takos-common 1.0.0

package/dist/logger.js

@@ -0,0 +1,99 @@
+/**
+ * Structured Logger for Takos Platform
+ *
+ * Zero-dependency structured logging compatible with Cloudflare Workers.
+ * Outputs JSON to console methods so CF observability picks up the correct level.
+ */
+const LEVEL_ORDER = {
+    debug: 0,
+    info: 1,
+    warn: 2,
+    error: 3,
+};
+function serializeError(value) {
+    if (value instanceof Error) {
+        return {
+            name: value.name,
+            message: value.message,
+            stack: value.stack,
+        };
+    }
+    return { message: String(value) };
+}
+function formatData(data) {
+    if (!data)
+        return undefined;
+    const result = {};
+    for (const [key, value] of Object.entries(data)) {
+        if (value instanceof Error) {
+            result[key] = serializeError(value);
+        }
+        else {
+            result[key] = value;
+        }
+    }
+    return result;
+}
+const LEVEL_NAMES = Object.fromEntries(Object.entries(LEVEL_ORDER).map(([k, v]) => [v, k]));
+class LoggerImpl {
+    minLevel;
+    service;
+    fields;
+    constructor(opts) {
+        this.minLevel = LEVEL_ORDER[opts?.level ?? 'debug'];
+        this.service = opts?.service;
+        this.fields = { ...opts?.defaultFields, ...opts?._fields };
+    }
+    emit(level, msg, data) {
+        if (LEVEL_ORDER[level] < this.minLevel)
+            return;
+        const entry = {
+            level,
+            msg,
+            ts: new Date().toISOString(),
+            ...(this.service ? { service: this.service } : {}),
+            ...this.fields,
+            ...formatData(data),
+        };
+        const line = JSON.stringify(entry);
+        switch (level) {
+            case 'debug':
+                // eslint-disable-next-line no-console -- logger implementation
+                console.log(line);
+                break;
+            case 'info':
+                // eslint-disable-next-line no-console -- logger implementation
+                console.log(line);
+                break;
+            case 'warn':
+                console.warn(line);
+                break;
+            case 'error':
+                console.error(line);
+                break;
+        }
+    }
+    debug(msg, data) {
+        this.emit('debug', msg, data);
+    }
+    info(msg, data) {
+        this.emit('info', msg, data);
+    }
+    warn(msg, data) {
+        this.emit('warn', msg, data);
+    }
+    error(msg, data) {
+        this.emit('error', msg, data);
+    }
+    child(fields) {
+        return new LoggerImpl({
+            level: LEVEL_NAMES[this.minLevel],
+            service: this.service,
+            _fields: { ...this.fields, ...fields },
+        });
+    }
+}
+export function createLogger(opts) {
+    return new LoggerImpl(opts);
+}
+//# sourceMappingURL=logger.js.map

package/dist/logger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.js","sourceRoot":"","sources":["../src/logger.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,MAAM,WAAW,GAA6B;IAC5C,KAAK,EAAE,CAAC;IACR,IAAI,EAAE,CAAC;IACP,IAAI,EAAE,CAAC;IACP,KAAK,EAAE,CAAC;CACT,CAAC;AAwBF,SAAS,cAAc,CAAC,KAAc;IACpC,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;QAC3B,OAAO;YACL,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,KAAK,EAAE,KAAK,CAAC,KAAK;SACnB,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;AACpC,CAAC;AAED,SAAS,UAAU,CAAC,IAA8B;IAChD,IAAI,CAAC,IAAI;QAAE,OAAO,SAAS,CAAC;IAC5B,MAAM,MAAM,GAA4B,EAAE,CAAC;IAC3C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAChD,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;QACtC,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACtB,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CACpC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CACxB,CAAC;AAE9B,MAAM,UAAU;IACN,QAAQ,CAAS;IACjB,OAAO,CAAU;IACjB,MAAM,CAA0B;IAExC,YAAY,IAA4D;QACtE,IAAI,CAAC,QAAQ,GAAG,WAAW,CAAC,IAAI,EAAE,KAAK,IAAI,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,OAAO,GAAG,IAAI,EAAE,OAAO,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,EAAE,aAAa,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,CAAC;IAC7D,CAAC;IAEO,IAAI,CAAC,KAAe,EAAE,GAAW,EAAE,IAA8B;QACvE,IAAI,WAAW,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,QAAQ;YAAE,OAAO;QAE/C,MAAM,KAAK,GAAa;YACtB,KAAK;YACL,GAAG;YACH,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC5B,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAClD,GAAG,IAAI,CAAC,MAAM;YACd,GAAG,UAAU,CAAC,IAAI,CAAC;SACpB,CAAC;QAEF,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QACnC,QAAQ,KAAK,EAAE,CAAC;YACd,KAAK,OAAO;gBACV,+DAA+D;gBAC/D,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBAClB,MAAM;YACR,KAAK,MAAM;gBACT,+DAA+D;gBAC/D,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBAClB,MAAM;YACR,KAAK,MAAM;gBACT,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACnB,MAAM;YACR,KAAK,OAAO;gBACV,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBACpB,MAAM;QACV,CAAC;IACH,CAAC;IAED,KAAK,CAAC,GAAW,EAAE,IAA8B;QAC/C,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAChC,CAAC;IAED,IAAI,CAAC,GAAW,EAAE,IAA8B;QAC9C,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAC/B,CAAC;IAED,IAAI,CAAC,GAAW,EAAE,IAA8B;QAC9C,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAC/B,CAAC;IAED,KAAK,CAAC,GAAW,EAAE,IAA8B;QAC/C,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;IAChC,CAAC;IAED,KAAK,CAAC,MAA+B;QACnC,OAAO,IAAI,UAAU,CAAC;YACpB,KAAK,EAAE,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC;YACjC,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,OAAO,EAAE,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,MAAM,EAAE;SACvC,CAAC,CAAC;IACL,CAAC;CACF;AAED,MAAM,UAAU,YAAY,CAAC,IAAoB;IAC/C,OAAO,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;AAC9B,CAAC"}

