vafast 0.1.17

package/LICENSE

@@ -0,0 +1,22 @@
+MIT License
+
+Copyright (c) 2025 Vafast Team
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+

package/README.md

@@ -0,0 +1,237 @@
+# Vafast
+![Cloudflare Workers](https://img.shields.io/badge/Runtime-Workers-F38020?logo=cloudflare&logoColor=white)
+![bun](https://img.shields.io/badge/Runtime-Bun-%23000000?logo=bun\&logoColor=white)
+![version](https://img.shields.io/npm/v/vafast)
+![license](https://img.shields.io/npm/l/vafast)
+![stars](https://img.shields.io/github/stars/vafast/vafast?style=social)
+
+
+> Vafast — 在一个文件中编写高性能API。
+专为Bun构建。设计上类型安全。冷启动时间低于1ms。
+
+---
+
+[![文档](https://img.shields.io/badge/docs-vafast.dev-blue?logo=readthedocs)](https://vafast.dev)
+
+## 📚 Vafast 文档
+
+探索Vafast的完整指南 — 一个专为速度、结构和零样板代码而构建的Bun和Edge原生Web框架。
+
+👉 [https://vafast.dev](https://vafast.dev)
+
+---
+
+> ⚡ 亚毫秒级API。一流的副作用控制。
+> 👉 [在GitHub上给Vafast加星标](https://github.com/vafast/vafast)  
+Vafast是一个声明式、类型安全的Bun框架 — 旨在使副作用显式化，性能可预测。
+
+---
+
+## 🚀 快速开始
+
+```bash
+npx create-vafast-app
+```
+
+<p align="center"> <img src="./assets/スクリーンショット 2025-06-17 21.58.05.png" width="500" alt="Vafast设置终端截图"> </p> 
+
+选择您的环境：
+
+* **Bun**
+* **Cloudflare Workers**
+
+此命令在几秒钟内设置一个可立即运行的Vafast项目。
+
+📣 **喜欢不碍事的极简工具？**
+给主Vafast仓库加星标：[https://github.com/vafast/vafast](https://github.com/vafast/vafast)
+
+---
+
+## 📁 您将获得什么
+
+一个零样板项目，专为您的运行时定制：
+
+* 带有工作路由器和`/`端点的`index.ts`
+* 运行时配置文件（`bunfig.toml`、`wrangler.toml`）
+* 带有最小脚本和依赖项的`package.json`
+
+示例输出：
+
+```bash
+✔ 选择您的目标环境: › Bun
+✔ 项目文件夹: › my-vafast-app
+
+✅ Vafast应用已在'my-vafast-app'中创建
+
+下一步：
+
+  cd my-vafast-app
+  bun install       # 或 npm install
+  npm run dev (Bun)      # 或 wrangler dev 
+```
+
+---
+
+## 🔧 设计理念
+
+Vafast建立在5个核心原则之上：
+
+1. **代码即结构** — 路由、中间件和逻辑是配置，而不是行为。代码是清单，而不是脚本。
+2. **错误即值** — VafastError携带类型、状态和意图。它们被抛出，但不被隐藏。
+3. **组合优于约定** — 中间件被显式组合，顺序是契约的一部分。
+4. **类型塑造行为** — 您的API的结构和安全性由其类型定义，而不是文档。
+5. **专为边缘设计** — 为Bun构建，为fetch优化，诞生于毫秒时代。
+
+---
+
+## ✨ 特性
+
+* ✅ **结构优先路由** — 将整个API定义为单个声明式结构
+* ✅ **可组合中间件** — 显式`compose()`流程，无装饰器或全局作用域
+* ✅ **结构化错误** — 抛出带有类型、状态和可见性的`VafastError`
+* ✅ **内置响应助手** — `json()`、`html()`、`text()`、`error()`等 — 干净且一致
+* ✅ **边缘原生执行** — 在Bun、Workers和Deno上即时冷启动和亚毫秒响应
+* ✅ **无样板代码** — 无CLI、无配置、无目录规则。只有纯代码。
+* ✅ **设计上类型安全** — 路由、处理器、错误，全部由TypeScript塑造
+
+---
+
+## ⚡️ 性能基准测试
+
+所有测试均使用Bun v1.1.0在M2 Pro芯片（macOS）上进行，模拟边缘运行时条件。
+
+| 指标             | 结果             | 解释 |
+|--------------------|--------------------|----------------|
+| ❄️ 冷启动       | `0.02 ms`           | 🧊 基本上无法测量 — 完美适用于边缘/fetch基础运行时 |
+| ⚡️ 首次请求    | `0.79 ms`           | 🚀 突破1ms障碍。适用于延迟关键型API |
+| 🔁 请求/秒     | `90,489 rps`        | 🔥 与Hono相当，超过Express 10倍+ |
+| 📉 平均延迟      | `0.96 ms`           | ⚡ 负载下亚毫秒 — 适用于交互式应用 |
+| 📦 吞吐量       | `10.9 MB/sec`       | 📈 轻松处理大型JSON负载 |
+| 🎯 总请求数   | `905,000 in 10s`    | 💪 经过真实世界负载的实战测试 |
+
+> ✨ Vafast专为边缘优先、零预热环境而设计 — 这些数字证明了这一点。
+
+---
+
+## 🧱 Cookie示例
+
+```ts
+import { Server,json,setCookie,requireAuth } from "vafast";
+import type { Route } from "vafast";
+
+const routes: Route[] = [
+  {
+    method: "GET",
+    path: "/login",
