xypriss 8.2.0 → 9.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +1 -1
- package/README.md +69 -32
- package/dist/cjs/shared/logger/Logger.js +495 -489
- package/dist/cjs/shared/logger/Logger.js.map +1 -1
- package/dist/cjs/src/const.js +1 -1
- package/dist/cjs/src/encryption/EncryptionService.js +1 -1
- package/dist/cjs/src/encryption/EncryptionService.js.map +1 -1
- package/dist/cjs/src/index.js +3 -47
- package/dist/cjs/src/index.js.map +1 -1
- package/dist/cjs/src/middleware/XemsSessionMiddleware.js +0 -4
- package/dist/cjs/src/middleware/XemsSessionMiddleware.js.map +1 -1
- package/dist/cjs/src/middleware/XyPrissMiddlewareAPI.js +23 -8
- package/dist/cjs/src/middleware/XyPrissMiddlewareAPI.js.map +1 -1
- package/dist/cjs/src/plugins/PluginManager.js +0 -3
- package/dist/cjs/src/plugins/PluginManager.js.map +1 -1
- package/dist/cjs/src/plugins/core/PluginManager.js +1 -1
- package/dist/cjs/src/plugins/modules/builtin/SmartCachePlugin.js +3 -3
- package/dist/cjs/src/plugins/modules/builtin/SmartCachePlugin.js.map +1 -1
- package/dist/cjs/src/plugins/modules/network/builtin/ProxyPlugin.js +14 -0
- package/dist/cjs/src/plugins/modules/network/builtin/ProxyPlugin.js.map +1 -1
- package/dist/cjs/src/plugins/modules/network/core/NetworkPlugin.js +5 -0
- package/dist/cjs/src/plugins/modules/network/core/NetworkPlugin.js.map +1 -1
- package/dist/cjs/src/plugins/modules/xems/XemsBuiltinPlugin.js +18 -4
- package/dist/cjs/src/plugins/modules/xems/XemsBuiltinPlugin.js.map +1 -1
- package/dist/cjs/src/plugins/modules/xems/XemsPlugin.js +75 -18
- package/dist/cjs/src/plugins/modules/xems/XemsPlugin.js.map +1 -1
- package/dist/cjs/src/quick-start.js +1 -1
- package/dist/cjs/src/server/FastServer.js +4 -3
- package/dist/cjs/src/server/FastServer.js.map +1 -1
- package/dist/cjs/src/server/ServerFactory.js +1 -1
- package/dist/cjs/src/server/components/fastapi/FileWatcherManager.js +1 -1
- package/dist/cjs/src/server/components/fastapi/RedirectManager.js +1 -1
- package/dist/cjs/src/server/components/fastapi/RedirectManager.js.map +1 -1
- package/dist/cjs/src/server/components/fastapi/WorkerPoolComponent.js +43 -167
- package/dist/cjs/src/server/components/fastapi/WorkerPoolComponent.js.map +1 -1
- package/dist/cjs/src/server/const/default.js +18 -2
- package/dist/cjs/src/server/const/default.js.map +1 -1
- package/dist/cjs/src/server/core/HttpServer.js +1 -18
- package/dist/cjs/src/server/core/HttpServer.js.map +1 -1
- package/dist/cjs/src/server/core/RequestEnhancer.js +1 -1
- package/dist/cjs/src/server/core/ResponseEnhancer.js +1 -1
- package/dist/cjs/src/server/core/StartupProcessor.js +25 -5
- package/dist/cjs/src/server/core/StartupProcessor.js.map +1 -1
- package/dist/cjs/src/server/core/XHSCBridge.js +111 -8
- package/dist/cjs/src/server/core/XHSCBridge.js.map +1 -1
- package/dist/cjs/src/server/core/XHSCProtocol.js +54 -16
- package/dist/cjs/src/server/core/XHSCProtocol.js.map +1 -1
- package/dist/cjs/src/server/core/XyDiagnosticsManager.js +1 -1
- package/dist/cjs/src/server/core/XyLifecycleManager.js +3 -2
- package/dist/cjs/src/server/core/XyLifecycleManager.js.map +1 -1
- package/dist/cjs/src/server/core/XyRoutingManager.js +1 -1
- package/dist/cjs/src/server/utils/PortManager.js +64 -0
- package/dist/cjs/src/server/utils/PortManager.js.map +1 -1