package/dist/middleware/hono.d.ts

@@ -0,0 +1,151 @@
+/**
+ * Hono Middleware for takos-runtime
+ *
+ * Provides:
+ * - Service-to-service JWT authentication (RS256)
+ * - Consistent error handling
+ */
+import type { Context, Next, Env, ErrorHandler } from 'hono';
+import { type ServiceTokenPayloadWithClaims } from '../jwt.js';
+export type { ServiceTokenPayloadWithClaims };
+import { AppError } from '../errors.js';
+/**
+ * Environment bindings for service token middleware.
+ * Use this as a type parameter for Hono to get typed context variables.
+ *
+ * Usage:
+ * ```typescript
+ * import type { ServiceTokenEnv } from 'takos-common/middleware/hono';
+ * const app = new Hono<ServiceTokenEnv>();
+ * ```
+ */
+export interface ServiceTokenEnv extends Env {
+    Variables: {
+        serviceToken: ServiceTokenPayloadWithClaims;
+        serviceAuthMethod: 'jwt';
+    };
+}
+/**
+ * Configuration for service token middleware
+ */
+export interface ServiceTokenConfig {
+    /** Public key for JWT verification (PEM format) */
+    jwtPublicKey?: string;
+    /** Expected issuer for JWT tokens (required when jwtPublicKey is set) */
+    expectedIssuer?: string;
+    /** Expected audience for JWT tokens (required when jwtPublicKey is set) */
+    expectedAudience?: string;
+    /** Paths to skip authentication (e.g., health checks) */
+    skipPaths?: string[];
+    /** Clock tolerance in seconds (default: 30) */
+    clockToleranceSeconds?: number;
+}
+/**
+ * Extract service token from Authorization header.
+ *
+ * Note: `takos/packages/control/src/shared/utils/url-utils.ts` contains an
+ * equivalent lower-level helper `extractBearerToken(header: string | null)`
+ * that operates on a raw header string.  The two cannot be unified here
+ * because `takos-common` must not import from the `control` package.
+ * If the extraction logic ever needs to change, update both places.
+ */
+export declare function getServiceTokenFromHeader(c: Context): string | null;
+/**
+ * Create Hono middleware for service token authentication.
+ * Only RS256 JWTs are accepted.
+ *
+ * @param config - Configuration for the middleware
+ * @returns Hono middleware function
+ *
+ * Usage:
+ * ```typescript
+ * import { createServiceTokenMiddleware } from 'takos-common/middleware/hono';
+ *
+ * const app = new Hono<ServiceTokenEnv>();
+ * app.use('*', createServiceTokenMiddleware({ jwtPublicKey: '...' }));
+ * ```
+ */
+export declare function createServiceTokenMiddleware(config: ServiceTokenConfig): (c: Context, next: Next) => Promise<Response | void>;
+/**
+ * Error handler options
+ */
+export interface ErrorHandlerOptions {
+    /** Include stack traces in responses (only for development) */
+    includeStack?: boolean;
+    /** Custom error logger */
+    logger?: (error: unknown, context?: Record<string, unknown>) => void;
+    /** Custom error transformer */
+    transformError?: (error: unknown) => AppError;
+}
+/**
+ * Create Hono error handler (for use with `app.onError`)
+ *
+ * Usage:
+ * ```typescript
+ * import { createErrorHandler } from 'takos-common/middleware/hono';
+ *
+ * const app = new Hono();
+ * app.onError(createErrorHandler({ includeStack: true }));
+ * ```
+ */
+export declare function createErrorHandler(options?: ErrorHandlerOptions): ErrorHandler;
+/**
+ * Not found handler for Hono
+ * Use with `app.notFound()`
+ *
+ * Usage:
+ * ```typescript
+ * import { notFoundHandler } from 'takos-common/middleware/hono';
+ *
+ * const app = new Hono();
+ * app.notFound(notFoundHandler);
+ * ```
+ */
+export declare function notFoundHandler(c: Context): Response & import("hono").TypedResponse<{
+    error: {
+        code: string;
+        message: string;
+        details?: import("hono/utils/types").JSONValue | undefined;
+    };
+}, 404, "json">;
+/**
+ * 400 Bad Request
+ */
+export declare function badRequest(c: Context, message?: string, details?: unknown): Response & import("hono").TypedResponse<{
+    error: {
+        code: string;
+        message: string;
+        details?: import("hono/utils/types").JSONValue | undefined;
+    };
+}, 400, "json">;
+/**
+ * 404 Not Found
+ */
+export declare function notFound(c: Context, message?: string, details?: unknown): Response & import("hono").TypedResponse<{
+    error: {
+        code: string;
+        message: string;
+        details?: import("hono/utils/types").JSONValue | undefined;
+    };
+}, 404, "json">;
+/**
+ * 403 Forbidden
+ */
+export declare function forbidden(c: Context, message?: string, details?: unknown): Response & import("hono").TypedResponse<{
+    error: {
+        code: string;
+        message: string;
+        details?: import("hono/utils/types").JSONValue | undefined;
+    };
+}, 403, "json">;
+/**
+ * 500 Internal Server Error
+ */
+export declare function internalError(c: Context, message?: string, details?: unknown): Response & import("hono").TypedResponse<{
+    error: {
+        code: string;
+        message: string;
+        details?: import("hono/utils/types").JSONValue | undefined;
+    };
+}, 500, "json">;
+//# sourceMappingURL=hono.d.ts.map

