xypriss 2.0.0 → 2.1.0

package/dist/index.d.ts

@@ -1215,6 +1215,28 @@ declare const LOG_COMPONENTS: readonly ["middleware", "server", "cache", "cluste
 type LogComponent = (typeof LOG_COMPONENTS)[number];
 declare const LOG_TYPES: readonly ["startup", "warnings", "errors", "performance", "debug", "hotReload", "portSwitching", "lifecycle"];
 type LogType = (typeof LOG_TYPES)[number];
+/**
+ * Component-specific logging configuration
+ */
+interface ComponentLogConfig {
+    /** Enable/disable logging for this component */
+    enabled?: boolean;
+    /** Override log level for this component */
+    level?: LogLevel;
+    /** Component-specific type filtering */
+    types?: Partial<Record<LogType, boolean>>;
+    /** Custom formatter for this component */
+    formatter?: (level: LogLevel, message: string, ...args: any[]) => string;
+    /** Rate limiting for this component */
+    rateLimit?: {
+        /** Maximum logs per time window */
+        maxLogs?: number;
+        /** Time window in milliseconds */
+        window?: number;
+    };
+    /** Pattern-based message filtering */
+    suppressPatterns?: (string | RegExp)[];
+}
 
 /**
  * Type definitions for Console Interception System
@@ -1294,175 +1316,430 @@ interface ConsoleInterceptionStats {
 }
 
 /**
- * @fileoverview Core type definitions for XyPrissJS Express integration
+ * @fileoverview Security-related type definitions for XyPrissJS Express integration
  *
- * This module contains fundamental types and utilities used throughout
- * the Express integration system.
+ * This module contains all security-related types including authentication,
+ * authorization, encryption, and security policies.
  *
  * @version 4.5.11
  * @author XyPrissJS Team
  * @since 2025-01-06
  */
-
 /**
- * Deep partial utility type that makes all properties optional recursively.
+ * Security configuration levels.
  *
- * This utility type is used throughout the configuration system to allow
- * partial configuration objects while maintaining type safety.
+ * Predefined security levels that automatically configure
+ * appropriate security measures:
+ * - basic: Essential security features
+ * - enhanced: Additional security layers
+ * - maximum: All security features enabled
+ */
+type SecurityLevel = "basic" | "enhanced" | "maximum";
+/**
+ * Main security configuration interface.
  *
- * @template T - The type to make deeply partial
+ * Comprehensive security configuration including authentication,
+ * encryption, and various security features.
+ *
+ * @interface SecurityConfig
  *
  * @example
  * ```typescript
- * interface Config {
- *   server: {
- *     port: number;
- *     host: string;
- *   };
- * }
- *
- * type PartialConfig = DeepPartial<Config>;
- * // Result: { server?: { port?: number; host?: string; } }
+ * const securityConfig: SecurityConfig = {
+ *   level: 'enhanced',
+ *   csrf: true,
+ *   helmet: true,
+ *   xss: true,
+ *   sqlInjection: true,
+ *   bruteForce: true,
+ *   encryption: {
+ *     algorithm: 'aes-256-gcm',
+ *     keySize: 256
+ *   },
+ *   authentication: {
+ *     jwt: {
+ *       secret: 'your-secret-key',
+ *       expiresIn: '24h',
+ *       algorithm: 'HS256'
+ *     }
+ *   }
+ * };
  * ```
  */
-type DeepPartial<T> = {
-    [K in keyof T]?: T[K] extends infer U ? U extends object ? U extends readonly any[] ? U extends readonly (infer V)[] ? readonly DeepPartial<V>[] : U : U extends Function ? U : DeepPartial<U> : U : never;
-};
+interface SecurityConfig {
+    /** Security level preset */
+    level?: SecurityLevel;
+    /** Enable CSRF protection */
+    csrf?: boolean;
+    /** Enable Helmet.js security headers */
+    helmet?: boolean;
+    /** Enable XSS protection */
+    xss?: boolean;
+    /** Enable SQL injection protection */
+    sqlInjection?: boolean;
+    /** Enable brute force protection */
+    bruteForce?: boolean;
+    /** Encryption configuration */
+    encryption?: EncryptionConfig;
+    /** Authentication configuration */
+    authentication?: AuthenticationConfig;
+}
 /**
- * Validation result interface for request validation operations.
+ * Encryption configuration interface.
  *
- * Used by validation middleware and request handlers to provide
- * structured validation feedback.
+ * Settings for data encryption including algorithm
+ * selection and key management.
  *
- * @interface ValidationResult
+ * @interface EncryptionConfig
  *
  * @example
  * ```typescript
- * const result: ValidationResult = {
- *   valid: false,
- *   errors: ['Email is required', 'Password too short'],
- *   data: { email: '', password: '123' }
+ * const encryptionConfig: EncryptionConfig = {
+ *   algorithm: 'aes-256-gcm',
+ *   keySize: 256
  * };
  * ```
  */
-interface ValidationResult$1 {
-    /** Whether the validation passed */
-    valid: boolean;
-    /** Array of validation error messages */
-    errors: string[];
-    /** The validated/sanitized data */
-    data: any;
+interface EncryptionConfig {
+    /** Encryption algorithm to use */
+    algorithm?: string;
+    /** Key size in bits */
+    keySize?: number;
 }
 /**
- * User context information for authenticated requests.
