theokit 0.2.0 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (130) hide show
  1. package/dist/actions-virtual-module-E6PU47GV.js +175 -0
  2. package/dist/actions-virtual-module-E6PU47GV.js.map +1 -0
  3. package/dist/actions-virtual-module-E7IELVHL.js +174 -0
  4. package/dist/actions-virtual-module-E7IELVHL.js.map +1 -0
  5. package/dist/app-typed-client-RZMVWHJ3.js +289 -0
  6. package/dist/app-typed-client-RZMVWHJ3.js.map +1 -0
  7. package/dist/app-typed-client-YIBP6JWH.js +289 -0
  8. package/dist/app-typed-client-YIBP6JWH.js.map +1 -0
  9. package/dist/{aws-lambda-PONVF3UX.js → aws-lambda-XYCGZH3I.js} +2 -2
  10. package/dist/{build-IQQYCA3B.js → build-NCGIV4LL.js} +41 -14
  11. package/dist/build-NCGIV4LL.js.map +1 -0
  12. package/dist/build-request-body-preview-EOP2Y4F3.js +52 -0
  13. package/dist/build-request-body-preview-EOP2Y4F3.js.map +1 -0
  14. package/dist/build-request-body-preview-II2235E6.js +54 -0
  15. package/dist/build-request-body-preview-II2235E6.js.map +1 -0
  16. package/dist/{bun-DITMZMKL.js → bun-K73TQEWC.js} +2 -2
  17. package/dist/{chunk-GQSTRXXB.js → chunk-2BQYEBCK.js} +77 -68
  18. package/dist/chunk-2BQYEBCK.js.map +1 -0
  19. package/dist/chunk-7DHGV77J.js +140 -0
  20. package/dist/chunk-7DHGV77J.js.map +1 -0
  21. package/dist/{chunk-WQCPKA2L.js → chunk-C27AZN46.js} +570 -165
  22. package/dist/chunk-C27AZN46.js.map +1 -0
  23. package/dist/chunk-ERAZNHHR.js +73 -0
  24. package/dist/chunk-ERAZNHHR.js.map +1 -0
  25. package/dist/{chunk-ZK5JCE5J.js → chunk-EXJWO2HB.js} +201 -43
  26. package/dist/chunk-EXJWO2HB.js.map +1 -0
  27. package/dist/chunk-F3TG5FJV.js +97 -0
  28. package/dist/chunk-F3TG5FJV.js.map +1 -0
  29. package/dist/{chunk-OK2PJOLK.js → chunk-KJVEJILQ.js} +7 -3
  30. package/dist/chunk-KJVEJILQ.js.map +1 -0
  31. package/dist/{chunk-JBC7PFV4.js → chunk-M23FP2AS.js} +2 -2
  32. package/dist/chunk-M23FP2AS.js.map +1 -0
  33. package/dist/{chunk-FRBYJANT.js → chunk-M6MYZSD2.js} +195 -41
  34. package/dist/chunk-M6MYZSD2.js.map +1 -0
  35. package/dist/{chunk-S3JBIFKS.js → chunk-MG7H3LAW.js} +2 -2
  36. package/dist/chunk-MOT42NAH.js +165 -0
  37. package/dist/chunk-MOT42NAH.js.map +1 -0
  38. package/dist/{chunk-OEB3OIYP.js → chunk-OJHO2X7C.js} +497 -168
  39. package/dist/chunk-OJHO2X7C.js.map +1 -0
  40. package/dist/chunk-QLGES2HC.js +189 -0
  41. package/dist/chunk-QLGES2HC.js.map +1 -0
  42. package/dist/{chunk-JZ5WEG3S.js → chunk-SEVYARIU.js} +9 -5
  43. package/dist/chunk-SEVYARIU.js.map +1 -0
  44. package/dist/chunk-WSJKACWB.js +17 -0
  45. package/dist/chunk-WSJKACWB.js.map +1 -0
  46. package/dist/{chunk-3Q36SEDK.js → chunk-ZBWROIIO.js} +43 -2
  47. package/dist/{chunk-3Q36SEDK.js.map → chunk-ZBWROIIO.js.map} +1 -1
  48. package/dist/{chunk-Y5KE6YFP.js → chunk-ZJW5FFYJ.js} +3 -3
  49. package/dist/chunk-ZJW5FFYJ.js.map +1 -0
  50. package/dist/chunk-ZOXNJV2O.js +358 -0
  51. package/dist/chunk-ZOXNJV2O.js.map +1 -0
  52. package/dist/cli/index.js +22 -7
  53. package/dist/cli/index.js.map +1 -1
  54. package/dist/client/index.d.ts +31 -1
  55. package/dist/client/index.js +100 -0
  56. package/dist/client/index.js.map +1 -1
  57. package/dist/{cloudflare-RBANU3SE.js → cloudflare-LCAOTRYZ.js} +2 -2
  58. package/dist/{deno-deploy-J7LI6HNL.js → deno-deploy-ZN4RE5HF.js} +2 -2
  59. package/dist/{dev-VN6WS3CM.js → dev-WDXC74CK.js} +15 -7
  60. package/dist/dev-WDXC74CK.js.map +1 -0
  61. package/dist/dev-emit-3CHM73TV.js +390 -0
  62. package/dist/dev-emit-3CHM73TV.js.map +1 -0
  63. package/dist/dev-emit-I3CKOHML.js +44 -0
  64. package/dist/dev-emit-I3CKOHML.js.map +1 -0
  65. package/dist/devtools/entry.js +545 -181
  66. package/dist/devtools/entry.js.map +1 -1
  67. package/dist/{dispatcher-IK3FVMX5.js → dispatcher-AQJGI3HU.js} +2 -2
  68. package/dist/dispatcher-E6QV32BO.js +83 -0
  69. package/dist/dispatcher-E6QV32BO.js.map +1 -0
  70. package/dist/{dist-Q5VBFWVL.js → dist-R2Q7GVDW.js} +10357 -12068
  71. package/dist/dist-R2Q7GVDW.js.map +1 -0
  72. package/dist/{generate-SIO4JSKJ.js → generate-DT4IIAHF.js} +88 -22
  73. package/dist/generate-DT4IIAHF.js.map +1 -0
  74. package/dist/index.d.ts +108 -1