package/dist/middleware/hono.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hono.d.ts","sourceRoot":"","sources":["../../src/middleware/hono.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,YAAY,EAAE,MAAM,MAAM,CAAC;AAC7D,OAAO,EAEL,KAAK,6BAA6B,EACnC,MAAM,WAAW,CAAC;AAEnB,YAAY,EAAE,6BAA6B,EAAE,CAAC;AAC9C,OAAO,EACL,QAAQ,EAWT,MAAM,cAAc,CAAC;AAMtB;;;;;;;;;GASG;AACH,MAAM,WAAW,eAAgB,SAAQ,GAAG;IAC1C,SAAS,EAAE;QACT,YAAY,EAAE,6BAA6B,CAAC;QAC5C,iBAAiB,EAAE,KAAK,CAAC;KAC1B,CAAC;CACH;AAMD;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,mDAAmD;IACnD,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,yEAAyE;IACzE,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,2EAA2E;IAC3E,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,yDAAyD;IACzD,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,+CAA+C;IAC/C,qBAAqB,CAAC,EAAE,MAAM,CAAC;CAChC;AAED;;;;;;;;GAQG;AACH,wBAAgB,yBAAyB,CAAC,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,IAAI,CAMnE;AAUD;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,4BAA4B,CAAC,MAAM,EAAE,kBAAkB,IASvD,GAAG,OAAO,EAAE,MAAM,IAAI,KAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAgDhE;AAMD;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,+DAA+D;IAC/D,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,0BAA0B;IAC1B,MAAM,CAAC,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,IAAI,CAAC;IACrE,+BAA+B;IAC/B,cAAc,CAAC,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,QAAQ,CAAC;CAC/C;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,kBAAkB,CAChC,OAAO,GAAE,mBAAwB,GAChC,YAAY,CAoCd;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,eAAe,CAAC,CAAC,EAAE,OAAO;;;;;;gBAGzC;AAoBD;;GAEG;AACH,wBAAgB,UAAU,CACxB,CAAC,EAAE,OAAO,EACV,OAAO,SAAgB,EACvB,OAAO,CAAC,EAAE,OAAO;;;;;;gBAGlB;AAED;;GAEG;AACH,wBAAgB,QAAQ,CACtB,CAAC,EAAE,OAAO,EACV,OAAO,SAAc,EACrB,OAAO,CAAC,EAAE,OAAO;;;;;;gBAGlB;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,SAAkB,EAAE,OAAO,CAAC,EAAE,OAAO;;;;;;gBAEjF;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,CAAC,EAAE,OAAO,EACV,OAAO,SAA0B,EACjC,OAAO,CAAC,EAAE,OAAO;;;;;;gBAGlB"}

