theokit 0.6.0 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (91) hide show
  1. package/dist/{actions-virtual-module-DL74V6SR.js → actions-virtual-module-4WVKHQ2X.js} +5 -2
  2. package/dist/actions-virtual-module-4WVKHQ2X.js.map +1 -0
  3. package/dist/{actions-virtual-module-ZDD54ZZE.js → actions-virtual-module-LTOXBSCF.js} +16 -2
  4. package/dist/actions-virtual-module-LTOXBSCF.js.map +1 -0
  5. package/dist/{app-typed-client-4M4NVSK3.js → app-typed-client-4N5OGNOQ.js} +15 -4
  6. package/dist/app-typed-client-4N5OGNOQ.js.map +1 -0
  7. package/dist/{app-typed-client-4GIKUKRT.js → app-typed-client-SAETWZT5.js} +5 -4
  8. package/dist/app-typed-client-SAETWZT5.js.map +1 -0
  9. package/dist/{build-ZZAQV2ES.js → build-KQD2EDU4.js} +5 -6
  10. package/dist/build-KQD2EDU4.js.map +1 -0
  11. package/dist/chunk-223EFY5X.js +469 -0
  12. package/dist/chunk-223EFY5X.js.map +1 -0
  13. package/dist/{chunk-HDA6M7P4.js → chunk-3LVRAGAZ.js} +3 -5
  14. package/dist/{chunk-4NLIESWK.js → chunk-4I47JW5O.js} +24 -417
  15. package/dist/chunk-4I47JW5O.js.map +1 -0
  16. package/dist/{chunk-P2RS3WWY.js → chunk-6FYD34NX.js} +194 -22
  17. package/dist/chunk-6FYD34NX.js.map +1 -0
  18. package/dist/{chunk-SVSUUK4H.js → chunk-6VSKLYT6.js} +7 -9
  19. package/dist/chunk-6VSKLYT6.js.map +1 -0
  20. package/dist/chunk-CBGRFVF5.js +421 -0
  21. package/dist/chunk-CBGRFVF5.js.map +1 -0
  22. package/dist/{chunk-B3L3TJVF.js → chunk-JBCHWRKF.js} +50 -50
  23. package/dist/chunk-JBCHWRKF.js.map +1 -0
  24. package/dist/{chunk-XMS5VRIK.js → chunk-JQSFBJR5.js} +3 -3
  25. package/dist/chunk-JQSFBJR5.js.map +1 -0
  26. package/dist/{chunk-D4SV7JOG.js → chunk-MV4LKTW6.js} +97 -135
  27. package/dist/chunk-MV4LKTW6.js.map +1 -0
  28. package/dist/chunk-PBEH6NXR.js +44 -0
  29. package/dist/chunk-PBEH6NXR.js.map +1 -0
  30. package/dist/chunk-PPPR5DGR.js +1 -0
  31. package/dist/cli/index.js +5 -5
  32. package/dist/client/index.d.ts +81 -7
  33. package/dist/client/index.js +111 -3
  34. package/dist/client/index.js.map +1 -1
  35. package/dist/{dev-MHCQ5RD7.js → dev-NDEZA2MP.js} +8 -6
  36. package/dist/dev-NDEZA2MP.js.map +1 -0
  37. package/dist/{dev-emit-6DJUK6DT.js → dev-emit-O4EGOSNV.js} +2 -4
  38. package/dist/{dev-emit-6DJUK6DT.js.map → dev-emit-O4EGOSNV.js.map} +1 -1
  39. package/dist/{dev-emit-4WG3B5BM.js → dev-emit-OUPI7NAQ.js} +3 -4
  40. package/dist/{dev-emit-4WG3B5BM.js.map → dev-emit-OUPI7NAQ.js.map} +1 -1
  41. package/dist/{dist-KRW6OVD4.js → dist-6GPD6WCU.js} +10231 -8164
  42. package/dist/dist-6GPD6WCU.js.map +1 -0
  43. package/dist/{index-CuHICqb9.d.ts → index-DWZF8uQD.d.ts} +132 -132
  44. package/dist/index.js +6 -6
  45. package/dist/index.js.map +1 -1
  46. package/dist/{lib-NST3PNZX.js → lib-JBI3XXH3.js} +27 -27
  47. package/dist/{lib-NST3PNZX.js.map → lib-JBI3XXH3.js.map} +1 -1
  48. package/dist/{openapi-KSY272CW.js → openapi-NXGRXABL.js} +3 -4
  49. package/dist/{openapi-KSY272CW.js.map → openapi-NXGRXABL.js.map} +1 -1
  50. package/dist/{routes-NWJA5L5I.js → routes-6A5XFGF7.js} +4 -6
  51. package/dist/routes-6A5XFGF7.js.map +1 -0
  52. package/dist/server/auth/index.d.ts +20 -20
  53. package/dist/server/http/index.d.ts +2 -2
  54. package/dist/server/index.d.ts +2 -2
  55. package/dist/server/index.js +9 -13
  56. package/dist/server/index.js.map +1 -1
  57. package/dist/server/scan/index.d.ts +13 -13
  58. package/dist/server/scan/index.js +8 -12
  59. package/dist/server/security/index.d.ts +69 -69
  60. package/dist/server/security/index.js +1 -1
  61. package/dist/{start-OAAAQ7Z4.js → start-SPFWOGHL.js} +14 -14
  62. package/dist/vite-plugin/index.js +4 -4
  63. package/dist/{vite-plugin-IF2O6BJV.js → vite-plugin-43KQU5S7.js} +7 -5
  64. package/dist/vite-plugin-43KQU5S7.js.map +1 -0
  65. package/package.json +19 -19
  66. package/dist/actions-virtual-module-DL74V6SR.js.map +0 -1
  67. package/dist/actions-virtual-module-ZDD54ZZE.js.map +0 -1
  68. package/dist/app-typed-client-4GIKUKRT.js.map +0 -1
  69. package/dist/app-typed-client-4M4NVSK3.js.map +0 -1
  70. package/dist/build-ZZAQV2ES.js.map +0 -1
  71. package/dist/chunk-4NLIESWK.js.map +0 -1
  72. package/dist/chunk-B3L3TJVF.js.map +0 -1
  73. package/dist/chunk-D4SV7JOG.js.map +0 -1
  74. package/dist/chunk-GPF64ENM.js +0 -73
  75. package/dist/chunk-HDA6M7P4.js.map +0 -1
  76. package/dist/chunk-OLPB36O2.js +0 -259
  77. package/dist/chunk-OLPB36O2.js.map +0 -1
  78. package/dist/chunk-P2RS3WWY.js.map +0 -1
  79. package/dist/chunk-P3SGM4NR.js +0 -156
  80. package/dist/chunk-P3SGM4NR.js.map +0 -1
  81. package/dist/chunk-SVSUUK4H.js.map +0 -1
  82. package/dist/chunk-UVHRD33F.js +0 -181
  83. package/dist/chunk-UVHRD33F.js.map +0 -1
  84. package/dist/chunk-XMS5VRIK.js.map +0 -1
  85. package/dist/dev-MHCQ5RD7.js.map +0 -1
  86. package/dist/dist-KRW6OVD4.js.map +0 -1
  87. package/dist/routes-NWJA5L5I.js.map +0 -1
  88. package/dist/{chunk-GPF64ENM.js.map → chunk-3LVRAGAZ.js.map} +0 -0
  89. package/dist/{vite-plugin-IF2O6BJV.js.map → chunk-PPPR5DGR.js.map} +0 -0
  90. package/dist/{module-loader-Cfz7dgCP.d.ts → match-CfbEFRG4.d.ts} +4 -4
  91. /package/dist/{start-OAAAQ7Z4.js.map → start-SPFWOGHL.js.map} +0 -0
@@ -1,10 +1,24 @@
1
1
  import { IncomingMessage, ServerResponse } from 'node:http';
2
2
  import { J as JobBackend } from './job-backend-CgC8Xf33.js';
3
3
  import { P as PluginRunner } from './plugin-runner-BGBkzgi0.js';
4
- import { S as ServerRouteNode, L as LoadModule } from './module-loader-Cfz7dgCP.js';
4
+ import { L as LoadModule, S as ServerRouteNode } from './match-CfbEFRG4.js';
5
5
  import { c as CsrfMode, D as DisallowedConfig } from './csrf-BBrEZSBW.js';
6
6
  import { z } from 'zod';
7
7
 
