npm - tagliatelle - Versions diffs - 1.0.0-beta.1 - Mend

tagliatelle 1.0.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

package/dist/security.d.ts ADDED Viewed

@@ -0,0 +1,84 @@
+/**
+ * 🔒 <Tag>liatelle.js - Security Utilities
+ *
+ * Additional security on top of Fastify's built-in protections:
+ * - Error message sanitization (no stack trace leakage)
+ * - Input validation helpers
+ * - Middleware timeout wrapper
+ * - Auth failure rate limiting
+ *
+ * Note: Fastify handles prototype pollution at JSON parse level
+ */
+/**
+ * Sanitizes an error message for safe external exposure
+ * Removes stack traces, sensitive data, and internal paths
+ */
+export declare function sanitizeErrorMessage(error: unknown, fallback?: string): string;
+/**
+ * Creates a safe error response object
+ */
+export declare function safeErrorResponse(error: unknown, isDevelopment?: boolean): {
+    error: string;
+    details?: unknown;
+};
+/**
+ * Safely merges source into target
+ * Note: Fastify already handles prototype pollution at JSON parse level
+ */
+export declare function safeMerge<T extends object>(target: T, source: unknown): T;
+/**
+ * Validates that a value is a non-empty string
+ */
+export declare function isNonEmptyString(value: unknown): value is string;
+/**
+ * Validates that a value is a safe string (no null bytes, control chars)
+ */
+export declare function isSafeString(value: unknown): value is string;
+/**
+ * Validates that a value is a positive integer
+ */
+export declare function isPositiveInt(value: unknown): value is number;
+/**
+ * Validates an ID string (alphanumeric, dashes, underscores)
+ */
+export declare function isValidId(value: unknown): value is string;
+/**
+ * Sanitizes a string for safe logging (prevents log injection)
+ */
+export declare function sanitizeForLog(value: string, maxLength?: number): string;
+/**
+ * Wraps an async function with a timeout
+ */
+export declare function withTimeout<T>(fn: () => Promise<T>, timeoutMs: number, timeoutError?: string): Promise<T>;
+/**
+ * Tracks authentication failures per IP to prevent brute force attacks
+ */
+export declare class AuthFailureTracker {
+    private failures;
+    private readonly maxFailures;
+    private readonly windowMs;
+    private readonly blockDurationMs;
+    constructor(options?: {
+        maxFailures?: number;
+        windowMs?: number;
+        blockDurationMs?: number;
+    });
+    /**
+     * Records an auth failure. Returns true if IP should be blocked.
+     */
+    recordFailure(ip: string): boolean;
+    /**
+     * Checks if an IP is currently blocked
+     */
+    isBlocked(ip: string): boolean;
+    /**
+     * Clears failures for an IP (on successful auth)
+     */
+    clearFailures(ip: string): void;
+    /**
+     * Cleanup expired records
+     */
+    cleanup(): void;
+}
+export declare const authFailureTracker: AuthFailureTracker;
+//# sourceMappingURL=security.d.ts.map

