stratal 0.0.16 → 0.0.18

package/dist/i18n.module-BpLLLCTg.mjs

@@ -0,0 +1,2462 @@
+import { A as Scope, D as runWithContainer, E as getContainer, H as ApplicationError, V as ROUTER_TOKENS, a as createHttpExceptionContext, c as DEFAULT_CONTENT_TYPE, d as ROUTER_CONTEXT_KEYS, f as ROUTE_METADATA_KEYS, k as ERROR_CODES, l as HTTP_METHODS, m as VERSION_NEUTRAL, p as SECURITY_SCHEMES, s as RouterContext, u as METHOD_STATUS_CODES, w as I18N_TOKENS } from "./errors--RBIvDXr.mjs";
+import { a as __decorate, d as CONTAINER_TOKEN, f as DI_TOKENS, g as getMethodInjections, o as __decorateParam, p as Transient, s as __decorateMetadata, u as LOGGER_TOKENS } from "./logger-c0ftIK4G.mjs";
+import { S as Module, _ as OpenAPIRouteRegistrationError, b as ControllerMethodNotFoundError, c as InvalidSignatureError, d as ResponseValidationError, f as RouteNameNotFoundError, h as RouteNotFoundError, l as MissingEnvironmentVariableError, m as SchemaValidationError, o as DomainMismatchError, s as DuplicateRouteNameError, u as MissingRouteParamError, v as HonoAppAlreadyConfiguredError, y as ControllerRegistrationError } from "./module-C3YZ-kZN.mjs";
+import { i as z, o as backendErrorMap, r as validation_exports, s as runWithErrorMapContext, t as OpenAPIHono } from "./validation-B4bePOa_.mjs";
+import { n as OPENAPI_TOKENS } from "./openapi-tools.service-B77QXD56.mjs";
+import { t as en_exports } from "./en-3QnZwP-u.mjs";
+import { i as getMethodGuards, r as getControllerGuards, t as GuardExecutionService } from "./guards-MtDgcHnF.mjs";
+import { c as getWsOnMessageMethod, d as isGateway, m as getControllerRoute, o as getWsOnCloseMethod, p as getControllerOptions, s as getWsOnErrorMethod, t as GatewayContext } from "./gateway-context-BdBFoQd8.mjs";
+import { t as setupI18nCompiler } from "./setup-BRIN-iYT.mjs";
+import { inject } from "tsyringe";
+import { createCoreContext, translate } from "@intlify/core-base";
+import { swaggerUI } from "@hono/swagger-ui";
+import { languageDetector } from "hono/language";
+//#region src/i18n/middleware/i18n-context.middleware.ts
+/**
+* I18n Context Middleware
+*
+* Sets up AsyncLocalStorage context for Zod i18n validation.
+* Must run after LocaleExtractionMiddleware sets the locale.
+*/
+let I18nContextMiddleware = class I18nContextMiddleware {
+	constructor(i18n) {
+		this.i18n = i18n;
+	}
+	async handle(ctx, next) {
+		await runWithErrorMapContext({
+			t: (key, params) => this.i18n.t(key, params),
+			locale: ctx.getLocale()
+		}, () => next());
+	}
+};
+I18nContextMiddleware = __decorate([
+	Transient(),
+	__decorateParam(0, inject(I18N_TOKENS.I18nService)),
+	__decorateMetadata("design:paramtypes", [Object])
+], I18nContextMiddleware);
+//#endregion
+//#region src/openapi/services/openapi-config.service.ts
+let OpenAPIConfigService = class OpenAPIConfigService {
+	overrides = [];
+	constructor(baseOptions) {
+		this.baseOptions = baseOptions;
+	}
+	/**
+	* Add configuration override for this request.
+	* Overrides are merged in the order they are added.
+	*/
+	override(config) {
+		this.overrides.push(config);
+	}
+	/** Get effective configuration (base merged with all overrides) */
+	getEffectiveConfig() {
+		let effective = {
+			jsonPath: this.baseOptions?.jsonPath ?? "/api/openapi.json",
+			ui: this.baseOptions?.ui,
+			info: {
+				title: this.baseOptions?.info?.title ?? "API",
+				version: this.baseOptions?.info?.version ?? "1.0.0",
+				description: this.baseOptions?.info?.description
+			},
+			securitySchemes: this.baseOptions?.securitySchemes
+		};
+		for (const override of this.overrides) effective = this.mergeConfig(effective, override);
+		return effective;
+	}
+	/**
+	* Merge override into effective config.
+	* Info is shallow-merged, routeFilter is replaced.
+	*/
+	mergeConfig(base, override) {
+		return {
+			...base,
+			info: {
+				...base.info,
+				...override.info && {
+					title: override.info.title ?? base.info.title,
+					version: override.info.version ?? base.info.version,
+					description: override.info.description ?? base.info.description
+				}
+			},
+			routeFilter: override.routeFilter ?? base.routeFilter
+		};
+	}
+};
+OpenAPIConfigService = __decorate([
+	Transient(OPENAPI_TOKENS.ConfigService),
+	__decorateParam(0, inject(OPENAPI_TOKENS.Options, { isOptional: true })),
+	__decorateMetadata("design:paramtypes", [Object])
+], OpenAPIConfigService);
+//#endregion
+//#region src/i18n/errors/locale-not-supported.error.ts
+/**
+* Locale Not Supported Error
+* Thrown when an unsupported locale is requested
+*
+* HTTP Status: 500 Internal Server Error
+* Error Code: 9301
+*/
+var LocaleNotSupportedError = class extends ApplicationError {
+	constructor(locale, supportedLocales) {
+		super("errors.localeNotSupported", ERROR_CODES.I18N.LOCALE_NOT_SUPPORTED, {
+			locale,
+			supportedLocales: supportedLocales.join(", ")
+		});
+	}
+};
+//#endregion
+//#region src/i18n/errors/translation-missing.error.ts
+/**
+* Translation Missing Error
+* Thrown when a translation key is missing from all locales
+*
+* HTTP Status: 500 Internal Server Error
+* Error Code: 9300
+*/
+var TranslationMissingError = class extends ApplicationError {
+	constructor(key, locale) {
+		super("errors.translationMissing", ERROR_CODES.I18N.TRANSLATION_MISSING, {
+			key,
+			locale
+		});
+	}
+};
+//#endregion
+//#region src/i18n/i18n.options.ts
+/**
+* Resolve I18n options with defaults
+*/
+function resolveI18nOptions(options) {
+	const detection = options?.detection;
+	const enabled = detection ? detection.enabled !== false : true;
+	const strategy = detection && "strategy" in detection ? detection.strategy ?? "cookie" : "cookie";
+	const prefixDefaultLocale = detection && "prefixDefaultLocale" in detection && detection.prefixDefaultLocale !== void 0 ? detection.prefixDefaultLocale : false;
+	return {
+		defaultLocale: options?.defaultLocale ?? "en",
+		fallbackLocale: options?.fallbackLocale ?? "en",
+		locales: options?.locales ?? ["en"],
+		detection: {
+			enabled,
+			strategy,
+			prefixDefaultLocale
+		}
+	};
+}
+/**
+* Build Hono languageDetector options from I18n module options
+*/
+function buildDetectorOptions(options) {
+	const resolved = resolveI18nOptions(options);
+	const strategy = resolved.detection.strategy;
+	const detectorOptions = {
+		order: [strategy],
+		fallbackLanguage: resolved.defaultLocale,
+		supportedLanguages: resolved.locales,
+		lookupCookie: "locale",
+		lookupQueryString: "locale",
+		lookupFromPathIndex: 0,
+		ignoreCase: true
+	};
+	if (strategy === "cookie") {
+		detectorOptions.caches = ["cookie"];
+		if (options?.detection && "cookieOptions" in options.detection && options.detection.cookieOptions) detectorOptions.cookieOptions = options.detection.cookieOptions;
+	} else detectorOptions.caches = false;
+	return detectorOptions;
+}
+//#endregion
+//#region src/i18n/messages/index.ts
+/**
+* Core Messages
+*
+* Messages used by packages/modules infrastructure.
+* These are automatically merged with application-specific messages.
+*/
+/**
+* All locale messages
+* Explicitly import and export (no filesystem scanning - Cloudflare Workers compatible)
+*/
+const messages = { en: en_exports };
+/**
+* Get messages for all locales
+*/
+function getMessages() {
+	return messages;
+}
+/**
+* Get available locales
+*/
+function getLocales() {
+	return Object.keys(messages);
+}
+//#endregion
+//#region src/i18n/utils/deep-merge.ts
+/**
+* Deep merge two objects. Source values override target at leaf level.
+*/
+function deepMerge(target, source) {
+	const result = { ...target };
+	for (const key of Object.keys(source)) {
+		const targetValue = target[key];
+		const sourceValue = source[key];
+		if (typeof targetValue === "object" && targetValue !== null && !Array.isArray(targetValue) && typeof sourceValue === "object" && sourceValue !== null && !Array.isArray(sourceValue)) result[key] = deepMerge(targetValue, sourceValue);
+		else result[key] = sourceValue;
+	}
+	return result;
+}
+//#endregion
+//#region src/i18n/services/message-loader.service.ts
+let MessageLoaderService = class MessageLoaderService {
+	cache;
+	contextCache;
+	locales;
+	defaultLocale;
+	constructor(registry, options) {
+		this.registry = registry;
+		this.options = options;
+		this.defaultLocale = this.options?.defaultLocale ?? "en";
+		this.cache = /* @__PURE__ */ new Map();
+		this.contextCache = /* @__PURE__ */ new Map();
+		const coreMessages = getMessages();
+		const coreLocales = getLocales();
+		const registryMessages = this.registry.getMergedMessages();
+		const registryLocales = Object.keys(registryMessages);
+		const allLocales = [...new Set([...coreLocales, ...registryLocales])];
+		this.locales = allLocales;
+		for (const locale of allLocales) {
+			const merged = deepMerge(coreMessages[locale] ?? {}, registryMessages[locale] ?? {});
+			this.cache.set(locale, merged);
+		}
+	}
+	/**
+	* Get CoreContext for a locale (lazily built and cached on first access)
+	* Falls back to default locale if locale not found
+	*/
+	getCoreContext(locale) {
+		const cached = this.contextCache.get(locale);
+		if (cached) return cached;
+		const effectiveLocale = this.cache.has(locale) ? locale : this.defaultLocale;
+		const cachedEffective = this.contextCache.get(effectiveLocale);
+		if (cachedEffective) return cachedEffective;
+		const messages = this.cache.get(effectiveLocale) ?? {};
+		const flattened = this.flattenMessages(messages);
+		const ctx = createCoreContext({
+			locale: effectiveLocale,
+			messages: { [effectiveLocale]: flattened },
+			missingWarn: false,
+			fallbackWarn: false
+		});
+		this.contextCache.set(effectiveLocale, ctx);
+		return ctx;
+	}
+	/**
+	* Get messages for a specific locale.
+	* Falls back to default locale if not found.
+	*/
+	getMessages(locale) {
+		return this.cache.get(locale) ?? this.cache.get(this.defaultLocale) ?? {};
+	}
+	/** Get list of available locale codes */
+	getAvailableLocales() {
+		return this.locales;
+	}
+	/** Check if a locale is supported */
+	isLocaleSupported(locale) {
+		return this.cache.has(locale);
+	}
+	/** Get default locale */
+	getDefaultLocale() {
+		return this.defaultLocale;
+	}
+	/**
+	* Get flattened (dot-notation) messages for a locale, optionally filtered by namespace prefixes.
+	*
+	* Returns flat key-value pairs matching the format used by `@intlify/core-base`'s
+	* `createCoreContext`. Requires `registerMessageCompiler(compile)` to be called
+	* before `translate()` can resolve these flat keys.
+	*
+	* @param locale - Locale code (falls back to default locale if not found)
+	* @param options - Optional filter configuration
+	* @param options.only - Dot-notation prefixes to include (e.g., `['common', 'nav.sidebar']`)
+	* @returns Flattened messages as `{ 'key.path': 'translated value' }`
+	*
+	* @example
+	* ```typescript
+	* // All messages for the locale
+	* loader.getFilteredMessages('en')
+	*
+	* // Only 'common' and 'nav' namespaces
+	* loader.getFilteredMessages('en', { only: ['common', 'nav'] })
+	*
+	* // Deeply nested prefix
+	* loader.getFilteredMessages('en', { only: ['common.actions'] })
+	* ```
+	*/
+	getFilteredMessages(locale, options) {
+		const messages = this.getMessages(locale);
+		const flattened = this.flattenMessages(messages);
+		if (!options?.only?.length) return flattened;
+		const result = {};
+		for (const [key, value] of Object.entries(flattened)) if (options.only.some((prefix) => key === prefix || key.startsWith(`${prefix}.`))) result[key] = value;
+		return result;
+	}
+	/**
+	* Flatten nested messages to dot-notation.
