veryfront 0.1.56 → 0.1.58

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (61) hide show
  1. package/esm/deno.js +1 -1
  2. package/esm/src/agent/chat-handler.d.ts.map +1 -1
  3. package/esm/src/agent/chat-handler.js +9 -1
  4. package/esm/src/agent/memory/redis.d.ts +3 -0
  5. package/esm/src/agent/memory/redis.d.ts.map +1 -1
  6. package/esm/src/agent/memory/redis.js +3 -1
  7. package/esm/src/agent/runtime/index.d.ts.map +1 -1
  8. package/esm/src/agent/runtime/index.js +2 -1
  9. package/esm/src/middleware/builtin/security/rate-limit.d.ts +2 -0
  10. package/esm/src/middleware/builtin/security/rate-limit.d.ts.map +1 -1
  11. package/esm/src/middleware/builtin/security/rate-limit.js +18 -2
  12. package/esm/src/modules/server/module-server.d.ts.map +1 -1
  13. package/esm/src/modules/server/module-server.js +17 -13
  14. package/esm/src/oauth/token-store/memory.d.ts +3 -0
  15. package/esm/src/oauth/token-store/memory.d.ts.map +1 -1
  16. package/esm/src/oauth/token-store/memory.js +11 -4
  17. package/esm/src/proxy/main.js +3 -0
  18. package/esm/src/routing/api/module-loader/security-config.d.ts.map +1 -1
  19. package/esm/src/routing/api/module-loader/security-config.js +4 -0
  20. package/esm/src/security/http/config.d.ts.map +1 -1
  21. package/esm/src/security/http/config.js +6 -1
  22. package/esm/src/server/handlers/dev/dashboard/api.d.ts.map +1 -1
  23. package/esm/src/server/handlers/dev/dashboard/api.js +2 -0
  24. package/esm/src/server/handlers/request/openapi.handler.js +1 -1
  25. package/esm/src/server/services/static/static-file.service.d.ts +1 -0
  26. package/esm/src/server/services/static/static-file.service.d.ts.map +1 -1
  27. package/esm/src/server/services/static/static-file.service.js +11 -0
  28. package/esm/src/tool/factory.d.ts.map +1 -1
  29. package/esm/src/tool/factory.js +10 -0
  30. package/esm/src/transforms/import-rewriter/strategies/veryfront-strategy.d.ts.map +1 -1
  31. package/esm/src/transforms/import-rewriter/strategies/veryfront-strategy.js +10 -2
  32. package/esm/src/transforms/pipeline/stages/ssr-vf-modules/path-resolver.d.ts.map +1 -1
  33. package/esm/src/transforms/pipeline/stages/ssr-vf-modules/path-resolver.js +5 -1
  34. package/esm/src/transforms/pipeline/stages/ssr-vf-modules/transform.d.ts.map +1 -1
  35. package/esm/src/transforms/pipeline/stages/ssr-vf-modules/transform.js +15 -0
  36. package/esm/src/transforms/veryfront-module-urls.d.ts +9 -0
  37. package/esm/src/transforms/veryfront-module-urls.d.ts.map +1 -1
  38. package/esm/src/transforms/veryfront-module-urls.js +70 -13
  39. package/esm/src/workflow/claude-code/tool.d.ts +0 -8
  40. package/esm/src/workflow/claude-code/tool.d.ts.map +1 -1
  41. package/esm/src/workflow/claude-code/tool.js +8 -10
  42. package/package.json +1 -1
  43. package/src/deno.js +1 -1
  44. package/src/src/agent/chat-handler.ts +11 -1
  45. package/src/src/agent/memory/redis.ts +5 -1
  46. package/src/src/agent/runtime/index.ts +2 -1
  47. package/src/src/middleware/builtin/security/rate-limit.ts +18 -2
  48. package/src/src/modules/server/module-server.ts +16 -12
  49. package/src/src/oauth/token-store/memory.ts +13 -4
  50. package/src/src/proxy/main.ts +3 -0
  51. package/src/src/routing/api/module-loader/security-config.ts +6 -0
  52. package/src/src/security/http/config.ts +9 -1
  53. package/src/src/server/handlers/dev/dashboard/api.ts +2 -0
  54. package/src/src/server/handlers/request/openapi.handler.ts +1 -1
  55. package/src/src/server/services/static/static-file.service.ts +11 -0
  56. package/src/src/tool/factory.ts +10 -0
  57. package/src/src/transforms/import-rewriter/strategies/veryfront-strategy.ts +12 -2
  58. package/src/src/transforms/pipeline/stages/ssr-vf-modules/path-resolver.ts +5 -1
  59. package/src/src/transforms/pipeline/stages/ssr-vf-modules/transform.ts +22 -0
  60. package/src/src/transforms/veryfront-module-urls.ts +85 -12
  61. package/src/src/workflow/claude-code/tool.ts +8 -11
package/esm/deno.js CHANGED
@@ -1,6 +1,6 @@
1
1
  export default {
2
2
  "name": "veryfront",
3
- "version": "0.1.56",
3
+ "version": "0.1.58",
4
4
  "license": "Apache-2.0",
5
5
  "nodeModulesDir": "auto",
6
6
  "exclude": [
package/esm/src/agent/chat-handler.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"chat-handler.d.ts","sourceRoot":"","sources":["../../../src/src/agent/chat-handler.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAG/C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AA8K1C,MAAM,MAAM,uBAAuB,GAAG,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG;IAAE,EAAE,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAE5E,MAAM,WAAW,8BAA8B;IAC7C,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC;IACzB,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,6BAA6B;IAC5C,OAAO,CAAC,EAAE,uBAAuB,EAAE,CAAC;IACpC,MAAM,CAAC,EAAE,uBAAuB,EAAE,CAAC;IACnC,eAAe,CAAC,EAAE,uBAAuB,EAAE,CAAC;IAC5C,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED,MAAM,MAAM,uBAAuB,GAAG,CACpC,KAAK,EAAE,8BAA8B,KAEnC,IAAI,GACJ,OAAO,CAAC,QAAQ,GAChB,6BAA6B,GAC7B,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC,QAAQ,GAAG,6BAA6B,CAAC,CAAC;AAiCrE,mFAAmF;AACnF,MAAM,WAAW,kBAAkB;IACjC,uFAAuF;IACvF,OAAO,CAAC,EACJ,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACvB,CAAC,CACD,OAAO,EAAE,OAAO,CAAC,OAAO,KACrB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC;IACnE;;;OAGG;IACH,YAAY,CAAC,EAAE,uBAAuB,CAAC;CACxC;AAsCD;;;;;;;;;;;;GAYG;AACH,wBAAgB,iBAAiB,CAC/B,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,kBAAkB,IAED,cAAc,OAAO,KAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CA+E7E"}
1
+ {"version":3,"file":"chat-handler.d.ts","sourceRoot":"","sources":["../../../src/src/agent/chat-handler.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAG/C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AA8K1C,MAAM,MAAM,uBAAuB,GAAG,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG;IAAE,EAAE,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAE5E,MAAM,WAAW,8BAA8B;IAC7C,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC;IACzB,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,6BAA6B;IAC5C,OAAO,CAAC,EAAE,uBAAuB,EAAE,CAAC;IACpC,MAAM,CAAC,EAAE,uBAAuB,EAAE,CAAC;IACnC,eAAe,CAAC,EAAE,uBAAuB,EAAE,CAAC;IAC5C,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED,MAAM,MAAM,uBAAuB,GAAG,CACpC,KAAK,EAAE,8BAA8B,KAEnC,IAAI,GACJ,OAAO,CAAC,QAAQ,GAChB,6BAA6B,GAC7B,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC,QAAQ,GAAG,6BAA6B,CAAC,CAAC;AAiCrE,mFAAmF;AACnF,MAAM,WAAW,kBAAkB;IACjC,uFAAuF;IACvF,OAAO,CAAC,EACJ,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACvB,CAAC,CACD,OAAO,EAAE,OAAO,CAAC,OAAO,KACrB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC;IACnE;;;OAGG;IACH,YAAY,CAAC,EAAE,uBAAuB,CAAC;CACxC;AAgDD;;;;;;;;;;;;GAYG;AACH,wBAAgB,iBAAiB,CAC/B,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,kBAAkB,IAED,cAAc,OAAO,KAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CA+E7E"}