package/dist/security.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAwBH;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,OAAO,EAAE,QAAQ,SAAsB,GAAG,MAAM,CAgC3F;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,KAAK,EAAE,OAAO,EACd,aAAa,UAAQ,GACpB;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,OAAO,CAAA;CAAE,CActC;AAMD;;;GAGG;AACH,wBAAgB,SAAS,CAAC,CAAC,SAAS,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,OAAO,GAAG,CAAC,CAQzE;AAMD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,MAAM,CAEhE;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,MAAM,CAM5D;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,MAAM,CAE7D;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,MAAM,CAGzD;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,SAAM,GAAG,MAAM,CAKrE;AAMD;;GAEG;AACH,wBAAgB,WAAW,CAAC,CAAC,EAC3B,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACpB,SAAS,EAAE,MAAM,EACjB,YAAY,SAAwB,GACnC,OAAO,CAAC,CAAC,CAAC,CAgBZ;AAMD;;GAEG;AACH,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,QAAQ,CAA8D;IAC9E,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAS;gBAE7B,OAAO,GAAE;QACnB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,eAAe,CAAC,EAAE,MAAM,CAAC;KACrB;IAMN;;OAEG;IACH,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO;IAmBlC;;OAEG;IACH,SAAS,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO;IAc9B;;OAEG;IACH,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI;IAI/B;;OAEG;IACH,OAAO,IAAI,IAAI;CAUhB;AAGD,eAAO,MAAM,kBAAkB,oBAA2B,CAAC"}

package/dist/security.js ADDED Viewed

@@ -0,0 +1,233 @@
+/**
+ * 🔒 <Tag>liatelle.js - Security Utilities
+ *
+ * Additional security on top of Fastify's built-in protections:
+ * - Error message sanitization (no stack trace leakage)
+ * - Input validation helpers
+ * - Middleware timeout wrapper
+ * - Auth failure rate limiting
+ *
+ * Note: Fastify handles prototype pollution at JSON parse level
+ */
+// ═══════════════════════════════════════════════════════════════════════════
+// 🛡️ ERROR SANITIZATION
+// ═══════════════════════════════════════════════════════════════════════════
+/**
+ * Sensitive patterns that should never appear in error messages
+ */
+const SENSITIVE_PATTERNS = [
+    /password/i,
+    /secret/i,
+    /token/i,
+    /api[_-]?key/i,
+    /authorization/i,
+    /credential/i,
+    /private/i,
+    /\.env/i,
+    /database/i,
+    /connection/i,
+    /node_modules/i,
+    /at\s+\w+\s+\(/i, // Stack trace patterns
+];
+/**
+ * Sanitizes an error message for safe external exposure
+ * Removes stack traces, sensitive data, and internal paths
+ */
+export function sanitizeErrorMessage(error, fallback = 'An error occurred') {
+    if (!error)
+        return fallback;
+    let message;
+    if (error instanceof Error) {
+        message = error.message;
+    }
+    else if (typeof error === 'string') {
+        message = error;
+    }
+    else {
+        return fallback;
+    }
+    // Remove stack traces (take first line only)
+    message = message.split('\n')[0];
+    // Check for sensitive patterns
+    for (const pattern of SENSITIVE_PATTERNS) {
+        if (pattern.test(message)) {
+            return fallback;
+        }
+    }
+    // Remove file paths
+    message = message.replace(/\/[\w/.-]+\.(js|ts|tsx|jsx)/g, '[path]');
+    // Limit length
+    if (message.length > 200) {
+        message = message.slice(0, 200) + '...';
+    }
+    return message || fallback;
+}
+/**
+ * Creates a safe error response object
+ */
+export function safeErrorResponse(error, isDevelopment = false) {
+    const response = {
+        error: sanitizeErrorMessage(error, 'Internal server error'),
+    };
+    // Only include stack in development
+    if (isDevelopment && error instanceof Error) {
+        response.details = {
+            message: error.message,
+            stack: error.stack?.replace(/\(\/[^)]+\)/g, '([path])'),
+        };
+    }
+    return response;
+}