8
+ interface ExecuteActionOptions {
9
+ filePath: string;
10
+ exportName: string;
11
+ req: IncomingMessage;
12
+ res: ServerResponse;
13
+ loadModule: LoadModule;
14
+ serverDir?: string;
15
+ requestId?: string;
16
+ pluginRunner?: PluginRunner;
17
+ csrfMode?: CsrfMode;
18
+ disallowed?: DisallowedConfig;
19
+ }
20
+ declare function executeAction(filePath: string, exportName: string, req: IncomingMessage, res: ServerResponse, loadModule: LoadModule, serverDir?: string, requestId?: string, pluginRunner?: PluginRunner, csrfMode?: CsrfMode, disallowed?: DisallowedConfig): Promise<void>;
21
+
8
22
  /**
9
23
  * T5.2 — pluggable response/request transformer.
10
24
  *
@@ -105,26 +119,73 @@ declare function sendError(res: ServerResponse, code: string, message: string, s
105
119
 
106
120
  declare function executeRoute(ctx: ExecuteRouteContext): Promise<void>;
107
121
 
108
- interface ExecuteActionOptions {
109
- filePath: string;
110
- exportName: string;
111
- req: IncomingMessage;
112
- res: ServerResponse;
113
- loadModule: LoadModule;
114
- serverDir?: string;
115
- requestId?: string;
116
- pluginRunner?: PluginRunner;
117
- csrfMode?: CsrfMode;
118
- disallowed?: DisallowedConfig;
119
- }
120
- declare function executeAction(filePath: string, exportName: string, req: IncomingMessage, res: ServerResponse, loadModule: LoadModule, serverDir?: string, requestId?: string, pluginRunner?: PluginRunner, csrfMode?: CsrfMode, disallowed?: DisallowedConfig): Promise<void>;
122
+ /**
123
+ * T1.4 — Server-side batch handler.
124
+ *
125
+ * Receives `{ requests: [...] }` POSTed to `/api/__theo_batch__` and returns
126
+ * `{ results: [...] }` with per-item error isolation. EC-2: items cannot
127
+ * override auth/forwarded headers (would be a session-bypass vector).
128
+ */
121
129
 
