stratal 0.0.17 → 0.0.19

package/dist/errors-B4pYgYON.mjs

@@ -0,0 +1,1714 @@
+import { a as __decorate, d as CONTAINER_TOKEN, f as DI_TOKENS, o as __decorateParam, p as Transient, s as __decorateMetadata, u as LOGGER_TOKENS } from "./logger-V6Ms3QnQ.mjs";
+import { t as Macroable } from "./macroable-BmufBshB.mjs";
+import { Lifecycle, container as container$1, delay, inject, inject as inject$1, injectable as injectable$1, instancePerContainerCachingFactory as instancePerContainerCachingFactory$1, predicateAwareClassFactory, singleton } from "tsyringe";
+import { AsyncLocalStorage } from "node:async_hooks";
+import { stream, streamSSE, streamText } from "hono/streaming";
+//#region src/errors/application-error.ts
+/**
+* ApplicationError
+*
+* Abstract base class for all application errors.
+*
+* @deprecated Use {@link HttpException} for new error classes. `HttpException` provides
+* a simpler constructor that takes `(httpStatus, message?)` and derives the error code
+* automatically. Existing subclasses will continue to work but should be migrated over time.
+*
+* Features:
+* - Type-safe error codes from ERROR_CODES registry
+* - Type-safe message keys from i18n module
+* - Localized message keys (translated by ExceptionHandler)
+* - Structured metadata for logging and interpolation
+* - Proper Error prototype chain
+* - Automatic timestamp generation
+* - Serialization for RPC transmission
+* - Optional self-reporting via `report()` method
+* - Optional self-rendering via `render()` method
+*
+* Message Localization:
+* - Each error class passes an i18n key (e.g., 'errors.userNotFound') to super()
+* - `Error.message` contains the i18n key for useful stack traces and fallback display
+* - Metadata provides interpolation parameters (e.g., { userId: '123' })
+* - ExceptionHandler translates the message key using I18nService before sending response
+* - This ensures errors are localized based on the user's locale
+*/
+var ApplicationError = class ApplicationError extends Error {
+	/**
+	* Controls whether stack traces are captured.
+	* Set to false in production to skip the expensive Error.captureStackTrace() call,
+	* since stack traces are stripped from responses in production anyway.
+	*/
+	static captureStackTraces = true;
+	/**
+	* Type-safe error code from ERROR_CODES registry
+	* See error-codes.ts for the complete registry
+	*/
+	code;
+	/**
+	* ISO timestamp when the error was created
+	*/
+	timestamp;
+	/**
+	* Additional structured data about the error
+	* Used for:
+	* 1. Logging and debugging
+	* 2. Message interpolation (e.g., { userId: '123', email: 'user@example.com' })
+	*/
+	metadata;
+	/**
+	* @param i18nKey - Type-safe i18n message key (e.g., 'errors.userNotFound')
+	* @param code - Type-safe error code from ERROR_CODES registry
+	* @param metadata - Optional data for logging and interpolation
+	*/
+	constructor(i18nKey, code, metadata) {
+		super(i18nKey);
+		Object.setPrototypeOf(this, new.target.prototype);
+		this.name = this.constructor.name;
+		this.code = code;
+		this.timestamp = (/* @__PURE__ */ new Date()).toISOString();
+		this.metadata = metadata;
+		if (ApplicationError.captureStackTraces && Error.captureStackTrace) Error.captureStackTrace(this, this.constructor);
+	}
+	/**
+	* Filter metadata to include only user-facing properties
+	*
+	* User-facing properties (validation/constraint errors):
+	* - issues: Validation errors from SchemaValidationError
+	* - fields: Constraint violation fields
+	* - field: Single field constraint/foreign key
+	*
+	* Internal properties (excluded from response):
+	* - path, method: Route debugging
+	* - controllerName, reason: Controller errors
+	* - details, etc.: Internal debugging info
+	*
+	* @param metadata - Raw metadata object
+	* @returns Filtered metadata with only whitelisted properties
+	*/
+	static filterMetadata(metadata) {
+		if (!metadata) return void 0;
+		const whitelist = [
+			"issues",
+			"fields",
+			"field"
+		];
+		const filtered = {};
+		let hasUserFacingData = false;
+		for (const key of whitelist) if (key in metadata && metadata[key] !== void 0) {
+			filtered[key] = metadata[key];
+			hasUserFacingData = true;
+		}
+		return hasUserFacingData ? filtered : void 0;
+	}
+	/**
+	* Serialize error to ErrorResponse format for RPC transmission
+	*
+	* @param env - Environment (development | production)
+	* @param translatedMessage - Optional translated message (from ExceptionHandler)
+	* @returns ErrorResponse object suitable for JSON serialization
+	*/
+	toErrorResponse(env, translatedMessage) {
+		const message = translatedMessage ?? this.message;
+		return {
+			code: this.code,
+			message,
+			timestamp: this.timestamp,
+			metadata: ApplicationError.filterMetadata(this.metadata),
+			stack: env === "development" ? this.stack?.replace(this.message, message) : void 0
+		};
+	}
+	/**
+	* JSON serialization (used by JSON.stringify)
+	* Defaults to development mode for backward compatibility
+	* Note: This will use the untranslated message key - use ExceptionHandler for proper localization
+	*/
+	toJSON() {
+		return this.toErrorResponse("development");
+	}
+};
+//#endregion
+//#region src/router/router.tokens.ts
+/**
+* Dependency injection tokens for the router system
+*/
+const ROUTER_TOKENS = {
+	/**
+	* Token for RouterContext (request-scoped)
+	* Contains Hono context wrapper with helper methods
+	*/
+	RouterContext: Symbol.for("stratal:router:context"),
+	/**
+	* Token for RouteRegistry (singleton)
+	* Central registry of all application routes — source of truth for route:list, route:types, URL generation
+	*/
+	RouteRegistry: Symbol.for("stratal:router:route-registry"),
+	/**
+	* Token for VersioningService (singleton)
+	* Resolves version prefixes for route paths
+	*/
+	VersioningService: Symbol.for("stratal:router:versioning-service"),
+	/**
+	* Token for LocalePathService (singleton)
+	* Resolves locale path variants and computes LocalePathConfig
+	*/
+	LocalePathService: Symbol.for("stratal:router:locale-path-service"),
+	/**
+	* Token for RouterResolver (singleton, may be null)
+	* Internal resolver that computes effective Router config per controller
+	*/
+	RouterResolver: Symbol.for("stratal:router:router-resolver"),
+	/**
+	* Token for HonoApp (singleton)
+	* The Hono application instance with Stratal-specific setup
+	*/
+	HonoApp: Symbol.for("stratal:router:hono-app"),
+	/**
+	* Token for Uri (request-scoped)
+	* URL generation service — route URLs, signed URLs, current/previous URL access
+	*/
+	Uri: Symbol.for("stratal:router:uri")
+};
+//#endregion
+//#region src/di/errors/conditional-binding-fallback.error.ts
+/**
+* ConditionalBindingFallbackError
+*
+* Thrown when a conditional binding predicate returns false but no fallback
+* implementation was provided and no existing registration exists for the token.
+*
+* This typically indicates a misconfiguration in the DI setup where:
+* - A `when().use().give()` chain was used without `otherwise()`
+* - AND the token wasn't previously registered
+* - AND the predicate evaluated to false at resolution time
+*/
+var ConditionalBindingFallbackError = class extends ApplicationError {
+	constructor(token) {
+		super("errors.conditionalBindingFallback", ERROR_CODES.SYSTEM.INFRASTRUCTURE_ERROR, { token });
+	}
+};
+//#endregion
+//#region src/di/errors/request-scope-operation-not-allowed.error.ts
+/**
+* RequestScopeOperationNotAllowedError
+*
+* Thrown when attempting to call a method that is not allowed on the current container scope.
