theokit 0.4.0-beta.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{actions-virtual-module-HWNTIEPI.js → actions-virtual-module-IY46EEEX.js} +2 -2
- package/dist/{actions-virtual-module-SEIPACG5.js → actions-virtual-module-XNHDNCZ6.js} +2 -2
- package/dist/add-2ZFFGGE4.js +0 -0
- package/dist/{app-typed-client-ITIYTBXO.js → app-typed-client-OUJO3V5J.js} +10 -5
- package/dist/{app-typed-client-62FYBLVJ.js.map → app-typed-client-OUJO3V5J.js.map} +1 -1
- package/dist/{app-typed-client-62FYBLVJ.js → app-typed-client-YOMWSA3F.js} +11 -6
- package/dist/{app-typed-client-ITIYTBXO.js.map → app-typed-client-YOMWSA3F.js.map} +1 -1
- package/dist/audit-log-BQWM5YLG.d.ts +60 -0
- package/dist/{aws-lambda-XYCGZH3I.js → aws-lambda-GKSTX6HD.js} +3 -3
- package/dist/body-parser-web-MUWBKZ3F.js +70 -0
- package/dist/body-parser-web-MUWBKZ3F.js.map +1 -0
- package/dist/broadcast-QOQGUNNK.js +0 -0
- package/dist/{build-HIGHJQQV.js → build-D4J7XECU.js} +31 -22
- package/dist/build-D4J7XECU.js.map +1 -0
- package/dist/build-request-body-preview-II2235E6.js +0 -0
- package/dist/{bun-K73TQEWC.js → bun-ISHSNFIO.js} +3 -3
- package/dist/{check-PZR67OY5.js → check-NXYPLM6M.js} +2 -2
- package/dist/{chunk-WZ7CPVQB.js → chunk-27LWMYNK.js} +28 -24
- package/dist/chunk-27LWMYNK.js.map +1 -0
- package/dist/{chunk-BIGBFZSU.js → chunk-2F4FROEQ.js} +1689 -1521
- package/dist/chunk-2F4FROEQ.js.map +1 -0
- package/dist/chunk-4HBI7DHP.js +20 -0
- package/dist/chunk-4HBI7DHP.js.map +1 -0
- package/dist/{chunk-X4JAX2U3.js → chunk-4S2UCILN.js} +180 -125
- package/dist/chunk-4S2UCILN.js.map +1 -0
- package/dist/{chunk-C52GSJPF.js → chunk-4S6YHNG2.js} +11 -8
- package/dist/chunk-4S6YHNG2.js.map +1 -0
- package/dist/chunk-5ODOE6EF.js +0 -0
- package/dist/{chunk-KJVEJILQ.js → chunk-5PU65T5W.js} +9 -3
- package/dist/chunk-5PU65T5W.js.map +1 -0
- package/dist/chunk-5QW7IQQU.js +36 -0
- package/dist/chunk-5QW7IQQU.js.map +1 -0
- package/dist/chunk-5Z2727GV.js +1324 -0
- package/dist/chunk-5Z2727GV.js.map +1 -0
- package/dist/{chunk-YLBSSEHX.js → chunk-6NEXVBPY.js} +5 -15
- package/dist/chunk-6NEXVBPY.js.map +1 -0
- package/dist/chunk-7MQOHNHE.js +36 -0
- package/dist/chunk-7MQOHNHE.js.map +1 -0
- package/dist/{chunk-TPCT3MXV.js → chunk-ABVITXFH.js} +405 -272
- package/dist/chunk-ABVITXFH.js.map +1 -0
- package/dist/chunk-ASDXVRJD.js +185 -0
- package/dist/chunk-ASDXVRJD.js.map +1 -0
- package/dist/chunk-B3L3TJVF.js +406 -0
- package/dist/chunk-B3L3TJVF.js.map +1 -0
- package/dist/{chunk-PB4GR7EP.js → chunk-C3ZZ56YZ.js} +1 -18
- package/dist/chunk-C3ZZ56YZ.js.map +1 -0
- package/dist/{chunk-O7335ZGH.js → chunk-CG563V5M.js} +5 -3
- package/dist/chunk-CG563V5M.js.map +1 -0
- package/dist/{chunk-5OFPQK6N.js → chunk-COXLEZCN.js} +2 -1
- package/dist/chunk-COXLEZCN.js.map +1 -0
- package/dist/{chunk-O4BLVPML.js → chunk-DNMSV3R3.js} +22 -28
- package/dist/chunk-DNMSV3R3.js.map +1 -0
- package/dist/chunk-E3JH6YUM.js +1 -0
- package/dist/chunk-ESC54TAK.js +220 -0
- package/dist/chunk-ESC54TAK.js.map +1 -0
- package/dist/chunk-FI7MPTJW.js +77 -0
- package/dist/chunk-FI7MPTJW.js.map +1 -0
- package/dist/chunk-H4J2LECY.js +201 -0
- package/dist/chunk-H4J2LECY.js.map +1 -0
- package/dist/chunk-IAJ2JVEH.js +256 -0
- package/dist/chunk-IAJ2JVEH.js.map +1 -0
- package/dist/{chunk-F3TG5FJV.js → chunk-IEZCAT2I.js} +7 -1
- package/dist/{chunk-F3TG5FJV.js.map → chunk-IEZCAT2I.js.map} +1 -1
- package/dist/chunk-JHEAWR3L.js +1 -0
- package/dist/chunk-JQSKBMXP.js +17 -0
- package/dist/chunk-JQSKBMXP.js.map +1 -0
- package/dist/{chunk-4QTKSLTO.js → chunk-K4M64WD6.js} +9 -5
- package/dist/{chunk-4QTKSLTO.js.map → chunk-K4M64WD6.js.map} +1 -1
- package/dist/chunk-KI7OWQUX.js +293 -0
- package/dist/chunk-KI7OWQUX.js.map +1 -0
- package/dist/chunk-KT3MWNZG.js +0 -0
- package/dist/{chunk-ZJW5FFYJ.js → chunk-LC5PYNJP.js} +2 -2
- package/dist/{chunk-JAAHOGKI.js → chunk-M2EY7KDR.js} +1223 -1124
- package/dist/chunk-M2EY7KDR.js.map +1 -0
- package/dist/{chunk-2VQKDRVF.js → chunk-MR7OLIC6.js} +3 -3
- package/dist/chunk-NM4WF3XD.js +63 -0
- package/dist/chunk-NM4WF3XD.js.map +1 -0
- package/dist/chunk-NPMCKOX4.js +1 -0
- package/dist/{chunk-VRHXOKRP.js → chunk-NZXH2LQQ.js} +86 -83
- package/dist/chunk-NZXH2LQQ.js.map +1 -0
- package/dist/{chunk-B6RP57M3.js → chunk-OLPB36O2.js} +4 -4
- package/dist/chunk-PIVX3DYW.js +142 -0
- package/dist/chunk-PIVX3DYW.js.map +1 -0
- package/dist/{chunk-7TOMTMHT.js → chunk-R7OC6UDK.js} +2 -1
- package/dist/chunk-R7OC6UDK.js.map +1 -0
- package/dist/chunk-RESN62GB.js +269 -0
- package/dist/chunk-RESN62GB.js.map +1 -0
- package/dist/{chunk-64JI5LTO.js → chunk-RMU7EBRO.js} +2 -2
- package/dist/chunk-RMU7EBRO.js.map +1 -0
- package/dist/chunk-TQYSPYKU.js +131 -0
- package/dist/chunk-TQYSPYKU.js.map +1 -0
- package/dist/chunk-TSLSIRBR.js +107 -0
- package/dist/chunk-TSLSIRBR.js.map +1 -0
- package/dist/{chunk-XP7YXRHO.js → chunk-U6TPSW4L.js} +37 -5
- package/dist/chunk-U6TPSW4L.js.map +1 -0
- package/dist/chunk-UD3LFGDL.js +45 -0
- package/dist/chunk-UD3LFGDL.js.map +1 -0
- package/dist/chunk-UUFYP2UM.js +161 -0
- package/dist/chunk-UUFYP2UM.js.map +1 -0
- package/dist/{chunk-OXIQI2XZ.js → chunk-VBZCVFSA.js} +2 -2
- package/dist/chunk-VMEWD57H.js +137 -0
- package/dist/chunk-VMEWD57H.js.map +1 -0
- package/dist/{chunk-TRH2L3FI.js → chunk-WEGALZEU.js} +3 -3
- package/dist/{chunk-ZOXNJV2O.js → chunk-WGHJD6I7.js} +35 -138
- package/dist/chunk-WGHJD6I7.js.map +1 -0
- package/dist/chunk-XMS5VRIK.js +0 -0
- package/dist/chunk-Y4H3JNVK.js +18 -0
- package/dist/chunk-Y4H3JNVK.js.map +1 -0
- package/dist/chunk-Z5IGLBWE.js +329 -0
- package/dist/chunk-Z5IGLBWE.js.map +1 -0
- package/dist/chunk-ZEGYW52B.js +26 -0
- package/dist/chunk-ZEGYW52B.js.map +1 -0
- package/dist/chunk-ZJQ4O76G.js +87 -0
- package/dist/chunk-ZJQ4O76G.js.map +1 -0
- package/dist/cli/index.js +32 -21
- package/dist/cli/index.js.map +1 -1
- package/dist/client/index.d.ts +107 -1
- package/dist/client/index.js +152 -6
- package/dist/client/index.js.map +1 -1
- package/dist/{cloudflare-LCAOTRYZ.js → cloudflare-OJGJ7R2D.js} +3 -3
- package/dist/configure-agent-registry-6YGTJYBC.js +0 -0
- package/dist/cookies-MJKMGJ7N.js +22 -0
- package/dist/csrf-BBrEZSBW.d.ts +107 -0
- package/dist/csrf-readiness-store-CjIoub3U.d.ts +43 -0
- package/dist/define-websocket-CdK94O-D.d.ts +64 -0
- package/dist/{deno-deploy-ZN4RE5HF.js → deno-deploy-BHWKFTOW.js} +3 -3
- package/dist/{dev-266MVCVA.js → dev-MJVSRZGF.js} +11 -11
- package/dist/{dev-emit-RBSFZZNO.js → dev-emit-5VPRCHOD.js} +39 -142
- package/dist/dev-emit-5VPRCHOD.js.map +1 -0
- package/dist/{dev-emit-NO6OZJOQ.js → dev-emit-HHP2XJXE.js} +5 -5
- package/dist/devtools/entry.js +185 -131
- package/dist/devtools/entry.js.map +1 -1
- package/dist/{dispatcher-AQJGI3HU.js → dispatcher-63LBXYLE.js} +2 -2
- package/dist/{dispatcher-E6QV32BO.js → dispatcher-EJME6C6M.js} +5 -2
- package/dist/dispatcher-EJME6C6M.js.map +1 -0
- package/dist/{dist-5V77Z223.js → dist-KRW6OVD4.js} +7 -7
- package/dist/dist-KRW6OVD4.js.map +1 -0
- package/dist/docker-EZDA5FT7.js +0 -0
- package/dist/error-envelope-BsNzzAV5.d.ts +62 -0
- package/dist/{generate-DT4IIAHF.js → generate-AZ2K6Z2Z.js} +75 -2
- package/dist/generate-AZ2K6Z2Z.js.map +1 -0
- package/dist/index-DWWEdFh5.d.ts +399 -0
- package/dist/index.d.ts +161 -1391
- package/dist/index.js +20 -8
- package/dist/index.js.map +1 -1
- package/dist/{info-FJ4NXKTB.js → info-47VB62MV.js} +5 -5
- package/dist/job-backend-CgC8Xf33.d.ts +68 -0
- package/dist/{lib-NL5JXGEB.js → lib-NST3PNZX.js} +31 -31
- package/dist/lib-NST3PNZX.js.map +1 -0
- package/dist/module-loader-Cfz7dgCP.d.ts +26 -0
- package/dist/{netlify-5VQ22Z2P.js → netlify-GSNSJGMN.js} +3 -3
- package/dist/{node-3APTLGWB.js → node-6I5B6RL3.js} +3 -3
- package/dist/node-6I5B6RL3.js.map +1 -0
- package/dist/{openapi-FNVSWZOL.js → openapi-NFLSNNVQ.js} +10 -10
- package/dist/plugin-runner-BGBkzgi0.d.ts +95 -0
- package/dist/plugin-types-DNJGxr4Z.d.ts +79 -0
