kempo-server 1.7.6 → 1.7.8

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "kempo-server",
   "type": "module",
-  "version": "1.7.6",
+  "version": "1.7.8",
   "description": "A lightweight, zero-dependency, file based routing server.",
   "main": "dist/index.js",
   "exports": {

package/src/router.js

@@ -16,9 +16,9 @@ import {
 } from './builtinMiddleware.js';
 
 export default async (flags, log) => {
-  log('Initializing router', 2);
+  log('Initializing router', 3);
   const rootPath = path.isAbsolute(flags.root) ? flags.root : path.join(process.cwd(), flags.root);
-  log(`Root path: ${rootPath}`, 2);
+  log(`Root path: ${rootPath}`, 3);
   
   let config = defaultConfig;
   try {
@@ -28,25 +28,25 @@ export default async (flags, log) => {
       ? configFileName 
       : path.join(rootPath, configFileName);
     
-    log(`Config file name: ${configFileName}`, 2);
-    log(`Config path: ${configPath}`, 2);
+    log(`Config file name: ${configFileName}`, 3);
+    log(`Config path: ${configPath}`, 3);
     
     // Validate that config file is within the server root directory
     // Allow absolute paths (user explicitly specified location)
     if (!path.isAbsolute(configFileName)) {
       const relativeConfigPath = path.relative(rootPath, configPath);
-      log(`Relative config path: ${relativeConfigPath}`, 2);
-      log(`Starts with '..': ${relativeConfigPath.startsWith('..')}`, 2);
+      log(`Relative config path: ${relativeConfigPath}`, 4);
+      log(`Starts with '..': ${relativeConfigPath.startsWith('..')}`, 4);
       if (relativeConfigPath.startsWith('..') || path.isAbsolute(relativeConfigPath)) {
-        log(`Validation failed - throwing error`, 2);
+        log(`Validation failed - throwing error`, 4);
         throw new Error(`Config file must be within the server root directory. Config path: ${configPath}, Root path: ${rootPath}`);
       }
-      log(`Validation passed`, 2);
+      log(`Validation passed`, 4);
     } else {
-      log(`Config file name is absolute, skipping validation`, 2);
+      log(`Config file name is absolute, skipping validation`, 4);
     }
     
-    log(`Loading config from: ${configPath}`, 2);
+    log(`Loading config from: ${configPath}`, 3);
     const configContent = await readFile(configPath, 'utf8');
     const userConfig = JSON.parse(configContent);
     config = {
@@ -70,14 +70,14 @@ export default async (flags, log) => {
         ...userConfig.cache
       }
     };
-    log('User config loaded and merged with defaults', 2);
+    log('User config loaded and merged with defaults', 3);
   } catch (e){
     // Only fall back to default config for file reading/parsing errors
     // Let validation errors propagate up
     if (e.message.includes('Config file must be within the server root directory')) {
       throw e;
     }
-    log('Using default config (no config file found)', 2);
+    log('Using default config (no config file found)', 3);
   }
   
   /*
@@ -88,10 +88,10 @@ export default async (flags, log) => {
   dis.add("\\.config$");
   dis.add("\\.git/"); 
   config.disallowedRegex = [...dis];
-  log(`Config loaded with ${config.disallowedRegex.length} disallowed patterns`, 2);
+  log(`Config loaded with ${config.disallowedRegex.length} disallowed patterns`, 3);
   
   let files = await getFiles(rootPath, config, log);
-  log(`Initial scan found ${files.length} files`, 1);
+  log(`Initial scan found ${files.length} files`, 2);
   
   // Initialize middleware runner
   const middlewareRunner = new MiddlewareRunner();
@@ -99,32 +99,32 @@ export default async (flags, log) => {
   // Load built-in middleware based on config
   if (config.middleware?.cors?.enabled) {
     middlewareRunner.use(corsMiddleware(config.middleware.cors));
-    log('CORS middleware enabled', 2);
+    log('CORS middleware enabled', 3);
   }
   
   if (config.middleware?.compression?.enabled) {
     middlewareRunner.use(compressionMiddleware(config.middleware.compression));
-    log('Compression middleware enabled', 2);
+    log('Compression middleware enabled', 3);
   }
   
   if (config.middleware?.rateLimit?.enabled) {
     middlewareRunner.use(rateLimitMiddleware(config.middleware.rateLimit));
-    log('Rate limit middleware enabled', 2);
+    log('Rate limit middleware enabled', 3);
   }
   
   if (config.middleware?.security?.enabled) {
     middlewareRunner.use(securityMiddleware(config.middleware.security));
-    log('Security middleware enabled', 2);
+    log('Security middleware enabled', 3);
   }
   
   if (config.middleware?.logging?.enabled) {
     middlewareRunner.use(loggingMiddleware(config.middleware.logging, log));
-    log('Logging middleware enabled', 2);
+    log('Logging middleware enabled', 3);
   }
   