+* - `createRequestScope()` and `runInRequestScope()` can only be called on global containers
+*/
+var RequestScopeOperationNotAllowedError = class extends ApplicationError {
+	constructor(methodName) {
+		super("errors.requestScopeOperationNotAllowed", ERROR_CODES.SYSTEM.INFRASTRUCTURE_ERROR, { methodName });
+	}
+};
+//#endregion
+//#region src/di/conditional-binding-builder.ts
+/**
+* Implementation of ConditionalBindingBuilder
+*
+* @internal
+*/
+var ConditionalBindingBuilderImpl = class {
+	constructor(tsyringeContainer, predicateContainer, predicate, options) {
+		this.tsyringeContainer = tsyringeContainer;
+		this.predicateContainer = predicateContainer;
+		this.predicate = predicate;
+		this.options = options;
+	}
+	use(token) {
+		return new ConditionalBindingUseImpl(this.tsyringeContainer, this.predicateContainer, this.predicate, this.options, token);
+	}
+};
+/**
+* Implementation of ConditionalBindingUse
+*
+* @internal
+*/
+var ConditionalBindingUseImpl = class {
+	constructor(tsyringeContainer, predicateContainer, predicate, options, token) {
+		this.tsyringeContainer = tsyringeContainer;
+		this.predicateContainer = predicateContainer;
+		this.predicate = predicate;
+		this.options = options;
+		this.token = token;
+	}
+	give(trueImplementation) {
+		const falseImplementation = this.getFallbackImplementation();
+		this.registerWithPredicate(trueImplementation, falseImplementation);
+		return { otherwise: (implementation) => {
+			this.registerWithPredicate(trueImplementation, implementation);
+		} };
+	}
+	/**
+	* Get fallback implementation: existing registration or throw-on-resolve class
+	*/
+	getFallbackImplementation() {
+		if (this.tsyringeContainer.isRegistered(this.token)) {
+			const existingInstance = this.tsyringeContainer.resolve(this.token);
+			return class ExistingInstanceWrapper {
+				static instance = existingInstance;
+				constructor() {
+					return ExistingInstanceWrapper.instance;
+				}
+			};
+		}
+		const tokenStr = typeof this.token === "symbol" ? this.token.description ?? "unknown" : typeof this.token === "function" ? this.token.name : String(this.token);
+		return class NoFallbackError {
+			constructor() {
+				throw new ConditionalBindingFallbackError(tokenStr);
+			}
+		};
+	}
+	registerWithPredicate(trueImplementation, falseImplementation) {
+		const { predicate, predicateContainer, options } = this;
+		this.tsyringeContainer.register(this.token, { useFactory: predicateAwareClassFactory(() => predicate(predicateContainer), trueImplementation, falseImplementation, options.cache ?? false) });
+	}
+};
+//#endregion
+//#region src/di/container.ts
+/**
+* Unified Container for DI management
+*
+* Manages the two-tier container hierarchy:
+* - Global scope: Singletons, base instances of request-scoped services
+* - Request scope: Context-enriched instances per HTTP request
+*
+* @example Basic registration
+* ```typescript
+* import { container as tsyringeRootContainer } from 'tsyringe'
+*
+* const container = new Container({
+*   container: tsyringeRootContainer.createChildContainer()
+* })
+*
+* container.register(I18nService)
+* container.register(MY_TOKEN, MyService)
+* container.registerSingleton(ConfigService)
+* container.registerValue(MY_TOKEN, myInstance)
+* ```
+*
+* @example Request scope (automatic lifecycle)
+* ```typescript
+* await container.runInRequestScope(routerContext, async (requestContainer) => {
+*   const i18n = requestContainer.resolve(I18N_TOKEN)
+* })
+* ```
+*/
+var Container = class Container {
+	container;
+	isRequestScoped;
+	constructor(options) {
+		this.isRequestScoped = options.isRequestScoped ?? false;
+		this.container = options.container;
+		if (!this.isRequestScoped) this.container.register(CONTAINER_TOKEN, { useValue: this });
+	}
+	register(tokenOrClass, serviceClassOrScope, scope) {
+		let token;
+		let serviceClass;
+		let lifecycle;
+		if (typeof serviceClassOrScope === "function") {
+			token = tokenOrClass;
+			serviceClass = serviceClassOrScope;
+			lifecycle = scope;
+		} else {
+			token = tokenOrClass;
+			serviceClass = tokenOrClass;
+			lifecycle = serviceClassOrScope;
+		}
+		if (lifecycle !== void 0) this.container.register(token, { useClass: serviceClass }, { lifecycle });
+		else this.container.register(token, { useClass: serviceClass });
+	}
+	registerSingleton(tokenOrClass, serviceClass) {
+		if (serviceClass !== void 0) this.container.registerSingleton(tokenOrClass, serviceClass);
+		else {
+			const targetClass = tokenOrClass;
+			this.container.registerSingleton(targetClass, targetClass);
+		}
+	}
+	/**
+	* Register a value (instance) directly
+	*/
+	registerValue(token, value) {
+		this.container.register(token, { useValue: value });
+	}
+	/**
+	* Register with factory function
+	*/
+	registerFactory(token, factory) {
+		this.container.register(token, { useFactory: () => factory(this) });
+	}
+	/**
+	* Register an alias to an existing token
+	*/
+	registerExisting(alias, target) {
+		this.container.register(alias, { useToken: target });
+	}
+	/**
+	* Resolve a service from the container
+	*/
+	resolve(token) {
+		return this.container.resolve(token);
+	}
+	/**
+	* Check if a token is registered
+	*/
+	isRegistered(token) {
+		return this.container.isRegistered(token);
+	}
+	/**
+	* Start a conditional binding with predicate evaluation
+	*/
+	when(predicate, options = {}) {
+		return new ConditionalBindingBuilderImpl(this.container, this, predicate, options);
+	}
+	/**
+	* Replace a service registration with a decorated version
+	*/
+	extend(token, decorator) {
+		const decoratedInstance = decorator(this.container.resolve(token), this);
+		this.container.register(token, { useValue: decoratedInstance });
+	}
+	/**
+	* Run callback within request scope
+	*
+	* Creates a child container with fresh instances for services registered with `scope: Scope.Request`.
+	* Callback receives the request-scoped container as argument.
+	*
+	* Can only be called on global container (not request-scoped).
+	*/
+	async runInRequestScope(routerContext, callback) {
+		if (this.isRequestScoped) throw new RequestScopeOperationNotAllowedError("runInRequestScope");
+		const requestContainer = this.createRequestScope(routerContext);
+		try {
+			return await callback(requestContainer);
+		} finally {
+			await requestContainer.dispose();
+		}
+	}
+	/**
+	* Create request scope container
+	*
+	* Can only be called on global container (not request-scoped).
+	*/
+	createRequestScope(routerContext) {
+		if (this.isRequestScoped) throw new RequestScopeOperationNotAllowedError("createRequestScope");
+		const childContainer = this.container.createChildContainer();
+		childContainer.register(ROUTER_TOKENS.RouterContext, { useValue: routerContext });
+		return new Container({
+			container: childContainer,
+			isRequestScoped: true
+		});
+	}
+	/**
+	* Get underlying tsyringe container
+	*/
+	getTsyringeContainer() {
+		return this.container;
+	}
+	dispose() {
+		return this.container.dispose();
+	}
+};
+//#endregion
+//#region src/di/types.ts
+/**
+* DI Type Definitions
+*
+* Core type definitions for the dependency injection system.
+* Simplified after removing LazyProxy - no more type wrappers needed.
+*/
+/**
+* Service scope for DI registration
+*
+* Maps directly to tsyringe's Lifecycle enum.