+    handler: () => {
+      const headers = new Headers();
+      headers.append("Set-Cookie", setCookie("auth", "valid-token", {
+        httpOnly: true,
+        path: "/",
+        maxAge: 3600,
+      }));
+      return json({ message: "已登录" }, 200, headers);
+    },
+    middleware: [], 
+  },
+  {
+    method: "GET",
+    path: "/private",
+    handler: () => json({ message: "仅限认证用户的秘密数据" }),
+    middleware: [requireAuth], 
+  },
+];
+
+const server = new Server(routes);
+
+export default {
+  fetch: (req: Request) => server.fetch(req),
+};
+```
+
+---
+
+## 🔥 Vafast哲学 – 结构化简洁性的5大法则
+
+后端应该是透明的、快速的，并且像架构一样设计 — 而不是像魔法。Vafast建立在五个现代原则之上：
+
+1. **结构是真理之源**  
+   API被定义为代码，而不是行为。无装饰器，无约定 — 只有您可以阅读的配置。
+
+2. **错误是数据，不是混乱**  
+   异常携带类型、状态和可见性。您不捕获它们 — 您设计它们。
+
+3. **组合就是一切**  
+   中间件被显式组合。无全局状态，无来自地狱的堆栈跟踪。
+
+4. **专为边缘构建，由类型塑造**  
+   Vafast在Bun、Workers和Deno上即时运行。您的类型塑造运行的内容 — 而不是您的文档。
+
+5. **无引导、无样板、无废话**  
+   一个文件。无CLI。无隐藏魔法。您写的就是您部署的。
+
+---
+
+## 🔍 Vafast vs Hono vs Elysia — 关键差异
+
+## 🔍 Vafast vs Hono vs Elysia — 2025年重新审视
+
+| 维度            | **Vafast ✨**                                      | **Hono 🌿**                                      | **Elysia 🧠**                                 |
+|-----------------|--------------------------------------------------|--------------------------------------------------|----------------------------------------------|
+| **哲学**  | 结构和副作用控制                | 简洁性和熟悉性                      | 类型最大化和装饰器DSL            |
+| **路由**     | 声明式`Route[]`结构                  | 链式风格`app.get("/foo")`                   | 宏增强的处理器声明          |
+| **中间件**  | 显式`compose([...])`，每个路由作用域      | 全局`app.use()`和嵌套路由器           | 插件+生命周期钩子+装饰器        |
+| **错误模型** | `VafastError`：带有元数据的结构化错误     | `throw`或`return c.text()`                    | `set.status()`，插件驱动处理   |
+| **类型安全** | 类型驱动的配置和处理器（`Route<T>`）     | 中等（上下文特定类型）                | 极其强大，但与工具紧密耦合 |
+| **响应API**| `json()`、`error()`作为纯返回值        | `c.json()`、`c.text()`方法                  | `set.response()`副作用注入   |
+| **可扩展性**| 中间件和组合原语           | 带有共享上下文的插件                     | 插件+宏+装饰器                |
+| **依赖项**| 🟢 零外部运行时依赖                    | 🟡 轻量级                                  | 🔴 重量级：valibot、宏、SWC等          |
+| **运行时支持** | ✅ Bun / Workers 　 　　　　　　　　　　　        | ✅ Bun / Node / Workers/ Deno                  | ❌ 仅限Bun，限于SWC宏管道  |
+| **理想用户** | API设计师、类型感知极简主义者、边缘开发者| 想要熟悉DX的Express/Deno用户         | 热爱宏和装饰器的TS高级用户  |
+
+> **Vafast**不仅仅是极简 — 它是架构性的。它让您完全控制结构、类型和执行，无需固执己见的工具或隐藏行为。
+
+---
+
+## 📦 安装
+
+```bash
+bun add vafast
+```
+
+在Workers中使用：
+
+```bash
+npm install vafast
+```
+
+---
+
+## 🤍 使用场景
+
+Vafast适用于：
+* ⚡️ 需要边缘速度API — 在Bun、Workers和Deno上亚毫秒响应时间。
+
+* 📦 想要类型驱动可靠性 — 由类型塑造的API，而不是运行时猜测。
+
+* 🌐 部署在现代运行时 — 以fetch优先运行，随处工作：Bun、Node、Workers、Deno。
+
+* 🧪 考虑副作用设计 — 有意识地控制cookie、头部和认证。
+
+---
+
+## 💥 准备好再次编写真实代码了吗？
+
+> 🚀 如果您厌倦了魔法、宏和单体 — 试试Vafast。
+>  
+> 👉 **[⭐️ 在GitHub上加星标](https://github.com/vafast/vafast)** 加入这场运动。
+
+[![GitHub Stars](https://img.shields.io/github/stars/vafast/vafast?style=social)](https://github.com/vafast/vafast)
+
+---
+
+## 📜 许可证
+
+Apache 2.0
+
+

