kempo-server 1.4.3 → 1.4.5

package/serveFile.js

@@ -1,71 +1,71 @@
-import path from 'path';
-import { readFile } from 'fs/promises';
-import { pathToFileURL } from 'url';
-import findFile from './findFile.js';
-import createRequestWrapper from './requestWrapper.js';
-import createResponseWrapper from './responseWrapper.js';
-
-export default async (files, rootPath, requestPath, method, config, req, res, log) => {
-  log(`Attempting to serve: ${requestPath}`, 3);
-  const [file, params] = await findFile(files, rootPath, requestPath, method, log);
-  
-  if (!file) {
-    log(`No file found for: ${requestPath}`, 3);
-    return false; // Could not find file
-  }
-  
-  const fileName = path.basename(file);
-  log(`Found file: ${file}`, 2);
-  
-  // Check if this is a route file that should be executed as a module
-  if (config.routeFiles.includes(fileName)) {
-    log(`Executing route file: ${fileName}`, 2);
-    try {
-      // Load the file as a module
-      const fileUrl = pathToFileURL(file).href;
-      log(`Loading module from: ${fileUrl}`, 3);
-      const module = await import(fileUrl);
-      
-      // Execute the default export function
-      if (typeof module.default === 'function') {
-        log(`Executing route function with params: ${JSON.stringify(params)}`, 3);
-        
-        // Create enhanced request and response wrappers
-        const enhancedRequest = createRequestWrapper(req, params);
-        const enhancedResponse = createResponseWrapper(res);
-        
-        await module.default(enhancedRequest, enhancedResponse);
-        log(`Route executed successfully: ${fileName}`, 2);
-        return true; // Successfully served
-      } else {
-        log(`Route file does not export a function: ${fileName}`, 0);
-        res.writeHead(500, { 'Content-Type': 'text/plain' });
-        res.end('Route file does not export a function');
-        return true; // Handled (even though it's an error)
-      }
-    } catch (error) {
-      log(`Error loading route file ${fileName}: ${error.message}`, 0);
-      res.writeHead(500, { 'Content-Type': 'text/plain' });
-      res.end('Internal Server Error');
-      return true; // Handled (even though it's an error)
-    }
-  } else {
-    // Serve the file content with appropriate MIME type
-    log(`Serving static file: ${fileName}`, 2);
-    try {
-      const fileContent = await readFile(file);
-      const fileExtension = path.extname(file).toLowerCase().slice(1);
-      const mimeType = config.allowedMimes[fileExtension] || 'application/octet-stream';
-      
-      log(`Serving ${file} as ${mimeType} (${fileContent.length} bytes)`, 2);
-      res.writeHead(200, { 'Content-Type': mimeType });
-      res.end(fileContent);
-      return true; // Successfully served
-    } catch (error) {
-      log(`Error reading file ${file}: ${error.message}`, 0);
-      res.writeHead(500, { 'Content-Type': 'text/plain' });
-      res.end('Internal Server Error');
-      return true; // Handled (even though it's an error)
-    }
-  }
-};
+import path from 'path';
+import { readFile } from 'fs/promises';
+import { pathToFileURL } from 'url';
+import findFile from './findFile.js';
+import createRequestWrapper from './requestWrapper.js';
+import createResponseWrapper from './responseWrapper.js';
+
+export default async (files, rootPath, requestPath, method, config, req, res, log) => {
+  log(`Attempting to serve: ${requestPath}`, 3);
+  const [file, params] = await findFile(files, rootPath, requestPath, method, log);
+  
+  if (!file) {
+    log(`No file found for: ${requestPath}`, 3);
+    return false; // Could not find file
+  }
+  
+  const fileName = path.basename(file);
+  log(`Found file: ${file}`, 2);
+  
+  // Check if this is a route file that should be executed as a module
+  if (config.routeFiles.includes(fileName)) {
+    log(`Executing route file: ${fileName}`, 2);
+    try {
+      // Load the file as a module
+      const fileUrl = pathToFileURL(file).href;
+      log(`Loading module from: ${fileUrl}`, 3);
+      const module = await import(fileUrl);
+      
+      // Execute the default export function
+      if (typeof module.default === 'function') {
+        log(`Executing route function with params: ${JSON.stringify(params)}`, 3);
+        
+        // Create enhanced request and response wrappers
+        const enhancedRequest = createRequestWrapper(req, params);
+        const enhancedResponse = createResponseWrapper(res);
+        
+        await module.default(enhancedRequest, enhancedResponse);
+        log(`Route executed successfully: ${fileName}`, 2);
+        return true; // Successfully served
+      } else {
+        log(`Route file does not export a function: ${fileName}`, 0);
+        res.writeHead(500, { 'Content-Type': 'text/plain' });
+        res.end('Route file does not export a function');
+        return true; // Handled (even though it's an error)
+      }
+    } catch (error) {
+      log(`Error loading route file ${fileName}: ${error.message}`, 0);
+      res.writeHead(500, { 'Content-Type': 'text/plain' });
+      res.end('Internal Server Error');
+      return true; // Handled (even though it's an error)
+    }
+  } else {
+    // Serve the file content with appropriate MIME type
+    log(`Serving static file: ${fileName}`, 2);
+    try {
+      const fileContent = await readFile(file);
+      const fileExtension = path.extname(file).toLowerCase().slice(1);
+      const mimeType = config.allowedMimes[fileExtension] || 'application/octet-stream';
+      
+      log(`Serving ${file} as ${mimeType} (${fileContent.length} bytes)`, 2);
+      res.writeHead(200, { 'Content-Type': mimeType });
+      res.end(fileContent);
+      return true; // Successfully served
+    } catch (error) {
+      log(`Error reading file ${file}: ${error.message}`, 0);
+      res.writeHead(500, { 'Content-Type': 'text/plain' });
+      res.end('Internal Server Error');
+      return true; // Handled (even though it's an error)
+    }
+  }
+};