+ * Authentication configuration interface.
  *
- * Contains user identity, permissions, and metadata for
- * authorization and audit purposes.
+ * Configuration for various authentication methods
+ * including JWT and session-based authentication.
  *
- * @interface UserContext
+ * @interface AuthenticationConfig
  *
  * @example
  * ```typescript
- * const user: UserContext = {
- *   id: 'user-123',
- *   roles: ['admin', 'user'],
- *   permissions: ['read:users', 'write:posts'],
- *   metadata: { department: 'engineering', level: 'senior' }
+ * const authConfig: AuthenticationConfig = {
+ *   jwt: {
+ *     secret: 'your-jwt-secret',
+ *     expiresIn: '24h',
+ *     algorithm: 'HS256',
+ *     issuer: 'your-app',
+ *     audience: 'your-users'
+ *   },
+ *   session: {
+ *     secret: 'your-session-secret',
+ *     name: 'sessionId',
+ *     cookie: {
+ *       maxAge: 86400000, // 24 hours
+ *       secure: true,
+ *       httpOnly: true,
+ *       sameSite: 'strict'
+ *     }
+ *   }
  * };
  * ```
  */
-interface UserContext {
-    /** Unique user identifier */
-    id: string;
-    /** Array of user roles */
-    roles: string[];
-    /** Array of specific permissions */
-    permissions: string[];
-    /** Additional user metadata */
-    metadata: Record<string, any>;
+interface AuthenticationConfig {
+    /** JWT authentication configuration */
+    jwt?: JWTConfig;
+    /** Session authentication configuration */
+    session?: SessionConfig;
 }
 /**
- * Session data structure for user sessions.
+ * JWT (JSON Web Token) configuration interface.
  *
- * Contains session information including expiration and
- * custom session data.
+ * Configuration for JWT-based authentication including
+ * signing algorithms and token validation.
  *
- * @interface SessionData
+ * @interface JWTConfig
  *
  * @example
  * ```typescript
- * const session: SessionData = {
- *   id: 'session-abc123',
- *   userId: 'user-123',
- *   data: { theme: 'dark', language: 'en' },
- *   expires: new Date(Date.now() + 3600000) // 1 hour
+ * const jwtConfig: JWTConfig = {
+ *   secret: 'your-256-bit-secret',
+ *   expiresIn: '24h',
+ *   algorithm: 'HS256',
+ *   issuer: 'your-application',
+ *   audience: 'your-users'
  * };
  * ```
  */
-interface SessionData {
-    /** Unique session identifier */
-    id: string;
-    /** Associated user ID (optional) */
-    userId?: string;
-    /** Custom session data */
-    data: Record<string, any>;
-    /** Session expiration date */
-    expires: Date;
+interface JWTConfig {
+    /** Secret key for signing tokens */
+    secret: string;
+    /** Token expiration time (e.g., '24h', '7d', '30m') */
+    expiresIn?: string;
+    /** Signing algorithm */
+    algorithm?: string;
+    /** Token issuer */
+    issuer?: string;
+    /** Token audience */
+    audience?: string;
 }
 /**
- * Pagination information for paginated responses.
+ * Session configuration interface.
  *
- * Used by API endpoints that return paginated data to provide
- * navigation information to clients.
+ * Configuration for session-based authentication including
+ * cookie settings and storage options.
  *
- * @interface PaginationInfo
+ * @interface SessionConfig
  *
  * @example
  * ```typescript
- * const pagination: PaginationInfo = {
- *   page: 2,
- *   limit: 20,
- *   total: 150,
- *   pages: 8
+ * const sessionConfig: SessionConfig = {
+ *   secret: 'your-session-secret',
+ *   name: 'connect.sid',
+ *   cookie: {
+ *     maxAge: 86400000, // 24 hours
+ *     secure: true,
+ *     httpOnly: true,
+ *     sameSite: 'strict'
+ *   },
+ *   store: 'redis'
  * };
  * ```
  */
-interface PaginationInfo {
-    /** Current page number (1-based) */
-    page: number;
-    /** Number of items per page */
-    limit: number;
-    /** Total number of items */
-    total: number;
-    /** Total number of pages */
-    pages: number;
+interface SessionConfig {
+    /** Secret for signing session cookies */
+    secret: string;
+    /** Session cookie name */
+    name?: string;
+    /** Cookie configuration */
+    cookie?: SessionCookieConfig;
+    /** Session store type */
+    store?: "memory" | "redis" | "custom";
 }
 /**
- * Enhanced Express request interface with additional utilities.
+ * Session cookie configuration interface.
  *
- * Extends the standard Express Request with caching, security,
- * performance, and validation utilities.
+ * Detailed configuration for session cookies including
+ * security and expiration settings.