package/dist/auth/token.d.ts

@@ -0,0 +1,3 @@
+/** 生成令牌 */
+export declare function generateToken(payload: Record<string, any>, secret: string): Promise<string>;
+export declare function verifyToken(token: string, secret: string): Promise<Record<string, any> | null>;

package/dist/cookie.d.ts

@@ -0,0 +1,8 @@
+export declare function getCookie(req: Request, key: string): string | null;
+/** 生成 Set-Cookie 头 */
+export declare function setCookie(key: string, value: string, options?: {
+    path?: string;
+    httpOnly?: boolean;
+    maxAge?: number;
+    secure?: boolean;
+}): string;

package/dist/defineRoute.d.ts

@@ -0,0 +1,2 @@
+import type { Route } from "./types";
+export declare function defineRoutes(routes: Route[]): Route[];

package/dist/index.d.ts

@@ -0,0 +1,13 @@
+export * from "./server";
+export * from "./middleware";
+export * from "./util";
+export * from "./cookie";
+export * from "./router";
+export * from "./middleware/authMiddleware";
+export * from "./middleware/rateLimit";
+export * from "./middleware/cors";
+export * from "./auth/token";
+export * from "./middleware/auth";
+export * from "./utils/base64url";
+export * from "./defineRoute";
+export * from "./types";

