shokupan 0.16.3 → 0.16.5

package/dist/{index-8Ylk5R0q.cjs → index-Cx60P13T.cjs}

@@ -51,7 +51,7 @@ const node_stream = require("node:stream");
 const zlib = require("node:zlib");
 const Ajv = require("ajv");
 const addFormats = require("ajv-formats");
-const crypto = require("crypto");
+const crypto$1 = require("crypto");
 const events = require("events");
 var _documentCurrentScript = typeof document !== "undefined" ? document.currentScript : null;
 function _interopNamespaceDefault(e) {
@@ -2744,145 +2744,270 @@ class NotFoundError extends HttpError {
     this.name = "NotFoundError";
   }
 }
-class McpProtocol {
-  tools = /* @__PURE__ */ new Map();
-  prompts = /* @__PURE__ */ new Map();
-  resources = /* @__PURE__ */ new Map();
-  constructor(tools = [], prompts = [], resources = []) {
-    tools.forEach((t) => this.tools.set(t.name, t));
-    prompts.forEach((p) => this.prompts.set(p.name, p));
-    resources.forEach((r) => this.resources.set(r.uri, r));
+class McpSession {
+  constructor(sessionId, protocol) {
+    this.protocol = protocol;
+    this.sessionId = sessionId;
   }
-  addTool(tool) {
-    this.tools.set(tool.name, tool);
+  sessionId;
+  initialized = false;
+  writeController;
+  activeRequests = /* @__PURE__ */ new Map();
+  pendingCallbacks = /* @__PURE__ */ new Map();
+  nextMessageId = 1;
+  attachStream(controller) {
+    this.writeController = controller;
   }
-  addPrompt(prompt) {
-    this.prompts.set(prompt.name, prompt);
+  close() {
+    if (this.writeController) {
+      try {
+        this.writeController.close();
+      } catch (e) {
+      }
+    }
+    this.activeRequests.forEach((controller) => {
+      controller.abort(new Error("Session closed"));
+    });
+    this.activeRequests.clear();
+    this.pendingCallbacks.forEach(({ reject }) => {
+      reject(new Error("Session closed"));
+    });
+    this.pendingCallbacks.clear();
+    this.initialized = false;
   }
-  addResource(resource) {
-    this.resources.set(resource.uri, resource);
+  send(message) {
+    if (!this.writeController) return;
+    try {
+      this.writeController.enqueue(`event: message
+data: ${JSON.stringify(message)}
+
+`);
+    } catch (e) {
+      this.close();
+    }
   }
-  merge(other) {
-    other.tools.forEach((t) => this.tools.set(t.name, t));
-    other.prompts.forEach((p) => this.prompts.set(p.name, p));
-    other.resources.forEach((r) => this.resources.set(r.uri, r));
+  async sendRequest(method, params) {
+    const id = this.nextMessageId++;
+    return new Promise((resolve, reject) => {
+      this.pendingCallbacks.set(id, { resolve, reject });
+      this.send({ jsonrpc: "2.0", id, method, params });
+    });
+  }
+  sendNotification(method, params) {
+    this.send({ jsonrpc: "2.0", method, params });
+  }
+  /**
+   * Request the current roots from the client.
+   */
+  async listRoots() {
+    return this.sendRequest("roots/list");
+  }
+  /**
+   * Request the client to sample an LLM completion.