package/esm/src/agent/chat-handler.js CHANGED
@@ -172,6 +172,14 @@ function isRequest(obj) {
172
172
  "method" in obj &&
173
173
  typeof obj.method === "string");
174
174
  }
175
+ function extractUserId(request) {
176
+ const userId = request.headers.get("x-user-id");
177
+ if (userId)
178
+ return userId;
179
+ agentLogger.warn("No user identity found in request. Using anonymous fallback. " +
180
+ "Set x-user-id header or provide a context function for proper user isolation.");
181
+ return "anonymous";
182
+ }
175
183
  function extractRequest(requestOrCtx) {
176
184
  if (isRequest(requestOrCtx))
177
185
  return requestOrCtx;
@@ -219,7 +227,7 @@ export function createChatHandler(agentId, options) {
219
227
  const { messages: rawMessages, model: requestModel } = chatRequestSchema.parse(body);
220
228
  const context = typeof options?.context === "function"
221
229
  ? await options.context(request)
222
- : options?.context ?? { userId: "current-user" };
230
+ : options?.context ?? { userId: extractUserId(request) };
223
231
  const baseMessages = transformUIMessages(rawMessages);
224
232
  const beforeStreamResult = await options?.beforeStream?.({
225
233
  request,
package/esm/src/agent/memory/redis.d.ts CHANGED
@@ -25,12 +25,15 @@ export interface RedisMemoryConfig extends MemoryConfigBase {
25
25
  client: RedisClient;
26
26
  /** Key prefix for namespacing */
27
27
  keyPrefix?: string;
28
+ /** User ID for per-user memory isolation */
29
+ userId?: string;
28
30
  /** TTL in seconds (default: 24 hours) */
29
31
  ttl?: number;
30
32
  }
31
33
  export declare class RedisMemory<M extends MinimalMessage = MinimalMessage> implements Memory<M> {
32
34
  private client;
33
35
  private agentId;
36
+ private userId;
34
37
  private keyPrefix;
35
38
  private ttl;
36
39
  private config;
package/esm/src/agent/memory/redis.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"redis.d.ts","sourceRoot":"","sources":["../../../../src/src/agent/memory/redis.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAEL,KAAK,MAAM,EACX,KAAK,gBAAgB,EACrB,KAAK,WAAW,EAChB,KAAK,cAAc,EACpB,MAAM,uBAAuB,CAAC;AAG/B;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7E,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAClC,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CACvD;AAED;;GAEG;AACH,MAAM,WAAW,iBAAkB,SAAQ,gBAAgB;IACzD,IAAI,EAAE,OAAO,CAAC;IACd,4BAA4B;IAC5B,MAAM,EAAE,WAAW,CAAC;IACpB,iCAAiC;IACjC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,yCAAyC;IACzC,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAKD,qBAAa,WAAW,CAAC,CAAC,SAAS,cAAc,GAAG,cAAc,CAAE,YAAW,MAAM,CAAC,CAAC,CAAC;IACtF,OAAO,CAAC,MAAM,CAAc;IAC5B,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,GAAG,CAAS;IACpB,OAAO,CAAC,MAAM,CAAoB;gBAEtB,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,iBAAiB;IAQtD,OAAO,CAAC,MAAM;IAId,OAAO,CAAC,aAAa;IAUrB,GAAG,CAAC,OAAO,EAAE,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IA2B9B,WAAW,IAAI,OAAO,CAAC,CAAC,EAAE,CAAC;IAQ3B,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAUtB,QAAQ,IAAI,OAAO,CAAC,WAAW,CAAC;IAehC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAYtB,OAAO,CAAC,gBAAgB;CAazB;AAED,wBAAgB,iBAAiB,CAAC,CAAC,SAAS,cAAc,GAAG,cAAc,EACzE,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,iBAAiB,GACxB,WAAW,CAAC,CAAC,CAAC,CAEhB"}
1
+ {"version":3,"file":"redis.d.ts","sourceRoot":"","sources":["../../../../src/src/agent/memory/redis.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAEL,KAAK,MAAM,EACX,KAAK,gBAAgB,EACrB,KAAK,WAAW,EAChB,KAAK,cAAc,EACpB,MAAM,uBAAuB,CAAC;AAG/B;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7E,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAClC,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CACvD;AAED;;GAEG;AACH,MAAM,WAAW,iBAAkB,SAAQ,gBAAgB;IACzD,IAAI,EAAE,OAAO,CAAC;IACd,4BAA4B;IAC5B,MAAM,EAAE,WAAW,CAAC;IACpB,iCAAiC;IACjC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,4CAA4C;IAC5C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,yCAAyC;IACzC,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAKD,qBAAa,WAAW,CAAC,CAAC,SAAS,cAAc,GAAG,cAAc,CAAE,YAAW,MAAM,CAAC,CAAC,CAAC;IACtF,OAAO,CAAC,MAAM,CAAc;IAC5B,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,GAAG,CAAS;IACpB,OAAO,CAAC,MAAM,CAAoB;gBAEtB,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,iBAAiB;IAStD,OAAO,CAAC,MAAM;IAId,OAAO,CAAC,aAAa;IAUrB,GAAG,CAAC,OAAO,EAAE,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IA2B9B,WAAW,IAAI,OAAO,CAAC,CAAC,EAAE,CAAC;IAQ3B,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAUtB,QAAQ,IAAI,OAAO,CAAC,WAAW,CAAC;IAehC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAYtB,OAAO,CAAC,gBAAgB;CAazB;AAED,wBAAgB,iBAAiB,CAAC,CAAC,SAAS,cAAc,GAAG,cAAc,EACzE,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,iBAAiB,GACxB,WAAW,CAAC,CAAC,CAAC,CAEhB"}
package/esm/src/agent/memory/redis.js CHANGED
@@ -11,18 +11,20 @@ const DEFAULT_KEY_PREFIX = "veryfront:agent:memory:";
11
11
  export class RedisMemory {
12
12
  client;
13
13
  agentId;
14
+ userId;
14
15
  keyPrefix;
15
16
  ttl;
16
17
  config;
17
18
  constructor(agentId, config) {
18
19
  this.client = config.client;
19
20
  this.agentId = agentId;
21
+ this.userId = config.userId ?? "anonymous";
20
22
  this.keyPrefix = config.keyPrefix ?? DEFAULT_KEY_PREFIX;
21
23
  this.ttl = config.ttl ?? DEFAULT_TTL;
22
24
  this.config = config;
23
25
  }
24
26
  getKey() {
25
- return `${this.keyPrefix}${this.agentId}`;
27
+ return `${this.keyPrefix}${this.agentId}:${this.userId}`;
26
28
  }
27
29
  parseMessages(data) {
28
30
  if (!data)