- package/dist/{proper-lockfile-4Y3DP3RP.js → proper-lockfile-MVKMQGFK.js} +27 -27
- package/dist/proper-lockfile-MVKMQGFK.js.map +1 -0
- package/dist/rate-limit-BdNDZ3vt.d.ts +58 -0
- package/dist/registry-QHEZ3BWB.js +25 -0
- package/dist/router-RGZFX75G.js +0 -0
- package/dist/{routes-H4SPLFHJ.js → routes-3A4XGIEJ.js} +6 -6
- package/dist/{scan-C2BOKLSY.js → scan-NQFI5S7P.js} +2 -2
- package/dist/scan-NQFI5S7P.js.map +1 -0
- package/dist/schema-D3v8VB7o.d.ts +76 -0
- package/dist/{schema-VR6YNVLQ.js → schema-KZVOV333.js} +5 -3
- package/dist/schema-KZVOV333.js.map +1 -0
- package/dist/server/agent/index.d.ts +229 -0
- package/dist/server/agent/index.js +16 -0
- package/dist/server/agent/index.js.map +1 -0
- package/dist/server/auth/index.d.ts +46 -1
- package/dist/server/auth/index.js +10 -3
- package/dist/server/cost/index.d.ts +1 -3
- package/dist/server/cost/index.js +1 -1
- package/dist/server/cron/index.js +4 -2
- package/dist/server/define/index.d.ts +281 -0
- package/dist/server/define/index.js +26 -0
- package/dist/server/define/index.js.map +1 -0
- package/dist/server/http/index.d.ts +10 -0
- package/dist/server/http/index.js +74 -0
- package/dist/server/http/index.js.map +1 -0
- package/dist/server/index.d.ts +151 -1677
- package/dist/server/index.js +558 -1102
- package/dist/server/index.js.map +1 -1
- package/dist/server/jobs/index.d.ts +348 -2
- package/dist/server/jobs/index.js +5 -3
- package/dist/server/observability/index.d.ts +324 -0
- package/dist/server/observability/index.js +48 -0
- package/dist/server/observability/index.js.map +1 -0
- package/dist/server/plugins/index.d.ts +17 -0
- package/dist/server/plugins/index.js +17 -0
- package/dist/server/plugins/index.js.map +1 -0
- package/dist/server/rate-limit/index.d.ts +105 -0
- package/dist/server/rate-limit/index.js +25 -0
- package/dist/server/rate-limit/index.js.map +1 -0
- package/dist/server/realtime/index.d.ts +15 -0
- package/dist/server/realtime/index.js +8 -0
- package/dist/server/realtime/index.js.map +1 -0
- package/dist/server/scan/index.d.ts +106 -0
- package/dist/server/scan/index.js +43 -0
- package/dist/server/scan/index.js.map +1 -0
- package/dist/server/security/index.d.ts +193 -0
- package/dist/server/security/index.js +50 -0
- package/dist/server/security/index.js.map +1 -0
- package/dist/server/storage/index.d.ts +22 -0
- package/dist/server/storage/index.js +14 -0
- package/dist/server/storage/index.js.map +1 -0
- package/dist/server/webhook/index.d.ts +148 -0
- package/dist/server/webhook/index.js +19 -0
- package/dist/server/webhook/index.js.map +1 -0
- package/dist/server-error-to-envelope-NO4CCAFQ.js +8 -0
- package/dist/server-error-to-envelope-NO4CCAFQ.js.map +1 -0
- package/dist/server-error-to-envelope-UJK6OWDJ.js +134 -0
- package/dist/server-error-to-envelope-UJK6OWDJ.js.map +1 -0
- package/dist/server-routes-hmr-GZJGPWMS.js +0 -0
- package/dist/services-json-Z2QNGVPW.js +142 -0
- package/dist/services-json-Z2QNGVPW.js.map +1 -0
- package/dist/{services-typed-client-XWYYBWGW.js → services-typed-client-KK6RHRDG.js} +2 -2
- package/dist/{services-typed-client-ZX5JUHH3.js → services-typed-client-T7M5VPBP.js} +2 -2
- package/dist/{sqlite-vec-ARPNUBWT.js → sqlite-vec-54KB4RD3.js} +2 -2
- package/dist/sqlite-vec-54KB4RD3.js.map +1 -0
- package/dist/{start-HX3QUSOS.js → start-CGSZPBAG.js} +23 -23
- package/dist/start-CGSZPBAG.js.map +1 -0
- package/dist/{static-TZBVBDTB.js → static-QI5NQT2X.js} +6 -6
- package/dist/storage-manager-C4jsO0Tp.d.ts +89 -0
- package/dist/storage-manager-D5KBXXKB.js +0 -0
- package/dist/{storage-types-DtIVejC1.d.ts → storage-types-DsDTCPbp.d.ts} +1 -1
- package/dist/{theo-cloud-3K4DGB3S.js → theo-cloud-RSQCBNXL.js} +4 -4
- package/dist/theo-cloud-RSQCBNXL.js.map +1 -0
- package/dist/upgrade-readiness-GUJBCJIS.js +0 -0
- package/dist/{vercel-MWW24ABC.js → vercel-TKPZK62A.js} +3 -3
- package/dist/vite-plugin/index.d.ts +3 -1
- package/dist/vite-plugin/index.js +20 -8
- package/dist/{vite-plugin-IK3NOWXS.js → vite-plugin-CR4JDFUQ.js} +9 -9
- package/dist/vite-plugin-CR4JDFUQ.js.map +1 -0
- package/package.json +59 -10
- package/LICENSE +0 -201
- package/dist/build-HIGHJQQV.js.map +0 -1
- package/dist/chunk-5OFPQK6N.js.map +0 -1
- package/dist/chunk-64JI5LTO.js.map +0 -1
- package/dist/chunk-7TOMTMHT.js.map +0 -1
- package/dist/chunk-BIGBFZSU.js.map +0 -1
- package/dist/chunk-C52GSJPF.js.map +0 -1
- package/dist/chunk-CZM6WWWS.js +0 -2450
- package/dist/chunk-CZM6WWWS.js.map +0 -1
- package/dist/chunk-JAAHOGKI.js.map +0 -1
- package/dist/chunk-KJVEJILQ.js.map +0 -1
- package/dist/chunk-O4BLVPML.js.map +0 -1
- package/dist/chunk-O7335ZGH.js.map +0 -1
- package/dist/chunk-PB4GR7EP.js.map +0 -1
- package/dist/chunk-TPCT3MXV.js.map +0 -1
- package/dist/chunk-VRHXOKRP.js.map +0 -1
- package/dist/chunk-WZ7CPVQB.js.map +0 -1
- package/dist/chunk-X4JAX2U3.js.map +0 -1
- package/dist/chunk-XP7YXRHO.js.map +0 -1
- package/dist/chunk-YLBSSEHX.js.map +0 -1
- package/dist/chunk-ZOXNJV2O.js.map +0 -1
- package/dist/dev-emit-RBSFZZNO.js.map +0 -1
- package/dist/dispatcher-E6QV32BO.js.map +0 -1
- package/dist/dist-5V77Z223.js.map +0 -1
- package/dist/generate-DT4IIAHF.js.map +0 -1
- package/dist/index-li83Swxa.d.ts +0 -506
- package/dist/lib-NL5JXGEB.js.map +0 -1
- package/dist/proper-lockfile-4Y3DP3RP.js.map +0 -1
- package/dist/registry-4MZ26TZD.js +0 -25
- package/dist/schema-CjVly9c_.d.ts +0 -274
- package/dist/sqlite-vec-ARPNUBWT.js.map +0 -1
- package/dist/start-HX3QUSOS.js.map +0 -1
- package/dist/theo-cloud-3K4DGB3S.js.map +0 -1
- /package/dist/{actions-virtual-module-HWNTIEPI.js.map → actions-virtual-module-IY46EEEX.js.map} +0 -0
- /package/dist/{actions-virtual-module-SEIPACG5.js.map → actions-virtual-module-XNHDNCZ6.js.map} +0 -0
- /package/dist/{aws-lambda-XYCGZH3I.js.map → aws-lambda-GKSTX6HD.js.map} +0 -0
- /package/dist/{bun-K73TQEWC.js.map → bun-ISHSNFIO.js.map} +0 -0
- /package/dist/{check-PZR67OY5.js.map → check-NXYPLM6M.js.map} +0 -0
- /package/dist/{dispatcher-AQJGI3HU.js.map → chunk-E3JH6YUM.js.map} +0 -0
- /package/dist/{node-3APTLGWB.js.map → chunk-JHEAWR3L.js.map} +0 -0
- /package/dist/{chunk-ZJW5FFYJ.js.map → chunk-LC5PYNJP.js.map} +0 -0
- /package/dist/{chunk-2VQKDRVF.js.map → chunk-MR7OLIC6.js.map} +0 -0
- /package/dist/{scan-C2BOKLSY.js.map → chunk-NPMCKOX4.js.map} +0 -0
- /package/dist/{chunk-B6RP57M3.js.map → chunk-OLPB36O2.js.map} +0 -0
- /package/dist/{chunk-OXIQI2XZ.js.map → chunk-VBZCVFSA.js.map} +0 -0
- /package/dist/{chunk-TRH2L3FI.js.map → chunk-WEGALZEU.js.map} +0 -0
- /package/dist/{cloudflare-LCAOTRYZ.js.map → cloudflare-OJGJ7R2D.js.map} +0 -0
- /package/dist/{schema-VR6YNVLQ.js.map → cookies-MJKMGJ7N.js.map} +0 -0
- /package/dist/{deno-deploy-ZN4RE5HF.js.map → deno-deploy-BHWKFTOW.js.map} +0 -0
- /package/dist/{dev-266MVCVA.js.map → dev-MJVSRZGF.js.map} +0 -0
- /package/dist/{dev-emit-NO6OZJOQ.js.map → dev-emit-HHP2XJXE.js.map} +0 -0
- /package/dist/{vite-plugin-IK3NOWXS.js.map → dispatcher-63LBXYLE.js.map} +0 -0
- /package/dist/{info-FJ4NXKTB.js.map → info-47VB62MV.js.map} +0 -0
- /package/dist/{netlify-5VQ22Z2P.js.map → netlify-GSNSJGMN.js.map} +0 -0
- /package/dist/{openapi-FNVSWZOL.js.map → openapi-NFLSNNVQ.js.map} +0 -0
- /package/dist/{registry-4MZ26TZD.js.map → registry-QHEZ3BWB.js.map} +0 -0
- /package/dist/{routes-H4SPLFHJ.js.map → routes-3A4XGIEJ.js.map} +0 -0
- /package/dist/{services-typed-client-XWYYBWGW.js.map → services-typed-client-KK6RHRDG.js.map} +0 -0
- /package/dist/{services-typed-client-ZX5JUHH3.js.map → services-typed-client-T7M5VPBP.js.map} +0 -0
- /package/dist/{static-TZBVBDTB.js.map → static-QI5NQT2X.js.map} +0 -0
- /package/dist/{vercel-MWW24ABC.js.map → vercel-TKPZK62A.js.map} +0 -0
|
@@ -0,0 +1,107 @@
|
|
|
1
|
+
import { IncomingMessage } from 'node:http';
|
|
2
|
+
import { A as AuditLogger } from './audit-log-BQWM5YLG.js';
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* CSRF enforcement mode.