+	* e.g. `{ a: { b: 'hello' } }` → `{ 'a.b': 'hello' }`
+	*/
+	flattenMessages(messages, prefix = "") {
+		const result = {};
+		for (const key of Object.keys(messages)) {
+			const value = messages[key];
+			const newKey = prefix ? `${prefix}.${key}` : key;
+			if (typeof value === "object" && value !== null && !Array.isArray(value)) Object.assign(result, this.flattenMessages(value, newKey));
+			else result[newKey] = String(value);
+		}
+		return result;
+	}
+};
+MessageLoaderService = __decorate([
+	Transient(I18N_TOKENS.MessageLoader),
+	__decorateParam(0, inject(I18N_TOKENS.MessageRegistry)),
+	__decorateParam(1, inject(I18N_TOKENS.Options, { isOptional: true })),
+	__decorateMetadata("design:paramtypes", [Object, Object])
+], MessageLoaderService);
+//#endregion
+//#region src/i18n/services/message-registry.ts
+/**
+* Global key for the shared contributions array.
+*
+* When stratal is installed via portal/symlink (e.g., in monorepos), bundlers
+* like esbuild may inline multiple copies of this module. Each copy gets its
+* own static class fields, so messages registered by one copy are invisible
+* to another. Using a `Symbol.for()` key on `globalThis` ensures all copies
+* share the same contributions array.
+*/
+const CONTRIBUTIONS_KEY = Symbol.for("stratal:i18n:message-registry:contributions");
+function getContributions() {
+	const g = globalThis;
+	g[CONTRIBUTIONS_KEY] ??= [];
+	return g[CONTRIBUTIONS_KEY];
+}
+let MessageRegistry = class MessageRegistry {
+	/**
+	* Add messages (called statically by I18nModule.registerMessages)
+	*/
+	static addMessages(messages) {
+		if (Boolean(messages) && typeof messages === "object" && Object.keys(messages).length > 0) getContributions().push(messages);
+	}
+	/**
+	* Get all messages deep-merged in registration order
+	*/
+	getMergedMessages() {
+		const merged = {};
+		for (const contribution of getContributions()) for (const locale of Object.keys(contribution)) merged[locale] = deepMerge(merged[locale] ?? {}, contribution[locale]);
+		return merged;
+	}
+	/**
+	* Reset registry (for testing)
+	* @internal
+	*/
+	static reset() {
+		globalThis[CONTRIBUTIONS_KEY] = [];
+	}
+};
+MessageRegistry = __decorate([Transient(I18N_TOKENS.MessageRegistry)], MessageRegistry);
+//#endregion
+//#region src/openapi/services/openapi.service.ts
+let OpenAPIService = class OpenAPIService {
+	/**
+	* Generate a filtered OpenAPI spec using the user's config.
+	* Usable from both HTTP handlers and CLI commands.
+	*/
+	getSpec(app, container) {
+		const configService = container.resolve(OPENAPI_TOKENS.ConfigService);
+		const i18n = container.resolve(I18N_TOKENS.I18nService);
+		const config = configService.getEffectiveConfig();
+		const fullSpec = app.getOpenAPIDocument({
+			openapi: "3.0.0",
+			info: {
+				version: config.info.version,
+				title: config.info.title,
+				description: config.info.description
+			}
+		});
+		fullSpec.components ??= {};
+		fullSpec.components.securitySchemes = this.getSecuritySchemeDefinitions(i18n);
+		if (config.routeFilter) fullSpec.paths = this.filterRoutes(fullSpec.paths, config);
+		if (fullSpec.components.schemas) fullSpec.components.schemas = this.filterSchemas(fullSpec);
+		return fullSpec;
+	}
+	/**
+	* Setup OpenAPI documentation endpoints
+	*/
+	setupEndpoints(app, container) {
+		const config = container.resolve(OPENAPI_TOKENS.ConfigService).getEffectiveConfig();
+		app.get(config.jsonPath, (c) => {
+			const requestContainer = c.get(ROUTER_CONTEXT_KEYS.REQUEST_CONTAINER);
+			const fullSpec = this.getSpec(app, requestContainer);
+			const url = new URL(c.req.raw.url);
+			const i18n = requestContainer.resolve(I18N_TOKENS.I18nService);
+			fullSpec.servers = [{
+				url: `${url.protocol}//${url.host}`,
+				description: i18n.t("common.api.serverDescription")
+			}];
+			return c.json(fullSpec);
+		});
+		this.nameLastHandler(app, "OpenAPI", "spec");
+		if (config.ui !== false) {
+			const uiPath = config.ui?.path ?? "/api/docs";
+			const uiRenderer = config.ui?.renderer;
+			app.get(uiPath, (c, next) => {
+				const effectiveConfig = c.get(ROUTER_CONTEXT_KEYS.REQUEST_CONTAINER).resolve(OPENAPI_TOKENS.ConfigService).getEffectiveConfig();
+				const uiContext = {
+					specUrl: effectiveConfig.jsonPath,
+					title: effectiveConfig.info.title
+				};
+				if (uiRenderer) return uiRenderer(uiContext)(c, next);
+				return swaggerUI({ url: uiContext.specUrl })(c, next);
+			});
+			this.nameLastHandler(app, "OpenAPI", "docs");
+		}
+	}
+	nameLastHandler(app, controller, method) {
+		const last = app.routes[app.routes.length - 1];
+		Object.defineProperty(last.handler, "name", { value: `http:${controller}.${method}` });
+	}
+	/**
+	* Get localized security scheme definitions
+	*/
+	getSecuritySchemeDefinitions(i18n) {
+		return {
+			[SECURITY_SCHEMES.BEARER_AUTH]: {
+				type: "http",
+				scheme: "bearer",
+				bearerFormat: "JWT",
+				description: i18n.t("common.api.security.bearerAuth")
+			},
+			[SECURITY_SCHEMES.API_KEY]: {
+				type: "apiKey",
+				in: "header",
+				name: "X-API-Key",
+				description: i18n.t("common.api.security.apiKey")
+			},
+			[SECURITY_SCHEMES.SESSION_COOKIE]: {
+				type: "apiKey",
+				in: "cookie",
+				name: "session",
+				description: i18n.t("common.api.security.sessionCookie")
+			}
+		};
+	}
+	/**
+	* Filter OpenAPI paths using custom routeFilter
+	*/
+	filterRoutes(paths, config) {
+		const filteredPaths = {};
+		for (const [path, pathItem] of Object.entries(paths)) {
+			if (config.routeFilter && !config.routeFilter(path, pathItem)) continue;
+			filteredPaths[path] = pathItem;
+		}
+		return filteredPaths;
+	}
+	/**
+	* Filter unreferenced schemas from OpenAPI spec
+	*/
+	filterSchemas(spec) {
+		const referencedSchemas = /* @__PURE__ */ new Set();
+		this.collectSchemaRefs(spec.paths, referencedSchemas);
+		const filteredSchemas = {};
+		const components = spec.components;
+		if (components?.schemas) {
+			const allSchemas = components.schemas;
+			let prevSize = 0;
+			while (referencedSchemas.size > prevSize) {
+				prevSize = referencedSchemas.size;
+				for (const [schemaName, schemaValue] of Object.entries(allSchemas)) if (referencedSchemas.has(schemaName) && !filteredSchemas[schemaName]) {
+					filteredSchemas[schemaName] = schemaValue;
+					this.collectSchemaRefs(schemaValue, referencedSchemas);
+				}
+			}
+		}
+		return filteredSchemas;
+	}
+	/**
+	* Recursively collect all schema references from an object
+	*/
+	collectSchemaRefs(obj, refs) {
+		if (!obj || typeof obj !== "object") return;
+		const record = obj;
+		if (record.$ref && typeof record.$ref === "string") {
+			const match = /^#\/components\/schemas\/(.+)$/.exec(record.$ref);
+			if (match) refs.add(match[1]);
+		}
+		if (Array.isArray(obj)) for (const item of obj) this.collectSchemaRefs(item, refs);
+		else for (const value of Object.values(record)) this.collectSchemaRefs(value, refs);
+	}
+};
+OpenAPIService = __decorate([Transient(OPENAPI_TOKENS.OpenAPIService)], OpenAPIService);
+//#endregion
+//#region src/openapi/openapi.module.ts
+/**
+* OpenAPI Module
+*
+* Provides configurable OpenAPI documentation endpoints with runtime override support.
+*
+* Features:
+* - Configurable paths for /openapi.json and /docs
+* - Runtime config overrides via middleware
+* - i18n support for titles and descriptions
+* - Route filtering via hideFromDocs and custom routeFilter
+*
+* @example Basic usage
+* ```typescript
+* @Module({
+*   imports: [
+*     OpenAPIModule.forRoot({
+*       info: { title: 'My API', version: '1.0.0' }
+*     })
+*   ]
+* })
+* export class AppModule {}
+* ```
+*
+* @example With runtime override in middleware
+* ```typescript
+* // In RouteAccessMiddleware
+* constructor(
+*   @inject(OPENAPI_TOKENS.ConfigService) private openAPIConfig: IOpenAPIConfigService
+* ) {}
+*
+* async handle(ctx, next) {
+*   this.openAPIConfig.override({
+*     info: { title: 'Custom API' },
+*     routeFilter: (path) => this.shouldInclude(path)
+*   })
+*   await next()
+* }
+* ```
+*/
+var _OpenAPIModule;
+/** Default options when none provided */
+const DEFAULT_OPTIONS = {
+	jsonPath: "/api/openapi.json",
+	info: {
+		title: "API",
+		version: "1.0.0"
+	}
+};
+let OpenAPIModule = _OpenAPIModule = class OpenAPIModule {
+	/**
+	* Configure OpenAPI module with static options
+	*
+	* @param options - OpenAPI configuration (paths, info, security schemes)
+	* @returns DynamicModule with options provider
+	*/
+	static forRoot(options = {}) {
+		const mergedOptions = {
+			...DEFAULT_OPTIONS,
+			...options,
+			info: {
+				...DEFAULT_OPTIONS.info,
+				...options.info,
+				title: options.info?.title ?? DEFAULT_OPTIONS.info?.title ?? "API",
+				version: options.info?.version ?? DEFAULT_OPTIONS.info?.version ?? "1.0.0"
+			}
+		};
+		return {
+			module: _OpenAPIModule,
+			providers: [{
+				provide: OPENAPI_TOKENS.Options,
+				useValue: mergedOptions
+			}]
+		};
+	}
+	static forRootAsync(options) {
+		return {
+			module: _OpenAPIModule,
+			providers: [{
+				provide: OPENAPI_TOKENS.Options,
+				useFactory: options.useFactory,
+				inject: options.inject
+			}]
+		};
+	}
+};
+OpenAPIModule = _OpenAPIModule = __decorate([Module({ providers: [{
+	provide: OPENAPI_TOKENS.ConfigService,
+	useClass: OpenAPIConfigService,
+	scope: Scope.Request
+}, {
+	provide: OPENAPI_TOKENS.OpenAPIService,
+	useClass: OpenAPIService,
+	scope: Scope.Singleton
+}] })], OpenAPIModule);
+//#endregion
+//#region src/router/middleware/logger.middleware.ts
+/**
+* Create a Hono middleware that logs HTTP requests using our Logger service
+*
+* Logs request method, path, status code, and duration in milliseconds.
+* Format: [HTTP] METHOD /path -> STATUS (duration ms)
+*
+* @param logger - Logger service instance
+* @returns Hono middleware handler
+*
+* @example
+* ```typescript
+* const logger = container.resolve<LoggerService>(LOGGER_TOKENS.LoggerService)
+* app.use('*', createLoggerMiddleware(logger))
+* ```
+*/
+function createLoggerMiddleware(logger) {
+	return async (c, next) => {
+		const start = Date.now();
+		const method = c.req.method;
+		const path = c.req.path;
+		await next();
+		const duration = Date.now() - start;
+		const status = c.res.status;
+		logger.info(`[HTTP] ${method} ${path} -> ${status}`, {
+			method,
+			path,
+			status,
+			duration
+		});
+	};
+}
+//#endregion
+//#region src/router/middleware/domain.middleware.ts
+/**
+* Parse a domain pattern into a regex and extract parameter names.