package/esm/src/agent/runtime/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/src/agent/runtime/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EACL,KAAK,WAAW,EAEhB,KAAK,aAAa,EAGlB,KAAK,OAAO,EAEZ,KAAK,QAAQ,EACd,MAAM,aAAa,CAAC;AAKrB,OAAO,EAAgB,KAAK,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAe/D,OAAO,EAAE,iBAAiB,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACpF,YAAY,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACzE,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAChF,OAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAC1E,YAAY,EAAE,iBAAiB,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAClG,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,gBAAgB,CAAC;AAqBxB;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,OAAO,GAAG,MAAM,EAAE,GAAG,SAAS,CA6BxE;AAED,gEAAgE;AAChE,KAAK,iBAAiB,GAClB;IAAE,OAAO,EAAE,IAAI,CAAA;CAAE,GACjB;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AAEtC;;;GAGG;AACH,wBAAgB,kBAAkB,CAChC,QAAQ,EAAE,MAAM,EAChB,iBAAiB,EAAE,MAAM,EAAE,GAAG,SAAS,EACvC,kBAAkB,EAAE,OAAO,GAC1B,iBAAiB,CAiBnB;AAkCD,qBAAa,YAAY;IACvB,OAAO,CAAC,EAAE,CAAS;IACnB,OAAO,CAAC,MAAM,CAAc;IAC5B,OAAO,CAAC,MAAM,CAAkB;IAChC,OAAO,CAAC,MAAM,CAAuB;gBAEzB,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW;IAS3C;;OAEG;IACG,QAAQ,CACZ,KAAK,EAAE,MAAM,GAAG,OAAO,EAAE,EACzB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,aAAa,CAAC,EAAE,MAAM,GACrB,OAAO,CAAC,aAAa,CAAC;IAgCzB;;;OAGG;IACG,MAAM,CACV,QAAQ,EAAE,OAAO,EAAE,EACnB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,SAAS,CAAC,EAAE;QACV,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,KAAK,IAAI,CAAC;QAC1C,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;KACnC,EACD,aAAa,CAAC,EAAE,MAAM,GACrB,OAAO,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;IA+EtC;;OAEG;YACW,gBAAgB;IAyN9B;;;;OAIG;YACW,yBAAyB;IAyNvC;;OAEG;YACW,eAAe;IAqC7B;;OAEG;YACW,mBAAmB;IAOjC;;OAEG;IACH,OAAO,CAAC,eAAe;IAKvB;;OAEG;IACH,SAAS,IAAI,MAAM,CAAC,OAAO,CAAC;IAI5B;;OAEG;IACG,cAAc,IAAI,OAAO,CAAC;QAC9B,aAAa,EAAE,MAAM,CAAC;QACtB,eAAe,EAAE,MAAM,CAAC;QACxB,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IAIF;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;CAGnC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/src/agent/runtime/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EACL,KAAK,WAAW,EAEhB,KAAK,aAAa,EAGlB,KAAK,OAAO,EAEZ,KAAK,QAAQ,EACd,MAAM,aAAa,CAAC;AAKrB,OAAO,EAAgB,KAAK,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAe/D,OAAO,EAAE,iBAAiB,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACpF,YAAY,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACzE,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAChF,OAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAC1E,YAAY,EAAE,iBAAiB,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAClG,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,gBAAgB,CAAC;AAqBxB;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,OAAO,GAAG,MAAM,EAAE,GAAG,SAAS,CA6BxE;AAED,gEAAgE;AAChE,KAAK,iBAAiB,GAClB;IAAE,OAAO,EAAE,IAAI,CAAA;CAAE,GACjB;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AAEtC;;;GAGG;AACH,wBAAgB,kBAAkB,CAChC,QAAQ,EAAE,MAAM,EAChB,iBAAiB,EAAE,MAAM,EAAE,GAAG,SAAS,EACvC,kBAAkB,EAAE,OAAO,GAC1B,iBAAiB,CAiBnB;AAkCD,qBAAa,YAAY;IACvB,OAAO,CAAC,EAAE,CAAS;IACnB,OAAO,CAAC,MAAM,CAAc;IAC5B,OAAO,CAAC,MAAM,CAAkB;IAChC,OAAO,CAAC,MAAM,CAAuB;gBAEzB,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW;IAS3C;;OAEG;IACG,QAAQ,CACZ,KAAK,EAAE,MAAM,GAAG,OAAO,EAAE,EACzB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,aAAa,CAAC,EAAE,MAAM,GACrB,OAAO,CAAC,aAAa,CAAC;IAgCzB;;;OAGG;IACG,MAAM,CACV,QAAQ,EAAE,OAAO,EAAE,EACnB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,SAAS,CAAC,EAAE;QACV,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,KAAK,IAAI,CAAC;QAC1C,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;KACnC,EACD,aAAa,CAAC,EAAE,MAAM,GACrB,OAAO,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;IAgFtC;;OAEG;YACW,gBAAgB;IAyN9B;;;;OAIG;YACW,yBAAyB;IAyNvC;;OAEG;YACW,eAAe;IAqC7B;;OAEG;YACW,mBAAmB;IAOjC;;OAEG;IACH,OAAO,CAAC,eAAe;IAKvB;;OAEG;IACH,SAAS,IAAI,MAAM,CAAC,OAAO,CAAC;IAI5B;;OAEG;IACG,cAAc,IAAI,OAAO,CAAC;QAC9B,aAAa,EAAE,MAAM,CAAC;QACtB,eAAe,EAAE,MAAM,CAAC;QACxB,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IAIF;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;CAGnC"}
package/esm/src/agent/runtime/index.js CHANGED
@@ -211,9 +211,10 @@ export class AgentRuntime {
211
211
  }
212
212
  catch (error) {
213
213
  this.status = "error";
214
+ logger.error("Agent stream error", { error });
214
215
  sendSSE(controller, encoder, {
215
216
  type: "error",
216
- error: error instanceof Error ? error.message : String(error),
217
+ error: "An internal error occurred",
217
218
  });
218
219
  controller.close();
219
220
  }
package/esm/src/middleware/builtin/security/rate-limit.d.ts CHANGED
@@ -16,4 +16,6 @@ export interface RateLimitOptions {
16
16
  keyGenerator?: (req: dntShim.Request) => string;
17
17
  }
18
18
  export declare function rateLimit(optionsOrMaxRequests?: number | RateLimitOptions, windowMsArg?: number): Middleware;
19
+ /** Pre-configured rate limiter for authentication endpoints (5 req/15min). */
20
+ export declare function authRateLimit(store?: RateLimitStore): Middleware;
19
21
  //# sourceMappingURL=rate-limit.d.ts.map
package/esm/src/middleware/builtin/security/rate-limit.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"rate-limit.d.ts","sourceRoot":"","sources":["../../../../../src/src/middleware/builtin/security/rate-limit.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,OAAO,MAAM,2BAA2B,CAAC;AACrD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAE9C,OAAO,KAAK,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAYjE,qBAAa,oBAAqB,YAAW,cAAc;IACzD,OAAO,CAAC,MAAM,CAAqC;IACnD,OAAO,CAAC,eAAe,CAAC,CAAyC;gBAErD,QAAQ,EAAE,MAAM;IAgB5B,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IAcjE,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAKjC,OAAO,IAAI,IAAI;CAIhB;AAED,MAAM,WAAW,gBAAgB;IAC/B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,cAAc,CAAC;IACvB,YAAY,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,KAAK,MAAM,CAAC;CACjD;AAED,wBAAgB,SAAS,CACvB,oBAAoB,CAAC,EAAE,MAAM,GAAG,gBAAgB,EAChD,WAAW,CAAC,EAAE,MAAM,GACnB,UAAU,CA2BZ"}
1
+ {"version":3,"file":"rate-limit.d.ts","sourceRoot":"","sources":["../../../../../src/src/middleware/builtin/security/rate-limit.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,OAAO,MAAM,2BAA2B,CAAC;AACrD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAE9C,OAAO,KAAK,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAYjE,qBAAa,oBAAqB,YAAW,cAAc;IACzD,OAAO,CAAC,MAAM,CAAqC;IACnD,OAAO,CAAC,eAAe,CAAC,CAAyC;gBAErD,QAAQ,EAAE,MAAM;IAgB5B,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IAcjE,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAKjC,OAAO,IAAI,IAAI;CAIhB;AAED,MAAM,WAAW,gBAAgB;IAC/B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,cAAc,CAAC;IACvB,YAAY,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,KAAK,MAAM,CAAC;CACjD;AAED,wBAAgB,SAAS,CACvB,oBAAoB,CAAC,EAAE,MAAM,GAAG,gBAAgB,EAChD,WAAW,CAAC,EAAE,MAAM,GACnB,UAAU,CAkCZ;AAED,8EAA8E;AAC9E,wBAAgB,aAAa,CAAC,KAAK,CAAC,EAAE,cAAc,GAAG,UAAU,CAMhE"}
package/esm/src/middleware/builtin/security/rate-limit.js CHANGED
@@ -49,8 +49,16 @@ export function rateLimit(optionsOrMaxRequests, windowMsArg) {
49
49
  const maxRequests = options.maxRequests ?? DEFAULT_RATE_LIMIT_REQUESTS;
50
50
  const windowMs = options.windowMs ?? DEFAULT_RATE_LIMIT_WINDOW_MS;
51
51
  const store = options.store ?? new MemoryRateLimitStore(windowMs);
52
- const keyGenerator = options.keyGenerator ??