  *
- * @interface EnhancedRequest
- * @extends Request
+ * @interface SessionCookieConfig
  *
  * @example
  * ```typescript
- * app.get('/api/users', async (req: EnhancedRequest, res: EnhancedResponse) => {
- *   // Use enhanced features
- *   const cached = await req.cache.get('users');
- *   const encrypted = await req.security.encrypt(sensitiveData);
- *   req.performance.start();
- *
- *   // Validation
- *   const validation = req.validation.query(userQuerySchema);
- *   if (!validation.valid) {
- *     return res.error('Invalid query parameters');
- *   }
- * });
- * ```
- */
-interface EnhancedRequest extends Request {
+ * const cookieConfig: SessionCookieConfig = {
+ *   maxAge: 86400000, // 24 hours
+ *   secure: true,
+ *   httpOnly: true,
+ *   sameSite: 'strict'
+ * };
+ * ```
+ */
+interface SessionCookieConfig {
+    /** Cookie expiration time in milliseconds */
+    maxAge?: number;
+    /** Require HTTPS for cookie transmission */
+    secure?: boolean;
+    /** Prevent client-side JavaScript access */
+    httpOnly?: boolean;
+    /** SameSite cookie attribute */
+    sameSite?: boolean | "lax" | "strict" | "none";
+}
+/**
+ * Route-specific security configuration interface.
+ *
+ * Security settings that can be applied to individual
+ * routes or route groups.
+ *
+ * @interface RouteSecurityConfig
+ *
+ * @example
+ * ```typescript
+ * const routeSecurityConfig: RouteSecurityConfig = {
+ *   auth: true,
+ *   roles: ['admin', 'moderator'],
+ *   permissions: ['read:users', 'write:posts'],
+ *   encryption: true,
+ *   sanitization: true,
+ *   validation: true
+ * };
+ * ```
+ */
+interface RouteSecurityConfig {
+    /** Require authentication */
+    auth?: boolean;
+    /** Required user roles */
+    roles?: string[];
+    /** Required permissions */
+    permissions?: string[];
+    /** Enable response encryption */
+    encryption?: boolean;
+    /** Enable input sanitization */
+    sanitization?: boolean;
+    /** Enable input validation */
+    validation?: boolean;
+}
+
+/**
+ * @fileoverview Core type definitions for XyPrissJS Express integration
+ *
+ * This module contains fundamental types and utilities used throughout
+ * the Express integration system.
+ *
+ * @version 4.5.11
+ * @author XyPrissJS Team
+ * @since 2025-01-06
+ */
+
+/**
+ * Deep partial utility type that makes all properties optional recursively.
+ *
+ * This utility type is used throughout the configuration system to allow
+ * partial configuration objects while maintaining type safety.
+ *
+ * @template T - The type to make deeply partial
+ *
+ * @example
+ * ```typescript
+ * interface Config {
+ *   server: {
+ *     port: number;
+ *     host: string;
+ *   };
+ * }
+ *
+ * type PartialConfig = DeepPartial<Config>;
+ * // Result: { server?: { port?: number; host?: string; } }
+ * ```
+ */
+type DeepPartial<T> = {
+    [K in keyof T]?: T[K] extends infer U ? U extends object ? U extends readonly any[] ? U extends readonly (infer V)[] ? readonly DeepPartial<V>[] : U : U extends Function ? U : DeepPartial<U> : U : never;
+};
+/**
+ * Validation result interface for request validation operations.
+ *
+ * Used by validation middleware and request handlers to provide
+ * structured validation feedback.
+ *
+ * @interface ValidationResult
+ *
+ * @example
+ * ```typescript
+ * const result: ValidationResult = {
+ *   valid: false,
+ *   errors: ['Email is required', 'Password too short'],
+ *   data: { email: '', password: '123' }
+ * };
+ * ```
+ */
+interface ValidationResult$1 {
+    /** Whether the validation passed */
+    valid: boolean;
+    /** Array of validation error messages */
+    errors: string[];
+    /** The validated/sanitized data */
+    data: any;
+}
+/**
+ * User context information for authenticated requests.
+ *
+ * Contains user identity, permissions, and metadata for
+ * authorization and audit purposes.
+ *
+ * @interface UserContext
+ *
+ * @example
+ * ```typescript
+ * const user: UserContext = {
+ *   id: 'user-123',
+ *   roles: ['admin', 'user'],
+ *   permissions: ['read:users', 'write:posts'],
+ *   metadata: { department: 'engineering', level: 'senior' }
+ * };
+ * ```
+ */
+interface UserContext {
+    /** Unique user identifier */
+    id: string;
+    /** Array of user roles */
+    roles: string[];
+    /** Array of specific permissions */
+    permissions: string[];
+    /** Additional user metadata */
+    metadata: Record<string, any>;
+}
+/**
+ * Session data structure for user sessions.
+ *
+ * Contains session information including expiration and
+ * custom session data.
+ *
+ * @interface SessionData
+ *
+ * @example
+ * ```typescript
+ * const session: SessionData = {
+ *   id: 'session-abc123',
+ *   userId: 'user-123',
+ *   data: { theme: 'dark', language: 'en' },
+ *   expires: new Date(Date.now() + 3600000) // 1 hour
+ * };
+ * ```
+ */
+interface SessionData {
+    /** Unique session identifier */
+    id: string;
+    /** Associated user ID (optional) */
+    userId?: string;
+    /** Custom session data */
+    data: Record<string, any>;
+    /** Session expiration date */
+    expires: Date;
+}
+/**
+ * Pagination information for paginated responses.
+ *
+ * Used by API endpoints that return paginated data to provide
+ * navigation information to clients.