122
- interface MiddlewareResult {
123
- ctx: unknown;
124
- aborted: boolean;
130
+ declare const STRIPPED_HEADERS: readonly ["authorization", "cookie", "x-forwarded-for", "x-forwarded-host", "x-forwarded-proto", "x-real-ip", "host"];
131
+ declare const BATCH_PATH = "/api/__theo_batch__";
132
+ declare class BatchPathConflictError extends Error {
133
+ constructor(path: string);
125
134
  }
126
- declare function _resetMiddlewareCacheForTests(): void;
127
- declare function runMiddlewareAndContext(req: IncomingMessage, res: ServerResponse, loadModule: LoadModule, serverDir: string): Promise<MiddlewareResult>;
135
+ declare const batchRequestSchema: z.ZodObject<{
136
+ path: z.ZodString;
137
+ method: z.ZodString;
138
+ query: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
139
+ body: z.ZodOptional<z.ZodUnknown>;
140
+ headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
141
+ }, z.core.$strip>;
142
+ declare const batchPayloadSchema: z.ZodObject<{
143
+ requests: z.ZodArray<z.ZodObject<{
144
+ path: z.ZodString;
145
+ method: z.ZodString;
146
+ query: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
147
+ body: z.ZodOptional<z.ZodUnknown>;
148
+ headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
149
+ }, z.core.$strip>>;
150
+ }, z.core.$strip>;
151
+ type BatchRequestItem = z.infer<typeof batchRequestSchema>;
152
+ type BatchPayload = z.infer<typeof batchPayloadSchema>;
153
+ type BatchExecuteFn = (req: BatchRequestItem) => Promise<{
154
+ data: unknown;
155
+ } | {
156
+ error: {
157
+ message: string;
158
+ code?: string;
159
+ };
160
+ }>;
161
+ interface HandleBatchOptions {
162
+ execute: BatchExecuteFn;
163
+ /** Max number of items per batch. Default 32. */
164
+ max?: number;
165
+ /** Outer-request headers that override per-item headers in STRIPPED_HEADERS. */
166
+ outerHeaders?: Record<string, string>;
167
+ }
168
+ type BatchResultItem = {
169
+ data: unknown;
170
+ } | {
171
+ error: {
172
+ message: string;
173
+ code?: string;
174
+ };
175
+ };
176
+ interface BatchResponse {
177
+ results: BatchResultItem[];
178
+ }
179
+ /**
180
+ * Validate + execute a batch request.
181
+ *
182
+ * CR-028 fix: previously the signature was `payload: BatchPayload`,
183
+ * suggesting the caller had already validated. In reality `api-middleware`
184
+ * passes `JSON.parse(rawBody) as BatchPayload` — an unsafe cast over raw
185
+ * HTTP input. We widen the input type to `unknown` so the type system
186
+ * forces validation, then run Zod once at this single trust boundary.
187
+ */
188
+ declare function handleBatchRequest(payload: unknown, options: HandleBatchOptions): Promise<BatchResponse>;
128
189
 
129
190
  /**
130
191
  * T1.2 — CORS middleware.
@@ -188,6 +249,58 @@ interface CorsWebHandler {
188
249
  }
189
250
  declare function createCorsWebHandler(config: CorsConfig): CorsWebHandler;
190
251
 
252
+ /**
253
+ * Phase 7 — Observability: traceId propagation (D7).
254
+ *
255
+ * Extract a stable identifier from incoming requests so a single value
256
+ * correlates the client request, every server log line, the response
257
+ * envelope, and any downstream span. Precedence:
258
+ *
259
+ * 1. `traceparent` (W3C Trace Context — `00-{32-hex}-{16-hex}-{flags}`)
260
+ * 2. `x-request-id` (Heroku / GCP / generic proxy header)
261
+ * 3. Generated UUID (fresh per request)
262
+ *
263
+ * UUIDs are accepted as trace identifiers by every major vendor that
264
+ * does not enforce strict 32-hex (Datadog, Honeycomb, Sentry, Logflare,
265
+ * Axiom, etc). We don't need ULIDs to ship this surface.
266
+ */
267
+ declare const TRACE_HEADER = "x-trace-id";
268
+ declare const TRACE_PARENT_HEADER = "traceparent";
269
+ /**
270
+ * Parse a W3C Trace Context `traceparent` header value. Returns the
271
+ * 32-hex trace-id when valid (and not the reserved all-zeros), else
272
+ * `null`.
273
+ */
274
+ declare function parseTraceparent(value: string): string | null;
275
+ /**
276
+ * Resolve the request's traceId following the precedence above.
277
+ */
278
+ declare function extractTraceId(req: IncomingMessage): string;
279
+ /**
280
+ * T5a.2 Phase C slice 1/2 — Web-Standards-shaped traceId resolver.
281
+ *
282
+ * Mirror of `extractTraceId(req: IncomingMessage)` for the Web `Request`
283
+ * shape. Same precedence (`traceparent` → `x-request-id` → generated
284
+ * UUID). Uses `request.headers.get(name)` (native Web `Headers` API)
285
+ * instead of the Node indexer.
286
+ *
287
+ * **Multi-value note:** Web `Headers` collapses repeated headers into a
288
+ * single comma-separated string at parse. The IncomingMessage path's
289
+ * `pickHeader` "first non-empty value" semantic is naturally satisfied
290
+ * because there's no array to pick from on the Web side — `.get()`
291
+ * returns the comma-joined value, which for `traceparent` / `x-request-id`
292
+ * is treated as a single string anyway (both headers are conventionally
293
+ * single-valued).
294
+ */
295
+ declare function extractTraceIdFromRequest(request: Request): string;
296
+
297
+ interface MiddlewareResult {
298
+ ctx: unknown;
299
+ aborted: boolean;
300
+ }
301
+ declare function _resetMiddlewareCacheForTests(): void;
302
+ declare function runMiddlewareAndContext(req: IncomingMessage, res: ServerResponse, loadModule: LoadModule, serverDir: string): Promise<MiddlewareResult>;
303
+
191
304
  interface CookieOptions {
192
305
  httpOnly?: boolean;
193
306
  secure?: boolean;
@@ -260,74 +373,6 @@ declare function appendDeleteCookieToHeaders(target: Headers, name: string, opti
260
373
  path?: string;
261
374
  }): void;
262
375
 
