')`
-
-Adds a health endpoint returning `{ status: 'OK', uptime, timestamp, pid }`.
-
----
-
-### `app.useErrorHandler(options)`
-
-Attach Kaelum's default JSON error handler:
+### API Template
 
-```js
-app.useErrorHandler({ exposeStack: false });
 ```
-
-It will return standardized JSON for errors and log server-side errors (5xx) to `console.error`.
+my-api/
+├── controllers/       # Business logic
+├── middlewares/        # Auth, validation
+├── routes.js          # API routes
+├── app.js             # Entry point
+└── package.json
+```
 
 ---
 
-## 🧪 Running Tests
-
-Kaelum includes a unit test suite using **Jest**. To run the tests:
+## 🧪 Testing
 
 ```bash
-npm test
+npm test        # run all tests
+npm run lint    # check code with ESLint
+npm run format  # format code with Prettier
 ```
 
-This checks core functionality including `setConfig`, routes, and error handlers.
-
 ---
 
-## 🔧 Local development & contributing
-
-```bash
-git clone https://github.com/MatheusCampagnolo/kaelum.git
-cd kaelum
-npm install
-npm link
-```
+## 🤝 Contributing
 
-Now you can test the CLI locally:
+We welcome contributions! Please read our [Contributing Guide](CONTRIBUTING.md) before submitting a PR.
 
-```bash
-npx kaelum create my-test --template web
-```
+See also: [Code of Conduct](CODE_OF_CONDUCT.md) · [Security Policy](SECURITY.md)
 
 ---
 
-## 📝 Why Kaelum?
+## 🌐 Ecosystem
 
-- Reduces repetitive boilerplate required to start Node/Express web projects.
-- Opinionated scaffolding (MVC) helps beginners adopt better structure.
-- Keeps a small API surface: easy to teach and document.
-- Extensible — `setConfig` and middleware helpers allow adding features without exposing Express internals.
+| Package | Description |
+|---------|-------------|
+| [kaelum](https://www.npmjs.com/package/kaelum) | Core framework |
+| [kaelumjs/docs](https://github.com/kaelumjs/docs) | Documentation site |
+| [kaelumjs/.github](https://github.com/kaelumjs/.github) | Shared community standards |
 
 ---
 
-## ✅ Current status
-
-> Kaelum is under active development.
-> CLI scaffolds web and API templates, and the framework includes the MVP helpers (`start`, `addRoute`, `apiRoute`, `setConfig`, `static`, `redirect`, `healthCheck`, `useErrorHandler`) and security toggles for `cors` and `helmet`.
-
----
+## ☕ Support
 
-## 📚 Links
+If Kaelum helps you, consider supporting its development:
 
-- [GitHub](https://github.com/MatheusCampagnolo/kaelum)
-- [npm](https://www.npmjs.com/package/kaelum)
-- [Documentation](https://matheuscampagnolo.github.io/kaelum/)
+<a href='https://ko-fi.com/Z8Z51NK4KT' target='_blank'><img height='36' style='border:0px;height:36px;' src='https://storage.ko-fi.com/cdn/kofi6.png?v=6' border='0' alt='Buy Me a Coffee at ko-fi.com' /></a>
 
 ---
 
-## 🧾 License
+## 📝 License
 
 MIT — see [LICENSE](LICENSE).
-
----
-
-## ✍️ Notes for maintainers
-
-- Templates use `commonjs` (`require` / `module.exports`).
-- Update template dependencies to reference the correct Kaelum version when releasing new npm versions.

package/SECURITY.md

@@ -0,0 +1,42 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported |
+|---------|-----------|
+| 1.4.x   | ✅ Active  |
+| < 1.4   | ❌ End of life |
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability, please report it responsibly.