+ *
+ * @interface PaginationInfo
+ *
+ * @example
+ * ```typescript
+ * const pagination: PaginationInfo = {
+ *   page: 2,
+ *   limit: 20,
+ *   total: 150,
+ *   pages: 8
+ * };
+ * ```
+ */
+interface PaginationInfo {
+    /** Current page number (1-based) */
+    page: number;
+    /** Number of items per page */
+    limit: number;
+    /** Total number of items */
+    total: number;
+    /** Total number of pages */
+    pages: number;
+}
+/**
+ * Enhanced Express request interface with additional utilities.
+ *
+ * Extends the standard Express Request with caching, security,
+ * performance, and validation utilities.
+ *
+ * @interface EnhancedRequest
+ * @extends Request
+ *
+ * @example
+ * ```typescript
+ * app.get('/api/users', async (req: EnhancedRequest, res: EnhancedResponse) => {
+ *   // Use enhanced features
+ *   const cached = await req.cache.get('users');
+ *   const encrypted = await req.security.encrypt(sensitiveData);
+ *   req.performance.start();
+ *
+ *   // Validation
+ *   const validation = req.validation.query(userQuerySchema);
+ *   if (!validation.valid) {
+ *     return res.error('Invalid query parameters');
+ *   }
+ * });
+ * ```
+ */
+interface EnhancedRequest extends Request {
     /** Cache utilities for request-level caching */
     cache: {
         /** Get cached value by key */
@@ -1883,351 +2160,96 @@ interface CacheSecurityConfig {
  *
  * @example
  * ```typescript
- * const monitoringConfig: CacheMonitoringConfig = {
- *   enabled: true,
- *   metricsInterval: 30000, // 30 seconds
- *   alertThresholds: {
- *     memoryUsage: 0.85,
- *     hitRate: 0.7,
- *     errorRate: 0.05,
- *     latency: 100
- *   },
- *   detailed: true
- * };
- * ```
- */
-interface CacheMonitoringConfig {
-    /** Enable monitoring */
-    enabled?: boolean;
-    /** Metrics collection interval in milliseconds */
-    metricsInterval?: number;
-    /** Alert thresholds for various metrics */
-    alertThresholds?: {
-        /** Memory usage threshold (0-1) */
-        memoryUsage?: number;
-        /** Cache hit rate threshold (0-1) */
-        hitRate?: number;
-        /** Error rate threshold (0-1) */
-        errorRate?: number;
-        /** Latency threshold in milliseconds */
-        latency?: number;
-    };
-    /** Enable detailed metrics collection */
-    detailed?: boolean;
-}
-/**
- * Cache resilience configuration.
- *
- * Settings for fault tolerance including retry logic,
- * circuit breakers, and fallback mechanisms.
- *
- * @interface CacheResilienceConfig
- *
- * @example
- * ```typescript
- * const resilienceConfig: CacheResilienceConfig = {
- *   retryAttempts: 3,
- *   retryDelay: 1000,
- *   circuitBreaker: true,
- *   fallback: true,
- *   healthCheck: true
- * };
- * ```
- */
-interface CacheResilienceConfig {
-    /** Number of retry attempts for failed operations */
-    retryAttempts?: number;
-    /** Delay between retry attempts in milliseconds */
-    retryDelay?: number;
-    /** Enable circuit breaker pattern */
-    circuitBreaker?: boolean;
-    /** Enable fallback to alternative cache */
-    fallback?: boolean;
-    /** Enable health check monitoring */
-    healthCheck?: boolean;
-}
-/**
- * Cache strategy configuration.
- *
- * Defines conditional caching strategies based on
- * request characteristics and business logic.
- *
- * @interface CacheStrategy
- *
- * @example
- * ```typescript
- * const apiStrategy: CacheStrategy = {
- *   name: 'api-endpoints',
- *   condition: (req) => req.path.startsWith('/api/') && req.method === 'GET',
- *   ttl: 300, // 5 minutes
- *   tags: ['api', 'public']
- * };
- * ```
- */
-interface CacheStrategy {
-    /** Strategy name for identification */
-    name: string;
-    /** Condition function to determine if strategy applies */
-    condition: (req: Request) => boolean;
-    /** TTL for this strategy in seconds */
-    ttl: number;
-    /** Tags for cache invalidation */
-    tags?: string[];
-}
-
-/**
- * @fileoverview Security-related type definitions for XyPrissJS Express integration
- *
- * This module contains all security-related types including authentication,
- * authorization, encryption, and security policies.
- *
- * @version 4.5.11
- * @author XyPrissJS Team
- * @since 2025-01-06
- */
-/**
- * Security configuration levels.
- *
- * Predefined security levels that automatically configure
- * appropriate security measures:
- * - basic: Essential security features
- * - enhanced: Additional security layers
- * - maximum: All security features enabled
- */
-type SecurityLevel = "basic" | "enhanced" | "maximum";
-/**
- * Main security configuration interface.
- *
- * Comprehensive security configuration including authentication,
- * encryption, and various security features.
