npm - te.js - Versions diffs - 2.1.5 → 2.2.0 - Mend

te.js 2.1.5 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (49) hide show

package/auto-docs/analysis/handler-analyzer.test.js +106 -0
package/auto-docs/analysis/source-resolver.test.js +58 -0
package/auto-docs/constants.js +13 -2
package/auto-docs/openapi/generator.js +7 -5
package/auto-docs/openapi/generator.test.js +132 -0
package/auto-docs/openapi/spec-builders.js +39 -19
package/cli/docs-command.js +44 -36
package/cors/index.test.js +82 -0
package/database/index.js +3 -1
package/database/mongodb.js +17 -11
package/database/redis.js +53 -44
package/docs/configuration.md +24 -10
package/docs/error-handling.md +134 -50
package/lib/llm/client.js +40 -10
package/lib/llm/index.js +14 -1
package/lib/llm/parse.test.js +60 -0
package/package.json +3 -1
package/radar/index.js +281 -0
package/rate-limit/index.js +8 -11
package/rate-limit/index.test.js +64 -0
package/server/ammo/body-parser.js +156 -152
package/server/ammo/body-parser.test.js +79 -0
package/server/ammo/enhancer.js +8 -4
package/server/ammo.js +216 -17
package/server/context/request-context.js +51 -0
package/server/context/request-context.test.js +53 -0
package/server/endpoint.js +15 -0
package/server/error.js +56 -3
package/server/error.test.js +45 -0
package/server/errors/channels/base.js +31 -0
package/server/errors/channels/channels.test.js +148 -0
package/server/errors/channels/console.js +64 -0
package/server/errors/channels/index.js +111 -0
package/server/errors/channels/log.js +27 -0
package/server/errors/llm-cache.js +102 -0
package/server/errors/llm-cache.test.js +160 -0
package/server/errors/llm-error-service.js +77 -16
package/server/errors/llm-rate-limiter.js +72 -0
package/server/errors/llm-rate-limiter.test.js +105 -0
package/server/files/uploader.js +38 -26
package/server/handler.js +5 -3
package/server/targets/registry.js +9 -9
package/server/targets/registry.test.js +108 -0
package/te.js +214 -57
package/utils/auto-register.js +1 -1
package/utils/configuration.js +23 -9
package/utils/configuration.test.js +58 -0
package/utils/errors-llm-config.js +142 -9
package/utils/request-logger.js +49 -3

package/cors/index.test.js ADDED Viewed

@@ -0,0 +1,82 @@
+/**
+ * @fileoverview Tests for CORS middleware.
+ */
+import { describe, it, expect, vi } from 'vitest';
+import corsMiddleware from './index.js';
+function makeAmmo(method = 'GET', origin = 'https://example.com') {
+  const headers = {};
+  return {
+    req: { method, headers: { origin } },
+    res: {
+      _headers: {},
+      setHeader(name, value) {
+        this._headers[name.toLowerCase()] = value;
+      },
+      writeHead(code) {
+        this._status = code;
+      },
+      end() {
+        this._ended = true;
+      },
+    },
+  };
+}
+describe('corsMiddleware', () => {
+  it('should set Access-Control-Allow-Origin to * by default', async () => {
+    const mw = corsMiddleware();
+    const ammo = makeAmmo();
+    const next = vi.fn();
+    await mw(ammo, next);
+    expect(ammo.res._headers['access-control-allow-origin']).toBe('*');
+    expect(next).toHaveBeenCalled();
+  });
+  it('should respond 204 and not call next for OPTIONS preflight', async () => {
+    const mw = corsMiddleware();
+    const ammo = makeAmmo('OPTIONS');
+    const next = vi.fn();
+    await mw(ammo, next);
+    expect(ammo.res._status).toBe(204);
+    expect(ammo.res._ended).toBe(true);
+    expect(next).not.toHaveBeenCalled();
+  });
+  it('should allow specific origin from array', async () => {
+    const mw = corsMiddleware({ origin: ['https://example.com'] });
+    const ammo = makeAmmo('GET', 'https://example.com');
+    const next = vi.fn();
+    await mw(ammo, next);
+    expect(ammo.res._headers['access-control-allow-origin']).toBe(
+      'https://example.com',
+    );
+  });
+  it('should block origins not in array', async () => {
+    const mw = corsMiddleware({ origin: ['https://example.com'] });
+    const ammo = makeAmmo('GET', 'https://evil.com');
+    const next = vi.fn();
+    await mw(ammo, next);
+    expect(ammo.res._headers['access-control-allow-origin']).toBeUndefined();
+  });
+  it('should set Access-Control-Max-Age when maxAge provided', async () => {
+    const mw = corsMiddleware({ maxAge: 86400 });
+    const ammo = makeAmmo();
+    const next = vi.fn();
+    await mw(ammo, next);
+    expect(ammo.res._headers['access-control-max-age']).toBe('86400');
+  });
+  it('should set Access-Control-Allow-Credentials when credentials=true', async () => {
+    const mw = corsMiddleware({
+      credentials: true,
+      origin: 'https://example.com',
+    });
+    const ammo = makeAmmo('GET', 'https://example.com');
+    const next = vi.fn();
+    await mw(ammo, next);
+    expect(ammo.res._headers['access-control-allow-credentials']).toBe('true');
+  });
+});