+*
+* @example
+* parseDomainPattern('{tenant}.example.com')
+* // => { regex: /^([^.]+)\.example\.com$/, paramNames: ['tenant'] }
+*
+* parseDomainPattern('{region}.{tenant}.example.com')
+* // => { regex: /^([^.]+)\.([^.]+)\.example\.com$/, paramNames: ['region', 'tenant'] }
+*/
+function parseDomainPattern(pattern) {
+	const paramNames = [];
+	const escaped = pattern.replace(/\{([a-zA-Z_][a-zA-Z0-9_]*)\}/g, (_match, paramName) => {
+		paramNames.push(paramName);
+		return "([^.]+)";
+	}).replace(/\./g, "\\.");
+	return {
+		regex: new RegExp(`^${escaped}$`),
+		paramNames
+	};
+}
+/**
+* Strip port number from a host header value.
+* 'example.com:8787' => 'example.com'
+*/
+function stripPort(host) {
+	const colonIdx = host.lastIndexOf(":");
+	if (colonIdx === -1) return host;
+	const afterColon = host.slice(colonIdx + 1);
+	return /^\d+$/.test(afterColon) ? host.slice(0, colonIdx) : host;
+}
+/**
+* Create a Hono middleware that matches the request host against a domain pattern.
+*
+* When the host matches, domain parameters are extracted and stored in context
+* variables accessible via `ctx.domain(key)`.
+*
+* When the host does NOT match, throws `DomainMismatchError` (404).
+*
+* @param pattern - Domain pattern with `{param}` placeholders (e.g., '{tenant}.myapp.com')
+*
+* @example
+* ```typescript
+* // Applied automatically by RouteRegistrationService for controllers with domain config
+* @Controller('/dashboard', { domain: '{tenant}.myapp.com' })
+* export class DashboardController {
+*   async index(ctx: RouterContext) {
+*     const tenant = ctx.domain('tenant')
+*   }
+* }
+* ```
+*/
+function createDomainMiddleware(pattern) {
+	const { regex, paramNames } = parseDomainPattern(pattern);
+	return async (c, next) => {
+		const host = stripPort(c.req.header("host") ?? "");
+		const match = regex.exec(host);
+		if (!match) throw new DomainMismatchError();
+		for (let i = 0; i < paramNames.length; i++) c.set(`domain:${paramNames[i]}`, match[i + 1]);
+		await next();
+	};
+}
+//#endregion
+//#region src/router/middleware/middleware-chain.ts
+/**
+* Create a Hono middleware handler that executes a chain of Stratal middleware classes.
+*
+* Each middleware is resolved from the request-scoped container per request,
+* then executed in order (first registered = outermost in the chain).
+*
+* @param classes - Middleware classes to chain
+* @returns Hono middleware handler
+*/
+function createMiddlewareChain(classes) {
+	return async (c, next) => {
+		const requestContainer = c.get(ROUTER_CONTEXT_KEYS.REQUEST_CONTAINER);
+		const ctx = new RouterContext(c);
+		let current = next;
+		for (let i = classes.length - 1; i >= 0; i--) {
+			const prevNext = current;
+			const middleware = requestContainer.resolve(classes[i]);
+			current = () => middleware.handle(ctx, prevNext);
+		}
+		const result = await current();
+		if (result instanceof Response) return result;
+	};
+}
+//#endregion
+//#region src/router/decorators/http-method.decorator.ts
+/**
+* Creates an HTTP method decorator factory for the given HTTP method.
+*
+* The returned decorator stores {@link ExplicitRouteMetadata} on the method and
+* tracks the method name under {@link ROUTE_METADATA_KEYS.DECORATED_METHODS}
+* on the controller prototype so they can be discovered at registration time.
+*/
+function createHttpMethodDecorator(method) {
+	return function(path, config) {
+		return function(target, propertyKey, descriptor) {
+			const metadata = {
+				type: "explicit",
+				method,
+				path,
+				config: config ?? { response: z.any() }
+			};
+			Reflect.defineMetadata(ROUTE_METADATA_KEYS.ROUTE_CONFIG, metadata, target, propertyKey);
+			const existing = Reflect.getOwnMetadata(ROUTE_METADATA_KEYS.DECORATED_METHODS, target) ?? [];
+			existing.push(propertyKey);
+			Reflect.defineMetadata(ROUTE_METADATA_KEYS.DECORATED_METHODS, existing, target);
+			return descriptor;
+		};
+	};
+}
+/**
+* Registers a GET route on the controller method.
+*
+* @param path - Route path relative to the controller base path
+* @param config - Optional route configuration (response schema, body, params, etc.)
+*
+* @example
+* ```typescript
+* @Controller('/api/v1/users')
+* class UsersController {
+*   @Get('/', { response: z.array(userSchema), summary: 'List users' })
+*   async list(ctx: RouterContext) { ... }
+*
+*   @Get('/:id', { params: z.object({ id: z.string().uuid() }), response: userSchema })
+*   async getUser(ctx: RouterContext) { ... }
+* }
+* ```
+*/
+const Get = createHttpMethodDecorator("get");
+/**
+* Registers a POST route on the controller method.
+*
+* @param path - Route path relative to the controller base path
+* @param config - Optional route configuration (response schema, body, params, etc.)
+*
+* @example
+* ```typescript
+* @Controller('/api/v1/users')
+* class UsersController {
+*   @Post('/', { body: createUserSchema, response: userSchema, statusCode: 201 })
+*   async createUser(ctx: RouterContext) { ... }
+* }
+* ```
+*/
+const Post = createHttpMethodDecorator("post");
+/**
+* Registers a PUT route on the controller method.
+*
+* @param path - Route path relative to the controller base path
+* @param config - Optional route configuration
+*/
+const Put = createHttpMethodDecorator("put");
+/**
+* Registers a PATCH route on the controller method.
+*
+* @param path - Route path relative to the controller base path
+* @param config - Optional route configuration
+*/
+const Patch = createHttpMethodDecorator("patch");
+/**
+* Registers a DELETE route on the controller method.
+*
+* @param path - Route path relative to the controller base path
+* @param config - Optional route configuration
+*/
+const Delete = createHttpMethodDecorator("delete");
+/**
+* Registers an ALL (any HTTP method) route on the controller method.
+* Routes using @All are registered without OpenAPI validation
+* since OpenAPI does not support a catch-all HTTP method.
+*
+* @param path - Route path relative to the controller base path
+* @param config - Optional route configuration
+*/
+const All = createHttpMethodDecorator("all");
+//#endregion
+//#region src/router/decorators/route.decorator.ts
+/**
+* Decorator to add OpenAPI metadata to a controller method using convention-based routing.
+*
+* **Cannot be mixed with HTTP method decorators** (`@Get`, `@Post`, `@Put`, `@Patch`,
+* `@Delete`, `@All`) in the same controller. Use one pattern or the other.
+*
+* Stores route configuration (schemas, response, tags, security) in metadata.
+* HTTP method, path, and success status code are auto-derived from the method name:
+* - index() → GET /base-path → 200
+* - show() → GET /base-path/:id → 200
+* - create() → POST /base-path → 201
+* - update() → PUT /base-path/:id → 200
+* - patch() → PATCH /base-path/:id → 200
+* - destroy() → DELETE /base-path/:id → 200
+*
+* @param config - Route configuration (schemas, response, tags, security)
+*
+* @example
+* ```typescript
+* @Controller('/api/v1/notes', {
+*   tags: ['Notes'],
+*   security: ['bearerAuth']
+* })
+* export class NotesController implements Controller {
+*   @Route({
+*     body: createNoteSchema,
+*     response: noteSchema, // 201 auto-derived from 'create' method
+*     tags: ['Mutations'],
+*     description: 'Create a new note'
+*   })
+*   async create(ctx: RouterContext): Promise<Response> {
+*     // POST /api/v1/notes (auto-derived from method name)
+*     // Body schema: createNoteSchema (auto-validated)
+*     // Response: 201 → noteSchema (status auto-derived)
+*     // Tags: ['Notes', 'Mutations'] (merged with controller)
+*     // Security: ['bearerAuth'] (inherited from controller)
+*     const body = ctx.body()
+*     const note = await this.notesService.create(body)
+*     return ctx.json(note, 201)
+*   }
+*
+*   @Route({
+*     query: paginationSchema,
+*     response: z.array(noteSchema) // 200 auto-derived from 'index' method
+*   })
+*   async index(ctx: RouterContext): Promise<Response> {
+*     // GET /api/v1/notes (auto-derived)
+*     // Query params auto-validated
+*     const notes = await this.notesService.list()
+*     return ctx.json(notes)
+*   }
+*
+*   @Route({
+*     params: z.object({ id: z.string().uuid() }),
+*     response: {
+*       schema: noteSchema,
+*       description: 'Note details'
+*     },
+*     security: [] // Override to make public
+*   })
+*   async show(ctx: RouterContext): Promise<Response> {
+*     // GET /api/v1/notes/:id (auto-derived)
+*     // URL params auto-validated
+*     // Response: 200 → noteSchema (status auto-derived)
+*     // Security: [] (public route, override controller security)
+*     const id = ctx.param('id')
+*     const note = await this.notesService.findById(id)
+*     return ctx.json(note)
+*   }
+* }
+* ```
+*/
+function Route(config) {
+	return function(target, propertyKey, descriptor) {
+		const metadata = {
+			type: "convention",
+			config
+		};
+		Reflect.defineMetadata(ROUTE_METADATA_KEYS.ROUTE_CONFIG, metadata, target, propertyKey);
+		const existing = Reflect.getOwnMetadata(ROUTE_METADATA_KEYS.DECORATED_METHODS, target) ?? [];
+		existing.push(propertyKey);
+		Reflect.defineMetadata(ROUTE_METADATA_KEYS.DECORATED_METHODS, existing, target);
+		return descriptor;
+	};
+}
+/**
+* Get the route metadata from a controller method
+*
+* @param target - Controller instance or prototype
+* @param methodName - Name of the method
+* @returns Route metadata or undefined if not decorated
+*/
+function getRouteMetadata(target, methodName) {
+	return Reflect.getMetadata(ROUTE_METADATA_KEYS.ROUTE_CONFIG, target, methodName);
+}
+/**
+* Get all methods with route decorators (@Route, @Get, @Post, etc.) from a controller
+*
+* @param ControllerClass - Controller class
+* @returns Array of method names that have route metadata
+*/
+function getRouteDecoratedMethods(ControllerClass) {
+	const methods = /* @__PURE__ */ new Set();
+	let proto = ControllerClass.prototype;
+	while (proto && proto !== Object.prototype) {
+		const own = Reflect.getOwnMetadata(ROUTE_METADATA_KEYS.DECORATED_METHODS, proto);
+		if (own) for (const m of own) methods.add(m);
+		proto = Object.getPrototypeOf(proto);
+	}
+	return [...methods];
+}
+//#endregion
+//#region src/router/schemas/common.schemas.ts
+/**
+* Common OpenAPI Schemas
+*
+* Reusable schema definitions for common API patterns:
+* - Error responses
+* - Pagination
+* - Common parameters
+*/
+/**
+* Generic error response schema
+* Used for all error responses (4xx, 5xx)
+* Matches ApplicationError.toErrorResponse() structure
+*/
+const errorResponseSchema = z.object({
+	code: z.number().int().describe("Application error code"),
+	message: z.string().describe("Human-readable error message"),
+	timestamp: z.string().datetime().describe("ISO timestamp when error occurred"),
+	metadata: z.record(z.string(), z.unknown()).optional().describe("Additional error context"),
+	stack: z.string().optional().describe("Stack trace (development only)")
+}).openapi("ErrorResponse");
+/**
+* Validation error response schema
+* Used for 400 Bad Request with validation failures
+* Matches ApplicationError.toErrorResponse() structure with validation-specific metadata
+*/
+const validationErrorResponseSchema = z.object({
+	code: z.number().int().describe("Application error code"),
+	message: z.string().describe("Human-readable error message"),
+	timestamp: z.string().datetime().describe("ISO timestamp when error occurred"),
+	metadata: z.object({ issues: z.array(z.object({
+		path: z.string().describe("Field path that failed validation"),
+		message: z.string().describe("Validation failure message"),
+		code: z.string().describe("Zod validation error code")
+	})) }).describe("Validation error details"),
+	stack: z.string().optional().describe("Stack trace (development only)")
+}).openapi("ValidationErrorResponse");
+/**
+* Pagination query parameters schema
+* Used for list endpoints
+*/
+const paginationQuerySchema = z.object({
+	page: z.coerce.number().int().positive().default(1).describe("Page number (1-indexed)"),
+	limit: z.coerce.number().int().positive().max(100).default(20).describe("Items per page (max 100)")
+}).openapi("PaginationQuery");
+/**
+* Paginated response wrapper schema
+* Generic wrapper for paginated list responses
+*/
+const paginatedResponseSchema = (itemSchema) => z.object({
+	data: z.array(itemSchema).describe("Array of items for current page"),
+	pagination: z.object({
+		page: z.number().int().positive().describe("Current page number"),
+		limit: z.number().int().positive().describe("Items per page"),
+		total: z.number().int().nonnegative().describe("Total number of items"),
+		totalPages: z.number().int().nonnegative().describe("Total number of pages")
+	})
+});
+/**
+* UUID parameter schema
+* Used for :id parameters in RESTful routes
+*/
+const uuidParamSchema = z.object({ id: z.string().uuid().describe("Resource UUID") }).openapi("UUIDParam");
+/**
+* Success message response schema
+* Used for operations that don't return data (e.g., DELETE)
+*/
+const successMessageSchema = z.object({
+	message: z.string().describe("Success message"),
+	data: z.record(z.string(), z.unknown()).optional().describe("Optional additional data")
+}).openapi("SuccessMessage");
+/**
+* Common HTTP status error schemas
+* Pre-configured for standard error responses
+*/
+const commonErrorSchemas = {
+	400: {
+		schema: validationErrorResponseSchema,
+		description: "Validation error"
+	},
+	401: {
+		schema: errorResponseSchema,
+		description: "Unauthorized"
+	},
+	403: {
+		schema: errorResponseSchema,
+		description: "Forbidden"
+	},
+	404: {
+		schema: errorResponseSchema,
+		description: "Not found"
+	},
+	409: {
+		schema: errorResponseSchema,
+		description: "Conflict"
+	},
+	500: {
+		schema: errorResponseSchema,
+		description: "Internal server error"
+	}
+};
+//#endregion
+//#region src/router/utils/path.ts
+/**
+* Path normalization and route ordering utilities.
