npm - qhttpx - Versions diffs - 1.8.5 → 1.8.11 - Mend

qhttpx 1.8.5 → 1.8.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (161) hide show

package/CHANGELOG.md +52 -0
package/README.md +72 -52
package/binding.gyp +18 -0
package/dist/examples/api-server.js +29 -8
package/dist/examples/basic.d.ts +1 -0
package/dist/examples/basic.js +10 -0
package/dist/examples/compression.d.ts +1 -0
package/dist/examples/compression.js +17 -0
package/dist/examples/cors.d.ts +1 -0
package/dist/examples/cors.js +19 -0
package/dist/examples/errors.d.ts +1 -0
package/dist/examples/errors.js +25 -0
package/dist/examples/file-upload.d.ts +1 -0
package/dist/examples/file-upload.js +24 -0
package/dist/examples/fusion.d.ts +1 -0
package/dist/examples/fusion.js +21 -0
package/dist/examples/rate-limiting.d.ts +1 -0
package/dist/examples/rate-limiting.js +17 -0
package/dist/examples/validation.d.ts +1 -0
package/dist/examples/validation.js +23 -0
package/dist/examples/websockets.d.ts +1 -0
package/dist/examples/websockets.js +20 -0
package/dist/package.json +11 -1
package/dist/src/benchmarks/simple-json.js +6 -4
package/dist/src/cli/index.js +33 -11
package/dist/src/core/errors.d.ts +34 -0
package/dist/src/core/errors.js +70 -0
package/dist/src/core/native-adapter.d.ts +11 -0
package/dist/src/core/native-adapter.js +211 -0
package/dist/src/core/server.d.ts +52 -4
package/dist/src/core/server.js +389 -261
package/dist/src/core/types.d.ts +37 -0
package/dist/src/index.d.ts +6 -1
package/dist/src/index.js +19 -3
package/dist/src/middleware/compression.d.ts +1 -5
package/dist/src/middleware/cors.d.ts +1 -10
package/dist/src/middleware/presets.d.ts +4 -1
package/dist/src/middleware/presets.js +22 -3
package/dist/src/middleware/rate-limit.d.ts +1 -19
package/dist/src/middleware/rate-limit.js +6 -0
package/dist/src/middleware/security.d.ts +1 -2
package/dist/src/native/index.d.ts +29 -0
package/dist/src/native/index.js +64 -0
package/dist/src/router/radix-tree.d.ts +2 -0
package/dist/src/router/radix-tree.js +54 -4
package/dist/src/router/router.d.ts +1 -0
package/dist/src/router/router.js +42 -2
package/dist/tests/native-adapter.test.d.ts +1 -0
package/dist/tests/native-adapter.test.js +71 -0
package/dist/tests/resources.test.js +3 -0
package/dist/tests/security.test.js +2 -2
package/docs/AEGIS.md +34 -9
package/docs/BENCHMARKS.md +8 -7
package/docs/ERRORS.md +112 -0
package/docs/FUSION.md +68 -0
package/docs/MIDDLEWARE.md +65 -0
package/docs/ROUTING.md +70 -0
package/docs/STATIC.md +61 -0
package/docs/WEBSOCKETS.md +76 -0
package/package.json +11 -1
package/src/native/README.md +31 -0
package/src/native/addon.cc +8 -0
package/src/native/index.ts +78 -0
package/src/native/picohttpparser.c +608 -0
package/src/native/picohttpparser.h +71 -0
package/src/native/server.cc +262 -0
package/src/native/server.h +30 -0
package/.eslintrc.json +0 -22
package/.github/workflows/ci.yml +0 -32
package/.github/workflows/npm-publish.yml +0 -37
package/.github/workflows/release.yml +0 -21
package/.prettierrc +0 -7
package/assets/logo.svg +0 -25
package/eslint.config.cjs +0 -26
package/examples/api-server.ts +0 -62
package/src/benchmarks/quantam-users.ts +0 -70
package/src/benchmarks/simple-json.ts +0 -71