   // Load custom middleware files
   if (config.middleware?.custom && config.middleware.custom.length > 0) {
-    log(`Loading ${config.middleware.custom.length} custom middleware files`, 2);
+    log(`Loading ${config.middleware.custom.length} custom middleware files`, 3);
     
     for (const middlewarePath of config.middleware.custom) {
       try {
@@ -134,7 +134,7 @@ export default async (flags, log) => {
         
         if (typeof customMiddleware === 'function') {
           middlewareRunner.use(customMiddleware(config.middleware));
-          log(`Custom middleware loaded: ${middlewarePath}`, 2);
+          log(`Custom middleware loaded: ${middlewarePath}`, 3);
         } else {
           log(`Custom middleware error: ${middlewarePath} does not export a default function`, 1);
         }
@@ -159,7 +159,7 @@ export default async (flags, log) => {
   const wildcardRoutes = new Map();
   
   if (config.customRoutes && Object.keys(config.customRoutes).length > 0) {
-    log(`Processing ${Object.keys(config.customRoutes).length} custom routes`, 2);
+    log(`Processing ${Object.keys(config.customRoutes).length} custom routes`, 3);
     for (const [urlPath, filePath] of Object.entries(config.customRoutes)) {
       // Check if this is a wildcard route
       if (urlPath.includes('*')) {
@@ -167,12 +167,12 @@ export default async (flags, log) => {
         const resolvedPath = path.isAbsolute(filePath) ? filePath : path.resolve(rootPath, filePath);
         // Store wildcard routes separately for pattern matching
         wildcardRoutes.set(urlPath, resolvedPath);
-        log(`Wildcard route mapped: ${urlPath} -> ${resolvedPath}`, 2);
+        log(`Wildcard route mapped: ${urlPath} -> ${resolvedPath}`, 3);
       } else {
         // Resolve the file path relative to rootPath if relative, otherwise use absolute path
         const resolvedPath = path.isAbsolute(filePath) ? filePath : path.resolve(rootPath, filePath);
         customRoutes.set(urlPath, resolvedPath);
-        log(`Custom route mapped: ${urlPath} -> ${resolvedPath}`, 2);
+        log(`Custom route mapped: ${urlPath} -> ${resolvedPath}`, 3);
       }
     }
   }
@@ -259,27 +259,36 @@ export default async (flags, log) => {
       log(`Path ${requestPath} added to dynamic blacklist after ${newAttempts} failed attempts`, 1);
     }
     
-    log(`Rescan attempt ${newAttempts}/${config.maxRescanAttempts} for: ${requestPath}`, 2);
+    log(`Rescan attempt ${newAttempts}/${config.maxRescanAttempts} for: ${requestPath}`, 3);
     return newAttempts;
   };
   
   const requestHandler = async (req, res) => {
     await middlewareRunner.run(req, res, async () => {
       const requestPath = req.url.split('?')[0];
-      log(`${req.method} ${requestPath}`, 0);
+      log(`${req.method} ${requestPath}`, 4);
       