+   */
+  async createMessageSampling(params) {
+    return this.sendRequest("sampling/createMessage", params);
   }
   async handleMessage(message) {
-    if (message.jsonrpc !== "2.0") {
-      return this.error(message.id, -32600, "Invalid Request");
+    if (!message || typeof message !== "object" || message.jsonrpc !== "2.0") {
+      return this.error(message?.id ?? null, -32600, "Invalid Request");
+    }
+    if ("result" in message || "error" in message) {
+      const cb = this.pendingCallbacks.get(message.id);
+      if (cb) {
+        this.pendingCallbacks.delete(message.id);
+        if (message.error) {
+          cb.reject(new Error(message.error.message));
+        } else {
+          cb.resolve(message.result);
+        }
+      }
+      return null;
+    }
+    const req = message;
+    const isNotification = !("id" in req);
+    if (isNotification) {
+      if (req.method === "notifications/cancel") {
+        const requestId = req.params?.requestId;
+        if (requestId) {
+          const controller = this.activeRequests.get(requestId);
+          if (controller) {
+            controller.abort(new Error("Cancelled by client"));
+            this.activeRequests.delete(requestId);
+          }
+        }
+      } else if (req.method === "notifications/initialized") {
+        this.initialized = true;
+      } else if (req.method === "notifications/progress") ;
+      return null;
     }
     try {
-      switch (message.method) {
+      const controller = new AbortController();
+      this.activeRequests.set(req.id, controller);
+      const context = {
+        session: this,
+        signal: controller.signal,
+        onProgress: (progress, total) => {
+          const progressToken = req.params?.meta?.progressToken;
+          if (progressToken) {
+            this.sendNotification("notifications/progress", {
+              progressToken,
+              progress,
+              total
+            });
+          }
+        }
+      };
+      let result;
+      switch (req.method) {
         case "initialize":
-          return this.success(message.id, {
+          result = {
             protocolVersion: "2024-11-05",
             serverInfo: {
               name: "Shokupan MCP",
               version: "1.0.0"
             },
             capabilities: {
-              tools: this.tools.size > 0 ? {} : void 0,
-              prompts: this.prompts.size > 0 ? {} : void 0,
-              resources: this.resources.size > 0 ? {} : void 0
+              tools: this.protocol.hasTools() ? {} : void 0,
+              prompts: this.protocol.hasPrompts() ? {} : void 0,
+              resources: this.protocol.hasResources() ? {} : void 0
             }
-          });
+          };
+          break;
         case "ping":
-          return this.success(message.id, {});
+          result = {};
+          break;
         case "tools/list":
-          if (this.tools.size === 0) return this.success(message.id, { tools: [] });
-          return this.success(message.id, {
-            tools: Array.from(this.tools.values()).map((t) => ({
-              name: t.name,
-              description: t.description,
-              inputSchema: t.inputSchema || { type: "object", properties: {} }
-            }))
-          });
-        case "tools/call": {
-          if (!message.params || !message.params.name) {
-            return this.error(message.id, -32602, "Invalid params: name required");
-          }
-          const tool = this.tools.get(message.params.name);
-          if (!tool) {
-            return this.error(message.id, -32601, `Tool not found: ${message.params.name}`);
-          }
-          try {
-            const result = await tool.handler(message.params.arguments || {});
-            return this.success(message.id, result);
-          } catch (e) {
-            return {
-              jsonrpc: "2.0",
-              id: message.id ?? null,
-              result: {
-                isError: true,
-                content: [{ type: "text", text: e.message || String(e) }]
-              }
-            };
-          }
-        }
+          result = this.protocol.listTools(req.params?.cursor);
+          break;
+        case "tools/call":
+          if (!req.params || !req.params.name) throw new Error("Invalid params: name required");
+          result = await this.protocol.callTool(req.params.name, req.params.arguments, context);
+          break;
         case "prompts/list":
-          if (this.prompts.size === 0) return this.success(message.id, { prompts: [] });
-          return this.success(message.id, {
-            prompts: Array.from(this.prompts.values()).map((p) => ({
-              name: p.name,
-              description: p.description,
-              arguments: p.arguments
-            }))
-          });
-        case "prompts/get": {
-          if (!message.params || !message.params.name) {
-            return this.error(message.id, -32602, "Invalid params: name required");