package/src/benchmarks/ultra-mode.ts +0 -127
package/src/cli/index.ts +0 -214
package/src/client/index.ts +0 -93
package/src/core/batch.ts +0 -110
package/src/core/body-parser.ts +0 -151
package/src/core/buffer-pool.ts +0 -96
package/src/core/config.ts +0 -60
package/src/core/fusion.ts +0 -210
package/src/core/logger.ts +0 -70
package/src/core/metrics.ts +0 -166
package/src/core/resources.ts +0 -38
package/src/core/scheduler.ts +0 -126
package/src/core/scope.ts +0 -87
package/src/core/serializer.ts +0 -41
package/src/core/server.ts +0 -1234
package/src/core/stream.ts +0 -111
package/src/core/tasks.ts +0 -138
package/src/core/types.ts +0 -192
package/src/core/websocket.ts +0 -112
package/src/core/worker-queue.ts +0 -90
package/src/database/adapters/memory.ts +0 -99
package/src/database/adapters/mongo.ts +0 -116
package/src/database/adapters/postgres.ts +0 -86
package/src/database/adapters/sqlite.ts +0 -44
package/src/database/coalescer.ts +0 -153
package/src/database/manager.ts +0 -97
package/src/database/types.ts +0 -24
package/src/index.ts +0 -58
package/src/middleware/compression.ts +0 -147
package/src/middleware/cors.ts +0 -98
package/src/middleware/presets.ts +0 -50
package/src/middleware/rate-limit.ts +0 -106
package/src/middleware/security.ts +0 -109
package/src/middleware/static.ts +0 -216
package/src/openapi/generator.ts +0 -167
package/src/router/radix-router.ts +0 -119
package/src/router/radix-tree.ts +0 -106
package/src/router/router.ts +0 -190
package/src/testing/index.ts +0 -104
package/src/utils/cookies.ts +0 -67
package/src/utils/logger.ts +0 -59
package/src/utils/signals.ts +0 -45
package/src/utils/sse.ts +0 -41
package/src/validation/index.ts +0 -3
package/src/validation/simple.ts +0 -93
package/src/validation/types.ts +0 -38
package/src/validation/zod.ts +0 -14
package/src/views/index.ts +0 -1
package/src/views/types.ts +0 -4
package/tests/adapters.test.ts +0 -120
package/tests/batch.test.ts +0 -139
package/tests/body-parser.test.ts +0 -83
package/tests/compression-sse.test.ts +0 -98
package/tests/cookies.test.ts +0 -74
package/tests/cors.test.ts +0 -79
package/tests/database.test.ts +0 -90
package/tests/dx.test.ts +0 -130
package/tests/ecosystem.test.ts +0 -156
package/tests/features.test.ts +0 -51
package/tests/fusion.test.ts +0 -121
package/tests/http-basic.test.ts +0 -161
package/tests/logger.test.ts +0 -48
package/tests/middleware.test.ts +0 -137
package/tests/observability.test.ts +0 -91
package/tests/openapi.test.ts +0 -74
package/tests/plugin.test.ts +0 -85
package/tests/plugins.test.ts +0 -93
package/tests/rate-limit.test.ts +0 -97
package/tests/resources.test.ts +0 -64
package/tests/scheduler.test.ts +0 -71
package/tests/schema-routes.test.ts +0 -89
package/tests/security.test.ts +0 -128
package/tests/server-db.test.ts +0 -72
package/tests/smoke.test.ts +0 -9
package/tests/sqlite-fusion.test.ts +0 -106
package/tests/static.test.ts +0 -111
package/tests/stream.test.ts +0 -58
package/tests/task-metrics.test.ts +0 -78
package/tests/tasks.test.ts +0 -90
package/tests/testing.test.ts +0 -53
package/tests/validation.test.ts +0 -126
package/tests/websocket.test.ts +0 -132
package/tsconfig.json +0 -17
package/vitest.config.ts +0 -9