package/tests/builtinMiddleware-cors.node-test.js

@@ -1,17 +1,17 @@
-import {corsMiddleware} from '../builtinMiddleware.js';
-import {createMockReq, createMockRes, expect} from './test-utils.js';
-
-export default {
-  'cors origin array and non-OPTIONS continues to next': async ({pass, fail}) => {
-    try {
-      const res = createMockRes();
-      const mw = corsMiddleware({origin: ['http://a','http://b'], methods: ['GET'], headers: ['X']});
-      const req = createMockReq({method: 'GET', headers: {origin: 'http://b'}});
-      let called = false;
-      await mw(req, res, async () => { called = true; });
-      expect(called, 'next not called');
-      expect(res.getHeader('Access-Control-Allow-Origin') === 'http://b', 'allowed origin');
-      pass('cors array');
-    } catch(e){ fail(e.message); }
-  }
-};
+import {corsMiddleware} from '../builtinMiddleware.js';
+import {createMockReq, createMockRes, expect} from './test-utils.js';
+
+export default {
+  'cors origin array and non-OPTIONS continues to next': async ({pass, fail}) => {
+    try {
+      const res = createMockRes();
+      const mw = corsMiddleware({origin: ['http://a','http://b'], methods: ['GET'], headers: ['X']});
+      const req = createMockReq({method: 'GET', headers: {origin: 'http://b'}});
+      let called = false;
+      await mw(req, res, async () => { called = true; });
+      expect(called, 'next not called');
+      expect(res.getHeader('Access-Control-Allow-Origin') === 'http://b', 'allowed origin');
+      pass('cors array');
+    } catch(e){ fail(e.message); }
+  }
+};