package/dist/index.js

@@ -0,0 +1,323 @@
+// @bun
+// src/router.ts
+function matchPath(pattern, path) {
+  const patternParts = pattern.split("/").filter(Boolean);
+  const pathParts = path.split("/").filter(Boolean);
+  const params = {};
+  for (let i = 0;i < patternParts.length; i++) {
+    const pat = patternParts[i];
+    const part = pathParts[i];
+    if (pat === "*") {
+      params["*"] = pathParts.slice(i).join("/");
+      return { matched: true, params };
+    }
+    if (pat.startsWith(":")) {
+      if (!part)
+        return { matched: false, params: {} };
+      params[pat.slice(1)] = part;
+      continue;
+    }
+    if (pat !== part)
+      return { matched: false, params: {} };
+  }
+  if (patternParts.length !== pathParts.length)
+    return { matched: false, params: {} };
+  return { matched: true, params };
+}
+
+// src/util.ts
+function json(data, status = 200, headers = {}) {
+  const h = new Headers({
+    "Content-Type": "application/json",
+    ...headers
+  });
+  return new Response(JSON.stringify(data), {
+    status,
+    headers: h
+  });
+}
+function redirect(location, status = 302) {
+  return new Response(null, {
+    status,
+    headers: {
+      Location: location
+    }
+  });
+}
+function parseQuery(req) {
+  return new URL(req.url).searchParams;
+}
+async function parseBody(req) {
+  const contentType = req.headers.get("content-type") || "";
+  if (contentType.includes("application/json")) {
+    return await req.json();
+  }
+  if (contentType.includes("application/x-www-form-urlencoded")) {
+    const text = await req.text();
+    return Object.fromEntries(new URLSearchParams(text));
+  }
+  return await req.text();
+}
+
+// src/middleware.ts
+class VafastError extends Error {
+  status;
+  type;
+  expose;
+  constructor(message, options = {}) {
+    super(message);
+    this.name = "VafastError";
+    this.status = options.status ?? 500;
+    this.type = options.type ?? "internal_error";
+    this.expose = options.expose ?? false;
+    if (options.cause)
+      this.cause = options.cause;
+  }
+}
+function composeMiddleware(middleware, finalHandler) {
+  const all = [errorHandler, ...middleware];
+  return function composedHandler(req) {
+    let i = -1;
+    const dispatch = (index) => {
+      if (index <= i)
+        return Promise.reject(new Error("next() called multiple times"));
+      i = index;
+      const fn = index < all.length ? all[index] : finalHandler;
+      return Promise.resolve(fn(req, () => dispatch(index + 1)));
+    };
+    return dispatch(0);
+  };
+}
+var errorHandler = async (req, next) => {
+  try {
+    return await next();
+  } catch (err) {
+    console.error("\u672A\u5904\u7406\u7684\u9519\u8BEF:", err);
+    if (err instanceof VafastError) {
+      return json({
+        error: err.type,
+        message: err.expose ? err.message : "\u53D1\u751F\u4E86\u4E00\u4E2A\u9519\u8BEF"
+      }, err.status);
+    }
+    return json({ error: "internal_error", message: "\u51FA\u73B0\u4E86\u4E00\u4E9B\u95EE\u9898" }, 500);
+  }
+};
+
+// src/server.ts
+class Server {
+  routes;
+  globalMiddleware = [];
+  constructor(routes) {
+    this.routes = routes;
+  }
+  use(mw) {
+    this.globalMiddleware.push(mw);