263
- /**
264
- * T1.4 — Server-side batch handler.
265
- *
266
- * Receives `{ requests: [...] }` POSTed to `/api/__theo_batch__` and returns
267
- * `{ results: [...] }` with per-item error isolation. EC-2: items cannot
268
- * override auth/forwarded headers (would be a session-bypass vector).
269
- */
270
-
271
- declare const STRIPPED_HEADERS: readonly ["authorization", "cookie", "x-forwarded-for", "x-forwarded-host", "x-forwarded-proto", "x-real-ip", "host"];
272
- declare const BATCH_PATH = "/api/__theo_batch__";
273
- declare class BatchPathConflictError extends Error {
274
- constructor(path: string);
275
- }
276
- declare const batchRequestSchema: z.ZodObject<{
277
- path: z.ZodString;
278
- method: z.ZodString;
279
- query: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
280
- body: z.ZodOptional<z.ZodUnknown>;
281
- headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
282
- }, z.core.$strip>;
283
- declare const batchPayloadSchema: z.ZodObject<{
284
- requests: z.ZodArray<z.ZodObject<{
285
- path: z.ZodString;
286
- method: z.ZodString;
287
- query: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
288
- body: z.ZodOptional<z.ZodUnknown>;
289
- headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
290
- }, z.core.$strip>>;
291
- }, z.core.$strip>;
292
- type BatchRequestItem = z.infer<typeof batchRequestSchema>;
293
- type BatchPayload = z.infer<typeof batchPayloadSchema>;
294
- type BatchExecuteFn = (req: BatchRequestItem) => Promise<{
295
- data: unknown;
296
- } | {
297
- error: {
298
- message: string;
299
- code?: string;
300
- };
301
- }>;
302
- interface HandleBatchOptions {
303
- execute: BatchExecuteFn;
304
- /** Max number of items per batch. Default 32. */
305
- max?: number;
306
- /** Outer-request headers that override per-item headers in STRIPPED_HEADERS. */
307
- outerHeaders?: Record<string, string>;
308
- }
309
- type BatchResultItem = {
310
- data: unknown;
311
- } | {
312
- error: {
313
- message: string;
314
- code?: string;
315
- };
316
- };
317
- interface BatchResponse {
318
- results: BatchResultItem[];
319
- }
320
- /**
321
- * Validate + execute a batch request.
322
- *
323
- * CR-028 fix: previously the signature was `payload: BatchPayload`,
324
- * suggesting the caller had already validated. In reality `api-middleware`
325
- * passes `JSON.parse(rawBody) as BatchPayload` — an unsafe cast over raw
326
- * HTTP input. We widen the input type to `unknown` so the type system
327
- * forces validation, then run Zod once at this single trust boundary.
328
- */
329
- declare function handleBatchRequest(payload: unknown, options: HandleBatchOptions): Promise<BatchResponse>;
330
-
331
376
  /**
332
377
  * T2.4 — Custom error pages loader.
333
378
  *
@@ -351,49 +396,4 @@ declare function loadCustomErrorPages(clientDir: string): CustomErrorPages;
351
396
 
352
397
  declare function serveStaticFile(req: IncomingMessage, res: ServerResponse, clientDir: string): boolean;
353
398
 