package/tests/builtinMiddleware.node-test.js

@@ -1,74 +1,74 @@
-import http from 'http';
-import {createMockReq, createMockRes, expect, bigString, gzipSize, setEnv} from './test-utils.js';
-import {corsMiddleware, compressionMiddleware, rateLimitMiddleware, securityMiddleware, loggingMiddleware} from '../builtinMiddleware.js';
-
-export default {
-  'cors middleware sets headers and handles OPTIONS': async ({pass, fail}) => {
-    try {
-      const res = createMockRes();
-      const mw = corsMiddleware({origin: '*', methods: ['GET'], headers: ['X']});
-      const req = createMockReq({method: 'OPTIONS', headers: {origin: 'http://x'}});
-      await mw(req, res, async () => {});
-      expect(res.isEnded(), 'preflight should end');
-      expect(res.getHeader('Access-Control-Allow-Origin') === 'http://x' || res.getHeader('Access-Control-Allow-Origin') === '*', 'origin header');
-      pass('cors');
-    } catch(e){ fail(e.message); }
-  },
-  'compression middleware gzips when threshold met and client accepts': async ({pass, fail}) => {
-    try {
-      const res = createMockRes();
-      const mw = compressionMiddleware({threshold: 1024});
-      const req = createMockReq({headers: {'accept-encoding': 'gzip'}});
-      // simulate next writing large body
-  await mw(req, res, async () => {
-        res.write(bigString(5000));
-        res.end();
-      });
-  await new Promise(r => setTimeout(r, 10));
-      const body = res.getBody();
-      const original = Buffer.from(bigString(5000));
-      const gzLen = await gzipSize(original);
-      // If gzipped is smaller, we expect gzip header. Otherwise, implementation may send uncompressed.
-      if(gzLen < original.length){
-        expect(res.getHeader('Content-Encoding') === 'gzip', 'should gzip when beneficial');
-      }
-      expect(body.length > 0, 'has body');
-      pass('compression');
-    } catch(e){ fail(e.message); }
-  },
-  'rate limit returns 429 after maxRequests': async ({pass, fail}) => {
-    try {
-      const cfg = {maxRequests: 2, windowMs: 1000, message: 'Too many'};
-      const mw = rateLimitMiddleware(cfg);
-      const req = createMockReq();
-      const res1 = createMockRes();
-      await mw(req, res1, async () => {});
-      const res2 = createMockRes();
-      await mw(req, res2, async () => {});
-      const res3 = createMockRes();
-      await mw(req, res3, async () => {});
-      expect(res3.statusCode === 429, 'should rate limit');
-      pass('rateLimit');
-    } catch(e){ fail(e.message); }
-  },
-  'security middleware sets headers': async ({pass, fail}) => {
-    try {
-      const res = createMockRes();
-      const mw = securityMiddleware({headers: {'X-Test': '1'}});
-      await mw(createMockReq(), res, async () => {});
-      expect(res.getHeader('X-Test') === '1', 'header set');
-      pass('security');
-    } catch(e){ fail(e.message); }
-  },
-  'logging middleware logs after response end': async ({pass, fail}) => {
-    try {
-      const logs = [];
-      const logger = (m) => logs.push(String(m));
-      const mw = loggingMiddleware({includeUserAgent: true, includeResponseTime: true}, logger);
-      const res = createMockRes();
-      await mw(createMockReq({headers: {'user-agent': 'UA'}}), res, async () => { res.end('x'); });
-      expect(logs.length === 1 && logs[0].includes('GET /') && logs[0].includes('UA'), 'logged');
-      pass('logging');
-    } catch(e){ fail(e.message); }
-  }
-};
+import http from 'http';
+import {createMockReq, createMockRes, expect, bigString, gzipSize, setEnv} from './test-utils.js';
+import {corsMiddleware, compressionMiddleware, rateLimitMiddleware, securityMiddleware, loggingMiddleware} from '../builtinMiddleware.js';
+
+export default {
+  'cors middleware sets headers and handles OPTIONS': async ({pass, fail}) => {
+    try {
+      const res = createMockRes();
+      const mw = corsMiddleware({origin: '*', methods: ['GET'], headers: ['X']});
+      const req = createMockReq({method: 'OPTIONS', headers: {origin: 'http://x'}});
+      await mw(req, res, async () => {});
+      expect(res.isEnded(), 'preflight should end');
+      expect(res.getHeader('Access-Control-Allow-Origin') === 'http://x' || res.getHeader('Access-Control-Allow-Origin') === '*', 'origin header');
+      pass('cors');
+    } catch(e){ fail(e.message); }
+  },
+  'compression middleware gzips when threshold met and client accepts': async ({pass, fail}) => {
+    try {
+      const res = createMockRes();
+      const mw = compressionMiddleware({threshold: 1024});
+      const req = createMockReq({headers: {'accept-encoding': 'gzip'}});
+      // simulate next writing large body
+  await mw(req, res, async () => {
+        res.write(bigString(5000));
+        res.end();
+      });
+  await new Promise(r => setTimeout(r, 10));
+      const body = res.getBody();
+      const original = Buffer.from(bigString(5000));
+      const gzLen = await gzipSize(original);
+      // If gzipped is smaller, we expect gzip header. Otherwise, implementation may send uncompressed.
+      if(gzLen < original.length){
+        expect(res.getHeader('Content-Encoding') === 'gzip', 'should gzip when beneficial');
+      }
+      expect(body.length > 0, 'has body');
+      pass('compression');
+    } catch(e){ fail(e.message); }
+  },
+  'rate limit returns 429 after maxRequests': async ({pass, fail}) => {
+    try {
+      const cfg = {maxRequests: 2, windowMs: 1000, message: 'Too many'};
+      const mw = rateLimitMiddleware(cfg);
+      const req = createMockReq();
+      const res1 = createMockRes();
+      await mw(req, res1, async () => {});
+      const res2 = createMockRes();
+      await mw(req, res2, async () => {});
+      const res3 = createMockRes();
+      await mw(req, res3, async () => {});
+      expect(res3.statusCode === 429, 'should rate limit');
+      pass('rateLimit');
+    } catch(e){ fail(e.message); }
+  },
+  'security middleware sets headers': async ({pass, fail}) => {
+    try {
+      const res = createMockRes();
+      const mw = securityMiddleware({headers: {'X-Test': '1'}});
+      await mw(createMockReq(), res, async () => {});
+      expect(res.getHeader('X-Test') === '1', 'header set');
+      pass('security');
+    } catch(e){ fail(e.message); }
+  },
+  'logging middleware logs after response end': async ({pass, fail}) => {
+    try {
+      const logs = [];
+      const logger = (m) => logs.push(String(m));
+      const mw = loggingMiddleware({includeUserAgent: true, includeResponseTime: true}, logger);
+      const res = createMockRes();
+      await mw(createMockReq({headers: {'user-agent': 'UA'}}), res, async () => { res.end('x'); });
+      expect(logs.length === 1 && logs[0].includes('GET /') && logs[0].includes('UA'), 'logged');
+      pass('logging');
+    } catch(e){ fail(e.message); }
+  }
+};