package/dist/src/core/types.d.ts CHANGED Viewed

@@ -44,6 +44,8 @@ export type QHTTPXContext = {
     readonly res: ServerResponse;
     readonly headers: IncomingHttpHeaders;
     readonly url: URL;
+    readonly method: HTTPMethod;
+    readonly ip: string;
     readonly params: Record<string, string>;
     readonly query: Record<string, string | string[]>;
     body: unknown;
@@ -102,6 +104,25 @@ export type QHTTPXTaskOptions = {
     backoffMs?: number;
 };
 export type PerformanceMode = 'balanced' | 'ultra';
+export interface RateLimitStore {
+    increment(key: string, windowMs: number): Promise<{
+        total: number;
+        resetTime: number;
+    }>;
+    decrement(key: string): Promise<void>;
+    reset(key: string): Promise<void>;
+}
+export interface RateLimitOptions {
+    windowMs?: number;
+    max?: number;
+    message?: string | object;
+    statusCode?: number;
+    headers?: boolean;
+    keyGenerator?: (ctx: QHTTPXContext) => string;
+    skip?: (ctx: QHTTPXContext) => boolean;
+    store?: RateLimitStore;
+    trustProxy?: boolean;
+}
 export type QHTTPXOptions = {
     name?: string;
     workers?: 'auto' | number;
@@ -127,6 +148,22 @@ export type QHTTPXOptions = {
     enableRequestFusion?: boolean | RequestFusionOptions;
     viewEngine?: ViewEngine;
     viewsPath?: string;
+    rateLimit?: RateLimitOptions;
+    cors?: CorsOptions | boolean;
+    compression?: CompressionOptions | boolean;
+};
+export type CorsOrigin = string | string[] | ((origin: string | undefined) => string | null | undefined);
+export type CorsOptions = {
+    origin?: CorsOrigin;
+    methods?: string[];
+    allowedHeaders?: string[];
+    exposedHeaders?: string[];
+    credentials?: boolean;
+    maxAgeSeconds?: number;
+};
+export type CompressionOptions = {
+    threshold?: number;
+    level?: number;
 };
 export type QHTTPXPlugin<Options = any> = (app: any, // We use 'any' here to avoid circular dependency with QHTTPX class, or we could use an interface
 options: Options) => void | Promise<void>;

package/dist/src/index.d.ts CHANGED Viewed

@@ -1,9 +1,12 @@
 import { QHTTPX } from './core/server';
 import type { QHTTPXOptions } from './core/types';
+import { NativeAdapter } from './core/native-adapter';
 export { QHTTPX } from './core/server';
 export * from './core/types';
+export * from './core/errors';
 export * from './middleware/cors';
-export * from './middleware/security';
+export { createSecurityHeadersMiddleware, type SecurityHeadersOptions, createSecureDefaults, type SecureDefaultsOptions, } from './middleware/security';
+export * from './middleware/rate-limit';
 export * from './middleware/static';
 export * from './middleware/compression';
 export * from './core/stream';
@@ -28,7 +31,9 @@ export * from './validation/types';
 export * from './validation/simple';
 export * from './openapi/generator';
 export * from './client';
+export { NativeAdapter } from './core/native-adapter';
 export declare function createHttpApp(options?: QHTTPXOptions): QHTTPX;
+export declare function createNativeApp(options?: QHTTPXOptions): NativeAdapter;
 /**
  * Singleton instance for quick start
  * @example