-          }
-          const prompt = this.prompts.get(message.params.name);
-          if (!prompt) {
-            return this.error(message.id, -32601, `Prompt not found: ${message.params.name}`);
-          }
-          const result = await prompt.handler(message.params.arguments || {});
-          return this.success(message.id, result);
-        }
+          result = this.protocol.listPrompts(req.params?.cursor);
+          break;
+        case "prompts/get":
+          if (!req.params || !req.params.name) throw new Error("Invalid params: name required");
+          result = await this.protocol.getPrompt(req.params.name, req.params.arguments, context);
+          break;
         case "resources/list":
-          if (this.resources.size === 0) return this.success(message.id, { resources: [] });
-          return this.success(message.id, {
-            resources: Array.from(this.resources.values()).map((r) => ({
-              uri: r.uri,
-              name: r.name,
-              description: r.description,
-              mimeType: r.mimeType
-            }))
-          });
-        case "resources/read": {
-          if (!message.params || !message.params.uri) {
-            return this.error(message.id, -32602, "Invalid params: uri required");
-          }
-          let resource = this.resources.get(message.params.uri);
-          if (!resource) {
-            return this.error(message.id, -32601, `Resource not found: ${message.params.uri}`);
-          }
-          const result = await resource.handler(message.params.uri);
-          return this.success(message.id, result);
-        }
+          result = this.protocol.listResources(req.params?.cursor);
+          break;
+        case "resources/read":
+          if (!req.params || !req.params.uri) throw new Error("Invalid params: uri required");
+          result = await this.protocol.readResource(req.params.uri, context);
+          break;
         default:
-          if (message.id === void 0) return null;
-          return this.error(message.id, -32601, "Method not found");
+          return this.error(req.id, -32601, "Method not found");
       }
+      this.activeRequests.delete(req.id);
+      return this.success(req.id, result);
     } catch (err) {
-      return this.error(message.id, -32603, "Internal Error", err.message);
+      this.activeRequests.delete(req.id);
+      if (req.method === "tools/call") {
+        return this.success(req.id, {
+          isError: true,
+          content: [{ type: "text", text: err.message || String(err) }]
+        });
+      }
+      return this.error(req.id, -32603, "Internal Error", err.message);
     }
   }
   success(id, result) {
     return {
       jsonrpc: "2.0",
-      id: id ?? null,
+      id,
       result
     };
   }
   error(id, code, message, data) {
     return {
       jsonrpc: "2.0",
-      id: id ?? null,
+      id,
       error: { code, message, data }
     };
   }
 }
+class McpProtocol {
+  tools = /* @__PURE__ */ new Map();
+  prompts = /* @__PURE__ */ new Map();
+  resources = /* @__PURE__ */ new Map();
+  constructor(tools = [], prompts = [], resources = []) {
+    tools.forEach((t) => this.tools.set(t.name, t));
+    prompts.forEach((p) => this.prompts.set(p.name, p));
+    resources.forEach((r) => this.resources.set(r.uri, r));
+  }
+  hasTools() {
+    return this.tools.size > 0;
+  }
+  hasPrompts() {
+    return this.prompts.size > 0;
+  }
+  hasResources() {
+    return this.resources.size > 0;
+  }
+  addTool(tool) {
+    this.tools.set(tool.name, tool);
+  }
+  addPrompt(prompt) {
+    this.prompts.set(prompt.name, prompt);
+  }
+  addResource(resource) {
+    this.resources.set(resource.uri, resource);
+  }
+  merge(other) {
+    other.tools.forEach((t) => this.tools.set(t.name, t));
+    other.prompts.forEach((p) => this.prompts.set(p.name, p));
+    other.resources.forEach((r) => this.resources.set(r.uri, r));
+  }
+  createSession(sessionId) {
+    return new McpSession(sessionId, this);
+  }
+  listTools(cursor) {
+    return {
+      tools: Array.from(this.tools.values()).map((t) => ({
+        name: t.name,
+        description: t.description,
+        inputSchema: t.inputSchema || { type: "object", properties: {} }
+      }))
+    };
+  }
+  async callTool(name, args, context) {
+    const tool = this.tools.get(name);
+    if (!tool) throw new Error(`Tool not found: ${name}`);
+    return await tool.handler(args || {}, context);
+  }
+  listPrompts(cursor) {
+    return {
+      prompts: Array.from(this.prompts.values()).map((p) => ({
+        name: p.name,
+        description: p.description,
+        arguments: p.arguments
+      }))
+    };
+  }
+  async getPrompt(name, args, context) {
+    const prompt = this.prompts.get(name);
+    if (!prompt) throw new Error(`Prompt not found: ${name}`);
+    return await prompt.handler(args || {}, context);
+  }
+  listResources(cursor) {
+    return {