package/database/index.js CHANGED Viewed

@@ -15,7 +15,9 @@ class DatabaseManager {
   // Helper method for sleeping
   async #sleep(ms) {
-    return new Promise((resolve) => setTimeout(resolve, ms));
+    const { promise, resolve } = Promise.withResolvers();
+    setTimeout(resolve, ms);
+    return promise;
   }
   constructor() {

package/database/mongodb.js CHANGED Viewed

@@ -1,7 +1,7 @@
-import { spawn } from 'child_process';
-import fs from 'fs';
-import path from 'path';
-import { fileURLToPath } from 'url';
+import { spawn } from 'node:child_process';
+import fs from 'node:fs';
+import path from 'node:path';
+import { fileURLToPath } from 'node:url';
 import TejLogger from 'tej-logger';
 import TejError from '../server/error.js';
@@ -10,7 +10,7 @@ const __dirname = path.dirname(__filename);
 const logger = new TejLogger('MongoDBConnectionManager');
-function checkMongooseInstallation() {
+async function checkMongooseInstallation() {
   const packageJsonPath = path.join(__dirname, '..', 'package.json');
   const nodeModulesPath = path.join(
     __dirname,
@@ -20,12 +20,18 @@ function checkMongooseInstallation() {
   );
   try {
-    // Check if mongoose exists in package.json
-    const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, 'utf8'));
+    const packageJson = JSON.parse(
+      await fs.promises.readFile(packageJsonPath, 'utf8'),
+    );
     const inPackageJson = !!packageJson.dependencies?.mongoose;
-    // Check if mongoose exists in node_modules
-    const inNodeModules = fs.existsSync(nodeModulesPath);
+    let inNodeModules = false;
+    try {
+      await fs.promises.access(nodeModulesPath);
+      inNodeModules = true;
+    } catch {
+      inNodeModules = false;
+    }
     return {
       needsInstall: !inPackageJson || !inNodeModules,
@@ -94,7 +100,7 @@ function installMongooseSync() {
  * @returns {Promise<mongoose.Connection>} Mongoose connection instance
  */
 async function createConnection(config) {
-  const { needsInstall } = checkMongooseInstallation();
+  const { needsInstall } = await checkMongooseInstallation();
   if (needsInstall) {
     const installed = installMongooseSync();
@@ -106,7 +112,7 @@ async function createConnection(config) {
   const { uri, options = {} } = config;
   try {
-    const mongoose = await import('mongoose').then((mod) => mod.default);
+    const { default: mongoose } = await import('mongoose');
     const connection = await mongoose.createConnection(uri, options);
     connection.on('error', (err) =>