  75. package/dist/index.js +5 -2
  76. package/dist/index.js.map +1 -1
  77. package/dist/{info-B3UOXFUF.js → info-VM7EK4JC.js} +3 -3
  78. package/dist/{netlify-IFY6ZGFV.js → netlify-5VQ22Z2P.js} +2 -2
  79. package/dist/{node-KWZI3CKV.js → node-3APTLGWB.js} +2 -2
  80. package/dist/openapi-CBASKC7W.js +84 -0
  81. package/dist/openapi-CBASKC7W.js.map +1 -0
  82. package/dist/registry-5QFTLOL2.js +25 -0
  83. package/dist/{routes-CAGFZKUK.js → routes-7O4NUDYS.js} +9 -7
  84. package/dist/{routes-CAGFZKUK.js.map → routes-7O4NUDYS.js.map} +1 -1
  85. package/dist/{schema-Cxq2qqwh.d.ts → schema-CjVly9c_.d.ts} +43 -1
  86. package/dist/{schema-MVB2FVK6.js → schema-JAKF23GR.js} +2 -2
  87. package/dist/server/cost/index.js +1 -1
  88. package/dist/server/index.d.ts +219 -47
  89. package/dist/server/index.js +35 -116
  90. package/dist/server/index.js.map +1 -1
  91. package/dist/{start-ZGWW5MOL.js → start-5JTFWF4T.js} +20 -14
  92. package/dist/start-5JTFWF4T.js.map +1 -0
  93. package/dist/{static-BH6JQNM2.js → static-TZBVBDTB.js} +4 -4
  94. package/dist/{upgrade-readiness-OHL36FQL.js → upgrade-readiness-Q46KTG2J.js} +6 -1
  95. package/dist/upgrade-readiness-Q46KTG2J.js.map +1 -0
  96. package/dist/{vercel-RHADE5IP.js → vercel-MWW24ABC.js} +2 -2
  97. package/dist/vite-plugin/index.d.ts +25 -1
  98. package/dist/vite-plugin/index.js +5 -2
  99. package/dist/{vite-plugin-WA3G45YY.js → vite-plugin-4WZ3C2AC.js} +7 -6
  100. package/package.json +4 -2
  101. package/dist/build-IQQYCA3B.js.map +0 -1
  102. package/dist/chunk-FRBYJANT.js.map +0 -1
  103. package/dist/chunk-GQSTRXXB.js.map +0 -1
  104. package/dist/chunk-JBC7PFV4.js.map +0 -1
  105. package/dist/chunk-JZ5WEG3S.js.map +0 -1
  106. package/dist/chunk-OEB3OIYP.js.map +0 -1
  107. package/dist/chunk-OK2PJOLK.js.map +0 -1
  108. package/dist/chunk-WQCPKA2L.js.map +0 -1
  109. package/dist/chunk-Y5KE6YFP.js.map +0 -1
  110. package/dist/chunk-ZK5JCE5J.js.map +0 -1
  111. package/dist/dev-VN6WS3CM.js.map +0 -1
  112. package/dist/dist-Q5VBFWVL.js.map +0 -1
  113. package/dist/generate-SIO4JSKJ.js.map +0 -1
  114. package/dist/registry-BB3UYAOG.js +0 -25
  115. package/dist/start-ZGWW5MOL.js.map +0 -1
  116. package/dist/upgrade-readiness-OHL36FQL.js.map +0 -1
  117. /package/dist/{aws-lambda-PONVF3UX.js.map → aws-lambda-XYCGZH3I.js.map} +0 -0
  118. /package/dist/{bun-DITMZMKL.js.map → bun-K73TQEWC.js.map} +0 -0
  119. /package/dist/{chunk-S3JBIFKS.js.map → chunk-MG7H3LAW.js.map} +0 -0
  120. /package/dist/{cloudflare-RBANU3SE.js.map → cloudflare-LCAOTRYZ.js.map} +0 -0
  121. /package/dist/{deno-deploy-J7LI6HNL.js.map → deno-deploy-ZN4RE5HF.js.map} +0 -0
  122. /package/dist/{dispatcher-IK3FVMX5.js.map → dispatcher-AQJGI3HU.js.map} +0 -0
  123. /package/dist/{info-B3UOXFUF.js.map → info-VM7EK4JC.js.map} +0 -0
  124. /package/dist/{netlify-IFY6ZGFV.js.map → netlify-5VQ22Z2P.js.map} +0 -0
  125. /package/dist/{node-KWZI3CKV.js.map → node-3APTLGWB.js.map} +0 -0
  126. /package/dist/{registry-BB3UYAOG.js.map → registry-5QFTLOL2.js.map} +0 -0
  127. /package/dist/{schema-MVB2FVK6.js.map → schema-JAKF23GR.js.map} +0 -0
  128. /package/dist/{static-BH6JQNM2.js.map → static-TZBVBDTB.js.map} +0 -0
  129. /package/dist/{vercel-RHADE5IP.js.map → vercel-MWW24ABC.js.map} +0 -0
  130. /package/dist/{vite-plugin-WA3G45YY.js.map → vite-plugin-4WZ3C2AC.js.map} +0 -0
@@ -32,6 +32,48 @@ declare function createRateLimiter(config: RateLimitConfig, opts?: {
32
32
  store?: RateLimitStore;
33
33
  }): (req: IncomingMessage) => RateLimitResult;
34
34
 
35
+ /**
36
+ * T2.2 — In-memory bounded counter for CSRF warn events.
37
+ *
38
+ * Aggregates `csrf.warn` payloads by `(method, path, reason)` triple.
39
+ * Used by the `/__theo/csrf-readiness` endpoint to expose a summary the
40
+ * developer (or devtools tab) can inspect, so users do NOT need to grep
41
+ * stdout to know which endpoints will break under 0.3.0 strict CSRF.
42
+ *
43
+ * Bounded at 1000 distinct keys (EC-22). Eviction is LRU-by-insertion —
44
+ * when the cap is hit, the oldest key is dropped and a re-record of an
45
+ * evicted key starts fresh (count: 1).