+      resources: Array.from(this.resources.values()).map((r) => ({
+        uri: r.uri,
+        name: r.name,
+        description: r.description,
+        mimeType: r.mimeType
+      }))
+    };
+  }
+  async readResource(uri, context) {
+    const resource = this.resources.get(uri);
+    if (!resource) throw new Error(`Resource not found: ${uri}`);
+    return await resource.handler(uri, context);
+  }
+}
 class MiddlewareTracker {
   static wrap(handler, context) {
     const { file, line, name, isBuiltin, pluginName } = context;
@@ -4763,7 +4888,7 @@ class ApiExplorerPlugin extends ShokupanRouter {
     }
   }
   static getBasePath() {
-    const dir = path$1.dirname(node_url.fileURLToPath(typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("index-8Ylk5R0q.cjs", document.baseURI).href));
+    const dir = path$1.dirname(node_url.fileURLToPath(typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("index-Cx60P13T.cjs", document.baseURI).href));
     if (dir.endsWith("dist")) {
       return dir + "/plugins/application/api-explorer";
     }
@@ -5567,7 +5692,7 @@ class AsyncApiPlugin extends ShokupanRouter {
     this.init();
   }
   static getBasePath() {
-    const dir = path$1.dirname(node_url.fileURLToPath(typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("index-8Ylk5R0q.cjs", document.baseURI).href));
+    const dir = path$1.dirname(node_url.fileURLToPath(typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("index-Cx60P13T.cjs", document.baseURI).href));
     if (dir.endsWith("dist")) {
       return dir + "/plugins/application/asyncapi";
     }
@@ -6091,7 +6216,7 @@ function createHTTPLogger() {
     return result;
   };
 }
-const require$1 = node_module.createRequire(typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("index-8Ylk5R0q.cjs", document.baseURI).href);
+const require$1 = node_module.createRequire(typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("index-Cx60P13T.cjs", document.baseURI).href);
 const http = require$1("node:http");
 const https = require$1("node:https");
 class FetchInterceptor {
@@ -6698,7 +6823,7 @@ class Dashboard {
   }
   // Get base path for dashboard files - works in both dev (src/) and production (dist/)
   static getBasePath() {
-    const dir = path$1.dirname(node_url.fileURLToPath(typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("index-8Ylk5R0q.cjs", document.baseURI).href));
+    const dir = path$1.dirname(node_url.fileURLToPath(typeof document === "undefined" ? require("url").pathToFileURL(__filename).href : _documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === "SCRIPT" && _documentCurrentScript.src || new URL("index-Cx60P13T.cjs", document.baseURI).href));
     if (dir.endsWith("dist")) {
       return dir + "/plugins/application/dashboard";
     }
@@ -9689,6 +9814,7 @@ class Shokupan extends ShokupanRouter {
   startupHooks = [];
   plugins = [];
   specAvailableHooks = [];
+  pluginInitPromises = [];
   get db() {
     return this.datastore;
   }
@@ -9801,24 +9927,24 @@ class Shokupan extends ShokupanRouter {
     try {
       switch (adapterName) {
         case "sqlite": {
-          const { SqliteAdapter } = await Promise.resolve().then(() => require("./sqlite-4_h2xf9-.cjs"));
+          const { SqliteAdapter } = await Promise.resolve().then(() => require("./sqlite-CvoMrQNx.cjs"));
           this.datastore = new SqliteAdapter(options);
           break;
         }
         case "level": {
-          const { LevelAdapter } = await Promise.resolve().then(() => require("./level-3Mg_5PYx.cjs"));
+          const { LevelAdapter } = await Promise.resolve().then(() => require("./level-DzWOqk9S.cjs"));
           this.datastore = new LevelAdapter(options);
           break;
         }
         case "surrealdb": {
-          const { SurrealAdapter } = await Promise.resolve().then(() => require("./surreal-wFuSfb5c.cjs"));
+          const { SurrealAdapter } = await Promise.resolve().then(() => require("./surreal-DOJpgKP7.cjs"));
           const legacyConfig = this.applicationConfig.surreal || {};
           const effectiveOptions = { ...legacyConfig, ...options };
           this.datastore = new SurrealAdapter(effectiveOptions);
           break;
         }
         default: {
-          const { SurrealAdapter } = await Promise.resolve().then(() => require("./surreal-wFuSfb5c.cjs"));
+          const { SurrealAdapter } = await Promise.resolve().then(() => require("./surreal-DOJpgKP7.cjs"));
           const legacy = this.applicationConfig.surreal;
           this.datastore = new SurrealAdapter(options || legacy || {});
         }
@@ -9854,11 +9980,16 @@ class Shokupan extends ShokupanRouter {
   }
   /**
    * Registers a plugin.
+   * This returns a promise that resolves when the plugin is initialized. You do not 
+   * need to await it unless you want to run code specifically after the plugin is initialized.
+   * Shokupan automatically awaits plugin initialization promises when calling listen().