package/dist/src/index.js CHANGED Viewed

@@ -14,15 +14,21 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.app = exports.getStringifier = exports.fastJsonStringify = exports.BufferPool = exports.QHTTPX = void 0;
+exports.app = exports.NativeAdapter = exports.getStringifier = exports.fastJsonStringify = exports.BufferPool = exports.createSecureDefaults = exports.createSecurityHeadersMiddleware = exports.QHTTPX = void 0;
 exports.createHttpApp = createHttpApp;
+exports.createNativeApp = createNativeApp;
 const server_1 = require("./core/server");
 const presets_1 = require("./middleware/presets");
+const native_adapter_1 = require("./core/native-adapter");
 var server_2 = require("./core/server");
 Object.defineProperty(exports, "QHTTPX", { enumerable: true, get: function () { return server_2.QHTTPX; } });
 __exportStar(require("./core/types"), exports);
+__exportStar(require("./core/errors"), exports);
 __exportStar(require("./middleware/cors"), exports);
-__exportStar(require("./middleware/security"), exports);
+var security_1 = require("./middleware/security");
+Object.defineProperty(exports, "createSecurityHeadersMiddleware", { enumerable: true, get: function () { return security_1.createSecurityHeadersMiddleware; } });
+Object.defineProperty(exports, "createSecureDefaults", { enumerable: true, get: function () { return security_1.createSecureDefaults; } });
+__exportStar(require("./middleware/rate-limit"), exports);
 __exportStar(require("./middleware/static"), exports);
 __exportStar(require("./middleware/compression"), exports);
 __exportStar(require("./core/stream"), exports);
@@ -50,15 +56,25 @@ __exportStar(require("./validation/types"), exports);
 __exportStar(require("./validation/simple"), exports);
 __exportStar(require("./openapi/generator"), exports);
 __exportStar(require("./client"), exports);
+var native_adapter_2 = require("./core/native-adapter");
+Object.defineProperty(exports, "NativeAdapter", { enumerable: true, get: function () { return native_adapter_2.NativeAdapter; } });
 function createHttpApp(options = {}) {
     const app = new server_1.QHTTPX(options);
     // Skip middleware in ultra mode for maximum performance
     if (options.performanceMode !== 'ultra') {
-        const middlewares = (0, presets_1.createApiPreset)();
+        const middlewares = (0, presets_1.createApiPreset)({
+            rateLimit: options.rateLimit,
+            cors: options.cors,
+            compression: options.compression,
+        });
         middlewares.forEach((mw) => app.use(mw));
     }
     return app;
 }
+function createNativeApp(options = {}) {
+    const app = createHttpApp(options);
+    return new native_adapter_1.NativeAdapter(app);
+}
 /**
  * Singleton instance for quick start
  * @example

package/dist/src/middleware/compression.d.ts CHANGED Viewed

@@ -1,6 +1,2 @@
-import { QHTTPXMiddleware } from '../core/types';
-export type CompressionOptions = {
-    threshold?: number;
-    level?: number;
-};
+import { QHTTPXMiddleware, CompressionOptions } from '../core/types';
 export declare function createCompressionMiddleware(options?: CompressionOptions): QHTTPXMiddleware;

package/dist/src/middleware/cors.d.ts CHANGED Viewed

@@ -1,11 +1,2 @@
-import { QHTTPXMiddleware } from '../core/types';
-export type CorsOrigin = string | string[] | ((origin: string | undefined) => string | null | undefined);
-export type CorsOptions = {
-    origin?: CorsOrigin;
-    methods?: string[];
-    allowedHeaders?: string[];
-    exposedHeaders?: string[];
-    credentials?: boolean;
-    maxAgeSeconds?: number;
-};
+import { QHTTPXMiddleware, CorsOptions } from '../core/types';
 export declare function createCorsMiddleware(options?: CorsOptions): QHTTPXMiddleware;

package/dist/src/middleware/presets.d.ts CHANGED Viewed

@@ -1,10 +1,13 @@
-import { QHTTPXMiddleware } from '../core/types';
+import { QHTTPXMiddleware, RateLimitOptions, CorsOptions, CompressionOptions } from '../core/types';
 import { SecureDefaultsOptions } from './security';
 import { LoggerOptions } from '../utils/logger';
 import { StaticOptions } from './static';
 export type ApiPresetOptions = {
     security?: SecureDefaultsOptions;
     logging?: LoggerOptions | boolean;
+    rateLimit?: RateLimitOptions;
+    cors?: CorsOptions | boolean;
+    compression?: CompressionOptions | boolean;
 };
 export declare function createApiPreset(options?: ApiPresetOptions): QHTTPXMiddleware[];
 export type StaticAppPresetOptions = ApiPresetOptions & {