46
+ *
47
+ * Single-threaded by virtue of the JS event loop; Map operations are
48
+ * atomic. NOT shared across processes — each worker has its own store.
49
+ */
50
+ interface CsrfWarnRecord {
51
+ method: string;
52
+ path: string;
53
+ reason: string;
54
+ }
55
+ interface CsrfReadinessRouteSummary {
56
+ method: string;
57
+ path: string;
58
+ reason: string;
59
+ count: number;
60
+ firstSeen: string;
61
+ lastSeen: string;
62
+ }
63
+ interface CsrfReadinessSummary {
64
+ generatedAt: string;
65
+ totalEvents: number;
66
+ routes: CsrfReadinessRouteSummary[];
67
+ }
68
+ declare class CsrfReadinessStore {
69
+ static readonly MAX_ENTRIES = 1000;
70
+ private readonly entries;
71
+ private keyFor;
72
+ record(event: CsrfWarnRecord): void;
73
+ summary(): CsrfReadinessSummary;
74
+ reset(): void;
75
+ }
76
+
35
77
  /**
36
78
  * Wave 2 — Polyglot Services Orchestration (T1.1).
37
79
  *
@@ -229,4 +271,4 @@ declare const servicesConfigSchema: z.ZodEffects<z.ZodEffects<z.ZodEffects<z.Zod
229
271
  type ServicesConfigInput = z.input<typeof servicesConfigSchema>;
230
272
  type ServicesConfigOutput = z.output<typeof servicesConfigSchema>;
231
273
 
232
- export { type RateLimitConfig as R, type ServicesConfig as S, type RateLimitResult as a, type ServiceDefinition as b, type ServicesConfigInput as c, type ServicesConfigOutput as d, createRateLimiter as e };
274
+ export { CsrfReadinessStore as C, type RateLimitConfig as R, type ServicesConfig as S, type RateLimitResult as a, type CsrfReadinessRouteSummary as b, type CsrfReadinessSummary as c, type CsrfWarnRecord as d, type ServiceDefinition as e, type ServicesConfigInput as f, type ServicesConfigOutput as g, createRateLimiter as h };
@@ -11,7 +11,7 @@ import {
11
11
  storageSchema,
12
12
  theoConfigSchema,
13
13
  uploadSchema
14
- } from "./chunk-3Q36SEDK.js";
14
+ } from "./chunk-ZBWROIIO.js";
15
15
  import "./chunk-WZ7CPVQB.js";
16
16
  import "./chunk-KT3MWNZG.js";
17
17
  export {
@@ -26,4 +26,4 @@ export {
26
26
  theoConfigSchema,
27
27
  uploadSchema
28
28
  };
29
- //# sourceMappingURL=schema-MVB2FVK6.js.map
29
+ //# sourceMappingURL=schema-JAKF23GR.js.map
@@ -2,7 +2,7 @@ import {
2
2
  InMemoryUsageStorage,
3
3
  trackAgentRun,
4
4
  trackAgentTools
5
- } from "../../chunk-JBC7PFV4.js";
5
+ } from "../../chunk-M23FP2AS.js";
6
6
  import "../../chunk-DGUM43GV.js";
7
7
  export {
8
8
  InMemoryUsageStorage,
@@ -8,8 +8,8 @@ import { ViteDevServer } from 'vite';
8
8
  export { AuthRequiredError, BackupCode, BackupCodeOptions, OidcMetadata, PkceChallenge, SessionConfig, SessionManager, SessionMeta, ThrottleOptions, ThrottleState, TotpAlgorithm, TotpOptions, TotpUriOptions, VerifyTotpOptions, _resetKeyCacheForTests, assertProductionSecret, checkThrottle, clearOidcCache, createSessionManager, decrypt, discoverOidcProvider, encrypt, generateBackupCodes, generateNonce, generateOAuthState, generatePkceChallenge, generateTotp, generateTotpSecret, pkceChallengeFromVerifier, recordAttempt, requireAuth, rotateIfNeeded, totpUri, verifyBackupCode, verifyOAuthState, verifyTotp } from './auth/index.js';
9
9
  export { InMemoryUsageStorage, ToolHookEvent, ToolUsageRecord, TrackAgentRunInput, TrackAgentRunOptions, TrackAgentToolsHooks, TrackAgentToolsOptions, UsageQuery, UsageRecord, UsageResult, UsageStorageAdapter, trackAgentRun, trackAgentTools } from './cost/index.js';
10
10
  export { CRON_MANIFEST_SCHEMA_VERSION, CronConcurrencyPolicy, CronContext, CronDefinition, CronManifest, CronManifestEntry, CronNode, CronOptions, CronScheduler, DuplicateCronNameError, ExistingConfigUnparseableError, buildCronManifest, convertToAwsCron, createCronScheduler, defineCron, scanCrons, translateCronToAws, translateCronToCloudflare, translateCronToDeno, translateCronToVercel, validateCronSchedule, writeCronManifest } from './cron/index.js';
11
- import { R as RateLimitConfig, a as RateLimitResult } from '../schema-Cxq2qqwh.js';
12
- export { b as ServiceDefinition, S as ServicesConfig, c as ServicesConfigInput, d as ServicesConfigOutput, e as createRateLimiter } from '../schema-Cxq2qqwh.js';
11
+ import { R as RateLimitConfig, a as RateLimitResult, C as CsrfReadinessStore } from '../schema-CjVly9c_.js';
12
+ export { b as CsrfReadinessRouteSummary, c as CsrfReadinessSummary, d as CsrfWarnRecord, e as ServiceDefinition, S as ServicesConfig, f as ServicesConfigInput, g as ServicesConfigOutput, h as createRateLimiter } from '../schema-CjVly9c_.js';
13
13
  import { R as RateLimitStore } from '../rate-limit-store-BEJnhWdw.js';
14
14
  export { I as InMemoryStore, a as RateLimitState } from '../rate-limit-store-BEJnhWdw.js';
15
15
  export { G as GenericFactory, P as PoolLike, a as PostgresDatabaseConfig, R as RedisLike, b as RedisServerConfig, S as ServerConfig, c as StorageAdapter, d as StorageConfig, T as TlsConfig } from '../storage-types-DtIVejC1.js';
@@ -58,8 +58,28 @@ interface RouteConfig<TQuery extends z.ZodType = z.ZodUndefined, TBody extends z
58
58
  */
59
59
  declare function defineRoute<TQuery extends z.ZodType = z.ZodUndefined, TBody extends z.ZodType = z.ZodUndefined, TParams extends z.ZodType = z.ZodUndefined, TCtx = unknown, TResponse = unknown>(config: RouteConfig<TQuery, TBody, TParams, TCtx, TResponse>): RouteConfig<TQuery, TBody, TParams, TCtx, TResponse>;
60
60
 
61
+ /**
62
+ * Action wire-protocol accept mode per plan g3-server-actions-and-useaction
63
+ * v1.2 ADR D1. Default behavior (when omitted) is `'json'`. `'form'` opts the
64
+ * action into FormData multipart parsing for progressive-enhancement forms;
65
+ * the runtime in `server/http/action-execute.ts` will coerce FormData entries
66
+ * against the `input` schema via `formDataToObject` (Astro pattern).