    */
   async register(plugin, options) {
     this.plugins.push(plugin);
     try {
-      await plugin.onInit(this, options);
+      const promise = plugin.onInit(this, options);
+      this.pluginInitPromises.push(promise);
+      await promise;
     } catch (err) {
       this.logger?.error("Shokupan", "Failed to initialize plugin", { error: err });
       throw err;
@@ -10024,6 +10155,7 @@ class Shokupan extends ShokupanRouter {
    */
   async listen(port, callback) {
     this.httpServer = new ShokupanServer(this);
+    await Promise.allSettled(this.pluginInitPromises);
     this.server = await this.httpServer.listen(port);
     const protocol = this.applicationConfig.tls || this.applicationConfig.development ? "https" : "http";
     const url = `${protocol}://${this.applicationConfig.hostname}:${this.applicationConfig.port}`;
@@ -10478,6 +10610,21 @@ class AuthPlugin extends ShokupanRouter {
     return jwt;
   }
   init() {
+    this.get("/auth/me", async (ctx) => {
+      const cookieHeader = ctx.req.headers.get("Cookie");
+      const token = cookieHeader?.match(/auth_token=([^;]+)/)?.[1];
+      if (!token) return ctx.json({ error: "Unauthenticated" }, 401);
+      try {
+        const { payload } = await this.jose.jwtVerify(token, this.secret);
+        return ctx.json(payload);
+      } catch {
+        return ctx.json({ error: "Invalid or expired token" }, 401);
+      }
+    });
+    this.post("/auth/logout", (ctx) => {
+      ctx.set("Set-Cookie", "auth_token=; Path=/; HttpOnly; Max-Age=0; SameSite=Lax");
+      return ctx.json({ ok: true });
+    });
     const { generateState, generateCodeVerifier, GitHub, Google, MicrosoftEntraId, Apple, Auth0, Okta, OAuth2Client } = this.arctic;
     const providerEntries = Object.entries(this.authConfig.providers);
     for (let i = 0; i < providerEntries.length; i++) {
@@ -10515,6 +10662,7 @@ class AuthPlugin extends ShokupanRouter {
         const url = new URL(ctx.req.url);
         const code = url.searchParams.get("code");
         const state = url.searchParams.get("state");
+        console.log("== OAuth Callback Hit ==", { providerName, code, state });
         const cookieHeader = ctx.req.headers.get("Cookie");
         const storedState = cookieHeader?.match(/oauth_state=([^;]+)/)?.[1];
         const storedVerifier = cookieHeader?.match(/oauth_verifier=([^;]+)/)?.[1];
@@ -10538,17 +10686,38 @@ class AuthPlugin extends ShokupanRouter {
             if (!providerConfig.tokenUrl) return ctx.text("Config error: tokenUrl required for oauth2", 500);
             tokens = await provider.validateAuthorizationCode(providerConfig.tokenUrl, code, null);
           }
-          const accessToken = tokens.accessToken || tokens.access_token;
+          const accessToken = typeof tokens.accessToken === "function" ? tokens.accessToken() : tokens.accessToken || tokens.access_token;
+          try {
+            if (typeof tokens.idToken === "function") {
+              idToken = tokens.idToken();
+            } else if (tokens.idToken) {
+              idToken = tokens.idToken;
+            }
+          } catch (e) {
+          }
           const user = await this.fetchUser(providerName, accessToken, providerConfig, idToken);
           if (this.authConfig.onSuccess) {
             const res = await this.authConfig.onSuccess(user, ctx);
             if (res) return res;
           }
           const jwt = await this.createSession(user, ctx);
+          if (this.authConfig.successRedirect) {
+            return ctx.redirect(this.authConfig.successRedirect);
+          }
           return ctx.json({ token: jwt, user });
         } catch (e) {
+          console.error("Auth Exception:", e);
+          let extradata = "";
+          try {
+            if (e && e.response) extradata = " | Body: " + await e.response.text();
+          } catch {
+          }
           ctx.app?.logger?.error("Auth", "Authentication failed", e);
-          return ctx.text("Authentication failed. Please try again.", 500);
+          return ctx.text(`Authentication failed.