+*
+* Users always write Hono-style `:param` paths (`:companyId`, `:id`).
+* OpenAPI requires `{param}` style — conversion happens only at registration time.
+*/
+/**
+* Convert Hono-style `:param` path segments to OpenAPI-style `{param}`.
+* Strips regex constraints (e.g., `:locale{sw}` → `{locale}`).
+*
+* @example
+* toOpenAPIPath('/users/:id')                    // '/users/{id}'
+* toOpenAPIPath('/:companyId/users/:userId')     // '/{companyId}/users/{userId}'
+* toOpenAPIPath('/users/:id/posts')              // '/users/{id}/posts'
+* toOpenAPIPath('/:locale{en|fr}/users')         // '/{locale}/users'
+*/
+function toOpenAPIPath(path) {
+	return path.replace(/:([a-zA-Z_][a-zA-Z0-9_]*)(\{[^}]*\})?/g, "{$1}");
+}
+/**
+* Convert Hono-style `:param` path segments to OpenAPI-style `{param}`,
+* preserving regex constraints.
+*
+* Used for Hono route registration via `app.openapi()`. The non-greedy
+* regex in `@hono/zod-openapi` (`\/{(.+?)}/g`) converts `{param}` back
+* to `:param` while leaving the constraint suffix intact.
+*
+* @example
+* toRoutingOpenAPIPath('/:locale{sw}/users/:id')  // '/{locale}{sw}/users/{id}'
+* toRoutingOpenAPIPath('/users/:id')               // '/users/{id}'
+*/
+function toRoutingOpenAPIPath(path) {
+	return path.replace(/:([a-zA-Z_][a-zA-Z0-9_]*)(\{[^}]*\})?/g, (_, name, constraint) => constraint ? `{${name}}${constraint}` : `{${name}}`);
+}
+/**
+* Compute a packed specificity key for route ordering.
+* Encodes both score and segment count into a single number to avoid object allocation.
+*
+* Lower score = higher priority (registered first in Hono).
+* Scoring: static = 0, `:param{constraint}` = 5, `:param` = 10, wildcard `{.+}` / `{.*}` = 100.
+*
+* Packed as: score * 10000 - segmentCount (negative segment count so more segments = lower key = higher priority)
+*/
+function getPathSpecificityKey(path) {
+	let score = 0;
+	let segmentCount = 0;
+	let i = 0;
+	while (i < path.length) {
+		if (path.charCodeAt(i) === 47) {
+			i++;
+			continue;
+		}
+		let end = path.indexOf("/", i);
+		if (end === -1) end = path.length;
+		segmentCount++;
+		const segment = path.substring(i, end);
+		if (segment.includes("{.+}") || segment.includes("{.*}")) score += 100;
+		else if (segment.charCodeAt(0) === 58) score += segment.includes("{") ? 5 : 10;
+		i = end;
+	}
+	return score * 1e4 - segmentCount;
+}
+/**
+* Compute a specificity score for route ordering.
+* Lower score = higher priority (registered first in Hono).
+*
+* Scoring: static = 0, `:param{constraint}` = 5, `:param` = 10, wildcard `{.+}` / `{.*}` = 100.
+*/
+function getPathSpecificityScore(path) {
+	const segments = path.split("/").filter(Boolean);
+	let score = 0;
+	for (const segment of segments) if (segment.includes("{.+}") || segment.includes("{.*}")) score += 100;
+	else if (segment.startsWith(":") && segment.includes("{")) score += 5;
+	else if (segment.startsWith(":")) score += 10;
+	return score;
+}
+/**
+* Sort routes by specificity so Hono registers them in the correct order.
+*
+* 1. Static paths before parameterized before wildcards
+* 2. More segments = more specific (tie-breaker)
+* 3. Primary paths before locale-prefixed variants
+*/
+function sortRoutesBySpecificity(routes) {
+	const keys = /* @__PURE__ */ new Map();
+	for (const route of routes) keys.set(route, getPathSpecificityKey(route.path));
+	const copy = routes.slice();
+	copy.sort((a, b) => keys.get(a) - keys.get(b));
+	return copy;
+}
+//#endregion
+//#region src/router/utils/route-name.ts
+/**
+* Route naming utilities.
+*
+* Extracts parameter names from paths and domains,
+* and generates convention-based route names.
+*/
+/**
+* Extract parameter names from a Hono-style path.
+*
+* @example
+* extractParamNames('/users/:id')                     // ['id']
+* extractParamNames('/:companyId/users/:userId')      // ['companyId', 'userId']
+* extractParamNames('/users')                         // []
+*/
+function extractParamNames(path) {
+	if (!path.includes(":")) return [];
+	return [...path.matchAll(/:([a-zA-Z_][a-zA-Z0-9_]*)/g)].map((m) => m[1]);
+}
+/**
+* Extract parameter names from a domain pattern.
+*
+* @example
+* extractDomainParamNames('{tenant}.example.com')           // ['tenant']
+* extractDomainParamNames('{region}.{tenant}.example.com')  // ['region', 'tenant']
+* extractDomainParamNames('example.com')                    // []
+*/
+function extractDomainParamNames(domain) {
+	if (!domain.includes("{")) return [];
+	return [...domain.matchAll(/\{([a-zA-Z_][a-zA-Z0-9_]*)\}/g)].map((m) => m[1]);
+}
+/**
+* Auto-generate a route name for convention-based `@Route` methods.
+*
+* Strips common prefixes (`/api/`, `/v{N}/`) and parameter segments,
+* then joins remaining static segments with dots and appends the method name.
+*
+* @example
+* generateConventionRouteName('/users', 'index')                         // 'users.index'
+* generateConventionRouteName('/users', 'show')                          // 'users.show'
+* generateConventionRouteName('/api/v1/users', 'create')                 // 'users.create'
+* generateConventionRouteName('/api/v1/users/:userId/notes', 'index')    // 'users.notes.index'
+* generateConventionRouteName('/:companyId/users', 'index')              // 'users.index'
+* generateConventionRouteName('/users/:userId/notes/:noteId/tags', 'index') // 'users.notes.tags.index'
+*/
+function generateConventionRouteName(basePath, methodName) {
+	const parts = basePath.split("/");
+	const segments = [];
+	for (const s of parts) if (s && s !== "api" && !s.startsWith(":") && !/^v\d+$/.test(s)) segments.push(s);
+	if (segments.length === 0) return methodName;
+	return `${segments.join(".")}.${methodName}`;
+}
+//#endregion
+//#region src/router/services/route-registration.service.ts
+const invokeHandler = (instance, method, ...args) => {
+	try {
+		return Promise.resolve(instance[method](...args));
+	} catch (err) {
+		return Promise.reject(err);
+	}
+};
+let RouteRegistrationService = class RouteRegistrationService {
+	controllerClasses = /* @__PURE__ */ new Map();
+	upgradeWebSocketFn = null;
+	constructor(logger, registry, routerResolver, localePathService, app, moduleRegistry) {
+		this.logger = logger;
+		this.registry = registry;
+		this.routerResolver = routerResolver;
+		this.localePathService = localePathService;
+		this.app = app;
+		this.moduleRegistry = moduleRegistry;
+	}
+	/**
+	* Configure router with controllers and global middleware.
+	* Resolves controllers from ModuleRegistry and global middleware from RouterResolver.
+	*/
+	async configure() {
+		const controllers = this.moduleRegistry.getAllControllers();
+		const globalMiddleware = this.routerResolver?.getGlobalMiddleware() ?? [];
+		this.logger.info("Registering controllers", { controllerCount: controllers.length });
+		if (globalMiddleware.length > 0) this.app.use("*", createMiddlewareChain(globalMiddleware));
+		if (controllers.some(isGateway)) {
+			const { upgradeWebSocket } = await import("hono/cloudflare-workers");
+			this.upgradeWebSocketFn = upgradeWebSocket;
+		}
+		const actions = /* @__PURE__ */ new WeakMap();
+		for (const ControllerClass of controllers) this.collectRoutes(ControllerClass, actions);
+		for (const route of this.registry.all()) actions.get(route)?.();
+		this.logger.info("Controller registration complete");
+	}
+	/**
+	* Pass 1: Collect routes from a controller into RouteRegistry and store Hono actions.
+	* Versioning and locale expansion are handled by RouteRegistry.register().