package/dist/src/middleware/presets.js CHANGED Viewed

@@ -3,17 +3,36 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.createApiPreset = createApiPreset;
 exports.createStaticAppPreset = createStaticAppPreset;
 const security_1 = require("./security");
+const cors_1 = require("./cors");
+const compression_1 = require("./compression");
 const logger_1 = require("../utils/logger");
 const static_1 = require("./static");
+const rate_limit_1 = require("./rate-limit");
 function createApiPreset(options = {}) {
     const middlewares = [];
-    // 1. Security (CORS, Headers)
-    middlewares.push(...(0, security_1.createSecureDefaults)(options.security));
-    // 2. Logging
+    // 1. CORS
+    // Default to true (enabled) if not specified, to match createSecureDefaults behavior
+    const corsOpts = options.cors ?? options.security?.cors ?? true;
+    if (corsOpts !== false) {
+        const opts = corsOpts === true ? {} : corsOpts;
+        middlewares.push((0, cors_1.createCorsMiddleware)(opts));
+    }
+    // 2. Security Headers
+    middlewares.push((0, security_1.createSecurityHeadersMiddleware)(options.security?.securityHeaders));
+    // 3. Compression
+    if (options.compression) {
+        const opts = options.compression === true ? {} : options.compression;
+        middlewares.push((0, compression_1.createCompressionMiddleware)(opts));
+    }
+    // 4. Logging
     if (options.logging !== false) {
         const loggerOptions = typeof options.logging === 'object' ? options.logging : {};
         middlewares.push((0, logger_1.createLoggerMiddleware)(loggerOptions));
     }
+    // 5. Rate Limit
+    if (options.rateLimit) {
+        middlewares.push((0, rate_limit_1.rateLimit)(options.rateLimit));
+    }
     return middlewares;
 }
 function createStaticAppPreset(options) {

package/dist/src/middleware/rate-limit.d.ts CHANGED Viewed

@@ -1,12 +1,4 @@
-import type { QHTTPXContext, QHTTPXMiddleware } from '../core/types';
-export interface RateLimitStore {
-    increment(key: string, windowMs: number): Promise<{
-        total: number;
-        resetTime: number;
-    }>;
-    decrement(key: string): Promise<void>;
-    reset(key: string): Promise<void>;
-}
+import type { QHTTPXMiddleware, RateLimitOptions, RateLimitStore } from '../core/types';
 export declare class MemoryStore implements RateLimitStore {
     private hits;
     private interval?;
@@ -19,14 +11,4 @@ export declare class MemoryStore implements RateLimitStore {
     reset(key: string): Promise<void>;
     private cleanup;
 }
-export interface RateLimitOptions {
-    windowMs?: number;
-    max?: number;
-    message?: string | object;
-    statusCode?: number;
-    headers?: boolean;
-    keyGenerator?: (ctx: QHTTPXContext) => string;
-    skip?: (ctx: QHTTPXContext) => boolean;
-    store?: RateLimitStore;
-}
 export declare const rateLimit: (options?: RateLimitOptions) => QHTTPXMiddleware;

package/dist/src/middleware/rate-limit.js CHANGED Viewed

@@ -49,6 +49,12 @@ const rateLimit = (options = {}) => {
     const headers = options.headers ?? true;
     const store = options.store ?? new MemoryStore();
     const keyGenerator = options.keyGenerator ?? ((ctx) => {
+        if (options.trustProxy) {
+            const forwarded = ctx.req.headers['x-forwarded-for'];
+            if (forwarded) {
+                return Array.isArray(forwarded) ? forwarded[0] : forwarded.split(',')[0].trim();
+            }
+        }
         return ctx.req.socket.remoteAddress || 'unknown';
     });
     return async (ctx, next) => {

package/dist/src/middleware/security.d.ts CHANGED Viewed

@@ -1,5 +1,4 @@
-import { QHTTPXContext, QHTTPXMiddleware } from '../core/types';
-import { CorsOptions } from './cors';
+import { QHTTPXContext, QHTTPXMiddleware, CorsOptions } from '../core/types';
 export type SecurityHeadersOptions = {
     contentSecurityPolicy?: string | null;
     referrerPolicy?: string | null;