+Error: ${e?.message ?? String(e)}${extradata}
+
+Stack:
+${e?.stack}`, 500);
         }
       });
     }
@@ -10557,7 +10726,10 @@ class AuthPlugin extends ShokupanRouter {
     let user = { id: "unknown", provider };
     if (provider === "github") {
       const res = await fetch("https://api.github.com/user", {
-        headers: { Authorization: `Bearer ${token}` }
+        headers: {
+          Authorization: `Bearer ${token}`,
+          "User-Agent": "Shokupan-Auth/1.0"
+        }
       });
       const data = await res.json();
       user = {
@@ -11115,19 +11287,26 @@ class MCPServerPlugin {
     };
     collect(app);
   }
+  sessions = /* @__PURE__ */ new Map();
   setupRoutes() {
     this.router.get("", (ctx) => {
-      const endpointUrl = `${ctx.protocol}://${ctx.host}${this.options.path}`;
-      const enc = new TextEncoder();
+      const sessionId = crypto.randomUUID();
+      const session = this.router.mcpProtocol.createSession(sessionId);
+      this.sessions.set(sessionId, session);
+      const base = ctx.request.url.replace(/\/$/, "");
+      const endpointUrl = `${base}/message?sessionId=${sessionId}`;
       return new Response(
         new ReadableStream({
           start(controller) {
-            controller.enqueue(enc.encode(`event: endpoint
-data: ${JSON.stringify(endpointUrl)}
+            session.attachStream(controller);
+            controller.enqueue(`event: endpoint
+data: ${endpointUrl}
 
-`));
+`);
           },
-          cancel() {
+          cancel: () => {
+            session.close();
+            this.sessions.delete(sessionId);
           }
         }),
         {
@@ -11139,7 +11318,16 @@ data: ${JSON.stringify(endpointUrl)}
         }
       );
     });
-    this.router.post("", async (ctx) => {
+    this.router.post("/message", async (ctx) => {
+      const url = new URL(ctx.request.url);
+      const sessionId = url.searchParams.get("sessionId");
+      if (!sessionId) {
+        return ctx.text("Missing sessionId", 400);
+      }
+      const session = this.sessions.get(sessionId);
+      if (!session) {
+        return ctx.text("Session not found", 404);
+      }
       let parsedBody;
       try {
         parsedBody = await ctx.body();
@@ -11150,7 +11338,7 @@ data: ${JSON.stringify(endpointUrl)}
           error: { code: -32700, message: "Parse error" }
         }, 400);
       }
-      const response = await this.router.mcpProtocol.handleMessage(parsedBody);
+      const response = await session.handleMessage(parsedBody);
       if (response) {
         return ctx.json(response);
       }
@@ -12569,7 +12757,7 @@ class MemoryStore extends events.EventEmitter {
 function sign(val, secret) {
   if (typeof val !== "string") throw new TypeError("Cookie value must be provided as a string.");
   if (typeof secret !== "string") throw new TypeError("Secret string must be provided.");
-  return val + "." + crypto.createHmac("sha256", secret).update(val).digest("base64").replace(/\=+$/, "");
+  return val + "." + crypto$1.createHmac("sha256", secret).update(val).digest("base64").replace(/\=+$/, "");
 }
 function unsign(input, secret) {
   if (typeof input !== "string") throw new TypeError("Signed cookie string must be provided.");
@@ -12582,7 +12770,7 @@ function unsign(input, secret) {
   Buffer.from(expectedInput).copy(paddedExpected);
   Buffer.from(input).copy(paddedInput);
   try {
-    const valid = crypto.timingSafeEqual(paddedExpected, paddedInput);
+    const valid = crypto$1.timingSafeEqual(paddedExpected, paddedInput);
     return valid ? tentValue : false;
   } catch {
     return false;
@@ -12592,7 +12780,7 @@ function Session(options) {
   const store = options.store || new MemoryStore();
   const name = options.name || "connect.sid";
   const secrets = Array.isArray(options.secret) ? options.secret : [options.secret];
-  const generateId = options.genid || (() => crypto.randomUUID());
+  const generateId = options.genid || (() => crypto$1.randomUUID());
   const resave = options.resave === void 0 ? true : options.resave;
   const saveUninitialized = options.saveUninitialized === void 0 ? true : options.saveUninitialized;
   const rolling = options.rolling || false;
@@ -12926,4 +13114,4 @@ exports.traceMiddleware = traceMiddleware;
 exports.useExpress = useExpress;
 exports.valibot = valibot;
 exports.validate = validate;
-//# sourceMappingURL=index-8Ylk5R0q.cjs.map
+//# sourceMappingURL=index-Cx60P13T.cjs.map