vatts 2.0.2 → 2.0.3-canary.1

package/LICENSE

@@ -1,13 +1,13 @@
-Copyright 2026 mfraz
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
+Copyright 2026 mfraz
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
 limitations under the License.

package/README.md

@@ -1,63 +1,63 @@
-<div align="center">  
-  <picture>  
-      <source media="(prefers-color-scheme: dark)" srcset="https://raw.githubusercontent.com/mfrazlab/vatts.js/docs/public/logo.png">  
-      <img alt="Vatts.js logo" src="https://raw.githubusercontent.com/mfrazlab/vatts.js/docs/public/logo.png" width="128">  
-    </picture>  
-  <h1>Vatts.js</h1>  
-
-[![NPM](https://img.shields.io/npm/v/vatts.svg?style=for-the-badge&labelColor=000000)](https://www.npmjs.com/package/vatts)  
-[![License](https://img.shields.io/badge/License-Apache_2.0-blue.svg?style=for-the-badge&labelColor=000000)](./LICENSE)  
-[![GitHub](https://img.shields.io/badge/GitHub-mfrazlab/vatts.js-100000?style=for-the-badge&logo=github&logoColor=white)](https://github.com/mfrazlab/vatts.js)
-
-[![HTTP/3 Supported](https://img.shields.io/badge/SUPPORTED-HTTP/3-brightgreen?style=for-the-badge&labelColor=000000)](#)
-</div>
-
----
-
-
-
-
-## Getting Started
-
-**Vatts.js** is a modern, full-featured web framework for **Node.js** with first-class support for **React and Vue**.
-
-It is the first framework to offer native HTTP/3 support out of the box, powered by a Go-based HTTP server with built-in SSL termination. Applications run directly on the latest web transport protocol, without proxies or external layers.
-
-Vatts.js is a **multi-framework platform**, allowing you to build applications using **either React or Vue per project** — not both at the same time.  
-This keeps the ecosystem clean, predictable, and optimized for performance and tooling.
-
-Vatts removes unnecessary configuration and complex abstractions, allowing you to focus on what truly matters: **building fast, secure, and scalable applications**.
-
-### Why choose Vatts.js?
--  **Native HTTP** — modern, secure, and high-performance networking with **HTTP/3 support**
--  Extremely fast — architecture optimized for low overhead
--  Intuitive API — easy to learn and pleasant to use
--  Productivity from the first minute — zero unnecessary boilerplate
--  Multi-framework — choose **React or Vue per project**
--  Full integration between backend and frontend
--  Built for modern projects — TypeScript-friendly, modular, and extensible
-
-___
-
-## Documentation
-
-Visit [https://vatts.mfraz.ovh](https://vatts.mfraz.ovh) to view the full documentation.
-
-___
-
-## Community
-
-The Vatts.js community can be found on [GitHub Discussions](https://github.com/mfraz/vatts.js), where you can ask questions, share ideas, and showcase your projects with others.
-
-___
-
-
-## Security
-
-Vatts.js is engineered with a security-first architecture centered around an internal proxy layer that mediates all application traffic. This proxy is designed to support modern transports such as native HTTP/3 when SSL is enabled, while consistently enforcing built-in security guarantees at the protocol and application boundaries. Even in local or non-TLS environments, the proxy remains active, preserving request isolation, and secure handling by default.
-
-If you believe you have found a security vulnerability in Vatts.js, we encourage you to **responsibly disclose it and NOT open a public issue**.
-
-To participate in our vulnerability disclosure program, please email [helpers@mfraz.ovh](mailto:help@mfraz.ovh). We will add you to the program and provide further instructions for submitting your report.
-
-___
+<div align="center">  
+  <picture>  
+      <source media="(prefers-color-scheme: dark)" srcset="https://raw.githubusercontent.com/mfrazlab/vatts.js/docs/public/logo.png">  
+      <img alt="Vatts.js logo" src="https://raw.githubusercontent.com/mfrazlab/vatts.js/docs/public/logo.png" width="128">  
+    </picture>  
+  <h1>Vatts.js</h1>  
+
+[![NPM](https://img.shields.io/npm/v/vatts.svg?style=for-the-badge&labelColor=000000)](https://www.npmjs.com/package/vatts)  
+[![License](https://img.shields.io/badge/License-Apache_2.0-blue.svg?style=for-the-badge&labelColor=000000)](./LICENSE)  
+[![GitHub](https://img.shields.io/badge/GitHub-mfrazlab/vatts.js-100000?style=for-the-badge&logo=github&logoColor=white)](https://github.com/mfrazlab/vatts.js)
+
+[![HTTP/3 Supported](https://img.shields.io/badge/SUPPORTED-HTTP/3-brightgreen?style=for-the-badge&labelColor=000000)](#)
+</div>
+
+---
+
+
+
+
+## Getting Started
+
+**Vatts.js** is a modern, full-featured web framework for **Node.js** with first-class support for **React and Vue**.
+
+It is the first framework to offer native HTTP/3 support out of the box, powered by a Go-based HTTP server with built-in SSL termination. Applications run directly on the latest web transport protocol, without proxies or external layers.
+
+Vatts.js is a **multi-framework platform**, allowing you to build applications using **either React or Vue per project** — not both at the same time.  
+This keeps the ecosystem clean, predictable, and optimized for performance and tooling.
+
+Vatts removes unnecessary configuration and complex abstractions, allowing you to focus on what truly matters: **building fast, secure, and scalable applications**.
+
+### Why choose Vatts.js?
+-  **Native HTTP** — modern, secure, and high-performance networking with **HTTP/3 support**
+-  Extremely fast — architecture optimized for low overhead
+-  Intuitive API — easy to learn and pleasant to use
+-  Productivity from the first minute — zero unnecessary boilerplate
+-  Multi-framework — choose **React or Vue per project**
+-  Full integration between backend and frontend
+-  Built for modern projects — TypeScript-friendly, modular, and extensible
+
+___
+
+## Documentation
+
+Visit [https://vatts.mfraz.ovh](https://vatts.mfraz.ovh) to view the full documentation.
+
+___
+
+## Community
+
+The Vatts.js community can be found on [GitHub Discussions](https://github.com/mfraz/vatts.js), where you can ask questions, share ideas, and showcase your projects with others.
+
+___
+
+
+## Security
+
+Vatts.js is engineered with a security-first architecture centered around an internal proxy layer that mediates all application traffic. This proxy is designed to support modern transports such as native HTTP/3 when SSL is enabled, while consistently enforcing built-in security guarantees at the protocol and application boundaries. Even in local or non-TLS environments, the proxy remains active, preserving request isolation, and secure handling by default.
+
+If you believe you have found a security vulnerability in Vatts.js, we encourage you to **responsibly disclose it and NOT open a public issue**.
+
+To participate in our vulnerability disclosure program, please email [helpers@mfraz.ovh](mailto:help@mfraz.ovh). We will add you to the program and provide further instructions for submitting your report.
+
+___