package/dist/src/native/index.d.ts ADDED Viewed

@@ -0,0 +1,29 @@
+export interface NativeServerBinding {
+    parse(buffer: Buffer): {
+        method: string;
+        path: string;
+        version: number;
+        headers: Record<string, string>;
+        bodyOffset: number;
+    } | null;
+    createResponse(statusCode: number, headers: Record<string, string>, body?: string | Buffer): Buffer;
+    createJSONResponse(obj: unknown): Buffer;
+    writeResponse(fd: number, chunks: (Buffer | string)[]): void;
+    setCPUAffinity(cpuId: number): boolean;
+}
+export declare class NativeServer {
+    private binding;
+    constructor();
+    get isAvailable(): boolean;
+    parse(buffer: Buffer): {
+        method: string;
+        path: string;
+        version: number;
+        headers: Record<string, string>;
+        bodyOffset: number;
+    } | null;
+    createResponse(statusCode: number, headers: Record<string, string>, body?: string | Buffer): Buffer<ArrayBufferLike>;
+    createJSONResponse(obj: unknown): Buffer<ArrayBufferLike>;
+    writeResponse(fd: number, chunks: (Buffer | string)[]): void;
+    setCPUAffinity(cpuId: number): boolean;
+}

package/dist/src/native/index.js ADDED Viewed

@@ -0,0 +1,64 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NativeServer = void 0;
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+let nativeBinding = null;
+// Use try/catch with module.createRequire if import.meta is not available in some build targets
+// However, since we are in a TS module that might be commonjs or esm
+// We'll use a safer approach for require
+try {
+    const req = require;
+    try {
+        nativeBinding = req('../../build/Release/qhttpx_native.node');
+    }
+    catch {
+        try {
+            nativeBinding = req('../../build/Debug/qhttpx_native.node');
+        }
+        catch {
+            // Ignored
+        }
+    }
+}
+catch {
+    // Ignored
+}
+class NativeServer {
+    constructor() {
+        if (nativeBinding && nativeBinding.NativeServer) {
+            this.binding = new nativeBinding.NativeServer();
+        }
+        else {
+            this.binding = null;
+        }
+    }
+    get isAvailable() {
+        return this.binding !== null;
+    }
+    parse(buffer) {
+        if (!this.binding)
+            throw new Error('Native bindings not available');
+        return this.binding.parse(buffer);
+    }
+    createResponse(statusCode, headers, body) {
+        if (!this.binding)
+            throw new Error('Native bindings not available');
+        return this.binding.createResponse(statusCode, headers, body);
+    }
+    createJSONResponse(obj) {
+        if (!this.binding)
+            throw new Error('Native bindings not available');
+        return this.binding.createJSONResponse(obj);
+    }
+    writeResponse(fd, chunks) {
+        if (!this.binding)
+            throw new Error('Native bindings not available');
+        return this.binding.writeResponse(fd, chunks);
+    }
+    setCPUAffinity(cpuId) {
+        if (!this.binding)
+            throw new Error('Native bindings not available');
+        return this.binding.setCPUAffinity(cpuId);
+    }
+}
+exports.NativeServer = NativeServer;

package/dist/src/router/radix-tree.d.ts CHANGED Viewed

@@ -12,5 +12,7 @@ export declare class RadixTree {
     private root;
     insert(segments: string[], handler: QHTTPXHandler, priority: RoutePriority): void;
     lookup(segments: string[]): MatchResult | null;
+    lookupPath(path: string): MatchResult | null;
+    private findPath;
     private find;
 }