 
       // Check custom routes first (allow outside rootPath)
-      log(`customRoutes keys: ${Array.from(customRoutes.keys()).join(', ')}`, 1);
+      log(`customRoutes keys: ${Array.from(customRoutes.keys()).join(', ')}`, 4);
       // Normalize requestPath and keys for matching
       const normalizePath = p => {
-        let np = decodeURIComponent(p);
-        if (!np.startsWith('/')) np = '/' + np;
-        if (np.length > 1 && np.endsWith('/')) np = np.slice(0, -1);
-        return np;
+        try {
+          let np = decodeURIComponent(p);
+          if (!np.startsWith('/')) np = '/' + np;
+          if (np.length > 1 && np.endsWith('/')) np = np.slice(0, -1);
+          return np;
+        } catch (e) {
+          log(`Warning: Failed to decode URI component "${p}": ${e.message}`, 1);
+          // Return the original path if decoding fails
+          let np = p;
+          if (!np.startsWith('/')) np = '/' + np;
+          if (np.length > 1 && np.endsWith('/')) np = np.slice(0, -1);
+          return np;
+        }
       };
       const normalizedRequestPath = normalizePath(requestPath);
-      log(`Normalized requestPath: ${normalizedRequestPath}`, 1);
+      log(`Normalized requestPath: ${normalizedRequestPath}`, 4);
       let matchedKey = null;
       for (const key of customRoutes.keys()) {
         if (normalizePath(key) === normalizedRequestPath) {
@@ -289,14 +298,14 @@ export default async (flags, log) => {
       }
       if (matchedKey) {
         const customFilePath = customRoutes.get(matchedKey);
-        log(`Serving custom route: ${normalizedRequestPath} -> ${customFilePath}`, 2);
+        log(`Serving custom route: ${normalizedRequestPath} -> ${customFilePath}`, 3);
         try {
           const { stat } = await import('fs/promises');
           try {
             await stat(customFilePath);
-            log(`Custom route file exists: ${customFilePath}`, 2);
+            log(`Custom route file exists: ${customFilePath}`, 4);
           } catch (e) {
-            log(`Custom route file does NOT exist: ${customFilePath}`, 0);
+            log(`Custom route file does NOT exist: ${customFilePath}`, 1);
             res.writeHead(404, { 'Content-Type': 'text/plain' });
             res.end('Custom route file not found');
             return;
@@ -309,7 +318,7 @@ export default async (flags, log) => {
           res.end(fileContent);
           return; // Successfully served custom route
         } catch (error) {
-          log(`Error serving custom route ${normalizedRequestPath}: ${error.message}`, 0);
+          log(`Error serving custom route ${normalizedRequestPath}: ${error.message}`, 1);
           res.writeHead(500, { 'Content-Type': 'text/plain' });
           res.end('Internal Server Error');
           return;
@@ -320,17 +329,17 @@ export default async (flags, log) => {
       const wildcardMatch = findWildcardRoute(requestPath);
       if (wildcardMatch) {
         const resolvedFilePath = resolveWildcardPath(wildcardMatch.filePath, wildcardMatch.matches);
-        log(`Serving wildcard route: ${requestPath} -> ${resolvedFilePath}`, 2);
+        log(`Serving wildcard route: ${requestPath} -> ${resolvedFilePath}`, 3);
         try {
           const fileContent = await readFile(resolvedFilePath);
           const fileExtension = path.extname(resolvedFilePath).toLowerCase().slice(1);
           const mimeType = config.allowedMimes[fileExtension] || 'application/octet-stream';
-          log(`Serving wildcard file as ${mimeType} (${fileContent.length} bytes)`, 2);
+          log(`Serving wildcard file as ${mimeType} (${fileContent.length} bytes)`, 4);
           res.writeHead(200, { 'Content-Type': mimeType });
           res.end(fileContent);
           return; // Successfully served wildcard route
         } catch (error) {
-          log(`Error serving wildcard route ${requestPath}: ${error.message}`, 0);
+          log(`Error serving wildcard route ${requestPath}: ${error.message}`, 1);
           res.writeHead(500, { 'Content-Type': 'text/plain' });
           res.end('Internal Server Error');
           return;

package/tests/router-wildcard-double-asterisk.node-test.js

@@ -13,8 +13,8 @@ export default {
         const fileC = await write(dir, 'src/deep/nested/folder/file.js', 'export const deep = true');
         
         // Create files in docs directory that should be ignored when custom routes match
-        await write(dir, 'docs/src/components/Button.js', 'WRONG FILE');
-        await write(dir, 'docs/src/utils/helpers/format.js', 'WRONG FILE');
+        await write(dir, 'docs/src/components/Button.js', '// WRONG FILE');
+        await write(dir, 'docs/src/utils/helpers/format.js', '// WRONG FILE');
         
         const prev = process.cwd();
         process.chdir(dir);
@@ -70,12 +70,12 @@ export default {
   'single asterisk only matches single path segments': async ({pass, fail, log}) => {
     try {
       await withTempDir(async (dir) => {
-        // Create nested file structure
-        await write(dir, 'src/file.js', 'single level');
-        await write(dir, 'src/nested/file.js', 'nested level');
+        // Create files at different nesting levels
+        await write(dir, 'src/file.js', '// single level');
+        await write(dir, 'src/nested/file.js', '// nested level');
         