package/tests/defaultConfig.node-test.js

@@ -1,13 +1,13 @@
-import defaultConfig from '../defaultConfig.js';
-
-export default {
-  'defaultConfig contains required fields and types': async ({pass, fail}) => {
-    try {
-      if(typeof defaultConfig !== 'object') throw new Error('not object');
-      if(!defaultConfig.allowedMimes || !defaultConfig.disallowedRegex) throw new Error('missing keys');
-      if(!defaultConfig.routeFiles.includes('GET.js')) throw new Error('routeFiles missing GET.js');
-      if(!defaultConfig.middleware || typeof defaultConfig.middleware !== 'object') throw new Error('middleware missing');
-      pass('shape ok');
-    } catch(e){ fail(e.message); }
-  }
-};
+import defaultConfig from '../defaultConfig.js';
+
+export default {
+  'defaultConfig contains required fields and types': async ({pass, fail}) => {
+    try {
+      if(typeof defaultConfig !== 'object') throw new Error('not object');
+      if(!defaultConfig.allowedMimes || !defaultConfig.disallowedRegex) throw new Error('missing keys');
+      if(!defaultConfig.routeFiles.includes('GET.js')) throw new Error('routeFiles missing GET.js');
+      if(!defaultConfig.middleware || typeof defaultConfig.middleware !== 'object') throw new Error('middleware missing');
+      pass('shape ok');
+    } catch(e){ fail(e.message); }
+  }
+};