package/dist/src/router/radix-tree.js CHANGED Viewed

@@ -10,6 +10,8 @@ class Node {
         this.paramName = null;
         // Data if this node is a route end
         this.data = null;
+        // Optimization: Pre-allocated match result for static matches
+        this.staticMatch = null;
     }
 }
 class RadixTree {
@@ -38,14 +40,62 @@ class RadixTree {
             }
         }
         node.data = { handler, priority };
+        node.staticMatch = { handler, priority, params: {} };
     }
     lookup(segments) {
-        // Use a stack-based approach or recursion.
-        // For simplicity and correctness with backtracking, we'll use recursion.
-        // To minimize allocations, we pass the same params object and only copy on success?
-        // Actually, creating a params object is inevitable for the result.
         return this.find(this.root, segments, 0);
     }
+    lookupPath(path) {
+        if (path === '/' || path === '') {
+            if (this.root.staticMatch) {
+                return this.root.staticMatch;
+            }
+            return null;
+        }
+        const start = path.charCodeAt(0) === 47 ? 1 : 0;
+        return this.findPath(this.root, path, start);
+    }
+    findPath(node, path, start) {
+        // Handle trailing slash or end of path
+        if (start >= path.length) {
+            if (node.staticMatch) {
+                return node.staticMatch;
+            }
+            return null;
+        }
+        let end = path.indexOf('/', start);
+        if (end === -1) {
+            end = path.length;
+        }
+        const segment = path.substring(start, end);
+        const nextStart = end + 1;
+        // Skip empty segments (e.g. //) to match normalize behavior
+        if (segment.length === 0) {
+            return this.findPath(node, path, nextStart);
+        }
+        // 1. Try exact match
+        const child = node.children.get(segment);
+        if (child) {
+            const result = this.findPath(child, path, nextStart);
+            if (result)
+                return result;
+        }
+        // 2. Try param match
+        if (node.paramChild) {
+            const result = this.findPath(node.paramChild, path, nextStart);
+            if (result) {
+                // Clone params to avoid modifying shared staticMatch
+                const newParams = { ...result.params };
+                newParams[node.paramChild.paramName] = segment;
+                return {
+                    handler: result.handler,
+                    priority: result.priority,
+                    params: newParams
+                };
+            }
+        }
+        return null;
+    }
     find(node, segments, index) {
         if (index === segments.length) {
             if (node.data) {

package/dist/src/router/router.d.ts CHANGED Viewed

@@ -15,6 +15,7 @@ export type RouteMatch = {
 export declare class Router {
     private readonly methodBuckets;
     private readonly radixTrees;
+    private readonly staticRoutes;
     private isFrozen;
     register(method: HTTPMethod, path: string, handler: QHTTPXHandler, options?: RouteOptions & {
         schema?: RouteSchema | Record<string, unknown>;

package/dist/src/router/router.js CHANGED Viewed

@@ -17,6 +17,16 @@ class Router {
         ]);
         // Derived structures (built at freeze time)
         this.radixTrees = new Map();
+        // Fast lookup for static routes (no params)
+        this.staticRoutes = new Map([
+            ['GET', new Map()],
+            ['POST', new Map()],
+            ['PUT', new Map()],
+            ['DELETE', new Map()],
+            ['PATCH', new Map()],
+            ['HEAD', new Map()],
+            ['OPTIONS', new Map()],
+        ]);
         // Freeze state
         this.isFrozen = false;
     }
@@ -42,10 +52,18 @@ class Router {
     match(method, path) {
         // Fast path for frozen router
         if (this.isFrozen) {
+            // 1. Try static match (O(1))
+            const staticMap = this.staticRoutes.get(method);
+            if (staticMap) {
+                const match = staticMap.get(path);
+                if (match) {
+                    return match;
+                }
+            }
+            // 2. Try radix tree match
             const tree = this.radixTrees.get(method);
             if (tree) {
-                const segments = this.normalize(path);
-                const match = tree.lookup(segments);
+                const match = tree.lookupPath(path);
                 if (match) {
                     return match;
                 }
@@ -127,8 +145,30 @@ class Router {
         // Build derived structures for faster matching
         for (const [method, routes] of this.methodBuckets.entries()) {
             const tree = new radix_tree_1.RadixTree();
+            const staticMap = this.staticRoutes.get(method);
             for (const route of routes) {
                 tree.insert(route.segments, route.handler, route.priority);
+                // Check if route is static (no params)
+                let isStatic = true;
+                for (const segment of route.segments) {
+                    if (segment.startsWith(':')) {
+                        isStatic = false;
+                        break;
+                    }
+                }
+                if (isStatic) {
+                    // Optimization: Pre-allocate static match result
+                    // Note: we use route.path directly as key
+                    staticMap.set(route.path, {
+                        handler: route.handler,
+                        params: {},
+                        priority: route.priority,
+                    });
+                    // Also handle trailing slash or no trailing slash?
+                    // For strict matching, we use exact path.
+                    // QHTTPX seems to normalize, so /json/ and /json might be different?
+                    // route.path comes from user.
+                }
             }
             this.radixTrees.set(method, tree);
         }