53
- ((req) => req.headers.get("x-forwarded-for") || "anonymous");
52
+ const keyGenerator = options.keyGenerator ?? ((req) => {
53
+ const forwarded = req.headers.get("x-forwarded-for");
54
+ if (forwarded) {
55
+ const parts = forwarded.split(",").map((s) => s.trim()).filter(Boolean);
56
+ // Use rightmost IP — added by nearest trusted proxy, not spoofable by clients
57
+ if (parts.length > 0)
58
+ return parts[parts.length - 1];
59
+ }
60
+ return "anonymous";
61
+ });
54
62
  return async (ctx, next) => {
55
63
  const req = getRequest(ctx);
56
64
  const key = keyGenerator(req);
@@ -64,3 +72,11 @@ export function rateLimit(optionsOrMaxRequests, windowMsArg) {
64
72
  });
65
73
  };
66
74
  }
75
+ /** Pre-configured rate limiter for authentication endpoints (5 req/15min). */
76
+ export function authRateLimit(store) {
77
+ return rateLimit({
78
+ maxRequests: 5,
79
+ windowMs: 15 * MS_PER_MINUTE,
80
+ store,
81
+ });
82
+ }
package/esm/src/modules/server/module-server.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"module-server.d.ts","sourceRoot":"","sources":["../../../../src/src/modules/server/module-server.ts"],"names":[],"mappings":"AAAA,4EAA4E;AAC5E,OAAO,KAAK,OAAO,MAAM,wBAAwB,CAAC;AAIlD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AAkBtE;;;;;;;;;GASG;AACH,eAAO,MAAM,kBAAkB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAkDrD,CAAC;AASF,MAAM,WAAW,mBAAmB;IAClC,yDAAyD;IACzD,SAAS,EAAE,MAAM,CAAC;IAClB,6BAA6B;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,sBAAsB;IACtB,OAAO,EAAE,cAAc,CAAC;IACxB,uBAAuB;IACvB,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,+DAA+D;IAC/D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,gFAAgF;IAChF,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mDAAmD;IACnD,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,uDAAuD;IACvD,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,yDAAyD;IACzD,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,sFAAsF;IACtF,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,sDAAsD;AACtD,wBAAgB,WAAW,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAqTzG;AAmND;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,GAAG,OAAO,CAG7D"}
1
+ {"version":3,"file":"module-server.d.ts","sourceRoot":"","sources":["../../../../src/src/modules/server/module-server.ts"],"names":[],"mappings":"AAAA,4EAA4E;AAC5E,OAAO,KAAK,OAAO,MAAM,wBAAwB,CAAC;AAIlD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AAkBtE;;;;;;;;;GASG;AACH,eAAO,MAAM,kBAAkB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAkDrD,CAAC;AASF,MAAM,WAAW,mBAAmB;IAClC,yDAAyD;IACzD,SAAS,EAAE,MAAM,CAAC;IAClB,6BAA6B;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,sBAAsB;IACtB,OAAO,EAAE,cAAc,CAAC;IACxB,uBAAuB;IACvB,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,+DAA+D;IAC/D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,gFAAgF;IAChF,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mDAAmD;IACnD,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,uDAAuD;IACvD,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,yDAAyD;IACzD,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,sFAAsF;IACtF,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,sDAAsD;AACtD,wBAAgB,WAAW,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAqTzG;AAuND;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,OAAO,CAAC,OAAO,GAAG,OAAO,CAG7D"}
package/esm/src/modules/server/module-server.js CHANGED
@@ -388,20 +388,24 @@ async function findSourceFile(secureFs, projectDir, basePath) {
388
388
  const pathWithinFramework = stripPrefix
389
389
  ? basePathWithoutExt.slice(prefix.length)
390
390
  : basePathWithoutExt;
391
- for (const ext of extensions) {
392
- const frameworkPath = join(frameworkDir, pathWithinFramework + ext);
393
- try {
394
- const stat = await platformFs.stat(frameworkPath);
395
- if (stat.isFile) {
396
- logger.debug(`Found framework ${label} file`, {
397
- basePath: basePathWithoutExt,
398
- resolvedPath: frameworkPath,
399
- });
400
- return { path: frameworkPath, isFrameworkFile: true };
391
+ // Try direct file match first, then index file fallback
392
+ const candidates = [pathWithinFramework, `${pathWithinFramework}/index`];
393
+ for (const candidate of candidates) {
394
+ for (const ext of extensions) {
395
+ const frameworkPath = join(frameworkDir, candidate + ext);
396
+ try {
397
+ const stat = await platformFs.stat(frameworkPath);
398
+ if (stat.isFile) {
399
+ logger.debug(`Found framework ${label} file`, {
400
+ basePath: basePathWithoutExt,
401
+ resolvedPath: frameworkPath,
402
+ });
403
+ return { path: frameworkPath, isFrameworkFile: true };
404
+ }
405
+ }
406
+ catch (_) {
407
+ /* expected: file may not exist at this extension */
401
408
  }
402
- }
403
- catch (_) {
404
- /* expected: file may not exist at this extension */
405
409
  }
406
410
  }
407
411
  }
package/esm/src/oauth/token-store/memory.d.ts CHANGED
@@ -2,6 +2,9 @@ import type { OAuthState, OAuthTokens, TokenStore } from "../types.js";
2
2
  export declare class MemoryTokenStore implements TokenStore {
3
3
  private tokens;
4
4
  private states;
5
+ private projectId;
6
+ constructor(projectId?: string);
7
+ private scopedKey;
5
8
  getTokens(serviceId: string): Promise<OAuthTokens | null>;
6
9
  setTokens(serviceId: string, tokens: OAuthTokens): Promise<void>;
7
10
  clearTokens(serviceId: string): Promise<void>;
package/esm/src/oauth/token-store/memory.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"memory.d.ts","sourceRoot":"","sources":["../../../../src/src/oauth/token-store/memory.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAKvE,qBAAa,gBAAiB,YAAW,UAAU;IACjD,OAAO,CAAC,MAAM,CAAkC;IAChD,OAAO,CAAC,MAAM,CAAiC;IAEzC,SAAS,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAIzD,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAIhE,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI7C,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAYnD,QAAQ,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAK/C,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9C,OAAO,CAAC,oBAAoB;IAS5B,oBAAoB,IAAI,MAAM,EAAE;IAIhC,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO;IAQvC,QAAQ,IAAI,IAAI;CAIjB;AAED,eAAO,MAAM,gBAAgB,kBAAyB,CAAC"}
1
+ {"version":3,"file":"memory.d.ts","sourceRoot":"","sources":["../../../../src/src/oauth/token-store/memory.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAKvE,qBAAa,gBAAiB,YAAW,UAAU;IACjD,OAAO,CAAC,MAAM,CAAkC;IAChD,OAAO,CAAC,MAAM,CAAiC;IAC/C,OAAO,CAAC,SAAS,CAAS;gBAEd,SAAS,SAAY;IAIjC,OAAO,CAAC,SAAS;IAIX,SAAS,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAIzD,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAIhE,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI7C,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAYnD,QAAQ,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAK/C,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9C,OAAO,CAAC,oBAAoB;IAS5B,oBAAoB,IAAI,MAAM,EAAE;IAIhC,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO;IAQvC,QAAQ,IAAI,IAAI;CAIjB;AAED,eAAO,MAAM,gBAAgB,kBAAyB,CAAC"}