+  }
+  fetch = async (req) => {
+    const { pathname } = new URL(req.url);
+    const method = req.method;
+    let matched;
+    let params = {};
+    for (const route of this.routes) {
+      if (route.method !== method)
+        continue;
+      const result = matchPath(route.path, pathname);
+      if (result.matched) {
+        matched = route;
+        params = result.params;
+        break;
+      }
+    }
+    const handler = async (req2) => {
+      if (matched) {
+        req2.params = params;
+        return await matched.handler(req2, params);
+      } else {
+        return new Response("Not Found", { status: 404 });
+      }
+    };
+    const middlewareChain = matched?.middleware ? [...this.globalMiddleware, ...matched.middleware] : this.globalMiddleware;
+    const composedHandler = composeMiddleware(middlewareChain, handler);
+    return await composedHandler(req);
+  };
+}
+// src/cookie.ts
+function getCookie(req, key) {
+  const cookie = req.headers.get("cookie");
+  console.log("[Vafast] \u63A5\u6536\u5230\u7684 Cookie:", cookie);
+  if (!cookie)
+    return null;
+  const pairs = cookie.split(";").map((c) => c.trim().split("="));
+  for (const [k, v] of pairs) {
+    if (k === key) {
+      console.log(`[Vafast] \u5339\u914D\u7684 Cookie: ${k}=${v}`);
+      return decodeURIComponent(v);
+    }
+  }
+  console.log("[Vafast] \u6CA1\u6709\u5339\u914D\u7684 cookie \u952E:", key);
+  return null;
+}
+function setCookie(key, value, options = {}) {
+  let cookie = `${key}=${encodeURIComponent(value)}`;
+  if (options.path)
+    cookie += `; Path=${options.path}`;
+  if (options.httpOnly)
+    cookie += `; HttpOnly`;
+  if (options.secure)
+    cookie += `; Secure`;
+  if (options.maxAge)
+    cookie += `; Max-Age=${options.maxAge}`;
+  return cookie;
+}
+// src/middleware/authMiddleware.ts
+var requireAuth = async (req, next) => {
+  const token = getCookie(req, "auth");
+  if (!token || token !== "valid-token") {
+    throw new VafastError("Unauthorized", {
+      status: 401,
+      type: "unauthorized",
+      expose: true
+    });
+  }
+  return next();
+};
+// src/middleware/rateLimit.ts
+var store = new Map;
+function rateLimit(options = {}) {
+  const windowMs = options.windowMs ?? 60000;
+  const max = options.max ?? 30;
+  const keyFn = options.keyFn ?? getIP;
+  return async (req, next) => {
+    const key = keyFn(req);
+    const now = Date.now();
+    const entry = store.get(key);
+    if (entry && entry.expires > now) {
+      if (entry.count >= max) {
+        throw new VafastError("Too many requests", {
+          status: 429,
+          type: "rate_limit",
+          expose: true
+        });
+      }
+      entry.count += 1;
+    } else {
+      store.set(key, { count: 1, expires: now + windowMs });
+    }
+    return next();
+  };
+}
+function getIP(req) {
+  return req.headers.get("cf-connecting-ip") || req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() || "unknown";
+}
+// src/middleware/cors.ts
+function createCORS(options = {}) {
+  const {
+    origin = [],
+    methods = ["GET", "POST", "PUT", "DELETE", "OPTIONS"],
+    headers = [],
+    credentials = false,
+    maxAge
+  } = options;
+  return async (req, next) => {