package/tests/example-middleware.node-test.js

@@ -1,31 +1,31 @@
-import path from 'path';
-import url from 'url';
-import {createMockReq, createMockRes, expect, setEnv} from './test-utils.js';
-
-// import the middleware module by file path to avoid executing index.js
-const examplePath = path.join(process.cwd(), 'example-middleware.js');
-const {default: authMiddleware} = await import(url.pathToFileURL(examplePath));
-
-export default {
-  'blocks when API key missing and allows when present': async ({pass, fail}) => {
-    try {
-      await setEnv({API_KEY: 'abc'}, async () => {
-        const res1 = createMockRes();
-        await authMiddleware(createMockReq({url:'/private'}), res1, async ()=>{});
-        expect(res1.statusCode === 401, 'should 401 without key');
-
-        const res2 = createMockRes();
-        const req2 = createMockReq({headers: {'x-api-key': 'abc'}, url:'/private'});
-        let called = false;
-        await authMiddleware(req2, res2, async ()=>{ called = true; });
-        expect(called, 'should call next');
-        expect(req2.user && req2.user.authenticated, 'user attached');
-
-        const res3 = createMockRes();
-        await authMiddleware(createMockReq({url:'/public/file'}), res3, async ()=>{});
-        expect(res3.isEnded() === false, 'public should not end');
-      });
-      pass('auth middleware');
-    } catch(e){ fail(e.message); }
-  }
-};
+import path from 'path';
+import url from 'url';
+import {createMockReq, createMockRes, expect, setEnv} from './test-utils.js';
+
+// import the middleware module by file path to avoid executing index.js
+const examplePath = path.join(process.cwd(), 'example-middleware.js');
+const {default: authMiddleware} = await import(url.pathToFileURL(examplePath));
+
+export default {
+  'blocks when API key missing and allows when present': async ({pass, fail}) => {
+    try {
+      await setEnv({API_KEY: 'abc'}, async () => {
+        const res1 = createMockRes();
+        await authMiddleware(createMockReq({url:'/private'}), res1, async ()=>{});
+        expect(res1.statusCode === 401, 'should 401 without key');
+
+        const res2 = createMockRes();
+        const req2 = createMockReq({headers: {'x-api-key': 'abc'}, url:'/private'});
+        let called = false;
+        await authMiddleware(req2, res2, async ()=>{ called = true; });
+        expect(called, 'should call next');
+        expect(req2.user && req2.user.authenticated, 'user attached');
+
+        const res3 = createMockRes();
+        await authMiddleware(createMockReq({url:'/public/file'}), res3, async ()=>{});
+        expect(res3.isEnded() === false, 'public should not end');
+      });
+      pass('auth middleware');
+    } catch(e){ fail(e.message); }
+  }
+};