package/esm/src/oauth/token-store/memory.js CHANGED
@@ -3,14 +3,21 @@ const STATE_EXPIRATION_MS = 10 * 60 * 1_000;
3
3
  export class MemoryTokenStore {
4
4
  tokens = new Map();
5
5
  states = new Map();
6
+ projectId;
7
+ constructor(projectId = "default") {
8
+ this.projectId = projectId;
9
+ }
10
+ scopedKey(serviceId) {
11
+ return `${this.projectId}:${serviceId}`;
12
+ }
6
13
  async getTokens(serviceId) {
7
- return this.tokens.get(serviceId) ?? null;
14
+ return this.tokens.get(this.scopedKey(serviceId)) ?? null;
8
15
  }
9
16
  async setTokens(serviceId, tokens) {
10
- this.tokens.set(serviceId, tokens);
17
+ this.tokens.set(this.scopedKey(serviceId), tokens);
11
18
  }
12
19
  async clearTokens(serviceId) {
13
- this.tokens.delete(serviceId);
20
+ this.tokens.delete(this.scopedKey(serviceId));
14
21
  }
15
22
  async getState(state) {
16
23
  const oauthState = this.states.get(state);
@@ -41,7 +48,7 @@ export class MemoryTokenStore {
41
48
  return [...this.tokens.keys()];
42
49
  }
43
50
  isConnected(serviceId) {
44
- const tokens = this.tokens.get(serviceId);
51
+ const tokens = this.tokens.get(this.scopedKey(serviceId));
45
52
  if (!tokens)
46
53
  return false;
47
54
  const isExpired = tokens.expiresAt != null && Date.now() > tokens.expiresAt;
package/esm/src/proxy/main.js CHANGED
@@ -480,6 +480,9 @@ function router(req) {
480
480
  }
481
481
  switch (url.pathname) {
482
482
  case "/_proxy/stats":
483
+ if (Object.keys(proxyHandler.localProjects).length === 0) {
484
+ return Promise.resolve(new dntShim.Response("Forbidden", { status: 403 }));
485
+ }
483
486
  return handleStats();
484
487
  case "/_proxy/health":
485
488
  return Promise.resolve(dntShim.Response.json({ service: "veryfront-proxy", status: "ok" }));
package/esm/src/routing/api/module-loader/security-config.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"security-config.d.ts","sourceRoot":"","sources":["../../../../../src/src/routing/api/module-loader/security-config.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AAGzE,wBAAsB,kBAAkB,CACtC,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,MAAM,EAAE,CAAC,CAcnB"}
1
+ {"version":3,"file":"security-config.d.ts","sourceRoot":"","sources":["../../../../../src/src/routing/api/module-loader/security-config.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AAGzE,wBAAsB,kBAAkB,CACtC,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,MAAM,EAAE,CAAC,CAoBnB"}
package/esm/src/routing/api/module-loader/security-config.js CHANGED
@@ -5,6 +5,10 @@ export async function loadSecurityConfig(projectDir, adapter) {
5
5
  const cfg = await getConfig(projectDir, adapter);
6
6
  const remote = cfg.security?.remoteHosts;
7
7
  if (Array.isArray(remote)) {
8
+ if (remote.length === 0) {
9
+ logger.warn("security.remoteHosts is set to an empty array — all remote requests will be blocked. " +
10
+ "If this is intentional, you can ignore this warning.");
11
+ }
8
12
  return remote;
9
13
  }
10
14
  }
package/esm/src/security/http/config.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../../src/src/security/http/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAO7D,qBAAa,oBAAoB;IAO7B,OAAO,CAAC,UAAU;IAClB,OAAO,CAAC,OAAO;IACf,OAAO,CAAC,cAAc,CAAC;IARzB,OAAO,CAAC,cAAc,CAA+B;IACrD,OAAO,CAAC,aAAa,CAAuB;IAC5C,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,WAAW,CAA8B;gBAGvC,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,cAAc,EACvB,cAAc,CAAC,EAAE,eAAe,YAAA;IAGpC,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;YAQrB,IAAI;IAWlB,OAAO,CAAC,WAAW;IAYnB,OAAO,CAAC,kBAAkB;IAgB1B,iBAAiB,IAAI,cAAc,GAAG,IAAI;IAI1C,gBAAgB,IAAI,MAAM,GAAG,IAAI;IAIjC,aAAa,IAAI,cAAc,CAAC,MAAM,CAAC;IAIvC,QAAQ,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,GAAE,MAAwB,GAAG,MAAM;IAIjE,iBAAiB,CAAC,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,MAAM;IASnE,KAAK,IAAI,IAAI;CAMd"}
1
+ {"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../../src/src/security/http/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAO7D,qBAAa,oBAAoB;IAO7B,OAAO,CAAC,UAAU;IAClB,OAAO,CAAC,OAAO;IACf,OAAO,CAAC,cAAc,CAAC;IARzB,OAAO,CAAC,cAAc,CAA+B;IACrD,OAAO,CAAC,aAAa,CAAuB;IAC5C,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,WAAW,CAA8B;gBAGvC,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,cAAc,EACvB,cAAc,CAAC,EAAE,eAAe,YAAA;IAGpC,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;YAQrB,IAAI;IAWlB,OAAO,CAAC,WAAW;IAoBnB,OAAO,CAAC,kBAAkB;IAgB1B,iBAAiB,IAAI,cAAc,GAAG,IAAI;IAI1C,gBAAgB,IAAI,MAAM,GAAG,IAAI;IAIjC,aAAa,IAAI,cAAc,CAAC,MAAM,CAAC;IAIvC,QAAQ,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,GAAE,MAAwB,GAAG,MAAM;IAIjE,iBAAiB,CAAC,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,MAAM;IASnE,KAAK,IAAI,IAAI;CAMd"}
package/esm/src/security/http/config.js CHANGED
@@ -38,7 +38,12 @@ export class SecurityConfigLoader {
38
38
  const security = cfg?.security ? { ...cfg.security } : {};
39
39
  if (security.headers)
40
40
  security.headers = { ...security.headers };
41
- security.cors ??= true;
41
+ security.cors ??= false;
42
+ if (!cfg?.security?.cors && !cfg?.security?.csrf) {
43
+ logger.warn("Neither CORS nor CSRF protection is configured. " +
44
+ "CORS is disabled by default (same-origin only). " +
45
+ "Consider explicitly configuring security.cors and security.csrf.");
46
+ }
42
47
  this.securityConfig = security;
43
48
  this.cspUserHeader = this.parseCspUserHeader(security.csp);
44
49
  this.isLoaded = true;
package/esm/src/server/handlers/dev/dashboard/api.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../../../../../src/src/server/handlers/dev/dashboard/api.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,OAAO,MAAM,8BAA8B,CAAC;AA2BxD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AA2CrD,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,OAAO,CAAC,OAAO,EACpB,GAAG,EAAE,cAAc,GAClB,OAAO,CAAC,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CA8D5D"}
1
+ {"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../../../../../src/src/server/handlers/dev/dashboard/api.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,OAAO,MAAM,8BAA8B,CAAC;AA2BxD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AA2CrD,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,OAAO,CAAC,OAAO,EACpB,GAAG,EAAE,cAAc,GAClB,OAAO,CAAC,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAgE5D"}
package/esm/src/server/handlers/dev/dashboard/api.js CHANGED
@@ -56,6 +56,8 @@ function errorResponse(message, status = 500) {
56
56
  return jsonResponse({ error: message }, status);
57
57
  }
58
58
  export function handleDashboardAPI(req, ctx) {
59
+ if (!ctx.isLocalProject)
60