+	*/
+	collectRoutes(ControllerClass, actions) {
+		const isWsGateway = isGateway(ControllerClass);
+		const controllerRoute = getControllerRoute(ControllerClass);
+		if (!controllerRoute) throw new ControllerRegistrationError(ControllerClass.name, isWsGateway ? "Missing @Gateway decorator or route metadata" : "Missing @Controller decorator or route metadata");
+		const controllerOpts = getControllerOptions(ControllerClass);
+		const controllerGuards = getControllerGuards(ControllerClass)?.guards ?? [];
+		const routerConfig = this.routerResolver?.resolveForController(ControllerClass) ?? { middleware: [] };
+		const basePath = routerConfig.prefix ? this.joinPaths(routerConfig.prefix, controllerRoute) : controllerRoute;
+		const effectiveVersion = controllerOpts?.version ?? routerConfig.version;
+		const effectiveDomain = controllerOpts?.domain ?? routerConfig.domain;
+		if (isWsGateway) {
+			const expandedRoutes = this.registry.register({
+				method: "ws",
+				basePath,
+				version: effectiveVersion,
+				domain: effectiveDomain,
+				controller: ControllerClass.name,
+				action: "ws",
+				hidden: routerConfig.hideFromDocs ?? false,
+				middleware: routerConfig.middleware.map((m) => m.name)
+			});
+			for (const route of expandedRoutes) actions.set(route, () => {
+				if (routerConfig.middleware.length > 0) this.app.use(`${route.path}/*`, createMiddlewareChain(routerConfig.middleware));
+				if (effectiveDomain) {
+					const domainHandler = createDomainMiddleware(effectiveDomain);
+					this.app.use(route.path, domainHandler);
+					this.app.use(`${route.path}/*`, domainHandler);
+				}
+				this.registerGatewayForPath(ControllerClass, route.path, controllerGuards);
+			});
+			return;
+		}
+		const className = ControllerClass.name;
+		this.controllerClasses.set(className, ControllerClass);
+		const prototype = ControllerClass.prototype;
+		if (prototype.handle) {
+			const expandedRoutes = this.registry.register({
+				method: "all",
+				basePath,
+				version: effectiveVersion,
+				domain: effectiveDomain,
+				controller: className,
+				action: "handle",
+				hidden: routerConfig.hideFromDocs ?? false,
+				middleware: routerConfig.middleware.map((m) => m.name)
+			});
+			for (const route of expandedRoutes) actions.set(route, () => {
+				if (routerConfig.middleware.length > 0) this.app.use(`${route.path}/*`, createMiddlewareChain(routerConfig.middleware));
+				this.registerWildcardRoute(ControllerClass, route.path);
+			});
+			return;
+		}
+		const decoratedMethods = getRouteDecoratedMethods(ControllerClass);
+		if (decoratedMethods.length === 0) throw new ControllerRegistrationError(ControllerClass.name, "No route decorators found. Use @Route() or HTTP method decorators (@Get, @Post, etc.) on controller methods.");
+		const methodMetadata = [];
+		let hasConvention = false;
+		let hasExplicit = false;
+		for (const m of decoratedMethods) {
+			const meta = getRouteMetadata(prototype, m);
+			if (!meta) continue;
+			methodMetadata.push({
+				method: m,
+				meta
+			});
+			if (meta.type === "convention") hasConvention = true;
+			else if (meta.type === "explicit") hasExplicit = true;
+		}
+		if (hasConvention && hasExplicit) throw new ControllerRegistrationError(ControllerClass.name, "Cannot mix @Route() with HTTP method decorators (@Get, @Post, etc.) in the same controller. Use one pattern or the other.");
+		let scopedMiddlewareApplied = false;
+		const routerHidden = routerConfig.hideFromDocs;
+		const controllerHidden = controllerOpts?.hideFromDocs ?? false;
+		const effectiveNamePrefix = controllerOpts?.name ?? routerConfig.name;
+		const middlewareNames = routerConfig.middleware.map((m) => m.name);
+		for (const { method: methodName, meta } of methodMetadata) {
+			const resolved = this.resolveMethodAndPath(meta, methodName, basePath, className);
+			if (!resolved) continue;
+			const { httpMethod, fullPath, routeConfig, statusCodeOverride } = resolved;
+			if (routerConfig.params) routeConfig.params = routeConfig.params ? routerConfig.params.extend(routeConfig.params.shape) : routerConfig.params;
+			const hideFromDocs = routeConfig.hideFromDocs ?? routerHidden ?? controllerHidden;
+			let routeName;
+			if (routeConfig.name) routeName = effectiveNamePrefix ? `${effectiveNamePrefix}${routeConfig.name}` : routeConfig.name;
+			else if (meta.type === "convention") {
+				const autoName = generateConventionRouteName(basePath, methodName);
+				routeName = effectiveNamePrefix ? `${effectiveNamePrefix}${autoName}` : autoName;
+			}
+			const expandedRoutes = this.registry.register({
+				name: routeName,
+				method: httpMethod,
+				basePath: fullPath,
+				version: effectiveVersion,
+				domain: effectiveDomain,
+				controller: className,
+				action: methodName,
+				hidden: hideFromDocs,
+				middleware: middlewareNames
+			});
+			const methodGuards = getMethodGuards(prototype, methodName)?.guards ?? [];
+			const allGuards = methodGuards.length > 0 ? [...controllerGuards, ...methodGuards] : controllerGuards;
+			const responseSchema = httpMethod !== "all" ? this.extractResponseSchema(routeConfig) : null;
+			const handler = this.createControllerHandler(ControllerClass, methodName, responseSchema);
+			for (const route of expandedRoutes) actions.set(route, () => {
+				if (!scopedMiddlewareApplied && routerConfig.middleware.length > 0) {
+					const primaryRoute = expandedRoutes.find((r) => !r.isLocaleVariant) ?? expandedRoutes[0];
+					this.app.use(`${primaryRoute.path}/*`, createMiddlewareChain(routerConfig.middleware));
+					scopedMiddlewareApplied = true;
+				}
+				if (effectiveDomain) {
+					const domainHandler = createDomainMiddleware(effectiveDomain);
+					this.app.use(route.path, domainHandler);
+					this.app.use(`${route.path}/*`, domainHandler);
+				}
+				if (allGuards.length > 0) this.logger.info(`Route guards`, {
+					controller: className,
+					method: httpMethod.toUpperCase(),
+					path: route.path,
+					methodName,
+					guardCount: allGuards.length
+				});
+				if (httpMethod === "all") {
+					this.logger.info(`Registering @All route`, {
+						controller: className,
+						path: route.path,
+						methodName
+					});
+					if (allGuards.length > 0) this.app.all(route.path, this.createGuardMiddleware(allGuards), handler);
+					else this.app.all(route.path, handler);
+					return;
+				}
+				const metadata = this.mergeMetadata(controllerOpts, routeConfig, ControllerClass, methodName);
+				const openApiRoute = this.buildOpenAPIRoute(httpMethod, route.path, routeConfig, metadata, allGuards, meta.type === "convention" ? methodName : void 0, statusCodeOverride, route.isLocaleVariant ?? false);
+				this.logger.info(`Registering route`, {
+					controller: className,
+					method: httpMethod.toUpperCase(),
+					path: route.path,
+					methodName,
+					tags: metadata.tags,
+					hidden: route.hidden
+				});
+				this.app.openapi(openApiRoute, handler);
+				if (!route.hidden) {
+					const { hide: _, ...specRoute } = openApiRoute;
+					this.app.openAPIRegistry.registerPath({
+						...specRoute,
+						path: toOpenAPIPath(route.path)
+					});
+				}
+			});
+		}
+	}
+	/**
+	* Register a single WebSocket gateway route
+	*/
+	registerGatewayForPath(GatewayClass, fullPath, guards) {
+		const onMsgMethod = getWsOnMessageMethod(GatewayClass);
+		const onCloseMethod = getWsOnCloseMethod(GatewayClass);
+		const onErrMethod = getWsOnErrorMethod(GatewayClass);
+		const wsHandler = this.upgradeWebSocketFn((c) => {
+			const gateway = new RouterContext(c).getContainer().resolve(GatewayClass);
+			const events = {};
+			const bindWsHandler = (method, onCatch) => {
+				return (evt, ws) => {
+					invokeHandler(gateway, method, evt, new GatewayContext(c, ws)).catch((err) => {
+						this.logger.error(`WebSocket ${method} handler error`, {
+							gateway: GatewayClass.name,
+							error: err instanceof Error ? err.message : String(err)
+						});
+						onCatch?.(err, ws);
+					});
+				};
+			};
+			if (onMsgMethod) events.onMessage = bindWsHandler(onMsgMethod, (_err, ws) => ws.close(1011, "Internal Error"));
+			if (onCloseMethod) events.onClose = bindWsHandler(onCloseMethod);
+			if (onErrMethod) events.onError = bindWsHandler(onErrMethod);
+			return events;
+		});
+		this.nameHandler(wsHandler, GatewayClass.name, onMsgMethod ?? "[anonymous]", "ws");
+		this.logger.info("Registering WebSocket gateway", {
+			gateway: GatewayClass.name,
+			path: fullPath
+		});
+		const handlers = [];
+		if (guards.length > 0) {
+			this.logger.info("Gateway guards", {
+				gateway: GatewayClass.name,
+				path: fullPath,
+				guardCount: guards.length
+			});
+			handlers.push(this.createGuardMiddleware(guards));
+		}
+		handlers.push(wsHandler);
+		this.app.get(fullPath, ...handlers);
+	}
+	/**
+	* Create a guard execution middleware
+	*
+	* This middleware executes all guards for a route before the handler.
+	* Guards are executed in order; all must pass for the request to proceed.
+	*
+	* @param guards - Array of guards to execute
+	* @returns Hono middleware function
+	*/
+	createGuardMiddleware(guards) {
+		const guardService = new GuardExecutionService(this.logger);
+		return async (c, next) => {
+			const ctx = new RouterContext(c);
+			const container = ctx.getContainer();
+			await guardService.executeGuards(guards, ctx, container);
+			await next();
+		};
+	}
+	/**
+	* Register wildcard route for non-RESTful controllers
+	*/
+	registerWildcardRoute(ControllerClass, route) {
+		this.logger.info(`Registering wildcard route`, {
+			controller: ControllerClass.name,
+			route: `${route}/:path{.+}`,
+			method: "ALL"
+		});
+		const handler = this.createControllerHandler(ControllerClass, "handle");
+		this.app.all(route, handler);
+		this.app.all(`${route}/:path{.+}`, handler);
+	}
+	/**
+	* Resolve HTTP method, path, route config, and status code from route metadata.
+	*/
+	resolveMethodAndPath(meta, methodName, basePath, className) {
+		if (meta.type === "convention") {
+			const derived = this.deriveHttpMethodAndPath(methodName, basePath);
+			if (!derived) throw new ControllerRegistrationError(`Cannot derive HTTP method/path for convention-based route "${className}.${methodName}". Ensure the method name follows the naming convention (e.g., index, create, show).`);
+			return {
+				httpMethod: derived.method,
+				fullPath: derived.path,
+				routeConfig: meta.config,
+				statusCodeOverride: meta.config.statusCode
+			};
+		}
+		return {
+			httpMethod: meta.method,
+			fullPath: this.joinPaths(basePath, meta.path),
+			routeConfig: meta.config,
+			statusCodeOverride: meta.config.statusCode
+		};
+	}
+	/**
+	* Join a base path and a route path, normalizing slashes
+	*/
+	joinPaths(basePath, routePath) {
+		if (routePath === "/") return basePath;
+		if (basePath !== "/" && basePath.endsWith("/")) basePath = basePath.slice(0, -1);
+		if (routePath && !routePath.startsWith("/")) routePath = "/" + routePath;
+		return basePath + routePath;
+	}
+	/**
+	* Auto-derive HTTP method and path from controller method name
+	* Uses HTTP_METHODS constant for RESTful convention mapping
+	*/
+	deriveHttpMethodAndPath(methodName, basePath) {
+		if (!(methodName in HTTP_METHODS)) return null;
+		const mapping = HTTP_METHODS[methodName];
+		return {
+			method: mapping.method,
+			path: basePath + mapping.path
+		};
+	}
+	/**
+	* Merge controller-level and route-level metadata
+	* Tags are merged (appended), security is merged (union)
+	* Guards automatically add sessionCookie security if present
+	*/
+	mergeMetadata(controllerOpts, routeConfig, ControllerClass, methodName) {
+		const tags = [...controllerOpts?.tags ?? [], ...routeConfig.tags ?? []];
+		const prototype = ControllerClass.prototype;
+		const hasMethodGuards = (getMethodGuards(prototype, methodName)?.guards.length ?? 0) > 0;
+		const hasControllerGuards = (getControllerGuards(ControllerClass)?.guards.length ?? 0) > 0;
+		const requiresAuth = hasMethodGuards || hasControllerGuards;
+		let security = [];
+		if (routeConfig.security !== void 0) security = [...controllerOpts?.security ?? [], ...routeConfig.security];
+		else if (controllerOpts?.security) security = controllerOpts.security;
+		if (requiresAuth && !security.includes(SECURITY_SCHEMES.SESSION_COOKIE)) security.push(SECURITY_SCHEMES.SESSION_COOKIE);
+		return {
+			tags,
+			security: security.length > 0 ? security.map((scheme) => ({ [scheme]: [] })) : []
+		};
+	}
+	/**
+	* Build OpenAPI route configuration from metadata
+	* Creates a route definition compatible with @hono/zod-openapi
+	* Includes guard execution for proper access control
+	*
+	* Execution order: Global middlewares → Guards → Handler
+	*/
+	buildOpenAPIRoute(method, path, routeConfig, metadata, guards, methodName, statusCodeOverride, hasLocaleParam = false) {
+		try {
+			const route = {
+				method,
+				path: toRoutingOpenAPIPath(path),
+				request: {},
+				responses: {},
+				hide: true
+			};
+			if (guards.length > 0) route.middleware = [this.createGuardMiddleware(guards)];
+			if (routeConfig.body) {
+				const bodySchema = this.isRouteBodyObject(routeConfig.body) ? routeConfig.body.schema : routeConfig.body;
+				const bodyContentType = this.isRouteBodyObject(routeConfig.body) ? routeConfig.body.contentType ?? "application/json" : DEFAULT_CONTENT_TYPE;
+				route.request = {
+					...route.request,
+					body: { content: { [bodyContentType]: { schema: bodySchema } } }
+				};
+			}
+			if (routeConfig.query) route.request = {
+				...route.request,
+				query: routeConfig.query
+			};
+			if (routeConfig.params) route.request = {
+				...route.request,
+				params: routeConfig.params
+			};
+			const localeConfig = this.localePathService.localePathConfig;
+			if (hasLocaleParam && localeConfig) {
+				const localeParam = z.object({ locale: z.enum(localeConfig.prefixedLocales).openapi({ param: {
+					name: "locale",
+					in: "path"
+				} }).optional() });
+				route.request = {
+					...route.request,
+					params: route.request.params ? route.request.params.extend(localeParam.shape) : localeParam
+				};
+			}
+			const successStatus = statusCodeOverride ?? (methodName && METHOD_STATUS_CODES[methodName]) ?? 200;
+			const responses = {};
+			const responseDef = routeConfig.response;
+			if (responseDef) if (typeof responseDef === "object" && "schema" in responseDef) responses[successStatus] = {
+				content: { [responseDef.contentType ?? "application/json"]: { schema: responseDef.schema } },
+				description: responseDef.description ?? `Response ${successStatus}`
+			};
+			else responses[successStatus] = {
+				content: { [DEFAULT_CONTENT_TYPE]: { schema: responseDef } },
+				description: `Response ${successStatus}`
+			};
+			for (const [statusStr, schema] of Object.entries(commonErrorSchemas)) {
+				const status = parseInt(statusStr);
+				responses[status] ??= schema;
+			}
+			route.responses = responses;
+			if (metadata.tags.length > 0) route.tags = metadata.tags;
+			if (metadata.security.length > 0) route.security = metadata.security;
+			if (routeConfig.description) route.description = routeConfig.description;
+			if (routeConfig.summary) route.summary = routeConfig.summary;
+			return (0, validation_exports.createRoute)(route);
+		} catch (error) {
+			throw new OpenAPIRouteRegistrationError(path, error instanceof Error ? error.message : String(error));
+		}
+	}
+	/**
+	* Check if a body definition is a RouteBodyObject (has schema key) vs bare ZodType
+	*/
+	isRouteBodyObject(body) {
+		return typeof body === "object" && "schema" in body;
+	}
+	/**
+	* Resolve method parameter injections from the container
+	*
+	* @param prototype - Controller prototype
+	* @param methodName - Method name to get injections for
+	* @param container - Request-scoped container
+	* @returns Array of resolved dependencies in parameter order
+	*/
+	resolveMethodInjections(prototype, methodName, container) {
+		const injections = getMethodInjections(prototype, methodName);
+		if (!injections.length) return [];
+		return injections.map((inj) => container.resolve(inj.token));
+	}
+	/**
+	* Name a handler function so Hono's inspectRoutes() can identify it.