package/dist/middleware/hono.js

@@ -0,0 +1,189 @@
+/**
+ * Hono Middleware for takos-runtime
+ *
+ * Provides:
+ * - Service-to-service JWT authentication (RS256)
+ * - Consistent error handling
+ */
+import { verifyServiceToken, } from '../jwt.js';
+import { AuthenticationError, ErrorCodes, InternalError, isAppError, logError, NotFoundError, RateLimitError, ServiceUnavailableError, } from '../errors.js';
+/**
+ * Extract service token from Authorization header.
+ *
+ * Note: `takos/packages/control/src/shared/utils/url-utils.ts` contains an
+ * equivalent lower-level helper `extractBearerToken(header: string | null)`
+ * that operates on a raw header string.  The two cannot be unified here
+ * because `takos-common` must not import from the `control` package.
+ * If the extraction logic ever needs to change, update both places.
+ */
+export function getServiceTokenFromHeader(c) {
+    const authHeader = c.req.header('Authorization');
+    if (authHeader?.startsWith('Bearer ')) {
+        return authHeader.slice('Bearer '.length).trim();
+    }
+    return null;
+}
+/**
+ * Check if the token looks like a JWT (has 3 parts separated by dots)
+ */
+function isJwtFormat(token) {
+    const parts = token.split('.');
+    return parts.length === 3;
+}
+/**
+ * Create Hono middleware for service token authentication.
+ * Only RS256 JWTs are accepted.
+ *
+ * @param config - Configuration for the middleware
+ * @returns Hono middleware function
+ *
+ * Usage:
+ * ```typescript
+ * import { createServiceTokenMiddleware } from 'takos-common/middleware/hono';
+ *
+ * const app = new Hono<ServiceTokenEnv>();
+ * app.use('*', createServiceTokenMiddleware({ jwtPublicKey: '...' }));
+ * ```
+ */
+export function createServiceTokenMiddleware(config) {
+    const { jwtPublicKey, expectedIssuer, expectedAudience, skipPaths = ['/health'], clockToleranceSeconds = 30, } = config;
+    return async (c, next) => {
+        // Skip authentication for certain paths (e.g., health checks)
+        const path = new URL(c.req.url).pathname;
+        if (skipPaths.includes(path)) {
+            await next();
+            return;
+        }
+        if (!jwtPublicKey) {
+            const error = new ServiceUnavailableError('Service token not configured');
+            return c.json(error.toResponse(), error.statusCode);
+        }
+        if (!expectedIssuer || !expectedAudience) {
+            const error = new ServiceUnavailableError('JWT verification requires expectedIssuer and expectedAudience');
+            return c.json(error.toResponse(), error.statusCode);
+        }
+        // Extract token from request
+        const token = getServiceTokenFromHeader(c);
+        if (!token) {
+            const error = new AuthenticationError('Authorization token is required');
+            return c.json(error.toResponse(), error.statusCode);
+        }
+        if (!isJwtFormat(token)) {
+            const error = new AuthenticationError('Service token must be a JWT');
+            return c.json(error.toResponse(), error.statusCode);
+        }
+        const result = verifyServiceToken({
+            token,
+            publicKey: jwtPublicKey,
+            expectedAudience,
+            expectedIssuer,
+            clockToleranceSeconds,
+        });
+        if (result.valid && result.payload) {
+            c.set('serviceToken', result.payload);
+            c.set('serviceAuthMethod', 'jwt');
+            await next();
+            return;
+        }
+        const error = new AuthenticationError(result.error || 'Invalid JWT token');
+        return c.json(error.toResponse(), error.statusCode);
+    };
+}
+/**
+ * Create Hono error handler (for use with `app.onError`)
+ *
+ * Usage:
+ * ```typescript
+ * import { createErrorHandler } from 'takos-common/middleware/hono';
+ *
+ * const app = new Hono();
+ * app.onError(createErrorHandler({ includeStack: true }));
+ * ```
+ */
+export function createErrorHandler(options = {}) {
+    const { includeStack = false, logger = logError, transformError } = options;
+    return (err, c) => {
+        // Transform error if transformer provided
+        let appError;
+        if (transformError) {
+            appError = transformError(err);
+        }
+        else if (isAppError(err)) {
+            appError = err;
+        }
+        else {
+            // Log non-operational errors with full details
+            const path = new URL(c.req.url).pathname;
+            logger(err, {
+                path,
+                method: c.req.method,
+                requestId: c.req.header('x-request-id'),
+            });
+            appError = new InternalError('An unexpected error occurred');
+        }
+        // Build response
+        const response = appError.toResponse();
+        // Add stack trace in development mode
+        if (includeStack && appError.stack) {
+            response.error.stack = appError.stack;
+        }
+        // Set special headers for rate limiting
+        if (appError instanceof RateLimitError && appError.retryAfter) {
+            c.header('Retry-After', String(appError.retryAfter));
+        }
+        return c.json(response, appError.statusCode);
+    };
+}
+/**
+ * Not found handler for Hono
+ * Use with `app.notFound()`
+ *
+ * Usage:
+ * ```typescript
+ * import { notFoundHandler } from 'takos-common/middleware/hono';
+ *
+ * const app = new Hono();
+ * app.notFound(notFoundHandler);
+ * ```
+ */
+export function notFoundHandler(c) {
+    const error = new NotFoundError('Route');
+    return c.json(error.toResponse(), 404);
+}
+// ============================================================================
+// Helper functions for route handlers
+// ============================================================================
+function buildErrorBody(message, code, details) {
+    return {
+        error: {
+            code,
+            message,
+            ...(details !== undefined && { details }),
+        },
+    };
+}
+/**
+ * 400 Bad Request
+ */
+export function badRequest(c, message = 'Bad request', details) {
+    return c.json(buildErrorBody(message, ErrorCodes.BAD_REQUEST, details), 400);
+}
+/**
+ * 404 Not Found
+ */
+export function notFound(c, message = 'Not found', details) {
+    return c.json(buildErrorBody(message, ErrorCodes.NOT_FOUND, details), 404);
+}
+/**
+ * 403 Forbidden
+ */
+export function forbidden(c, message = 'Access denied', details) {
+    return c.json(buildErrorBody(message, ErrorCodes.FORBIDDEN, details), 403);
+}
+/**
+ * 500 Internal Server Error
+ */
+export function internalError(c, message = 'Internal server error', details) {
+    return c.json(buildErrorBody(message, ErrorCodes.INTERNAL_ERROR, details), 500);
+}
+//# sourceMappingURL=hono.js.map