+ return errorResponse("Unauthorized", 401);
59
61
  const { pathname } = new URL(req.url);
60
62
  if (req.method === "GET") {
61
63
  switch (pathname) {
package/esm/src/server/handlers/request/openapi.handler.js CHANGED
@@ -40,7 +40,7 @@ export class OpenAPIHandler extends BaseHandler {
40
40
  const isDev = !!ctx.isLocalProject;
41
41
  const response = this.createResponseBuilder(ctx)
42
42
  .withCache(isDev ? "no-cache" : { maxAge: SPEC_CACHE_MAX_AGE_SECONDS, public: true })
43
- .withCORS(req, { origin: "*" })
43
+ .withCORS(req, ctx.securityConfig?.cors)
44
44
  .withContentType(isYaml ? "text/yaml; charset=utf-8" : "application/json; charset=utf-8", content, HTTP_OK);
45
45
  return this.respond(response);
46
46
  }
package/esm/src/server/services/static/static-file.service.d.ts CHANGED
@@ -75,6 +75,7 @@ export declare class StaticFileService {
75
75
  private loadManifestIndex;
76
76
  private extractManifestAssets;
77
77
  isAssetRequest(pathname: string): boolean;
78
+ private isDeniedDotfile;
78
79
  static clearCache(): void;
79
80
  }
80
81
  export {};
package/esm/src/server/services/static/static-file.service.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"static-file.service.d.ts","sourceRoot":"","sources":["../../../../../src/src/server/services/static/static-file.service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AAEzE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAEhE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AAY3E;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,gCAAgC;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,4BAA4B;IAC5B,IAAI,EAAE,UAAU,CAAC;IACjB,uBAAuB;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,sCAAsC;IACtC,WAAW,EAAE,MAAM,CAAC;IACpB,4BAA4B;IAC5B,aAAa,EAAE,aAAa,CAAC;IAC7B,gDAAgD;IAChD,MAAM,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;CACxC;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,6BAA6B;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,6CAA6C;IAC7C,OAAO,EAAE,cAAc,CAAC;IACxB,gDAAgD;IAChD,aAAa,EAAE,OAAO,CAAC;IACvB,iDAAiD;IACjD,cAAc,EAAE,OAAO,CAAC;CACzB;AAED;;GAEG;AACH,UAAU,aAAa;IACrB,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC5B,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAYD;;GAEG;AACH,UAAU,qBAAqB;IAC7B,aAAa,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;IAC3C,eAAe,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC,CAAC;CAC9D;AAID;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,qBAAqB,GAAG,IAAI,GAAG,IAAI,CAE7E;AAED,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAAC,aAAa,CAAoC;IAChE,OAAO,CAAC,MAAM,CAAC,eAAe,CAAoD;IAElF,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAuB;gBAEnC,MAAM,CAAC,EAAE,oBAAoB;IAIzC,OAAO,CAAC,gBAAgB;IAIxB,OAAO,CAAC,kBAAkB;IAI1B,OAAO,CAAC,aAAa;IAWf,WAAW,CACf,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC;YAarB,eAAe;YA2Bf,mBAAmB;IA2BjC,OAAO,CAAC,sBAAsB;YAkBhB,oBAAoB;YAYpB,iBAAiB;IA+C/B,OAAO,CAAC,qBAAqB;IAyC7B,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAMzC,MAAM,CAAC,UAAU,IAAI,IAAI;CAI1B"}
1
+ {"version":3,"file":"static-file.service.d.ts","sourceRoot":"","sources":["../../../../../src/src/server/services/static/static-file.service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AAEzE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAEhE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AAY3E;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,gCAAgC;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,4BAA4B;IAC5B,IAAI,EAAE,UAAU,CAAC;IACjB,uBAAuB;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,sCAAsC;IACtC,WAAW,EAAE,MAAM,CAAC;IACpB,4BAA4B;IAC5B,aAAa,EAAE,aAAa,CAAC;IAC7B,gDAAgD;IAChD,MAAM,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;CACxC;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,6BAA6B;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,6CAA6C;IAC7C,OAAO,EAAE,cAAc,CAAC;IACxB,gDAAgD;IAChD,aAAa,EAAE,OAAO,CAAC;IACvB,iDAAiD;IACjD,cAAc,EAAE,OAAO,CAAC;CACzB;AAED;;GAEG;AACH,UAAU,aAAa;IACrB,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC5B,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAYD;;GAEG;AACH,UAAU,qBAAqB;IAC7B,aAAa,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;IAC3C,eAAe,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC,CAAC;CAC9D;AAID;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,qBAAqB,GAAG,IAAI,GAAG,IAAI,CAE7E;AAED,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAAC,aAAa,CAAoC;IAChE,OAAO,CAAC,MAAM,CAAC,eAAe,CAAoD;IAElF,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAuB;gBAEnC,MAAM,CAAC,EAAE,oBAAoB;IAIzC,OAAO,CAAC,gBAAgB;IAIxB,OAAO,CAAC,kBAAkB;IAI1B,OAAO,CAAC,aAAa;IAWf,WAAW,CACf,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC;YAarB,eAAe;YA2Bf,mBAAmB;IA2BjC,OAAO,CAAC,sBAAsB;YAkBhB,oBAAoB;YAYpB,iBAAiB;IA+C/B,OAAO,CAAC,qBAAqB;IAyC7B,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAOzC,OAAO,CAAC,eAAe;IAUvB,MAAM,CAAC,UAAU,IAAI,IAAI;CAI1B"}
package/esm/src/server/services/static/static-file.service.js CHANGED
@@ -196,8 +196,19 @@ export class StaticFileService {
196
196
  return false;
197
197
  if (pathname.endsWith(".md"))
198
198
  return false;
199
+ if (this.isDeniedDotfile(pathname))
200
+ return false;
199
201
  return pathname.includes(".") || pathname.startsWith("/_veryfront/");
200
202
  }
203
+ isDeniedDotfile(pathname) {
204
+ const segments = pathname.split("/");
205
+ for (const segment of segments) {
206
+ if (segment.startsWith(".") && segment !== ".well-known") {
207
+ return true;
208
+ }
209
+ }
210
+ return false;
211
+ }
201
212
  static clearCache() {
202
213
  StaticFileService.manifestCache.clear();
203
214
  StaticFileService.manifestLoading.clear();
package/esm/src/tool/factory.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"factory.d.ts","sourceRoot":"","sources":["../../../src/src/tool/factory.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AA2HzE,wBAAgB,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,OAAO,GAAG,OAAO,EACtD,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,GAClC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAoCvB;AAED,MAAM,WAAW,iBAAiB;IAChC,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,OAAO,CAAC;IACrB,OAAO,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,oBAAoB,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC;IACxF,aAAa,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,KAAK,OAAO,CAAC;IAC7C,GAAG,CAAC,EAAE;QACJ,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,WAAW,CAAC,EAAE,UAAU,GAAG,OAAO,GAAG,aAAa,CAAC;KACpD,CAAC;CACH;AAED,wBAAgB,WAAW,CAAC,MAAM,EAAE,iBAAiB,GAAG,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAiB7E"}
1