- package/dist/cjs/src/server/utils/trustProxy.js +1 -1
- package/dist/cjs/src/xhs/cluster/XHSCWorker.js +2 -0
- package/dist/cjs/src/xhs/cluster/XHSCWorker.js.map +1 -1
- package/dist/esm/mods/security/src/components/cache/UFSIMC.js +5 -5
- package/dist/esm/mods/security/src/components/cache/UFSIMC.js.map +1 -1
- package/dist/esm/mods/security/src/components/cache/cacheSys.utils.js +3 -3
- package/dist/esm/mods/security/src/components/cache/cacheSys.utils.js.map +1 -1
- package/dist/esm/shared/logger/Logger.js +495 -489
- package/dist/esm/shared/logger/Logger.js.map +1 -1
- package/dist/esm/src/const.js +1 -1
- package/dist/esm/src/encryption/EncryptionService.js +1 -1
- package/dist/esm/src/encryption/EncryptionService.js.map +1 -1
- package/dist/esm/src/index.js +2 -16
- package/dist/esm/src/index.js.map +1 -1
- package/dist/esm/src/middleware/XemsSessionMiddleware.js +0 -4
- package/dist/esm/src/middleware/XemsSessionMiddleware.js.map +1 -1
- package/dist/esm/src/middleware/XyPrissMiddlewareAPI.js +23 -8
- package/dist/esm/src/middleware/XyPrissMiddlewareAPI.js.map +1 -1
- package/dist/esm/src/plugins/PluginManager.js +0 -3
- package/dist/esm/src/plugins/PluginManager.js.map +1 -1
- package/dist/esm/src/plugins/core/PluginManager.js +1 -1
- package/dist/esm/src/plugins/modules/builtin/SmartCachePlugin.js +3 -3
- package/dist/esm/src/plugins/modules/builtin/SmartCachePlugin.js.map +1 -1
- package/dist/esm/src/plugins/modules/network/builtin/ProxyPlugin.js +14 -0
- package/dist/esm/src/plugins/modules/network/builtin/ProxyPlugin.js.map +1 -1
- package/dist/esm/src/plugins/modules/network/core/NetworkPlugin.js +5 -0
- package/dist/esm/src/plugins/modules/network/core/NetworkPlugin.js.map +1 -1
- package/dist/esm/src/plugins/modules/xems/XemsBuiltinPlugin.js +18 -4
- package/dist/esm/src/plugins/modules/xems/XemsBuiltinPlugin.js.map +1 -1
- package/dist/esm/src/plugins/modules/xems/XemsPlugin.js +75 -18
- package/dist/esm/src/plugins/modules/xems/XemsPlugin.js.map +1 -1
- package/dist/esm/src/quick-start.js +1 -1
- package/dist/esm/src/server/FastServer.js +4 -3
- package/dist/esm/src/server/FastServer.js.map +1 -1
- package/dist/esm/src/server/ServerFactory.js +1 -1
- package/dist/esm/src/server/components/fastapi/FileWatcherManager.js +1 -1
- package/dist/esm/src/server/components/fastapi/RedirectManager.js +1 -1
- package/dist/esm/src/server/components/fastapi/RedirectManager.js.map +1 -1
- package/dist/esm/src/server/components/fastapi/WorkerPoolComponent.js +43 -167
- package/dist/esm/src/server/components/fastapi/WorkerPoolComponent.js.map +1 -1
- package/dist/esm/src/server/const/default.js +18 -2
- package/dist/esm/src/server/const/default.js.map +1 -1
- package/dist/esm/src/server/core/HttpServer.js +1 -18
- package/dist/esm/src/server/core/HttpServer.js.map +1 -1
- package/dist/esm/src/server/core/RequestEnhancer.js +1 -1
- package/dist/esm/src/server/core/ResponseEnhancer.js +1 -1
- package/dist/esm/src/server/core/StartupProcessor.js +25 -5
- package/dist/esm/src/server/core/StartupProcessor.js.map +1 -1
- package/dist/esm/src/server/core/XHSCBridge.js +111 -8
- package/dist/esm/src/server/core/XHSCBridge.js.map +1 -1
- package/dist/esm/src/server/core/XHSCProtocol.js +54 -16
- package/dist/esm/src/server/core/XHSCProtocol.js.map +1 -1