+* Scope is specified at registration time via provider configuration,
+* not at class decoration time.
+*
+* @example
+* ```typescript
+* // In module providers:
+* { provide: MY_TOKEN, useClass: MyService, scope: Scope.Singleton }
+*
+* // In Application.ts:
+* container.register(MY_TOKEN, MyService, Scope.Request)
+* ```
+*/
+let Scope = /* @__PURE__ */ function(Scope) {
+	/** New instance per resolution (default) */
+	Scope[Scope["Transient"] = Lifecycle.Transient] = "Transient";
+	/** Single instance shared globally */
+	Scope[Scope["Singleton"] = Lifecycle.Singleton] = "Singleton";
+	/** New instance per child container (per request) */
+	Scope[Scope["Request"] = Lifecycle.ContainerScoped] = "Request";
+	return Scope;
+}({});
+//#endregion
+//#region src/errors/error-codes.ts
+/**
+* Centralized Error Code Registry
+*
+* Error codes are organized by category with specific ranges:
+* - 1000-1999: Validation errors
+* - 2000-2999: Database errors (generic)
+* - 3000-3999: Authentication & Authorization
+* - 4000-4999: Resource errors
+* - 5000-5999: Domain-specific business logic (per module)
+* - 9000-9999: System/Internal errors
+*   - 9000-9099: Router errors
+*   - 9100-9199: Configuration errors
+*   - 9200-9299: Infrastructure errors
+*   - 9300-9399: I18n errors
+*/
+const ERROR_CODES = {
+	/**
+	* Database Errors (2000-2999)
+	* Generic database errors thrown by Prisma client extensions
+	*/
+	DATABASE: {
+		/** Generic database error */
+		GENERIC: 2e3,
+		/** Record not found in database */
+		RECORD_NOT_FOUND: 2001,
+		/** Unique constraint violation */
+		UNIQUE_CONSTRAINT: 2002,
+		/** Foreign key constraint violation */
+		FOREIGN_KEY_CONSTRAINT: 2003,
+		/** Database connection failed */
+		CONNECTION_FAILED: 2004,
+		/** Database timeout */
+		TIMEOUT: 2005,
+		/** Null constraint violation */
+		NULL_CONSTRAINT: 2006,
+		/** Too many database connections */
+		TOO_MANY_CONNECTIONS: 2007,
+		/** Transaction conflict or deadlock */
+		TRANSACTION_CONFLICT: 2008
+	},
+	/**
+	* Authentication Errors (3000-3099)
+	* Authentication-related failures
+	*/
+	AUTH: {
+		/** Invalid credentials provided */
+		INVALID_CREDENTIALS: 3e3,
+		/** Session expired or invalid */
+		SESSION_EXPIRED: 3001,
+		/** Account locked or disabled */
+		ACCOUNT_LOCKED: 3002,
+		/** Invalid or expired token */
+		INVALID_TOKEN: 3003,
+		/** Context not initialized */
+		CONTEXT_NOT_INITIALIZED: 3004,
+		/** User not authenticated */
+		USER_NOT_AUTHENTICATED: 3005,
+		/** Email verification required before login */
+		EMAIL_NOT_VERIFIED: 3007,
+		/** Password doesn't meet minimum length */
+		PASSWORD_TOO_SHORT: 3008,
+		/** Password exceeds maximum length */
+		PASSWORD_TOO_LONG: 3009,
+		/** Account with email already exists */
+		ACCOUNT_ALREADY_EXISTS: 3010,
+		/** User creation failed */
+		FAILED_TO_CREATE_USER: 3011,
+		/** Session creation failed */
+		FAILED_TO_CREATE_SESSION: 3012,
+		/** User update failed */
+		FAILED_TO_UPDATE_USER: 3013,
+		/** Social account already linked */
+		SOCIAL_ACCOUNT_LINKED: 3014,
+		/** Last account cannot be unlinked */
+		CANNOT_UNLINK_LAST_ACCOUNT: 3015,
+		/** Organization not found */
+		ORGANIZATION_NOT_FOUND: 3020,
+		/** Organization member not found */
+		MEMBER_NOT_FOUND: 3021,
+		/** Organization invitation not found */
+		INVITATION_NOT_FOUND: 3022,
+		/** Invitation recipient mismatch */
+		INVITATION_RECIPIENT_MISMATCH: 3023,
+		/** Organization limit reached */
+		ORGANIZATION_LIMIT_REACHED: 3024,
+		/** Organization membership constraint violation */
+		ORGANIZATION_MEMBERSHIP_REQUIRED: 3025
+	},
+	/**
+	* Authorization Errors (3100-3199)
+	* Permission and access control failures
+	*/
+	AUTHZ: {
+		/** Insufficient permissions */
+		FORBIDDEN: 3100,
+		/** Resource access denied */
+		ACCESS_DENIED: 3101,
+		/** User lacks required role */
+		INSUFFICIENT_PERMISSIONS: 3102
+	},
+	/**
+	* Resource Errors (4000-4999)
+	* Generic resource-related errors
+	*/
+	RESOURCE: {
+		/** Generic resource not found */
+		NOT_FOUND: 4e3,
+		/** Route/endpoint not found */
+		ROUTE_NOT_FOUND: 4004,
+		/** Resource conflict or duplicate */
+		CONFLICT: 4100,
+		/** Resource already exists */
+		ALREADY_EXISTS: 4101
+	},
+	/**
+	* Validation Errors (1000-1999)
+	* Input validation failures
+	*/
+	VALIDATION: {
+		/** Generic validation error */
+		GENERIC: 1e3,
+		/** Required field missing */
+		REQUIRED_FIELD: 1001,
+		/** Invalid format */
+		INVALID_FORMAT: 1002,
+		/** Schema validation failed */
+		SCHEMA_VALIDATION: 1003,
+		/** Request validation failed (OpenAPI, etc.) */
+		REQUEST_VALIDATION: 1004,
+		/** Response validation failed (response body doesn't match declared schema) */
+		RESPONSE_VALIDATION: 1005
+	},
+	/**
+	* Router Errors (9000-9099)
+	* Router and controller-related INTERNAL errors
+	*/
+	ROUTER: {
+		/** Controller registration error */
+		CONTROLLER_REGISTRATION_ERROR: 9005,
+		/** Controller method not found */
+		CONTROLLER_METHOD_NOT_FOUND: 9006,
+		/** OpenAPI route registration failed */
+		OPENAPI_ROUTE_REGISTRATION: 9008,
+		/** Duplicate route name in RouteRegistry */
+		DUPLICATE_ROUTE_NAME: 9010,
+		/** Named route not found in RouteRegistry */
+		ROUTE_NAME_NOT_FOUND: 9011,
+		/** Required route parameter missing during URL generation */
+		MISSING_ROUTE_PARAM: 9012,
+		/** router.use() called inside group() callback */
+		USE_SCOPE_VIOLATION: 9013,
+		/** next() called more than once in a middleware */
+		MIDDLEWARE_NEXT_CALLED_MULTIPLE_TIMES: 9014
+	},
+	/**
+	* I18n Errors (9300-9399)
+	* Internationalization and localization errors
+	*/
+	I18N: {
+		/** Translation key missing from all locales */
+		TRANSLATION_MISSING: 9300,
+		/** Requested locale not supported */
+		LOCALE_NOT_SUPPORTED: 9301
+	},
+	/**
+	* System Errors (9000-9999)
+	* Internal system errors and unexpected failures
+	*/
+	SYSTEM: {
+		/** Internal server error */
+		INTERNAL_ERROR: 9e3,
+		/** Generic configuration error */
+		CONFIGURATION_ERROR: 9100,
+		/** ConfigService not initialized */
+		CONFIG_NOT_INITIALIZED: 9101,
+		/** Module already registered */
+		MODULE_ALREADY_REGISTERED: 9102,
+		/** Circular module dependency detected */
+		MODULE_CIRCULAR_DEPENDENCY: 9103,
+		/** Module dependency not found */
+		MODULE_DEPENDENCY_NOT_FOUND: 9104,
+		/** Invalid error code range */
+		INVALID_ERROR_CODE_RANGE: 9105,
+		/** Invalid module provider configuration */
+		INVALID_MODULE_PROVIDER: 9106,
+		/** ConfigModule.forRoot() was not called */
+		CONFIG_MODULE_NOT_INITIALIZED: 9107,
+		/** Generic infrastructure error */
+		INFRASTRUCTURE_ERROR: 9200,
+		/** Execution context not initialized */
+		EXECUTION_CONTEXT_NOT_INITIALIZED: 9201,
+		/** Request container not initialized */
+		REQUEST_CONTAINER_NOT_INITIALIZED: 9202,
+		/** Queue binding not found */
+		QUEUE_BINDING_NOT_FOUND: 9203,
+		/** Cron job execution failed */
+		CRON_EXECUTION_FAILED: 9204,
+		/** Queue provider not supported */
+		QUEUE_PROVIDER_NOT_SUPPORTED: 9205,
+		/** body() called on WebSocket gateway context */
+		WEBSOCKET_BODY_NOT_AVAILABLE: 9206,
+		/** Duplicate WebSocket event decorator on a gateway */
+		WEBSOCKET_DUPLICATE_EVENT_HANDLER: 9207,
+		/** Seeder name collision — two seeders share the same class name */
+		SEEDER_NAME_COLLISION: 9208,
+		/** Seeder not registered in the SeederRegistry */
+		SEEDER_NOT_REGISTERED: 9209,
+		/** Application container not initialized (AsyncLocalStorage) */
+		CONTAINER_NOT_INITIALIZED: 9210,
+		/** Required environment variable not set */
+		MISSING_ENVIRONMENT_VARIABLE: 9211
+	}
+};
+//#endregion
+//#region src/errors/container-not-initialized.error.ts
+/**
+* Thrown when attempting to access the application container via AsyncLocalStorage
+* before `Application.initialize()` has been called.