+ {"version":3,"file":"factory.d.ts","sourceRoot":"","sources":["../../../src/src/tool/factory.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AA2HzE,wBAAgB,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,OAAO,GAAG,OAAO,EACtD,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,GAClC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAoCvB;AAED,MAAM,WAAW,iBAAiB;IAChC,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,OAAO,CAAC;IACrB,OAAO,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,oBAAoB,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC;IACxF,aAAa,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,KAAK,OAAO,CAAC;IAC7C,GAAG,CAAC,EAAE;QACJ,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,WAAW,CAAC,EAAE,UAAU,GAAG,OAAO,GAAG,aAAa,CAAC;KACpD,CAAC;CACH;AAED,wBAAgB,WAAW,CAAC,MAAM,EAAE,iBAAiB,GAAG,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CA2B7E"}
package/esm/src/tool/factory.js CHANGED
@@ -105,6 +105,16 @@ export function dynamicTool(config) {
105
105
  inputSchema: config.inputSchema,
106
106
  inputSchemaJson,
107
107
  execute: async (input, context) => {
108
+ if (config.inputSchema &&
109
+ typeof config.inputSchema.parse === "function") {
110
+ config.inputSchema.parse(input);
111
+ }
112
+ else if (input === undefined) {
113
+ input = {};
114
+ }
115
+ else if (input === null || typeof input !== "object") {
116
+ throw new Error("dynamicTool: input must be a non-null object");
117
+ }
108
118
  const result = await config.execute(input, context);
109
119
  return config.toModelOutput ? config.toModelOutput(result) : result;
110
120
  },
package/esm/src/transforms/import-rewriter/strategies/veryfront-strategy.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"veryfront-strategy.d.ts","sourceRoot":"","sources":["../../../../../src/src/transforms/import-rewriter/strategies/veryfront-strategy.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EACV,qBAAqB,EACrB,mBAAmB,EACnB,cAAc,EACd,aAAa,EACd,MAAM,aAAa,CAAC;AAerB,qBAAa,iBAAkB,YAAW,qBAAqB;IAC7D,QAAQ,CAAC,IAAI,eAAe;IAC5B,QAAQ,CAAC,QAAQ,OAAO;IAExB,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,GAAG,OAAO;IAQzD,OAAO,CAAC,IAAI,EAAE,mBAAmB,EAAE,GAAG,EAAE,cAAc,GAAG,aAAa;CAoCvE;AAED,eAAO,MAAM,iBAAiB,mBAA0B,CAAC"}
1
+ {"version":3,"file":"veryfront-strategy.d.ts","sourceRoot":"","sources":["../../../../../src/src/transforms/import-rewriter/strategies/veryfront-strategy.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EACV,qBAAqB,EACrB,mBAAmB,EACnB,cAAc,EACd,aAAa,EACd,MAAM,aAAa,CAAC;AAkBrB,qBAAa,iBAAkB,YAAW,qBAAqB;IAC7D,QAAQ,CAAC,IAAI,eAAe;IAC5B,QAAQ,CAAC,QAAQ,OAAO;IAExB,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,GAAG,OAAO;IAQzD,OAAO,CAAC,IAAI,EAAE,mBAAmB,EAAE,GAAG,EAAE,cAAc,GAAG,aAAa;CA2CvE;AAED,eAAO,MAAM,iBAAiB,mBAA0B,CAAC"}
package/esm/src/transforms/import-rewriter/strategies/veryfront-strategy.js CHANGED
@@ -5,7 +5,7 @@
5
5
  * Handles: #veryfront/*, veryfront/*
6
6
  */
7
7
  import { buildVeryfrontModuleUrl } from "../url-builder.js";
8
- import { resolveVeryfrontModuleUrl } from "../../veryfront-module-urls.js";
8
+ import { resolveInternalModuleUrl, resolveVeryfrontModuleUrl, } from "../../veryfront-module-urls.js";
9
9
  /**
10
10
  * SSR-specific module overrides.
11
11
  *
@@ -32,11 +32,19 @@ export class VeryfrontStrategy {
32
32
  // Try resolving via deno.json mappings first (veryfront/head → react/components/Head.js)
33
33
  const mapped = resolveVeryfrontModuleUrl(`veryfront/${path}`);
34
34
  if (mapped) {
35
- // For SSR, append ?ssr=true to signal server-side rendering
36
35
  if (ctx.target === "ssr")
37
36
  return { specifier: `${mapped}?ssr=true` };
38
37
  return { specifier: mapped };
39
38
  }
39
+ // Try resolving via #veryfront/* import map (handles paths where the
40
+ // filesystem layout differs from the specifier, e.g. #veryfront/compat/console
41
+ // maps to src/platform/compat/console/index.ts, not src/compat/console.ts)
42
+ const internalMapped = resolveInternalModuleUrl(specifier);
43
+ if (internalMapped) {
44
+ if (ctx.target === "ssr")
45
+ return { specifier: `${internalMapped}?ssr=true` };
46
+ return { specifier: internalMapped };
47
+ }
40
48
  const builtUrl = buildVeryfrontModuleUrl(path);
41
49
  if (ctx.target === "ssr")
42
50
  return { specifier: `${builtUrl}?ssr=true` };
package/esm/src/transforms/pipeline/stages/ssr-vf-modules/path-resolver.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"path-resolver.d.ts","sourceRoot":"","sources":["../../../../../../src/src/transforms/pipeline/stages/ssr-vf-modules/path-resolver.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,gBAAgB,EAAU,MAAM,mCAAmC,CAAC;AAW7E,wBAAsB,qBAAqB,CACzC,EAAE,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,EACvC,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAAC,CAmBzD;AAED;;GAEG;AACH,wBAAsB,oBAAoB,CACxC,YAAY,EAAE,MAAM,EACpB,EAAE,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,GACtC,OAAO,CAAC;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAAC,CA6DzD;AAED;;;;;;;GAOG;AACH,wBAAsB,0BAA0B,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CA+D1F;AAED;;;;;;GAMG;AACH,wBAAsB,8BAA8B,CAClD,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,EACtB,GAAG,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,GACvC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAiExB"}
1
+ {"version":3,"file":"path-resolver.d.ts","sourceRoot":"","sources":["../../../../../../src/src/transforms/pipeline/stages/ssr-vf-modules/path-resolver.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,gBAAgB,EAAU,MAAM,mCAAmC,CAAC;AAY7E,wBAAsB,qBAAqB,CACzC,EAAE,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,EACvC,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAAC,CAmBzD;AAED;;GAEG;AACH,wBAAsB,oBAAoB,CACxC,YAAY,EAAE,MAAM,EACpB,EAAE,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,GACtC,OAAO,CAAC;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAAC,CA6DzD;AAED;;;;;;;GAOG;AACH,wBAAsB,0BAA0B,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAkE1F;AAED;;;;;;GAMG;AACH,wBAAsB,8BAA8B,CAClD,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,EACtB,GAAG,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,GACvC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAiExB"}
package/esm/src/transforms/pipeline/stages/ssr-vf-modules/path-resolver.js CHANGED
@@ -7,6 +7,7 @@
7
7
  import { exists } from "../../../../platform/compat/fs.js";
8
8
  import { join } from "../../../../platform/compat/path/index.js";
9
9
  import { rendererLogger as logger } from "../../../../utils/index.js";
10
+ import { resolveInternalModuleTarget } from "../../../veryfront-module-urls.js";
10
11
  import { EMBEDDED_SRC_DIR, EXTENSIONS, FRAMEWORK_LOOKUPS, FRAMEWORK_ROOT, LOG_PREFIX, } from "./constants.js";
11
12
  export async function tryReadWithExtensions(fs, basePath) {
12
13
  // Try all extensions, including .src versions for embedded sources
@@ -95,7 +96,10 @@ export async function resolveFrameworkFile(vfModulePath, fs) {
95
96
  export async function resolveVeryfrontSourcePath(specifier) {
96
97