|
|
6
|
+
*
|
|
7
|
+
* - `off` — skip CSRF entirely. Use only when you have another defense
|
|
8
|
+
* (e.g. you don't ship session cookies, all auth is bearer).
|
|
9
|
+
* - `warn` — log a structured warning when the check would fail, but
|
|
10
|
+
* still serve the request. Default for 0.2.0. Migration mode.
|
|
11
|
+
* - `strict` — reject failing requests with 403 + code `CSRF_INVALID`.
|
|
12
|
+
* Will become the default in 0.3.0.
|
|
13
|
+
*/
|
|
14
|
+
type CsrfMode = 'off' | 'warn' | 'strict';
|
|
15
|
+
/**
|
|
16
|
+
* Per-request structured logger surface. Only `warn` is used by enforceCsrf;
|
|
17
|
+
* we don't require a full Logger here so callers can pass a mock or the
|
|
18
|
+
* console directly.
|
|
19
|
+
*/
|
|
20
|
+
interface CsrfLogger {
|
|
21
|
+
warn: (payload: CsrfWarnPayload) => void;
|
|
22
|
+
/** Optional path the request was destined for — used for log correlation. */
|
|
23
|
+
path?: string;
|
|
24
|
+
}
|
|
25
|
+
/**
|
|
26
|
+
* T5.1 — Rails-inspired per-route escalation.
|
|
27
|
+
*
|
|
28
|
+
* `routes` accepts string (exact match) or RegExp entries. When a request
|
|
29
|
+
* path matches AND the request would otherwise emit a warning, the
|
|
30
|
+
* `behavior` field decides what happens:
|
|
31
|
+
*
|
|
32
|
+
* - `'warn'` → normal warn dispatch (no-op vs default)
|
|
33
|
+
* - `'raise'` → escalate to 403 regardless of global `csrf` mode
|
|
34
|
+
*
|
|
35
|
+
* `'raise'` never downgrades: when global mode is `'off'`, validation is
|
|
36
|
+
* skipped entirely and disallowed dispatch never runs.
|
|
37
|
+
*/
|
|
38
|
+
interface DisallowedConfig {
|
|
39
|
+
routes: (string | RegExp)[];
|
|
40
|
+
behavior: 'warn' | 'raise';
|
|
41
|
+
}
|
|
42
|
+
/**
|
|
43
|
+
* Test whether `path` matches any of the supplied patterns. String
|
|
44
|
+
* patterns are EXACT (trailing slash matters — use RegExp for tolerance).
|
|
45
|
+
*
|
|
46
|
+
* EC-5: when a RegExp carries the `/g` flag, `.test()` mutates
|
|
47
|
+
* `lastIndex` and the next invocation may miss. We reset `lastIndex`
|
|
48
|
+
* before each test so the matcher is a pure function.
|
|
49
|
+
*/
|
|
50
|
+
declare function matchDisallowed(path: string, patterns: readonly (string | RegExp)[]): boolean;
|
|
51
|
+
/**
|
|
52
|
+
* T2.2 — Stable cutover identifier shipped with every csrf.warn payload.
|
|
53
|
+
*
|
|
54
|
+
* Convention borrowed from Vite's `deprecations.ts:74` — a `code` plus a
|
|
55
|
+
* `docsUrl` lets users (a) grep their logs for a single stable identifier
|
|
56
|
+
* to find every csrf.warn line, and (b) click through directly to the
|
|
57
|
+
* migration guide. Strings are exported constants so the analyzer (T2.3)
|
|
58
|
+
* and migration guide can reference the same source of truth.
|
|
59
|
+
*/
|
|
60
|
+
declare const CSRF_WARN_CODE: "CSRF_STRICT_CUTOVER";
|
|
61
|
+
declare const CSRF_WARN_DOCS_URL: "https://theokit.dev/upgrade/csrf-strict-cutover";
|
|
62
|
+
interface CsrfWarnPayload {
|
|
63
|
+
event: 'csrf.warn';
|
|
64
|
+
method: string;
|
|
65
|
+
path: string | undefined;
|
|
66
|
+
reason: string;
|
|
67
|
+
/**
|
|
68
|
+
* Stable identifier for the 0.2 → 0.3 CSRF strict cutover. Always
|
|
69
|
+
* `'CSRF_STRICT_CUTOVER'`. Grep-able from prod logs.
|
|
70
|
+
*/
|
|
71
|
+
code: string;
|
|
72
|
+
/**
|
|
73
|
+
* Link to the section of the migration guide explaining how to clear
|
|
74
|
+
* this specific warning class.
|
|
75
|
+
*/
|
|
76
|
+
docsUrl: string;
|
|
77
|
+
}
|
|
78
|
+
declare function validateCsrf(req: IncomingMessage): {
|
|
79
|
+
valid: true;
|
|
80
|
+
} | {
|
|
81
|
+
valid: false;
|
|
82
|
+
reason: string;
|
|
83
|
+
};
|
|
84
|
+
/**
|
|
85
|
+
* T5a.2 Phase B (slice 1/6) — Web-Standards-shaped CSRF validator.
|
|
86
|
+
*
|
|
87
|
+
* Mirror of `validateCsrf(req: IncomingMessage)` for the Web `Request`
|
|
88
|
+
* shape. Consumes `request.headers.get(name)` (native Web `Headers` API)
|
|
89
|
+
* instead of `req.headers[name]` (Node `IncomingMessage` indexer). Same
|
|
90
|
+
* CSRF policy + same return shape — the difference is only the input
|
|
91
|
+
* extraction.
|
|
92
|
+
*
|
|
93
|
+
* Used by `executeWebRequest` (T5a.2 Phase A) to enforce CSRF on the
|
|
94
|
+
* Web-Standards request handler entry-point.
|
|
95
|
+
*/
|
|
96
|
+
declare function validateCsrfRequest(request: Request): {
|
|
97
|
+
valid: true;
|
|
98
|
+
} | {
|
|
99
|
+
valid: false;
|
|
100
|
+
reason: string;
|
|
101
|
+
};
|
|
102
|
+
declare function enforceCsrf(req: IncomingMessage, mode: CsrfMode, logger?: CsrfLogger, disallowed?: DisallowedConfig, auditLogger?: AuditLogger): {
|
|
103
|
+
allow: boolean;
|
|
104
|
+
reason?: string;
|
|
105
|
+
};
|
|
106
|
+
|
|
107
|
+
export { CSRF_WARN_CODE as C, type DisallowedConfig as D, CSRF_WARN_DOCS_URL as a, type CsrfLogger as b, type CsrfMode as c, type CsrfWarnPayload as d, enforceCsrf as e, validateCsrfRequest as f, matchDisallowed as m, validateCsrf as v };
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* T2.2 — In-memory bounded counter for CSRF warn events.
|
|
3
|
+
*
|
|
4
|
+
* Aggregates `csrf.warn` payloads by `(method, path, reason)` triple.
|
|
5
|
+
* Used by the `/__theo/csrf-readiness` endpoint to expose a summary the
|
|
6
|
+
* developer (or devtools tab) can inspect, so users do NOT need to grep
|
|
7
|
+
* stdout to know which endpoints will break under 0.3.0 strict CSRF.
|
|
8
|
+
*
|
|
9
|
+
* Bounded at 1000 distinct keys (EC-22). Eviction is LRU-by-insertion —
|
|
10
|
+
* when the cap is hit, the oldest key is dropped and a re-record of an
|
|
11
|
+
* evicted key starts fresh (count: 1).
|
|
12
|
+
*
|
|
13
|
+
* Single-threaded by virtue of the JS event loop; Map operations are
|
|
14
|
+
* atomic. NOT shared across processes — each worker has its own store.
|
|
15
|
+
*/
|
|
16
|
+
interface CsrfWarnRecord {
|
|
17
|
+
method: string;
|
|
18
|
+
path: string;
|
|
19
|
+
reason: string;
|
|
20
|
+
}
|
|
21
|
+
interface CsrfReadinessRouteSummary {
|
|
22
|
+
method: string;
|
|
23
|
+
path: string;
|
|
24
|
+
reason: string;
|
|
25
|
+
count: number;
|
|
26
|
+
firstSeen: string;
|
|
27
|
+
lastSeen: string;
|
|
28
|
+
}
|
|
29
|
+
interface CsrfReadinessSummary {
|
|
30
|
+
generatedAt: string;
|
|
31
|
+
totalEvents: number;
|
|
32
|
+
routes: CsrfReadinessRouteSummary[];
|
|
33
|
+
}
|
|
34
|
+
declare class CsrfReadinessStore {
|
|
35
|
+
static readonly MAX_ENTRIES = 1000;
|
|
36
|
+
private readonly entries;
|
|
37
|
+
private keyFor;
|
|
38
|
+
record(event: CsrfWarnRecord): void;
|
|
39
|
+
summary(): CsrfReadinessSummary;
|
|
40
|
+
reset(): void;
|
|
41
|
+
}
|
|
42
|
+
|
|
43
|
+
export { CsrfReadinessStore as C, type CsrfReadinessRouteSummary as a, type CsrfReadinessSummary as b, type CsrfWarnRecord as c };
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
import { IncomingMessage } from 'node:http';
|
|
2
|
+
|
|
3
|
+
interface WebSocketLike {
|
|
4
|
+
send(data: string | Buffer): void;
|
|
5
|
+
close(code?: number, reason?: string): void;
|
|
6
|
+
}
|
|
7
|
+
interface WebSocketHandler {
|
|
8
|
+
onOpen?: (ws: WebSocketLike, req: IncomingMessage) => void;
|
|
9
|
+
onMessage?: (ws: WebSocketLike, data: string | Buffer) => void;
|
|
10
|
+
onClose?: (ws: WebSocketLike, code: number, reason: Buffer) => void;
|
|
11
|
+
onError?: (ws: WebSocketLike, error: Error) => void;
|
|
12
|
+
}
|
|
13
|
+
/**
|
|
14
|
+
* Define a WebSocket endpoint handler.