+
+**Do NOT open a public GitHub issue for security vulnerabilities.**
+
+Instead, please email us at: **campagno.matheus@gmail.com**
+
+Include:
+
+- A description of the vulnerability
+- Steps to reproduce the issue
+- Potential impact
+- Suggested fix (if any)
+
+## Response Timeline
+
+- **Acknowledgment**: Within 48 hours
+- **Initial assessment**: Within 1 week
+- **Fix & release**: Depending on severity, typically within 2 weeks
+
+## Disclosure Policy
+
+- We will coordinate with you on disclosure timing
+- We will credit reporters in the release notes (unless you prefer anonymity)
+- We follow [responsible disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure) practices
+
+## Security Best Practices for Users
+
+- Always use the latest version of Kaelum
+- Keep your dependencies up to date (`npm audit`)
+- Never expose `exposeStack: true` in production
+- Use `helmet` via `setConfig({ helmet: true })` for HTTP security headers

package/cli/index.js

@@ -1,4 +1,4 @@
-#!/usr/bin/env node
+#!/usr/bin/env node
 const { createProject } = require("./create");
 const argv = process.argv.slice(2);
 

package/cli/templates/api/app.js

@@ -22,4 +22,4 @@ app.useErrorHandler({ exposeStack: false });
 
 // start server
 const PORT = process.env.PORT || 4000;
-app.start(PORT);
+app.start(PORT);

package/cli/templates/api/package.json

@@ -19,4 +19,4 @@
     "morgan": "^1.10.0"
   },
   "devDependencies": {}
-}
+}

package/cli/templates/web/app.js

@@ -23,4 +23,4 @@ app.useErrorHandler({ exposeStack: false });
 
 // Start server (explicit port for template demo)
 const PORT = process.env.PORT || 3000;
-app.start(PORT);
+app.start(PORT);

package/cli/templates/web/package.json

@@ -18,4 +18,4 @@
     "helmet": "^6.0.0"
   },
   "devDependencies": {}
-}
+}

package/cli/templates/web/views/index.html

@@ -42,4 +42,4 @@
       </section>
     </main>
   </body>
-</html>
+</html>

package/cli/utils.js

@@ -55,4 +55,4 @@ async function copyTemplate(sourceDir, targetDir, projectName) {
   }
 }
 
-module.exports = { copyTemplate };
+module.exports = { copyTemplate };

package/core/addRoute.js

@@ -58,7 +58,6 @@ function wrapHandler(fn) {
  * @returns {string}
  */
 function joinPaths(basePath, key) {
-  if (!basePath.endsWith("/")) basePath = basePath;
   // remove trailing slash from basePath (except if basePath === '/')
   if (basePath !== "/" && basePath.endsWith("/")) {
     basePath = basePath.slice(0, -1);
@@ -142,4 +141,4 @@ function addRoute(app, basePath, handlers = {}) {
   }
 }
 
-module.exports = addRoute;
+module.exports = addRoute;

package/core/apiRoute.js

@@ -132,4 +132,4 @@ function apiRoute(app, resource, handlers = {}) {
   );
 }
 
-module.exports = apiRoute;
+module.exports = apiRoute;

package/core/errorHandler.js

@@ -111,18 +111,26 @@ function errorHandlerFactory(options = {}) {
     if (req && req.accepts && req.accepts("html") && !req.accepts("json")) {
       // simple HTML response for browsers preferring HTML
       const title = `Error ${status}`;
+      // sanitize to prevent XSS when injecting into HTML
+      const escapeHtml = (str) =>
+        String(str)
+          .replace(/&/g, "&")
+          .replace(/</g, "&lt;")
+          .replace(/>/g, "&gt;")
+          .replace(/"/g, "&quot;");
+      const safeMessage = escapeHtml(payload.error.message);
+      const safeStack =
+        exposeStack && payload.error.stack
+          ? `<pre>${escapeHtml(payload.error.stack)}</pre>`
+          : "";
       const body = `
         <!doctype html>
         <html>
           <head><meta charset="utf-8"/><title>${title}</title></head>
           <body>
             <h1>${title}</h1>
-            <p>${payload.error.message}</p>
-            ${
-              exposeStack && payload.error.stack
-                ? `<pre>${payload.error.stack}</pre>`
-                : ""
-            }
+            <p>${safeMessage}</p>
+            ${safeStack}
           </body>
         </html>`;
       res.status(status).type("html").send(body);
@@ -136,4 +144,4 @@ function errorHandlerFactory(options = {}) {
 
 // Export both default and named to keep compatibility with different import styles
 module.exports = errorHandlerFactory;
-module.exports.errorHandler = errorHandlerFactory;
+module.exports.errorHandler = errorHandlerFactory;

package/core/healthCheck.js

@@ -201,4 +201,4 @@ function registerHealth(app, opts = {}) {
   return handler;
 }
 
-module.exports = registerHealth;
+module.exports = registerHealth;

package/core/redirect.js

@@ -174,4 +174,4 @@ function redirect(app, fromOrMap, toOrStatus, maybeStatus) {
   return registered.length ? registered : null;
 }
 
-module.exports = redirect;
+module.exports = redirect;

package/core/setConfig.js

@@ -5,6 +5,7 @@
 // - Keeps references to Kaelum-installed middleware so toggles (false) remove them.
 
 const path = require("path");
+const { removeMiddlewareByFn } = require("./utils");
 
 function tryRequire(name) {
   try {
@@ -27,15 +28,7 @@ function persistConfig(app, options = {}) {
   return merged;
 }
 
-/**
- * Remove a middleware function reference from express stack
- * @param {Object} app
- * @param {Function} fn
- */
-function removeMiddlewareByFn(app, fn) {
-  if (!app || !app._router || !Array.isArray(app._router.stack)) return;
-  app._router.stack = app._router.stack.filter((layer) => layer.handle !== fn);
-}
+// removeMiddlewareByFn imported from ./utils.js
 
 /**
  * Remove static middleware previously installed by Kaelum (if any)
@@ -268,4 +261,4 @@ function setConfig(app, options = {}) {
   return app.locals.kaelumConfig;
 }
 
-module.exports = setConfig;
+module.exports = setConfig;

package/core/setMiddleware.js

@@ -187,4 +187,4 @@ setMiddleware.remove = function (app, path) {
     : [];
 };
 
-module.exports = setMiddleware;
+module.exports = setMiddleware;

package/core/start.js

@@ -112,4 +112,4 @@ function start(app, port, cb) {
   return server;
 }
 
-module.exports = start;
+module.exports = start;

package/core/utils.js

@@ -0,0 +1,23 @@
+// core/utils.js
+// Shared utility functions used across Kaelum core modules.