67
+ */
68
+ type ActionAccept = 'form' | 'json';
61
69
  interface ActionConfig<TInput extends z.ZodType, TCtx = unknown> {
70
+ /**
71
+ * Zod input schema. Required: every action declares its input contract via
72
+ * Zod (architecture rule: zod-is-SSOT). The shape becomes the handler's
73
+ * typed `input` parameter via `z.infer<TInput>`.
74
+ */
62
75
  input: TInput;
76
+ /**
77
+ * Wire-protocol accept mode. Defaults to `'json'` when omitted. Setting
78
+ * `'form'` switches the runtime to FormData multipart parsing — the input
79
+ * schema MUST be `z.object(...)` so field-by-field coercion can drive
80
+ * boolean string / number / array coercion (Astro pattern).
81
+ */
82
+ accept?: ActionAccept;
63
83
  handler: (ctx: {
64
84
  input: z.infer<TInput>;
65
85
  ctx: TCtx;
@@ -67,7 +87,15 @@ interface ActionConfig<TInput extends z.ZodType, TCtx = unknown> {
67
87
  }
68
88
  /**
69
89
  * Define a typed server action.
70
- * Identity function — provides type inference for action handlers.
90
+ *
91
+ * Identity function — provides type inference for action handlers. The
92
+ * runtime that consumes the config (validation + invocation + serialization)
93
+ * lives in `server/http/action-execute.ts`.
94
+ *
95
+ * Per plan g3-server-actions-and-useaction v1.2 § Phase 1 / T1.2: the new
96
+ * `accept?: 'form' | 'json'` field is the only contract change vs the
97
+ * pre-G3 identity. Existing callsites (`defineAction({input, handler})`)
98
+ * continue to compile — `accept` is opt-in.
71
99
  */
72
100
  declare function defineAction<TInput extends z.ZodType, TCtx = unknown>(config: ActionConfig<TInput, TCtx>): ActionConfig<TInput, TCtx>;
73
101
 
@@ -328,6 +356,10 @@ interface ServerRouteNode {
328
356
  routePath: string;
329
357
  paramNames: string[];
330
358
  pattern: RegExp;
359
+ /** HTTP methods (uppercase) the route file exports. Optional for backward
360
+ * compatibility with manifests generated before G1. Empty array means the
361
+ * file has no HTTP exports (util-only); undefined means "not detected". */
362
+ methods?: string[];
331
363
  }
332
364
  declare function compilePattern(routePath: string): {
333
365
  pattern: RegExp;
@@ -838,7 +870,43 @@ interface ActionNode {
838
870
  filePath: string;
839
871
  actionPath: string;
840
872
  }
873
+ /**
874
+ * Enriched manifest entry per plan g3-server-actions-and-useaction v1.2
875
+ * § Phase 1 / T1.4 + ADR D4. Consumed by virtual module `@theo/actions`
876
+ * (T3.1) and G4 devtools "Actions" tab (T5.1).
877
+ */
878
+ interface ActionManifestEntry$1 {
879
+ name: string;
880
+ filePath: string;
881
+ urlPath: string;
882
+ accept: 'form' | 'json';
883
+ hasInput: boolean;
884
+ }
885
+ /**
886
+ * EC-2: structured error for scan-time defects (name collision, reserved
887
+ * identifier, etc.). Throw at scan time to fail loud — silent shadowing is
888
+ * a security/correctness footgun.
889
+ */
890
+ declare class ActionScanError extends Error {
891
+ readonly code: 'NAME_COLLISION' | 'RESERVED_NAME';
892
+ readonly conflictingPaths: readonly string[];
893
+ constructor(code: 'NAME_COLLISION' | 'RESERVED_NAME', message: string, conflictingPaths: readonly string[]);
894
+ }
895
+ /**
896
+ * Backward-compatible: original simple-shape scanner used by existing
897
+ * consumers. Preserved verbatim; new consumers should call
898
+ * `scanServerActionsEnriched`.
899
+ */
841
900
  declare function scanServerActions(serverDir: string): ActionNode[];
901
+ /**
902
+ * Enriched scan: light AST detection of `accept: 'form'|'json'` + `input:`
903
+ * presence via regex-after-comment-stripping (EC-9). Throws ActionScanError
904
+ * on file/dir name collision (EC-2) or reserved JS identifier names.
905
+ *
906
+ * Output `ActionManifestEntry[]` is sorted by `name` for deterministic
907
+ * `.theo/actions-manifest.json` emission.
908
+ */
909
+ declare function scanServerActionsEnriched(serverDir: string): ActionManifestEntry$1[];
842
910
 
843
911
  interface WebSocketRouteNode {
844
912
  filePath: string;
@@ -859,6 +927,9 @@ interface ManifestRoute {
859
927
  filePath: string;
860
928
  routePath: string;
861
929
  paramNames: string[];
930
+ /** HTTP methods (uppercase) the route file exports. Optional — manifests
931
+ * generated before G1 omit this; loaders treat absence as "unknown". */
932
+ methods?: string[];
862
933
  }
863
934
  interface ManifestAction {
864
935
  filePath: string;
@@ -884,6 +955,148 @@ declare function generateManifest(serverDir: string): TheoManifest;
884
955
  declare function writeManifest(manifest: TheoManifest, outputDir: string): void;
885
956
  declare function loadManifest(distDir: string, serverDir: string): LoadedManifest;
886
957
 
958
+ /**
959
+ * Action protocol — cross-boundary contract for `defineAction` + `useAction`.