|
|
15
|
+
* Identity function — provides type inference for WebSocket handlers.
|
|
16
|
+
*/
|
|
17
|
+
declare function defineWebSocket(handler: WebSocketHandler): WebSocketHandler;
|
|
18
|
+
/**
|
|
19
|
+
* T5a.2 Phase F slice 3/3 — Web-Standards WebSocket endpoint handler.
|
|
20
|
+
*
|
|
21
|
+
* Mirror of `WebSocketHandler` for the Web `Request` shape. `onOpen`
|
|
22
|
+
* receives `request: Request` instead of `req: IncomingMessage`. The
|
|
23
|
+
* rest of the lifecycle (onMessage, onClose, onError) is shape-agnostic
|
|
24
|
+
* (`WebSocketLike` is already Web-standards-compatible per the existing
|
|
25
|
+
* design — `send(string | Buffer)` works on both Node `ws` and Web
|
|
26
|
+
* `WebSocket` instances; CF Workers / Bun / Deno coerce as needed at
|
|
27
|
+
* the adapter boundary).
|
|
28
|
+
*
|
|
29
|
+
* Per `docs/plans/t5a2-incoming-message-to-request-shape-refactor-plan.md`
|
|
30
|
+
* v1.0 § Phase F (closes Phase F).
|
|
31
|
+
*
|
|
32
|
+
* **Architectural note — WebSocket upgrade semantics differ across runtimes:**
|
|
33
|
+
* - Node + `ws`: `WebSocketServer.handleUpgrade(req, socket, head, cb)` —
|
|
34
|
+
* `req` is `IncomingMessage`. Use `WebSocketHandler`.
|
|
35
|
+
* - CF Workers: `new WebSocketPair()` + `request.headers` (the upgrade
|
|
36
|
+
* handshake IS a Web Request). Use `WebSocketHandlerWeb`.
|
|
37
|
+
* - Bun: `server.upgrade(request, { data })` — same Web Request shape.
|
|
38
|
+
* - Deno: `Deno.upgradeWebSocket(request)` — same Web Request shape.
|
|
39
|
+
*
|
|
40
|
+
* Cross-runtime WebSocket endpoints ship BOTH `WebSocketHandler` +
|
|
41
|
+
* `WebSocketHandlerWeb` exports; the runtime adapter picks the matching
|
|
42
|
+
* one. This is the canonical Hono / Nitric pattern.
|
|
43
|
+
*/
|
|
44
|
+
interface WebSocketHandlerWeb {
|
|
45
|
+
onOpen?: (ws: WebSocketLike, request: Request) => void;
|
|
46
|
+
onMessage?: (ws: WebSocketLike, data: string | Uint8Array) => void;
|
|
47
|
+
onClose?: (ws: WebSocketLike, code: number, reason: string) => void;
|
|
48
|
+
onError?: (ws: WebSocketLike, error: Error) => void;
|
|
49
|
+
}
|
|
50
|
+
/**
|
|
51
|
+
* Web-Standards `defineWebSocket` sibling. Identity function — provides
|
|
52
|
+
* type inference for Web WebSocket handlers.
|
|
53
|
+
*
|
|
54
|
+
* **Type difference note vs Node path:**
|
|
55
|
+
* - `onMessage` data is `string | Uint8Array` instead of `string | Buffer`
|
|
56
|
+
* (Web standards have no `Buffer`; Node's Buffer is a Uint8Array
|
|
57
|
+
* subclass so the Node path's Buffer values flow through unchanged
|
|
58
|
+
* when adapters wrap them).
|
|
59
|
+
* - `onClose` reason is `string` instead of `Buffer` (Web `CloseEvent`
|
|
60
|
+
* exposes the reason as a UTF-8 string natively).
|
|
61
|
+
*/
|
|
62
|
+
declare function defineWebSocketWeb(handler: WebSocketHandlerWeb): WebSocketHandlerWeb;
|
|
63
|
+
|
|
64
|
+
export { type WebSocketHandler as W, type WebSocketHandlerWeb as a, type WebSocketLike as b, defineWebSocketWeb as c, defineWebSocket as d };
|
|
@@ -2,11 +2,11 @@
|
|
|
2
2
|
import "tsx/esm";
|
|
3
3
|
import {
|
|
4
4
|
nodeAdapter
|
|
5
|
-
} from "./chunk-
|
|
5
|
+
} from "./chunk-LC5PYNJP.js";
|
|
6
6
|
import {
|
|
7
7
|
assertServicesUnsupported,
|
|
8
8
|
readManifest
|
|
9
|
-
} from "./chunk-
|
|
9
|
+
} from "./chunk-27LWMYNK.js";
|
|
10
10
|
import "./chunk-KT3MWNZG.js";
|
|
11
11
|
|
|
12
12
|
// src/adapters/deno-deploy.ts
|
|
@@ -105,4 +105,4 @@ export {
|
|
|
105
105
|
denoDeployAdapter,
|
|
106
106
|
renderDenoEntry
|
|
107
107
|
};
|
|
108
|
-
//# sourceMappingURL=deno-deploy-
|
|
108
|
+
//# sourceMappingURL=deno-deploy-BHWKFTOW.js.map
|
|
@@ -5,23 +5,23 @@ import {
|
|
|
5
5
|
} from "./chunk-XMS5VRIK.js";
|
|
6
6
|
import {
|
|
7
7
|
preflightNodeAndBindings
|
|
8
|
-
} from "./chunk-
|
|
8
|
+
} from "./chunk-IEZCAT2I.js";
|
|
9
9
|
import {
|
|
10
10
|
theoPluginAsync
|
|
11
|
-
} from "./chunk-
|
|
12
|
-
import "./chunk-
|
|
11
|
+
} from "./chunk-M2EY7KDR.js";
|
|
12
|
+
import "./chunk-ABVITXFH.js";
|
|
13
13
|
import {
|
|
14
14
|
loadConfig,
|
|
15
15
|
loadEnv
|
|
16
|
-
} from "./chunk-
|
|
17
|
-
import "./chunk-
|
|
18
|
-
import "./chunk-5ODOE6EF.js";
|
|
19
|
-
import "./chunk-O7335ZGH.js";
|
|
16
|
+
} from "./chunk-U6TPSW4L.js";
|
|
17
|
+
import "./chunk-4S2UCILN.js";
|
|
20
18
|
import {
|
|
21
19
|
orchestrateDev
|
|
22
|
-
} from "./chunk-
|
|
23
|
-
import "./chunk-
|
|
24
|
-
import "./chunk-
|
|
20
|
+
} from "./chunk-27LWMYNK.js";
|
|
21
|
+
import "./chunk-5ODOE6EF.js";
|
|
22
|
+
import "./chunk-CG563V5M.js";
|
|
23
|
+
import "./chunk-VBZCVFSA.js";
|
|
24
|
+
import "./chunk-COXLEZCN.js";
|
|
25
25
|
import "./chunk-KT3MWNZG.js";
|
|
26
26
|
|
|
27
27
|
// src/cli/commands/dev.ts
|
|
@@ -89,4 +89,4 @@ export {
|
|
|
89
89
|
devCommand,
|
|
90
90
|
startDevServer
|
|
91
91
|
};
|
|
92
|
-
//# sourceMappingURL=dev-
|
|
92
|
+
//# sourceMappingURL=dev-MJVSRZGF.js.map
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
import {
|
|
2
2
|
generateManifest
|
|
3
|
-
} from "./chunk-
|
|
4
|
-
import "./chunk-
|
|
5
|
-
import "./chunk-
|
|
6
|
-
import "./chunk-X2VVCJ4V.js";
|
|
3
|
+
} from "./chunk-MR7OLIC6.js";
|
|
4
|
+
import "./chunk-OLPB36O2.js";
|
|
5
|
+
import "./chunk-R7OC6UDK.js";
|
|
7
6
|
import "./chunk-WSJKACWB.js";
|
|
7
|
+
import "./chunk-X2VVCJ4V.js";
|
|
8
8
|
import "./chunk-DGUM43GV.js";
|
|
9
9
|
|
|
10
10
|
// src/vite-plugin/openapi-emit/emit.ts
|
|
@@ -12,12 +12,7 @@ import { mkdirSync, writeFileSync } from "fs";
|
|
|
12
12
|
import { join } from "path";
|
|
13
13
|
|
|
14
14
|
// src/vite-plugin/openapi-emit/zod-to-openapi.ts
|
|
15
|
-
|
|
16
|
-
constructor(message) {
|
|
17
|
-
super(message);
|
|
18
|
-
this.name = "ZodToOpenApiError";
|
|
19
|
-
}
|
|
20
|
-
};
|
|
15
|
+
import { z } from "zod";
|
|
21
16
|
function zodToOpenApiSchema(schema, options = {}) {
|
|
22
17
|
const ctx = options.ctx ?? { seen: /* @__PURE__ */ new Map(), components: {} };
|
|
23
18
|
const name = options.name;
|
|
@@ -27,150 +22,52 @@ function zodToOpenApiSchema(schema, options = {}) {
|
|
|
27
22
|
}
|
|
28
23
|
ctx.seen.set(schema, name);
|
|
29
24
|
ctx.components[name] = {};
|
|
30
|
-
const body =
|
|
25
|
+
const body = convertSchema(schema, ctx);
|
|
31
26
|
ctx.components[name] = body;
|
|
32
27
|
return { $ref: `#/components/schemas/${name}` };
|
|
33
28
|
}
|
|
34
|
-
return
|
|
29
|
+
return convertSchema(schema, ctx);
|
|
35
30
|
}
|
|
36
|
-
function
|
|
31
|
+
function convertSchema(schema, ctx) {
|
|
37
32
|
const existing = ctx.seen.get(schema);
|
|
38
33
|
if (existing !== void 0) {
|
|
39
34
|
return { $ref: `#/components/schemas/${existing}` };
|
|
40
35
|
}
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
case "ZodNumber":
|
|
47
|
-
return convertNumber(schema);
|
|
48
|
-
case "ZodBoolean":
|
|
49
|
-
return { type: "boolean" };
|
|
50
|
-
case "ZodLiteral":
|
|
51
|
-
return convertLiteral(schema);
|
|
52
|
-
case "ZodEnum":
|
|
53
|
-
return convertEnum(schema);
|
|
54
|
-
case "ZodArray":
|
|
55
|
-
return convertArray(schema, ctx);
|
|
56
|
-
case "ZodObject":
|
|
57
|
-
return convertObject(schema, ctx);
|
|
58
|
-
case "ZodUnion":
|
|
59
|
-
return convertUnion(schema, ctx);
|
|
60
|
-
case "ZodDiscriminatedUnion":
|
|
61
|
-
return convertDiscriminatedUnion(schema, ctx);
|
|
62
|
-
case "ZodOptional":
|
|
63
|
-
return convert(schema._def.innerType, ctx);
|
|
64
|
-
case "ZodNullable": {
|
|
65
|
-
const inner = convert(
|
|
66
|
-
schema._def.innerType,
|
|
67
|
-
ctx
|
|
68
|
-
);
|
|
69
|
-
return { ...inner, nullable: true };
|
|
70
|
-
}
|
|
71
|
-
case "ZodEffects":
|
|
72
|
-
case "ZodTransform":
|
|
73
|
-
return convert(schema._def.schema, ctx);
|
|
74
|
-
case "ZodDefault":
|
|
75
|
-
return convert(schema._def.innerType, ctx);
|
|
76
|
-
case "ZodLazy": {
|
|
77
|
-
const getter = schema._def.getter;
|
|
78
|
-
return convert(getter(), ctx);
|
|
79
|
-
}
|
|
80
|
-
case "ZodRecord": {
|
|
81
|
-
const valueType = schema._def.valueType;
|
|
82
|
-
return { type: "object", additionalProperties: convert(valueType, ctx) };
|
|
83
|
-
}
|
|
84
|
-
case "ZodAny":
|
|
85
|
-
case "ZodUnknown":
|
|
86
|
-
return {};
|
|
87
|
-
// no constraint
|
|
88
|
-
case "ZodNull":
|
|
89
|
-
return { type: "null" };
|
|
90
|
-
case "ZodFunction":
|
|
91
|
-
throw new ZodToOpenApiError(
|
|
92
|
-
"Unsupported Zod type: z.function() cannot be represented in OpenAPI Schema. Remove from the route schema."