- *
- * @interface SecurityConfig
- *
- * @example
- * ```typescript
- * const securityConfig: SecurityConfig = {
- *   level: 'enhanced',
- *   csrf: true,
- *   helmet: true,
- *   xss: true,
- *   sqlInjection: true,
- *   bruteForce: true,
- *   encryption: {
- *     algorithm: 'aes-256-gcm',
- *     keySize: 256
- *   },
- *   authentication: {
- *     jwt: {
- *       secret: 'your-secret-key',
- *       expiresIn: '24h',
- *       algorithm: 'HS256'
- *     }
- *   }
- * };
- * ```
- */
-interface SecurityConfig {
-    /** Security level preset */
-    level?: SecurityLevel;
-    /** Enable CSRF protection */
-    csrf?: boolean;
-    /** Enable Helmet.js security headers */
-    helmet?: boolean;
-    /** Enable XSS protection */
-    xss?: boolean;
-    /** Enable SQL injection protection */
-    sqlInjection?: boolean;
-    /** Enable brute force protection */
-    bruteForce?: boolean;
-    /** Encryption configuration */
-    encryption?: EncryptionConfig;
-    /** Authentication configuration */
-    authentication?: AuthenticationConfig;
-}
-/**
- * Encryption configuration interface.
- *
- * Settings for data encryption including algorithm
- * selection and key management.
- *
- * @interface EncryptionConfig
- *
- * @example
- * ```typescript
- * const encryptionConfig: EncryptionConfig = {
- *   algorithm: 'aes-256-gcm',
- *   keySize: 256
- * };
- * ```
- */
-interface EncryptionConfig {
-    /** Encryption algorithm to use */
-    algorithm?: string;
-    /** Key size in bits */
-    keySize?: number;
-}
-/**
- * Authentication configuration interface.
- *
- * Configuration for various authentication methods
- * including JWT and session-based authentication.
- *
- * @interface AuthenticationConfig
- *
- * @example
- * ```typescript
- * const authConfig: AuthenticationConfig = {
- *   jwt: {
- *     secret: 'your-jwt-secret',
- *     expiresIn: '24h',
- *     algorithm: 'HS256',
- *     issuer: 'your-app',
- *     audience: 'your-users'
- *   },
- *   session: {
- *     secret: 'your-session-secret',
- *     name: 'sessionId',
- *     cookie: {
- *       maxAge: 86400000, // 24 hours
- *       secure: true,
- *       httpOnly: true,
- *       sameSite: 'strict'
- *     }
- *   }
- * };
- * ```
- */
-interface AuthenticationConfig {
-    /** JWT authentication configuration */
-    jwt?: JWTConfig;
-    /** Session authentication configuration */
-    session?: SessionConfig;
-}
-/**
- * JWT (JSON Web Token) configuration interface.
- *
- * Configuration for JWT-based authentication including
- * signing algorithms and token validation.
- *
- * @interface JWTConfig
- *
- * @example
- * ```typescript
- * const jwtConfig: JWTConfig = {
- *   secret: 'your-256-bit-secret',
- *   expiresIn: '24h',
- *   algorithm: 'HS256',
- *   issuer: 'your-application',
- *   audience: 'your-users'
- * };
- * ```
- */
-interface JWTConfig {
-    /** Secret key for signing tokens */
-    secret: string;
-    /** Token expiration time (e.g., '24h', '7d', '30m') */
-    expiresIn?: string;
-    /** Signing algorithm */
-    algorithm?: string;
-    /** Token issuer */
-    issuer?: string;
-    /** Token audience */
-    audience?: string;
-}
-/**
- * Session configuration interface.
- *
- * Configuration for session-based authentication including
- * cookie settings and storage options.
- *
- * @interface SessionConfig
- *
- * @example
- * ```typescript
- * const sessionConfig: SessionConfig = {
- *   secret: 'your-session-secret',
- *   name: 'connect.sid',
- *   cookie: {
- *     maxAge: 86400000, // 24 hours
- *     secure: true,
- *     httpOnly: true,
- *     sameSite: 'strict'
+ * const monitoringConfig: CacheMonitoringConfig = {
+ *   enabled: true,
+ *   metricsInterval: 30000, // 30 seconds
+ *   alertThresholds: {
+ *     memoryUsage: 0.85,
+ *     hitRate: 0.7,
+ *     errorRate: 0.05,
+ *     latency: 100
  *   },
- *   store: 'redis'
+ *   detailed: true
  * };
  * ```
  */
-interface SessionConfig {
-    /** Secret for signing session cookies */
-    secret: string;
-    /** Session cookie name */
-    name?: string;
-    /** Cookie configuration */
-    cookie?: SessionCookieConfig;
-    /** Session store type */
-    store?: "memory" | "redis" | "custom";
+interface CacheMonitoringConfig {
+    /** Enable monitoring */
+    enabled?: boolean;
+    /** Metrics collection interval in milliseconds */
+    metricsInterval?: number;
+    /** Alert thresholds for various metrics */
+    alertThresholds?: {
+        /** Memory usage threshold (0-1) */
+        memoryUsage?: number;
+        /** Cache hit rate threshold (0-1) */
+        hitRate?: number;
+        /** Error rate threshold (0-1) */
+        errorRate?: number;
+        /** Latency threshold in milliseconds */
+        latency?: number;
+    };
+    /** Enable detailed metrics collection */
+    detailed?: boolean;
 }
 /**
- * Session cookie configuration interface.
+ * Cache resilience configuration.
  *
- * Detailed configuration for session cookies including
- * security and expiration settings.
+ * Settings for fault tolerance including retry logic,
+ * circuit breakers, and fallback mechanisms.