+*
+* This typically means `route()` or another standalone function is being called
+* outside the application lifecycle.
+*/
+var ContainerNotInitializedError = class extends ApplicationError {
+	constructor() {
+		super("errors.containerNotInitialized", ERROR_CODES.SYSTEM.CONTAINER_NOT_INITIALIZED);
+	}
+};
+//#endregion
+//#region src/di/container-storage.ts
+/**
+* AsyncLocalStorage for the application container.
+*
+* Set by `Application.initialize()` — all code from that point onward
+* (Stratal handlers, TestingModuleBuilder, standalone functions like `route()`)
+* can access the container without DI or static singletons.
+*
+* Follows the same pattern as `errorMapContextStorage` in `i18n/validation/validation.context.ts`.
+*/
+const containerStorage = new AsyncLocalStorage();
+/**
+* Get the application container from AsyncLocalStorage.
+*
+* @throws ContainerNotInitializedError if called outside `Application.initialize()` scope
+*/
+function getContainer() {
+	const container = containerStorage.getStore();
+	if (!container) throw new ContainerNotInitializedError();
+	return container;
+}
+/**
+* Run a function within a container context.
+*
+* @param container - The application container to store
+* @param fn - The function to execute with container access
+*/
+function runWithContainer(container, fn) {
+	return containerStorage.run(container, fn);
+}
+//#endregion
+//#region src/i18n/i18n.tokens.ts
+/**
+* I18n Module DI Tokens
+* Symbol-based tokens to avoid string collisions
+*/
+const I18N_TOKENS = {
+	/** MessageLoaderService - loads and caches locale messages */
+	MessageLoader: Symbol.for("stratal:i18n:message:loader"),
+	/** I18nService - request-scoped translation service */
+	I18nService: Symbol.for("stratal:i18n:service"),
+	/** I18nModuleOptions - configuration options from forRoot() */
+	Options: Symbol.for("stratal:i18n:options"),
+	/** MessageRegistry - singleton accumulator for registerMessages() contributions */
+	MessageRegistry: Symbol.for("stratal:i18n:message:registry")
+};
+//#endregion
+//#region src/errors/http-exception.ts
+/**
+* Maps common HTTP status codes to their default error codes.
+* Used by {@link HttpException} to derive the error code automatically.
+*/
+const HTTP_STATUS_TO_ERROR_CODE = {
+	400: ERROR_CODES.VALIDATION.GENERIC,
+	401: ERROR_CODES.AUTH.USER_NOT_AUTHENTICATED,
+	403: ERROR_CODES.AUTHZ.FORBIDDEN,
+	404: ERROR_CODES.RESOURCE.NOT_FOUND,
+	409: ERROR_CODES.RESOURCE.CONFLICT,
+	422: ERROR_CODES.VALIDATION.GENERIC,
+	500: ERROR_CODES.SYSTEM.INTERNAL_ERROR
+};
+/**
+* Default human-readable messages for common HTTP status codes.
+* Used as fallback when no message is provided to {@link HttpException}.
+*/
+const HTTP_STATUS_MESSAGES = {
+	400: "Bad Request",
+	401: "Unauthorized",
+	403: "Forbidden",
+	404: "Not Found",
+	409: "Conflict",
+	422: "Unprocessable Entity",
+	500: "Internal Server Error"
+};
+/**
+* HTTP-centric exception base class.
+*
+* Unlike {@link ApplicationError} which requires `(i18nKey, code, metadata)`,
+* `HttpException` takes just `(httpStatus, message?)` and derives the error code
+* from the HTTP status automatically.
+*
+* The message can be a plain string or an i18n key — the {@link ExceptionHandler}
+* tries to translate it via `i18n.t()`, falling back to the raw string if the
+* key is not found.
+*
+* Existing {@link ApplicationError} subclasses can be migrated to this gradually.
+*
+* @example
+* ```typescript
+* // Simple usage with plain message
+* throw new HttpException(404, 'User not found')
+*
+* // With i18n key (auto-translated if key exists)
+* throw new HttpException(422, 'errors.invalidInput')
+*
+* // Default message for status code
+* throw new HttpException(500)
+*
+* // Subclass for domain-specific errors
+* class PaymentDeclinedError extends HttpException {
+*   constructor() {
+*     super(402, 'errors.paymentDeclined')
+*   }
+* }
+* ```
+*/
+var HttpException = class extends ApplicationError {
+	/**
+	* The HTTP status code for this exception.
+	* Used by the {@link ExceptionHandler} to set the response status.
+	*/
+	httpStatus;
+	/**
+	* @param httpStatus - HTTP status code (e.g., 404, 422, 500)
+	* @param message - Optional message string or i18n key. Defaults to the
+	*   standard HTTP status message (e.g., "Not Found" for 404).
+	*/
+	constructor(httpStatus, message) {
+		const code = HTTP_STATUS_TO_ERROR_CODE[httpStatus] ?? ERROR_CODES.SYSTEM.INTERNAL_ERROR;
+		const messageStr = message ?? HTTP_STATUS_MESSAGES[httpStatus] ?? "Internal Server Error";
+		super(messageStr, code);
+		this.httpStatus = httpStatus;
+	}
+};
+/**
+* Throw an HTTP exception from anywhere in the application.
+*
+* The message can be a plain string or an i18n key — the {@link ExceptionHandler}
+* translates it automatically, falling back to the raw string if the key is not found.