|
|
93
|
-
);
|
|
94
|
-
case "ZodPromise":
|
|
95
|
-
throw new ZodToOpenApiError(
|
|
96
|
-
"Unsupported Zod type: z.promise() cannot be represented in OpenAPI Schema. Unwrap the value before passing to defineRoute."
|
|
97
|
-
);
|
|
98
|
-
default:
|
|
99
|
-
throw new ZodToOpenApiError(
|
|
100
|
-
`Unsupported Zod type: ${typeName || "(unknown)"}. Open an issue if this construct should be supported.`
|
|
101
|
-
);
|
|
102
|
-
}
|
|
103
|
-
}
|
|
104
|
-
function convertString(schema) {
|
|
105
|
-
const def = schema._def;
|
|
106
|
-
const checks = def.checks ?? [];
|
|
107
|
-
const out = { type: "string" };
|
|
108
|
-
for (const c of checks) {
|
|
109
|
-
if (c.kind === "email") out.format = "email";
|
|
110
|
-
else if (c.kind === "uuid") out.format = "uuid";
|
|
111
|
-
else if (c.kind === "url") out.format = "uri";
|
|
112
|
-
else if (c.kind === "datetime") out.format = "date-time";
|
|
113
|
-
}
|
|
114
|
-
return out;
|
|
115
|
-
}
|
|
116
|
-
function convertNumber(schema) {
|
|
117
|
-
const def = schema._def;
|
|
118
|
-
const checks = def.checks ?? [];
|
|
119
|
-
const isInt = checks.some((c) => c.kind === "int");
|
|
120
|
-
return { type: isInt ? "integer" : "number" };
|
|
121
|
-
}
|
|
122
|
-
function convertLiteral(schema) {
|
|
123
|
-
const value = schema._def.value;
|
|
124
|
-
const typed = literalTypeOf(value);
|
|
125
|
-
if (typed === null) {
|
|
126
|
-
return { type: "null", enum: [null] };
|
|
36
|
+
try {
|
|
37
|
+
const jsonSchema = z.toJSONSchema(schema);
|
|
38
|
+
return toOpenApi3(jsonSchema);
|
|
39
|
+
} catch {
|
|
40
|
+
return {};
|
|
127
41
|
}
|
|
128
|
-
return { type: typed, enum: [value] };
|
|
129
42
|
}
|
|
130
|
-
function
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
}
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
}
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
43
|
+
function toOpenApi3(js) {
|
|
44
|
+
const { $schema: _, $defs: _defs, ...rest } = js;
|
|
45
|
+
const out = {};
|
|
46
|
+
for (const [key, value] of Object.entries(rest)) {
|
|
47
|
+
if (key === "type" && Array.isArray(value)) {
|
|
48
|
+
const types = value;
|
|
49
|
+
const hasNull = types.includes("null");
|
|
50
|
+
const nonNull = types.filter((t) => t !== "null");
|
|
51
|
+
out.type = nonNull.length === 1 ? nonNull[0] : nonNull;
|
|
52
|
+
if (hasNull) out.nullable = true;
|
|
53
|
+
} else if (key === "properties" && value && typeof value === "object") {
|
|
54
|
+
const props = {};
|
|
55
|
+
for (const [pk, pv] of Object.entries(value)) {
|
|
56
|
+
props[pk] = pv && typeof pv === "object" ? toOpenApi3(pv) : pv;
|
|
57
|
+
}
|
|
58
|
+
out.properties = props;
|
|
59
|
+
} else if (key === "items" && value && typeof value === "object") {
|
|
60
|
+
out.items = toOpenApi3(value);
|
|
61
|
+
} else if ((key === "anyOf" || key === "oneOf" || key === "allOf") && Array.isArray(value)) {
|
|
62
|
+
out[key] = value.map((v) => toOpenApi3(v));
|
|
63
|
+
} else if (key === "additionalProperties" && value && typeof value === "object") {
|
|
64
|
+
out.additionalProperties = toOpenApi3(value);
|
|
65
|
+
} else {
|
|
66
|
+
out[key] = value;
|
|
67
|
+
}
|
|
154
68
|
}
|
|
155
|
-
const out = {
|
|
156
|
-
type: "object",
|
|
157
|
-
properties,
|
|
158
|
-
additionalProperties: false
|
|
159
|
-
};
|
|
160
|
-
if (required.length > 0) out.required = required;
|
|
161
69
|
return out;
|
|
162
70
|
}
|
|
163
|
-
function convertUnion(schema, ctx) {
|
|
164
|
-
const options = schema._def.options;
|
|
165
|
-
return { oneOf: options.map((o) => convert(o, ctx)) };
|
|
166
|
-
}
|
|
167
|
-
function convertDiscriminatedUnion(schema, ctx) {
|
|
168
|
-
const def = schema._def;
|
|
169
|
-
return {
|
|
170
|
-
oneOf: def.options.map((o) => convert(o, ctx)),
|
|
171
|
-
discriminator: { propertyName: def.discriminator }
|
|
172
|
-
};
|
|
173
|
-
}
|
|
174
71
|
|
|
175
72
|
// src/vite-plugin/openapi-emit/emit.ts
|
|
176
73
|
var METHOD_TO_KEY = {
|
|
@@ -387,4 +284,4 @@ export {
|
|
|
387
284
|
_resetInFlightForTests,
|
|
388
285
|
reEmitOpenApi
|
|
389
286
|
};
|
|
390
|
-
//# sourceMappingURL=dev-emit-
|
|
287
|
+
//# sourceMappingURL=dev-emit-5VPRCHOD.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/vite-plugin/openapi-emit/emit.ts","../src/vite-plugin/openapi-emit/zod-to-openapi.ts","../src/vite-plugin/openapi-emit/load-routes.ts","../src/vite-plugin/openapi-emit/dev-emit.ts"],"sourcesContent":["/**\n * In-house `emitOpenApi()` orchestrator (build-time only).\n *\n * Pure transformation: takes a route manifest (already hydrated with Zod\n * schemas extracted from `defineRoute()` config) + the openapi config\n * block, builds an OpenAPI 3.x document, writes `<outDir>/openapi.json`,\n * returns the document for downstream callers (CLI logs, tests).\n *\n * Per G2 plan v1.1 T2.1. Modelled on trpc-openapi's\n * `generateOpenApiDocument` + encore's `Generator.Generate()`.\n *\n * NEVER ship to runtime — devDep-shaped artifact.\n *\n * Path templating: TheoKit's `:param` syntax is converted to OpenAPI's\n * `{param}` per the spec. Env-var override: `THEOKIT_OPENAPI_SERVER_URL`\n * overrides `servers[0].url` without rebuilding the config.\n */\n/* eslint-disable security/detect-non-literal-fs-filename --\n * Build-time emit. outDir is a config-controlled relative path. The\n * caller already refused absolute paths via theoConfigSchema.distDir\n * pattern; the openapi.outDir field follows the same convention.\n */\nimport { mkdirSync, writeFileSync } from 'node:fs'\nimport { join } from 'node:path'\n\nimport type { z } from 'zod'\n\nimport { zodToOpenApiSchema, type ConvertCtx, type OpenApiSchema } from './zod-to-openapi.js'\n\nexport interface OpenApiManifestRoute {\n /** TheoKit-style path with `:param` placeholders (`/users/:id`). */\n routePath: string\n /** Uppercase HTTP methods the route exports (`['GET','POST']`). */\n methods: string[]\n /** Optional `defineRoute({body})` schema. */\n body?: z.ZodType\n /** Optional `defineRoute({query})` schema. */\n query?: z.ZodType\n /** Optional `defineRoute({params})` schema. */\n params?: z.ZodType\n /** Optional `defineRoute({response})` schema. */\n response?: z.ZodType\n}\n\nexport interface OpenApiEmitConfig {\n servers: { url: string; description?: string }[]\n specVersion: '3.1.0' | '3.0.3'\n title: string\n version: string\n outDir: string\n}\n\nexport interface OpenApiOperation {\n operationId?: string\n parameters?: OpenApiParameter[]\n requestBody?: {\n required?: boolean\n content: Record<string, { schema: OpenApiSchema }>\n }\n responses: Record<\n string,\n { description: string; content?: Record<string, { schema: OpenApiSchema }> }\n >\n}\n\nexport interface OpenApiParameter {\n name: string\n in: 'path' | 'query' | 'header' | 'cookie'\n required: boolean\n schema: OpenApiSchema\n description?: string\n}\n\nexport type OpenApiPathItem = Partial<\n Record<'get' | 'post' | 'put' | 'patch' | 'delete' | 'head' | 'options', OpenApiOperation>\n>\n\nexport interface OpenApiDocument {\n openapi: '3.1.0' | '3.0.3'\n info: { title: string; version: string }\n servers: { url: string; description?: string }[]\n paths: Record<string, OpenApiPathItem>\n components?: { schemas?: Record<string, OpenApiSchema> }\n}\n\nexport interface EmitOpenApiInput {\n manifest: OpenApiManifestRoute[]\n config: OpenApiEmitConfig\n}\n\nexport interface EmitOpenApiResult {\n document: OpenApiDocument\n path: string\n}\n\nconst METHOD_TO_KEY: Record<string, keyof OpenApiPathItem> = {\n GET: 'get',\n POST: 'post',\n PUT: 'put',\n PATCH: 'patch',\n DELETE: 'delete',\n HEAD: 'head',\n OPTIONS: 'options',\n}\n\n/** Convert `/users/:id/posts/:postId?