+	* Format: `{type}:{Controller}.{method}` (e.g. `http:UsersController.create`)
+	*/
+	nameHandler(fn, controller, method, type = "http") {
+		Object.defineProperty(fn, "name", { value: `${type}:${controller}.${method}` });
+	}
+	/**
+	* Create controller handler that resolves controller from request-scoped container
+	* This ensures each request gets a fresh controller with request-scoped context
+	*/
+	createControllerHandler(ControllerClass, methodName, responseSchema = null) {
+		const handler = async (c) => {
+			const ctx = new RouterContext(c);
+			const requestContainer = ctx.getContainer();
+			const controller = requestContainer.resolve(ControllerClass);
+			const method = controller[methodName];
+			if (typeof method === "function") {
+				const injectedArgs = this.resolveMethodInjections(ControllerClass.prototype, methodName, requestContainer);
+				const response = await method.apply(controller, [ctx, ...injectedArgs]);
+				if (responseSchema && c.env.ENVIRONMENT !== "production") return this.validateResponse(response, responseSchema);
+				return response;
+			}
+			throw new ControllerMethodNotFoundError(methodName, ControllerClass.name);
+		};
+		this.nameHandler(handler, ControllerClass.name, methodName);
+		return handler;
+	}
+	/**
+	* Extract the Zod schema from a RouteResponse definition.
+	* Returns null for non-JSON content types or when no response is defined.
+	*/
+	extractResponseSchema(routeConfig) {
+		const responseDef = routeConfig.response;
+		if (!responseDef) return null;
+		if (this.isRouteResponseObject(responseDef)) {
+			if (!(responseDef.contentType ?? "application/json").includes("application/json")) return null;
+			return responseDef.schema;
+		}
+		return responseDef;
+	}
+	/**
+	* Check if a response definition is a RouteResponseObject (has schema key) vs bare ZodType
+	*/
+	isRouteResponseObject(response) {
+		return typeof response === "object" && "schema" in response;
+	}
+	/**
+	* Validate a Response body against its declared Zod schema.
+	*
+	* Skips validation for:
+	* - Non-JSON content types
+	* - Empty bodies (204 No Content, 304 Not Modified)
+	*
+	* Clones the response to read the body without consuming the original stream.
+	*/
+	async validateResponse(response, schema) {
+		const contentType = response.headers.get("content-type");
+		if (!contentType || !contentType.includes("application/json")) return response;
+		if (response.status === 204 || response.status === 304) return response;
+		const cloned = response.clone();
+		let body;
+		try {
+			body = await cloned.json();
+		} catch {
+			return response;
+		}
+		const result = schema.safeParse(body);
+		if (!result.success) throw new ResponseValidationError(result.error);
+		return response;
+	}
+};
+RouteRegistrationService = __decorate([
+	Transient(),
+	__decorateParam(0, inject(LOGGER_TOKENS.LoggerService)),
+	__decorateParam(1, inject(ROUTER_TOKENS.RouteRegistry)),
+	__decorateParam(2, inject(ROUTER_TOKENS.RouterResolver)),
+	__decorateParam(3, inject(ROUTER_TOKENS.LocalePathService)),
+	__decorateParam(4, inject(ROUTER_TOKENS.HonoApp)),
+	__decorateParam(5, inject(DI_TOKENS.ModuleRegistry)),
+	__decorateMetadata("design:paramtypes", [
+		Object,
+		Object,
+		Object,
+		Object,
+		Object,
+		Object
+	])
+], RouteRegistrationService);
+//#endregion
+//#region src/router/hono-app.ts
+const isMiddlewareClass = (arg) => typeof arg === "function" && arg.prototype && "handle" in arg.prototype;
+let HonoApp = class HonoApp extends OpenAPIHono {
+	configured = false;
+	_container;
+	_logger;
+	/**
+	* Reference to the original Hono `use` implementation.
+	* Captured in constructor after super() sets it as an instance property.
+	* Used by private methods to register middleware without going through the override.
+	*/
+	nativeUse;
+	constructor(container, logger) {
+		super({ defaultHook: (result, c) => {
+			if (!result.success) throw new SchemaValidationError(result.error);
+			const override = c.get("validationSuccessResponse");
+			if (override) return override;
+		} });
+		this._container = container;
+		this._logger = logger;
+		this.nativeUse = this.use;
+		this.use = ((...args) => {
+			if (isMiddlewareClass(args[0])) {
+				this.nativeUse("*", createMiddlewareChain(args));
+				return this;
+			}
+			if (typeof args[0] === "string" && args.length > 1 && isMiddlewareClass(args[1])) {
+				this.nativeUse(args[0], createMiddlewareChain(args.slice(1)));
+				return this;
+			}
+			return this.nativeUse(...args);
+		});
+		this.setupRequestScope();
+		this.applyGlobalMiddleware();
+	}
+	/**
+	* Apply global middleware (logger + error handler).
+	* Called by Application after locale middleware is applied by LocalePathService.
+	*/
+	applyGlobalMiddleware() {
+		this.nativeUse("*", createLoggerMiddleware(this._logger));
+		this.onError((err, c) => this.handleException(c, err));
+	}
+	/**
+	* Configure OpenAPI endpoints, controller routes, and 404 handler.
+	* Called once by Application.initialize().
+	*/
+	async configure() {
+		if (this.configured) throw new HonoAppAlreadyConfiguredError();
+		this._container.resolve(OPENAPI_TOKENS.OpenAPIService).setupEndpoints(this, this._container);
+		await this._container.resolve(RouteRegistrationService).configure();
+		this.notFound((c) => {
+			throw new RouteNotFoundError(c.req.path, c.req.method);
+		});
+		this.configured = true;
+	}
+	setupRequestScope() {
+		this.nativeUse("*", async (c, next) => {
+			const routerContext = new RouterContext(c);
+			const requestContainer = this._container.createRequestScope(routerContext);
+			c.set(ROUTER_CONTEXT_KEYS.REQUEST_CONTAINER, requestContainer);
+			await runWithContainer(requestContainer, next);
+		});
+	}
+	handleException(c, err) {
+		const handler = (c.get(ROUTER_CONTEXT_KEYS.REQUEST_CONTAINER) ?? this._container).resolve(DI_TOKENS.ExceptionHandler);
+		const ctx = createHttpExceptionContext(c);
+		return handler.handle(err, ctx);
+	}
+};
+HonoApp = __decorate([
+	Transient(),
+	__decorateParam(0, inject(CONTAINER_TOKEN)),
+	__decorateParam(1, inject(LOGGER_TOKENS.LoggerService)),
+	__decorateMetadata("design:paramtypes", [Object, Object])
+], HonoApp);
+//#endregion
+//#region src/router/services/locale-path.service.ts
+let LocalePathService = class LocalePathService {
+	_config;
+	_pathDetectionEnabled;
+	_prefixDefaultLocale;
+	constructor(container, honoApp) {
+		this.honoApp = honoApp;
+		const i18nOptions = container.isRegistered(I18N_TOKENS.Options) ? container.resolve(I18N_TOKENS.Options) : void 0;
+		const detection = i18nOptions?.detection;
+		const detectionEnabled = detection ? detection.enabled !== false : true;
+		const strategy = (detection && "strategy" in detection && detection.strategy) ?? "cookie";
+		this._pathDetectionEnabled = detectionEnabled && strategy === "path";
+		this._prefixDefaultLocale = detection && "prefixDefaultLocale" in detection && detection.prefixDefaultLocale !== void 0 ? detection.prefixDefaultLocale : false;
+		if (this._pathDetectionEnabled) {
+			const allLocales = i18nOptions?.locales ?? ["en"];
+			const defaultLocale = i18nOptions?.defaultLocale ?? "en";
+			this._config = this._prefixDefaultLocale === true ? {
+				allLocales,
+				prefixedLocales: allLocales,
+				defaultLocale: null
+			} : {
+				allLocales,
+				prefixedLocales: allLocales.filter((l) => l !== defaultLocale),
+				defaultLocale
+			};
+		} else this._config = null;
+		if (detectionEnabled) this.setupLanguageDetection(i18nOptions);
+		if (this._config?.defaultLocale && this._prefixDefaultLocale === "redirect") this.setupDefaultLocaleRedirect(this._config.defaultLocale);
+	}
+	/** Whether path-based locale detection is enabled */
+	get enabled() {
+		return this._pathDetectionEnabled;
+	}
+	/** The computed locale path config, or null if path detection is disabled */
+	get localePathConfig() {
+		return this._config;
+	}
+	/** The prefixDefaultLocale setting (false, true, or 'redirect') */
+	get prefixDefaultLocale() {
+		return this._prefixDefaultLocale;
+	}
+	/**
+	* Expand a path into primary + locale-prefixed variants.
+	*
+	* @param path - The base path to expand
+	* @returns Array of resolved paths with locale metadata
+	*/
+	resolve(path) {
+		if (!this._config) return [{
+			path,
+			isLocaleVariant: false
+		}];
+		const constraint = this.buildLocaleConstraint();
+		const suffix = path === "/" ? "" : path;
+		if (this._config.defaultLocale === null) return [{
+			path: `/:locale${constraint}${suffix}`,
+			isLocaleVariant: true
+		}];
+		const result = [{
+			path,
+			isLocaleVariant: false
+		}];
+		if (this._config.prefixedLocales.length > 0) result.push({
+			path: `/:locale${constraint}${suffix}`,
+			isLocaleVariant: true
+		});
+		return result;
+	}
+	/**
+	* Build a Hono regex constraint from prefixed locales.
+	* e.g., `{en|de|fr}` — restricts `:locale` to only match known values.
+	*/
+	buildLocaleConstraint() {
+		return `{${(this._config.defaultLocale === null ? this._config.allLocales : this._config.prefixedLocales).join("|")}}`;
+	}
+	/**
+	* Apply Hono's languageDetector middleware and bridge the detected language
+	* to Stratal's LOCALE context variable.