package/dist/middleware/hono.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hono.js","sourceRoot":"","sources":["../../src/middleware/hono.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,EACL,kBAAkB,GAEnB,MAAM,WAAW,CAAC;AAGnB,OAAO,EAEL,mBAAmB,EACnB,UAAU,EACV,aAAa,EACb,UAAU,EACV,QAAQ,EACR,aAAa,EACb,cAAc,EACd,uBAAuB,GAGxB,MAAM,cAAc,CAAC;AA2CtB;;;;;;;;GAQG;AACH,MAAM,UAAU,yBAAyB,CAAC,CAAU;IAClD,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;IACjD,IAAI,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACtC,OAAO,UAAU,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;IACnD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,KAAa;IAChC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC;AAC5B,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,4BAA4B,CAAC,MAA0B;IACrE,MAAM,EACJ,YAAY,EACZ,cAAc,EACd,gBAAgB,EAChB,SAAS,GAAG,CAAC,SAAS,CAAC,EACvB,qBAAqB,GAAG,EAAE,GAC3B,GAAG,MAAM,CAAC;IAEX,OAAO,KAAK,EAAE,CAAU,EAAE,IAAU,EAA4B,EAAE;QAChE,8DAA8D;QAC9D,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;QACzC,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,EAAE,CAAC;YACb,OAAO;QACT,CAAC;QAED,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,KAAK,GAAG,IAAI,uBAAuB,CAAC,8BAA8B,CAAC,CAAC;YAC1E,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,EAAE,KAAK,CAAC,UAAiB,CAAC,CAAC;QAC7D,CAAC;QAED,IAAI,CAAC,cAAc,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACzC,MAAM,KAAK,GAAG,IAAI,uBAAuB,CAAC,+DAA+D,CAAC,CAAC;YAC3G,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,EAAE,KAAK,CAAC,UAAiB,CAAC,CAAC;QAC7D,CAAC;QAED,6BAA6B;QAC7B,MAAM,KAAK,GAAG,yBAAyB,CAAC,CAAC,CAAC,CAAC;QAC3C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,KAAK,GAAG,IAAI,mBAAmB,CAAC,iCAAiC,CAAC,CAAC;YACzE,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,EAAE,KAAK,CAAC,UAAiB,CAAC,CAAC;QAC7D,CAAC;QAED,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,KAAK,GAAG,IAAI,mBAAmB,CAAC,6BAA6B,CAAC,CAAC;YACrE,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,EAAE,KAAK,CAAC,UAAiB,CAAC,CAAC;QAC7D,CAAC;QAED,MAAM,MAAM,GAAG,kBAAkB,CAAC;YAChC,KAAK;YACL,SAAS,EAAE,YAAY;YACvB,gBAAgB;YAChB,cAAc;YACd,qBAAqB;SACtB,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnC,CAAC,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;YACtC,CAAC,CAAC,GAAG,CAAC,mBAAmB,EAAE,KAAc,CAAC,CAAC;YAC3C,MAAM,IAAI,EAAE,CAAC;YACb,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,mBAAmB,CAAC,MAAM,CAAC,KAAK,IAAI,mBAAmB,CAAC,CAAC;QAC3E,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,EAAE,KAAK,CAAC,UAAiB,CAAC,CAAC;IAC7D,CAAC,CAAC;AACJ,CAAC;AAkBD;;;;;;;;;;GAUG;AACH,MAAM,UAAU,kBAAkB,CAChC,UAA+B,EAAE;IAEjC,MAAM,EAAE,YAAY,GAAG,KAAK,EAAE,MAAM,GAAG,QAAQ,EAAE,cAAc,EAAE,GAAG,OAAO,CAAC;IAE5E,OAAO,CAAC,GAAU,EAAE,CAAU,EAAE,EAAE;QAChC,0CAA0C;QAC1C,IAAI,QAAkB,CAAC;QACvB,IAAI,cAAc,EAAE,CAAC;YACnB,QAAQ,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;QACjC,CAAC;aAAM,IAAI,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC3B,QAAQ,GAAG,GAAG,CAAC;QACjB,CAAC;aAAM,CAAC;YACN,+CAA+C;YAC/C,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;YACzC,MAAM,CAAC,GAAG,EAAE;gBACV,IAAI;gBACJ,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM;gBACpB,SAAS,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC;aACxC,CAAC,CAAC;YACH,QAAQ,GAAG,IAAI,aAAa,CAAC,8BAA8B,CAAC,CAAC;QAC/D,CAAC;QAED,iBAAiB;QACjB,MAAM,QAAQ,GAAG,QAAQ,CAAC,UAAU,EAAE,CAAC;QAEvC,sCAAsC;QACtC,IAAI,YAAY,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;YAClC,QAAQ,CAAC,KAAiC,CAAC,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC;QACrE,CAAC;QAED,wCAAwC;QACxC,IAAI,QAAQ,YAAY,cAAc,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC;YAC9D,CAAC,CAAC,MAAM,CAAC,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC;QACvD,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,UAAiB,CAAC,CAAC;IACtD,CAAC,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,eAAe,CAAC,CAAU;IACxC,MAAM,KAAK,GAAG,IAAI,aAAa,CAAC,OAAO,CAAC,CAAC;IACzC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,EAAE,GAAG,CAAC,CAAC;AACzC,CAAC;AAED,+EAA+E;AAC/E,sCAAsC;AACtC,+EAA+E;AAE/E,SAAS,cAAc,CACrB,OAAe,EACf,IAAe,EACf,OAAiB;IAEjB,OAAO;QACL,KAAK,EAAE;YACL,IAAI;YACJ,OAAO;YACP,GAAG,CAAC,OAAO,KAAK,SAAS,IAAI,EAAE,OAAO,EAAE,CAAC;SAC1C;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CACxB,CAAU,EACV,OAAO,GAAG,aAAa,EACvB,OAAiB;IAEjB,OAAO,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,UAAU,CAAC,WAAW,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,CAAC;AAC/E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,QAAQ,CACtB,CAAU,EACV,OAAO,GAAG,WAAW,EACrB,OAAiB;IAEjB,OAAO,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,UAAU,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,CAAC;AAC7E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,CAAU,EAAE,OAAO,GAAG,eAAe,EAAE,OAAiB;IAChF,OAAO,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,UAAU,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,CAAC;AAC7E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAC3B,CAAU,EACV,OAAO,GAAG,uBAAuB,EACjC,OAAiB;IAEjB,OAAO,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,UAAU,CAAC,cAAc,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,CAAC;AAClF,CAAC"}