960
+ *
961
+ * Per plan g3-server-actions-and-useaction v1.2 § Phase 0 / T0.1, ADRs D1 (encoding)
962
+ * + D6 (full dot-notation path) + D7 (PII mask) — types and runtime referenced
963
+ * by server (`server/http/action-execute.ts`, `server/define/define-action.ts`)
964
+ * and client (`@usetheo/react/useAction`, `vite-plugin/actions-virtual-module`).
965
+ *
966
+ * Lives in `core/contracts/` per architecture.md v3.1 exception — cross-module
967
+ * deep imports ALLOWED for this file. Core depends on NOTHING intra-monorepo;
968
+ * `extractUniversalIssues` is implemented INLINE (NOT imported from `@usetheo/sdk`)
969
+ * to honor dep-cruiser `core-depends-on-nothing` invariant (EC-1 absorbed).
970
+ *
971
+ * Field-key convention (D6 + EC-13): dot-notation full path. Nested objects use
972
+ * `'user.address.zip'`; array indices use `'items.0.name'` (NOT bracket
973
+ * `'items[0].name'`). Root-level errors (path = []) use empty string `''`
974
+ * (EC-7). Consumers needing bracket notation can write a small `dotToBracket`
975
+ * helper in userland.
976
+ */
977
+ /**
978
+ * HTTP-status mapping per IANA HTTP Status Code Registry (subset relevant to
979
+ * action surface). VALIDATION_ERROR → 422 is preferred over Astro's BAD_REQUEST/400
980
+ * (more semantic for input-shape mismatch). PAYLOAD_TOO_LARGE → 413 covers EC-3
981
+ * (response-side size limit; request-side reuses standard 413).
982
+ */
983
+ type ActionErrorCode = 'VALIDATION_ERROR' | 'BAD_REQUEST' | 'UNAUTHORIZED' | 'FORBIDDEN' | 'NOT_FOUND' | 'METHOD_NOT_ALLOWED' | 'CONFLICT' | 'CONTENT_TOO_LARGE' | 'PAYLOAD_TOO_LARGE' | 'UNSUPPORTED_MEDIA_TYPE' | 'TOO_MANY_REQUESTS' | 'INTERNAL_SERVER_ERROR';
984
+ /**
985
+ * Universal zod issue shape covering BOTH v3 (`z.ZodIssue`) and v4 (`$ZodIssue`).
986
+ * Duck-typed minimum surface: `{path, message}`. Implemented per EC-1 absorbed —
987
+ * consumers chain may ship either zod major; constructor accepts `unknown` and
988
+ * normalizes via `extractUniversalIssues`.
989
+ */
990
+ interface UniversalZodIssue {
991
+ readonly path: readonly (string | number)[];
992
+ readonly message: string;
993
+ readonly code?: string;
994
+ }
995
+ /**
996
+ * `ActionError` — general server-side action failure. Discriminator `type` is
997
+ * literal `'TheoActionError'`; used by `ActionError.fromJson` to distinguish
998
+ * from `ActionInputError`.
999
+ */
1000
+ declare class ActionError extends Error {
1001
+ readonly type: 'TheoActionError' | 'TheoActionInputError';
1002
+ readonly code: ActionErrorCode;
1003
+ readonly status: number;
1004
+ constructor(params: {
1005
+ code: ActionErrorCode;
1006
+ message?: string;
1007
+ stack?: string;
1008
+ });
1009
+ static codeToStatus(code: ActionErrorCode): number;
1010
+ static statusToCode(status: number): ActionErrorCode;
1011
+ /**
1012
+ * Parse a serialized error JSON back into the typed class hierarchy.
1013
+ * Distinguishes `TheoActionInputError` (with `issues` array) from
1014
+ * `TheoActionError` via the `type` discriminator. Falls back to
1015
+ * `INTERNAL_SERVER_ERROR` for malformed bodies (non-object, missing
1016
+ * `type`, unknown `code`).
1017
+ */
1018
+ static fromJson(body: unknown): ActionError;
1019
+ }
1020
+ /**
1021
+ * `ActionInputError` — validation failure with field-level mapping.
1022
+ *
1023
+ * `fields` is auto-derived from `issues`: for each issue, key = full
1024
+ * dot-notation path (`'user.address.zip'`; root-level `path:[]` → `''`;
1025
+ * array indices as numeric segments → `'items.0.name'`). Multiple messages
1026
+ * for the same key accumulate; duplicate (path, message) tuples are deduped.
1027
+ */
1028
+ declare class ActionInputError extends ActionError {
1029
+ readonly type: "TheoActionInputError";
1030
+ readonly issues: readonly UniversalZodIssue[];
1031
+ readonly fields: Record<string, string[]>;
1032
+ constructor(rawIssues: unknown);
1033
+ }
1034
+ /**
1035
+ * Normalize zod v3 (`z.ZodIssue`) and v4 (`$ZodIssue`) raw issues to
1036
+ * `UniversalZodIssue[]` (EC-1 absorbed). Duck-typed on `{path, message}` —
1037
+ * does NOT import zod types (`core/contracts/` depends on no intra-monorepo
1038
+ * + zod is consumer-controlled across the boundary).
1039
+ *
1040
+ * Silently skips entries missing required fields or shape mismatches; returns
1041
+ * empty array on non-array input.
1042
+ */
1043
+ declare function extractUniversalIssues(raw: unknown): UniversalZodIssue[];
1044
+ /**
1045
+ * Type guard for `ActionError` (and its subclass `ActionInputError`). True
1046
+ * iff the value is an instance of `ActionError`. Use `isInputError` to
1047
+ * narrow specifically to validation failures.