+// ═══════════════════════════════════════════════════════════════════════════
+// 🛡️ SAFE OBJECT MERGE
+// ═══════════════════════════════════════════════════════════════════════════
+/**
+ * Safely merges source into target
+ * Note: Fastify already handles prototype pollution at JSON parse level
+ */
+export function safeMerge(target, source) {
+    if (!source || typeof source !== 'object' || Array.isArray(source)) {
+        return target;
+    }
+    // Use Object.assign - Fastify has already sanitized the input
+    Object.assign(target, source);
+    return target;
+}
+// ═══════════════════════════════════════════════════════════════════════════
+// 🛡️ INPUT VALIDATION
+// ═══════════════════════════════════════════════════════════════════════════
+/**
+ * Validates that a value is a non-empty string
+ */
+export function isNonEmptyString(value) {
+    return typeof value === 'string' && value.trim().length > 0;
+}
+/**
+ * Validates that a value is a safe string (no null bytes, control chars)
+ */
+export function isSafeString(value) {
+    if (typeof value !== 'string')
+        return false;
+    if (value.includes('\0'))
+        return false;
+    // eslint-disable-next-line no-control-regex
+    if (/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/.test(value))
+        return false;
+    return true;
+}
+/**
+ * Validates that a value is a positive integer
+ */
+export function isPositiveInt(value) {
+    return typeof value === 'number' && Number.isInteger(value) && value > 0;
+}
+/**
+ * Validates an ID string (alphanumeric, dashes, underscores)
+ */
+export function isValidId(value) {
+    if (typeof value !== 'string')
+        return false;
+    return /^[a-zA-Z0-9_-]{1,128}$/.test(value);
+}
+/**
+ * Sanitizes a string for safe logging (prevents log injection)
+ */
+export function sanitizeForLog(value, maxLength = 100) {
+    return value
+        .replace(/[\r\n]/g, ' ')
+        .replace(/[\x00-\x1F\x7F]/g, '')
+        .slice(0, maxLength);
+}
+// ═══════════════════════════════════════════════════════════════════════════
+// 🛡️ MIDDLEWARE TIMEOUT
+// ═══════════════════════════════════════════════════════════════════════════
+/**
+ * Wraps an async function with a timeout
+ */
+export function withTimeout(fn, timeoutMs, timeoutError = 'Operation timed out') {
+    return new Promise((resolve, reject) => {
+        const timer = setTimeout(() => {
+            reject(new Error(timeoutError));
+        }, timeoutMs);
+        fn()
+            .then((result) => {
+            clearTimeout(timer);
+            resolve(result);
+        })
+            .catch((error) => {
+            clearTimeout(timer);
+            reject(error);
+        });
+    });
+}
+// ═══════════════════════════════════════════════════════════════════════════
+// 🛡️ AUTH FAILURE RATE LIMITING
+// ═══════════════════════════════════════════════════════════════════════════
+/**
+ * Tracks authentication failures per IP to prevent brute force attacks
+ */
+export class AuthFailureTracker {
+    failures = new Map();
+    maxFailures;
+    windowMs;
+    blockDurationMs;
+    constructor(options = {}) {
+        this.maxFailures = options.maxFailures ?? 5;
+        this.windowMs = options.windowMs ?? 15 * 60 * 1000; // 15 min
+        this.blockDurationMs = options.blockDurationMs ?? 60 * 60 * 1000; // 1 hour
+    }
+    /**
+     * Records an auth failure. Returns true if IP should be blocked.