  *
- * @interface SessionCookieConfig
+ * @interface CacheResilienceConfig
  *
  * @example
  * ```typescript
- * const cookieConfig: SessionCookieConfig = {
- *   maxAge: 86400000, // 24 hours
- *   secure: true,
- *   httpOnly: true,
- *   sameSite: 'strict'
+ * const resilienceConfig: CacheResilienceConfig = {
+ *   retryAttempts: 3,
+ *   retryDelay: 1000,
+ *   circuitBreaker: true,
+ *   fallback: true,
+ *   healthCheck: true
  * };
  * ```
  */
-interface SessionCookieConfig {
-    /** Cookie expiration time in milliseconds */
-    maxAge?: number;
-    /** Require HTTPS for cookie transmission */
-    secure?: boolean;
-    /** Prevent client-side JavaScript access */
-    httpOnly?: boolean;
-    /** SameSite cookie attribute */
-    sameSite?: boolean | "lax" | "strict" | "none";
+interface CacheResilienceConfig {
+    /** Number of retry attempts for failed operations */
+    retryAttempts?: number;
+    /** Delay between retry attempts in milliseconds */
+    retryDelay?: number;
+    /** Enable circuit breaker pattern */
+    circuitBreaker?: boolean;
+    /** Enable fallback to alternative cache */
+    fallback?: boolean;
+    /** Enable health check monitoring */
+    healthCheck?: boolean;
 }
 /**
- * Route-specific security configuration interface.
+ * Cache strategy configuration.
  *
- * Security settings that can be applied to individual
- * routes or route groups.
+ * Defines conditional caching strategies based on
+ * request characteristics and business logic.
  *
- * @interface RouteSecurityConfig
+ * @interface CacheStrategy
  *
  * @example
  * ```typescript
- * const routeSecurityConfig: RouteSecurityConfig = {
- *   auth: true,
- *   roles: ['admin', 'moderator'],
- *   permissions: ['read:users', 'write:posts'],
- *   encryption: true,
- *   sanitization: true,
- *   validation: true
+ * const apiStrategy: CacheStrategy = {
+ *   name: 'api-endpoints',
+ *   condition: (req) => req.path.startsWith('/api/') && req.method === 'GET',
+ *   ttl: 300, // 5 minutes
+ *   tags: ['api', 'public']
  * };
  * ```
  */
-interface RouteSecurityConfig {
-    /** Require authentication */
-    auth?: boolean;
-    /** Required user roles */
-    roles?: string[];
-    /** Required permissions */
-    permissions?: string[];
-    /** Enable response encryption */
-    encryption?: boolean;
-    /** Enable input sanitization */
-    sanitization?: boolean;
-    /** Enable input validation */
-    validation?: boolean;
+interface CacheStrategy {
+    /** Strategy name for identification */
+    name: string;
+    /** Condition function to determine if strategy applies */
+    condition: (req: Request) => boolean;
+    /** TTL for this strategy in seconds */
+    ttl: number;
+    /** Tags for cache invalidation */
+    tags?: string[];
 }
 
 /**
@@ -3097,25 +3119,49 @@ interface ServerOptions {
     /**
      * Security configuration for the server.
      *
-     * Comprehensive security settings including encryption, CORS, helmet,
-     * and various security features.
+     * Comprehensive security settings including authentication, encryption,
+     * CSRF protection, security headers, and various security features.
      *
      * @example
      * ```typescript
      * security: {
-     *   encryption: true,
-     *   cors: true,
+     *   enabled: true,
+     *   level: 'enhanced',
+     *   csrf: true,
      *   helmet: true,
-     *   accessMonitoring: true,
-     *   sanitization: true,
-     *   auditLogging: false
+     *   xss: true,
+     *   bruteForce: true,
+     *   authentication: {
+     *     jwt: {
+     *       secret: 'your-secret-key',
+     *       expiresIn: '24h'
+     *     }
+     *   }
      * }
      * ```
      */
+    security?: SecurityConfig & {
+        /** Enable security middleware */
+        enabled?: boolean;
+    };
     cluster?: {
         enabled?: boolean;
         config?: Omit<ClusterConfig, "enabled">;
     };
+    workerPool?: {
+        enabled?: boolean;
+        config?: {
+            cpu?: {
+                min: number;
+                max: number;
+            };
+            io?: {
+                min: number;
+                max: number;
+            };
+            maxConcurrentTasks?: number;
+        };
+    };
     fileWatcher?: {
         enabled?: boolean;
         watchPaths?: string[];
@@ -3238,7 +3284,7 @@ interface ServerOptions {
     };
     logging?: {
         enabled?: boolean;
-        level?: "silent" | "error" | "warn" | "info" | "debug" | "verbose";
+        level?: LogLevel;
         components?: {
             server?: boolean;
             cache?: boolean;
@@ -3261,6 +3307,7 @@ interface ServerOptions {
             lifecycle?: boolean;
             routing?: boolean;
         };
+        componentLevels?: Partial<Record<LogComponent, ComponentLogConfig | LogLevel>>;
         types?: {
             startup?: boolean;
             warnings?: boolean;
@@ -3271,14 +3318,43 @@ interface ServerOptions {
             portSwitching?: boolean;
             lifecycle?: boolean;
         };
+        consoleInterception?: DeepPartial<ConsoleInterceptionConfig>;
+        customLogger?: (level: LogLevel, component: LogComponent, message: string, ...args: any[]) => void;
         format?: {
             timestamps?: boolean;
             colors?: boolean;
             prefix?: boolean;
             compact?: boolean;
+            includeMemory?: boolean;
+            includeProcessId?: boolean;
+            maxLineLength?: number;
+        };
+        buffer?: {
+            enabled?: boolean;
+            maxSize?: number;
+            flushInterval?: number;
+            autoFlush?: boolean;
+        };
+        errorHandling?: {
+            maxErrorsPerMinute?: number;
+            suppressRepeatedErrors?: boolean;
+            suppressAfterCount?: number;
+            resetSuppressionAfter?: number;
+        };
+        file?: {
+            enabled?: boolean;
+            path?: string;
+            maxSize?: number;
+            maxFiles?: number;
+            rotateDaily?: boolean;
+        };
+        remote?: {
+            enabled?: boolean;
+            endpoint?: string;
+            apiKey?: string;
+            batchSize?: number;
+            flushInterval?: number;
         };
-        consoleInterception?: DeepPartial<ConsoleInterceptionConfig>;
-        customLogger?: (level: LogLevel, component: LogComponent, message: string, ...args: any[]) => void;
     };
     /**
      * Custom 404 error page configuration.