- package/dist/esm/src/server/core/XyDiagnosticsManager.js +1 -1
- package/dist/esm/src/server/core/XyLifecycleManager.js +3 -2
- package/dist/esm/src/server/core/XyLifecycleManager.js.map +1 -1
- package/dist/esm/src/server/core/XyRoutingManager.js +1 -1
- package/dist/esm/src/server/utils/PortManager.js +64 -0
- package/dist/esm/src/server/utils/PortManager.js.map +1 -1
- package/dist/esm/src/server/utils/trustProxy.js +1 -1
- package/dist/esm/src/xhs/cluster/XHSCWorker.js +2 -0
- package/dist/esm/src/xhs/cluster/XHSCWorker.js.map +1 -1
- package/dist/index.d.ts +330 -3259
- package/package.json +276 -274
- package/scripts/install-memory-cli.js +51 -173
- package/scripts/install-xems.js +161 -0
- package/scripts/postinstall-xsys.js +93 -83
- package/scripts/postinstall.js +11 -2
package/LICENSE
CHANGED
package/README.md
CHANGED
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
|
|
6
6
|
[](https://badge.fury.io/js/xypriss)
|
|
7
7
|
[](https://www.typescriptlang.org/)
|
|
8
|
-
[](https://dll.nehonix.com/licenses/NOSL)
|
|
8
|
+
[-blue.svg)](https://dll.nehonix.com/licenses/NOSL)
|
|
9
9
|
[](https://nehonix.com)
|
|
10
10
|
|
|
11
11
|
[Quick Start](https://xypriss.nehonix.com/docs/QUICK_START) • [Documentation](https://xypriss.nehonix.com/docs/) • [Examples](https://xypriss.nehonix.com/docs/EXAMPLES) • [API Reference](https://xypriss.nehonix.com/docs/api-reference)
|
|
@@ -18,42 +18,45 @@
|
|
|
18
18
|
|
|
19
19
|
## Overview
|
|
20
20
|
|
|
21
|
-
XyPriss is
|
|
21
|
+
XyPriss is an **Enterprise-Grade Hybrid Web Framework** that combines the raw performance of compiled native binaries with the productivity and flexibility of **TypeScript**. It is designed for teams that require both operational speed and developer velocity, without compromise.
|
|
22
22
|
|
|
23
23
|
### Cross-Platform Foundation
|
|
24
24
|
|
|
25
|
-
|
|
25
|
+
XyPriss ships pre-compiled native binaries for all major platforms. No additional toolchains, compilers, or runtime dependencies are required.
|
|
26
26
|
|
|
27
|
-
| OS | Architecture | Status
|
|
28
|
-
| ----------- | ----------------------- |
|
|
29
|
-
| **Linux** | x86_64 (AMD64) |
|
|
30
|
-
| **Linux** | aarch64 (ARM64) |
|
|
31
|
-
| **Windows** | x86_64 (AMD64) |
|
|
32
|
-
| **Windows** | aarch64 (ARM64) |
|
|
33
|
-
| **macOS** | x86_64 (Intel) |
|
|
34
|
-
| **macOS** | aarch64 (Apple Silicon) |
|
|
27
|
+
| OS | Architecture | Status |
|
|
28
|
+
| ----------- | ----------------------- | --------- |
|
|
29
|
+
| **Linux** | x86_64 (AMD64) | Supported |
|
|
30
|
+
| **Linux** | aarch64 (ARM64) | Supported |
|
|
31
|
+
| **Windows** | x86_64 (AMD64) | Supported |
|
|
32
|
+
| **Windows** | aarch64 (ARM64) | Supported |
|
|
33
|
+
| **macOS** | x86_64 (Intel) | Supported |
|
|
34
|
+
| **macOS** | aarch64 (Apple Silicon) | Supported |
|
|
35
35
|
|
|
36
|
-
|
|
36
|
+
### Architecture
|
|
37
37
|
|
|
38
|
-
At
|
|
38
|
+
At the center of XyPriss lies **XHSC (XyPriss Hyper-System Core)** — the native engine responsible for low-level HTTP networking, high-speed radix routing, filesystem operations, real-time system telemetry, and inter-process communication. XHSC is written in Go for maximum portability and ships as a single statically-linked binary per platform with zero external dependencies.