` → `/users/{id}/posts/{postId}`. */\nexport function templatePath(routePath: string): string {\n // Bounded quantifier (\\w{0,64}) is OSS-safe — TheoKit route param names\n // never exceed 64 chars in practice; cap prevents super-linear backtracking.\n return routePath.replace(/:([A-Za-z_]\\w{0,64})\\??/g, '{$1}')\n}\n\nfunction buildParameters(\n paramsSchema: z.ZodType | undefined,\n querySchema: z.ZodType | undefined,\n ctx: ConvertCtx,\n): OpenApiParameter[] {\n const out: OpenApiParameter[] = []\n if (paramsSchema !== undefined) {\n appendObjectAsParameters(paramsSchema, 'path', out, ctx)\n }\n if (querySchema !== undefined) {\n appendObjectAsParameters(querySchema, 'query', out, ctx)\n }\n return out\n}\n\nfunction appendObjectAsParameters(\n schema: z.ZodType,\n location: 'path' | 'query',\n out: OpenApiParameter[],\n ctx: ConvertCtx,\n): void {\n // We expect an object schema; if it's not, skip silently (caller already\n // validated upstream when scanning defineRoute()).\n const shape = (schema as unknown as { shape?: Record<string, z.ZodType> }).shape\n if (shape === undefined) return\n for (const [name, child] of Object.entries(shape)) {\n const childDef = (child as unknown as { _def: { typeName?: string } })._def\n const optional = childDef.typeName === 'ZodOptional' || childDef.typeName === 'ZodDefault'\n out.push({\n name,\n in: location,\n required: location === 'path' ? true : !optional,\n schema: zodToOpenApiSchema(child, { ctx }),\n })\n }\n}\n\nfunction buildOperation(\n route: OpenApiManifestRoute,\n ctx: ConvertCtx,\n method: string,\n): OpenApiOperation {\n // Bounded sanitizer: two single-pass replacements (no nested quantifiers).\n const sanitized = route.routePath.replace(/[/:\\-{}]/g, '_').replace(/_+/g, '_')\n const operationId = `${method.toLowerCase()}_${sanitized.replace(/^_|_$/g, '')}`\n const op: OpenApiOperation = {\n operationId,\n responses: {\n '200': { description: 'OK' },\n },\n }\n\n const parameters = buildParameters(route.params, route.query, ctx)\n if (parameters.length > 0) op.parameters = parameters\n\n // Body only meaningful for write methods; we still attach if defined so\n // the document is honest about the contract.\n if (route.body !== undefined) {\n op.requestBody = {\n required: true,\n content: {\n 'application/json': { schema: zodToOpenApiSchema(route.body, { ctx }) },\n },\n }\n }\n\n if (route.response !== undefined) {\n op.responses['200'] = {\n description: 'OK',\n content: {\n 'application/json': { schema: zodToOpenApiSchema(route.response, { ctx }) },\n },\n }\n }\n\n return op\n}\n\nexport function emitOpenApi(input: EmitOpenApiInput): EmitOpenApiResult {\n const { manifest, config } = input\n\n const ctx: ConvertCtx = { seen: new Map(), components: {} }\n\n const paths: Record<string, OpenApiPathItem> = {}\n for (const route of manifest) {\n const templatedPath = templatePath(route.routePath)\n const item: OpenApiPathItem = paths[templatedPath] ?? {}\n for (const method of route.methods) {\n // Defensive: manifest emitter normalizes to uppercase, but if a\n // future scanner produces a non-HTTP verb the key lookup yields\n // undefined and we skip silently. TS narrows the indexed type to\n // keyof OpenApiPathItem; the runtime undefined check is honest.\n const key = METHOD_TO_KEY[method.toUpperCase()] as keyof OpenApiPathItem | undefined\n if (key === undefined) continue\n item[key] = buildOperation(route, ctx, method)\n }\n paths[templatedPath] = item\n }\n\n const servers = applyServerOverride(config.servers)\n\n const document: OpenApiDocument = {\n openapi: config.specVersion,\n info: { title: config.title, version: config.version },\n servers,\n paths,\n }\n\n if (Object.keys(ctx.components).length > 0) {\n document.components = { schemas: ctx.components }\n }\n\n mkdirSync(config.outDir, { recursive: true })\n const outPath = join(config.outDir, 'openapi.json')\n writeFileSync(outPath, `${JSON.stringify(document, null, 2)}\\n`, 'utf8')\n\n return { document, path: outPath }\n}\n\nfunction applyServerOverride(\n servers: { url: string; description?: string }[],\n): { url: string; description?: string }[] {\n const override = process.env.THEOKIT_OPENAPI_SERVER_URL\n if (override === undefined || override === '') return servers\n if (servers.length === 0) return [{ url: override }]\n const [first, ...rest] = servers\n return [\n {\n url: override,\n ...(first.description !== undefined ? { description: first.description } : {}),\n },\n ...rest,\n ]\n}\n","/**\n * Zod → OpenAPI 3.0 Schema converter (build-time only).\n *\n * Uses Zod v4's native `z.toJSONSchema()` and post-processes\n * the JSON Schema output into OpenAPI 3.0 format:\n * - Removes `$schema` (invalid in OpenAPI 3.0)\n * - Converts `type: [\"string\", \"null\"]` → `{ type: \"string\", nullable: true }`\n * - Recursively normalizes nested schemas\n *\n * NEVER ship to runtime — devDep-shaped artifact.\n */\nimport { z } from 'zod'\n\nexport interface OpenApiSchema {\n type?: 'string' | 'number' | 'integer' | 'boolean' | 'array' | 'object' | 'null'\n format?: string\n items?: OpenApiSchema\n properties?: Record<string, OpenApiSchema>\n required?: string[]\n additionalProperties?: boolean | OpenApiSchema\n oneOf?: OpenApiSchema[]\n anyOf?: OpenApiSchema[]\n allOf?: OpenApiSchema[]\n discriminator?: { propertyName: string; mapping?: Record<string, string> }\n enum?: unknown[]\n nullable?: boolean\n description?: string\n default?: unknown\n $ref?: string\n}\n\nexport interface ConvertCtx {\n seen: Map<z.ZodType, string>\n components: Record<string, OpenApiSchema>\n}\n\nexport interface ConvertOptions {\n ctx?: ConvertCtx\n name?: string\n}\n\nexport class ZodToOpenApiError extends Error {\n constructor(message: string) {\n super(message)\n this.name = 'ZodToOpenApiError'\n }\n}\n\nexport function zodToOpenApiSchema(schema: z.ZodType, options: ConvertOptions = {}): OpenApiSchema {\n const ctx: ConvertCtx = options.ctx ?? { seen: new Map(), components: {} }\n\n const name = options.name\n if (name !== undefined) {\n if (Object.prototype.hasOwnProperty.call(ctx.components, name)) {\n return { $ref: `#/components/schemas/${name}` }\n }\n ctx.seen.set(schema, name)\n ctx.components[name] = {}\n const body = convertSchema(schema, ctx)\n ctx.components[name] = body\n return { $ref: `#/components/schemas/${name}` }\n }\n\n return convertSchema(schema, ctx)\n}\n\nfunction convertSchema(schema: z.ZodType, ctx: ConvertCtx): OpenApiSchema {\n const existing = ctx.seen.get(schema)\n if (existing !== undefined) {\n return { $ref: `#/components/schemas/${existing}` }\n }\n\n try {\n const jsonSchema = z.toJSONSchema(schema) as Record<string, unknown>\n return toOpenApi3(jsonSchema)\n } catch {\n return {}\n }\n}\n\n/**\n * Post-process JSON Schema (draft-2020-12) → OpenAPI 3.0.\n * Handles:\n * - $schema removal\n * - nullable conversion\n * - Recursive normalization of properties/items/anyOf/oneOf/allOf\n */\nfunction toOpenApi3(js: Record<string, unknown>): OpenApiSchema {\n const { $schema: _, $defs: _defs, ...rest } = js\n const out: Record<string, unknown> = {}\n\n for (const [key, value] of Object.entries(rest)) {\n if (key === 'type' && Array.isArray(value)) {\n const types = value as string[]\n const hasNull = types.includes('null')\n const nonNull = types.filter((t: string) => t !