+
+/**
+ * Remove a middleware function reference from the Express internal router stack.
+ * Only removes layers whose handle matches the given function reference.
+ *
+ * @param {Object} app - Express app instance
+ * @param {Function} fn - middleware function reference to remove
+ */
+function removeMiddlewareByFn(app, fn) {
+  if (
+    !app ||
+    !app._router ||
+    !Array.isArray(app._router.stack)
+  )
+    return;
+  app._router.stack = app._router.stack.filter(
+    (layer) => layer.handle !== fn
+  );
+}
+
+module.exports = { removeMiddlewareByFn };

package/createApp.js

@@ -18,6 +18,7 @@ const coreSetConfig = require("./core/setConfig");
 const { errorHandler } = require("./core/errorHandler");
 const registerHealth = require("./core/healthCheck");
 const redirect = require("./core/redirect");
+const { removeMiddlewareByFn } = require("./core/utils");
 
 function createApp() {
   const app = express();
@@ -99,18 +100,7 @@ function createApp() {
   // middleware utility helpers
   // ---------------------------
 
-  // remove middleware by matching the function reference from the express internal stack
-  function removeMiddlewareByFn(appInstance, fn) {
-    if (
-      !appInstance ||
-      !appInstance._router ||
-      !Array.isArray(appInstance._router.stack)
-    )
-      return;
-    appInstance._router.stack = appInstance._router.stack.filter(
-      (layer) => layer.handle !== fn
-    );
-  }
+  // removeMiddlewareByFn imported from core/utils.js
 
   // ---------------------------
   // bind existing core helpers to the app
@@ -182,4 +172,4 @@ function createApp() {
   return app;
 }
 
-module.exports = createApp;
+module.exports = createApp;

package/eslint.config.mjs

@@ -0,0 +1,43 @@
+import js from "@eslint/js";
+import prettier from "eslint-config-prettier";
+
+export default [
+  js.configs.recommended,
+  prettier,
+  {
+    languageOptions: {
+      ecmaVersion: 2022,
+      sourceType: "commonjs",
+      globals: {
+        console: "readonly",
+        process: "readonly",
+        require: "readonly",
+        module: "readonly",
+        exports: "readonly",
+        __dirname: "readonly",
+        __filename: "readonly",
+        Buffer: "readonly",
+        setImmediate: "readonly",
+        setTimeout: "readonly",
+        clearTimeout: "readonly",
+        setInterval: "readonly",
+        clearInterval: "readonly",
+      },
+    },
+    rules: {
+      "no-unused-vars": ["warn", { argsIgnorePattern: "^_|next" }],
+      "no-console": "off",
+      "prefer-const": "warn",
+    },
+  },
+  {
+    ignores: [
+      "node_modules/",
+      "docs/",
+      "coverage/",
+      "cli/templates/",
+      "*.config.js",
+      "*.config.mjs",
+    ],
+  },
+];

package/index.js

@@ -1,2 +1,2 @@
 const createApp = require("./createApp");
-module.exports = createApp;
+module.exports = createApp;

package/index.mjs

@@ -1,2 +1,2 @@
 import createApp from './index.js';
-export default createApp;
+export default createApp;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "kaelum",
-  "version": "1.4.3",
+  "version": "1.4.5",
   "description": "A minimalist Node.js framework for building web pages and APIs with simplicity and speed.",
   "main": "index.js",
   "exports": {
@@ -13,7 +13,15 @@
     "kaelum": "cli/index.js"
   },
   "scripts": {
-    "test": "node --experimental-vm-modules node_modules/jest/bin/jest.js --verbose"
+    "test": "node --experimental-vm-modules node_modules/jest/bin/jest.js --verbose",
+    "lint": "eslint .",
+    "format": "prettier --write .",
+    "release": "standard-version",
+    "changelog": "standard-version --skip.bump --skip.tag --skip.commit"
+  },
+  "funding": {
+    "type": "ko-fi",
+    "url": "https://ko-fi.com/matheusmessias"
   },
   "keywords": [
     "framework",
@@ -28,6 +36,14 @@
   ],
   "author": "Matheus Campagnolo",
   "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/kaelumjs/kaelum.git"
+  },
+  "bugs": {
+    "url": "https://github.com/kaelumjs/kaelum/issues"
+  },
+  "homepage": "https://github.com/kaelumjs/kaelum#readme",
   "dependencies": {
     "cors": "^2.8.5",
     "dotenv": "^17.2.3",
@@ -39,7 +55,11 @@
     "morgan": "^1.10.1"
   },
   "devDependencies": {
+    "eslint": "^10.0.2",
+    "eslint-config-prettier": "^10.1.8",
     "jest": "^30.2.0",
+    "prettier": "^3.8.1",
+    "standard-version": "^9.5.0",
     "supertest": "^7.2.2"
   }
 }