package/tests/findFile.node-test.js

@@ -1,46 +1,46 @@
-import findFile from '../findFile.js';
-import path from 'path';
-
-const toAbs = (root, p) => path.join(root, p);
-
-export default {
-  'exact match returns file': async ({pass, fail, log}) => {
-    try {
-      const root = path.join(process.cwd(), 'tmp-root');
-      const files = [toAbs(root, 'a/b/GET.js')];
-      const [file, params] = await findFile(files, root, '/a/b/GET.js', 'GET', log);
-      if(file !== files[0]) throw new Error('not exact');
-      if(Object.keys(params).length !== 0) throw new Error('params present');
-      pass('exact');
-    } catch(e){ fail(e.message); }
-  },
-  'directory index prioritization and method specific': async ({pass, fail, log}) => {
-    try {
-  const root = path.join(process.cwd(), 'tmp-root');
-  const files = ['a/index.html', 'a/GET.js', 'a/index.js'].map(p => toAbs(root, p));
-  const [file] = await findFile(files, root, '/a', 'GET', log);
-  if(!file || path.basename(file) !== 'GET.js') throw new Error('priority not respected');
-      pass('dir index');
-    } catch(e){ fail(e.message); }
-  },
-  'dynamic match with params and best priority': async ({pass, fail, log}) => {
-    try {
-  const root = path.join(process.cwd(), 'tmp-root');
-      const files = ['user/[id]/GET.js', 'user/[id]/index.html', 'user/[id]/index.js'].map(p => toAbs(root, p));
-  const [file, params] = await findFile(files, root, '/user/42', 'GET', log);
-  if(!file || path.basename(file) !== 'GET.js') throw new Error('did not pick GET.js');
-      if(params.id !== '42') throw new Error('param missing');
-      pass('dynamic');
-    } catch(e){ fail(e.message); }
-  },
-  'no match returns false and empty params': async ({pass, fail, log}) => {
-    try {
-  const root = path.join(process.cwd(), 'tmp-root');
-      const files = ['x/y/index.html'].map(p => toAbs(root, p));
-      const [file, params] = await findFile(files, root, '/nope', 'GET', log);
-      if(file !== false) throw new Error('should be false');
-      if(Object.keys(params).length !== 0) throw new Error('params not empty');
-      pass('no match');
-    } catch(e){ fail(e.message); }
-  }
-};
+import findFile from '../findFile.js';
+import path from 'path';
+
+const toAbs = (root, p) => path.join(root, p);
+
+export default {
+  'exact match returns file': async ({pass, fail, log}) => {
+    try {
+      const root = path.join(process.cwd(), 'tmp-root');
+      const files = [toAbs(root, 'a/b/GET.js')];
+      const [file, params] = await findFile(files, root, '/a/b/GET.js', 'GET', log);
+      if(file !== files[0]) throw new Error('not exact');
+      if(Object.keys(params).length !== 0) throw new Error('params present');
+      pass('exact');
+    } catch(e){ fail(e.message); }
+  },
+  'directory index prioritization and method specific': async ({pass, fail, log}) => {
+    try {
+  const root = path.join(process.cwd(), 'tmp-root');
+  const files = ['a/index.html', 'a/GET.js', 'a/index.js'].map(p => toAbs(root, p));
+  const [file] = await findFile(files, root, '/a', 'GET', log);
+  if(!file || path.basename(file) !== 'GET.js') throw new Error('priority not respected');
+      pass('dir index');
+    } catch(e){ fail(e.message); }
+  },
+  'dynamic match with params and best priority': async ({pass, fail, log}) => {
+    try {
+  const root = path.join(process.cwd(), 'tmp-root');
+      const files = ['user/[id]/GET.js', 'user/[id]/index.html', 'user/[id]/index.js'].map(p => toAbs(root, p));
+  const [file, params] = await findFile(files, root, '/user/42', 'GET', log);
+  if(!file || path.basename(file) !== 'GET.js') throw new Error('did not pick GET.js');
+      if(params.id !== '42') throw new Error('param missing');
+      pass('dynamic');
+    } catch(e){ fail(e.message); }
+  },
+  'no match returns false and empty params': async ({pass, fail, log}) => {
+    try {
+  const root = path.join(process.cwd(), 'tmp-root');
+      const files = ['x/y/index.html'].map(p => toAbs(root, p));
+      const [file, params] = await findFile(files, root, '/nope', 'GET', log);
+      if(file !== false) throw new Error('should be false');
+      if(Object.keys(params).length !== 0) throw new Error('params not empty');
+      pass('no match');
+    } catch(e){ fail(e.message); }
+  }
+};