package/dist/tests/native-adapter.test.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/tests/native-adapter.test.js ADDED Viewed

@@ -0,0 +1,71 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const native_adapter_1 = require("../src/core/native-adapter");
+const index_1 = require("../src/index");
+const net_1 = __importDefault(require("net"));
+// Mock the NativeServer module
+vitest_1.vi.mock('../src/native', () => {
+    return {
+        NativeServer: class MockNativeServer {
+            constructor() {
+                this.isAvailable = true;
+            }
+            parse(buffer) {
+                const str = buffer.toString();
+                if (str.includes('GET / HTTP/1.1')) {
+                    return {
+                        method: 'GET',
+                        path: '/',
+                        version: 1,
+                        headers: { host: 'localhost' },
+                        bodyOffset: str.indexOf('\r\n\r\n') + 4
+                    };
+                }
+                return undefined;
+            }
+            // eslint-disable-next-line @typescript-eslint/no-explicit-any
+            createResponse(statusCode, headers, body) {
+                return Buffer.from(`HTTP/1.1 ${statusCode} OK\r\n\r\n${body || ''}`);
+            }
+        }
+    };
+});
+(0, vitest_1.describe)('NativeAdapter', () => {
+    let app;
+    let adapter;
+    let server;
+    let port = 0;
+    (0, vitest_1.beforeEach)(() => {
+        app = (0, index_1.createHttpApp)();
+        adapter = new native_adapter_1.NativeAdapter(app);
+    });
+    (0, vitest_1.afterEach)(async () => {
+        if (server) {
+            await new Promise(resolve => server.close(() => resolve()));
+        }
+    });
+    (0, vitest_1.it)('should handle request using native parser mock', async () => {
+        app.get('/', ({ res }) => { res.end('Native Works'); });
+        await new Promise((resolve) => {
+            server = adapter.listen(0, () => {
+                port = server.address().port;
+                resolve();
+            });
+        });
+        const socket = net_1.default.createConnection(port);
+        const responsePromise = new Promise((resolve) => {
+            socket.on('data', (data) => {
+                resolve(data.toString());
+                socket.end();
+            });
+        });
+        socket.write('GET / HTTP/1.1\r\nHost: localhost\r\n\r\n');
+        const response = await responsePromise;
+        (0, vitest_1.expect)(response).toContain('HTTP/1.1 200 OK');
+        (0, vitest_1.expect)(response).toContain('Native Works');
+    });
+});

package/dist/tests/resources.test.js CHANGED Viewed

@@ -32,6 +32,9 @@ const index_1 = require("../src/index");
             maxMemoryBytes: 1000000,
         });
         const { port } = await app.listen(0, '127.0.0.1');
+        // Force memory check by manipulating requestCounter
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        app.requestCounter = 99;
         app.get('/', (ctx) => {
             ctx.send('ok');
         });

package/dist/tests/security.test.js CHANGED Viewed

@@ -67,8 +67,8 @@ const src_1 = require("../src");
     });
     (0, vitest_1.it)('applies in-memory rate limiting per remote address', async () => {
         app = new src_1.QHTTPX();
-        app.use((0, src_1.createRateLimitMiddleware)({
-            maxRequests: 1,
+        app.use((0, src_1.rateLimit)({
+            max: 1,
             windowMs: 1000,
         }));
         app.get('/ping', (ctx) => {