+*
+* @param status - HTTP status code
+* @param message - Optional message (plain string or i18n key)
+* @throws {@link HttpException} — always throws, never returns
+*
+* @example
+* ```typescript
+* // With plain message
+* abort(404, 'User not found')
+*
+* // Default message for status
+* abort(403)
+*
+* // With i18n key
+* abort(422, 'errors.invalidInput')
+* ```
+*/
+function abort(status, message) {
+	throw new HttpException(status, message);
+}
+//#endregion
+//#region src/errors/get-http-status.ts
+/**
+* Maps error codes to HTTP status codes
+*
+* This utility is used by the frontend to set appropriate HTTP status codes
+* when returning errors from API routes.
+*
+* @param code - Numeric error code from ERROR_CODES registry
+* @returns HTTP status code (200-599)
+*/
+function getHttpStatus(code) {
+	if (code >= 1e3 && code < 2e3) return 400;
+	if (code >= 2e3 && code < 3e3) {
+		if (code === ERROR_CODES.DATABASE.RECORD_NOT_FOUND) return 404;
+		if (code === ERROR_CODES.DATABASE.UNIQUE_CONSTRAINT) return 409;
+		return 500;
+	}
+	if (code >= 3e3 && code < 3100) return 401;
+	if (code >= 3100 && code < 3200) return 403;
+	if (code >= 4e3 && code < 4100) return 404;
+	if (code >= 4100 && code < 4200) return 409;
+	if (code >= 5e3 && code < 6e3) {
+		if (code === 5e3 || code === 5100 || code === 5200) return 404;
+		return 422;
+	}
+	if (code >= 9e3) return 500;
+	return 500;
+}
+/**
+* Resolve the HTTP status code for an ApplicationError.
+*
+* If the error is an {@link HttpException}, its `httpStatus` property takes precedence.
+* Otherwise, falls back to the code-range-based mapping via {@link getHttpStatus}.
+*
+* @param error - The application error to resolve the status for
+* @returns HTTP status code
+*/
+function resolveHttpStatus(error) {
+	if (error instanceof HttpException) return error.httpStatus;
+	return getHttpStatus(error.code);
+}
+//#endregion
+//#region src/errors/internal-error.ts
+/**
+* InternalError
+*
+* Represents an unexpected internal server error.
+* Used to wrap unknown errors that don't fit into specific error categories.
+*
+* This error is thrown when:
+* - An unexpected exception occurs
+* - An error type is not recognized
+* - A system-level failure happens
+*/
+var InternalError = class extends ApplicationError {
+	constructor(metadata) {
+		super("errors.internalError", ERROR_CODES.SYSTEM.INTERNAL_ERROR, metadata);
+	}
+};
+//#endregion
+//#region src/errors/is-application-error.ts
+/**
+* Type guard to check if an error is an ApplicationError.
+*
+* Uses `instanceof` first, then falls back to a structural check
+* for the `code` and `timestamp` properties that all ApplicationError
+* instances have. This handles cross-module boundary cases where
+* `instanceof` fails due to duplicate class identities (e.g., Vite's
+* module graph in workerd).
+*
+* @param error - The error to check
+* @returns True if the error is an ApplicationError instance
+*/
+function isApplicationError(error) {
+	if (error instanceof ApplicationError) return true;
+	return error instanceof Error && typeof error.code === "number" && typeof error.timestamp === "string";
+}
+//#endregion
+//#region src/errors/exception-handler.ts
+let ExceptionHandler = class ExceptionHandler {
+	reportables = [];
+	renderables = [];
+	dontReportSet = /* @__PURE__ */ new Set();
+	levelOverrides = /* @__PURE__ */ new Map();
+	contextCallbacks = [];
+	respondCallbacks = [];
+	environment;
+	constructor(logger, env, container, executionContext) {
+		this.logger = logger;
+		this.env = env;
+		this.container = container;
+		this.executionContext = executionContext;
+		this.environment = this.env.ENVIRONMENT;
+	}
+	/**
+	* Register a custom reporting callback for a specific exception type.
+	*
+	* The callback is invoked when an error matching `errorClass` (via `instanceof`)
+	* is thrown. Chain `.stop()` to prevent the default logger from also reporting.
+	*
+	* @typeParam T - The exception type to match
+	* @param errorClass - Constructor of the exception to match
+	* @param callback - Reporting function receiving the typed error and context
+	* @returns A {@link Reportable} with a `stop()` method
+	*
+	* @example
+	* ```typescript
+	* this.reportable(PaymentError, (e, ctx) => {
+	*   sentry.captureException(e)
+	* }).stop() // skip default logging
+	* ```
+	*/
+	reportable(errorClass, callback) {
+		const entry = {
+			errorClass,
+			callback,
+			shouldStop: false
+		};
+		this.reportables.push(entry);
+		return { stop: () => {
+			entry.shouldStop = true;
+		} };
+	}
+	/**
+	* Register a custom rendering callback for a specific exception type.
+	*
+	* The callback should return a `Response` (for HTTP contexts), an `ErrorResponse`,
+	* or `undefined` to fall through to the default renderer.
+	*
+	* @typeParam T - The exception type to match
+	* @param errorClass - Constructor of the exception to match
+	* @param callback - Rendering function receiving the typed error and context
+	*
+	* @example
+	* ```typescript
+	* this.renderable(MaintenanceError, (e, ctx) => {
+	*   if (ctx.type === 'http') {
+	*     return ctx.ctx.html('<h1>Down for maintenance</h1>', 503)
+	*   }
+	* })
+	* ```
+	*/
+	renderable(errorClass, callback) {
+		this.renderables.push({
+			errorClass,
+			callback
+		});
+	}
+	/**
+	* Suppress reporting (logging) for the given exception types.
+	*
+	* Errors matching these classes will still be rendered into responses
+	* but will not be logged or sent to external reporters.
+	*
+	* @param errorClasses - Array of exception constructors to suppress
+	*
+	* @example
+	* ```typescript
+	* this.dontReport([RouteNotFoundError, SchemaValidationError])
+	* ```
+	*/
+	dontReport(errorClasses) {
+		for (const cls of errorClasses) this.dontReportSet.add(cls);
+	}
+	/**
+	* Override the log severity for a specific exception type.
+	*
+	* By default, severity is derived from the error code range.
+	* Use this to promote or demote specific errors.
+	*
+	* @param errorClass - Constructor of the exception to override
+	* @param severity - The log severity to use
+	*
+	* @example
+	* ```typescript
+	* this.level(RecordNotFoundError, 'warn')
+	* ```
+	*/
+	level(errorClass, severity) {
+		this.levelOverrides.set(errorClass, severity);
+	}
+	/**
+	* Add global context data to all exception log entries.
+	*
+	* The callback is invoked on every reported error and its return value
+	* is merged into the log data.
+	*
+	* @param callback - Function returning key-value pairs to include in logs
+	*
+	* @example
+	* ```typescript
+	* this.context(() => ({
+	*   appVersion: '1.2.3',
+	*   region: env.CF_REGION,
+	* }))
+	* ```
+	*/
+	context(callback) {
+		this.contextCallbacks.push(callback);
+	}
+	/**
+	* Register a callback to post-process every error Response before it is returned.
+	*
+	* Use this to add headers, modify the body, change content type, or
+	* transform the response in any way.
+	*
+	* @param callback - Function receiving (response, error, context) and returning a Response
+	*
+	* @example
+	* ```typescript
+	* this.respond((response, error, ctx) => {
+	*   response.headers.set('X-Error-Code', String(error.code))
+	*   return response
+	* })
+	* ```
+	*/
+	respond(callback) {
+		this.respondCallbacks.push(callback);
+	}
+	/**
+	* Resolve a service from the DI container.
+	*
+	* Useful inside `register()` callbacks for accessing injected services
+	* (e.g., Sentry, analytics, custom loggers).