|
|
39
39
|
|
|
40
|
-
|
|
40
|
+
The framework operates on a layered architecture:
|
|
41
41
|
|
|
42
|
-
|
|
42
|
+
1. **XHSC (Native Engine):** Handles the HTTP/S stack, advanced radix routing, filesystem I/O, process monitoring, and real-time hardware telemetry. It acts as the high-speed gateway for all incoming traffic and system operations.
|
|
43
|
+
2. **Node.js Runtime:** Provides the enterprise-ready application layer where developers define business logic, security middleware, and data processing pipelines using TypeScript.
|
|
44
|
+
3. **XFPM (XyPriss Fast Package Manager):** A high-performance, Rust-powered package manager optimized for the XyPriss ecosystem. Provides ultra-fast dependency resolution, extraction, and caching. [Learn more about XFPM](https://xypriss.nehonix.com/docs/xfpm?kw=XFPM%20is%20the%20high-performance).
|
|
43
45
|
|
|
44
|
-
|
|
45
|
-
2. **Node.js Runtime:** Provides the enterprise-ready application layer where developers manage business logic, security middlewares, and data processing using TypeScript.
|
|
46
|
-
3. **XFPM (XyPriss Fast Package Manager):** Our ultra-fast, Rust-powered developer tool. **We highly recommend using `xfpm` for all operations.** It provides optimized resolution, ultra-fast extraction, and caching tailored for the XyPriss ecosystem. [Learn more about XFPM](https://xypriss.nehonix.com/docs/xfpm?kw=XFPM%20is%20the%20high-performance).
|
|
46
|
+
This separation allows each layer to operate in its optimal domain: compiled native code for performance-critical paths, TypeScript for rapid application development.
|
|
47
47
|
|
|
48
48
|
### Core Features
|
|
49
49
|
|
|
50
|
-
- **
|
|
51
|
-
- **Security
|
|
52
|
-
- **
|
|
53
|
-
- **
|
|
54
|
-
- **
|
|
55
|
-
- **
|
|
56
|
-
- **
|
|
50
|
+
- **XHSC Native Engine** — Statically-linked system core with multi-core clustering, IPC bridge, and high-precision hardware telemetry across all supported platforms.
|
|
51
|
+
- **XEMS Session Security** — AES-256-GCM encrypted in-memory session store powered by a dedicated native Golang sidecar. Provides opaque tokens, per-request atomic rotation, sandboxed namespaces, and optional hardware-bound persistence — with zero external dependencies.
|
|
52
|
+
- **Security-First Architecture** — 12+ built-in security middleware modules including CSRF protection, XSS prevention, and intelligent rate limiting.
|
|
53
|
+
- **Advanced Radix Routing** — Ultra-fast routing system capable of complex path matching with microsecond latency.
|
|
54
|
+
- **Real-Time System Intelligence** — Native access to CPU, memory, disk, network, battery, and process metrics directly from the application layer.
|
|
55
|
+
- **Filesystem Engine** — High-performance file operations including recursive copy, directory sync, content hashing, duplicate detection, and real-time file watching.
|
|
56
|
+
- **File Upload Management** — Production-ready multipart/form-data handling with automatic validation and error handling.
|
|
57
|
+
- **Extensible Plugin System** — Permission-based plugin architecture with lifecycle hooks and security controls.
|
|
58
|
+
- **Native Production Integration** — Built for automated deployments and SSL management via [XyNginC](https://github.com/Nehonix-Team/xynginc).
|
|
59
|
+
- **Multi-Server Support** — Run multiple server instances with isolated configurations and security policies.