+     */
+    recordFailure(ip) {
+        const now = Date.now();
+        const record = this.failures.get(ip);
+        if (!record || now - record.firstFailure > this.windowMs) {
+            this.failures.set(ip, { count: 1, firstFailure: now });
+            return false;
+        }
+        record.count++;
+        if (record.count >= this.maxFailures) {
+            record.firstFailure = now - this.windowMs + this.blockDurationMs;
+            return true;
+        }
+        return false;
+    }
+    /**
+     * Checks if an IP is currently blocked
+     */
+    isBlocked(ip) {
+        const record = this.failures.get(ip);
+        if (!record)
+            return false;
+        const now = Date.now();
+        if (now - record.firstFailure > this.windowMs + this.blockDurationMs) {
+            this.failures.delete(ip);
+            return false;
+        }
+        return record.count >= this.maxFailures;
+    }
+    /**
+     * Clears failures for an IP (on successful auth)
+     */
+    clearFailures(ip) {
+        this.failures.delete(ip);
+    }
+    /**
+     * Cleanup expired records
+     */
+    cleanup() {
+        const now = Date.now();
+        const maxAge = this.windowMs + this.blockDurationMs;
+        for (const [ip, record] of this.failures) {
+            if (now - record.firstFailure > maxAge) {
+                this.failures.delete(ip);
+            }
+        }
+    }
+}
+// Global auth failure tracker instance
+export const authFailureTracker = new AuthFailureTracker();
+// Auto-cleanup every 10 minutes
+setInterval(() => authFailureTracker.cleanup(), 10 * 60 * 1000);
+//# sourceMappingURL=security.js.map

package/dist/security.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"security.js","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,8EAA8E;AAC9E,yBAAyB;AACzB,8EAA8E;AAE9E;;GAEG;AACH,MAAM,kBAAkB,GAAG;IACzB,WAAW;IACX,SAAS;IACT,QAAQ;IACR,cAAc;IACd,gBAAgB;IAChB,aAAa;IACb,UAAU;IACV,QAAQ;IACR,WAAW;IACX,aAAa;IACb,eAAe;IACf,gBAAgB,EAAE,uBAAuB;CAC1C,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,KAAc,EAAE,QAAQ,GAAG,mBAAmB;IACjF,IAAI,CAAC,KAAK;QAAE,OAAO,QAAQ,CAAC;IAE5B,IAAI,OAAe,CAAC;IAEpB,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;QAC3B,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;IAC1B,CAAC;SAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACrC,OAAO,GAAG,KAAK,CAAC;IAClB,CAAC;SAAM,CAAC;QACN,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,6CAA6C;IAC7C,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAEjC,+BAA+B;IAC/B,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;QACzC,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1B,OAAO,QAAQ,CAAC;QAClB,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,8BAA8B,EAAE,QAAQ,CAAC,CAAC;IAEpE,eAAe;IACf,IAAI,OAAO,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACzB,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;IAC1C,CAAC;IAED,OAAO,OAAO,IAAI,QAAQ,CAAC;AAC7B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAC/B,KAAc,EACd,aAAa,GAAG,KAAK;IAErB,MAAM,QAAQ,GAAyC;QACrD,KAAK,EAAE,oBAAoB,CAAC,KAAK,EAAE,uBAAuB,CAAC;KAC5D,CAAC;IAEF,oCAAoC;IACpC,IAAI,aAAa,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;QAC5C,QAAQ,CAAC,OAAO,GAAG;YACjB,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,OAAO,CAAC,cAAc,EAAE,UAAU,CAAC;SACxD,CAAC;IACJ,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,8EAA8E;AAC9E,wBAAwB;AACxB,8EAA8E;AAE9E;;;GAGG;AACH,MAAM,UAAU,SAAS,CAAmB,MAAS,EAAE,MAAe;IACpE,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACnE,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,8DAA8D;IAC9D,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC9B,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,8EAA8E;AAC9E,uBAAuB;AACvB,8EAA8E;AAE9E;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAc;IAC7C,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC;AAC9D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,KAAc;IACzC,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IACvC,4CAA4C;IAC5C,IAAI,kCAAkC,CAAC,IAAI,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACjE,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAAc;IAC1C,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC;AAC3E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,KAAc;IACtC,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,OAAO,wBAAwB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,KAAa,EAAE,SAAS,GAAG,GAAG;IAC3D,OAAO,KAAK;SACT,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC;SACvB,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC;SAC/B,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;AACzB,CAAC;AAED,8EAA8E;AAC9E,yBAAyB;AACzB,8EAA8E;AAE9E;;GAEG;AACH,MAAM,UAAU,WAAW,CACzB,EAAoB,EACpB,SAAiB,EACjB,YAAY,GAAG,qBAAqB;IAEpC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC5B,MAAM,CAAC,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC;QAClC,CAAC,EAAE,SAAS,CAAC,CAAC;QAEd,EAAE,EAAE;aACD,