== 'null')\n out.type = nonNull.length === 1 ? nonNull[0] : nonNull\n if (hasNull) out.nullable = true\n } else if (key === 'properties' && value && typeof value === 'object') {\n const props: Record<string, OpenApiSchema> = {}\n for (const [pk, pv] of Object.entries(value as Record<string, unknown>)) {\n props[pk] = pv && typeof pv === 'object' ? toOpenApi3(pv as Record<string, unknown>) : (pv as OpenApiSchema)\n }\n out.properties = props\n } else if (key === 'items' && value && typeof value === 'object') {\n out.items = toOpenApi3(value as Record<string, unknown>)\n } else if ((key === 'anyOf' || key === 'oneOf' || key === 'allOf') && Array.isArray(value)) {\n out[key] = (value as Record<string, unknown>[]).map((v) => toOpenApi3(v))\n } else if (key === 'additionalProperties' && value && typeof value === 'object') {\n out.additionalProperties = toOpenApi3(value as Record<string, unknown>)\n } else {\n out[key] = value\n }\n }\n\n return out as OpenApiSchema\n}\n","/**\n * Build-time route loader for OpenAPI emit.\n *\n * Takes the G1 manifest (filePath + routePath + methods) and hydrates each\n * route's Zod schemas by dynamically importing the module. `defineRoute`\n * is an identity function, so the imported config exposes `body/query/\n * params/response` directly without any AST gymnastics.\n *\n * Supports both export shapes:\n * 1. `export const POST = defineRoute({...})` (per-method named exports)\n * 2. `export default defineRoute({...})` (single-export legacy shape)\n *\n * Per G2 plan v1.1 T2.2. Uses Vite's `ssrLoadModule` because route files\n * are TS at build time — Node's native loader doesn't transpile.\n */\nimport { resolve } from 'node:path'\n\nimport type { z } from 'zod'\n\nimport type { ManifestRoute } from '../../server/scan/manifest.js'\n\nimport type { OpenApiManifestRoute } from './emit.js'\n\ninterface RouteConfigShape {\n body?: z.ZodType\n query?: z.ZodType\n params?: z.ZodType\n response?: z.ZodType\n}\n\ninterface ViteLikeServer {\n ssrLoadModule: (id: string) => Promise<Record<string, unknown>>\n close: () => Promise<void>\n}\n\ninterface DefaultLoader {\n load: (absPath: string) => Promise<Record<string, unknown>>\n dispose: () => Promise<void>\n}\n\n/** Method names recognized as per-route named exports (UPPERCASE). */\nconst HTTP_METHOD_KEYS = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'] as const\n\nexport interface LoadRoutesOptions {\n serverDir: string\n routes: ManifestRoute[]\n /** Injectable for tests; defaults to a fresh Vite SSR dev server. */\n loadModule?: (absPath: string) => Promise<Record<string, unknown>>\n}\n\n/**\n * Hydrate manifest routes with Zod schemas extracted from their modules.\n *\n * Returns one `OpenApiManifestRoute` per (file × method) tuple. If a route\n * file declares multiple methods (`GET` + `POST`), each method gets its\n * own entry with the schemas from that method's `defineRoute()` call.\n *\n * Routes that fail to load are skipped with a console warning — the emit\n * should be best-effort, not a hard build failure.\n *\n * The default Vite loader is created once per call and disposed in the\n * `finally` block so the underlying server is released even when route\n * loading throws.\n */\nexport async function loadRoutesForOpenApi(\n options: LoadRoutesOptions,\n): Promise<OpenApiManifestRoute[]> {\n const { serverDir, routes } = options\n let loadModule = options.loadModule\n let dispose: (() => Promise<void>) | undefined\n if (loadModule === undefined) {\n const created = await createDefaultLoader(serverDir)\n loadModule = created.load\n dispose = created.dispose\n }\n\n const out: OpenApiManifestRoute[] = []\n try {\n for (const r of routes) {\n const abs = resolve(serverDir, r.filePath)\n let mod: Record<string, unknown>\n try {\n mod = await loadModule(abs)\n } catch (err) {\n console.warn(\n `[openapi-emit] Skipping ${r.filePath}: load failed (${(err as Error).message})`,\n )\n continue\n }\n\n const methods = r.methods ?? HTTP_METHOD_KEYS.filter((m) => mod[m] !== undefined)\n if (methods.length === 0) {\n // Fall back to default export when no method-named exports detected.\n const def = mod.default\n if (def !== undefined && def !== null) {\n out.push({ routePath: r.routePath, methods: ['GET'], ...extractSchemas(def) })\n }\n continue\n }\n\n for (const method of methods) {\n const handler = mod[method] ?? mod.default\n if (handler === undefined || handler === null) continue\n out.push({ routePath: r.routePath, methods: [method], ...extractSchemas(handler) })\n }\n }\n } finally {\n if (dispose !== undefined) {\n await dispose()\n }\n }\n return out\n}\n\nfunction extractSchemas(handlerExport: unknown): RouteConfigShape {\n if (typeof handlerExport !== 'object' || handlerExport === null) return {}\n const cfg = handlerExport as RouteConfigShape\n const out: RouteConfigShape = {}\n if (cfg.body !== undefined) out.body = cfg.body\n if (cfg.query !== undefined) out.query = cfg.query\n if (cfg.params !== undefined) out.params = cfg.params\n if (cfg.response !== undefined) out.response = cfg.response\n return out\n}\n\n/**\n * Default loader: spin up a minimal Vite SSR dev server (no HMR, no\n * middlewares) just to use its `ssrLoadModule`. Vite handles TS, ESM, and\n * import resolution for free.\n *\n * Returns `{load, dispose}` — the caller owns the lifecycle and MUST\n * call `dispose()` (typically in a `finally`) so the server is closed.\n */\nasync function createDefaultLoader(serverDir: string): Promise<DefaultLoader> {\n // Vite is a peerDep in build flows; import dynamically.\n const { createServer } = await import('vite')\n const server = (await createServer({\n root: serverDir,\n configFile: false,\n server: { middlewareMode: true },\n appType: 'custom',\n logLevel: 'silent',\n })) as unknown as ViteLikeServer\n\n const swallow = (): void => {\n /* eat close errors — best-effort cleanup */\n }\n return {\n load: async (absPath) => server.ssrLoadModule(absPath),\n dispose: async () => {\n await server.close().catch(swallow)\n },\n }\n}\n","/**\n * Dev-mode OpenAPI emit helper for `theokit dev`.\n *\n * Per P#3 plan v1.3 T1.1 (ADRs D3 + D4 + EC-8). Called once on `theokit dev`\n * boot AND on every chokidar 'change'/'add'/'unlink' watcher event for\n * route files when `config.openapi !== undefined`. Re-runs G2's\n * `emitOpenApi()` orchestrator to keep `<distDir>/openapi.json` always\n * fresh in dev.\n *\n * EC-8 absorbed (single-flight guard): if a previous invocation is still\n * awaiting `loadRoutesForOpenApi` (Vite SSR loader can hang on circular\n * imports or syntax errors), skip the new call and emit a `console.warn`\n * so watcher events don't pile up + dev server doesn't deadlock.\n *\n * Best-effort: ALL errors caught + warned. Never throws out of the\n * exported function (would crash Vite dev's chokidar handler).\n *\n * NEVER ship to runtime — dev-only artifact gated on `config.openapi`.