package/database/redis.js CHANGED Viewed

@@ -1,6 +1,6 @@
-import { spawnSync } from 'child_process';
-import fs from 'fs';
-import path from 'path';
+import { spawnSync } from 'node:child_process';
+import fs from 'node:fs';
+import path from 'node:path';
 import TejError from '../server/error.js';
 import TejLogger from 'tej-logger';
 import { pathToFileURL } from 'node:url';
@@ -10,14 +10,20 @@ const packagePath = `${process.cwd()}/node_modules/redis/dist/index.js`;
 const logger = new TejLogger('RedisConnectionManager');
-function checkRedisInstallation() {
+async function checkRedisInstallation() {
   try {
-    // Check if redis exists in package.json
-    const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, 'utf8'));
+    const packageJson = JSON.parse(
+      await fs.promises.readFile(packageJsonPath, 'utf8'),
+    );
     const inPackageJson = !!packageJson.dependencies?.redis;
-    // Check if redis exists in node_modules
-    const inNodeModules = fs.existsSync(packagePath);
+    let inNodeModules = false;
+    try {
+      await fs.promises.access(packagePath);
+      inNodeModules = true;
+    } catch {
+      inNodeModules = false;
+    }
     return {
       needsInstall: !inPackageJson || !inNodeModules,
@@ -87,7 +93,7 @@ function installRedisSync() {
  * @returns {Promise<RedisClient|RedisCluster>} Redis client or cluster instance
  */
 async function createConnection(config) {
-  const { needsInstall } = checkRedisInstallation();
+  const { needsInstall } = await checkRedisInstallation();
   if (needsInstall) {
     const installed = installRedisSync();
@@ -119,46 +125,49 @@ async function createConnection(config) {
     let connectionAttempts = 0;
     const maxRetries = options.maxRetries || 3;
-    // Create a promise that will resolve when connected or reject on fatal errors
-    const connectionPromise = new Promise((resolve, reject) => {
-      connectionTimeout = setTimeout(() => {
-        if (!hasConnected) {
-          client.quit().catch(() => {});
-          reject(new TejError(500, 'Redis connection timeout'));
-        }
-      }, options.connectTimeout || 10000);
-      client.on('error', (err) => {
-        logger.error(`Redis connection error: ${err}`, true);
-        if (!hasConnected && connectionAttempts >= maxRetries) {
-          clearTimeout(connectionTimeout);
-          client.quit().catch(() => {});
-          reject(
-            new TejError(
-              500,
-              `Redis connection failed after ${maxRetries} attempts: ${err.message}`,
-            ),
-          );
-        }
-        connectionAttempts++;
-      });
+    const {
+      promise: connectionPromise,
+      resolve: resolveConnection,
+      reject: rejectConnection,
+    } = Promise.withResolvers();
-      client.on('connect', () => {
-        hasConnected = true;
+    connectionTimeout = setTimeout(() => {
+      if (!hasConnected) {
+        client.quit().catch(() => {});
+        rejectConnection(new TejError(500, 'Redis connection timeout'));
+      }
+    }, options.connectTimeout || 10000);
+    client.on('error', (err) => {
+      logger.error(`Redis connection error: ${err}`, true);
+      if (!hasConnected && connectionAttempts >= maxRetries) {
         clearTimeout(connectionTimeout);
-        logger.info(
-          `Redis connected on ${client?.options?.url ?? client?.options?.socket?.host}`,
+        client.quit().catch(() => {});
+        rejectConnection(
+          new TejError(
+            500,
+            `Redis connection failed after ${maxRetries} attempts: ${err.message}`,
+          ),
         );
-      });
+      }
+      connectionAttempts++;
+    });
-      client.on('ready', () => {
-        logger.info('Redis ready');
-        resolve(client);
-      });
+    client.on('connect', () => {
+      hasConnected = true;
+      clearTimeout(connectionTimeout);
+      logger.info(
+        `Redis connected on ${client?.options?.url ?? client?.options?.socket?.host}`,
+      );
+    });
-      client.on('end', () => {
-        logger.info('Redis connection closed');
-      });
+    client.on('ready', () => {
+      logger.info('Redis ready');
+      resolveConnection(client);
+    });
+    client.on('end', () => {
+      logger.info('Redis connection closed');
     });
     await client.connect();