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;YACf,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,OAAO,CAAC,MAAM,CAAC,CAAC;QAClB,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YACf,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,MAAM,CAAC,KAAK,CAAC,CAAC;QAChB,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;AACL,CAAC;AAED,8EAA8E;AAC9E,iCAAiC;AACjC,8EAA8E;AAE9E;;GAEG;AACH,MAAM,OAAO,kBAAkB;IACrB,QAAQ,GAAG,IAAI,GAAG,EAAmD,CAAC;IAC7D,WAAW,CAAS;IACpB,QAAQ,CAAS;IACjB,eAAe,CAAS;IAEzC,YAAY,UAIR,EAAE;QACJ,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,CAAC,CAAC;QAC5C,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,SAAS;QAC7D,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,SAAS;IAC7E,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,EAAU;QACtB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAErC,IAAI,CAAC,MAAM,IAAI,GAAG,GAAG,MAAM,CAAC,YAAY,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YACzD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,YAAY,EAAE,GAAG,EAAE,CAAC,CAAC;YACvD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,CAAC,KAAK,EAAE,CAAC;QAEf,IAAI,MAAM,CAAC,KAAK,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrC,MAAM,CAAC,YAAY,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC;YACjE,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,EAAU;QAClB,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrC,IAAI,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QAE1B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,IAAI,GAAG,GAAG,MAAM,CAAC,YAAY,GAAG,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;YACrE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YACzB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,MAAM,CAAC,KAAK,IAAI,IAAI,CAAC,WAAW,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,EAAU;QACtB,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,OAAO;QACL,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC;QAEpD,KAAK,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACzC,IAAI,GAAG,GAAG,MAAM,CAAC,YAAY,GAAG,MAAM,EAAE,CAAC;gBACvC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAED,uCAAuC;AACvC,MAAM,CAAC,MAAM,kBAAkB,GAAG,IAAI,kBAAkB,EAAE,CAAC;AAE3D,gCAAgC;AAChC,WAAW,CAAC,GAAG,EAAE,CAAC,kBAAkB,CAAC,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC"}

package/dist/tagliatelle.d.ts ADDED Viewed

@@ -0,0 +1,90 @@
+/**
+ * 🍝 <Tag>liatelle.js - The Declarative Backend Framework
+ *
+ * This is the secret sauce that makes JSX work for backend routing.
+ * It transforms your beautiful component tree into a blazing-fast Fastify server.
+ */
+import { FastifyInstance } from 'fastify';
+import { TagliatelleElement, TagliatelleNode, TagliatelleComponent, ServerProps, RouteProps, MiddlewareProps, DBProps, LoggerProps, GroupProps, CorsProps, RateLimiterProps, RoutesProps, ResponseProps, StatusProps, BodyProps, HeadersProps, ErrProps } from './types.js';
+export * from './types.js';
+/**
+ * JSX factory function - creates virtual elements from JSX
+ * This is called by TypeScript when it transforms JSX
+ */
+export declare function h(type: string | Function, props: Record<string, unknown> | null, ...children: TagliatelleNode[]): TagliatelleElement;
+/**
+ * Fragment support for grouping elements without a wrapper
+ */
+export declare function Fragment({ children }: {
+    children?: TagliatelleNode[];
+}): TagliatelleNode[];
+export declare class Context {
+    private values;
+    set<T>(key: string, value: T): void;
+    get<T>(key: string): T | undefined;
+    clone(): Context;
+}
+export declare function Server({ port, host, children }: ServerProps): TagliatelleComponent;
+export declare function Get<TParams, TBody, TQuery, TResponse>(props: RouteProps<TParams, TBody, TQuery, TResponse>): TagliatelleComponent;
+export declare function Post<TParams, TBody, TQuery, TResponse>(props: RouteProps<TParams, TBody, TQuery, TResponse>): TagliatelleComponent;
+export declare function Put<TParams, TBody, TQuery, TResponse>(props: RouteProps<TParams, TBody, TQuery, TResponse>): TagliatelleComponent;
+export declare function Delete<TParams, TBody, TQuery, TResponse>(props: RouteProps<TParams, TBody, TQuery, TResponse>): TagliatelleComponent;
+export declare function Patch<TParams, TBody, TQuery, TResponse>(props: RouteProps<TParams, TBody, TQuery, TResponse>): TagliatelleComponent;
+export declare function Middleware({ use, children }: MiddlewareProps): TagliatelleComponent;
+export declare function DB({ provider, children }: DBProps): TagliatelleComponent;
+export declare function Logger({ level }: LoggerProps): TagliatelleComponent;
+export declare function Group({ prefix, children }: GroupProps): TagliatelleComponent;
+export declare function Cors({ origin, methods, children }: CorsProps): TagliatelleComponent;
+export declare function RateLimiter({ max, timeWindow, children }: RateLimiterProps): TagliatelleComponent;
+/**
+ * File-based routing - Next.js style!