1048
+ */
1049
+ declare function isActionError(value: unknown): value is ActionError;
1050
+ /**
1051
+ * Type guard narrowing to `ActionInputError`. Requires `instanceof` check
1052
+ * (not duck-typing on `type`) to prevent attacker-controlled JSON from
1053
+ * being mistaken for a real error instance.
1054
+ */
1055
+ declare function isInputError(value: unknown): value is ActionInputError;
1056
+ /**
1057
+ * `ActionResult<TData, TError>` — discriminated union returned by client-side
1058
+ * action invocation. Either `{data, error: undefined}` (success) or
1059
+ * `{data: undefined, error}` (failure). Mirrors Astro `SafeResult` shape.
1060
+ */
1061
+ type ActionResult<TData = unknown, TError extends ActionError = ActionError> = {
1062
+ data: TData;
1063
+ error: undefined;
1064
+ } | {
1065
+ data: undefined;
1066
+ error: TError;
1067
+ };
1068
+ /**
1069
+ * `SerializedActionResult` — wire-shape emitted by `serializeActionResult`
1070
+ * in `server/http/serialize-action-result.ts` (T1.3). Discriminator `type`
1071
+ * distinguishes data (devalue-encoded), error (JSON), and empty (204) cases.
1072
+ */
1073
+ type SerializedActionResult = {
1074
+ type: 'data';
1075
+ status: number;
1076
+ contentType: 'application/json+devalue';
1077
+ body: string;
1078
+ } | {
1079
+ type: 'error';
1080
+ status: number;
1081
+ contentType: 'application/json';
1082
+ body: string;
1083
+ } | {
1084
+ type: 'empty';
1085
+ status: 204;
1086
+ };
1087
+ /**
1088
+ * `ActionManifestEntry` — per-action metadata emitted by `action-scan.ts`
1089
+ * (T1.4) into `.theo/actions-manifest.json`. Consumed by virtual module
1090
+ * `@theo/actions` (T3.1) and G4 devtools "Actions" tab (T5.1).
1091
+ */
1092
+ interface ActionManifestEntry {
1093
+ readonly name: string;
1094
+ readonly filePath: string;
1095
+ readonly urlPath: string;
1096
+ readonly accept: 'form' | 'json';
1097
+ readonly hasInput: boolean;
1098
+ }
1099
+
887
1100
  /**
888
1101
  * Item #4 — `streamAgentRun`
889
1102
  *
@@ -1128,6 +1341,7 @@ declare function createConversationHistory(args: ConversationHistoryArgs): Promi
1128
1341
  * Public API surface is unchanged — `logger.ts` re-exports `logRequest`
1129
1342
  * + `RequestLog` + `LoggerFn` for backward compat.
1130
1343
  */
1344
+
1131
1345
  interface RequestLog {
1132
1346
  level: string;
1133
1347
  method: string;
@@ -1138,7 +1352,7 @@ interface RequestLog {
1138
1352
  timestamp: string;
1139
1353
  }
1140
1354
  type LoggerFn = (log: RequestLog) => void;
1141
- declare function logRequest(info: Omit<RequestLog, 'level' | 'timestamp'>, customLogger?: LoggerFn): void;
1355
+ declare function logRequest(info: Omit<RequestLog, 'level' | 'timestamp'>, customLogger?: LoggerFn, req?: IncomingMessage): void;
1142
1356
 
1143
1357
  type LogLevel = 'debug' | 'info' | 'warn' | 'error' | 'silent';
1144
1358
  interface StructuredLog {
@@ -1413,48 +1627,6 @@ declare function normalizeLegacy(raw: Record<string, unknown>): CspViolation;
1413
1627
  declare function normalizeNew(entry: unknown): CspViolation | null;
1414
1628
  declare function handleCspReport(req: IncomingMessage, res: ServerResponse, opts: CspReportHandlerOptions): Promise<void>;
1415
1629
 
1416
- /**
1417
- * T2.2 — In-memory bounded counter for CSRF warn events.
1418
- *
1419
- * Aggregates `csrf.warn` payloads by `(method, path, reason)` triple.
1420
- * Used by the `/__theo/csrf-readiness` endpoint to expose a summary the
1421
- * developer (or devtools tab) can inspect, so users do NOT need to grep
1422
- * stdout to know which endpoints will break under 0.3.0 strict CSRF.
1423
- *
1424
- * Bounded at 1000 distinct keys (EC-22). Eviction is LRU-by-insertion —
1425
- * when the cap is hit, the oldest key is dropped and a re-record of an
1426
- * evicted key starts fresh (count: 1).
1427
- *
1428
- * Single-threaded by virtue of the JS event loop; Map operations are
1429
- * atomic. NOT shared across processes — each worker has its own store.
1430
- */
1431
- interface CsrfWarnRecord {
1432
- method: string;
1433
- path: string;
1434
- reason: string;
1435
- }
1436
- interface CsrfReadinessRouteSummary {
1437
- method: string;
1438
- path: string;
1439
- reason: string;
1440
- count: number;
1441
- firstSeen: string;
1442
- lastSeen: string;
1443
- }
1444
- interface CsrfReadinessSummary {
1445
- generatedAt: string;
1446
- totalEvents: number;
1447
- routes: CsrfReadinessRouteSummary[];
1448
- }
1449
- declare class CsrfReadinessStore {
1450
- static readonly MAX_ENTRIES = 1000;
1451
- private readonly entries;
1452
- private keyFor;
1453
- record(event: CsrfWarnRecord): void;
1454
- summary(): CsrfReadinessSummary;
1455
- reset(): void;
1456
- }
1457
-
1458
1630
  /**
1459
1631
  * T2.2 — `/__theo/csrf-readiness` endpoint.