|
|
57
60
|
|
|
58
61
|
---
|
|
59
62
|
|
|
@@ -130,13 +133,13 @@ app.start();
|
|
|
130
133
|
- [Examples](https://xypriss.nehonix.com/docs/EXAMPLES) - Practical code examples
|
|
131
134
|
- [Features Overview](https://xypriss.nehonix.com/docs/FEATURES_OVERVIEW) - Comprehensive feature list
|
|
132
135
|
|
|
133
|
-
###
|
|
136
|
+
### Security
|
|
134
137
|
|
|
135
|
-
- [
|
|
136
|
-
- [
|
|
137
|
-
- [
|
|
138
|
-
- [
|
|
139
|
-
- [
|
|
138
|
+
- [Security Overview](./docs/security/SECURITY.md) - Security features and best practices
|
|
139
|
+
- [**XEMS — Secure Sessions & Temporary Storage**](./docs/XEMS_TUTORIAL.md) - AES-256-GCM encrypted sessions, OTP flows, token rotation
|
|
140
|
+
- [Route-Based Security](./docs/security/ROUTE_BASED_SECURITY.md) - Per-route security policies
|
|
141
|
+
- [Request Signature Auth](./docs/security/request-signature-auth.md) - API key authentication
|
|
142
|
+
- [CORS Configuration](./docs/security/advanced-cors-regexp.md) - Advanced CORS with RegExp patterns
|
|
140
143
|
|
|
141
144
|
### Plugin System
|
|
142
145
|
|
|
@@ -159,6 +162,40 @@ app.start();
|
|
|
159
162
|
|
|
160
163
|
XyPriss is built with security as a fundamental design principle. The framework implements multiple layers of protection and follows industry best practices for secure web application development.
|
|
161
164
|
|
|
165
|
+
### XEMS — Encrypted Memory Store
|
|
166
|
+
|
|
167
|
+
[XEMS](https://github.com/Nehonix-Team/XyPriss-XEMS) is the built-in session security layer. Unlike cookie-based JWT, XEMS stores all session data **server-side inside a native Go sidecar process**, encrypted with AES-256-GCM. The client only ever holds a random opaque token.
|
|
168
|
+
|
|
169
|
+
```typescript
|
|
170
|
+
import { createServer, xems } from "xypriss";
|
|
171
|
+
|
|
172
|
+
const app = createServer({
|
|
173
|
+
server: {
|
|
174
|
+
xems: {
|
|
175
|
+
enable: true, // Enable the XEMS middleware
|
|
176
|
+
ttl: "15m", // Session lifetime
|
|
177
|
+
autoRotation: true, // Rotate token on every request
|
|
178
|
+
gracePeriod: 1000, // ms the old token stays valid (concurrent requests)
|
|
179
|
+
},
|
|
180
|
+
},
|
|
181
|
+
});
|
|
182
|
+
|
|
183
|
+
// Login — create an encrypted session
|
|
184
|
+
app.post("/auth/login", async (req, res) => {
|
|
185
|
+
// ... verify credentials
|
|
186
|
+
await res.xLink({ userId: user.id, role: user.role }); // session created
|
|
187
|
+
res.json({ success: true });
|
|
188
|
+
});
|
|
189
|
+
|
|
190
|
+
// Protected route — session auto-decrypted
|
|
191
|
+
app.get("/profile", (req, res) => {
|
|
192
|
+
if (!req.session) return res.status(401).json({ error: "Unauthorized" });
|
|
193
|
+
res.json({ user: req.session }); // { userId, role }
|
|
194
|
+
});
|
|
195
|
+
```
|
|
196
|
+
|
|
197
|
+
**[Full XEMS Guide →](./docs/XEMS_TUTORIAL.md)**
|
|
198
|
+
|
|
162
199
|
### Security Disclosure Policy
|
|
163
200
|
|
|
164
201
|
While we maintain rigorous security standards, we acknowledge that vulnerabilities may exist. We encourage responsible disclosure of security issues.
|
|
@@ -227,7 +264,7 @@ If XyPriss has been valuable for your projects, consider:
|
|
|
227
264
|
|
|
228
265
|
## License
|
|
229
266
|
|
|
230
|
-
XyPriss is licensed under the [NOSL License](https://dll.nehonix.com/licenses/NOSL).
|
|
267
|
+
XyPriss is licensed under the [Nehonix OSL (Nehonix OSL (NOSL)) License](https://dll.nehonix.com/licenses/NOSL).
|
|
231
268
|
|
|
232
269
|
---
|
|
233
270
|
|