+ * Usage: <Routes dir="./routes" prefix="/api" />
+ */
+export declare function Routes({ dir, prefix }: RoutesProps): TagliatelleComponent;
+/**
+ * Response wrapper - contains status, headers, and body
+ * Usage: <Response><Status code={201} /><Body data={{...}} /></Response>
+ */
+export declare function Response({ children }: ResponseProps): TagliatelleComponent;
+/**
+ * Set HTTP status code
+ * Usage: <Status code={201} />
+ */
+export declare function Status({ code }: StatusProps): TagliatelleComponent;
+/**
+ * Set response body (JSON)
+ * Usage: <Body data={{ success: true, data: [...] }} />
+ */
+export declare function Body<T>({ data }: BodyProps<T>): TagliatelleComponent;
+/**
+ * Set response headers
+ * Usage: <Headers headers={{ 'X-Custom': 'value' }} />
+ */
+export declare function Headers({ headers }: HeadersProps): TagliatelleComponent;
+/**
+ * Return an error response
+ * Usage: <Err code={404} message="Not found" />
+ */
+export declare function Err({ code, message, details }: ErrProps): TagliatelleComponent;
+import type { AugmentProps, HaltProps } from './types.js';
+/**
+ * Augment handler props with additional data (e.g., user from auth)
+ * Usage: <Augment user={{ id: 1, name: "John" }} />
+ */
+export declare function Augment(props: AugmentProps): TagliatelleComponent;
+/**
+ * Halt the middleware chain (optionally with error)
+ * Usage: <Halt /> or <Halt code={401} message="Unauthorized" />
+ */
+export declare function Halt({ code, message }: HaltProps): TagliatelleComponent;
+/**
+ * The main render function - turns your JSX tree into a running server
+ */
+export declare function render(element: TagliatelleNode): Promise<FastifyInstance>;
+declare const Tagliatelle: {
+    h: typeof h;
+    Fragment: typeof Fragment;
+    render: typeof render;
+};
+export default Tagliatelle;
+//# sourceMappingURL=tagliatelle.d.ts.map

package/dist/tagliatelle.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"tagliatelle.d.ts","sourceRoot":"","sources":["../src/tagliatelle.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAgB,EAAE,eAAe,EAA6C,MAAM,SAAS,CAAC;AAmD9F,OAAO,EACL,kBAAkB,EAClB,eAAe,EACf,oBAAoB,EAIpB,WAAW,EACX,UAAU,EACV,eAAe,EACf,OAAO,EACP,WAAW,EACX,UAAU,EACV,SAAS,EACT,gBAAgB,EAChB,WAAW,EAEX,aAAa,EACb,WAAW,EACX,SAAS,EACT,YAAY,EACZ,QAAQ,EACT,MAAM,YAAY,CAAC;AAIpB,cAAc,YAAY,CAAC;AAM3B;;;GAGG;AACH,wBAAgB,CAAC,CACf,IAAI,EAAE,MAAM,GAAG,QAAQ,EACvB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,EACrC,GAAG,QAAQ,EAAE,eAAe,EAAE,GAC7B,kBAAkB,CAMpB;AAED;;GAEG;AACH,wBAAgB,QAAQ,CAAC,EAAE,QAAQ,EAAE,EAAE;IAAE,QAAQ,CAAC,EAAE,eAAe,EAAE,CAAA;CAAE,GAAG,eAAe,EAAE,CAE1F;AAMD