+	*
+	* @typeParam T - The type of the service to resolve
+	* @param token - DI token (symbol or constructor)
+	* @returns The resolved service instance
+	*
+	* @example
+	* ```typescript
+	* this.reportable(CriticalError, (e) => {
+	*   this.resolve(SentryService).captureException(e)
+	* })
+	* ```
+	*/
+	resolve(token) {
+		return this.container.resolve(token);
+	}
+	/**
+	* Handle an error through the full exception pipeline.
+	*
+	* This is the single entry point used by all contexts (HTTP, queue, cron, CLI).
+	* It normalizes the error, reports it (non-blocking via `waitUntil`),
+	* renders it into a Response, and applies post-processing.
+	*
+	* @param error - The thrown error (may or may not be an ApplicationError)
+	* @param context - The execution context where the error occurred
+	* @returns A Response (JSON by default, customizable via renderable/respond)
+	*/
+	async handle(error, context) {
+		const appError = this.normalizeError(error);
+		this.executionContext.waitUntil(this.performReport(appError, context));
+		const response = await this.performRender(appError, context);
+		return this.applyRespondCallbacks(response, appError, context);
+	}
+	/**
+	* Normalize an unknown error into an ApplicationError.
+	* Non-ApplicationError values are wrapped in InternalError.
+	*/
+	normalizeError(error) {
+		if (isApplicationError(error)) return error;
+		const originalMessage = error instanceof Error ? error.message : String(error);
+		const internalError = new InternalError({
+			originalError: originalMessage,
+			stack: error instanceof Error ? error.stack : void 0
+		});
+		if (this.environment === "development") {
+			internalError.message = originalMessage;
+			if (error instanceof Error && error.stack) internalError.stack = error.stack;
+		}
+		return internalError;
+	}
+	/**
+	* Run the reporting pipeline for an error.
+	*/
+	async performReport(error, context) {
+		if (typeof error.report === "function") {
+			if (error.report() !== false) return;
+		}
+		if (this.shouldNotReport(error)) return;
+		const entry = this.findReportable(error);
+		if (entry) {
+			await entry.callback(error, context);
+			if (entry.shouldStop) return;
+		}
+		this.defaultReport(error, context);
+	}
+	/**
+	* Run the rendering pipeline for an error, producing a Response.
+	*/
+	async performRender(error, context) {
+		if (typeof error.render === "function") {
+			const result = error.render(context);
+			if (result !== void 0) return this.toResponse(result, error);
+		}
+		const entry = this.findRenderable(error);
+		if (entry) {
+			const result = entry.callback(error, context);
+			if (result !== void 0) return this.toResponse(await result, error);
+		}
+		return this.defaultRender(error, context);
+	}
+	/**
+	* Apply all respond() callbacks to post-process a Response.
+	*/
+	applyRespondCallbacks(response, error, context) {
+		let result = response;
+		for (const callback of this.respondCallbacks) result = callback(result, error, context);
+		return result;
+	}
+	/**
+	* Check if an error is in the dontReport set.
+	*/
+	shouldNotReport(error) {
+		for (const cls of this.dontReportSet) if (error instanceof cls) return true;
+		return false;
+	}
+	/**
+	* Find the most-specific reportable entry for an error.
+	* Walks entries in registration order; picks the most-specific `instanceof` match.
+	*/
+	findReportable(error) {
+		let best;
+		for (const entry of this.reportables) if (error instanceof entry.errorClass) {
+			if (!best || !(error instanceof best.errorClass) || entry.errorClass.prototype instanceof best.errorClass) best = entry;
+		}
+		return best;
+	}
+	/**
+	* Find the most-specific renderable entry for an error.
+	*/
+	findRenderable(error) {
+		let best;
+		for (const entry of this.renderables) if (error instanceof entry.errorClass) {
+			if (!best || !(error instanceof best.errorClass) || entry.errorClass.prototype instanceof best.errorClass) best = entry;
+		}
+		return best;
+	}
+	/**
+	* Default reporting — log with appropriate severity and i18n translation.
+	*/
+	defaultReport(error, context) {
+		const translatedMessage = this.translateError(error, context);
+		const severity = this.resolveSeverity(error);
+		const globalContext = this.gatherContext();
+		const logData = {
+			code: error.code,
+			message: translatedMessage,
+			timestamp: error.timestamp,
+			metadata: error.metadata,
+			name: error.name,
+			...globalContext
+		};
+		switch (severity) {
+			case "debug":
+				this.logger.debug("[ApplicationError]", logData);
+				break;
+			case "info":
+				this.logger.info("[ApplicationError]", logData);
+				break;
+			case "warn":
+				this.logger.warn("[ApplicationError]", logData);
+				break;
+			case "error":
+				this.logger.error("[ApplicationError]", logData);
+				break;
+		}
+	}
+	/**
+	* Default rendering — content-negotiated.
+	*
+	* For HTTP requests that accept HTML: renders a minimal branded HTML page.
+	* For everything else (API, queue, cron, CLI): returns JSON.
+	*
+	* Errors are always logged via `performReport` (non-blocking waitUntil),
+	* so they appear in the console regardless of the rendered response format.
+	*/
+	defaultRender(error, context) {
+		const translatedMessage = this.translateError(error, context);
+		const errorResponse = error.toErrorResponse(this.environment, translatedMessage);
+		const status = resolveHttpStatus(error);
+		if (context.type === "http" && this.wantsHtml(context)) return this.renderDefaultHtml(errorResponse, status);
+		return Response.json(errorResponse, { status });
+	}
+	/**
+	* Check if the HTTP request prefers an HTML response.
+	*
+	* Uses the `Accept` header to determine format. Inertia v3 XHR requests
+	* send `Accept: text/html, application/xhtml+xml`, so they naturally
+	* receive HTML error pages (displayed in Inertia's error modal in dev).
+	*
+	* Override in a subclass to customize content negotiation logic.
+	*/
+	wantsHtml(context) {
+		return (context.ctx.c.req.header("accept") ?? "").includes("text/html");
+	}
+	/**
+	* Minimal production HTML error page with inline styles.
+	*/
+	renderDefaultHtml(errorResponse, status) {
+		const title = this.escapeHtml(errorResponse.message);
+		const html = `<!DOCTYPE html>
+<html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1">
+<title>${status} - ${title}</title>
+<style>*{margin:0;padding:0;box-sizing:border-box}body{font-family:system-ui,-apple-system,sans-serif;min-height:100vh;display:flex;align-items:center;justify-content:center;background:#f8fafc;color:#334155}.container{text-align:center;padding:2rem}.status{font-size:6rem;font-weight:800;color:#13c397;line-height:1}.message{font-size:1.25rem;color:#64748b;margin-top:1rem}</style>
+</head><body><div class="container"><div class="status">${status}</div><div class="message">${title}</div></div></body></html>`;
+		return new Response(html, {
+			status,
+			headers: { "content-type": "text/html; charset=utf-8" }
+		});
+	}
+	escapeHtml(str) {
+		return str.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;");
+	}
+	/**
+	* Convert a render result (Response or ErrorResponse) into a Response.
+	*/
+	toResponse(result, error) {
+		if (result instanceof Response) return result;
+		const status = resolveHttpStatus(error);
+		return Response.json(result, { status });
+	}
+	/**
+	* Translate an error's message key via i18n.
+	* Uses the request container (from HTTP context) for correct locale,
+	* falling back to the global container or raw message string.
+	*/
+	translateError(error, context) {
+		try {
+			const i18n = (context.type === "http" ? context.ctx.getContainer() : this.container).resolve(I18N_TOKENS.I18nService);
+			const params = error.metadata;
+			return i18n.t(error.message, params);
+		} catch {
+			return error.message;
+		}
+	}
+	/**
+	* Resolve the log severity for an error.
+	* Checks level overrides first, then falls back to code-range-based severity.