@@ -4304,6 +4380,10 @@ declare class ClusterManager extends EventEmitter implements RobustClusterManage
      * Send message to least loaded worker
      */
     sendToLeastLoadedWorker(message: any): Promise<void>;
+    /**
+     * Select worker for request using load balancing strategy
+     */
+    selectWorkerForRequest(workers: WorkerMetrics[], request?: any): string;
     /**
      * Register event handler
      */
@@ -4424,13 +4504,41 @@ declare class ClusterManager extends EventEmitter implements RobustClusterManage
 
 /**
  * Centralized Logger for FastApi.ts Server
- * Provides granular control over logging output
+ * Provides granular control over logging output with enhanced robustness
  */
 
 declare class Logger {
     private config;
     private static instance;
+    private buffer;
+    private flushTimer?;
+    private isDisposed;
+    private logQueue;
+    private isProcessingQueue;
+    private errorCount;
+    private lastErrorTime;
+    private suppressedComponents;
     constructor(config?: ServerOptions["logging"]);
+    /**
+     * Initialize log buffer system
+     */
+    private initializeBuffer;
+    /**
+     * Setup error handling and recovery mechanisms
+     */
+    private setupErrorHandling;
+    /**
+     * Emergency logging that bypasses normal filtering
+     */
+    private emergencyLog;
+    /**
+     * Start auto-flush timer for buffered logging
+     */
+    private startAutoFlush;
+    /**
+     * Flush buffered log entries
+     */
+    flush(): void;
     /**
      * Get or create singleton instance
      */
@@ -4447,14 +4555,38 @@ declare class Logger {
      * Get current logger configuration (for debugging)
      */
     getConfig(): ServerOptions["logging"];
+    /**
+     * Check if we should suppress this log due to error rate limiting
+     */
+    private shouldSuppressError;
     /**
      * Check if logging is enabled for a specific component and type
      */
     private shouldLog;
+    /**
+     * Get memory usage information
+     */
+    private getMemoryInfo;
+    /**
+     * Get process ID
+     */
+    private getProcessId;
+    /**
+     * Truncate message if it exceeds max line length
+     */
+    private truncateMessage;
     /**
      * Format log message
      */
     private formatMessage;
+    /**
+     * Write log entry to output
+     */
+    private writeLog;
+    /**
+     * Process log queue
+     */
+    private processLogQueue;
     /**
      * Log a message
      */
@@ -4463,6 +4595,7 @@ declare class Logger {
     warn(component: LogComponent, message: string, ...args: any[]): void;
     info(component: LogComponent, message: string, ...args: any[]): void;
     debug(component: LogComponent, message: string, ...args: any[]): void;
+    verbose(component: LogComponent, message: string, ...args: any[]): void;
     startup(component: LogComponent, message: string, ...args: any[]): void;
     performance(component: LogComponent, message: string, ...args: any[]): void;
     hotReload(component: LogComponent, message: string, ...args: any[]): void;
@@ -4472,6 +4605,28 @@ declare class Logger {
     getLevel(): LogLevel;
     isComponentEnabled(component: LogComponent): boolean;
     isTypeEnabled(type: LogType): boolean;
+    /**
+     * Get logging statistics
+     */
+    getStats(): {
+        errorCount: number;
+        lastErrorTime: number;
+        suppressedComponents: string[];
+        bufferSize: number;
+        queueSize: number;
+    };
+    /**
+     * Clear suppressed components
+     */
+    clearSuppression(): void;
+    /**
+     * Dispose logger and cleanup resources
+     */
+    dispose(): void;
+    /**
+     * Create a child logger with component-specific configuration
+     */
+    child(component: LogComponent, config?: Partial<ServerOptions["logging"]>): Logger;
 }
 
 /**
@@ -5239,6 +5394,77 @@ declare class ConsoleInterceptor {
     };
 }
 
+/**
+ * XyPriss Security Middleware
+ * Comprehensive security middleware using proven external libraries
+ */
+
+/**
+ * Security middleware class implementing comprehensive protection
+ * Implements SecurityConfig interface to ensure type safety
+ */
+declare class SecurityMiddleware implements Required<SecurityConfig> {
+    level: SecurityLevel;
+    csrf: boolean;
+    helmet: boolean;
+    xss: boolean;
+    sqlInjection: boolean;
+    bruteForce: boolean;
+    encryption: Required<SecurityConfig>["encryption"];
+    authentication: Required<SecurityConfig>["authentication"];
+    private helmetMiddleware;
+    private corsMiddleware;
+    private rateLimitMiddleware;