+    const reqOrigin = req.headers.get("Origin") || "";
+    const isAllowedOrigin = origin === "*" || origin.includes(reqOrigin);
+    if (req.method === "OPTIONS") {
+      const resHeaders = new Headers;
+      if (isAllowedOrigin) {
+        resHeaders.set("Access-Control-Allow-Origin", origin === "*" ? "*" : reqOrigin);
+        resHeaders.set("Access-Control-Allow-Methods", methods.join(","));
+        resHeaders.set("Access-Control-Allow-Headers", headers.join(","));
+        if (credentials)
+          resHeaders.set("Access-Control-Allow-Credentials", "true");
+        if (maxAge)
+          resHeaders.set("Access-Control-Max-Age", maxAge.toString());
+      }
+      return new Response(null, { status: 204, headers: resHeaders });
+    }
+    const res = await next();
+    if (isAllowedOrigin) {
+      res.headers.set("Access-Control-Allow-Origin", origin === "*" ? "*" : reqOrigin);
+      if (credentials)
+        res.headers.set("Access-Control-Allow-Credentials", "true");
+    }
+    return res;
+  };
+}
+// src/utils/base64url.ts
+function base64urlEncode(str) {
+  return btoa(str).replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_");
+}
+function base64urlDecode(str) {
+  const pad = str.length % 4 === 0 ? "" : "=".repeat(4 - str.length % 4);
+  const base64 = str.replace(/-/g, "+").replace(/_/g, "/") + pad;
+  return atob(base64);
+}
+
+// src/auth/token.ts
+var encoder = new TextEncoder;
+async function sign(data, secret) {
+  const key = await crypto.subtle.importKey("raw", encoder.encode(secret), { name: "HMAC", hash: "SHA-256" }, false, ["sign"]);
+  const signature = await crypto.subtle.sign("HMAC", key, encoder.encode(data));
+  return btoa(String.fromCharCode(...new Uint8Array(signature)));
+}
+async function generateToken(payload, secret) {
+  const data = base64urlEncode(JSON.stringify(payload));
+  const sig = await sign(data, secret);
+  return `${data}.${base64urlEncode(sig)}`;
+}
+async function verifyToken(token, secret) {
+  const [data, sig] = token.split(".");
+  if (!data || !sig)
+    return null;
+  const expectedSig = await sign(data, secret);
+  const expected = base64urlEncode(expectedSig);
+  if (sig !== expected)
+    return null;
+  try {
+    return JSON.parse(base64urlDecode(data));
+  } catch {
+    return null;
+  }
+}
+// src/middleware/auth.ts
+function createAuth(options) {
+  const { secret, cookieName = "auth", headerName = "authorization" } = options;
+  return async (req, next) => {
+    const token = getCookie(req, cookieName) || req.headers.get(headerName)?.replace("Bearer ", "") || "";
+    const user = await verifyToken(token, secret);
+    if (!user) {
+      throw new VafastError("Unauthorized", {
+        status: 401,
+        type: "unauthorized",
+        expose: true
+      });
+    }
+    req.user = user;
+    return next();
+  };
+}
+// src/defineRoute.ts
+function defineRoutes(routes) {
+  return routes;
+}
+export {
+  verifyToken,
+  setCookie,
+  requireAuth,
+  redirect,
+  rateLimit,
+  parseQuery,
+  parseBody,
+  matchPath,
+  json,
+  getCookie,
+  generateToken,
+  defineRoutes,
+  createCORS,
+  createAuth,
+  composeMiddleware,
+  base64urlEncode,
+  base64urlDecode,
+  VafastError,
+  Server
+};