package/dist/api/native-server.js

@@ -24,7 +24,7 @@ class NativeServer {
         const platform = os_1.default.platform();
         const arch = os_1.default.arch();
         let osName = '';
-        let ext = '.node';
+        let ext = '.node'; // Mantido .node conforme solicitado
         switch (platform) {
             case 'win32':
                 osName = 'win';
@@ -55,15 +55,26 @@ class NativeServer {
     static loadLibrary(customPath) {
         if (this.lib)
             return;
-        const libPath = customPath || this.getLibPath();
+        // Alterado de const para let para permitir reatribuição se cair no fallback
+        let libPath = customPath || this.getLibPath();
         if (!fs_1.default.existsSync(libPath)) {
+            // Tenta resolver relativo ao CWD se não achar no __dirname
             const altPath = path_1.default.resolve(process.cwd(), libPath);
-            if (!fs_1.default.existsSync(altPath)) {
+            // Ou tenta buscar direto pelo nome do arquivo no CWD caso o path relativo esteja errado
+            const altPathSimple = path_1.default.resolve(process.cwd(), path_1.default.basename(libPath));
+            if (fs_1.default.existsSync(altPath)) {
+                libPath = altPath; // <--- AQUI ESTAVA O ERRO: Atualiza libPath para o caminho que existe
+            }
+            else if (fs_1.default.existsSync(altPathSimple)) {
+                libPath = altPathSimple; // <--- Fallback extra de segurança
+            }
+            else {
                 console.warn(`Native Server Library not found at: ${libPath}`);
                 return;
             }
         }
         try {
+            // Agora o koffi carrega o caminho correto (libPath atualizado)
             this.lib = koffi_1.default.load(libPath);
             // func StartServer(..., onData, onClose)
             this.startFunc = this.lib.func('StartServer', 'str', [
@@ -79,7 +90,7 @@ class NativeServer {
             this.closeConnFunc = this.lib.func('CloseConn', 'void', ['int']);
         }
         catch (error) {
-            throw new Error(`Failed to load native library: ${error}`);
+            throw new Error(`Failed to load native library at ${libPath}: ${error}`);
         }
     }
     static start(options) {
@@ -87,6 +98,16 @@ class NativeServer {
         this.loadLibrary(customLibPath);
         if (!this.startFunc)
             return;
+        // Validação de certificados SSL ANTES de iniciar
+        const useSSL = certPath && keyPath;
+        if (useSSL) {
+            if (!fs_1.default.existsSync(certPath)) {
+                throw new Error(`SSL Certificate file not found at: ${certPath}`);
+            }
+            if (!fs_1.default.existsSync(keyPath)) {
+                throw new Error(`SSL Key file not found at: ${keyPath}`);
+            }
+        }
         // Callback de DADOS: Agora recebe pointer e length
         const onDataPtr = koffi_1.default.register((connId, ptr, len) => {
             try {