-        // Create fallback file in docs
-        await write(dir, 'docs/src/nested/file.js', 'fallback file');
+        // Create docs directory with fallback file
+        await write(dir, 'docs/src/nested/file.js', '// fallback file');
         
         const prev = process.cwd();
         process.chdir(dir);
@@ -103,13 +103,13 @@ export default {
           const r1 = await httpGet(`http://localhost:${port}/src/file.js`);
           log('single level status: ' + r1.res.statusCode);
           if(r1.res.statusCode !== 200) throw new Error('single level 200');
-          if(r1.body.toString() !== 'single level') throw new Error('single level content');
+          if(r1.body.toString() !== '// single level') throw new Error('single level content');
           
           // Nested level should NOT work with single asterisk, should fall back to docs
           const r2 = await httpGet(`http://localhost:${port}/src/nested/file.js`);
           log('nested level status: ' + r2.res.statusCode);
           if(r2.res.statusCode !== 200) throw new Error('nested level 200');
-          if(r2.body.toString() !== 'fallback file') throw new Error('nested level should use fallback');
+          if(r2.body.toString() !== '// fallback file') throw new Error('nested level should use fallback');
           
         } finally { 
           server.close(); 
@@ -125,12 +125,12 @@ export default {
   'wildcard routes take precedence over static files': async ({pass, fail, log}) => {
     try {
       await withTempDir(async (dir) => {
-        // Create source files
-        await write(dir, 'custom/data.json', '{"source": "custom"}');
-        
-        // Create static files in docs that should be overridden
+        // Create static file in docs
         await write(dir, 'docs/api/data.json', '{"source": "static"}');
         
+        // Create custom file outside docs
+        await write(dir, 'custom/data.json', '{"source": "custom"}');
+        
         const prev = process.cwd();
         process.chdir(dir);
         
@@ -174,13 +174,11 @@ export default {
   'wildcard routes serve nested files from server root': async ({pass, fail, log}) => {
     try {
       await withTempDir(async (dir) => {
-        // Create nested file structure in src directory
-        const importFile = await write(dir, 'src/components/Import.js', 'export default ImportComponent');
-        const utilsFile = await write(dir, 'src/utils/helpers.js', 'export const helpers = {}');
-        const deepFile = await write(dir, 'src/deep/nested/file.js', 'export const nested = true');
-        
-        // Create index.html in server root
-        await write(dir, 'index.html', '<h1>Home</h1>');
+        // Create additional test files needed for this specific test
+        await write(dir, 'src/components/Import.js', 'export default ImportComponent');
+        await write(dir, 'src/utils/helpers.js', 'export const helpers = {}');
+        await write(dir, 'src/deep/nested/file.js', 'export const deep = true');
+        await write(dir, 'index.html', '<html><body>Test Index</body></html>');
         
         const prev = process.cwd();
         process.chdir(dir);
@@ -220,6 +218,7 @@ export default {
           const r3 = await httpGet(`http://localhost:${port}/src/deep/nested/file.js`);
           log('deep nested file status: ' + r3.res.statusCode);
           if(r3.res.statusCode !== 200) throw new Error(`Expected 200 for deep nested file, got ${r3.res.statusCode}`);
+          if(r3.body.toString() !== 'export const deep = true') throw new Error('Deep nested file content mismatch');
           
           // Test that index.html still works (non-wildcard route)
           const r4 = await httpGet(`http://localhost:${port}/index.html`);

package/tests/router-wildcard.node-test.js

@@ -13,8 +13,8 @@ export default {
         const fileC = await write(dir, 'src/deep/nested/folder/file.js', 'export const deep = true');
         
         // Create files in docs directory that should be ignored when custom routes match
-        await write(dir, 'docs/src/components/Button.js', 'WRONG FILE');
-        await write(dir, 'docs/src/utils/helpers/format.js', 'WRONG FILE');
+        await write(dir, 'docs/src/components/Button.js', '// WRONG FILE');
+        await write(dir, 'docs/src/utils/helpers/format.js', '// WRONG FILE');
         
         const prev = process.cwd();
         process.chdir(dir);
@@ -70,12 +70,12 @@ export default {
   'single asterisk only matches single path segments': async ({pass, fail, log}) => {
     try {
       await withTempDir(async (dir) => {
-        // Create nested file structure
-        await write(dir, 'src/file.js', 'single level');
-        await write(dir, 'src/nested/file.js', 'nested level');
+        // Create files at different nesting levels
+        await write(dir, 'src/file.js', '// single level');
+        await write(dir, 'src/nested/file.js', '// nested level');
         