+	*/
+	resolveSeverity(error) {
+		let bestClass;
+		let bestSeverity;
+		for (const [cls, severity] of this.levelOverrides) if (error instanceof cls) {
+			if (!bestClass || cls.prototype instanceof bestClass) {
+				bestClass = cls;
+				bestSeverity = severity;
+			}
+		}
+		return bestSeverity ?? this.getDefaultSeverity(error.code);
+	}
+	/**
+	* Determine default log severity based on error code range.
+	*/
+	getDefaultSeverity(code) {
+		if (code >= 9e3) return "error";
+		if (code >= 2e3 && code < 3e3) return "error";
+		if (code >= 5e3 && code < 6e3) return "warn";
+		if (code >= 1e3 && code < 2e3) return "info";
+		if (code >= 3e3 && code < 5e3) return "warn";
+		return "error";
+	}
+	/**
+	* Gather all global context data from registered callbacks.
+	*/
+	gatherContext() {
+		if (this.contextCallbacks.length === 0) return {};
+		const merged = {};
+		for (const callback of this.contextCallbacks) Object.assign(merged, callback());
+		return merged;
+	}
+};
+ExceptionHandler = __decorate([
+	Transient(),
+	__decorateParam(0, inject(LOGGER_TOKENS.LoggerService)),
+	__decorateParam(1, inject(DI_TOKENS.CloudflareEnv)),
+	__decorateParam(2, inject(CONTAINER_TOKEN)),
+	__decorateParam(3, inject(DI_TOKENS.ExecutionContext)),
+	__decorateMetadata("design:paramtypes", [
+		Object,
+		Object,
+		Object,
+		Object
+	])
+], ExceptionHandler);
+//#endregion
+//#region src/errors/default-exception-handler.ts
+let DefaultExceptionHandler = class DefaultExceptionHandler extends ExceptionHandler {
+	register() {}
+};
+DefaultExceptionHandler = __decorate([Transient()], DefaultExceptionHandler);
+//#endregion
+//#region src/errors/error-response.ts
+/**
+* Type guard to check if an object is an ErrorResponse
+*/
+function isErrorResponse(obj) {
+	return typeof obj === "object" && obj !== null && "code" in obj && typeof obj.code === "number" && "message" in obj && typeof obj.message === "string" && "timestamp" in obj && typeof obj.timestamp === "string";
+}
+//#endregion
+//#region src/router/constants.ts
+/**
+* Type-safe context keys for Hono router variables
+* Using symbols to avoid string collisions
+*/
+const ROUTER_CONTEXT_KEYS = {
+	REQUEST_CONTAINER: "requestContainer",
+	LOCALE: "locale"
+};
+/**
+* Metadata keys for storing route and controller configuration
+* Using symbols to avoid collisions with other decorators
+*/
+const ROUTE_METADATA_KEYS = {
+	CONTROLLER_ROUTE: Symbol.for("stratal:controller:route"),
+	CONTROLLER_OPTIONS: Symbol.for("stratal:controller:options"),
+	CONTROLLER_MIDDLEWARES: Symbol.for("stratal:controller:middlewares"),
+	ROUTE_CONFIG: Symbol.for("stratal:route:config"),
+	DECORATED_METHODS: Symbol.for("stratal:decorated:methods"),
+	AUTH_GUARD: Symbol.for("stratal:auth:guard"),
+	GATEWAY_MARKER: Symbol.for("stratal:gateway:marker"),
+	WS_ON_MESSAGE: Symbol.for("stratal:ws:on-message"),
+	WS_ON_CLOSE: Symbol.for("stratal:ws:on-close"),
+	WS_ON_ERROR: Symbol.for("stratal:ws:on-error")
+};
+/**
+* Security scheme identifiers for OpenAPI
+* These reference the security scheme definitions in security.schemas.ts
+*/
+const SECURITY_SCHEMES = {
+	BEARER_AUTH: "bearerAuth",
+	API_KEY: "apiKey",
+	SESSION_COOKIE: "sessionCookie"
+};
+/**
+* HTTP method mapping for RESTful controller methods
+* Maps controller method names to HTTP verbs and path patterns
+*/
+const HTTP_METHODS = {
+	index: {
+		method: "get",
+		path: ""
+	},
+	show: {
+		method: "get",
+		path: "/:id"
+	},
+	create: {
+		method: "post",
+		path: ""
+	},
+	update: {
+		method: "put",
+		path: "/:id"
+	},
+	patch: {
+		method: "patch",
+		path: "/:id"
+	},
+	destroy: {
+		method: "delete",
+		path: "/:id"
+	}
+};
+/**
+* Default success status codes for RESTful controller methods
+* Used by @Route() decorator to auto-derive response status
+*/
+const METHOD_STATUS_CODES = {
+	index: 200,
+	show: 200,
+	create: 201,
+	update: 200,
+	patch: 200,
+	destroy: 200
+};
+/**
+* Sentinel symbol to opt a controller out of versioning.
+* When used as the version, no prefix is applied even when defaultVersion is set.
+*/
+const VERSION_NEUTRAL = Symbol.for("stratal:version:neutral");
+/**
+* Default content type for request bodies and responses
+*/
+const DEFAULT_CONTENT_TYPE = "application/json";
+//#endregion
+//#region src/router/router-context.ts
+/**
+* Router context wrapper with helper methods
+*
+* Provides convenient access to Hono's context and common request/response operations.
+* The native Hono context is available via the `c` property for advanced use cases.
+*
+* @example
+* ```typescript
+* async index(ctx: RouterContext): Promise<Response> {
+*   // Use helper methods
+*   const users = await this.service.findAll()
+*   return ctx.json(users)
+* }
+*
+* async show(ctx: RouterContext): Promise<Response> {
+*   // Access route params
+*   const id = ctx.param('id')
+*   const user = await this.service.findById(id)
+*   return ctx.json(user)
+* }
+*
+* async create(ctx: RouterContext): Promise<Response> {
+*   // Parse request body
+*   const body = await ctx.body<CreateUserInput>()
+*   const user = await this.service.create(body)
+*   return ctx.json(user, 201)
+* }
+* ```
+*/
+var RouterContext = class extends Macroable {
+	/**
+	* Native Hono context
+	* Access for advanced use cases not covered by helper methods
+	*/
+	constructor(c) {
+		super();
+		this.c = c;
+	}
+	/**
+	* Get request-scoped DI container
+	* Contains request-specific services and context (AuthContext)
+	*
+	* @throws Error if container not initialized
+	*/
+	getContainer() {
+		const container = this.c.get(ROUTER_CONTEXT_KEYS.REQUEST_CONTAINER);
+		if (!container) throw new RequestContainerNotInitializedError();
+		return container;
+	}
+	/**
+	* Set locale for the current request
+	*
+	* @param locale - Locale code (e.g., 'en', 'fr')
+	*/
+	setLocale(locale) {
+		this.c.set(ROUTER_CONTEXT_KEYS.LOCALE, locale);
+	}
+	/**
+	* Get locale for the current request
+	*
+	* @returns Current locale code
+	*/
+	getLocale() {
+		return this.c.get(ROUTER_CONTEXT_KEYS.LOCALE) || "en";
+	}
+	/**
+	* Return JSON response
+	*
+	* When data is null, automatically returns 204 No Content (configurable via status param).