package/docs/configuration.md CHANGED Viewed

@@ -110,15 +110,22 @@ These options configure the `tejas generate:docs` CLI command and the auto-docum
 ### Error handling (LLM-inferred errors)
-When [LLM-inferred error codes and messages](./error-handling.md#llm-inferred-errors) are enabled, the **`errors.llm`** block configures the LLM used for inferring status code and message when you call `ammo.throw()` without explicit code or message. Unset values fall back to `LLM_BASE_URL`, `LLM_API_KEY`, `LLM_MODEL`. You can also enable (and optionally set connection options) by calling **`app.withLLMErrors(config?)`** before `takeoff()` — e.g. `app.withLLMErrors()` to use env/config for baseURL, apiKey, model, or `app.withLLMErrors({ baseURL, apiKey, model, messageType })` to override in code.
-| Config Key               | Env Variable                                     | Type                         | Default                       | Description                                                                                                                                  |
-| ------------------------ | ------------------------------------------------ | ---------------------------- | ----------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- |
-| `errors.llm.enabled`     | `ERRORS_LLM_ENABLED` or `LLM_*` (for connection) | boolean                      | `false`                       | Enable LLM-inferred error code and message for `ammo.throw()`                                                                                |
-| `errors.llm.baseURL`     | `ERRORS_LLM_BASE_URL` or `LLM_BASE_URL`          | string                       | `"https://api.openai.com/v1"` | LLM provider endpoint for error inference                                                                                                    |
-| `errors.llm.apiKey`      | `ERRORS_LLM_API_KEY` or `LLM_API_KEY`            | string                       | —                             | LLM provider API key for error inference                                                                                                     |
-| `errors.llm.model`       | `ERRORS_LLM_MODEL` or `LLM_MODEL`                | string                       | `"gpt-4o-mini"`               | LLM model for error inference                                                                                                                |
-| `errors.llm.messageType` | `ERRORS_LLM_MESSAGE_TYPE` or `LLM_MESSAGE_TYPE`  | `"endUser"` \| `"developer"` | `"endUser"`                   | Default tone for LLM-generated message: `endUser` (safe for clients) or `developer` (technical detail). Overridable per `ammo.throw()` call. |
+When [LLM-inferred error codes and messages](./error-handling.md#llm-inferred-errors) are enabled, the **`errors.llm`** block configures the LLM used for inferring status code and message when you call `ammo.throw()` without explicit code or message. Unset values fall back to `LLM_BASE_URL`, `LLM_API_KEY`, `LLM_MODEL`. You can also enable (and optionally set connection options) by calling **`app.withLLMErrors(config?)`** before `takeoff()` — e.g. `app.withLLMErrors()` to use env/config for baseURL, apiKey, model, or `app.withLLMErrors({ baseURL, apiKey, model, messageType, mode, ... })` to override in code.
+| Config Key               | Env Variable                                    | Type                               | Default              | Description                                                                                                                                                                                                          |
+| ------------------------ | ----------------------------------------------- | ---------------------------------- | -------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `errors.llm.enabled`     | `ERRORS_LLM_ENABLED`                            | boolean                            | `false`              | Enable LLM-inferred error code and message for `ammo.throw()` and framework-caught errors.                                                                                                                           |
+| `errors.llm.baseURL`     | `ERRORS_LLM_BASE_URL` or `LLM_BASE_URL`         | string                             | —                    | LLM provider endpoint (e.g. `https://api.openai.com/v1`). Required when enabled.                                                                                                                                     |
+| `errors.llm.apiKey`      | `ERRORS_LLM_API_KEY` or `LLM_API_KEY`           | string                             | —                    | LLM provider API key. Required when enabled.                                                                                                                                                                         |
+| `errors.llm.model`       | `ERRORS_LLM_MODEL` or `LLM_MODEL`               | string                             | —                    | LLM model name (e.g. `gpt-4o-mini`). Required when enabled.                                                                                                                                                          |
+| `errors.llm.messageType` | `ERRORS_LLM_MESSAGE_TYPE` or `LLM_MESSAGE_TYPE` | `"endUser"` \| `"developer"`       | `"endUser"`          | Default tone for LLM-generated messages. `endUser` is safe for clients; `developer` includes technical detail. Overridable per `ammo.throw()` call.                                                                  |
+| `errors.llm.mode`        | `ERRORS_LLM_MODE` or `LLM_MODE`                 | `"sync"` \| `"async"`              | `"sync"`             | `sync` blocks the HTTP response until the LLM returns. `async` sends an immediate 500 and runs the LLM in the background, dispatching the result to the configured channel.                                          |
+| `errors.llm.timeout`     | `ERRORS_LLM_TIMEOUT` or `LLM_TIMEOUT`           | number (ms)                        | `10000`              | Maximum time in milliseconds to wait for an LLM response before aborting with a timeout error.                                                                                                                       |
+| `errors.llm.channel`     | `ERRORS_LLM_CHANNEL` or `LLM_CHANNEL`           | `"console"` \| `"log"` \| `"both"` | `"console"`          | Output channel for async mode results. `console` pretty-prints to the terminal; `log` appends JSONL to the log file; `both` does both. Only applies when `mode` is `async`.                                          |
+| `errors.llm.logFile`     | `ERRORS_LLM_LOG_FILE`                           | string (path)                      | `"./errors.llm.log"` | Path for the JSONL log file used by the `log` and `both` channels.                                                                                                                                                   |
+| `errors.llm.rateLimit`   | `ERRORS_LLM_RATE_LIMIT` or `LLM_RATE_LIMIT`     | number                             | `10`                 | Maximum number of LLM calls allowed per minute across all requests. When exceeded, a generic 500 is returned (sync) or dispatched with a `rateLimited` flag (async). Cached results do not count against this limit. |
+| `errors.llm.cache`       | `ERRORS_LLM_CACHE`                              | boolean                            | `true`               | Cache LLM results by throw site (file + line) and error message. Repeated errors at the same location reuse the cached result without making another LLM call.                                                       |
+| `errors.llm.cacheTTL`    | `ERRORS_LLM_CACHE_TTL`                          | number (ms)                        | `3600000`            | How long cached results are reused (default 1 hour). After expiry the same error will trigger a fresh LLM call.                                                                                                      |
 When enabled, the same behaviour applies whether you call `ammo.throw()` or the framework calls it when it catches an error — one mechanism, no separate config.
@@ -162,7 +169,14 @@ Create a `tejas.config.json` in your project root:
       "enabled": true,
       "baseURL": "https://api.openai.com/v1",
       "model": "gpt-4o-mini",
-      "messageType": "endUser"
+      "messageType": "endUser",
+      "mode": "async",
+      "timeout": 10000,
+      "channel": "both",
+      "logFile": "./errors.llm.log",
+      "rateLimit": 10,
+      "cache": true,
+      "cacheTTL": 3600000
     }
   }
 }