+	*/
+	setupLanguageDetection(i18nOptions) {
+		const detectorOptions = buildDetectorOptions(i18nOptions);
+		this.honoApp.use("*", languageDetector(detectorOptions));
+		this.honoApp.use("*", async (c, next) => {
+			const language = c.get("language");
+			if (language) c.set(ROUTER_CONTEXT_KEYS.LOCALE, language);
+			await next();
+		});
+	}
+	/**
+	* Redirect requests that include the default locale prefix to the unprefixed path.
+	* For example, `/en/users` → 301 redirect to `/users`.
+	*
+	* Only active when `prefixDefaultLocale` is `'redirect'`.
+	*/
+	setupDefaultLocaleRedirect(defaultLocale) {
+		const prefix = `/${defaultLocale}`;
+		this.honoApp.use("*", async (c, next) => {
+			const path = new URL(c.req.url).pathname;
+			if (path === prefix || path.startsWith(`${prefix}/`)) {
+				const stripped = path.slice(prefix.length) || "/";
+				return c.redirect(stripped, 301);
+			}
+			await next();
+		});
+	}
+};
+LocalePathService = __decorate([
+	Transient(),
+	__decorateParam(0, inject(CONTAINER_TOKEN)),
+	__decorateParam(1, inject(ROUTER_TOKENS.HonoApp)),
+	__decorateMetadata("design:paramtypes", [Object, Object])
+], LocalePathService);
+//#endregion
+//#region src/router/services/versioning.service.ts
+let VersioningService = class VersioningService {
+	options;
+	constructor(app) {
+		this.options = app.config.versioning ?? null;
+	}
+	/** Whether versioning is enabled */
+	get enabled() {
+		return this.options !== null;
+	}
+	/**
+	* Resolve versioned paths for a base path.
+	*
+	* @param basePath - The base path (e.g., '/users')
+	* @param version - Explicit version from controller/router config
+	* @returns Array of versioned path strings (e.g., ['/v1/users', '/v2/users'])
+	*/
+	resolve(basePath, version) {
+		if (!this.options) return [basePath];
+		if (version === VERSION_NEUTRAL) return [basePath];
+		const prefix = this.options.prefix ?? "v";
+		if (version !== void 0) return (Array.isArray(version) ? version : [version]).map((v) => `/${prefix}${v}${basePath}`);
+		if (this.options.defaultVersion !== void 0) return (Array.isArray(this.options.defaultVersion) ? this.options.defaultVersion : [this.options.defaultVersion]).map((v) => `/${prefix}${v}${basePath}`);
+		return [basePath];
+	}
+};
+VersioningService = __decorate([
+	Transient(),
+	__decorateParam(0, inject(DI_TOKENS.Application)),
+	__decorateMetadata("design:paramtypes", [Object])
+], VersioningService);
+//#endregion
+//#region src/router/route-registry.ts
+let RouteRegistry = class RouteRegistry {
+	routes = [];
+	namedRoutes = /* @__PURE__ */ new Map();
+	_sortedCache = null;
+	constructor(versioningService, localePathService) {
+		this.versioningService = versioningService;
+		this.localePathService = localePathService;
+	}
+	/**
+	* Register a route. Expands via VersioningService + LocalePathService.
+	* Named routes must have unique names.
+	*
+	* @returns Array of expanded RegisteredRoute entries (primary + locale variants)
+	* @throws DuplicateRouteNameError if a named route with the same name already exists
+	*/
+	register(input) {
+		const domainParamNames = input.domainParamNames ?? (input.domain ? extractDomainParamNames(input.domain) : []);
+		const versionedPaths = this.versioningService.resolve(input.basePath, input.version);
+		const expandedRoutes = [];
+		const localeEnabled = this.localePathService.enabled;
+		for (const versionedPath of versionedPaths) {
+			const resolvedPaths = this.localePathService.resolve(versionedPath);
+			let localeVariantPaths;
+			if (localeEnabled) {
+				const variants = resolvedPaths.filter((p) => p.isLocaleVariant);
+				localeVariantPaths = variants.length > 0 ? variants.map((p) => p.path) : void 0;
+			}
+			for (const resolved of resolvedPaths) {
+				const route = {
+					name: resolved.isLocaleVariant ? void 0 : input.name,
+					method: input.method,
+					path: resolved.path,
+					localePaths: resolved.isLocaleVariant ? void 0 : localeVariantPaths,
+					paramNames: extractParamNames(resolved.path),
+					domain: input.domain,
+					domainParamNames,
+					controller: input.controller,
+					action: input.action,
+					hidden: input.hidden,
+					middleware: input.middleware,
+					isLocaleVariant: resolved.isLocaleVariant || void 0
+				};
+				if (route.name) {
+					if (this.namedRoutes.has(route.name)) {
+						const existing = this.namedRoutes.get(route.name);
+						throw new DuplicateRouteNameError(route.name, `${existing.controller}.${existing.action}`, `${route.controller}.${route.action}`);
+					}
+					this.namedRoutes.set(route.name, route);
+				}
+				this.routes.push(route);
+				expandedRoutes.push(route);
+			}
+		}
+		this._sortedCache = null;
+		return expandedRoutes;
+	}
+	/** Get a named route by name */
+	get(name) {
+		return this.namedRoutes.get(name);
+	}
+	/** Check if a named route exists */
+	has(name) {
+		return this.namedRoutes.has(name);
+	}
+	/** Get all routes sorted by specificity (static > param > wildcard, primary before locale) */
+	all() {
+		this._sortedCache ??= sortRoutesBySpecificity(this.routes);
+		return this._sortedCache;
+	}
+	/** Get only named routes */
+	named() {
+		return [...this.namedRoutes.values()];
+	}
+};
+RouteRegistry = __decorate([
+	Transient(),
+	__decorateParam(0, inject(ROUTER_TOKENS.VersioningService)),
+	__decorateParam(1, inject(ROUTER_TOKENS.LocalePathService)),
+	__decorateMetadata("design:paramtypes", [Object, Object])
+], RouteRegistry);
+//#endregion
+//#region src/router/signed-url.ts
+/**
+* Import a signing key for HMAC-SHA256.
+*/
+async function importKey(secret) {
+	const encoder = new TextEncoder();
+	return crypto.subtle.importKey("raw", encoder.encode(secret), {
+		name: "HMAC",
+		hash: "SHA-256"
+	}, false, ["sign", "verify"]);
+}
+/**
+* Encode an ArrayBuffer as base64url (URL-safe base64).
+*/
+function toBase64Url(buffer) {
+	const bytes = new Uint8Array(buffer);
+	let binary = "";
+	for (const byte of bytes) binary += String.fromCharCode(byte);
+	return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+/**
+* Sign a URL with HMAC-SHA256.
+*
+* Appends `signature` and optionally `expires` query parameters.
+* The signature covers the pathname + search (excluding the signature params themselves).
+*
+* @param url - Full URL or path to sign
+* @param secret - HMAC secret key (e.g., from env.APP_SECRET)
+* @param options - Optional expiration
+* @returns URL string with `signature` (and `expires`) query params appended
+*/
+async function signUrl(url, secret, options) {
+	const parsedUrl = new URL(url, "https://placeholder.local");
+	const key = await importKey(secret);
+	if (options?.expiresIn) {
+		const expires = Math.floor(Date.now() / 1e3) + options.expiresIn;
+		parsedUrl.searchParams.set("expires", String(expires));
+	}
+	const dataToSign = `${parsedUrl.pathname}?${parsedUrl.searchParams.toString()}`;
+	const encoder = new TextEncoder();
+	const signature = toBase64Url(await crypto.subtle.sign("HMAC", key, encoder.encode(dataToSign)));
+	parsedUrl.searchParams.set("signature", signature);
+	return url.startsWith("http") ? parsedUrl.toString() : `${parsedUrl.pathname}?${parsedUrl.searchParams.toString()}`;
+}
+/**
+* Verify a signed URL using `crypto.subtle.verify()` (timing-attack-safe).
+*
+* @param url - Full URL or path with signature query param
+* @param secret - HMAC secret key (same key used for signing)
+* @returns true if signature is valid and not expired
+*/
+async function verifySignedUrl(url, secret) {
+	const parsedUrl = new URL(url, "https://placeholder.local");
+	const signature = parsedUrl.searchParams.get("signature");
+	if (!signature) return false;
+	const expires = parsedUrl.searchParams.get("expires");
+	if (expires) {
+		const expiryTime = parseInt(expires, 10);
+		if (isNaN(expiryTime) || Math.floor(Date.now() / 1e3) > expiryTime) return false;
+	}
+	parsedUrl.searchParams.delete("signature");
+	const dataToVerify = `${parsedUrl.pathname}?${parsedUrl.searchParams.toString()}`;
+	const base64 = signature.replace(/-/g, "+").replace(/_/g, "/");
+	const binaryStr = atob(base64);
+	const signatureBytes = new Uint8Array(binaryStr.length);
+	for (let i = 0; i < binaryStr.length; i++) signatureBytes[i] = binaryStr.charCodeAt(i);
+	const key = await importKey(secret);
+	const encoder = new TextEncoder();
+	return crypto.subtle.verify("HMAC", key, signatureBytes, encoder.encode(dataToVerify));
+}
+//#endregion
+//#region src/router/uri.ts
+/**
+* Build a URL from a registered route, filling path/domain params and appending extras as query string.
+*
+* Pure function — no request context needed. Used by both the `Uri` class and the standalone `route()` function.
+*
+* @param route - The registered route to build a URL for
+* @param name - Route name (used in error messages)
+* @param params - Path params, domain params, and extra query params
+* @returns Relative URL string (or absolute with domain prefix if route has a domain pattern)
+*
+* @throws MissingRouteParamError if a required path or domain param is missing
+*/
+function buildRouteUrl(route, name, params) {
+	const allParams = { ...params };
+	const consumedKeys = /* @__PURE__ */ new Set();
+	let url = route.path;
+	if (allParams.locale && route.localePaths?.length) {
+		url = `/${allParams.locale}${url === "/" ? "" : url}`;
+		consumedKeys.add("locale");
+	}
+	for (const paramName of route.paramNames) {
+		const value = allParams[paramName];
+		if (value === void 0) throw new MissingRouteParamError(paramName, name, route.path);
+		url = url.replace(new RegExp(`:${paramName}(\\{[^}]*\\})?`), encodeURIComponent(value));
+		consumedKeys.add(paramName);
+	}
+	let domain;
+	if (route.domain) {
+		domain = route.domain;
+		for (const domainParam of route.domainParamNames) {
+			const value = allParams[domainParam];
+			if (value === void 0) throw new MissingRouteParamError(domainParam, name, route.domain);
+			domain = domain.replace(`{${domainParam}}`, encodeURIComponent(value));
+			consumedKeys.add(domainParam);
+		}
+	}
+	const queryEntries = Object.entries(allParams).filter(([key]) => !consumedKeys.has(key));
+	if (queryEntries.length > 0) {
+		const queryString = queryEntries.filter(([, value]) => Boolean(value)).map(([key, value]) => `${encodeURIComponent(key)}=${encodeURIComponent(value)}`).join("&");
+		url = `${url}${queryString.length ? `?${queryString}` : ""}`;
+	}
+	if (domain) url = `https://${domain}${url}`;
+	return url;
+}
+let Uri = class Uri {
+	_defaults = {};
+	constructor(registry, routerContext) {
+		this.registry = registry;
+		this.routerContext = routerContext;
+	}
+	/**
+	* Set default URL parameters for this request.
+	* Applied to all subsequent `route()` calls — explicit params override defaults.
+	*
+	* @param params - Default parameters (e.g., `{ locale: 'en' }`)
+	*/
+	defaults(params) {
+		this._defaults = {
+			...this._defaults,
+			...params
+		};
+	}
+	/**
+	* Generate a URL from a named route.
+	*
+	* Keys matching `:param` placeholders fill the path.
+	* Domain params (`{tenant}`) are consumed from the same object.
+	* Extra keys become query string parameters.
+	* Default params (from `defaults()`) are merged — explicit params override.