+	*
+	* @param data - Data to serialize as JSON, or null for 204
+	* @param status - HTTP status code (default: 200, or 204 when data is null)
+	*/
+	json(data, status) {
+		if (data === null) return this.c.body(null, status ?? 204);
+		return this.c.json(data, status);
+	}
+	/**
+	* Get route parameter value
+	*
+	* @param key - Parameter name (e.g., 'id' for /users/:id)
+	*/
+	param(key) {
+		return this.c.req.valid("param")[key];
+	}
+	/**
+	* Get query parameter value
+	*
+	* @param key - Query parameter name
+	*/
+	query(key) {
+		const validated = this.c.req.valid("query");
+		return key ? validated[key] : validated;
+	}
+	/**
+	* Get request header value
+	*
+	* @param name - Header name (case-insensitive)
+	*/
+	header(name) {
+		return this.c.req.header(name);
+	}
+	/**
+	* Get validated request body from OpenAPI route
+	* Returns pre-validated data that has passed schema validation
+	*
+	* @returns Validated JSON body
+	*/
+	body() {
+		return this.c.req.valid("json");
+	}
+	/**
+	* Return text response
+	*
+	* @param text - Text content
+	* @param status - HTTP status code (default: 200)
+	*/
+	text(text, status) {
+		return this.c.text(text, status);
+	}
+	/**
+	* Return HTML response
+	*
+	* @param html - HTML content
+	* @param status - HTTP status code (default: 200)
+	*/
+	html(html, status) {
+		return this.c.html(html, status);
+	}
+	/**
+	* Generate a URL from a named route.
+	*
+	* Keys matching `:param` placeholders fill the path.
+	* Domain params are consumed from the same object.
+	* Extra keys become query string parameters.
+	*
+	* @param name - Named route identifier
+	* @param params - Route params + domain params + extra query params
+	* @param options - URL generation options (e.g., `{ absolute: true }`)
+	*
+	* @example
+	* ```typescript
+	* ctx.route('users.show', { id: '1' })           // '/v1/users/1'
+	* ctx.route('users.show', { id: '1', q: 'test' }) // '/v1/users/1?q=test'
+	* ```
+	*/
+	route(name, params, options) {
+		return this.resolveUri().route(name, params, options);
+	}
+	/**
+	* Get a domain parameter value from the current request.
+	* Domain params are set by the domain matching middleware.
+	*
+	* @param key - Domain parameter name (e.g., 'tenant' from '{tenant}.myapp.com')
+	*
+	* @example
+	* ```typescript
+	* const tenant = ctx.domain('tenant')
+	* ```
+	*/
+	domain(key) {
+		return this.c.get(`domain:${key}`);
+	}
+	/**
+	* Generate a signed URL from a named route.
+	*
+	* @param name - Named route identifier
+	* @param params - Route params (same as route())
+	* @param options - Signing options (e.g., expiresIn) and URL options
+	* @returns Signed URL string with signature query param
+	*/
+	async signedUrl(name, params, options) {
+		return this.resolveUri().signedRoute(name, params, options);
+	}
+	/**
+	* Check if the current request has a valid signature.
+	*
+	* @returns true if the URL signature is valid and not expired
+	*/
+	async hasValidSignature() {
+		return this.resolveUri().hasValidSignature();
+	}
+	/**
+	* Redirect to another URL
+	*
+	* @param url - Target URL
+	* @param status - HTTP status code (default: 302)
+	*/
+	redirect(url, status) {
+		return this.c.redirect(url, status);
+	}
+	/**
+	* Return a streaming response (binary/generic)
+	*
+	* @param callback - Async function that writes to the stream
+	* @param onError - Optional error handler called if an error occurs during streaming
+	*/
+	stream(callback, onError) {
+		return stream(this.c, callback, onError);
+	}
+	/**
+	* Return a streaming text response
+	*
+	* Automatically sets `Content-Encoding: Identity` for Cloudflare Workers compatibility.
+	*
+	* @param callback - Async function that writes text to the stream
+	* @param onError - Optional error handler called if an error occurs during streaming
+	*/
+	streamText(callback, onError) {
+		this.c.header("Content-Encoding", "Identity");
+		return streamText(this.c, callback, onError);
+	}
+	/**
+	* Return a Server-Sent Events (SSE) streaming response
+	*
+	* Automatically sets `Content-Encoding: Identity` for Cloudflare Workers compatibility.
+	*
+	* @param callback - Async function that writes SSE events to the stream
+	* @param onError - Optional error handler called if an error occurs during streaming
+	*/
+	streamSSE(callback, onError) {
+		this.c.header("Content-Encoding", "Identity");
+		return streamSSE(this.c, callback, onError);
+	}
+	resolveUri() {
+		return this.getContainer().resolve(ROUTER_TOKENS.Uri);
+	}
+};
+//#endregion
+//#region src/errors/exception-context.ts
+/**
+* Create an HTTP exception context from a Hono context.
+*
+* @param c - The raw Hono context from the request
+* @returns An {@link HttpExceptionContext} wrapping a RouterContext
+*/
+function createHttpExceptionContext(c) {
+	return {
+		type: "http",
+		ctx: new RouterContext(c)
+	};
+}
+/**
+* Create a queue exception context.
+*
+* @param queueName - The name of the queue being processed
+* @returns A {@link QueueExceptionContext}
+*/
+function createQueueExceptionContext(queueName) {
+	return {
+		type: "queue",
+		queueName
+	};
+}
+/**
+* Create a cron exception context.
+*
+* @returns A {@link CronExceptionContext}
+*/
+function createCronExceptionContext() {
+	return { type: "cron" };
+}
+/**
+* Create a CLI command exception context.
+*
+* @param commandName - The name of the command that threw
+* @returns A {@link CliExceptionContext}
+*/
+function createCliExceptionContext(commandName) {
+	return {
+		type: "cli",
+		commandName
+	};
+}
+//#endregion
+//#region src/errors/request-container-not-initialized.error.ts
+/**
+* RequestContainerNotInitializedError
+*
+* Thrown when attempting to access the request-scoped container before it has been initialized.
+* This typically indicates that the RouterService middleware hasn't run yet,
+* or the router context is being accessed outside of a request lifecycle.
+*/
+var RequestContainerNotInitializedError = class extends ApplicationError {
+	constructor() {
+		super("errors.requestContainerNotInitialized", ERROR_CODES.SYSTEM.REQUEST_CONTAINER_NOT_INITIALIZED);
+	}
+};
+//#endregion
+//#region src/errors/stratal-not-initialized.error.ts
+/**
+* StratalNotInitializedError
+*
+* Thrown when attempting to resolve the Application instance before Stratal has been instantiated.
+* This typically indicates that the Stratal instance is not exported as the default export.
+*/
+var StratalNotInitializedError = class extends ApplicationError {
+	constructor() {
+		super("errors.stratalNotInitialized", ERROR_CODES.SYSTEM.INFRASTRUCTURE_ERROR);
+	}
+};
+//#endregion
+export { Scope as A, ConditionalBindingFallbackError as B, abort as C, runWithContainer as D, getContainer as E, injectable$1 as F, ApplicationError as H, instancePerContainerCachingFactory$1 as I, singleton as L, container$1 as M, delay as N, ContainerNotInitializedError as O, inject$1 as P, ConditionalBindingBuilderImpl as R, HttpException as S, containerStorage as T, ROUTER_TOKENS as V, ExceptionHandler as _, createHttpExceptionContext as a, getHttpStatus as b, DEFAULT_CONTENT_TYPE as c, ROUTER_CONTEXT_KEYS as d, ROUTE_METADATA_KEYS as f, DefaultExceptionHandler as g, isErrorResponse as h, createCronExceptionContext as i, Container as j, ERROR_CODES as k, HTTP_METHODS as l, VERSION_NEUTRAL as m, RequestContainerNotInitializedError as n, createQueueExceptionContext as o, SECURITY_SCHEMES as p, createCliExceptionContext as r, RouterContext as s, StratalNotInitializedError as t, METHOD_STATUS_CODES as u, isApplicationError as v, I18N_TOKENS as w, resolveHttpStatus as x, InternalError as y, RequestScopeOperationNotAllowedError as z };
+
+//# sourceMappingURL=errors-B4pYgYON.mjs.map