package/dist/builder.js

@@ -117,22 +117,22 @@ const virtualEntryPlugin = (options) => {
                 // [FIX] Removido 'dist' extra do caminho.
                 const entryClientFilename = 'entry.client.js';
                 const entryClientPath = path.join(__dirname, framework, entryClientFilename).replace(/\\/g, '/');
-                return `// Arquivo gerado virtualmente pelo vatts
-${imports}
-${layoutImport}
-${notFoundImport}
-import DefaultNotFound from '${defaultNotFoundPath}';
-
-window.__VATTS_COMPONENTS__ = {
-${componentRegistration}
-};
-
-${layoutRegistration}
-${notFoundRegistration}
-
-window.__VATTS_DEFAULT_NOT_FOUND__ = DefaultNotFound;
-
-import '${entryClientPath}';
+                return `// Arquivo gerado virtualmente pelo vatts
+${imports}
+${layoutImport}
+${notFoundImport}
+import DefaultNotFound from '${defaultNotFoundPath}';
+
+window.__VATTS_COMPONENTS__ = {
+${componentRegistration}
+};
+
+${layoutRegistration}
+${notFoundRegistration}
+
+window.__VATTS_DEFAULT_NOT_FOUND__ = DefaultNotFound;
+
+import '${entryClientPath}';
 `;
             }
             return null;
@@ -258,23 +258,23 @@ const customPostCssPlugin = (isProduction, isWatch = false) => {
             const safeId = uniqueName.replace(/[^a-zA-Z0-9-_]/g, '_');
             const referenceId = this.emitFile({ type: 'asset', name: uniqueName, source: processedCss });
             return {
-                code: `
-                const cssUrl = String(import.meta.ROLLUP_FILE_URL_${referenceId});
-                if (typeof document !== 'undefined') {
-                    const linkId = 'vatts-css-' + "${safeId}";
-                    let link = document.getElementById(linkId);
-                    
-                    if (!link) {
-                        link = document.createElement('link');
-                        link.id = linkId;
-                        link.rel = 'stylesheet';
-                        document.head.appendChild(link);
-                    }
-                    
-                    const timestamp = ${isWatch ? 'Date.now()' : 'null'};
-                    link.href = timestamp ? (cssUrl + '?t=' + timestamp) : cssUrl;
-                }
-                export default cssUrl;
+                code: `
+                const cssUrl = String(import.meta.ROLLUP_FILE_URL_${referenceId});
+                if (typeof document !== 'undefined') {
+                    const linkId = 'vatts-css-' + "${safeId}";
+                    let link = document.getElementById(linkId);
+                    
+                    if (!link) {
+                        link = document.createElement('link');
+                        link.id = linkId;
+                        link.rel = 'stylesheet';
+                        document.head.appendChild(link);
+                    }
+                    
+                    const timestamp = ${isWatch ? 'Date.now()' : 'null'};
+                    link.href = timestamp ? (cssUrl + '?t=' + timestamp) : cssUrl;
+                }
+                export default cssUrl;
             `,
                 map: { mappings: '' }
             };
@@ -317,17 +317,17 @@ const smartAssetPlugin = (isProduction) => {
                 if (size < INLINE_LIMIT) {
                     const content = buffer.toString('utf8');
                     const base64 = buffer.toString('base64');
-                    return `
-                        export default "data:image/svg+xml;base64,${base64}";
-                        export const svgContent = ${JSON.stringify(content)};
+                    return `
+                        export default "data:image/svg+xml;base64,${base64}";
+                        export const svgContent = ${JSON.stringify(content)};
                     `;
                 }
                 else {
                     const referenceId = this.emitFile({ type: 'asset', name: uniqueName, source: buffer });
                     const content = buffer.toString('utf8');
-                    return `
-                        export default String(import.meta.ROLLUP_FILE_URL_${referenceId});
-                        export const svgContent = ${JSON.stringify(content)};
+                    return `
+                        export default String(import.meta.ROLLUP_FILE_URL_${referenceId});
+                        export const svgContent = ${JSON.stringify(content)};
                     `;
                 }
             }