package/dist/middleware/auth.d.ts

@@ -0,0 +1,8 @@
+import type { Middleware } from "../types";
+interface AuthOptions {
+    secret: string;
+    cookieName?: string;
+    headerName?: string;
+}
+export declare function createAuth(options: AuthOptions): Middleware;
+export {};

package/dist/middleware/authMiddleware.d.ts

@@ -0,0 +1,2 @@
+import type { Middleware } from "../types";
+export declare const requireAuth: Middleware;

package/dist/middleware/cors.d.ts

@@ -0,0 +1,9 @@
+import type { Middleware } from "../types";
+export interface CORSOptions {
+    origin?: string[] | "*";
+    methods?: string[];
+    headers?: string[];
+    credentials?: boolean;
+    maxAge?: number;
+}
+export declare function createCORS(options?: CORSOptions): Middleware;

package/dist/middleware/rateLimit.d.ts

@@ -0,0 +1,8 @@
+import type { Middleware } from "../types";
+interface RateLimitOptions {
+    windowMs?: number;
+    max?: number;
+    keyFn?: (req: Request) => string;
+}
+export declare function rateLimit(options?: RateLimitOptions): Middleware;
+export {};

package/dist/middleware.d.ts

@@ -0,0 +1,18 @@
+import type { Handler, Middleware } from "./types";
+/** 中间件类型：使用 next() 传递给下一个处理 */
+/** Vafast 自定义错误类型 */
+export declare class VafastError extends Error {
+    status: number;
+    type: string;
+    expose: boolean;
+    constructor(message: string, options?: {
+        status?: number;
+        type?: string;
+        expose?: boolean;
+        cause?: unknown;
+    });
+}
+/**
+ * 组合类型: 自动注入错误处理器进行中间件组合
+ */
+export declare function composeMiddleware(middleware: Middleware[], finalHandler: Handler): Handler;

package/dist/router.d.ts

@@ -0,0 +1,8 @@
+export interface MatchResult {
+    matched: boolean;
+    params: Record<string, string>;
+}
+/**
+ * 匹配函数：支持动态路由
+ */
+export declare function matchPath(pattern: string, path: string): MatchResult;

package/dist/server.d.ts

@@ -0,0 +1,9 @@
+import type { Middleware } from "./types";
+import type { Route } from "./types";
+export declare class Server {
+    private routes;
+    private globalMiddleware;
+    constructor(routes: Route[]);
+    use(mw: Middleware): void;
+    fetch: (req: Request) => Promise<Response>;
+}

package/dist/types.d.ts

@@ -0,0 +1,9 @@
+export type Method = "GET" | "POST" | "PUT" | "DELETE" | "PATCH";
+export type Handler = (req: Request, params?: Record<string, string>, user?: Record<string, any>) => Response | Promise<Response>;
+export type Middleware = (req: Request, next: () => Promise<Response>) => Promise<Response>;
+export interface Route {
+    method: Method;
+    path: string;
+    handler: Handler;
+    middleware?: Middleware[];
+}

package/dist/util.d.ts

@@ -0,0 +1,7 @@
+export declare function json(data: unknown, status?: number, headers?: HeadersInit): Response;
+/** 生成重定向响应 */
+export declare function redirect(location: string, status?: 301 | 302): Response;
+/** 获取查询字符串 */
+export declare function parseQuery(req: Request): URLSearchParams;
+/** 解析请求体（JSON / URL编码） */
+export declare function parseBody(req: Request): Promise<unknown>;

package/dist/utils/base64url.d.ts

@@ -0,0 +1,2 @@
+export declare function base64urlEncode(str: string): string;
+export declare function base64urlDecode(str: string): string;

package/package.json

@@ -0,0 +1,64 @@
+{
+  "name": "vafast",
+  "version": "0.1.17",
+  "description": "专为Bun构建的极简结构化Web框架。Go风格，函数优先。",
+  "type": "module",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vafast/vafast.git"
+  },
+  "homepage": "https://github.com/vafast/vafast#readme",
+  "bugs": {
+    "url": "https://github.com/vafast/vafast/issues"
+  },
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    },
+    "./mod": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "types": "./dist/index.d.ts",
+  "main": "./dist/index.js",
+  "scripts": {
+    "build": "bun build src/index.ts --outdir dist --target bun",
+    "dev": "bun --watch index.ts",
+    "example": "bun run example/basic/hello-world.ts",
+    "example:schema": "bun run example/advanced/schema.ts",
+    "test": "bun test",
+    "benchmark": "bun run benchmarks/performance.ts",
+    "postbuild": "rimraf src/**/*.d.ts",
+    "release": "bumpp && npm publish"
+  },
+  "keywords": [
+    "bun",
+    "framework",
+    "minimal",
+    "router",
+    "go",
+    "web",
+    "edge",
+    "typescript",
+    "fast"
+  ],
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "author": "Vafast Team",
+  "license": "MIT",
+  "devDependencies": {
+    "@types/node": "^22.15.30",
+    "bumpp": "^10.2.3",
+    "bun-types": "^1.2.20",
+    "rimraf": "^6.0.1"
+  },
+  "dependencies": {
+    "@sinclair/typebox": "^0.34.39",
+    "bun": "^1.2.15"
+  }
+}