1460
1632
  *
@@ -2154,4 +2326,4 @@ interface LoadEnvResult {
2154
2326
  declare function _resetEnvCache(): void;
2155
2327
  declare function loadEnv(options?: LoadEnvOptions): LoadEnvResult;
2156
2328
 
2157
- export { type ActionConfig, type ActionNode, type AgentEndpointConfig, type AgentEndpointHandlerArgs, AgentErrorEvent, AgentEvent, type AgentRunLike, type AgentRunResult, type AgentRunStreamMessage, type AuditEvent, type AuditLogger, BATCH_PATH, type BatchExecuteFn, BatchPathConflictError, type BatchPayload, type BatchRequestItem, type BatchResponse, type BatchResultItem, type BodyParserOptions, BodyTooLargeError, DEFAULT_MAX_AGE as CACHE_DEFAULT_MAX_AGE, DEFAULT_MAX_ENTRY_SIZE as CACHE_DEFAULT_MAX_ENTRY_SIZE, DEFAULT_SWR_MULTIPLIER as CACHE_DEFAULT_SWR_MULTIPLIER, CACHE_TAG_MAX_ITEMS, CACHE_TAG_MAX_LENGTH, CSP_REPORT_PATH, CSRF_READINESS_PATH, CSRF_READINESS_RESET_PATH, CSRF_WARN_CODE, CSRF_WARN_DOCS_URL, type CacheControlInput, type CacheEngine, type CacheEngineOptions, type CacheEntry, type CacheStatus, type CacheStorageAdapter, type CacheStore, type CacheStoreAdmin, type ValidationResult as CacheValidationResult, type CachedFunction, type CachedRouteConfig, type ChannelHandler, ChannelManager, type CompiledRouteRule, type ConversationHistoryArgs, type ConversationHistoryResult, type ConversationStorageLike, type CookieOptions, type CorsConfig, type CorsHandler, type CorsOrigin, type CspMode, type CspReportHandlerOptions, type CspViolation, type CsrfLogger, type CsrfMode, type CsrfReadinessRouteSummary, CsrfReadinessStore, type CsrfReadinessSummary, type CsrfWarnPayload, type CsrfWarnRecord, type CustomErrorPages, type CustomTool, DEFAULT_CSP, DEFAULT_EXCLUDED_QUERY_PARAMS, DEFAULT_MAX_BODY_BYTES, DEFAULT_PERMISSIONS_POLICY, type Db0Database, type DefineAgentToolSpec, type DefineCachedFunctionOptions, type DefineWebhookOptions, type DisallowedConfig, DuplicateDecorationError, DuplicatePluginError, type ExecuteActionOptions, type ExecuteRouteContext, FileTooLargeError, type GetOrComputeOptions, type HandleBatchOptions, type HookName, type HookResult, InMemoryCacheAdapter, type InMemoryCacheAdapterOptions, InvalidPluginShapeError, JobBackend, JsonStdoutSink, type KeyByMode, type KeyDerivationOptions, type LoadEnvOptions, type LoadEnvResult, type LoadModule, type LoadedManifest, type LogLevel, type LoggerFn, MAX_ERROR_HTML_BYTES, type ManifestAction, type ManifestRoute, type ManifestWebSocket, type MiddlewareHandler, type MiddlewareResult, type NormalizedCacheConfig, type OnErrorHook, type OnRequestHook, type OnResponseHook, type ParsedBody, type PluginContext, type PluginErrorContext, PluginRunner, type PreHandlerHook, RateLimitConfig, RateLimitResult, RateLimitStore, type RawBodyResult, type ReadRawBodyOptions, type RequestLog, type RevalidateResult, type RouteCacheOptions, type RouteConfig, type RouteRateLimitConfig, type RouteRule, type RouteRules, type RunHookOptions, STRIPPED_HEADERS, type SdkAgent, type SdkAgentOptions, type SdkRunLike, type SecurityEnv, type SecurityHeadersConfig, type SecurityHeadersOptions, type SendErrorInput, type SendErrorOptions, type SerializedResponse, type ServerRouteNode, type StructuredLog, THEO_T_PREFIX, TRACE_HEADER, TRACE_PARENT_HEADER, type TheoApp, type TheoLogger, type TheoManifest, type TheoPlugin, type TheoTransformer, type UnstorageInstance, type UploadedFile, type VerifyFn, type VerifyResult, type WebSocketHandler, type WebSocketLike, type WebSocketRouteNode, type WebhookContext, type WebhookDefinition, __resetSdkForTests, __setSdkForTests, _resetCacheEngine, _resetEnvCache, _resetMiddlewareCacheForTests, _resetWarnOnceForTests, applySecurityHeaders, buildSecurityHeaders, compilePattern, compileRouteRules, createCacheEngine, createConversationHistory, createCorsHandler, createLogger, createNoOpLogger, createPluginRunnerFromConfig, createProductionLoader, createRouteRateLimiter, createViteLoader, defineAction, defineAgentEndpoint, defineAgentTool, defineCachedFunction, defineCachedRoute, defineChannel, defineMiddleware, definePlugin, defineRoute, defineTheoPlugin, defineWebSocket, defineWebhook, deleteCookie, deriveKey as deriveCacheKey, deriveKey$1 as deriveKey, deserializeResponse, dispatchWebhook, enforceCsrf, errorToEvent, executeAction, executeRoute, extractTraceId, findSuggestion, generateManifest, getCacheControlHeader, getCacheEngine, getCookie, handleBatchRequest, handleCspReport, handleCsrfReadiness, initCacheEngine, jsonTransformer, levenshtein, loadCustomErrorPages, loadEnv, loadManifest, logRequest, matchDisallowed, matchRoute, matchRoutePattern, matchesOrigin, normalizeLegacy, normalizeNew, parseCookieHeader, parseRequestBody, parseTraceparent, readRawBody, resolveRouteRule, resolveTransformer, revalidatePath, revalidateTag, runMiddlewareAndContext, safeAudit, scanMiddlewares, scanServerActions, scanServerRoutes, scanWebSocketRoutes, sendError, sendJson, serializeResponse, serveStaticFile, setCookie, streamAgentRun, superjsonTransformer, timingSafeEqual, updateTag, useDatabase, useUnstorage, validateExpire as validateCacheExpire, validateMaxAge as validateCacheMaxAge, validateTags as validateCacheTags, validateCsrf, warnOnce, writeManifest };