354
- /**
355
- * Phase 7 — Observability: traceId propagation (D7).
356
- *
357
- * Extract a stable identifier from incoming requests so a single value
358
- * correlates the client request, every server log line, the response
359
- * envelope, and any downstream span. Precedence:
360
- *
361
- * 1. `traceparent` (W3C Trace Context — `00-{32-hex}-{16-hex}-{flags}`)
362
- * 2. `x-request-id` (Heroku / GCP / generic proxy header)
363
- * 3. Generated UUID (fresh per request)
364
- *
365
- * UUIDs are accepted as trace identifiers by every major vendor that
366
- * does not enforce strict 32-hex (Datadog, Honeycomb, Sentry, Logflare,
367
- * Axiom, etc). We don't need ULIDs to ship this surface.
368
- */
369
- declare const TRACE_HEADER = "x-trace-id";
370
- declare const TRACE_PARENT_HEADER = "traceparent";
371
- /**
372
- * Parse a W3C Trace Context `traceparent` header value. Returns the
373
- * 32-hex trace-id when valid (and not the reserved all-zeros), else
374
- * `null`.
375
- */
376
- declare function parseTraceparent(value: string): string | null;
377
- /**
378
- * Resolve the request's traceId following the precedence above.
379
- */
380
- declare function extractTraceId(req: IncomingMessage): string;
381
- /**
382
- * T5a.2 Phase C slice 1/2 — Web-Standards-shaped traceId resolver.
383
- *
384
- * Mirror of `extractTraceId(req: IncomingMessage)` for the Web `Request`
385
- * shape. Same precedence (`traceparent` → `x-request-id` → generated
386
- * UUID). Uses `request.headers.get(name)` (native Web `Headers` API)
387
- * instead of the Node indexer.
388
- *
389
- * **Multi-value note:** Web `Headers` collapses repeated headers into a
390
- * single comma-separated string at parse. The IncomingMessage path's
391
- * `pickHeader` "first non-empty value" semantic is naturally satisfied
392
- * because there's no array to pick from on the Web side — `.get()`
393
- * returns the comma-joined value, which for `traceparent` / `x-request-id`
394
- * is treated as a single string anyway (both headers are conventionally
395
- * single-valued).
396
- */
397
- declare function extractTraceIdFromRequest(request: Request): string;
398
-
399
399
  export { getCookie as A, BATCH_PATH as B, type CookieOptions as C, getCookieFromRequest as D, type ExecuteActionOptions as E, handleBatchRequest as F, jsonTransformer as G, type HandleBatchOptions as H, loadCustomErrorPages as I, matchesOrigin as J, parseCookieHeader as K, parseTraceparent as L, MAX_ERROR_HTML_BYTES as M, resolveTransformer as N, runMiddlewareAndContext as O, sendError as P, sendJson as Q, serializeCookie as R, STRIPPED_HEADERS as S, TRACE_HEADER as T, serveStaticFile as U, setCookie as V, superjsonTransformer as W, _resetMiddlewareCacheForTests as _, type BatchExecuteFn as a, BatchPathConflictError as b, type BatchPayload as c, type BatchRequestItem as d, type BatchResponse as e, type BatchResultItem as f, type CorsConfig as g, type CorsHandler as h, type CorsOrigin as i, type CorsWebHandler as j, type CustomErrorPages as k, type ExecuteRouteContext as l, type MiddlewareResult as m, type SendErrorInput as n, type SendErrorOptions as o, TRACE_PARENT_HEADER as p, type TheoTransformer as q, appendCookieToHeaders as r, appendDeleteCookieToHeaders as s, createCorsHandler as t, createCorsWebHandler as u, deleteCookie as v, executeAction as w, executeRoute as x, extractTraceId as y, extractTraceIdFromRequest as z };
package/dist/index.js CHANGED
@@ -8,18 +8,18 @@ import {
8
8
  scanRoutes,
9
9
  theoConfigSchema,
10
10
  theoPlugin
11
- } from "./chunk-SVSUUK4H.js";
11
+ } from "./chunk-6VSKLYT6.js";
12
12
  import "./chunk-D7ZH7DTG.js";
13
+ import "./chunk-PPPR5DGR.js";
13
14
  import "./chunk-7BIM27LV.js";
14
15
  import "./chunk-PIVX3DYW.js";
15
16
  import "./chunk-5QW7IQQU.js";
16
17
  import "./chunk-IAJ2JVEH.js";
17
18
  import "./chunk-VMEWD57H.js";
18
19
  import "./chunk-JQSKBMXP.js";
19
- import "./chunk-OLPB36O2.js";
20
- import "./chunk-P3SGM4NR.js";
20
+ import "./chunk-223EFY5X.js";
21
21
  import "./chunk-WSJKACWB.js";
22
- import "./chunk-B3L3TJVF.js";
22
+ import "./chunk-JBCHWRKF.js";
23
23
  import "./chunk-C3ZZ56YZ.js";
24
24
  import "./chunk-7MQOHNHE.js";
25
25
  import "./chunk-X2VVCJ4V.js";
@@ -36,7 +36,7 @@ function defineConfig(config) {
36
36
  return config;
37
37
  }
38
38
 
39
- // src/core/validate-structure.ts
39
+ // src/config/validate-structure.ts
40
40
  import { existsSync } from "fs";
41
41
  import { join } from "path";
42
42
 