-        // Create fallback file in docs
-        await write(dir, 'docs/src/nested/file.js', 'fallback file');
+        // Create docs directory with fallback file
+        await write(dir, 'docs/src/nested/file.js', '// fallback file');
         
         const prev = process.cwd();
         process.chdir(dir);
@@ -103,13 +103,13 @@ export default {
           const r1 = await httpGet(`http://localhost:${port}/src/file.js`);
           log('single level status: ' + r1.res.statusCode);
           if(r1.res.statusCode !== 200) throw new Error('single level 200');
-          if(r1.body.toString() !== 'single level') throw new Error('single level content');
+          if(r1.body.toString() !== '// single level') throw new Error('single level content');
           
           // Nested level should NOT work with single asterisk, should fall back to docs
           const r2 = await httpGet(`http://localhost:${port}/src/nested/file.js`);
           log('nested level status: ' + r2.res.statusCode);
           if(r2.res.statusCode !== 200) throw new Error('nested level 200');
-          if(r2.body.toString() !== 'fallback file') throw new Error('nested level should use fallback');
+          if(r2.body.toString() !== '// fallback file') throw new Error('nested level should use fallback');
           
         } finally { 
           server.close(); 
@@ -125,12 +125,12 @@ export default {
   'wildcard routes take precedence over static files': async ({pass, fail, log}) => {
     try {
       await withTempDir(async (dir) => {
-        // Create source files
-        await write(dir, 'custom/data.json', '{"source": "custom"}');
-        
-        // Create static files in docs that should be overridden
+        // Create static file in docs
         await write(dir, 'docs/api/data.json', '{"source": "static"}');
         
+        // Create custom file outside docs
+        await write(dir, 'custom/data.json', '{"source": "custom"}');
+        
         const prev = process.cwd();
         process.chdir(dir);
         

package/tests/router.node-test.js

@@ -103,5 +103,51 @@ export default {
       process.chdir(prev);
     });
     pass('custom+wildcard');
+  },
+
+  'handles malformed URLs gracefully': async ({pass, fail, log}) => {
+    await withTestDir(async (dir) => {
+      const prev = process.cwd();
+      process.chdir(dir);
+      const flags = {root: '.', logging: 0, scan: false};
+      const logFn = () => {};
+      const handler = await router(flags, logFn);
+      const server = http.createServer(handler);
+      const port = randomPort();
+      await new Promise(r => server.listen(port, r));
+      await new Promise(r => setTimeout(r, 50));
+      
+      try {
+        // Test various malformed URLs that could cause decodeURIComponent to throw
+        const malformedUrls = [
+          '/test%',        // Incomplete percent encoding
+          '/test%2',       // Incomplete percent encoding 
+          '/test%G1',      // Invalid hex characters
+          '/test%ZZ',      // Invalid hex characters
+          '/test%1G',      // Invalid hex characters
+          '/%E0%A4%A',     // Incomplete UTF-8 sequence
+          '/%C0%80'        // Overlong UTF-8 encoding
+        ];
+        
+        for (const url of malformedUrls) {
+          log(`Testing malformed URL: ${url}`);
+          const response = await httpGet(`http://localhost:${port}${url}`);
+          // Server should handle the request gracefully (return 404 or serve content)
+          // and not crash with URIError
+          if (response.res.statusCode !== 404 && response.res.statusCode !== 200) {
+            throw new Error(`Unexpected status code ${response.res.statusCode} for URL ${url}`);
+          }
+          log(`URL ${url} handled gracefully with status ${response.res.statusCode}`);
+        }
+        
+        server.close();
+        process.chdir(prev);
+        pass('malformed URLs handled gracefully');
+      } catch (e) {
+        server.close();
+        process.chdir(prev);
+        fail(`Error handling malformed URL: ${e.message}`);
+      }
+    });
   }
 };

package/tests/test-server-root/docs/.config.json

@@ -1,6 +1,5 @@
 {
   "customRoutes": {
-    "/src/*": "../src/$1"
-  },
-  "routePreference": "customRoute"
+    "/src/**": "../src/**"
+  }
 }