+	*
+	* @param name - Named route identifier
+	* @param params - Route params + domain params + extra query params
+	* @param options - URL generation options
+	* @returns Generated URL string
+	*
+	* @throws RouteNameNotFoundError if route name not found
+	* @throws MissingRouteParamError if required params missing
+	*/
+	route(name, params, options) {
+		const registeredRoute = this.registry.get(name);
+		if (!registeredRoute) throw new RouteNameNotFoundError(name);
+		let url = buildRouteUrl(registeredRoute, name, {
+			...this._defaults,
+			...params
+		});
+		if (options?.absolute && !url.startsWith("http")) url = `${new URL(this.routerContext.c.req.url).origin}${url}`;
+		return url;
+	}
+	/**
+	* Generate a signed URL from a named route.
+	*
+	* @param name - Named route identifier
+	* @param params - Route params + domain params + extra query params
+	* @param options - Signing options (e.g., expiresIn) and URL options
+	* @returns Signed URL string with signature query param
+	*
+	* @throws Error if APP_SECRET environment variable is not set
+	*/
+	async signedRoute(name, params, options) {
+		return signUrl(this.route(name, params, options), this.getAppSecret(), options);
+	}
+	/**
+	* Generate a temporary signed URL from a named route.
+	*
+	* @param name - Named route identifier
+	* @param expiresIn - Time-to-live in seconds
+	* @param params - Route params + domain params + extra query params
+	* @param options - URL generation options
+	* @returns Signed URL string with signature and expires query params
+	*
+	* @throws Error if APP_SECRET environment variable is not set
+	*/
+	async temporarySignedRoute(name, expiresIn, params, options) {
+		return this.signedRoute(name, params, {
+			...options,
+			expiresIn
+		});
+	}
+	/**
+	* Check if the current request has a valid signature.
+	*
+	* @returns true if the URL signature is valid and not expired
+	*/
+	async hasValidSignature() {
+		const secret = this.routerContext.c.env.APP_SECRET;
+		if (!secret) return false;
+		return verifySignedUrl(this.routerContext.c.req.url, secret);
+	}
+	/**
+	* Get the current request URL pathname (without query string).
+	*/
+	current() {
+		return new URL(this.routerContext.c.req.url).pathname;
+	}
+	/**
+	* Get the current request URL with query string (pathname + search).
+	*/
+	full() {
+		const parsed = new URL(this.routerContext.c.req.url);
+		return `${parsed.pathname}${parsed.search}`;
+	}
+	/**
+	* Get the previous request URL from the Referer header.
+	*
+	* @param fallback - URL to return if no Referer header (default: '/')
+	*/
+	previous(fallback = "/") {
+		return this.routerContext.c.req.header("referer") ?? fallback;
+	}
+	/**
+	* Get the previous request URL pathname (no query string or host) from the Referer header.
+	*
+	* @param fallback - Path to return if no Referer header (default: '/')
+	*/
+	previousPath(fallback = "/") {
+		const referer = this.routerContext.c.req.header("referer");
+		if (!referer) return fallback;
+		try {
+			return new URL(referer).pathname;
+		} catch {
+			return referer;
+		}
+	}
+	/**
+	* Build a URL to a raw path (not a named route) with optional query params.
+	*
+	* @param path - URL path (e.g., '/users')
+	* @param queryParams - Query parameters to append
+	* @param options - URL generation options
+	*/
+	to(path, queryParams, options) {
+		let url = path;
+		if (queryParams) {
+			const entries = Object.entries(queryParams);
+			if (entries.length > 0) {
+				const queryString = entries.map(([key, value]) => `${encodeURIComponent(key)}=${encodeURIComponent(value)}`).join("&");
+				url = url.includes("?") ? `${url}&${queryString}` : `${url}?${queryString}`;
+			}
+		}
+		if (options?.absolute && !url.startsWith("http")) url = `${new URL(this.routerContext.c.req.url).origin}${url}`;
+		return url;
+	}
+	/**
+	* Build a URL with query string parameters. Merges with existing query params in path.
+	*
+	* @param path - URL path, may already contain query params
+	* @param queryParams - Query parameters to merge (new values override existing)
+	*/
+	query(path, queryParams) {
+		const parsed = new URL(path, "https://placeholder.local");
+		for (const [key, value] of Object.entries(queryParams)) parsed.searchParams.set(key, value);
+		return `${parsed.pathname}${parsed.search}`;
+	}
+	getAppSecret() {
+		const secret = this.routerContext.c.env.APP_SECRET;
+		if (!secret) throw new Error("APP_SECRET environment variable is required for signed URLs");
+		return secret;
+	}
+};
+Uri = __decorate([
+	Transient(),
+	__decorateParam(0, inject(ROUTER_TOKENS.RouteRegistry)),
+	__decorateParam(1, inject(ROUTER_TOKENS.RouterContext)),
+	__decorateMetadata("design:paramtypes", [Object, Object])
+], Uri);
+//#endregion
+//#region src/router/route-url.ts
+/**
+* Generate a URL from a named route.
+*
+* Keys in `params` matching `:param` placeholders fill the path.
+* Domain params (`{tenant}`) are also consumed from `params`.
+* Extra keys become query string parameters.
+*
+* Resolves RouteRegistry from the application container via AsyncLocalStorage.
+* Available after `Application.initialize()` has been called.
+*
+* @param name - Named route identifier
+* @param params - Route params + domain params + extra query params
+* @returns Generated URL string
+*
+* @example
+* ```typescript
+* // In a controller (preferred):
+* ctx.route('users.show', { id: '1' })
+*
+* // Outside controllers (standalone function):
+* import { route } from 'stratal/router'
+*
+* route('users.show', { id: '1' })
+* ```
+*/
+function route(name, params) {
+	const registeredRoute = getContainer().resolve(ROUTER_TOKENS.RouteRegistry).get(name);
+	if (!registeredRoute) throw new RouteNameNotFoundError(name);
+	return buildRouteUrl(registeredRoute, name, params);
+}
+//#endregion
+//#region src/router/middleware/verify-signature.middleware.ts
+/**
+* Middleware that verifies signed URLs.
+*
+* Checks the `signature` (and optionally `expires`) query params against the
+* request URL using HMAC-SHA256 via `crypto.subtle.verify()`.
+*
+* Requires `APP_SECRET` in the Cloudflare Workers environment bindings.
+*
+* @throws InvalidSignatureError (403) if signature is missing, invalid, or expired
+*
+* @example
+* ```typescript
+* @Module({ controllers: [UnsubscribeController], providers: [VerifySignatureMiddleware] })
+* export class EmailModule implements RouteConfigurable {
+*   configureRoutes(router: Router): void {
+*     router.middleware(VerifySignatureMiddleware)
+*   }
+* }
+* ```
+*/
+var VerifySignatureMiddleware = class {
+	async handle(ctx, next) {
+		const url = ctx.c.req.url;
+		const secret = ctx.c.env.APP_SECRET;
+		if (!secret) throw new MissingEnvironmentVariableError("APP_SECRET");
+		if (!await verifySignedUrl(url, secret)) throw new InvalidSignatureError();
+		await next();
+	}
+};
+//#endregion
+//#region src/i18n/services/i18n.service.ts
+/**
+* I18n Service
+*
+* Request-scoped service for translations.
+* Injects RouterContext to access request-specific locale.
+* Uses pre-built CoreContext from MessageLoaderService (singleton) for zero-cost lookups.
+*/
+let I18nService = class I18nService {
+	constructor(loader, routerContext) {
+		this.loader = loader;
+		this.routerContext = routerContext;
+	}
+	/**
+	* Translate a message key
+	*
+	* @param key - Message key (e.g., 'common.actions.save')
+	* @param params - Optional parameters for interpolation
+	* @returns Translated string
+	*/
+	t(key, params) {
+		const context = this.loader.getCoreContext(this.getLocale());
+		const result = params !== void 0 ? translate(context, key, params) : translate(context, key);
+		return typeof result === "string" ? result : key;
+	}
+	/**
+	* Get current locale
+	*
+	* @returns Current locale code from RouterContext or default locale
+	*/
+	getLocale() {
+		return this.routerContext?.getLocale() ?? "en";
+	}
+};
+I18nService = __decorate([
+	Transient(I18N_TOKENS.I18nService),
+	__decorateParam(0, inject(I18N_TOKENS.MessageLoader)),
+	__decorateParam(1, inject(ROUTER_TOKENS.RouterContext, { isOptional: true })),
+	__decorateMetadata("design:paramtypes", [Object, Object])
+], I18nService);
+//#endregion
+//#region src/i18n/i18n.module.ts
+/**
+* I18n Module
+*
+* Core infrastructure module for internationalization.
+* Provides message translation and locale handling.
+*
+* - `forRoot()` configures locale settings (call once in root module)
+* - `registerMessages()` adds translations (call from any module, as many times as needed)
+*
+* @example
+* ```typescript
+* @Module({
+*   imports: [
+*     I18nModule.forRoot({ defaultLocale: 'en', locales: ['en', 'fr'] }),
+*     I18nModule.registerMessages(appMessages),
+*   ],
+* })
+* export class AppModule {}
+* ```
+*
+* @example Package contributing messages
+* ```typescript
+* @Module({
+*   imports: [
+*     I18nModule.registerMessages(tenancyMessages),
+*   ],
+* })
+* export class TenancyModule {}
+* ```
+*/
+var _I18nModule;
+setupI18nCompiler();
+z.config({ customError: backendErrorMap });
+let I18nModule = _I18nModule = class I18nModule {
+	/**
+	* Configure I18n locale settings
+	*
+	* Call once in the root module. Does not accept messages —
+	* use `registerMessages()` to add translations.
+	*
+	* @param options - Locale configuration (defaultLocale, fallbackLocale, locales)
+	*/
+	static forRoot(options = {}) {
+		return {
+			module: _I18nModule,
+			providers: [{
+				provide: I18N_TOKENS.Options,
+				useValue: options
+			}]
+		};
+	}
+	/**
+	* Register i18n messages
+	*
+	* Can be called from any module, as many times as needed.
+	* Messages are deep-merged in registration order — later calls override earlier ones at leaf level.
+	*
+	* @param messages - Messages keyed by locale code
+	*
+	* @example App-level messages
+	* ```typescript
+	* I18nModule.registerMessages({
+	*   en: { common: { hello: 'Hello' }, errors: { notFound: 'Not found' } },
+	*   fr: { common: { hello: 'Bonjour' }, errors: { notFound: 'Introuvable' } },
+	* })
+	* ```
+	*
+	* @example Package-level messages
+	* ```typescript
+	* I18nModule.registerMessages({
+	*   en: { tenancy: { tenantNotFound: 'Tenant not found' } },
+	* })
+	* ```
+	*/
+	static registerMessages(messages) {
+		MessageRegistry.addMessages(messages);
+		return {
+			module: _I18nModule,
+			providers: []
+		};
+	}
+	configureRoutes(router) {
+		router.use(I18nContextMiddleware);
+	}
+};
+I18nModule = _I18nModule = __decorate([Module({ providers: [
+	{
+		provide: I18N_TOKENS.MessageRegistry,
+		useClass: MessageRegistry,
+		scope: Scope.Singleton
+	},
+	{
+		provide: I18N_TOKENS.MessageLoader,
+		useClass: MessageLoaderService,
+		scope: Scope.Singleton
+	},
+	{
+		provide: I18N_TOKENS.I18nService,
+		useClass: I18nService
+	}
+] })], I18nModule);
+//#endregion
+export { Delete as A, MessageRegistry as B, successMessageSchema as C, getRouteDecoratedMethods as D, Route as E, createMiddlewareChain as F, buildDetectorOptions as G, getLocales as H, createDomainMiddleware as I, LocaleNotSupportedError as J, resolveI18nOptions as K, parseDomainPattern as L, Patch as M, Post as N, getRouteMetadata as O, Put as P, OpenAPIModule as R, paginationQuerySchema as S, validationErrorResponseSchema as T, getMessages as U, MessageLoaderService as V, messages as W, I18nContextMiddleware as X, OpenAPIConfigService as Y, sortRoutesBySpecificity as _, buildRouteUrl as a, errorResponseSchema as b, RouteRegistry as c, HonoApp as d, RouteRegistrationService as f, getPathSpecificityScore as g, generateConventionRouteName as h, Uri as i, Get as j, All as k, VersioningService as l, extractParamNames as m, VerifySignatureMiddleware as n, signUrl as o, extractDomainParamNames as p, TranslationMissingError as q, route as r, verifySignedUrl as s, I18nModule as t, LocalePathService as u, toOpenAPIPath as v, uuidParamSchema as w, paginatedResponseSchema as x, commonErrorSchemas as y, OpenAPIService as z };
+
+//# sourceMappingURL=i18n.module-BpLLLCTg.mjs.map