package/dist/validation.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Validation Utilities
+ *
+ * Provides common validation functions for input sanitization
+ * and security across all takos packages.
+ */
+/**
+ * Check if a hostname is localhost or a local address.
+ *
+ * @param hostname - Hostname to check
+ * @returns true if the hostname is local
+ */
+export declare function isLocalhost(hostname: string): boolean;
+/**
+ * Check if an IP address is a private/internal address.
+ *
+ * @param ip - IP address to check
+ * @returns true if the IP is private
+ */
+export declare function isPrivateIP(ip: string): boolean;
+//# sourceMappingURL=validation.d.ts.map

package/dist/validation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validation.d.ts","sourceRoot":"","sources":["../src/validation.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAWrD;AAED;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAwE/C"}

package/dist/validation.js

@@ -0,0 +1,102 @@
+/**
+ * Validation Utilities
+ *
+ * Provides common validation functions for input sanitization
+ * and security across all takos packages.
+ */
+/**
+ * Check if a hostname is localhost or a local address.
+ *
+ * @param hostname - Hostname to check
+ * @returns true if the hostname is local
+ */
+export function isLocalhost(hostname) {
+    const lower = hostname.toLowerCase();
+    return (lower === 'localhost' ||
+        lower === '127.0.0.1' ||
+        lower === '::1' ||
+        lower.endsWith('.localhost') ||
+        lower.endsWith('.local') ||
+        lower.endsWith('.localdomain') ||
+        lower.endsWith('.internal'));
+}
+/**
+ * Check if an IP address is a private/internal address.
+ *
+ * @param ip - IP address to check
+ * @returns true if the IP is private
+ */
+export function isPrivateIP(ip) {
+    // Check for IPv4 private ranges
+    const ipv4Match = ip.match(/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/);
+    if (ipv4Match) {
+        const [, a, b, c] = ipv4Match.map(Number);
+        // 0.0.0.0/8 - Current network
+        if (a === 0)
+            return true;
+        // 10.0.0.0/8 - Private network
+        if (a === 10)
+            return true;
+        // 127.0.0.0/8 - Loopback
+        if (a === 127)
+            return true;
+        // 169.254.0.0/16 - Link-local
+        if (a === 169 && b === 254)
+            return true;
+        // 172.16.0.0/12 - Private network
+        if (a === 172 && b >= 16 && b <= 31)
+            return true;
+        // 192.168.0.0/16 - Private network
+        if (a === 192 && b === 168)
+            return true;
+        // 100.64.0.0/10 - Carrier-grade NAT
+        if (a === 100 && b >= 64 && b <= 127)
+            return true;
+        // 192.0.0.0/24 - IETF Protocol Assignments
+        if (a === 192 && b === 0 && c === 0)
+            return true;
+        // 192.0.2.0/24 - Documentation (TEST-NET-1)
+        if (a === 192 && b === 0 && c === 2)
+            return true;
+        // 198.18.0.0/15 - Benchmarking
+        if (a === 198 && (b === 18 || b === 19))
+            return true;
+        // 198.51.100.0/24 - Documentation (TEST-NET-2)
+        if (a === 198 && b === 51 && c === 100)
+            return true;
+        // 203.0.113.0/24 - Documentation (TEST-NET-3)
+        if (a === 203 && b === 0 && c === 113)
+            return true;
+        // 224.0.0.0+ - Multicast and reserved
+        if (a >= 224)
+            return true;
+    }
+    // IPv6 private ranges
+    if (ip.startsWith('::1'))
+        return true; // Loopback
+    if (ip.startsWith('fe80:'))
+        return true; // Link-local
+    if (ip.startsWith('fc') || ip.startsWith('fd'))
+        return true; // Unique local
+    // IPv4-mapped IPv6 addresses (e.g. ::ffff:192.168.1.1 or ::ffff:0a00:0001)
+    const ipLower = ip.toLowerCase();
+    if (ipLower.startsWith('::ffff:')) {
+        const rest = ipLower.slice('::ffff:'.length);
+        // Handle dotted-decimal form: ::ffff:192.168.1.1
+        if (/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/.test(rest)) {
+            return isPrivateIP(rest);
+        }
+        // Handle hex form: ::ffff:c0a8:0101 → convert to dotted-decimal
+        const hexParts = rest.split(':');
+        if (hexParts.length === 2) {
+            const hi = parseInt(hexParts[0], 16);
+            const lo = parseInt(hexParts[1], 16);
+            if (!isNaN(hi) && !isNaN(lo)) {
+                const dotted = `${(hi >> 8) & 0xff}.${hi & 0xff}.${(lo >> 8) & 0xff}.${lo & 0xff}`;
+                return isPrivateIP(dotted);
+            }
+        }
+    }
+    return false;
+}
+//# sourceMappingURL=validation.js.map