\n */\nimport { generateManifest } from '../../server/scan/manifest.js'\n\nimport { emitOpenApi } from './emit.js'\nimport { loadRoutesForOpenApi } from './load-routes.js'\n\ninterface DevEmitConfig {\n servers: { url: string; description?: string }[]\n specVersion: '3.1.0' | '3.0.3'\n title: string\n version: string\n}\n\nlet inFlight = false\n\nexport async function reEmitOpenApi(\n serverDir: string,\n distDir: string,\n openApiConfig: DevEmitConfig,\n): Promise<void> {\n if (inFlight) {\n console.warn(\n '[openapi-emit] previous emit still running; skipping watcher event (EC-8 single-flight guard)',\n )\n return\n }\n inFlight = true\n try {\n const manifest = generateManifest(serverDir)\n const hydrated = await loadRoutesForOpenApi({ serverDir, routes: manifest.routes })\n emitOpenApi({\n manifest: hydrated,\n config: { ...openApiConfig, outDir: distDir },\n })\n } catch (err) {\n console.warn(`[openapi-emit] re-emit failed: ${(err as Error).message}`)\n } finally {\n inFlight = false\n }\n}\n\n/** Test seam — resets the inFlight flag between tests. NOT for production use. */\nexport function _resetInFlightForTests(): void {\n inFlight = false\n}\n"],"mappings":";;;;;;;;;;AAsBA,SAAS,WAAW,qBAAqB;AACzC,SAAS,YAAY;;;ACZrB,SAAS,SAAS;AAqCX,SAAS,mBAAmB,QAAmB,UAA0B,CAAC,GAAkB;AACjG,QAAM,MAAkB,QAAQ,OAAO,EAAE,MAAM,oBAAI,IAAI,GAAG,YAAY,CAAC,EAAE;AAEzE,QAAM,OAAO,QAAQ;AACrB,MAAI,SAAS,QAAW;AACtB,QAAI,OAAO,UAAU,eAAe,KAAK,IAAI,YAAY,IAAI,GAAG;AAC9D,aAAO,EAAE,MAAM,wBAAwB,IAAI,GAAG;AAAA,IAChD;AACA,QAAI,KAAK,IAAI,QAAQ,IAAI;AACzB,QAAI,WAAW,IAAI,IAAI,CAAC;AACxB,UAAM,OAAO,cAAc,QAAQ,GAAG;AACtC,QAAI,WAAW,IAAI,IAAI;AACvB,WAAO,EAAE,MAAM,wBAAwB,IAAI,GAAG;AAAA,EAChD;AAEA,SAAO,cAAc,QAAQ,GAAG;AAClC;AAEA,SAAS,cAAc,QAAmB,KAAgC;AACxE,QAAM,WAAW,IAAI,KAAK,IAAI,MAAM;AACpC,MAAI,aAAa,QAAW;AAC1B,WAAO,EAAE,MAAM,wBAAwB,QAAQ,GAAG;AAAA,EACpD;AAEA,MAAI;AACF,UAAM,aAAa,EAAE,aAAa,MAAM;AACxC,WAAO,WAAW,UAAU;AAAA,EAC9B,QAAQ;AACN,WAAO,CAAC;AAAA,EACV;AACF;AASA,SAAS,WAAW,IAA4C;AAC9D,QAAM,EAAE,SAAS,GAAG,OAAO,OAAO,GAAG,KAAK,IAAI;AAC9C,QAAM,MAA+B,CAAC;AAEtC,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,IAAI,GAAG;AAC/C,QAAI,QAAQ,UAAU,MAAM,QAAQ,KAAK,GAAG;AAC1C,YAAM,QAAQ;AACd,YAAM,UAAU,MAAM,SAAS,MAAM;AACrC,YAAM,UAAU,MAAM,OAAO,CAAC,MAAc,MAAM,MAAM;AACxD,UAAI,OAAO,QAAQ,WAAW,IAAI,QAAQ,CAAC,IAAI;AAC/C,UAAI,QAAS,KAAI,WAAW;AAAA,IAC9B,WAAW,QAAQ,gBAAgB,SAAS,OAAO,UAAU,UAAU;AACrE,YAAM,QAAuC,CAAC;AAC9C,iBAAW,CAAC,IAAI,EAAE,KAAK,OAAO,QAAQ,KAAgC,GAAG;AACvE,cAAM,EAAE,IAAI,MAAM,OAAO,OAAO,WAAW,WAAW,EAA6B,IAAK;AAAA,MAC1F;AACA,UAAI,aAAa;AAAA,IACnB,WAAW,QAAQ,WAAW,SAAS,OAAO,UAAU,UAAU;AAChE,UAAI,QAAQ,WAAW,KAAgC;AAAA,IACzD,YAAY,QAAQ,WAAW,QAAQ,WAAW,QAAQ,YAAY,MAAM,QAAQ,KAAK,GAAG;AAC1F,UAAI,GAAG,IAAK,MAAoC,IAAI,CAAC,MAAM,WAAW,CAAC,CAAC;AAAA,IAC1E,WAAW,QAAQ,0BAA0B,SAAS,OAAO,UAAU,UAAU;AAC/E,UAAI,uBAAuB,WAAW,KAAgC;AAAA,IACxE,OAAO;AACL,UAAI,GAAG,IAAI;AAAA,IACb;AAAA,EACF;AAEA,SAAO;AACT;;;ADrBA,IAAM,gBAAuD;AAAA,EAC3D,KAAK;AAAA,EACL,MAAM;AAAA,EACN,KAAK;AAAA,EACL,OAAO;AAAA,EACP,QAAQ;AAAA,EACR,MAAM;AAAA,EACN,SAAS;AACX;AAGO,SAAS,aAAa,WAA2B;AAGtD,SAAO,UAAU,QAAQ,4BAA4B,MAAM;AAC7D;AAEA,SAAS,gBACP,cACA,aACA,KACoB;AACpB,QAAM,MAA0B,CAAC;AACjC,MAAI,iBAAiB,QAAW;AAC9B,6BAAyB,cAAc,QAAQ,KAAK,GAAG;AAAA,EACzD;AACA,MAAI,gBAAgB,QAAW;AAC7B,6BAAyB,aAAa,SAAS,KAAK,GAAG;AAAA,EACzD;AACA,SAAO;AACT;AAEA,SAAS,yBACP,QACA,UACA,KACA,KACM;AAGN,QAAM,QAAS,OAA4D;AAC3E,MAAI,UAAU,OAAW;AACzB,aAAW,CAAC,MAAM,KAAK,KAAK,OAAO,QAAQ,KAAK,GAAG;AACjD,UAAM,WAAY,MAAqD;AACvE,UAAM,WAAW,SAAS,aAAa,iBAAiB,SAAS,aAAa;AAC9E,QAAI,KAAK;AAAA,MACP;AAAA,MACA,IAAI;AAAA,MACJ,UAAU,aAAa,SAAS,OAAO,CAAC;AAAA,MACxC,QAAQ,mBAAmB,OAAO,EAAE,IAAI,CAAC;AAAA,IAC3C,CAAC;AAAA,EACH;AACF;AAEA,SAAS,eACP,OACA,KACA,QACkB;AAElB,QAAM,YAAY,MAAM,UAAU,QAAQ,aAAa,GAAG,EAAE,QAAQ,OAAO,GAAG;AAC9E,QAAM,cAAc,GAAG,OAAO,YAAY,CAAC,IAAI,UAAU,QAAQ,UAAU,EAAE,CAAC;AAC9E,QAAM,KAAuB;AAAA,IAC3B;AAAA,IACA,WAAW;AAAA,MACT,OAAO,EAAE,aAAa,KAAK;AAAA,IAC7B;AAAA,EACF;AAEA,QAAM,aAAa,gBAAgB,MAAM,QAAQ,MAAM,OAAO,GAAG;AACjE,MAAI,WAAW,SAAS,EAAG,IAAG,aAAa;AAI3C,MAAI,MAAM,SAAS,QAAW;AAC5B,OAAG,cAAc;AAAA,MACf,UAAU;AAAA,MACV,SAAS;AAAA,QACP,oBAAoB,EAAE,QAAQ,mBAAmB,MAAM,MAAM,EAAE,IAAI,CAAC,EAAE;AAAA,MACxE;AAAA,IACF;AAAA,EACF;AAEA,MAAI,MAAM,aAAa,QAAW;AAChC,OAAG,UAAU,KAAK,IAAI;AAAA,MACpB,aAAa;AAAA,MACb,SAAS;AAAA,QACP,oBAAoB,EAAE,QAAQ,mBAAmB,MAAM,UAAU,EAAE,IAAI,CAAC,EAAE;AAAA,MAC5E;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AACT;AAEO,SAAS,YAAY,OAA4C;AACtE,QAAM,EAAE,UAAU,OAAO,IAAI;AAE7B,QAAM,MAAkB,EAAE,MAAM,oBAAI,IAAI,GAAG,YAAY,CAAC,EAAE;AAE1D,QAAM,QAAyC,CAAC;AAChD,aAAW,SAAS,UAAU;AAC5B,UAAM,gBAAgB,aAAa,MAAM,SAAS;AAClD,UAAM,OAAwB,MAAM,aAAa,KAAK,CAAC;AACvD,eAAW,UAAU,MAAM,SAAS;AAKlC,YAAM,MAAM,cAAc,OAAO,YAAY,CAAC;AAC9C,UAAI,QAAQ,OAAW;AACvB,WAAK,GAAG,IAAI,eAAe,OAAO,KAAK,MAAM;AAAA,IAC/C;AACA,UAAM,aAAa,IAAI;AAAA,EACzB;AAEA,QAAM,UAAU,oBAAoB,OAAO,OAAO;AAElD,QAAM,WAA4B;AAAA,IAChC,SAAS,OAAO;AAAA,IAChB,MAAM,EAAE,OAAO,OAAO,OAAO,SAAS,OAAO,QAAQ;AAAA,IACrD;AAAA,IACA;AAAA,EACF;AAEA,MAAI,OAAO,KAAK,IAAI,UAAU,EAAE,SAAS,GAAG;AAC1C,aAAS,aAAa,EAAE,SAAS,IAAI,WAAW;AAAA,EAClD;AAEA,YAAU,OAAO,QAAQ,EAAE,WAAW,KAAK,CAAC;AAC5C,QAAM,UAAU,KAAK,OAAO,QAAQ,cAAc;AAClD,gBAAc,SAAS,GAAG,KAAK,UAAU,UAAU,MAAM,CAAC,CAAC;AAAA,GAAM,MAAM;AAEvE,SAAO,EAAE,UAAU,MAAM,QAAQ;AACnC;AAEA,SAAS,oBACP,SACyC;AACzC,QAAM,WAAW,QAAQ,IAAI;AAC7B,MAAI,aAAa,UAAa,aAAa,GAAI,QAAO;AACtD,MAAI,QAAQ,WAAW,EAAG,QAAO,CAAC,EAAE,KAAK,SAAS,CAAC;AACnD,QAAM,CAAC,OAAO,GAAG,IAAI,IAAI;AACzB,SAAO;AAAA,IACL;AAAA,MACE,KAAK;AAAA,MACL,GAAI,MAAM,gBAAgB,SAAY,EAAE,aAAa,MAAM,YAAY,IAAI,CAAC;AAAA,IAC9E;AAAA,IACA,GAAG;AAAA,EACL;AACF;;;AEtOA,SAAS,eAAe;AA0BxB,IAAM,mBAAmB,CAAC,OAAO,QAAQ,OAAO,SAAS,UAAU,QAAQ,SAAS;AAuBpF,eAAsB,qBACpB,SACiC;AACjC,QAAM,EAAE,WAAW,OAAO,IAAI;AAC9B,MAAI,aAAa,QAAQ;AACzB,MAAI;AACJ,MAAI,eAAe,QAAW;AAC5B,UAAM,UAAU,MAAM,oBAAoB,SAAS;AACnD,iBAAa,QAAQ;AACrB,cAAU,QAAQ;AAAA,EACpB;AAEA,QAAM,MAA8B,CAAC;AACrC,MAAI;AACF,eAAW,KAAK,QAAQ;AACtB,YAAM,MAAM,QAAQ,WAAW,EAAE,QAAQ;AACzC,UAAI;AACJ,UAAI;AACF,cAAM,MAAM,WAAW,GAAG;AAAA,MAC5B,SAAS,KAAK;AACZ,gBAAQ;AAAA,UACN,2BAA2B,EAAE,QAAQ,kBAAmB,IAAc,OAAO;AAAA,QAC/E;AACA;AAAA,MACF;AAEA,YAAM,UAAU,EAAE,WAAW,iBAAiB,OAAO,CAAC,MAAM,IAAI,CAAC,MAAM,MAAS;AAChF,UAAI,QAAQ,WAAW,GAAG;AAExB,cAAM,MAAM,IAAI;AAChB,YAAI,QAAQ,UAAa,QAAQ,MAAM;AACrC,cAAI,KAAK,EAAE,WAAW,EAAE,WAAW,SAAS,CAAC,KAAK,GAAG,GAAG,eAAe,GAAG,EAAE,CAAC;AAAA,QAC/E;AACA;AAAA,MACF;AAEA,iBAAW,UAAU,SAAS;AAC5B,cAAM,UAAU,IAAI,MAAM,KAAK,IAAI;AACnC,YAAI,YAAY,UAAa,YAAY,KAAM;AAC/C,YAAI,KAAK,EAAE,WAAW,EAAE,WAAW,SAAS,CAAC,MAAM,GAAG,GAAG,eAAe,OAAO,EAAE,CAAC;AAAA,MACpF;AAAA,IACF;AAAA,EACF,UAAE;AACA,QAAI,YAAY,QAAW;AACzB,YAAM,QAAQ;AAAA,IAChB;AAAA,EACF;AACA,SAAO;AACT;AAEA,SAAS,eAAe,eAA0C;AAChE,MAAI,OAAO,kBAAkB,YAAY,kBAAkB,KAAM,QAAO,CAAC;AACzE,QAAM,MAAM;AACZ,QAAM,MAAwB,CAAC;AAC/B,MAAI,IAAI,SAAS,OAAW,KAAI,OAAO,IAAI;AAC3C,MAAI,IAAI,UAAU,OAAW,KAAI,QAAQ,IAAI;AAC7C,MAAI,IAAI,WAAW,OAAW,KAAI,SAAS,IAAI;AAC/C,MAAI,IAAI,aAAa,OAAW,KAAI,WAAW,IAAI;AACnD,SAAO;AACT;AAUA,eAAe,oBAAoB,WAA2C;AAE5E,QAAM,EAAE,aAAa,IAAI,MAAM,OAAO,MAAM;AAC5C,QAAM,SAAU,MAAM,aAAa;AAAA,IACjC,MAAM;AAAA,IACN,YAAY;AAAA,IACZ,QAAQ,EAAE,gBAAgB,KAAK;AAAA,IAC/B,SAAS;AAAA,IACT,UAAU;AAAA,EACZ,CAAC;AAED,QAAM,UAAU,MAAY;AAAA,EAE5B;AACA,SAAO;AAAA,IACL,MAAM,OAAO,YAAY,OAAO,cAAc,OAAO;AAAA,IACrD,SAAS,YAAY;AACnB,YAAM,OAAO,MAAM,EAAE,MAAM,OAAO;AAAA,IACpC;AAAA,EACF;AACF;;;AC1HA,IAAI,WAAW;AAEf,eAAsB,cACpB,WACA,SACA,eACe;AACf,MAAI,UAAU;AACZ,YAAQ;AAAA,MACN;AAAA,IACF;AACA;AAAA,EACF;AACA,aAAW;AACX,MAAI;AACF,UAAM,WAAW,iBAAiB,SAAS;AAC3C,UAAM,WAAW,MAAM,qBAAqB,EAAE,WAAW,QAAQ,SAAS,OAAO,CAAC;AAClF,gBAAY;AAAA,MACV,UAAU;AAAA,MACV,QAAQ,EAAE,GAAG,eAAe,QAAQ,QAAQ;AAAA,IAC9C,CAAC;AAAA,EACH,SAAS,KAAK;AACZ,YAAQ,KAAK,kCAAmC,IAAc,OAAO,EAAE;AAAA,EACzE,UAAE;AACA,eAAW;AAAA,EACb;AACF;AAGO,SAAS,yBAA+B;AAC7C,aAAW;AACb;","names":[]}
|
|
@@ -3,12 +3,12 @@ import "tsx/esm";
|
|
|
3
3
|
import {
|
|
4
4
|
emitOpenApi,
|
|
5
5
|
loadRoutesForOpenApi
|
|
6
|
-
} from "./chunk-
|
|
6
|
+
} from "./chunk-WGHJD6I7.js";
|
|
7
7
|
import {
|
|
8
8
|
generateManifest
|
|
9
|
-
} from "./chunk-
|
|
10
|
-
import "./chunk-
|
|
11
|
-
import "./chunk-
|
|
9
|
+
} from "./chunk-WEGALZEU.js";
|
|
10
|
+
import "./chunk-VBZCVFSA.js";
|
|
11
|
+
import "./chunk-COXLEZCN.js";
|
|
12
12
|
import "./chunk-KT3MWNZG.js";
|
|
13
13
|
|
|
14
14
|
// src/vite-plugin/openapi-emit/dev-emit.ts
|
|
@@ -41,4 +41,4 @@ export {
|
|
|
41
41
|
_resetInFlightForTests,
|
|
42
42
|
reEmitOpenApi
|
|
43
43
|
};
|
|
44
|
-
//# sourceMappingURL=dev-emit-
|
|
44
|
+
//# sourceMappingURL=dev-emit-HHP2XJXE.js.map
|