  if (!specifier.startsWith("#veryfront/"))
97
98
  return null;
98
- const relativePath = specifier.slice("#veryfront/".length);
99
+ const mappedTarget = resolveInternalModuleTarget(specifier);
100
+ if (!mappedTarget?.startsWith("./src/"))
101
+ return null;
102
+ const relativePath = mappedTarget.slice("./src/".length);
99
103
  const hasExtension = /\.(tsx?|jsx?|mjs)$/.test(relativePath);
100
104
  // Check embedded sources first (for compiled binaries), then regular src/
101
105
  // This order matches FRAMEWORK_LOOKUPS and resolveFrameworkFile to ensure
package/esm/src/transforms/pipeline/stages/ssr-vf-modules/transform.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"transform.d.ts","sourceRoot":"","sources":["../../../../../../src/src/transforms/pipeline/stages/ssr-vf-modules/transform.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AAarE,OAAO,EAOL,KAAK,gBAAgB,EAGtB,MAAM,gBAAgB,CAAC;AAExB;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAExD;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,oBAAoB,CACxC,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,EACpB,EAAE,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,GACtC,OAAO,CAAC,MAAM,CAAC,CA2BjB;AAED;;;;;GAKG;AACH,wBAAsB,sBAAsB,CAC1C,OAAO,EAAE,MAAM,EACf,UAAU,EAAE,MAAM,EAClB,GAAG,EAAE,gBAAgB,EACrB,oBAAoB,UAAQ,EAC5B,KAAK,SAAI,GACR,OAAO,CAAC,MAAM,CAAC,CAsPjB;AAED;;;GAGG;AACH,wBAAsB,kCAAkC,CACtD,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,gBAAgB,GACpB,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CA4CxB;AAED;;;GAGG;AACH,wBAAsB,wBAAwB,CAC5C,OAAO,EAAE,MAAM,EACf,UAAU,EAAE,MAAM,EAClB,YAAY,EAAE,MAAM,EACpB,UAAU,EAAE,MAAM,EAClB,EAAE,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,GACtC,OAAO,CAAC,MAAM,CAAC,CAEjB"}
1
+ {"version":3,"file":"transform.d.ts","sourceRoot":"","sources":["../../../../../../src/src/transforms/pipeline/stages/ssr-vf-modules/transform.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AAcrE,OAAO,EAOL,KAAK,gBAAgB,EAGtB,MAAM,gBAAgB,CAAC;AAIxB;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAExD;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,oBAAoB,CACxC,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,EACpB,EAAE,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,GACtC,OAAO,CAAC,MAAM,CAAC,CA2BjB;AAED;;;;;GAKG;AACH,wBAAsB,sBAAsB,CAC1C,OAAO,EAAE,MAAM,EACf,UAAU,EAAE,MAAM,EAClB,GAAG,EAAE,gBAAgB,EACrB,oBAAoB,UAAQ,EAC5B,KAAK,SAAI,GACR,OAAO,CAAC,MAAM,CAAC,CAyQjB;AAED;;;GAGG;AACH,wBAAsB,kCAAkC,CACtD,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,gBAAgB,GACpB,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CA4CxB;AAED;;;GAGG;AACH,wBAAsB,wBAAwB,CAC5C,OAAO,EAAE,MAAM,EACf,UAAU,EAAE,MAAM,EAClB,YAAY,EAAE,MAAM,EACpB,UAAU,EAAE,MAAM,EAClB,EAAE,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,GACtC,OAAO,CAAC,MAAM,CAAC,CAEjB"}
package/esm/src/transforms/pipeline/stages/ssr-vf-modules/transform.js CHANGED
@@ -5,6 +5,7 @@
5
5
  * resolves all imports (#veryfront/, relative, React).
6
6
  */
7
7
  import { join } from "../../../../platform/compat/path/index.js";
8
+ import denoConfig from "../../../../../deno.js";
8
9
  import { rendererLogger as logger } from "../../../../utils/index.js";
9
10
  import { IMPORT_RESOLUTION_ERROR } from "../../../../errors/index.js";
10
11
  import { replaceSpecifiers } from "../../../esm/lexer.js";
@@ -17,6 +18,7 @@ import { buildReactUrl, getReactImportMap } from "../../../import-rewriter/url-b
17
18
  import { findRelativeImports } from "./import-finder.js";
18
19
  import { resolveRelativeFrameworkImport, resolveVeryfrontSourcePath } from "./path-resolver.js";
19
20
  import { EMBEDDED_SRC_DIR, FRAMEWORK_ROOT, frameworkFileCache, frameworkWriteFlight, LOG_PREFIX, MAX_RELATIVE_IMPORT_DEPTH, transformingFiles, veryfrontTransformCache, } from "./constants.js";
21
+ const DENO_CONFIG_STUB_CODE = `export default ${JSON.stringify(denoConfig)};`;
20
22
  /**
21
23
  * Check if a transformed code string is a cycle placeholder.
22
24
  * Cycle placeholders are returned when transformFrameworkCode detects a cycle
@@ -236,7 +238,20 @@ export async function transformFrameworkCode(content, sourcePath, ctx, throwOnMi
236
238
  }
237
239
  // Rewrite imports to resolved paths
238
240
  const reactImportMap = getReactImportMap(ctx.reactVersion);
241
+ // Handle Deno import-map aliases (e.g. #deno-config) that only exist in
242
+ // the Deno runtime and cannot be resolved by esm.sh or the HTTP cache.
243
+ // We create a cached JS stub module so the transformed code can import it
244
+ // without losing access to imports/exports metadata from deno.json.
245
+ let denoConfigStubUrl = null;
246
+ if (transformed.includes('"#deno-config"') || transformed.includes("'#deno-config'")) {
247
+ const stubPath = await cacheTransformedCode(DENO_CONFIG_STUB_CODE, "#deno-config-stub", ctx.fs);
248
+ denoConfigStubUrl = `file://${stubPath}`;
249
+ }
239
250
  transformed = await replaceSpecifiers(transformed, (specifier) => {
251
+ // Handle Deno import-map aliases
252
+ if (specifier === "#deno-config") {
253
+ return denoConfigStubUrl;
254
+ }
240
255
  // Handle #veryfront/ imports
241
256
  if (specifier.startsWith("#veryfront/")) {
242
257
  return veryfrontReplacements.get(specifier) ?? null;
package/esm/src/transforms/veryfront-module-urls.d.ts CHANGED
@@ -1,2 +1,11 @@
1
+ export declare function resolveVeryfrontModuleTarget(specifier: string): string | null;
2
+ export declare function resolveInternalModuleTarget(specifier: string): string | null;
1
3
  export declare function resolveVeryfrontModuleUrl(specifier: string): string | null;
4
+ /**
5
+ * Resolve an internal #veryfront/* specifier to a /_vf_modules/ URL.
6
+ * Uses the deno.json import map to get the correct filesystem path,
7
+ * which may differ from the specifier path (e.g. #veryfront/compat/console
8
+ * maps to src/platform/compat/console/index.ts, not src/compat/console.ts).
9
+ */
10
+ export declare function resolveInternalModuleUrl(specifier: string): string | null;
2
11
  //# sourceMappingURL=veryfront-module-urls.d.ts.map
package/esm/src/transforms/veryfront-module-urls.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"veryfront-module-urls.d.ts","sourceRoot":"","sources":["../../../src/src/transforms/veryfront-module-urls.ts"],"names":[],"mappings":"AAmDA,wBAAgB,yBAAyB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAE1E"}
1
+ {"version":3,"file":"veryfront-module-urls.d.ts","sourceRoot":"","sources":["../../../src/src/transforms/veryfront-module-urls.ts"],"names":[],"mappings":"AAwGA,wBAAgB,4BAA4B,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAE7E;AAED,wBAAgB,2BAA2B,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAE5E;AAED,wBAAgB,yBAAyB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAG1E;AAED;;;;;GAKG;AACH,wBAAgB,wBAAwB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAGzE"}