package/dist/validation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"validation.js","sourceRoot":"","sources":["../src/validation.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;;;;GAKG;AACH,MAAM,UAAU,WAAW,CAAC,QAAgB;IAC1C,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACrC,OAAO,CACL,KAAK,KAAK,WAAW;QACrB,KAAK,KAAK,WAAW;QACrB,KAAK,KAAK,KAAK;QACf,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC;QAC5B,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACxB,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC;QAC9B,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,CAC5B,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,WAAW,CAAC,EAAU;IACpC,gCAAgC;IAChC,MAAM,SAAS,GAAG,EAAE,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAC3E,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,GAAG,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAE1C,8BAA8B;QAC9B,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QAEzB,+BAA+B;QAC/B,IAAI,CAAC,KAAK,EAAE;YAAE,OAAO,IAAI,CAAC;QAE1B,yBAAyB;QACzB,IAAI,CAAC,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;QAE3B,8BAA8B;QAC9B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;QAExC,kCAAkC;QAClC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;YAAE,OAAO,IAAI,CAAC;QAEjD,mCAAmC;QACnC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;QAExC,oCAAoC;QACpC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,GAAG;YAAE,OAAO,IAAI,CAAC;QAElD,2CAA2C;QAC3C,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QAEjD,4CAA4C;QAC5C,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QAEjD,+BAA+B;QAC/B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC;YAAE,OAAO,IAAI,CAAC;QAErD,+CAA+C;QAC/C,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;QAEpD,8CAA8C;QAC9C,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;QAEnD,sCAAsC;QACtC,IAAI,CAAC,IAAI,GAAG;YAAE,OAAO,IAAI,CAAC;IAC5B,CAAC;IAED,sBAAsB;IACtB,IAAI,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC,CAAC,WAAW;IAClD,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,IAAI,CAAC,CAAC,aAAa;IACtD,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC,CAAC,eAAe;IAE5E,2EAA2E;IAC3E,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,EAAE,CAAC;IACjC,IAAI,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC7C,iDAAiD;QACjD,IAAI,sCAAsC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACtD,OAAO,WAAW,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC;QACD,gEAAgE;QAChE,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACjC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,MAAM,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACrC,MAAM,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACrC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC;gBAC7B,MAAM,MAAM,GAAG,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,GAAG,IAAI,IAAI,EAAE,GAAG,IAAI,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC,GAAG,IAAI,IAAI,EAAE,GAAG,IAAI,EAAE,CAAC;gBACnF,OAAO,WAAW,CAAC,MAAM,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC"}

package/package.json

@@ -0,0 +1,55 @@
+{
+  "name": "takos-common",
+  "version": "1.0.0",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    },
+    "./id": {
+      "types": "./dist/id.d.ts",
+      "import": "./dist/id.js"
+    },
+    "./validation": {
+      "types": "./dist/validation.d.ts",
+      "import": "./dist/validation.js"
+    },
+    "./abort": {
+      "types": "./dist/abort.d.ts",
+      "import": "./dist/abort.js"
+    },
+    "./errors": {
+      "types": "./dist/errors.d.ts",
+      "import": "./dist/errors.js"
+    },
+    "./middleware/hono": {
+      "types": "./dist/middleware/hono.d.ts",
+      "import": "./dist/middleware/hono.js"
+    },
+    "./logger": {
+      "types": "./dist/logger.d.ts",
+      "import": "./dist/logger.js"
+    },
+    "./env-parse": {
+      "types": "./dist/env-parse.d.ts",
+      "import": "./dist/env-parse.js"
+    }
+  },
+  "scripts": {
+    "build": "tsc",
+    "typecheck": "tsc --noEmit",
+    "clean": "rm -rf dist",
+    "test": "vitest run"
+  },
+  "dependencies": {
+    "hono": "^4.12.4"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "typescript": "^5.7.0",
+    "vitest": "^2.1.0"
+  }
+}