2329
+ export { type ActionAccept, type ActionConfig, ActionError, type ActionErrorCode, ActionInputError, type ActionManifestEntry, type ActionNode, type ActionResult, ActionScanError, type AgentEndpointConfig, type AgentEndpointHandlerArgs, AgentErrorEvent, AgentEvent, type AgentRunLike, type AgentRunResult, type AgentRunStreamMessage, type AuditEvent, type AuditLogger, BATCH_PATH, type BatchExecuteFn, BatchPathConflictError, type BatchPayload, type BatchRequestItem, type BatchResponse, type BatchResultItem, type BodyParserOptions, BodyTooLargeError, DEFAULT_MAX_AGE as CACHE_DEFAULT_MAX_AGE, DEFAULT_MAX_ENTRY_SIZE as CACHE_DEFAULT_MAX_ENTRY_SIZE, DEFAULT_SWR_MULTIPLIER as CACHE_DEFAULT_SWR_MULTIPLIER, CACHE_TAG_MAX_ITEMS, CACHE_TAG_MAX_LENGTH, CSP_REPORT_PATH, CSRF_READINESS_PATH, CSRF_READINESS_RESET_PATH, CSRF_WARN_CODE, CSRF_WARN_DOCS_URL, type CacheControlInput, type CacheEngine, type CacheEngineOptions, type CacheEntry, type CacheStatus, type CacheStorageAdapter, type CacheStore, type CacheStoreAdmin, type ValidationResult as CacheValidationResult, type CachedFunction, type CachedRouteConfig, type ChannelHandler, ChannelManager, type CompiledRouteRule, type ConversationHistoryArgs, type ConversationHistoryResult, type ConversationStorageLike, type CookieOptions, type CorsConfig, type CorsHandler, type CorsOrigin, type CspMode, type CspReportHandlerOptions, type CspViolation, type CsrfLogger, type CsrfMode, CsrfReadinessStore, type CsrfWarnPayload, type CustomErrorPages, type CustomTool, DEFAULT_CSP, DEFAULT_EXCLUDED_QUERY_PARAMS, DEFAULT_MAX_BODY_BYTES, DEFAULT_PERMISSIONS_POLICY, type Db0Database, type DefineAgentToolSpec, type DefineCachedFunctionOptions, type DefineWebhookOptions, type DisallowedConfig, DuplicateDecorationError, DuplicatePluginError, type ExecuteActionOptions, type ExecuteRouteContext, FileTooLargeError, type GetOrComputeOptions, type HandleBatchOptions, type HookName, type HookResult, InMemoryCacheAdapter, type InMemoryCacheAdapterOptions, InvalidPluginShapeError, JobBackend, JsonStdoutSink, type KeyByMode, type KeyDerivationOptions, type LoadEnvOptions, type LoadEnvResult, type LoadModule, type LoadedManifest, type LogLevel, type LoggerFn, MAX_ERROR_HTML_BYTES, type ManifestAction, type ManifestRoute, type ManifestWebSocket, type MiddlewareHandler, type MiddlewareResult, type NormalizedCacheConfig, type OnErrorHook, type OnRequestHook, type OnResponseHook, type ParsedBody, type PluginContext, type PluginErrorContext, PluginRunner, type PreHandlerHook, RateLimitConfig, RateLimitResult, RateLimitStore, type RawBodyResult, type ReadRawBodyOptions, type RequestLog, type RevalidateResult, type RouteCacheOptions, type RouteConfig, type RouteRateLimitConfig, type RouteRule, type RouteRules, type RunHookOptions, STRIPPED_HEADERS, type SdkAgent, type SdkAgentOptions, type SdkRunLike, type SecurityEnv, type SecurityHeadersConfig, type SecurityHeadersOptions, type SendErrorInput, type SendErrorOptions, type SerializedActionResult, type SerializedResponse, type ServerRouteNode, type StructuredLog, THEO_T_PREFIX, TRACE_HEADER, TRACE_PARENT_HEADER, type TheoApp, type TheoLogger, type TheoManifest, type TheoPlugin, type TheoTransformer, type UniversalZodIssue, type UnstorageInstance, type UploadedFile, type VerifyFn, type VerifyResult, type WebSocketHandler, type WebSocketLike, type WebSocketRouteNode, type WebhookContext, type WebhookDefinition, __resetSdkForTests, __setSdkForTests, _resetCacheEngine, _resetEnvCache, _resetMiddlewareCacheForTests, _resetWarnOnceForTests, applySecurityHeaders, buildSecurityHeaders, compilePattern, compileRouteRules, createCacheEngine, createConversationHistory, createCorsHandler, createLogger, createNoOpLogger, createPluginRunnerFromConfig, createProductionLoader, createRouteRateLimiter, createViteLoader, defineAction, defineAgentEndpoint, defineAgentTool, defineCachedFunction, defineCachedRoute, defineChannel, defineMiddleware, definePlugin, defineRoute, defineTheoPlugin, defineWebSocket, defineWebhook, deleteCookie, deriveKey as deriveCacheKey, deriveKey$1 as deriveKey, deserializeResponse, dispatchWebhook, enforceCsrf, errorToEvent, executeAction, executeRoute, extractTraceId, extractUniversalIssues, findSuggestion, generateManifest, getCacheControlHeader, getCacheEngine, getCookie, handleBatchRequest, handleCspReport, handleCsrfReadiness, initCacheEngine, isActionError, isInputError, jsonTransformer, levenshtein, loadCustomErrorPages, loadEnv, loadManifest, logRequest, matchDisallowed, matchRoute, matchRoutePattern, matchesOrigin, normalizeLegacy, normalizeNew, parseCookieHeader, parseRequestBody, parseTraceparent, readRawBody, resolveRouteRule, resolveTransformer, revalidatePath, revalidateTag, runMiddlewareAndContext, safeAudit, scanMiddlewares, scanServerActions, scanServerActionsEnriched, scanServerRoutes, scanWebSocketRoutes, sendError, sendJson, serializeResponse, serveStaticFile, setCookie, streamAgentRun, superjsonTransformer, timingSafeEqual, updateTag, useDatabase, useUnstorage, validateExpire as validateCacheExpire, validateMaxAge as validateCacheMaxAge, validateTags as validateCacheTags, validateCsrf, warnOnce, writeManifest };