@@ -61,7 +61,7 @@ ${errorLines}
61
61
  }
62
62
  };
63
63
 
64
- // src/core/validate-structure.ts
64
+ // src/config/validate-structure.ts
65
65
  var REQUIRED_DIRS = [
66
66
  {
67
67
  path: "app",
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/config/define-config.ts","../src/core/validate-structure.ts","../src/core/errors.ts"],"sourcesContent":["import type { TheoConfig } from './schema.js'\n\n/**\n * Define Theo framework configuration.\n * Identity function — provides type inference for theo.config.ts.\n * Runtime validation happens in loadConfig(), not here.\n */\nexport function defineConfig(config: Partial<TheoConfig>): Partial<TheoConfig> {\n return config\n}\n","/* eslint-disable security/detect-non-literal-fs-filename --\n * Project-structure validator. Reads paths joined onto `projectRoot`,\n * with names from a fixed `ValidationRule[]` table. No HTTP input.\n */\nimport { existsSync } from 'node:fs'\nimport { join } from 'node:path'\n\nimport { TheoProjectError } from './errors.js'\n\ninterface ValidationRule {\n path: string\n errorMessage: string\n}\n\nconst REQUIRED_DIRS: ValidationRule[] = [\n {\n path: 'app',\n errorMessage: 'Missing required directory: app/',\n },\n]\n\nconst REQUIRED_FILES: ValidationRule[] = [\n {\n path: 'theo.config.ts',\n errorMessage: 'Missing required file: theo.config.ts',\n },\n {\n path: 'package.json',\n errorMessage: 'Missing required file: package.json',\n },\n]\n\nexport function validateProjectStructure(rootDir: string): void {\n if (!existsSync(rootDir)) {\n throw new TheoProjectError([`Project directory does not exist: ${rootDir}`], rootDir)\n }\n\n const errors: string[] = []\n\n for (const rule of REQUIRED_DIRS) {\n if (!existsSync(join(rootDir, rule.path))) {\n errors.push(rule.errorMessage)\n }\n }\n\n for (const rule of REQUIRED_FILES) {\n if (!existsSync(join(rootDir, rule.path))) {\n errors.push(rule.errorMessage)\n }\n }\n\n if (errors.length > 0) {\n throw new TheoProjectError(errors, rootDir)\n }\n}\n","export class TheoProjectError extends Error {\n public readonly errors: string[]\n public readonly rootDir: string\n\n constructor(errors: string[], rootDir: string) {\n const errorLines = errors.map((e) => ` - ${e}`).join('\\n')\n\n super(\n `Invalid Theo project structure\\n\\n` +\n ` Root: ${rootDir}\\n\\n` +\n (errorLines ? ` Errors:\\n${errorLines}\\n` : ''),\n )\n\n this.name = 'TheoProjectError'\n this.errors = errors\n this.rootDir = rootDir\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAOO,SAAS,aAAa,QAAkD;AAC7E,SAAO;AACT;;;ACLA,SAAS,kBAAkB;AAC3B,SAAS,YAAY;;;ACLd,IAAM,mBAAN,cAA+B,MAAM;AAAA,EAC1B;AAAA,EACA;AAAA,EAEhB,YAAY,QAAkB,SAAiB;AAC7C,UAAM,aAAa,OAAO,IAAI,CAAC,MAAM,OAAO,CAAC,EAAE,EAAE,KAAK,IAAI;AAE1D;AAAA,MACE;AAAA;AAAA,UACa,OAAO;AAAA;AAAA,KACjB,aAAa;AAAA,EAAc,UAAU;AAAA,IAAO;AAAA,IACjD;AAEA,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,UAAU;AAAA,EACjB;AACF;;;ADHA,IAAM,gBAAkC;AAAA,EACtC;AAAA,IACE,MAAM;AAAA,IACN,cAAc;AAAA,EAChB;AACF;AAEA,IAAM,iBAAmC;AAAA,EACvC;AAAA,IACE,MAAM;AAAA,IACN,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,cAAc;AAAA,EAChB;AACF;AAEO,SAAS,yBAAyB,SAAuB;AAC9D,MAAI,CAAC,WAAW,OAAO,GAAG;AACxB,UAAM,IAAI,iBAAiB,CAAC,qCAAqC,OAAO,EAAE,GAAG,OAAO;AAAA,EACtF;AAEA,QAAM,SAAmB,CAAC;AAE1B,aAAW,QAAQ,eAAe;AAChC,QAAI,CAAC,WAAW,KAAK,SAAS,KAAK,IAAI,CAAC,GAAG;AACzC,aAAO,KAAK,KAAK,YAAY;AAAA,IAC/B;AAAA,EACF;AAEA,aAAW,QAAQ,gBAAgB;AACjC,QAAI,CAAC,WAAW,KAAK,SAAS,KAAK,IAAI,CAAC,GAAG;AACzC,aAAO,KAAK,KAAK,YAAY;AAAA,IAC/B;AAAA,EACF;AAEA,MAAI,OAAO,SAAS,GAAG;AACrB,UAAM,IAAI,iBAAiB,QAAQ,OAAO;AAAA,EAC5C;AACF;","names":[]}