+    private csrfMiddleware;
+    private mongoSanitizeMiddleware;
+    private hppMiddleware;
+    private compressionMiddleware;
+    private sqlInjectionDetector;
+    private logger;
+    constructor(config?: SecurityConfig, logger?: Logger);
+    /**
+     * Initialize all security middleware instances using external libraries
+     */
+    private initializeMiddleware;
+    /**
+     * Get the main security middleware stack
+     * Returns a single middleware function that applies all security measures
+     */
+    getMiddleware(): (req: XyPrisRequest, res: XyPrisResponse, next: NextFunction) => void;
+    /**
+     * Apply all security middleware in the correct order
+     */
+    private applySecurityStack;
+    /**
+     * Execute middleware stack sequentially with proper async handling
+     */
+    private executeMiddlewareStack;
+    /**
+     * Custom XSS protection middleware
+     */
+    private xssProtection;
+    /**
+     * Make request properties writable to avoid readonly property errors
+     */
+    private makeRequestPropertiesWritable;
+    /**
+     * Recursively sanitize object properties
+     */
+    private sanitizeObject;
+    /**
+     * Sanitize object and detect threats
+     */
+    private sanitizeObjectWithDetection;
+    /**
+     * Get CSRF token for client-side usage
+     */
+    generateCsrfToken(req: XyPrisRequest): string | null;
+    /**
+     * Get security configuration
+     */
+    getConfig(): Required<SecurityConfig>;
+}
+
 /**
  * Ultra-Fast Express Server with Advanced Performance Optimization
  */
@@ -5257,8 +5483,10 @@ declare class XyPrissServer {
     private clusterManager;
     private fileWatcherManager;
     private consoleInterceptor;
+    private workerPoolComponent;
     private notFoundHandler;
     private serverPluginManager;
+    private securityMiddleware?;
     private lifecycleManager;
     constructor(userOptions?: ServerOptions);
     /**
@@ -5271,11 +5499,17 @@ declare class XyPrissServer {
     private initializePlugins;
     private initializeCluster;
     private initializeFileWatcher;
+    private initializeWorkerPool;
+    private initializeSecurity;
     private initializeDependentComponents;
     /**
      * Get the Express app instance (ready to use immediately)
      */
     getApp(): UltraFastApp;
+    /**
+     * Get the security middleware instance
+     */
+    getSecurityMiddleware(): SecurityMiddleware | undefined;
     /**
      * Get the server plugin manager
      */
@@ -5553,81 +5787,6 @@ declare function Route(config: Omit<RouteConfig, "security"> & {
  */
 declare function createOptimalCache(config?: CacheConfig): SecureCacheAdapter;
 
-/**
- * XyPrissJS Security Middleware
- * Military-grade security middleware for Express applications
- */
-
-declare class SecurityMiddleware {
-    private config;
-    private bruteForceMap;
-    constructor(config?: SecurityConfig);
-    /**
-     * Get the main security middleware
-     */
-    getMiddleware(): (req: any, res: any, next: any) => void;
-    /**
-     * Apply security headers
-     */
-    private applySecurityHeaders;
-    /**
-     * Get Content Security Policy header
-     */
-    private getCSPHeader;
-    /**
-     * Check for brute force attacks
-     */
-    private checkBruteForce;
-    /**
-     * Detect obfuscated SQL injection attempts using entropy analysis
-     */
-    private detectObfuscatedSQLInjection;
-    /**
-     * Get client IP address
-     */
-    private getClientIP;
-    /**
-     * XSS Protection middleware
-     */
-    xssProtection(): (req: any, res: any, next: any) => any;
-    /**
-     * SQL Injection protection middleware
-     */
-    sqlInjectionProtection(): (req: any, res: any, next: any) => any;
-    /**
-     * CSRF Protection middleware
-     */
-    csrfProtection(): (req: any, res: any, next: any) => any;
-    /**
-     * Request encryption middleware
-     */
-    requestEncryption(): (req: any, res: any, next: any) => any;
-    /**
-     * Sanitize object recursively
-     */
-    private sanitizeObject;
-    /**
-     * Sanitize string for XSS
-     */
-    private sanitizeString;
-    /**
-     * Get security configuration
-     */
-    getConfig(): Required<SecurityConfig>;
-    /**
-     * Get brute force statistics
-     */
-    getBruteForceStats(): any;
-    /**
-     * Unblock IP address
-     */
-    unblockIP(ip: string): boolean;
-    /**
-     * Clear all brute force records
-     */
-    clearBruteForceRecords(): void;
-}
-
 /**
  * XyPrissJS Performance Monitor
  * Real-time performance monitoring and optimization