package/tests/getFiles.node-test.js

@@ -1,25 +1,25 @@
-import getFiles from '../getFiles.js';
-import defaultConfig from '../defaultConfig.js';
-import path from 'path';
-import {withTempDir, write, expect, log} from './test-utils.js';
-
-export default {
-  'scans directories recursively and filters by mime and disallowed': async ({pass, fail}) => {
-    try {
-      await withTempDir(async (dir) => {
-        const cfg = JSON.parse(JSON.stringify(defaultConfig));
-        await write(dir, 'index.html', '<!doctype html>');
-        await write(dir, '.env', 'SECRET=1');
-        await write(dir, 'notes.xyz', 'unknown');
-        await write(dir, 'sub/app.js', 'console.log(1)');
-  const files = await getFiles(dir, cfg, log);
-  const rel = files.map(f => path.relative(dir, f).replace(/\\/g, '/'));
-        expect(rel.includes('index.html'), 'includes html');
-        expect(rel.includes('sub/app.js'), 'includes js');
-  expect(!rel.includes('.env'), 'excludes disallowed');
-        expect(!rel.includes('notes.xyz'), 'excludes unknown ext');
-      });
-      pass('scan and filter');
-    } catch(e){ fail(e.message); }
-  }
-};
+import getFiles from '../getFiles.js';
+import defaultConfig from '../defaultConfig.js';
+import path from 'path';
+import {withTempDir, write, expect, log} from './test-utils.js';
+
+export default {
+  'scans directories recursively and filters by mime and disallowed': async ({pass, fail}) => {
+    try {
+      await withTempDir(async (dir) => {
+        const cfg = JSON.parse(JSON.stringify(defaultConfig));
+        await write(dir, 'index.html', '<!doctype html>');
+        await write(dir, '.env', 'SECRET=1');
+        await write(dir, 'notes.xyz', 'unknown');
+        await write(dir, 'sub/app.js', 'console.log(1)');
+  const files = await getFiles(dir, cfg, log);
+  const rel = files.map(f => path.relative(dir, f).replace(/\\/g, '/'));
+        expect(rel.includes('index.html'), 'includes html');
+        expect(rel.includes('sub/app.js'), 'includes js');
+  expect(!rel.includes('.env'), 'excludes disallowed');
+        expect(!rel.includes('notes.xyz'), 'excludes unknown ext');
+      });
+      pass('scan and filter');
+    } catch(e){ fail(e.message); }
+  }
+};

package/tests/getFlags.node-test.js

@@ -1,30 +1,30 @@
-import getFlags from '../getFlags.js';
-
-export default {
-  'parses long flags with values and booleans': async ({pass, fail}) => {
-    const args = ['--port', '8080', '--scan'];
-    const flags = getFlags(args, {port: 3000, scan: false});
-    try {
-      if(flags.port !== '8080') throw new Error('port not parsed');
-      if(flags.scan !== true) throw new Error('scan boolean not parsed');
-      pass('parsed long flags');
-    } catch(e){ fail(e.message); }
-  },
-  'parses short flags using map and preserves defaults': async ({pass, fail}) => {
-    const args = ['-p', '9090', '-s'];
-    const flags = getFlags(args, {port: 3000, scan: false}, {p: 'port', s: 'scan'});
-    try {
-      if(flags.port !== '9090') throw new Error('short mapped value failed');
-      if(flags.scan !== true) throw new Error('short mapped boolean failed');
-      pass('short flags parsed');
-    } catch(e){ fail(e.message); }
-  },
-  'treats next arg starting with dash as boolean flag': async ({pass, fail}) => {
-    const args = ['-l', '-5', 'file'];
-    const flags = getFlags(args, {l: 2});
-    try {
-      if(flags.l !== true) throw new Error('should be boolean true');
-      pass('dash after flag -> boolean');
-    } catch(e){ fail(e.message); }
-  }
-};
+import getFlags from '../getFlags.js';
+
+export default {
+  'parses long flags with values and booleans': async ({pass, fail}) => {
+    const args = ['--port', '8080', '--scan'];
+    const flags = getFlags(args, {port: 3000, scan: false});
+    try {
+      if(flags.port !== '8080') throw new Error('port not parsed');
+      if(flags.scan !== true) throw new Error('scan boolean not parsed');
+      pass('parsed long flags');
+    } catch(e){ fail(e.message); }
+  },
+  'parses short flags using map and preserves defaults': async ({pass, fail}) => {
+    const args = ['-p', '9090', '-s'];
+    const flags = getFlags(args, {port: 3000, scan: false}, {p: 'port', s: 'scan'});
+    try {
+      if(flags.port !== '9090') throw new Error('short mapped value failed');
+      if(flags.scan !== true) throw new Error('short mapped boolean failed');
+      pass('short flags parsed');
+    } catch(e){ fail(e.message); }
+  },
+  'treats next arg starting with dash as boolean flag': async ({pass, fail}) => {
+    const args = ['-l', '-5', 'file'];
+    const flags = getFlags(args, {l: 2});
+    try {
+      if(flags.l !== true) throw new Error('should be boolean true');
+      pass('dash after flag -> boolean');
+    } catch(e){ fail(e.message); }
+  }
+};