1
+ {"version":3,"sources":["../src/config/define-config.ts","../src/config/validate-structure.ts","../src/core/errors.ts"],"sourcesContent":["import type { TheoConfig } from './schema.js'\n\n/**\n * Define Theo framework configuration.\n * Identity function — provides type inference for theo.config.ts.\n * Runtime validation happens in loadConfig(), not here.\n */\nexport function defineConfig(config: Partial<TheoConfig>): Partial<TheoConfig> {\n return config\n}\n","/* eslint-disable security/detect-non-literal-fs-filename --\n * Project-structure validator. Reads paths joined onto `projectRoot`,\n * with names from a fixed `ValidationRule[]` table. No HTTP input.\n */\nimport { existsSync } from 'node:fs'\nimport { join } from 'node:path'\n\nimport { TheoProjectError } from '../core/errors.js'\n\ninterface ValidationRule {\n path: string\n errorMessage: string\n}\n\nconst REQUIRED_DIRS: ValidationRule[] = [\n {\n path: 'app',\n errorMessage: 'Missing required directory: app/',\n },\n]\n\nconst REQUIRED_FILES: ValidationRule[] = [\n {\n path: 'theo.config.ts',\n errorMessage: 'Missing required file: theo.config.ts',\n },\n {\n path: 'package.json',\n errorMessage: 'Missing required file: package.json',\n },\n]\n\nexport function validateProjectStructure(rootDir: string): void {\n if (!existsSync(rootDir)) {\n throw new TheoProjectError([`Project directory does not exist: ${rootDir}`], rootDir)\n }\n\n const errors: string[] = []\n\n for (const rule of REQUIRED_DIRS) {\n if (!existsSync(join(rootDir, rule.path))) {\n errors.push(rule.errorMessage)\n }\n }\n\n for (const rule of REQUIRED_FILES) {\n if (!existsSync(join(rootDir, rule.path))) {\n errors.push(rule.errorMessage)\n }\n }\n\n if (errors.length > 0) {\n throw new TheoProjectError(errors, rootDir)\n }\n}\n","export class TheoProjectError extends Error {\n public readonly errors: string[]\n public readonly rootDir: string\n\n constructor(errors: string[], rootDir: string) {\n const errorLines = errors.map((e) => ` - ${e}`).join('\\n')\n\n super(\n `Invalid Theo project structure\\n\\n` +\n ` Root: ${rootDir}\\n\\n` +\n (errorLines ? ` Errors:\\n${errorLines}\\n` : ''),\n )\n\n this.name = 'TheoProjectError'\n this.errors = errors\n this.rootDir = rootDir\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAOO,SAAS,aAAa,QAAkD;AAC7E,SAAO;AACT;;;ACLA,SAAS,kBAAkB;AAC3B,SAAS,YAAY;;;ACLd,IAAM,mBAAN,cAA+B,MAAM;AAAA,EAC1B;AAAA,EACA;AAAA,EAEhB,YAAY,QAAkB,SAAiB;AAC7C,UAAM,aAAa,OAAO,IAAI,CAAC,MAAM,OAAO,CAAC,EAAE,EAAE,KAAK,IAAI;AAE1D;AAAA,MACE;AAAA;AAAA,UACa,OAAO;AAAA;AAAA,KACjB,aAAa;AAAA,EAAc,UAAU;AAAA,IAAO;AAAA,IACjD;AAEA,SAAK,OAAO;AACZ,SAAK,SAAS;AACd,SAAK,UAAU;AAAA,EACjB;AACF;;;ADHA,IAAM,gBAAkC;AAAA,EACtC;AAAA,IACE,MAAM;AAAA,IACN,cAAc;AAAA,EAChB;AACF;AAEA,IAAM,iBAAmC;AAAA,EACvC;AAAA,IACE,MAAM;AAAA,IACN,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,cAAc;AAAA,EAChB;AACF;AAEO,SAAS,yBAAyB,SAAuB;AAC9D,MAAI,CAAC,WAAW,OAAO,GAAG;AACxB,UAAM,IAAI,iBAAiB,CAAC,qCAAqC,OAAO,EAAE,GAAG,OAAO;AAAA,EACtF;AAEA,QAAM,SAAmB,CAAC;AAE1B,aAAW,QAAQ,eAAe;AAChC,QAAI,CAAC,WAAW,KAAK,SAAS,KAAK,IAAI,CAAC,GAAG;AACzC,aAAO,KAAK,KAAK,YAAY;AAAA,IAC/B;AAAA,EACF;AAEA,aAAW,QAAQ,gBAAgB;AACjC,QAAI,CAAC,WAAW,KAAK,SAAS,KAAK,IAAI,CAAC,GAAG;AACzC,aAAO,KAAK,KAAK,YAAY;AAAA,IAC/B;AAAA,EACF;AAEA,MAAI,OAAO,SAAS,GAAG;AACrB,UAAM,IAAI,iBAAiB,QAAQ,OAAO;AAAA,EAC5C;AACF;","names":[]}
@@ -5,9 +5,9 @@ import {
5
5
  __require
6
6
  } from "./chunk-KT3MWNZG.js";
7
7
 