package/tests/test-server-root/docs/src/components/Button.js

@@ -1 +1 @@
-WRONG FILE
+// WRONG FILE

package/tests/test-server-root/docs/src/nested/file.js

@@ -1 +1 @@
-fallback file
+// fallback file

package/tests/test-server-root/docs/src/utils/helpers/format.js

@@ -1 +1 @@
-WRONG FILE
+// WRONG FILE

package/tests/test-server-root/src/components/Import.js

@@ -0,0 +1 @@
+export const Import = () => 'imported';

package/tests/test-server-root/src/deep/nested/file.js

@@ -0,0 +1 @@
+export const nested = true

package/tests/test-server-root/src/file.js

@@ -1 +1 @@
-single level
+// single level

package/tests/test-server-root/src/nested/file.js

@@ -1 +1 @@
-nested level
+// nested level

package/tests/test-server-root/src/utils/helpers.js

@@ -0,0 +1 @@
+export const helpers = {}

package/tests/test-server-root/README.md

@@ -1,118 +0,0 @@
-# Test Server Root
-
-This directory contains the persistent test server structure used by unit tests instead of creating temporary files for each test run. Tests use `withTestDir()` to get a temporary copy of this structure, maintaining isolation while providing consistent base files.
-
-## Directory Structure
-
-```
-test-server-root/
-├── README.md                              # This file
-├── .config.json                           # Basic config with middleware settings
-├── index.html                             # Basic home page: "<h1>Home</h1>"
-├── late.html                              # For rescan tests: "later"
-├── hello.html                             # For CLI tests: "hello world"
-├── a.txt                                  # Test file: "A"
-├── b/
-│   └── 1.txt                              # Test file: "B1"
-├── api/
-│   ├── GET.js                             # Route handler returning {ok:true, params}
-│   └── no-default.js                      # Route file without default export
-├── src/
-│   ├── file.js                            # Content: "single level"
-│   ├── file.txt                           # Content: "custom"
-│   ├── nested/
-│   │   └── file.js                        # Content: "nested level"
-│   ├── components/
-│   │   └── Button.js                      # Content: "export default Button"
-│   ├── utils/
-│   │   └── helpers/
-│   │       └── format.js                  # Content: "export const format = () => {}"
-│   └── deep/
-│       └── nested/
-│           └── folder/
-│               └── file.js                # Content: "export const deep = true"
-├── docs/
-│   ├── .config.json                       # Config with custom routes to ../src/**
-│   ├── api/
-│   │   └── data.json                      # Content: {"source": "static"}
-│   └── src/
-│       ├── nested/
-│       │   └── file.js                    # Content: "fallback file"
-│       ├── components/
-│       │   └── Button.js                  # Content: "WRONG FILE"
-│       └── utils/
-│           └── helpers/
-│               └── format.js              # Content: "WRONG FILE"
-├── custom/
-│   └── data.json                          # Content: {"source": "custom"}
-└── public/
-    └── src/
-        └── file.txt                       # Content: "static"
-```
-
-## Configuration Files
-
-### Root .config.json
-Basic configuration for middleware testing:
-```json
-{
-  "middleware": {
-    "cors": {}
-  }
-}
-```
-
-### docs/.config.json
-Configuration for wildcard routing tests:
-```json
-{
-  "customRoutes": {
-    "/src/*": "../src/$1"
-  },
-  "routePreference": "customRoute"
-}
-```
-
-## Usage in Tests
-
-### Simple Tests
-Use `withTestDir()` for tests that can leverage the existing structure:
-
-```javascript
-await withTestDir(async (dir) => {
-  // dir contains a copy of all the above files
-  // Use existing files or create additional ones as needed
-  const handler = await router({root: dir}, log);
-  // ... test the handler
-});
-```
-
-### Subdirectory Tests
-Use the `subdir` option to work within a specific folder:
-
-```javascript
-await withTestDir(async (dir) => {
-  // dir points to test-server-root/docs/
-  process.chdir(dir);
-  const handler = await router({root: '.'}, log);
-  // ... test from docs folder perspective
-}, {subdir: 'docs'});
-```
-
-### Complex Tests
-For tests requiring very specific or complex structures, continue using `withTempDir()`:
-
-```javascript
-await withTempDir(async (dir) => {
-  await write(dir, 'very/specific/structure.js', 'content');
-  // ... custom test setup
-});
-```
-
-## Benefits
-
-1. **Consistency** - All tests start with the same base structure
-2. **Speed** - No need to recreate common files for each test
-3. **Maintainability** - Centralized test file management  
-4. **Documentation** - Clear visibility of what test files exist
-5. **Isolation** - Each test still gets its own temporary copy