,qBAAa,OAAO;IAClB,OAAO,CAAC,MAAM,CAAmC;IAEjD,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,GAAG,IAAI;IAInC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,GAAG,SAAS;IAIlC,KAAK,IAAI,OAAO;CAOjB;AAMD,wBAAgB,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,WAAW,GAAG,oBAAoB,CAOlF;AAED,wBAAgB,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EACnD,KAAK,EAAE,UAAU,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,GACnD,oBAAoB,CAQtB;AAED,wBAAgB,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EACpD,KAAK,EAAE,UAAU,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,GACnD,oBAAoB,CAQtB;AAED,wBAAgB,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EACnD,KAAK,EAAE,UAAU,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,GACnD,oBAAoB,CAQtB;AAED,wBAAgB,MAAM,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EACtD,KAAK,EAAE,UAAU,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,GACnD,oBAAoB,CAQtB;AAED,wBAAgB,KAAK,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EACrD,KAAK,EAAE,UAAU,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,GACnD,oBAAoB,CAQtB;AAED,wBAAgB,UAAU,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,EAAE,eAAe,GAAG,oBAAoB,CAMnF;AAED,wBAAgB,EAAE,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,OAAO,GAAG,oBAAoB,CAMxE;AAED,wBAAgB,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,WAAW,GAAG,oBAAoB,CAKnE;AAED,wBAAgB,KAAK,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,UAAU,GAAG,oBAAoB,CAM5E;AAED,wBAAgB,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,SAAS,GAAG,oBAAoB,CAOnF;AAED,wBAAgB,WAAW,CAAC,EAAE,GAAG,EAAE,UAAU,EAAE,QAAQ,EAAE,EAAE,gBAAgB,GAAG,oBAAoB,CAOjG;AAED;;;GAGG;AACH,wBAAgB,MAAM,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,EAAE,WAAW,GAAG,oBAAoB,CAMzE;AAMD;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,EAAE,QAAQ,EAAE,EAAE,aAAa,GAAG,oBAAoB,CAK1E;AAED;;;GAGG;AACH,wBAAgB,MAAM,CAAC,EAAE,IAAI,EAAE,EAAE,WAAW,GAAG,oBAAoB,CAKlE;AAED;;;GAGG;AACH,wBAAgB,IAAI,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,SAAS,CAAC,CAAC,CAAC,GAAG,oBAAoB,CAKpE;AAED;;;GAGG;AACH,wBAAgB,OAAO,CAAC,EAAE,OAAO,EAAE,EAAE,YAAY,GAAG,oBAAoB,CAKvE;AAED;;;GAGG;AACH,wBAAgB,GAAG,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,QAAQ,GAAG,oBAAoB,CAO9E;AAMD,OAAO,KAAK,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE1D;;;GAGG;AACH,wBAAgB,OAAO,CAAC,KAAK,EAAE,YAAY,GAAG,oBAAoB,CAKjE;AAED;;;GAGG;AACH,wBAAgB,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,SAAS,GAAG,oBAAoB,CAMvE;AA0YD;;GAEG;AACH,wBAAsB,MAAM,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,eAAe,CAAC,CAwE/E;AAMD,QAAA,MAAM,WAAW;;;;CAIhB,CAAC;AAEF,eAAe,WAAW,CAAC"}