8
- // ../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/util.js
8
+ // ../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/util.js
9
9
  var require_util = __commonJS({
10
- "../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/util.js"(exports) {
10
+ "../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/util.js"(exports) {
11
11
  "use strict";
12
12
  exports.getBooleanOption = (options, key) => {
13
13
  let value = false;
@@ -21,9 +21,9 @@ var require_util = __commonJS({
21
21
  }
22
22
  });
23
23
 
24
- // ../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/sqlite-error.js
24
+ // ../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/sqlite-error.js
25
25
  var require_sqlite_error = __commonJS({
26
- "../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/sqlite-error.js"(exports, module) {
26
+ "../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/sqlite-error.js"(exports, module) {
27
27
  "use strict";
28
28
  var descriptor = { value: "SqliteError", writable: true, enumerable: false, configurable: true };
29
29
  function SqliteError(message, code) {
@@ -220,9 +220,9 @@ var require_bindings = __commonJS({
220
220
  }
221
221
  });
222
222
 
223
- // ../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/wrappers.js
223
+ // ../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/wrappers.js
224
224
  var require_wrappers = __commonJS({
225
- "../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/wrappers.js"(exports) {
225
+ "../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/wrappers.js"(exports) {
226
226
  "use strict";
227
227
  var { cppdb } = require_util();
228
228
  exports.prepare = function prepare(sql) {
@@ -283,9 +283,9 @@ var require_wrappers = __commonJS({
283
283
  }
284
284
  });
285
285
 
286
- // ../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/transaction.js
286
+ // ../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/transaction.js
287
287
  var require_transaction = __commonJS({
288
- "../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/transaction.js"(exports, module) {
288
+ "../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/transaction.js"(exports, module) {
289
289
  "use strict";
290
290
  var { cppdb } = require_util();
291
291
  var controllers = /* @__PURE__ */ new WeakMap();
@@ -356,9 +356,9 @@ var require_transaction = __commonJS({
356
356
  }
357
357
  });
358
358
 
359
- // ../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/pragma.js
359
+ // ../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/pragma.js
360
360
  var require_pragma = __commonJS({
361
- "../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/pragma.js"(exports, module) {
361
+ "../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/pragma.js"(exports, module) {
362
362
  "use strict";
363
363
  var { getBooleanOption, cppdb } = require_util();
364
364
  module.exports = function pragma(source, options) {
@@ -372,9 +372,9 @@ var require_pragma = __commonJS({
372
372
  }
373
373
  });
374
374
 
375
- // ../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/backup.js
375
+ // ../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/backup.js
376
376
  var require_backup = __commonJS({
377
- "../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/backup.js"(exports, module) {
377
+ "../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/backup.js"(exports, module) {
378
378
  "use strict";
379
379
  var fs = __require("fs");
380
380
  var path = __require("path");
@@ -433,9 +433,9 @@ var require_backup = __commonJS({
433
433
  }
434
434
  });
435
435
 
436
- // ../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/serialize.js
436
+ // ../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/serialize.js
437
437
  var require_serialize = __commonJS({
438
- "../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/serialize.js"(exports, module) {
438
+ "../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/serialize.js"(exports, module) {
439
439
  "use strict";
440
440
  var { cppdb } = require_util();
441
441
  module.exports = function serialize(options) {
@@ -449,9 +449,9 @@ var require_serialize = __commonJS({
449
449
  }
450
450
  });
451
451
 
452
- // ../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/function.js
452
+ // ../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/function.js
453
453
  var require_function = __commonJS({
454
- "../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/function.js"(exports, module) {
454
+ "../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/function.js"(exports, module) {
455
455
  "use strict";
456
456
  var { getBooleanOption, cppdb } = require_util();
457
457
  module.exports = function defineFunction(name, options, fn) {
@@ -480,9 +480,9 @@ var require_function = __commonJS({
480
480
  }
481
481
  });
482
482
 
483
- // ../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/aggregate.js
483
+ // ../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/aggregate.js
484
484
  var require_aggregate = __commonJS({
485
- "../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/aggregate.js"(exports, module) {
485
+ "../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/aggregate.js"(exports, module) {
486
486
  "use strict";
487
487
  var { getBooleanOption, cppdb } = require_util();
488
488
  module.exports = function defineAggregate(name, options) {
@@ -520,9 +520,9 @@ var require_aggregate = __commonJS({
520
520
  }
521
521
  });
522
522
 
523
- // ../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/table.js
523
+ // ../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/table.js
524
524
  var require_table = __commonJS({
525
- "../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/table.js"(exports, module) {
525
+ "../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/table.js"(exports, module) {
526
526
  "use strict";
527
527
  var { cppdb } = require_util();
528
528
  module.exports = function defineTable(name, factory) {
@@ -682,9 +682,9 @@ var require_table = __commonJS({
682
682
  }
683
683
  });
684
684
 
685
- // ../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/inspect.js
685
+ // ../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/inspect.js
686
686
  var require_inspect = __commonJS({
687
- "../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/methods/inspect.js"(exports, module) {
687
+ "../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/methods/inspect.js"(exports, module) {
688
688
  "use strict";
689
689
  var DatabaseInspection = function Database() {
690
690
  };
@@ -694,9 +694,9 @@ var require_inspect = __commonJS({
694
694
  }
695
695
  });
696
696
 
697
- // ../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/database.js
697
+ // ../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/database.js
698
698
  var require_database = __commonJS({
699
- "../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/database.js"(exports, module) {
699
+ "../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/database.js"(exports, module) {
700
700
  "use strict";
701
701
  var fs = __require("fs");
702
702
  var path = __require("path");
@@ -770,12 +770,12 @@ var require_database = __commonJS({
770
770
  }
771
771
  });
772
772
 
773
- // ../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/index.js
773
+ // ../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/index.js
774
774
  var require_lib = __commonJS({
775
- "../../node_modules/.pnpm/better-sqlite3@12.10.0/node_modules/better-sqlite3/lib/index.js"(exports, module) {
775
+ "../../node_modules/.pnpm/better-sqlite3@12.11.1/node_modules/better-sqlite3/lib/index.js"(exports, module) {
776
776
  module.exports = require_database();
777
777
  module.exports.SqliteError = require_sqlite_error();
778
778
  }
779
779
  });
780
780
  export default require_lib();
781
- //# sourceMappingURL=lib-NST3PNZX.js.map
781
+ //# sourceMappingURL=lib-JBI3XXH3.js.map